Function Manual
190 01/2017
Systems for executing safety-related control
functions
"X" indicates that the point is covered by this standard.
Comment 1:
Designated architectures are described in Annex B of EN ISO 13849-1 and provide a simplified basis for the quantification.
Comment 2:
For complex electronics: Using designated architectures in compliance with EN ISO 13849-1 up to PL = d or every archi-
tecture in compliance with EN 62061.
Comment 3:
For non-electrical systems: Use components that comply with EN ISO 13849-1 as sub-systems.
DIN EN ISO 13849-1 (replaces EN 954-1)
A qualitative analysis according to DIN EN 13849-1 is not sufficient for modern control systems due to their technology.
Among other things, DIN EN ISO 13849-1 does not take into account time behavior (e.g. test interval and/or cyclic test,
lifetime). This results in the probabilistic approach in DIN EN ISO 13849-1 (probability of failure per unit time).
DIN EN ISO 13849-1 is based on the known categories of EN 954-1. It now also takes into account complete safety
functions and all the devices required to execute these. With DIN EN ISO 13849-1, safety functions are investigated from a
quantitative perspective going beyond the qualitative basis of EN 954-1. Performance levels (PL), which are based on the
categories, are used. The following safety-related characteristic quantities are required for devices/equipment:
● Category (structural requirement)
● PL: Performance level
● MTTF
d
: Mean time to dangerous failure
● DC: Diagnostic coverage
● CCF: Common cause failure
The standard describes how the performance level (PL) is calculated for safety-related components of the controller on the
basis of designated architectures. In the event of any deviations from this, EN ISO 13849-1 refers to EN 61508.
When combining several safety-related parts to form a complete system, the standard explains how to determine the
resulting PL.
Note
DIN EN ISO 13849-1 and machinery directive
Since May 2007, DIN EN ISO 13849
-1 has been harmonized as part of the Machinery Directive.
EN 62061 (identical to IEC 62061) is a sector-specific standard subordinate to IEC/EN 61508. It describes the
implementation of safety-related electrical machine control systems and looks at the complete life cycle, from the conceptual
phase to decommissioning. The standard is based on the quantitative and qualitative analyses of safety functions, whereby
it systematically applies a top-down approach to implementing complex control systems (known as "functional
decomposition"). The safety functions derived from the risk analysis are sub-divided into sub-safety functions, which are then
assigned to real devices, sub-systems, and sub-system elements. Both the hardware and software are covered. EN 62061
also describes the requirements placed on implementing application programs.
A safety-related control system comprises different sub-systems. From a safety perspective, the sub-systems are described
in terms of the SIL claim limit and PFHD characteristic quantities.
Programmable electronic devices (e.g. PLCs or variable-speed drives) must fulfill EN 61508. They can then be integrated in
the controller as sub-systems. The following safety-related characteristic quantities must be specified by the manufacturers
of these devices.
Safety-related characteristic quantities for subsystems:
● SIL CL: SIL claim limit
● PFHD: Probability of dangerous failures per hour
● T1: Lifetime
To Next Page
Loading...
Need help?
General
