IEC 61511-1过程工业安全仪表系统的功能安全-第1部分:框架、定义、系统、硬件和软件要求
IEC 61511-2过程工业安全仪表系统的功能安全-第2部分:IEC 61511的应用指南
IEC 61511-3过程工业安全仪表系统的功能安全-第3部分:确定要求的安全完整性等级的指南
说明:以下术语摘录自IEC61511标准和相关的标准翻译稿,其中有一些术语在前面出现过,但表述略有不同,差别反映了过程控制领域的习惯与特殊性。
结构 architecture
Arrangement of hardware and/or software elements in a system, for example
(1) arrangement of safety instrumented system (SIS) subsystems
(2) internal str
(3) arrangement of software programs
系统中硬件和/或软件元素的安排,如:
(1)安全仪表系统(SIS)子系统的安排;
(2)SIS子系统的内部结构;
(3)软件程序的安排。
资产保护 asset protection
Function allocated to system design for the purpose of preventing loss to assets
为防止资产损失分配给系统设计的功能。
基本过程控制系统(BPCS) basic process control system(BPCS)
System which responds to input signals form the process, its associated equipment, other programmable systems and/or an operator and generates output signals causing the process and its associated equipment to operate in the desired manner but which does not perform any safety instrumented functions with a claimed SIL≥1
对来自过程的、系统相关设备的、其他可编程系统的和/或某个操作员的输入信号进行响应,并产生使过程和系统相关设备按要求方式运行的系统,但它并不执行任何具有被声明的SIL≥1的仪表安全功能。
通道? channel
element or group of elements that independently perform(s) a function
独立执行一个功能的一个或一组元素。
编码 coding
共同原因失效 common cause failure
failure, which is the result of one or more events, causing failures of two or more separate channels in a multiple channel system, leading to system failure
由一个或多个事件引起一个多通道系统中的两个或多个分离通道失效,从而导致系统失效的一种失效。
共同模式失效 common mode failure
failure of two or more channels in the same way, causing the same erroneous result
两个或多个通道以同样的方式引起相同的误差结果的失效。
部件 component
one of the parts of a system, subsystem, or device performing a specific function
执行某一特定功能的系统、子系统或装置的一个组成部分。
3.2.8
配置 configuration
配置管理 configuration management
discipline of identifying the components of an evolving (hardware and software) system for the purpose of controlling changes to those components and maintaining continuity and traceability throughout the life cycle
为了在生命周期全过程中控制组件的变化(硬件和软件)和保持连续性和可追溯性,对进化系统(硬件和软件)中组件的识别规则。
控制系统 control system
system which responds to input signals from the process and/or from an operator and generates output signals causing the process to operate in the desired manner
对来自过程和/或操作员的输入信号进行响应,并产生使过程按要求方式运行的输出信号的系统。
危险失效 dangerous failure
failure which has the potential to put the safety inst
可能使安全仪表系统潜在地处于某种危险或功能丧失状态的失效。
相关失效 dependent failure
failure whose probability cannot be expressed as the simple product of the unconditional probabilities of the individual events which caused it
其概率不能表示为引起失效的独立事件的无条件概率的简单乘积的失效。
检测到的 detected
揭露的 revealed
明显的 overt
in relation to hardware failures and software faults, detected by the diagnostic tests or through normal operation
在与硬件失效和软件故障有关时,通过诊断测试或正常操作发现的。
装置 device
functional unit of hardware or software, or both, capable of accomplishing a specified purpose
能实现某个规定目的的硬件或软件或者二者结合的功能单元
诊断覆盖率(DC) diagnostic coverage (DC)
ratio of the detected failure rate to the total failure rate of the component or subsystem as detected by diagnostic tests. Diagnostic coverage does not include any faults detected by proof tests.
