|
en
System overview
The modules are either input or output modules. At present, the module 4-20 mA
Input / HART 2/4 Ch is available as an input module and the module Relay Module
4/8 Ch is available as an output module. All modules have their own intelligence
and operate autonomously. The system is designed so failure of a module only
affects the modules dependent on the failed module, i.e. the faulty module only
generates a secondary fault in the modules that expect data from the faulty module.
Other modules are not affected. In addition, every fault in the system is signalled via
the fault relay (System Fault Relay, SFR) on the Docking Station. All modules can
be replaced during operation without shut-down of the supply voltage.
3.2
Safety concept
REGARD 3000 is designed in accordance with the requirements for SIL2 and for
SIL3 with the applicable system layout.
REGARD 3000 is designed as a system with distributed intelligence. The modules
communicate with one another deterministically (predetermined) using a proprietary
safety Ethernet network protocol. All bus devices send their current data in a data
packet to all other bus devices once every second. Bus devices that derive actions
from this information (e.g. output modules) expect a valid data package from every
module once every second. The modules accept no more than 2 faulty data packets
in succession. If more than 2 faulty data packets in succession are received, a fault
is triggered and the fault relay (SFR) on the Docking Station is activated.
Due to the communication, there is no component in the system whose failure
would trigger a failure of the complete system (Single Point of Failure). The
modules are time-synchronised throughout the system by a module that is
automatically selected when the system is started. In the event of a fault in this
module, the time function is automatically transferred to another module in the
system and a fault is signalled via the SFR. All modules not influenced by the faulty
module continue to operate.
Special states in the system, such as Inhibit, are also displayed by the special state
relay (SSR) on the Docking Station.
The alarm is triggered a maximum of 3.3 seconds after measurement of an alarm
condition.
The system continuously monitors the correct function. Every system fault results in
the drop-out (normally energized) of the respective fault relay on the Docking
Station.
Systems with requirements in line with SIL3 can be established with REGARD 3000
via the configuration with redundant channels and are only possible in connection
with a REGARD 7000.
Dräger recommends selection of fault-tolerant configurations for safety-relevant
applications, such as acknowledgement of alarms using 2 independent switches.
3.3
REGARD 3000 components
System components
REGARD 3000 Display Unit, grey
102
Order number
Software /
Firmware version
37 05 685
01.00.xx
|
Instructions for use
REGARD 3000