Last edit: 26/02/2024
Introduction
In the previous articles we explored the Parameter PFDavg: Average Probability of Failure on Demand. It is used to indicate the reliability of a Safety Instrumented System operating in Low demand. We will now explore the domain of Safety-related Control Systems working in High Demand. The parameter used in defined as Probability of Failure per Hour and the acronym is PFH.
Actually, there is a bit of confusion with that parameter and it is due to its usage in ISO 13849-1, up to the third edition (2015) the standard used the acronym PFHD defined as “average probability of dangerous failure per hour”. That definition was not correct since the PFH is a frequency and not a probability. That was changed in the fourth edition of 2023. Its definition is now aligned with both IEC 61508 series and IEC 62061 (see later in this article).
Il PFH
The starting point for the calculation of the PFH is the Failure Frequency. Hereafter its definitions [29]:
[ISO/TR 12489] 3.1 Basic Reliability concepts
3.1.22 Failure Frequency (or Unconditional Failure Intensity) w(t). Conditional probability per unit of time that the item fails between t and t+dt, provided that it was working at time 0
In high demand mode, the unreliability value used is the Average Failure Frequency. Here its definitions [29]:
[ISO/TR 12489] 3.1 Basic Reliability concepts
3.1.23 average failure frequency . Average value of the time-dependent failure frequency over a given time interval
The average failure frequency is also called “Probability of Failure per Hour” (PFH) by the standards related to functional safety of safety related instrumented systems:
However the correct term for PFH is Average Failure frequency. That is the reason why, in the new edition of IEC 62061, PFH is defined as the following [12]:
[IEC 62061] 3.2 Terms and definitions
3.2.29 average frequency of a dangerous failure per hour PFH or PFHD. average frequency of dangerous failure of an SCS to perform a specified safety function over a given period of time where T is the overall life duration of the system.
Where:
- λA: is the failure rate of the component
- μA: is the component restoration rate. Please consider that the restoration rate has the same mathematical properties of the failure rate.
Since the model includes the restoration transition, the system is considered repairable; in other terms, it can be brought to an “as new status” after a repair or a Proof Test. In general, the unconditional failure intensity w(t) is a saw-teeth curve while f(t) is decreasing and goes to 0 when t goes to infinity.
Considering the following data (example taken from [29] Annex C):
- λA = 510-4 [h-1]
- μA = 0,01 [h-1]
- τ = 2160 h
the graphs are the following:
