功能安全術(shù)語

1、基本術(shù)語 一、IEC 61508 標準術(shù)語說明：以下術(shù)語摘錄自功能安全標準IEC61508和國家標準GB/T20438。4。故術(shù)語標號也未曾改動。安全術(shù)語3.1.1傷害 harmphysical injury or damage to the health of people either directly or indirectly as a result of damage to property or to the environment.由于對財產(chǎn)或環(huán)境的破壞而導(dǎo)致的直接或間接地對人體健康的損害或?qū)θ松淼膿p傷。3.1.2危險 hazardpotential source of harm

2、傷害的潛在根源3.1.3危險情況 hazardous situationcircumstance in which a person is exposed to hazard(s) 人暴露于危險的環(huán)境。3.1.4危險事件 hazardous eventhazardous situation which results in harm 導(dǎo)致傷害的危險情況。3.1.5風險 riskcombination of the probability of occurrence of harm and the severity of that harm 出現(xiàn)傷害的概率及該傷害嚴重性的組合。3.1.6允許風險

3、 tolerable riskrisk which is accepted in a given context based on the current values of society 根據(jù)當今社會的水準,在給定的范圍內(nèi)能夠接受的風險。3.1.7殘余風險 residual riskrisk remaining after protective measures have been taken 采取防護措施以后仍存在的風險。3.1.8安全 safetyfreedom from unacceptable risk 不存在不可接受的風險。3.1.9功能安全 functional safetyp

4、art ofthe overall safety relating to the EUC and the EUC control system which depends on the correct functioning of the E/E/PE safety -related systems, other technology safety-related systems andexternal risk reduction facilities與EUC和EUC控制系統(tǒng)有關(guān)的整體安全的組成部分，它取決于E/E/PE安全相關(guān)系統(tǒng)，其它技術(shù)安全相關(guān)系統(tǒng) 和外部風險降低設(shè)施功能的正確行使。

5、安全狀態(tài) safe stateState of the EUC when safety is achieved達到安全時EUC的狀態(tài)。3.1.11合理的可預(yù)見的誤用 reasonable foreseeable misuseUse of a product, process or service under conditions or for purposes not intended by the supplier,but which can happen, induced by the product, process or service in comb ination with, or

6、 as a result of, common human behaviour 由于產(chǎn)品、過程或服務(wù)加上人的行為習慣而導(dǎo)致的，或者作為人的行為習慣的一個結(jié)果有可能發(fā)生的，未按 照供方要求的條件和用途對產(chǎn)品、過程和服務(wù)的使用。設(shè)備和裝置 Equipment and devices3.2.1功能單元 functional unitEntity of hardware or software, or both, capable of accomplishing a specified purpose能夠完成規(guī)定目的的軟件、硬件或兩者相結(jié)合的實體。3.2.2軟件 softwareintellectua

7、l creation comprising the programs, procedures, data, rules and any associated documentation pertaining to the operation of a data processing system 包括程序、規(guī)程、數(shù)據(jù)、規(guī)則以及相關(guān)的數(shù)據(jù)處理系統(tǒng)操作文檔在內(nèi)的智能創(chuàng)作。3.2.3受控設(shè)備 equipment under control（EUC）equipment, machinery, apparatus or plant used for manufacturing, process, tra

8、nsportation, medical or other activities 用于制造、加工、運輸、制藥或其它活動的設(shè)備、機器、器械或成套裝置。3.2.4EUC 風險 EUC riskrisk arising from the EUC or its in teraction with the EUC control system由EUC或由EUC與EUC控制系統(tǒng)相互作用而產(chǎn)生的風險。3.2.5可編程電子（PE） programmable electronic （PE） 可編程電子以計算機技術(shù)為基礎(chǔ)，可以由硬件、軟件及其輸入和（或）輸出單元構(gòu)成。based on computer techn

9、ology which may be comprised of hardware, software, and of input and/or output units舉例：下列均是可編程電子裝置：微處理器；微控制器；可編程控制器；專用集成電路（ASIC）；可編程邏輯控制器（PLC ）；其它以計算機為基礎(chǔ)的裝置（智能傳感器、變送器、執(zhí)行器）。3.2.6電氣 / 電 子/可編 程電子 （E/E/PE ） electrical/electronic/programmable electronicBased on electrical（E） and/or electronic（E） and/or p

10、rogrammable electronic （PE） technology基于電氣（E）和/或 電子（E）和/或 可編程電子（PE）的技術(shù)。舉例：電氣/電子/可編程電子裝置包括：電一機裝置（電氣）；使用電晶體的非可編程電子裝置（電子）；以計算機技術(shù)為基礎(chǔ)的電子裝置（可編程電子）3.2.7有限可變語言 limited variability languageSoftware programming language, either textual or graphical, for commercial and industrialprogrammable electronic control

11、lers with a range of capabilities limited to their application 能力范圍局限于應(yīng)用的，用于工商業(yè)可編程電子控制器的，文本的或圖形的軟件編程語言。系統(tǒng)：一般概念3.3.1系統(tǒng) systemSet of elements which interact according to a design, where an element of a system can be anothersystem, called a subsystem, which may be a controlling system or a controlled s

12、ystem and may include hardware, software and human interaction 根據(jù)設(shè)計相互作用的一組元素，可能包括相互作用的硬件、軟件和人等。系統(tǒng)中的某一元素也可自成一個另 外的系統(tǒng)，稱為子系統(tǒng)，子系統(tǒng)可以是控制系統(tǒng)也可以是被控系統(tǒng)。3.3.2可編程電子系統(tǒng) (PES) programmable electronic system(PES)System for control, protection or monitoring based on one or more programmable electronic devices, includ

13、ing all elements of the system such as power supplies, sensors and other input devices, data highways and other communication paths, and actuators and other output devices基于一個或多個可編程電子裝置的控制、防護或監(jiān)視系統(tǒng)，包括系統(tǒng)中所有的元素，諸如電源、傳感器和其 它輸入裝置，數(shù)據(jù)高速公路和其它通信路徑，以及執(zhí)行器和其它輸出裝置3.3.3電氣/電子/可編程電子系統(tǒng)(E/E/PES ) elec trical/elec tro

14、nic/programmableelec tronic sys tem(E/E/PES)System for control, protection or monitoring based on one or more electrical/electron icprogrammable electronic (E/E/PE) devices, including all elements of the system such as power supplies, sensors and other input devices, data highways and other communic

15、ation paths, and actuators and other output devices.基于一個或多個電氣/電子/可編程電子(E/E/PE)裝置的用于控制、防護或監(jiān)視的系統(tǒng)，包括系統(tǒng)中所有的元 素,諸如電源、傳感器和其它輸入裝置，數(shù)據(jù)高速公路和其它通信途徑，以及執(zhí)行器和其它輸出裝置3.3.4EUC 控制系統(tǒng) EUC control systemSystem which responds to input signals from the process and/or from an operator and generates output signals causing th

16、e EUC to operate in the desired manner 對來自過程和（或）操作者的輸入信號起反應(yīng)，產(chǎn)生能使EUC按要求的方式工作的輸出信號的系統(tǒng)。3.3.5結(jié)構(gòu) architectureSpecific configuration of hardware and software elements in a system 在一個系統(tǒng)中硬件和軟件元素的特定配置。3.3.6模塊 moduleRoutine, discrete component or a functional set of encapsulated routines or discret e componen

17、ts belonging together 程序、分立部件、封裝程序的一個功能集、或一組歸并在一起的分立部件。3.3.7軟件模塊 software moduleConstruct that consists of procedures and/or data declarations and that can also interact with other such constructs由規(guī)程和（或）數(shù)據(jù)說明組成的構(gòu)造，并能與其它這樣的構(gòu)造相互作用。3.3.8通道 channelElement or group of elements that independently perform（s

18、） a function 獨立執(zhí)行一個功能的一個或一組元素3.3.9多樣性 diversitydifferent means of performing a required function 執(zhí)行一個要求功能的不同方法。3.3.10冗余 redundancymeans, in addition to the means which would be sufficient, for a functional unit to perform a required function or for data to represent information 對于執(zhí)行一個要求功能的功能單元或?qū)τ诒硎拘?/p>

19、息的數(shù)據(jù)而言，除了夠用之外還有多余。系統(tǒng)：安全方面3.4.1安全相關(guān)系統(tǒng) safety-related systemdesignated system that both:implements the required safety functions necessary to achieve or maintain a safe state for the EUC;and is intended to achieve, on its own or with other E/E/PE safety -related systems, other technology safety-relate

