1、基本术语一、IEC 61508标准术语说明:以下术语摘录自功能安全标准IEC61508和国家标准GB/T20438。4。故术语标号也未曾改动。3.1安全术语3.1.1伤害 harmphysical injury or damage to the health of people either directly or indirectly as a result of damage to property or to the environment.由于对财产或环境的破坏而导致的直接或间接地对人体健康的损害或对人身的损伤。3.1.2危险 hazardpotential source of har
2、m伤害的潜在根源3.1.3危险情况 hazardous situationcircumstance in which a person is exposed to hazard(s)人暴露于危险的环境。3.1.4危险事件 hazardous eventhazardous situation which results in harm导致伤害的危险情况。3.1.5风险 riskcombination of the probability of occurrence of harm and the severity of that harm出现伤害的概率及该伤害严重性的组合。3.1.6允许风险 t
3、olerable riskrisk which is accepted in a given context based on the current values of society根据当今社会的水准,在给定的范围内能够接受的风险。3.1.7残余风险 residual riskrisk remaining after protective measures have been taken采取防护措施以后仍存在的风险。3.1.8安全 safety freedom from unacceptable risk不存在不可接受的风险。3.1.9功能安全 functional safety part
4、 of the overall safety relating to the EUC and the EUC control system which depends on the correct functioning of the E/E/PE safety-related systems, other technology safety-related systems and external risk reduction facilities与EUC和EUC控制系统有关的整体安全的组成部分,它取决于E/E/PE安全相关系统,其它技术安全相关系统和外部风险降低设施功能的正确行使。3.1.
5、10安全状态 safe stateState of the EUC when safety is achieved达到安全时EUC的状态。3.1.11合理的可预见的误用 reasonable foreseeable misuse Use of a product, process or service under conditions or for purposes not intended by the supplier, but which can happen, induced by the product, process or service in combination with,
6、 or as a result of, common human behaviour由于产品、过程或服务加上人的行为习惯而导致的,或者作为人的行为习惯的一个结果有可能发生的,未按照供方要求的条件和用途对产品、过程和服务的使用。3.2 设备和装置 Equipment and devices3.2.1功能单元 functional unit Entity of hardware or software, or both, capable of accomplishing a specified purpose能够完成规定目的的软件、硬件或两者相结合的实体。3.2.2软件 software inte
7、llectual creation comprising the programs, procedures, data, rules and any associated documentation pertaining to the operation of a data processing system包括程序、规程、数据、规则以及相关的数据处理系统操作文档在内的智能创作。3.2.3受控设备 equipment under control(EUC)equipment, machinery, apparatus or plant used for manufacturing, proces
8、s, transportation, medical or other activities用于制造、加工、运输、制药或其它活动的设备、机器、器械或成套装置。3.2.4EUC风险 EUC risk risk arising from the EUC or its interaction with the EUC control system由EUC或由EUC与EUC控制系统相互作用而产生的风险。3.2.5可编程电子(PE) programmable electronic(PE)可编程电子以计算机技术为基础,可以由硬件、软件及其输入和(或)输出单元构成。based on computer tec
9、hnology which may be comprised of hardware, software, and of input and/or output units举例:下列均是可编程电子装置:微处理器;微控制器;可编程控制器;专用集成电路(ASIC);可编程逻辑控制器(PLC);其它以计算机为基础的装置(智能传感器、变送器、执行器)。3.2.6电气/电子/可编程电子 (E/E/PE)electrical/electronic/programmable electronicBased on electrical(E) and/or electronic(E) and/or progra
10、mmable electronic (PE) technology基于电气(E)和/或 电子(E)和/或 可编程电子(PE)的技术。举例:电气/电子/可编程电子装置包括:电机装置(电气);使用电晶体的非可编程电子装置(电子);以计算机技术为基础的电子装置(可编程电子)3.2.7有限可变语言 limited variability languageSoftware programming language, either textual or graphical, for commercial and industrial programmable electronic controllers
11、with a range of capabilities limited to their application能力范围局限于应用的,用于工商业可编程电子控制器的,文本的或图形的软件编程语言。3.3 系统:一般概念3.3.1系统 systemSet of elements which interact according to a design, where an element of a system can be another system, called a subsystem, which may be a controlling system or a controlled sy
12、stem and may include hardware, software and human interaction根据设计相互作用的一组元素,可能包括相互作用的硬件、软件和人等。系统中的某一元素也可自成一个另外的系统,称为子系统,子系统可以是控制系统也可以是被控系统。3.3.2可编程电子系统 (PES) programmable electronic system(PES)System for control, protection or monitoring based on one or more programmable electronic devices, including