诊断测试检测到的部件或子系统的失效率与总失效率之比。诊断覆盖率不包含由检验测试检测到的任何故障。
多样性 diversity
existence of different means performing a required function
执行一个要求功能存在不同方法。
电气/电子/可编程电子(E/E/PE)
electrical/electronic/programmable electronic
based on electrical (E) and/or electronic (E) and/or programmable electronic (PE) technology
基于电气(E)和/或电子(E)和/或可编程电子(PE)技术。
误差 error
discrepancy between a computed, observed or measured value or condition and the true, specified or theoretically correct value or condition
计算出的、观测到的和测量到的值或条件,和真实的、规定的或理论上正确的值或条件之间的差异。
外部风险降低设施 external risk reduction facilities
measures to reduce or mitigate the risks, which are separate and distinct from the SIS
与SIS分离且性质不同的降低或减少风险的措施。
失效 failure
termination of the ability of a functional unit to perform a required function
功能单元执行一个要求功能的能力的终止。
故障 fault
abnormal condition that may cause a reduction in, or loss of, the capability of a functional unit to perform a required function
可能引起功能单元执行要求功能的能力降低或丧失的异常状况。
故障避免 fault avoidance
use of techniques and procedures which aim to avoid the introduction of faults during any phase of the safety life cycle of the safety instrum
在安全仪表系统安全生命周期的任何阶段中为避免引入故障而使用的技术和程序。
故障裕度 fault tolerance
ability of a functional unit to continue to perform a required function in the presence of faults or errors
在出现故障或误差的情况下,功能单元继续执行要求功能的能力。
最终元件 final element
part of a safety instrumented system which implements the physical action necessary to achieve a safe state
执行实现某种安全状态所必需的实际动作的安全仪表系统的组成部分。
功能安全 functional safety
part of the overall safety relating to the process and the BPCS which depends on the correct functioning of the SIS and other protection layers
与过程和BPCS有关的整体安全的组成部分,它取决于SIS和其他保护层的正确功能执行。
功能安全评估 functional safety assessment
investigation, based on evidence, to judge the functional safety achieved by one or more protection layers
基于证据的调查,以判定由一个或多个保护层所实现的功能安全。
功能安全审核 functional safety audit
systematic and independent examination to determine whether the procedures specific to the functional safety requirements comply with the planned arrangements, are implemented effectively and are suitable to achieve the specified objectives
对于按计划安排的功能安全要求专用的规范是否有效地执行并满意地达到规定目的进行系统地、独立的检查。
功能单元 functional unit
entity of hardware or software, or both, capable of accomplishing a specified purpose
能够完成规定目的的软件、硬件或两者相结合的实体。
硬件安全完整性 hardware safety integrity
part of the safety integrity of the safety instrumented function relating to random hardware failures in a dangerous mode of failure
在危险失效模式中,与硬件随机失效有关的仪表安全功能的安全完整性的一部分。
伤害 harm
physical injury or damage to the health of people, ei ther directly or indirectly, as a result of damage to property or to the environment
由财产或环境的破坏而直接或间接导致的人身伤害或人体健康的损害。
危险 hazard
potential source of harm
伤害的潜在根源。
人为误差 human error
失误? mistake
human action or inaction that produces an unintended result
引发非期望结果的人的动作或不动作。
影响分析 impact analysis
activity of determining the effect that a change to a function or component will have to other functions or components in that system as well as to other systems
确定一个系统中的一个功能或部件的改变,对该系统和其他系统中其他功能
独立部门 independent department
department which is separate and distinct form the departments responsible for the activities which take place during the specific phase of the safety life cycle that is subject to the functional safety assessment or validation
在进行安全评估或确认的安全生命周期的特定阶段中,同负责所发生活动的部门分开且不同的部门。
独立组织 independent organization
organization which is separate and distinct, by management and other resources, from the organizations responsible for the activities which take place during the specific phase of the safety life cycle that is subject to the functional safety assessment or validation
在进行安全评估或确认的安全生命周期的特定阶段中,通过管理和其他资源同负责所发生活动的组织分开且不同的组织。
独立人员 independent person