20、d systems or external risk reduction facilities, the necessary safety integrity for the required safety functions所指的系統(tǒng)：必需要能實現(xiàn)要求的安全功能以達到或保持EUC的安全狀態(tài)；并且自身或與其它E/E/PE安全相關(guān)系統(tǒng)、其它技術(shù)安全相關(guān)系統(tǒng)或外部風險降低設(shè)施一道，能夠達到要求的 安全功能所需的安全完整性。 其它技術(shù)安全相關(guān)系統(tǒng) other technology safety -related system safety-related system based on a tech

21、nology other than electrical/electronic/programmableelectronic 基于電氣/電子/可編程電子技術(shù)之外的安全相關(guān)系統(tǒng)。3.4.3外部風險降低設(shè)施 external risk reduction facilitymeasure to reduce or mitigate the risks which are separate and distinct from, and do not use, E/E/PE safety-related systems or other technology safety -related system

22、s不使用E/E/PE安全相關(guān)系統(tǒng)或其它技術(shù)安全相關(guān)系統(tǒng)，且與上述系統(tǒng)分開并不同的降低或減輕風險的手段。3.4.4簡單 E/E/PE 安全相關(guān)系統(tǒng) low complexity E/E/PE safety-related systemthe failure modes of each individual component are well defined; andthe behaviour of the system under fault conditions can be completely determined一種E/E/PE安全相關(guān)系統(tǒng) 其中：已很好確定了每個單獨部件的失效模式；

23、能完全確定在故障狀況下系統(tǒng)的行為。3.4.5邏輯系統(tǒng) logic systemPortion of a system that performs the function logic but excludes the sensors and final elements 系統(tǒng)的一部分，用于執(zhí)行功能邏輯，但不包括傳感器和最終元件。安全功能和安全完整性3.5.1安全功能 Safety functionfunction to be implemented by an E/E/PE safety-related system, other technology safety-relatedsystem

24、 or external risk reduction facilities, which is intended to achieve or maintain a safe state for the EUC, in respect of a specific hazardous event針對特定的危險事件，為達到或保持EUC的安全狀態(tài)，由E/E/PE安全相關(guān)系統(tǒng)、其它技術(shù)安全相關(guān)系統(tǒng)或外 部風險降低設(shè)施實現(xiàn)的功能3.5.2安全完整性 safety integrityprobability of a safety -related system satisfactorily perform

25、ing the required safety functions under all the stated conditions within a stated period of time 在規(guī)定的條件下、規(guī)定的時間內(nèi)，安全相關(guān)系統(tǒng)成功實現(xiàn)所要求的安全功能的概率。3.5.3軟件安全完整性 software safety integritymeasure that signifies the likelihood of software in a programmable electronic system achievingits safety functions under all st

26、ated conditions within a stated period of time 在所有規(guī)定條件下和規(guī)定時間內(nèi)表示軟件在可編程電子系統(tǒng)中執(zhí)行其安全功能的可能性的量值。3.5.4系統(tǒng)安全完整性 systematic safety integritypart ofthe safety integrity ofsafety -related systems relating tosystematic failures in a dangerous mode of failure在危險失效模式中與系統(tǒng)失效有關(guān)的安全相關(guān)系統(tǒng)安全完整性的一部分3.5.5硬件安全完整性(hardware saf

27、ety integrity) part of the safety integrity of the safety related systems relating to random hardware failures in a dangerous mode of failure 在危險失效模式中與隨機硬件失效有關(guān)的安全相關(guān)系統(tǒng)安全完整性的一部分。3.5.6安全完整性等級(SIL)safety integrity level (SIL)discrete level (one out of a possible four) for specifying the safety integrity

28、 requirements ofthe safety functions to be allocated to the E/E/PE safety-related systems, where safety integritylevel 4 has the highest level of safety integrity and safety integrity level 1 has the lowest 一種離散的等級(四種可能等級之一)，用于規(guī)定分配給E/E/PE安全相關(guān)系統(tǒng)的安全功能的安全完整性要求, 在這里，安全完整性等級4是最高的，安全完整性等級1是最低的。3.5.7軟件安全完整

