BS EN ISO 13849-1:2006 provides safety requirements and guidance on the principles for the design and integration of safety-related parts of control systems (SRP/CS), including the design of software. For these parts of SRP/CS, it specifies characteristics that include the performance level required for carrying out safety functions. It applies to SRP/CS, regardless of the type of technology and energy used (electrical, hydraulic, pneumatic, mechanical, etc.), for all kinds of machinery.
It applies to SRP/CS, regardless of the type of technology and energy used (electrical, hydraulic, pneumatic, mechanical, etc.), for all kinds of machinery. (It is recommended that EN ISO 13849-1:2006 is used primarily for the design of low complexity SRP/CS).
The performance levels and categories can be applied to safety-related parts of control systems, such as
- Protective devices (e.g. two-hand control devices, interlocking devices), electro-sensitive protective devices (e.g. photoelectric barriers), pressure sensitive devices
- Control units (e.g. a logic unit for control functions, data processing, monitoring, etc.)
- Power control elements (e.g. relays, valves, etc), as well as to control systems carrying out safety functions at all kinds of machinery — from simple (e.g. small kitchen machines, or automatic doors and gates) to manufacturing installations (e.g. packaging machines, printing machines, presses).
Part 1 of this international standard is intended to provide a clear basis upon which the design and performance of any application of the SRP/CS (and the machine) can be assessed, for example, by a third party, in-house or by an independent test house.
It does not specify the safety functions or performance levels that are to be used in a particular case.
Part 1 of BS EN ISO 13849 provides specific requirements for SRP/CS using programmable electronic system(s). It does not give specific requirements for the design of products which are parts of SRP/CS. Nevertheless, the principles given, such as categories or performance levels, can be used.
This part of ISO 13849 is intended to give guidance to those involved in the design and assessment of control systems, and to Technical Committees preparing Type-B2 or Type-C standards which are presumed to comply with The Machinery Directive. It does not give specific guidance for compliance with other EC directives.
As part of the overall risk reduction strategy at a machine, a designer will often choose to achieve some measure of risk reduction through the application of safeguards employing one or more safety functions.
Parts of machinery control systems that are assigned to provide safety functions are called safety-related parts of control systems (SRP/CS) and these can consist of hardware and software and can either be separate from the machine control system or an integral part of it. In addition to providing safety functions, SRP/CS can also provide operational functions (e.g. two-handed controls as a means of process initiation).
In order to assist the designer and help facilitate the assessment of achieved PL, this document employs a methodology based on the categorization of structures according to specific design criteria and specified behaviours under fault conditions.
Download the Introduction pages [pdf 54KB]
Contents include:
- Scope
- Normative references
- Terms, definitions, symbols and abbreviated terms
- Design considerations
- Safety objectives in design
- Strategy for risk reduction
- Contribution to the risk reduction by the control system
- Determination of required performance level (PLr)
- Design of SRP/CS
- Evaluation of the achieved performance level PL and relationship with SIL
- Performance level PL
- Mean time to dangerous failure of each channel (MTTFd)
- Diagnostic coverage (DC)
- Simplified procedure for estimating PL
- Software safety requirements
- Safety-related embedded software (SRESW)
- Safety-related application software (SRASW)
- Software-based parameterization
- Verification that achieved PL meets PLr
- Ergonomic aspects of design
- Safety functions
- Safety-related stop function
- Manual reset function
- Start/restart function
- Local control function
- Muting function
- Response time
- Safety-related parameters
- Fluctuations, loss and restoration of power sources
- Categories and their relation to MTTFd of each channel, DCavg and CCF
- Specifications of categories
- Designated architectures
- Combination of SRP/CS to achieve overall PL
- Fault consideration, fault exclusion
- Validation
- Maintenance
- Technical documentation
- Information for use
- Determination of required performance level (PLr)
- Block method and safety-related block diagram
- Calculating or evaluating MTTFd values for single components
- Simplified method for estimating MTTFd for each channel
- Estimates for diagnostic coverage (DC) for functions and modules
- Estimates for common cause failure (CCF)
- Systematic failure
- Example of combination of several safety-related parts of the control system
- Software
- Relationship between this European Standard and the Essential
- Requirements of EU Directive 98/37/EC, amended by Directive 98/79/EC
- Bibliography