The invention relates to a safety-related control device that is designed to provide a safety function for the generation and/or processing of a signal for a safety-related control, in particular for the adoption of a safe state of an actuator, in particular a processor valve and/or control element.
Such a safety-related control device should ensure for example that an actuator, for example a valve, can be moved to a safe state in an emergency. A safe state can for example be a closed position or open position of a valve member of the valve. The safety function that is to ensure the safety-related control must satisfy certain safety requirements, such as a very low probability of malfunction. If the safety function is implemented as a software function or with the aid of software, then it must be ensured that this software function or software is executed deterministically and can provide the desired result, for example the safety-related control, within a specified time period. The safety function can for example be designed as a real-time system. The safety requirements to be met are defined for example in Norm DIN EN 61508.
It is desirable to provide the safety-related control device with further functions. In particular it is desirable to provide the safety-related control device with functions for the generation, processing, diagnostics, reproduction and/or output of further signals connected with the operation of the control device and/or of the actuator. In particular, functions for the diagnostics, transmission and/or reproduction of data preferably required in connection with the safety function are conceivable. For example this may involve a function for controlling a display or a function for communication via a fieldbus. Furthermore it is also conceivable to integrate in the safety-related control device functions that are not directly connected with the safety function but instead for example relate to the normal operation of the actuator to be controlled. In the context of such a function integration it is conceivable for example to provide all control functions for the actuator as well as the aforementioned safety functions in a single safety-related control device. Such a safety-related control device can for example be designed as a positioner and/or control head.
The aforementioned further functions which are to be additionally provided by the safety-related control device are hereinafter also referred to as operating and/or additional functions. They can for example differ from the safety functions in that they are not safety-related and therefore have to satisfy less strict safety requirements than the safety functions. Preferably no safety requirements are placed on the associated software and electronics. The operating and/or additional functions can include in particular non-deterministic and/or non-real-time capable software functions.
There are ways of implementing the safety function jointly with operating and/or additional functions on a processing device, such as for example a microcontroller. With such a procedure the operating and/or additional functions often have to be implemented with the same high safety requirements as the safety function.