29、性等級 software safety integrity leveldiscrete level (one out of a possible four) for specifying the safety integrity of software in a safety-related system 一種離散的等級(四種可能等級之一)用于規(guī)定在安全相關(guān)系統(tǒng)中軟件的安全完整性。3.5.8安全要求規(guī)范 safety requirement specificationspecification containing all the requirements of the safety func

30、tions that have to be performed by the safety-related systems 一種技術(shù)規(guī)定，包括安全相關(guān)系統(tǒng)必須要執(zhí)行安全功能的所有要求。3.5.9安全功能要求規(guī)范 safety function requirement specificationspecification containing the requirements for the safety functions that have to be performed by the safety-related systems 一種技術(shù)規(guī)定，包括安全相關(guān)系統(tǒng)必須要執(zhí)行的安全功能要求。3.

31、5.10安全完整性要求規(guī)范 safety integrity requirement specificationspecification containing the safety integrity requirements of the safety functions that have to be performed by the safety -related systems 一種技術(shù)規(guī)定，包括安全相關(guān)系統(tǒng)必須要執(zhí)行的安全功能的安全完整性要求。3.5.11安全相關(guān)軟件 safety-related softwaresoftware that is used to implement

32、 safety functions in a safety-related system在安全相關(guān)系統(tǒng)中用于實現(xiàn)安全功能的軟件。3.5.12操作模式 mode of operationWay in which a safety-related system is intended to be used, with respect to the frequency of demands made upon it, which may be either-low demand mode: where the frequency of demands for operation made on a

33、safety-related system isno greater than one per year and no greater than twice the proof-test frequency-high demand or continuous mode: where the frequency of demands for operation made on asafety-related system is greater than o ne per year or greater than twice the proof -check frequency 低要求模式：在這種

34、模式下，對一個安全相關(guān)系統(tǒng)提出操作要求的頻率不大于每年一次和不大于二倍的 檢驗測試頻率。高要求或連續(xù)模式：在這種模式下，對一個安全相關(guān)系統(tǒng)提出操作要求的頻率大于每年一次或大于二倍 的檢驗測試頻率。3.5.13目標失效量 target failure measureIntended probability of dangerous mode failures to be achieved in respect of the safety integrity requirements, specified in terms of either-the average probability of

35、failure to perform the design function on demand (for a low demand mode of operation)-the probability of a dangerous failure per hour (for a high demand or continuous mode of operation) 相對于安全完整性要求要達到預(yù)計的危險模式失效概率，規(guī)定為下列兩種之一： 按要求執(zhí)行設(shè)計功能的平均失效概率(對于低要求操作模式)； 每小時危險失效的概率(對于高要求或連續(xù)操作模式)；3.5.14必要的風險降低 necessary

36、risk reductionrisk reduction to be achieved by the E/E/PE safety -related systems, other technology safety -related systems and external risk reduction facilities in order to ensure that the tolerable risk is not exceeded為保證不超過允許風險，由E/E/PE安全相關(guān)系統(tǒng)、其它技術(shù)安全相關(guān)系統(tǒng)和外部風險降低設(shè)施達到的風險降 低。3.6 故障、失效和錯誤3.6.1故障 fault

37、使功能單元執(zhí)行要求之功能的能力降低或失去其能力的異常狀況。 abnormal condition that may cause a reduction in, or loss of, the capab ility of a functional unit to perform a required function3.6.2故障避免 fault avoidanceusing techniques and procedures which aim to avoid the introduction of faults during any phase ofthe safety lifecycl

38、e of the safety-related system 在安全相關(guān)系統(tǒng)安全生命周期的任何階段中為避免發(fā)生故障而使用的技術(shù)和規(guī)程。3.6.3故障裕度 fault tolerancethe ability of a functional unit to continue to perform a required function in the presence of faults or errors在出現(xiàn)故障或錯誤的情況下，功能單元繼續(xù)執(zhí)行一個要求功能的能力。3.6.4失效 failurethe termination of the ability of a functional unit

39、 to perform a required function 功能單元執(zhí)行一個要求功能之能力的終止。3.6.5隨機硬件失效 random hardware failurefailure, occurring at a random time, which results from one or more of the possible degradation mechanisms in the hardware在硬件中，由一種或幾種機能退化可能產(chǎn)生的，按隨機時間出現(xiàn)的失效。 系統(tǒng)失效 Systematic failurefailure related in a deterministic w

