Download document () of 20
Send email
Download
You have exceeded the download limit
This blog post explains what the term functional safety (FuSa) means and why it’s so important for machine and system manufacturers, operators and service and maintenance staff. It also discusses the relevant standards and regulations and how they can help to improve the functional safety of machines and systems.
Get our functional safety manual
Whether it’s electric shocks or injuries resulting from operating errors or unforeseen machine restarts, machines and systems pose a wide range of serious hazards to people, equipment and the environment. This risk is present throughout the entire machine life cycle, from production to disassembly.
For example, the 2020 Statistics on Accidents published by the German Social Accident Insurance (DGUV) list more than 34,800 reportable accidents specifically related to machine operation, 21 of which were fatal.
Although the Machinery Directive (2006/42/EC) stipulates that machines and partly completed machinery must not pose a risk when placed on the market in the European Economic Area, there is no such thing as 100 per cent safety. The aim is therefore to reduce these hazards to an acceptable residual risk. Consequently, potential hazards need to have been identified during the design phase of the machine and suitable measures must be planned in advance. In addition, risk minimisation also includes proper installation and maintenance of machinery.
Get every important blog post or new information Eaton publishes for machine and system builders.
Functional safety is about planning and integrating appropriate electrical or electronic safety devices into the machine to reliably protect it in the event of a hazard and thus contribute to risk reduction. In these circumstances, the machine or system is considered to be functionally safe.
With the appropriate FuSa measures, systematic faults can be avoided, random errors can be detected and appropriate steps can be taken in the event of a fault. In the context of functional safety, however, only hazards related to the functioning of the system are considered, which usually consists of the mechanical components, the machine control system and other automation hardware and software. External hazards such as vandalism or fire do not fall within the scope of functional safety.
Machine manufacturers and operators alike must address the issue of functional safety. By law, manufacturers are responsible for the systems they put into circulation. In this context, FuSa must be considered from the design stage through operation, maintenance and dismantling. All parties involved in the process have a duty to stay abreast of the latest technology and to make every technical effort to ensure that only functionally safe machines are put on the market, and that they are then also operated safely.
Risk assessment is a crucial first step when it comes to functional safety. In this respect, EN ISO 12100 (“Safety of machinery – Basic concepts, general principles for design”) offers detailed guidance for designers. By means of an iterative process, it methodically describes the steps needed to determine the required technical measures for hazard reduction. As part of this process, the protective measures must be taken in a predefined sequence:
In international standards, the safety components of machine controls are referred to as “safety-related parts of control systems” (SRP/CS). They are used in stage 2 for risk reduction. In general, they may comprise both hardware and software, and can be a separate or integral part of the machine control system. In each case, they encompass the entire safety function: input level (sensor), logic (safe processing of signals) and output level (actuator).
International standards EN ISO 13849-1/-2 and IEC 62061 describe the safety-related functions and their implementation in detail. Both standards play a pivotal role in the functional safety of machines. At first glance, they appear to cover the same areas of application. However, they are based on different classification systems and safety level definitions, and their use depends on the technology, risk classification and architecture in question (see table).
For example, EN ISO 13849-1 takes both the qualitative and quantitative aspects of safety functions into account and defines five performance levels (PL a, b, c, d, e) for the different safety-related capabilities, expressed as the average probability of the occurrence of a dangerous failure per hour.
In the context of EN ISO 12100, IEC 62061 acts as an alternative to EN ISO 13849-1. It describes the safety-related performance by means of safety integrity levels in four stages (SIL 1, 2, 3, 4).
Going back to risk assessment: If hazards cannot be sufficiently prevented in stage 1 of EN ISO 12100, the iterative process for designing SRP/CS according to either EN ISO 13849-1 or IEC 62061 must be applied in stage 2.
In this process, functional safety includes the calculation and documentation of the probability of failure of the individual safety functions (such as emergency shutdown, safety gate monitoring or light curtains). To determine the latter, manufacturers of machines and systems need to know the characteristic values of the safety-related products they use. These safety parameters are provided by the SRP/CS manufacturers. The Eaton Safety Manual provides further information on this topic as well as useful circuit and calculation examples. With the aid of a calculation tool (such as the DGUV’s SISTEMA), the safety level can then be determined, either in the form of the performance level in accordance with EN ISO 13849-1 or safety integrity level according to IEC 62061.
Further information on determination of safety parameters and the application of EN ISO 13849 is available from the DGUV.
The German Electrical and Electronic Manufacturers’ Association (ZVEI) offers helpful clarifications on the application of EN ISO 13849-1 and IEC 62061.
In addition, the European Coordinating Committee of Manufacturers of Electrical Switchgear and Controlgear (CAPIEL) has also published a number of brochures on the subject of safety.
Both the Machinery Directive (2006/42/EC) and the Low Voltage Directive (2014/35/EU) specify general safety and occupational health requirements for equipment. Separate technical specifications, the so-called harmonised standards, set out how these requirements can be met in practice. EN 60204-1, to which both of the above-mentioned directives refer, is the harmonising standard for the electrical equipment of machines. EN 60204-1 applies to all electrical, electronic and programmable electronic equipment and systems for machines and networked machine clusters.
In principle, EN 60204-1 covers devices and components with rated operating voltages up to 1,000 V AC or 1,500 V DC and a rated frequency of up to 200 Hz. It can be applied to the entire electrical installation of a machine.
Compromise plays an important role in our lives and is often necessary. But when it comes to the safe handling of machinery and systems, there can be no room for compromise. Functional safety is crucial to protect people, equipment and the environment. International standards offer a practice-based process for risk assessment and minimisation, give detailed descriptions of safety-related functions and the corresponding implementation options, and provide strategies for calculating safety-related performance in accordance with the technology and application at hand. With the right safety-related parts of control systems (SRP/CS), the risks associated with the operation of machinery can be minimised, thereby making it functionally safe.
Contact our team or sign up to ask questions and stay up-to-date on news, product updates and industry trends.
Sign up for our newsletter for machine and panel builders. Stay connected for information about changing regulations and new technologies and services to facilitate your day-to-day working and help you grow your business faster.