13、 all elements of the system such as power supplies, sensors and other input devices, data highways and other communication paths, and actuators and other output devices基于一个或多个可编程电子装置的控制、防护或监视系统,包括系统中所有的元素,诸如电源、传感器和其它输入装置,数据高速公路和其它通信路径,以及执行器和其它输出装置3.3.3电气/电子/可编程电子系统 (E/E/PES)electrical/electronic/pro
14、grammable electronic system(E/E/PES)System for control, protection or monitoring based on one or more electrical/electronic programmable electronic (E/E/PE) devices, including all elements of the system such as power supplies, sensors and other input devices, data highways and other communication pa
15、ths, and actuators and other output devices.基于一个或多个电气/电子/可编程电子(E/E/PE)装置的用于控制、防护或监视的系统,包括系统中所有的元素,诸如电源、传感器和其它输入装置,数据高速公路和其它通信途径,以及执行器和其它输出装置3.3.4EUC控制系统 EUC control systemSystem which responds to input signals from the process and/or from an operator and generates output signals causing the EUC to o
16、perate in the desired manner对来自过程和(或)操作者的输入信号起反应,产生能使EUC按要求的方式工作的输出信号的系统。3.3.5结构 architectureSpecific configuration of hardware and software elements in a system在一个系统中硬件和软件元素的特定配置。3.3.6模块 moduleRoutine, discrete component or a functional set of encapsulated routines or discrete components belonging
17、together程序、分立部件、封装程序的一个功能集、或一组归并在一起的分立部件。3.3.7软件模块 software moduleConstruct that consists of procedures and/or data declarations and that can also interact with other such constructs由规程和(或)数据说明组成的构造,并能与其它这样的构造相互作用。3.3.8通道 channelElement or group of elements that independently perform(s) a function独立
18、执行一个功能的一个或一组元素3.3.9多样性 diversitydifferent means of performing a required function执行一个要求功能的不同方法。3.3.10冗余 redundancymeans, in addition to the means which would be sufficient, for a functional unit to perform a required function or for data to represent information对于执行一个要求功能的功能单元或对于表示信息的数据而言,除了够用之外还有多余
19、。3.4 系统:安全方面3.4.1安全相关系统 safety-related systemdesignated system that both: implements the required safety functions necessary to achieve or maintain a safe state for the EUC; and is intended to achieve, on its own or with other E/E/PE safety-related systems, other technology safety-related systems or
20、 external risk reduction facilities, the necessary safety integrity for the required safety functions 所指的系统:必需要能实现要求的安全功能以达到或保持EUC的安全状态;并且自身或与其它E/E/PE安全相关系统、其它技术安全相关系统或外部风险降低设施一道,能够达到要求的安全功能所需的安全完整性。3.4.2其它技术安全相关系统 other technology safety-related systemsafety-related system based on a technology oth
21、er than electrical/electronic/programmable electronic基于电气/电子/可编程电子技术之外的安全相关系统。3.4.3外部风险降低设施 external risk reduction facilitymeasure to reduce or mitigate the risks which are separate and distinct from, and do not use, E/E/PE safety-related systems or other technology safety-related systems不使用E/E/PE安
22、全相关系统或其它技术安全相关系统,且与上述系统分开并不同的降低或减轻风险的手段。3.4.4简单E/E/PE安全相关系统 low complexity E/E/PE safety-related system the failure modes of each individual component are well defined; and the behaviour of the system under fault conditions can be completely determined 一种E/E/PE安全相关系统 其中:已很好确定了每个单独部件的失效模式;能完全确定在故障状况下
23、系统的行为。3.4.5逻辑系统 logic systemPortion of a system that performs the function logic but excludes the sensors and final elements系统的一部分,用于执行功能逻辑,但不包括传感器和最终元件。3.5 安全功能和安全完整性3.5.1安全功能 Safety functionfunction to be implemented by an E/E/PE safety-related system, other technology safety-related system or ext
24、ernal risk reduction facilities, which is intended to achieve or maintain a safe state for the EUC, in respect of a specific hazardous event针对特定的危险事件,为达到或保持EUC的安全状态,由E/E/PE安全相关系统、其它技术安全相关系统或外部风险降低设施实现的功能3.5.2安全完整性 safety integrityprobability of a safety-related system satisfactorily performing the r