person who is separate and distinct from the activities which take place during the specific phase of the safety life cycle that is subject to the functional safety assessment or validation and does not have direct responsibility for those activities
在进行安全评估或确认的安全生命周期的特定阶段中,同所发生活动分开且不同的人员,这些人员并不直接负责那些活动。
输入功能 input function
function which monitors the process and its associated equipment in order to provide input information for the logic solver
为了给逻辑解算器提供输入信息,监视过程及其相关设备的功能。
仪表 instrument
apparatus used in performing an action (typically found in instrumented systems)
在执行某个动作中使用的仪器(典型的可见仪表系统)。
逻辑功能 logic function
function which performs the transformations between input information (provided by one or more input functions) and output information (used by one or more output functio ns) ; logic functions provide the transformation from one or more input functions to one or more output functions
在输入信息(由一个或几个输入功能提供)和输出信息(由一个或几个输出功能使用)之间执行变换的功能;逻辑功能提供从一个或几个输入功能到一个或几个输出功能的转换。
逻辑解算器 logic solver
that portion of either a BPCS or SIS that performs one or more logic function(s)
既可以是一个BPCS的一部分,也可以是SIS的一部分,它执行一个或几个逻辑功能。
安全配置的逻辑解算器 safety configured logic solver
general purpose industrial grade PE logic solver which is specifically configured for use in safety applications in
根据11.5为在安全应用中使用专门配置的工业级通用型PE逻辑解算器。
维护/工程接口 maintenance/engineering interface
maintenance/engineering interface is that hardware and software provided to allow proper SIS maintenance or modification. It can include instructions and diagnostics which may be found in software, programming terminals with appropriate communication protocols, diagnostic tools, indicators, bypass devices, test devices, and calibration devices
为能正确维护或修改SIS所提供的硬件和软件。包括:在软件中可能含有的指令和诊断程序、具有适当通信协议的编程终端、诊断工具、指示器、旁路装置、试验装置和校正装置。
减轻? mitigation
action that reduces the consequence(s) of a hazardous event
减小危险事件后果的动作。
操作模式? mode of operation
way in which a safety instrumented function operates
仪表安全功能运行方式。
要求模式下的仪表安全功能? demand mode safety instrumented function
where a specified action (for example, closing of a valve) is taken in response to process conditions or other demands. In the event of a dangerous failure of the safety instrumented function a potential hazard only occurs in the event of a failure in the process or the BPCS
响应过程条件或其他要求而采取一个规定动作(如关闭一个阀门)的场合。在仪表安全功能的危险失效事件中,仅当发生过程或BPCS的失效事件时,才发生潜在危险。
连续模式下的仪表安全功能? continuous mode safety instrumented function
where in the event of a dangerous failure of the safety instrumented function a potential hazard will occur without further failure unless action is taken to prevent it
在仪表安全功能的危险失效事件中,如果不采取预防动作,即使没有进一步的失效,潜在危险也会发生。
模块 module
self-contained assembly of hardware components that performs a specific hardware f unction (i.e., digital input module, analogue output module), or reusable application program (can be internal to a program or a set of programs) that support a specific function, for example, portion of a computer program that carries out a specific function
执行某个特定硬件功能的硬件部件的自含式组件(即数字输入模块、模拟输出模块),或支持某一特定功能的可重用应用程序(可能是一个或一组内固程序)。如执行特定功能的计算机程序的一部分。
从N中取M? MooN
safety instrumented system, or part thereof, made up of “N” independent channels, which are so connected, that “M” channels are suffic
“N”个独立通道构成的安全仪表系统或其部分,它被连接成其中“M”个通道足以执行仪表安全功能。
必要的风险降低 necessary risk reduction
risk reduction required to ensure that the risk is reduced to a tolerable level
为保证把风险降低到允许水平所需的风险降低。
非可编程(NP)系统 non-programmable(NP) system
system based on non-computer technologies (i.e., a system not based on programmable electronics [PE] or software)
基于非计算机技术的系统(即不基于可编程电子[PE]或软件的系统)。
操作员接口 operator interface
means by which information is communicated between a human operator(s) and the SIS (for example, CRTs, indicating lights, push-buttons, horns, alarms); the operator interface is sometimes referred to as the human-machine interface (HMI)