40、ay to a certain cause, which can only be eliminated by a modification of the design or of the manufacturing process, operational procedures, documentation or other relevant factors 原因確定的失效，只有對設(shè)計或制造過程、操作規(guī)程、文檔或其它相關(guān)因素進行修改后，才有可能排除這種 失效。3.6.7危險失效 dangerous failurefailure which has the potential to put th

41、e safety -related system in a hazardous or fail-to-function state使安全相關(guān)系統(tǒng)處于潛在的危險或喪失功能狀態(tài)的失效。3.6.8安全失效 safe failurefailure which does not have the potential t o put the safety-related system in a hazardous or fail-to-function state不可能使安全相關(guān)系統(tǒng)處于潛在的危險或喪失功能狀態(tài)的失效。3.6.9相關(guān)失效 dependent failurefailure whose pro

42、bability cannot be expressed as the simple product of the unconditional probabilities of the individual even ts which caused it 其概率不能表示為引起它的獨立事件的無條件概率的簡單乘積的失效。3.6.10共同原因失效 common cause failurefailure, which is the result of one or more events, causing coincident failures of two or moreseparate chann

43、els in a multiple channel system, leading to system failure 一種失效，它是一個或多個事件導(dǎo)致的結(jié)果，在多通道系統(tǒng)中引起兩個或多個分離通道同時失效，從而導(dǎo)致 系統(tǒng)失效。3.6.11錯誤 errordiscrepancy between a computed, observed or measured value or condition and the true, specifiedor theoretically correct value or condition 計算、觀測和測量到的值或條件與真值、規(guī)定的或理論上的正確值或條件的差

44、異。3.6.12人為錯誤 human error失誤 mis takehuman action or inaction that produces an unintended result 引發(fā)非期望結(jié)果的人的動作或不動作3.7 生命周期活動3.7.1安全生命周期 safety lifecyclenecessary activities involved in the implementation of safety-related systems, occurring duringa period of time that starts at the concept phase of a p

45、roject and finishes when all of the E/E/PE safety-related systems, other technology safety-related systems and external risk reduction facilities are no longer available for use安全相關(guān)系統(tǒng)實現(xiàn)過程中所必需的生命活動，這些活動發(fā)生在從一項工程的概念階段開始，直至所有的E/E/PE 安全相關(guān)系統(tǒng)，其它技術(shù)安全相關(guān)系統(tǒng)，以及外部風險降低設(shè)施停止使用為止的一段時間內(nèi)。3.7.2軟件生命周期 software lifecycle

46、activities occurring during a period of time that starts when software is conceived and ends whenthe software is permanently disused 從軟件開始構(gòu)思到軟件永久停用期間的活動。3.7.3配置管理 configuration managementdiscipline of identifying the components of an evolving system for the purposes of controllingchanges to those co

47、mponents and maintaining continuity and traceability throughout the lifecycle 為了控制系統(tǒng)部件的改變和在生命周期全過程中保持連續(xù)性和可追溯性，標記一個進化中的系統(tǒng)部件的規(guī)則3.7.4影響分析 impact analysisactivity of determining the effect that a change to a function or component in a system will haveto other functions or components in that system as we

48、ll as to other systems 確定一個系統(tǒng)中的一個功能或部件的改變將對該系統(tǒng)中其它功能或部件以及其它系統(tǒng)產(chǎn)生影響的活動。安全量的證實3.8.1驗證 verificationconfirmation by examination and provision of objective evidence that the requirements have been fulfilled通過檢查和提供客觀證據(jù)證實規(guī)定要求已經(jīng)滿足。3.8.2確認 validationconfirmation by examination and provision of objective eviden

49、ce that the partic ular requirements for a specific intended use are fulfilled 通過檢查和提供客觀證據(jù)來證明某一特定預(yù)期用途的特殊要求已經(jīng)滿足。 功能安全評估 functional safety assessment investigation, based on evidence, to judge the functional safety achieved by one or more E/E/PE safety-related systems, other technology safety-related

