New safety standard has risk reduction benefits

A Rockwell Automation - Allen-Bradley Guardmaster product story

Edited by the Engineeringtalk editorial team Mar 17, 2005

The familiar EN954-1 "Safety of machinery: safety related parts of control systems", is the latest standard to come under the spotlight.

With the introduction of IEC62061 imminent, control systems engineers could be forgiven for assuming that further developments in safety related standards for machinery would be some way off.

However, the reverse is true.

The familiar EN954-1 "Safety of machinery: safety related parts of control systems", is the latest standard to come under the spotlight.

A draft of a revised version has just been released into ISO.

If this revision is successful, it will replace the existing EN954-1; its new appellation being EN13849 Part 1.

The significance of this latest revision is another development in standards, where principles and factors used for functional safety are being employed, ie the revision to EN13849 will consider reliability, MTTF (mean time to dangerous failure) and measures against systematic failure.

This means that the new draft standard has a similar basis to draft IEC62061, IEC61508 and other functional safety standards.

The appearance of EN13849 Part 1 is just one more indication of changing times in machinery safety.

As industry moves inexorably into an age of higher complexity, both in terms of types of safety functions required, and also the techniques used to implement the functions, the existing safety circuit architectures that depend almost entirely on structure are no longer adequate.

Instead, there is an increasing emphasis on a more inclusive approach that encompasses the requirement to cover all types of failure.

With this approach, all the factors that can affect the integrity of a system need to be covered; this is especially the case with programmable and complex electronics.

What up to now has not be sufficiently realised is that the same conditions apply for so called noncomplex electromechanical devices as programmable devices; the latter being just as prone to random and systematic failures as the former.

Furthermore, many safety related control systems are a mixture of complex and noncomplex technologies.

As a result, industry requires standards that are usable for both types of technologies.

Most engineers concerned with safety are familiar with the EN954 categories, 1,2, 3 and 4, which are used for benchmarking and describing the performance of safety related control systems.

The same engineers will also be aware of SIL safety integrity levels as defined in IEC61508.

But what happens when a safety component to a particular category is used in a safety related system with a SIL?.

The new functional safety standards, in particular the revision to IEC13849-1 and the draft IEC62061, have the answers.

The move to functional safety means that industry, in order to get optimum safety with optimum usability, needs to think beyond mere safety components and operate at a systems level.

The requirement for flexibility in production often brings in the requirement for safe logic solving, typically for applications that require zoning (etc).

Therefore, safety related systems can be regarded as the classic input/logic solver/output model; and this exactly how they are dealt with in the functional safety standards.

At the systems level the interfaces between subsystems becomes critical.

They always have been, of course, but now functional safety standards highlight the point.

In view of this development it may well be advantageous to the OEM machine builder and in-house safety engineer to purchase all of their subsystems from one supplier, thereby reducing the risk of interfacing between different product architectures.