Issue 5 - September 2006 Page 8 of 652 Introduction2.1 General InformationThis Safety Manual provides the information necessary to safely configure, install, operate,maintain and de-commission Triguard SC300E Safety Controllers certified for safetyapplications.It should be recognised that this manual applies to all safety critical functions only. Wherefunctions apply to monitoring, indication only or non safety applications this manual does notnecessarily apply.On all systems relating to safety it is first necessary to decide which I/O points are directlyrelated to the safety functions. These will normally include all inputs and outputs documentedon the "cause and effect charts" or "fault schedules", but may include other monitoring or controlpoints. It is the responsibility of the System Designer to enquire if any additional points aresafety related.By following the guidance in this manual, the user will be assured that his Triguard SC300ESafety System will be configured, installed, commissioned, operated and maintained with safetyfirst as the prime objective. This manual however can give no assurance that the basic safetyspecifications (cause and effects/fault schedule) are correct.This manual is restricted to safety aspects of the functions covered and does not remove therequirements to follow the guidance in SC300E User Manual 008-5197.2.2 Manual OrganisationThe manual is structured following the introduction section to follow the safety aspects of theLife Cycle model of the Triguard SC300E Programmable Safety Systems. Sections aretherefore provided on the safety aspects of Design and Configuration, Installation andCommissioning, Operation, Maintenance and De-Commissioning.2.3 Product Introduction and Overview2.3.1 The Triguard SC300EThe SC300E has been designed as a cost effective, fault tolerant control system suitable foruse in industrial situations where the control system's reliability, availability and predictableperformance is of paramount importance. The Triguard SC300E is certified for use in safetyapplications, such as process and emergency shutdown. For fire and gas applications referto the Safety Manual SS 0799.The two key components of the Triguard SC300E, that permit system availability’s in excess of99.999%, (about 1 hour downtime in 11 years) to be realised, are as follows. Systemavailability is calculated using MIL 217F failure rates and a given MTTR of typically 4 hours.Lengthening or shortening the MTTR will decrease or increase the system availabilityrespectively.• Triple Modular Redundant architecture - TMR• Software Implemented Fault Tolerance - SIFT