50、systems or external risk reduction facilities通過調(diào)查，依據(jù)證據(jù)來判斷一個或多個E/E/PE安全相關(guān)系統(tǒng)、其它技術(shù)安全相關(guān)系統(tǒng)或外部風險降低設(shè)施達 到的功能安全。3.8.4功能安全審核 functional safety auditsystematic and independent examination to determine whether the procedures specific to the functional safety requirements comply with the planned arrangements, ar

51、e implemented effectively and are suitable to achieve the specified objectives 對于按計劃安排的功能安全要求專用的規(guī)范是否有效地執(zhí)行并滿意地達到規(guī)定目的進行系統(tǒng)地、獨立的檢查。 檢驗測試 proof testperiodic test performed to detect failures in a safety-related system so that, if necessary, thesystem can be restored to an “ as new” condition or as close

52、as practical to this condition 用以檢測安全相關(guān)系統(tǒng)失效的周期性測試，在必要時可把系統(tǒng)復(fù)原到正常狀態(tài)或?qū)嶋H上接近正常的狀態(tài)。3.8.6診斷覆蓋率 diagnostic coveragefractional decrease in the probability of dangerous hardware failure resulting from the operationof the automatic diagnostic tests 進行自動診斷測試而導(dǎo)致的硬件危險失效概率的降低部分。3.8.7診斷測試間隔 diagnostic test interval

53、interval between on-line tests to detect faults in a safety -related system that have a specified diagnostic coverage 在一個已經(jīng)規(guī)定了診斷覆蓋的安全相關(guān)系統(tǒng)中，為檢測故障而進行的在線測試的間隔。3.8.8檢測到的 detectedDetectedrevealed overtin relation to hardware, detected by the diagnostic tests, proof tests, operator intervention (forexampl

54、e physical inspection and manual tests), or through normal operation 揭露出的 明顯的 與硬件相關(guān)，用診斷測試、檢驗測試、操作員干預(yù)(如設(shè)備檢測和人工測試)或通過正常操作所發(fā)現(xiàn)的。3.8.9未檢測到的 undetected未揭露的 unrevealed不明顯的 covertin relation to hardware, undetected by the diagnostic tests, proof tests, operator intervention(for example physical inspection a

55、nd manual tests), or through normal operation 與硬件有關(guān)，用診斷測試、檢驗測試、操作員干預(yù)(如設(shè)備檢測和人工測試)或通過正常操作未發(fā)現(xiàn)的。3.8.10無關(guān)人員 independent personPerson who is separate and distinct from the activities which take place during the specific phaseof the overall, E/E/PES or software safety lifecycle that is subject to the funct

56、ional safetyassessment or validation, and does not have responsibility for those activities與整體的、E/E/PES的或軟件的安全生命周期特定階段中的活動無關(guān)，并且不對其直接負責，但又從事功能 安全評估或確認的人。3.8.11無關(guān)部門 independent departmentDepartment which is separate and distinct from the department responsible for the activities whichtake place during

57、 the specific phase of the overall, E/E/PES or software safety lifecycle that is subject to the functional safety assessment or validat ion與整體的、 E/E/PES 的或軟件的安全生命周期特定階段中的活動無關(guān)，并且不對其直接負責，但又從事功能 安全評估或確認的部門。 無關(guān)組織 independent organizationOrganization which is separate and distinct, by management and othe

58、r resources, from the organizations responsible for the activities which take place during the specific phase of the overall, E/E/PES or software safety lifecycle that is subject to the functional safety assessment or vaildation與整體的、E/E/PES的或軟件的安全生命周期特定階段中的活動無關(guān)，并且不對其直接負責，但又從事功能 安全評估或確認的組織。3.8.13動畫 a

59、nimationSimulated operation of the software system (or of some significant portion of the system) to display significant aspects of the behaviour of the system, for instance applied to a requirements specification in an appropriate format or an appropriate high -level representation of the system de

60、sign 軟件系統(tǒng)(或系統(tǒng)的某一重要部分)的動畫，以顯示系統(tǒng)行為的主要面貌，例如適用于適當格式的要求規(guī)范 或系統(tǒng)設(shè)計的高級表述。3.8.14動態(tài)測試 dynamic testingExecuting software and/or operating hardware in a controlled and systematic way, so as to demonstrate the presence of the required behaviour and the absence of unwanted behaviour 用系統(tǒng)的和受控的方式執(zhí)行軟件和(或)操作硬件以證明所要求的行為