Product category:
Machine Safety Monitoring and Control
News Release from: Pilz Automation Technology | Subject: Safety standards training
Edited by the Engineeringtalk Editorial
Team on 18 June 2007
Learning to live with EN ISO13849-1
Kevin Ives discusses machinery safety standards in the light of EN ISO13849-1 being harmonised to the Machinery Directive from 8th May 2007.
Following the ISO13849-1 debacle and now the announcement in the Official Journal of its harmonisation to the Machinery Directive on 8th May 2007, machinery safety standards are under the spotlight once again ISO13849-1 (Safety of machinery, Safety-related parts of control systems, Part 1: General principles for design) has been very unpopular in some quarters, especially here in the UK, and there are several reasons for this
This article was originally published on Engineeringtalk on 4 Aug 2008 at 8.00am (UK)
Related stories
Safety systems are put to the test
Pilz has developed a structured method for inspecting the safety-critical elements of plant and machinery to enable the suitability of the safety measures to be validated.
Courses cover safety standards and products
Having sold out many of its training courses during the first half of the year, Pilz Automation Technology has now published its course timetable for July to December 2008.
Nevertheless, now it is harmonised to the Machinery Directive as EN ISO13849-1, this standard will replace EN954-1 (Safety of machinery, Safety-related parts of control systems, with Part 1: General principles for design), which is a standard that machine builders are familiar with and, on the whole, understand and conform to.
The trouble is, EN954-1 is a relatively simple standard, with an easy-to-follow (often criticised as being too easy) risk graph that helps people establish a safety category for their machine.
Safety categories are worked out on a qualitative basis, so the process is also quick.
The new EN ISO13849-1 follows a similar process to define a performance level, but the user then has to perform a number of calculations involving diagnostic coverage, mean time to dangerous failure, architecture and common-cause failures to validate that the performance level has been achieved.
In comparison with an EN954-1 assessment, this is complicated and time-consuming.
Further reading
Monitoring relays allow easy setup
Menu-driven parameter setting is easy, quick and error-proof thanks to the plain text display and a turn-and-click encoder.
Configurator upgrade provides new control options
Status is indicated via LEDs on the front of the analogue input module and, if installed, via the PVIS intelligent diagnostics system and a suitable Pilz display.
Safety consultancy handles varied needs
Pilz' competence management system means that it always knows exactly which of its engineers and consultants have the necessary skills.
So the worry is that people will simply carry on doing what they have done for the last 15 years.
For those people that find themselves using both EN ISO13849-1 and EN62061, it is also frustrating - and possibly confusing - that different terminology is used: EN ISO13849-1 Performance Level b is roughly equivalent to a "low" EN62061 SIL 1; Performance Level c is a "high" SIL 1; Performance Level d is SIL 2; and Performance Level e is SIL3.
Having said that, the standard does have its good points, though I am not the only person that believes the new standard was "eased" through the approvals process.
In May 2006 the reports from the committee suggested that it was going to be abandoned, as EN62061 had been harmonised and is broadly similar to EN ISO13849-1.
However, EN62061 only applies to electrical control systems, and so some committee members felt that, because EN62061 could not replace EN954-1, EN ISO13849-1 had to be approved, as it also covers pneumatic, hydraulic and mechanical safety systems.
With what seemed like undue haste (in comparison with international standards committee history) the new standard was approved and, at the final vote, many countries abstained.
Nevertheless, it was approved despite strong objections and the UK, the USA and Japan voting against it.
One of the things in the standard's favour is the quantitative approach, which is undoubtedly more appropriate for complex machinery, and the standard also enables the proposed safety-related control system to be validated.
With EN954-1 it was a case of designing the system and relying on the design being right, but EN ISO13849-1 forces you to validate that the control system really does do what is required of it.
EN ISO13849-1 was harmonised on 8th May 2007, but it should be noted that there is a transition period until 30th November 2009 during which machine builders can choose whether to work to EN954-1 or EN ISO13849-1.
For a simple machine - typically one on which the safety-related control system uses nothing more sophisticated than safety relays - I would usually recommend using EN954-1, and I am confident that the HSE would be comfortable with that.
However, for more complex machinery, or anything using a programmable safety controller of any sort, I would recommend EN 62061.
Complex nonelectrical safety-related control systems should be designed to EN ISO13849-1.
In addition, pay attention to the Type C standards that relate to specific categories of machinery; surprisingly, people are often not aware that these standards exist.
This is a pity, because the standards are very useful inasmuch as they tell you what the risks are and indicate the minimum safety category (as per EN954-1) that should be used.
However, as time goes on, these standards - which are generally "three-letter" EN standards (such as EN 692 for mechanical presses) - are being rewritten and produced as international ISO standards with a five- or six-figure number.
These will contain references to EN ISO13849-1 and IEC62061, rather than the old EN954-1.
If people want to find out more about EN ISO13849-1 and EN62061, there are already some technical articles on the Pilz website about these, plus Pilz runs a one-day training course that explains these two standards, when to use each one, and how to perform the calculations.
Pilz consultants can, of course, also give one-to-one advice about specific projects.
The author is a Safety Consultant with Pilz Automation Technology.
• Pilz Automation Technology: contact details and other news
• Email this article to a colleague
• Register for the free Engineeringtalk email newsletter
• Engineeringtalk Home Page
Search the Pro-Talk network of sites