25、equired safety functions under all the stated conditions within a stated period of time在规定的条件下、规定的时间内,安全相关系统成功实现所要求的安全功能的概率。3.5.3软件安全完整性 software safety integritymeasure that signifies the likelihood of software in a programmable electronic system achieving its safety functions under all stated cond
26、itions within a stated period of time在所有规定条件下和规定时间内表示软件在可编程电子系统中执行其安全功能的可能性的量值。3.5.4系统安全完整性 systematic safety integritypart of the safety integrity of safety-related systems relating to systematic failures in a dangerous mode of failure在危险失效模式中与系统失效有关的安全相关系统安全完整性的一部分3.5.5硬件安全完整性(hardware safety inte
27、grity)part of the safety integrity of the safety related systems relating to random hardware failures in a dangerous mode of failure在危险失效模式中与随机硬件失效有关的安全相关系统安全完整性的一部分。3.5.6安全完整性等级(SIL) safety integrity level(SIL)discrete level (one out of a possible four) for specifying the safety integrity requireme
28、nts of the safety functions to be allocated to the E/E/PE safety-related systems, where safety integrity level 4 has the highest level of safety integrity and safety integrity level 1 has the lowest一种离散的等级(四种可能等级之一),用于规定分配给E/E/PE安全相关系统的安全功能的安全完整性要求,在这里,安全完整性等级4是最高的,安全完整性等级1是最低的。3.5.7软件安全完整性等级 softwa
29、re safety integrity leveldiscrete level (one out of a possible four) for specifying the safety integrity of software in a safety-related system一种离散的等级(四种可能等级之一)用于规定在安全相关系统中软件的安全完整性。3.5.8安全要求规范 safety requirement specificationspecification containing all the requirements of the safety functions that
30、have to be performed by the safety-related systems一种技术规定,包括安全相关系统必须要执行安全功能的所有要求。3.5.9安全功能要求规范 safety function requirement specificationspecification containing the requirements for the safety functions that have to be performed by the safety-related systems一种技术规定,包括安全相关系统必须要执行的安全功能要求。3.5.10安全完整性要求规范
31、 safety integrity requirement specificationspecification containing the safety integrity requirements of the safety functions that have to be performed by the safety-related systems一种技术规定,包括安全相关系统必须要执行的安全功能的安全完整性要求。3.5.11安全相关软件 safety-related softwaresoftware that is used to implement safety functio
32、ns in a safety-related system在安全相关系统中用于实现安全功能的软件。3.5.12操作模式 mode of operationWay in which a safety-related system is intended to be used, with respect to the frequency of demands made upon it, which may be either-low demand mode: where the frequency of demands for operation made on a safety-related
33、system is no greater than one per year and no greater than twice the proof-test frequency-high demand or continuous mode: where the frequency of demands for operation made on a safety-related system is greater than one per year or greater than twice the proof-check frequency低要求模式:在这种模式下,对一个安全相关系统提出操
34、作要求的频率不大于每年一次和不大于二倍的检验测试频率。高要求或连续模式:在这种模式下,对一个安全相关系统提出操作要求的频率大于每年一次或大于二倍的检验测试频率。3.5.13目标失效量 target failure measureIntended probability of dangerous mode failures to be achieved in respect of the safety integrity requirements, specified in terms of either-the average probability of failure to perform
35、 the design function on demand (for a low demand mode of operation)-the probability of a dangerous failure per hour (for a high demand or continuous mode of operation)相对于安全完整性要求要达到预计的危险模式失效概率,规定为下列两种之一:按要求执行设计功能的平均失效概率(对于低要求操作模式);每小时危险失效的概率(对于高要求或连续操作模式);3.5.14必要的风险降低 necessary risk reductionrisk re
36、duction to be achieved by the E/E/PE safety-related systems, other technology safety-related systems and external risk reduction facilities in order to ensure that the tolerable risk is not exceeded为保证不超过允许风险,由E/E/PE安全相关系统、其它技术安全相关系统和外部风险降低设施达到的风险降低。3.6 故障、失效和错误3.6.1故障 fault使功能单元执行要求之功能的能力降低或失去其能力的异