在操作人员和SIS之间进行信息交换的手段(如阴极射线管CRT、指示灯、按钮、操纵杆、报警器);操作员接口有时又叫人机接口(HMI)。
其他技术安全相关系统 other technology safety related system
safety related systems that are based on a technology other than electrical, electronic, or programmable electronic
不基于电气、电子或可编程电子技术的安全相关系统。
输出功能 output function
function which controls the process and its associated equipment according to final actuator information from the logic function
根据来自逻辑功能的终端执行机构的信息,控制过程及其相关设备的功能。
阶段 phase
period within the safety life cycle where activities described in this standard take place
发生IEC61511中描述活动的安全生命周期中的某个时段。
预防 prevention
action that reduces the frequency of occurrence of a hazardous event
降低危险事件发生频率的动作。
以往使用 prior use
过程风险 process risk
risk arising from the process conditions caused by abnormal events (include BPCS malf unction)
因异常事件(包括BPCS功能失常)引起过程条件产生的风险。
可编程电子(PE) programmable electronics
electronic component or device forming part of a PES and based on computer technology. The term encompasses both hardware and software and input and out units
基于计算机技术构成PES一部分的电子部件或装置。本术语包括硬件和软件及输入和输出单元。
可编程电子系统(PES)? programmable electronic system (PES)
system for control, protection or monitoring based on one or more programmable electronic devices, including all elements of the system such as power supplies, sen
基于一个或多个可编程电子装置的,用于控制、防护或监视的系统,包括系统中所有的元素,如电源、传感器和其他输入装置、数据高速公路和其他通信途径、以及执行器和其他输出装置。
编程 programming
process of designing, writing and testing a set of instructions for solving a problem or processing data
为解决问题或处理数据而设计、编写和测试一组指令的过程。
检验测试 proof test
test performed to reveal undetected faults in a safety instrumented system so that, if necessary, the system can be restored to its designed functionality
为揭露安全仪表系统中未检测到的故障而执行的测试,以便在必要时把系统修复到所设计的功能。
保护层 protection layer
any independent mechanism that reduces risk by control, prevention or mitigation
借助控制、预防或减轻以降低风险的任何独立机制。
经使用验证的 proven-in-use
when a documented assessment has shown that there is appropriate evidence, based on the previous use of the component, that the component is suitable for use in a safety instrumented system
当文档化的评估显示有适当证据表明:基于部件以往使用的情况,该部件适用于安全仪表系统时。
质量 quality
totality of characteristics of an entity that bear on its ability to satisfy stated and implied needs
一个实体满足指明的和隐含需要的性能总和。
硬件随机失效 random hardware failure
failure, occurring at a random time, which results from a variety of degradation mechanisms in the hardware
在硬件中,由各种退化机制引起,以随机时间发生的失效。
冗余 redundancy
use of multiple elements or systems to perform the same function; redundancy can be implemented by identical elements (identical redundancy) or by diverse elements (diverse redundancy)
使用多个元素或系统来执行同一种功能;冗余可以使用同种元素实现(同型冗余 ),或使用不同元素实现(异型冗余)。
风险 risk
combination of the frequency of occurrence of harm and the severity of that harm
出现伤害的概率及该伤害严重性的组合。
安全失效 safe failure
failure which does not have the potential to put the safety instrumented system in a hazardous or fail-to-function state
不会使安全仪表系统处于潜在的危险状态或功能故障状态的失效。
安全失效分数 safe failure fraction
fraction of the overall random hardware failure rate of a device that results in either a safe failure or a detected dangerous failure
导致安全失效或者可检测出的危险失效的装置总硬件随机失效
安全状态 safe state
state of the process when safety is achieved
达到安全时的过程状态。
安全 safety
freedom from unacceptable risk
不存在不可接受的风险。
安全功能 safety function
function to be implemented by an SIS, other technology safety related system or external risk, reduction facilities, which is intended to achieve or maintain a safe state for the process, with respect to a specific hazardous event
针对特定的危险事件,为达到或保持过程的安全状态,由SIS、其他技术安全相关系统或外部风险降低设施实现的功能。
仪表安全控制功能 safety instrumented control function
safety instrumented function with a specified SIL operating in continuous mode which is necessary to prevent a hazardous condition from arising and/or to mitigate its consequences
具有某个规定的SIL并运行在连续模式下,以防止发生危险工况和/或减轻其后果所必需的仪表安全功能。
仪表安全控制系统 safety instrumented control system
instrumented system used to implement one or more safety instrumented control functions
用来实现一个或几个仪表安全控制功能的仪表系统。
仪表安全功能(SIF) safety instrumented function
safety function with a specified safety integrity level which is necessary to achieve functional safety and which can be either a safety instrumented protection function or a safety instrumented control function
具有某个特定SIL的,用以达到功能安全的安全功能,它既可以是一个仪表安全保护功能,也可以是一个仪表安全控制功能。
安全仪表系统(SIS) safety instrumented system
instrumented system used to implement one or more safety instrumented functions. An SIS is composed of any combination of sensor(s), logic solver(s), and final elements(s)
用来实现一个或几个仪表安全功能的仪表系统。SIS可以由传感器、逻辑解算器和最终元件的任何组合组成。
安全完整性? safety integrity
averag e probability of a safety instrumented system satisfactorily performing the required safety instrumented functions under all the stated conditions within a stated period of time
安全仪表系统在规定时段内、在所有规定条件下满意执行要求的仪表安全功能的平均概率。
安全完整性等级(SIL)? safety integrity level(SIL)
discrete level (one out of four) for specifying the safety integrity requirements of the safety instrumented functions to be allocated to the safety instrumented systems. Safety integrity level 4 has the highest level of safety integr
用来规定分配给安全仪表系统的仪表安全功能的安全完整性要求的离散等级(4个等级中的一个)。SIL 4是安全完整性的最高等级,SIL 1为最低等级。
安全完整性要求规范? safety integrity requirements specification
specification that contains the safety integrity requirements of the safety instrumented functions that have to be performed by the safety instrumented system(s)
包含了安全仪表系统应执行的仪表安全功能的安全完整性要求的规范。
安全生命周期? safety life cycle
necessary activities involved in the implementation of safety instrumented function(s) occurring during a period of time that starts at the concept phase of a project and finishes when all of the safety instrumented functions are no longer available for use
从项目概念阶段开始到所有的仪表安全功能不再适用时为止所发生的、包含在仪表安全功能实现中的必要活动。
安全手册 safety manual
manual which defines how the device, subsystem or system can be safely applied
定义如何安全使用装置、子系统或系统的手册。
安全要求规范 safety requirements specification
specification that contains all the requirements of the safety instrumented functions that have to be performed by the safety instrumented systems
包含安全仪表系统应执行的仪表安全功能的所有要求的规范。
安全软件 safety software
software in a safety instrumented system with application, embedded or utility software functionality
在安全仪表系统中具有应用软件功能性、嵌入式软件功能性或工具软件功能性的软件。
传感器 sensor
device or combination of devices, which measure the process condition (for example, transmitters, transducers, process switches, position switches)
测量过程条件的装置或装置组合(如:变送器、传感器、过程开关和定位开关)。
软件 software
intellectual creation comprising the programs, procedures, data, r ules and any associated documentation pertaining to the operation of a data processing system
包括程序、进程、数据、规则和关于数据处理系统操作的相关文档的智能创作。
固定程序语言(FPL) fixed program language
in this type of language, the user is limited to adjustment of a few parameters (for example, range of the pressure transmitter, alarm levels, network addresses)
限定用户只能调整几个参数(如压力变送器的量程、报警等级和网络地址)的语言类型。
有限可变语言(LVL) limited variability language
this type of language is designed to be comprehensible to process sector users, and
被设计成过程领域用户容易理解并可为实现安全要求规范提供组合预定的、应用专用的库功能能力的一种语言类型。LVL可提供一种与达到应用所要求的功能几乎一致的功能。
全可变语言(FVL)? full variability language
this type of language is designed to be comprehensible to computer programmers and provides the capability to implement a wide variety of functions and applications
设计成计算机编程者易于理解,并可提供实现各种各样功能和应用的能力的一种语言。
软件程序类型 software program type
应用软件 application software
software specific to the user application. In general, it contains logic sequences, permissives, limits and expressions that control the appropriate input, output, calculations, decisions necessary to meet the safety instrumented functional requirements. See fixed and limited variability language
用户应用专用软件。通常,它包含控制正确输入、输出、计算和决策的逻辑时序、允许值、极值和表达式,用以满足仪表安全功能所必须的要求。参见固定程序语言和有限可变语言。
嵌入式软件 embedded software
software that is part of the system supplied by the manufacturer and is not accessible for modification by the end-user. Embedded software is also referred to as firmware or system software
作为系统组成部分由制造商提供的软件,最终用户不能对其进行修改。嵌入式软件又叫固件或系统软件。
工具软件 utility software
software tools for the creation, modification, and documentation of application programs. These software tools are not required for the operation of the SIS
用来创建、修改和编写应用程序的软件工具。操作SIS并不需要这些软件工具。
软件生 命周期 software life cycle
activities occurring during a period of time that starts when software is conceived and ends when the software is permanently disused
从开始构思软件到永久性停用软件期间发生的活动。
子系统? subsystem
系统 system
set of elements, which interact according to a design; an element of a system can be another system, called a subsystem, which may be a controlling system or a controlled system and may include hardware, software and human interaction
根据设计相互联系的一组元素;系统的一个元素可以是称为子系统的另一系统,该子系统可以是一个主控系统,也
系统失效 systematic failure
failure related in a deterministic way to a certain cause, which can only be eliminated by a modification of the design or of the design or of the manufacturing process, operational procedures, documentation or other relevant factors
与某种起因以确定性方式有关的失效,只有对设计或制造过程、操作规程、文档或其他相关因素进行修改才能消除这种失效。
系统安全完整性 systematic safety integrity
that part of the safety integrity of safety instrumented function relating to systematic failures in a dangerous mode of failure
在失效的危险模式中与系统失效有关的仪表安全功能的安全完整性部分。
目标失效量 target failure measure
intended probability of dangerous mode failure to be achieved in respect of the safety integrity requirements, specified in terms of either the average probability of failure to perform the design function on demand (for a demand mode of operation) or the frequency of a dangerous failure to perform the SIF per hour (for a continuous mode of operation)
就安全完整性要求而言,应达到的预计危险模式失效概率,既可规定为要求时执行设计功能的平均失效概率(要求操作模式时),也可规定为每小时执行SIF的危险失效频率(连续操作模式时)。
模板 template
软件模板? software template
structured non-specific piece of application software that can be easily altered to support specific functions while retaining the original structure; for example, an interactive screen template controls the process flow of the application screens, but is not specific to the data being presented; a programmer may take the generic template and make function-specific revisions to produce a new screen for the users
保持原有结构的同时,易于改变以支持特定功 能的结构化非专用应用软件段;例如:交互界面模板控制应用界面的过程流,但并非专用于正呈现的数据。程序员可以采用通用模板,并做特定功能修改,从而为用户生成一个新界面。
允许风险 tolerable risk
risk which is accepted in a given context based on the current values of society
根据当今社会的水准,在給定范围内能够接受的风险。
未检测到的 undetected
未揭露出的 unrevealed
不明显的 covert
in relation to hardware and software faults not found by the diagnostic tests or during normal operation
与硬件和软件有关,未被诊断测试发现的或者在正常操作中未被发现的。
确认 validation
activity of demonstrating that the safety instrumented function(s) and safety in
用以证明被考虑的仪表安全功能和安全仪表系统在安装之后,在各方面都能满足安全要求规范的活动。
验证 verification
activity of demonstrating for each phase of the relevant safety life cycle by analysis and/or tests, that, for specific inputs, the outputs meet in all respects the objectives and requirements set for the specific phase
在相关安全生命周期的每个阶段,通过分析和/或测试,证明对于特定的输入,输出应在各方面都能满足为该特定阶段所设置的目标和要求的活动。
看门狗 watchdog
combination of diagnostics and an output device (typically a switch) for monitoring the correct operation of the programmable electronic (PE) device and taking action upon detection of an incorrect operation
用来监视可编程电子(PE)装置正确运行,并能在检测到不正确运行时采取动作的诊断装置和输出装置(典型如开关)的组合。
