What are Analog Devices products with functional safety
What is functional safety?
Functional safety is one of the ways to ensure an acceptable level of safety by introducing functions that ensure safety.
IEC 61508 establishes standards for the design of industrial equipment based on functional safety. Based on IEC 61508, ISO 26262 for automobiles and IEC 61131-6 for programmable controllers IEC - 6 for programmable controllers.
Other functional safety standards, such as ISO 13849 and DO178B/DO254, are not derived from IEC 61508.
Relationship between functional safety and SIL
The Safe Integrity Level (SIL) is a measure of the safety performance of a system function and is a measure of the safety performance of a system.
In IEC 61508, the SIL is divided into four stages from 1 to 4, with each stage being more secure.
There are other functional safety standards that are equivalent to SIL.
For example, ASIL (Automotive Safety Integrity Levels) and ISO 13849 apply to automobiles.
ASIL Performance Level (PL) A to E can correspond to SIL1 to SIL3.
IEC 61508 SIL | ISO 26262 ASIL | Avionics Level | ISO 13849 PL | Nuclear power Category |
---|---|---|---|---|
1 | A | D | b | | e ー | A | | | C |
2 | B | C | ||
3 | C/D | B | ||
4 | - | A |
Rough correspondence of safety levels defined for each application area (Source : Analog Devices "Functional Safety in ICs")
What are the diagnostic functions necessary for functional safety?
In IEC 61508, two probabilities are used as targets : Probability of Failure on Demand (PFD) and Probability of Failure per Hour (PFH). PFD applies to systems that remain in standby until an event such as an air bag occurs, and PHF applies to systems that are always up.
PFD | PFH | Standard | ||
---|---|---|---|---|
IEC 61508 SIL | Automobile ISO 26262 ASIL | Avionics Level | ||
0.1 ~ 0.01 | 10̄⁵~ 10̄⁶ | 1 | A | D |
0.01 ~ 0.001 | 10̄⁶ ~ 10̄⁷ | 2 | B | C |
0.001 ~ 0. 0001 | 10̄⁷ ~ 10̄⁸ | 3 | C/D | B |
0.0001 ~ 0.00001 | 10̄⁸ ~ 10̄⁹ | 4 | - | A |
Rough correspondence of each standard level (source : Analog Dialogue 51-02)
IEC 61508 defines the Safe Failure Fraction (SFF) as the minimum required level of diagnostic coverage.
SFF for Safety and Critical Failures is related to but different from Diagnostic Coverage (DC) for Safety Failures.
An indication of the proper functioning of an implemented diagnostic function can be measured using a quantified Failure Mode and Effect Analysis (FMEA) or Failure Modes Effects and Diagnostics Analysis (FMEDA).
The higher the DC, the lower the probability of an undetected failure. A system with 99% diagnostic coverage can achieve SIL3. If it is 90%, it is SIL2, and if it is 60%, it is SIL1.
One way to achieve high diagnostic coverage is to provide redundancy at the component level. In this case, error detection is not done directly, but indirectly by comparing two (or more) outputs that should be identical.
However, this approach can increase the power consumption of the system and the ultimate cost.
Analog Devices offers a portfolio of robust, diagnostic products that help ensure functional safety while reducing power consumption and cost.
Analog Devices products that support safety design
8-Channel Simultaneous Sampling 24-Bit A/D Converter AD7770
The AD7770 has a built - in 12 - bit A/D converter and a multiplexer that can be controlled gpio.
These functions allow AD7770 diagnostics to be performed without stopping the Σ - Δ ADC channel for normal system measurements.
The following AD7770 functional block diagram shows the block with monitoring capabilities in purple, the block with active monitoring in green, and the block with both internal and active monitoring capabilities in blue.
24-bit A/D converter AD7768-1 capable of dynamic signal analysis at DC to 204 kHz
The AD7768-1 has a built - in multiplexer for analog diagnostics. It also has a Cyclic Redundancy Check (CRC) that can be used to monitor and diagnose the following :
- Monitoring the health of the SPI
- Monitoring the output level of the LDO
- Detection of filter saturation
- External clock diagnosis
- CRC diagnosis of internal logic / memory
Low - power, low - noise, all - built - in 24 - bit A/D converter AD7124 series
AD7124-4 (feature set, AD - 4 (four channels) and AD7124-8 (eight channels) have a variety of diagnostic capabilities, including CRC, signal chain inspection, and serial interface inspection.
These features reduce board space, design cycles, and cost by eliminating the need for external diagnostic parts.
The Failure Mode Impact / Diagnostic Analysis (FMEDA) for the standard application shows a safe failure rate (SFF) of more than 90% according to IEC 61508.
AD5758 - with HART Connection, 16-Bit D/A Converter and Dynamic Power Control
HART Connection, 16 - Bit D/A Converter AD5758 with Dynamic Power Control
The AD5758 has output current monitoring and a 12 - bit A/D converter for diagnostics.
The AD5758 interface also has an optional SPI cyclic redundancy check (CRC) and watchdog timer.
In addition, robustness is enhanced by including fault protection switches on the VIOUT, + VSENSE, and - VSENSE pins.
Application Example
- Programmable Logic Controller (PLC) and Distributed Control System (DCS)
- Process control
- Actuator control
- Data acquisition such as temperature measurement and pressure measurement
- Smart transmitter
- Channel isolation analog output
- HART network connection
For more information: