Functional Safety Technology – short and to the point
Functional safety in motion control: Standards, processes, and terminology: maxon supports customers in defining appropriate measures for functional safety in their specific application, in compliance with the relevant standards.
Basic terminology and defi- nition of functional safety in machinery – DIN EN IEC 61508 – EN ISO 13849
Safety-relevant drives – DIN EN 61800-5-2 Safety-relevant control systems
Application-specific safety requirements of the customer application – E.g., ISO 3691-4
– EN ISO 13849 – EN 62061-1/2
Risk assessment and the determination of the Safety Integrity Level or Performance Level are two processes that aid in defining appropriate functional safety architectures. The required safety level depends on the risk and therefore on the application.
Risk assessment process (EN ISO 13849-1) EN ISO 13849-1 focuses on the safety-related parts of con- trollers (SRP/CS) for machinery. The risk assessment process determines the required performance level (PLr) for each safety function. It is based on the severity of the potential harm and the probability of its occurrence. The steps are: Identification of hazards and safety functions. Evaluation of the risk parameters for each hazard. Determination of the required performance level (PLr). Design and verification of the safety-related control system.
PL r
Risk estimation To calculate the Performance Level required ( PL r ) S Severity of injury S1 Slight (normally reversible injury) S2 Serious (normally irreversible injury or death) F Frequency and/or exposure to hazard F1 Seldom to less often and/or exposure is short F2 Frequent to continuous and/or exposure time is long P Possibility of avoiding hazard of limiting harm P1 Possible under specific conditions P2 Scarcely possible
Low risk
a
P 1 P 2 P 1 P 2 P 1 P 2 P 1 P 2
F 1
b
F 2
S 1
c
S 2
F 1
d
F 2
e
High risk
Safety Integrity Level (SIL) vs. Performance Level (PL)
10 -4 10 -5 3*10 -6 10 -6
PL r PL r PL r PL r
a b c d
Not more than 1 dangerous failure of safety function in 10 years
SIL 1
While the standards IEC 61508 and IEC 62061 use the term Safety Integrity Level to classify the required safety level, ISO 13849 uses the term Performance Level. Although the standards do not use the same terminology, their implications can be mapped and compared as shown in the following table.
Not more than 1 dangerous failure of safety function in 100 years
SIL 2
10 -7 10 -8
PL r
e
SIL 3
Not more than 1 dangerous failure of safety function in 100 years
PFH D = Probability of a dangerous failure per hour
PFH D = decreases
Explanation of terms Basic Functional Safety:
Advanced Functional Safety: Includes a range of more complex func- tions for functionally safe motion control (Safe Motion) that provide sensor-based dynamic protection.
Examples include: – SLS – Safe Limited Speed – SS1/SS2 – Safe Stop 1/Safe Stop 2 – SOS – Safe Operating Stop – SDI – Safe Direction – SMS – Safe Maximum Speed – SSM – Safe Speed Monitor – SLP – Safe Limited Position – SLT – Safe Limited Torque – SBT – Safe Brake Test
Includes basic safety functions such as STO (Safe Torque Off) and SBC (Safe Brake Control) for the safe shutdown of drives.
Safe Operating Stop (SOS)
Safe Limited Speed (SLS)
Safe Torque Off (STO)
88 maxon