37、常状况。abnormal condition that may cause a reduction in, or loss of, the capability of a functional unit to perform a required function3.6.2故障避免 fault avoidanceusing techniques and procedures which aim to avoid the introduction of faults during any phase of the safety lifecycle of the safety-related sy
38、stem在安全相关系统安全生命周期的任何阶段中为避免发生故障而使用的技术和规程。3.6.3故障裕度 fault tolerancethe ability of a functional unit to continue to perform a required function in the presence of faults or errors在出现故障或错误的情况下,功能单元继续执行一个要求功能的能力。3.6.4失效 failurethe termination of the ability of a functional unit to perform a required func
39、tion功能单元执行一个要求功能之能力的终止。3.6.5随机硬件失效 random hardware failurefailure, occurring at a random time, which results from one or more of the possible degradation mechanisms in the hardware在硬件中,由一种或几种机能退化可能产生的,按随机时间出现的失效。3.6.6系统失效 Systematic failurefailure related in a deterministic way to a certain cause, w
40、hich can only be eliminated by a modification of the design or of the manufacturing process, operational procedures, documentation or other relevant factors原因确定的失效,只有对设计或制造过程、操作规程、文档或其它相关因素进行修改后,才有可能排除这种失效。3.6.7危险失效 dangerous failurefailure which has the potential to put the safety-related system in
41、 a hazardous or fail-to-function state使安全相关系统处于潜在的危险或丧失功能状态的失效。3.6.8安全失效 safe failurefailure which does not have the potential to put the safety-related system in a hazardous or fail-to-function state不可能使安全相关系统处于潜在的危险或丧失功能状态的失效。3.6.9相关失效 dependent failurefailure whose probability cannot be expressed
42、 as the simple product of the unconditional probabilities of the individual events which caused it其概率不能表示为引起它的独立事件的无条件概率的简单乘积的失效。3.6.10共同原因失效 common cause failurefailure, which is the result of one or more events, causing coincident failures of two or more separate channels in a multiple channel sys
43、tem, leading to system failure一种失效,它是一个或多个事件导致的结果,在多通道系统中引起两个或多个分离通道同时失效,从而导致系统失效。3.6.11错误 errordiscrepancy between a computed, observed or measured value or condition and the true, specified or theoretically correct value or condition计算、观测和测量到的值或条件与真值、规定的或理论上的正确值或条件的差异。3.6.12人为错误 human error失误mista
44、kehuman action or inaction that produces an unintended result引发非期望结果的人的动作或不动作3.7 生命周期活动3.7.1安全生命周期 safety lifecyclenecessary activities involved in the implementation of safety-related systems, occurring during a period of time that starts at the concept phase of a project and finishes when all of t
45、he E/E/PE safety-related systems, other technology safety-related systems and external risk reduction facilities are no longer available for use安全相关系统实现过程中所必需的生命活动,这些活动发生在从一项工程的概念阶段开始,直至所有的E/E/PE安全相关系统,其它技术安全相关系统,以及外部风险降低设施停止使用为止的一段时间内。3.7.2软件生命周期 software lifecycleactivities occurring during a peri
46、od of time that starts when software is conceived and ends when the software is permanently disused从软件开始构思到软件永久停用期间的活动。3.7.3配置管理 configuration managementdiscipline of identifying the components of an evolving system for the purposes of controlling changes to those components and maintaining continui
47、ty and traceability throughout the lifecycle为了控制系统部件的改变和在生命周期全过程中保持连续性和可追溯性,标记一个进化中的系统部件的规则。3.7.4影响分析 impact analysisactivity of determining the effect that a change to a function or component in a system will have to other functions or components in that system as well as to other systems确定一个系统中的一个功能或部件的改变将对该系统中其它功能或部件以及其它系统产生影响的活动。3.8 安全量的证实3.8.1验证 verificationconfirmation by examination and provision of objective evidence that the requirements have been fulfilled通过检查和提供客观证据证实规定要求已经满足。3.8.2确认 validationconfirmation by examination and provision of o