Home Innovation Technologies-IEC61508

Applied Data Systems products have several features that make it possible to engineer functionally safe systems according to IEC61508. These features include advanced power management, including fail-safe startup and shutdown- self check and diagnostic hardware and software, third-party certified extended temperature and vibration specifications, extended MTTF from single board design and specially tested and robust operating system builds.

Power Management
An Applied Data system can be equipped with a super cap that allows safe shutdown and restart. "Hot", "Warm", "Cold" and "Frozen" restarts can be programmed based on how long power was off. When the device senses a power failure of a predetermined length it can switch to power off its capacitor. It can then have up to several seconds to run power shutdown routines, inspect the status of the process, notify other systems, and shut down its I/O in a controlled and predetermined manner. The system can also save the state of the process, either in nonvolatile flash or battery backed up RAM to allow subsequent diagnostics and orderly startup. While in power failure the systems can be kept in 'sleep' mode for days off of a small battery, or with information saved onto flash, can simply shut down. In the shutdown state some of the ADS systems have a Real Time Clock with an on-chip battery backup good for 10+ years. This means that when power returns the system can return to operation based on how long it was down. For example, after a short power failure of a few seconds, pumps and motors may still be spinning and return to operation must be based on this situation.

Self-Check
Most Applied Data systems have a onboard 8-bit microprocessor that can be programmed to work as a watchdog or activity timer. When used in connection with a OS-dependant, scheduled task this can be a very effective monitor of system health. This microprocessor is a fully separate system that continues to run no matter what happens to the main CPU. It has its own dedicated GPIO to signal main CPU failure. Within the OS, ADS systems can be built to have a full suite of OS self-monitoring, including measures for CPU load, task execution, com port activity, memory usage and event logging. Upon detection of any potential error situation, (for example a DOS attack on a network port or an approaching overload of the CPU), the system can reconfigure itself or cancel some tasks to take 'fail safe' or 'fail soft' action.

Extended Environmental Specifications
Using a procedure from CALCE labs at the University of Maryland, ADS can design circuits for extreme environments. We can and have met various specifications for SAE and military spec use. On request, these specifications can be 3rd party certified. This means that a safety system could keep working even if there is an emergency that causes high temperature or high-vibration conditions.

Reliable Single Board Design
Applied Data systems tend to include a great deal of I/O on an single board, eliminating connectors, cables and jumpers, a perennial source of failure. This, coupled with the robust environmental specs, give the ADS systems a MTTF (Mean Time to Failure) of 40,000 hours or more. It is important to remember this is a system spec, not the spec for a single card that gets combined with three or four other cards to provide equivalent I/O. If a redundant or triplex configuration is desired, ADS systems have a variety of high speed parallel or serial interface options that can keep process databases synchronized between computers.

Special OS System Builds
For applications requiring safety, Applied Data routinely supplies special OS builds with all components not germane to the application removed. Also, all code provided by Applied Data is stress-tested and run for extended periods to disclose any memory leaks or systematic faults. If specified by the customer, these systems can be submitted for 3rd party verification of conformance to OS spec.

In summary, an ADS system provides a secure framework to build an IEC-61508 functionally safe system. The watchdog timers, power back ups and environmental housings used for other systems are built into an ADS system resulting in lower cost, more straightforward engineering and more robust system design.

For more information, contact us.