Complying with New
Functional Safety Standards

© 2012 Eaton Corporation. All rights reserved.

2
Before We Start
This webinar will be available afterwards at
designworldonline.com & email
Q&A at the end of the present...
Moderator

Presenter

Natasha Townsend

Jacob Feutz

Design World

Eaton

© 2012 Eaton Corporation. All rights reserved.

...
Functional Safety Webinar

June 14, 2012

© 2012 Eaton Corporation. All rights reserved.
Questions to answer
• What is Functional Safety?
• What is happening in the Functional Safety market?
• What standard shou...
What is functional safety?
The complete explanation:
The EU Machinery Directive 2006/42/EC stipulates that
a machine shoul...
Functional safety is not:
• Arc flash

• Grounding
• Fire suppressions systems

• Short circuit protection
• Surge protect...
What is happening in the functional safety
market in North America?
• Engineered based drivers:
• The desire to have stand...
The Eaton Safety Manual

eaton.com/FS

© 2012 Eaton Corporation. All rights reserved.

10
What standard should I use for my
machine?

© 2012 Eaton Corporation. All rights reserved.

11
What standard should I use for my
machine?
• Different “types” of standards:

© 2012 Eaton Corporation. All rights reserve...
What standard should I use for my
machine?

© 2012 Eaton Corporation. All rights reserved.

13
What standard should I use for my
machine?

© 2012 Eaton Corporation. All rights reserved.

14
What standard should I use for my
machine?
IEC 62061

ISO 13849-1

• Applies only to electrical,
electronic and programmab...
What do I have to consider when applying that
standard? – ISO 13489-1
• Which necessary safety functions are
performed by ...
How do I determine what level of safety to
design to? – ISO 13849-1
Risk estimation: PLr

© 2012 Eaton Corporation. All ri...
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
SISTEMA software

http://www.dguv.de/ifa/de/pra/softwa/sistema
© 2012 Eaton Corporation. All rights reserved.

19
SISTEMA software

© 2012 Eaton Corporation. All rights reserved.

20
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
Control architecture - category

© 2012 Eaton Corporation. All rights reserved.

22
Control architecture – Cat. B
The safety-related parts of the control system shall, as a minimum,
be designed in accordanc...
Control architecture – Cat. 1
The safety-related parts of the control system must be designed and
constructed using well-t...
Control architecture – Cat. 2
The safety functions of the safety-related parts of a control system
must be checked at suit...
Control architecture – Cat. 3
A single fault in a safety-related part of the control system does not
lead to the loss of t...
Control architecture – Cat. 4
A single fault in a safety-related part of the control system does not
lead to the loss of t...
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
Calculating MTTFd - Manually

© 2012 Eaton Corporation. All rights reserved.

29
Calculating MTTFd – using SISTEMA

© 2012 Eaton Corporation. All rights reserved.

30
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
Calculating DC - Manually

© 2012 Eaton Corporation. All rights reserved.

32
Calculating DC – using SISTEMA

© 2012 Eaton Corporation. All rights reserved.

33
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
Calculating CCF - Manually

© 2012 Eaton Corporation. All rights reserved.

35
Calculating CCF – using SISTEMA

© 2012 Eaton Corporation. All rights reserved.

36
What values go into a calculation?– ISO 13849-1
• Control architecture (category)

• MTTFd – mean time to dangerous failur...
Relating values to an achieved PL

© 2012 Eaton Corporation. All rights reserved.

38
Achieved PL in SISTEMA

© 2012 Eaton Corporation. All rights reserved.

39
What values go into a calculation?– IEC 62061
• Risk assessment
• Control architecture
• Safety characteristics of the sub...
Application example - products
• Application: Dual channel
emergency stop with
redundant series contactors

Input

• Monit...
Application example – control diagram

© 2012 Eaton Corporation. All rights reserved.

42
Application example – power diagram

© 2012 Eaton Corporation. All rights reserved.

43
Application example – calculated values

© 2012 Eaton Corporation. All rights reserved.

44
Application example - products
• Application: Single channel
position switch
• Monitored Manual Restart

Input

• Controll...
Application example – control diagram

© 2012 Eaton Corporation. All rights reserved.

46
Application example – power diagram

© 2012 Eaton Corporation. All rights reserved.

47
Application example – calculated values

© 2012 Eaton Corporation. All rights reserved.

48
Thank You

© 2012 Eaton Corporation. All rights reserved.

49
© 2012 Eaton Corporation. All rights reserved.

50
Questions?

Design World

Eaton

Natasha Townsend

Jacob Feutz

ntownsend@wtwhmedia.com

JacobBFeutz@eaton.com

Phone: 440...
Thank You
 This webinar will be available at
designworldonline.com & email
 Tweet with hashtag #DWwebinar

 Connect wit...
© 2012 Eaton Corporation. All rights reserved.

53
Upcoming SlideShare
Loading in...5
×

Complying with New Functional Safety Standards

218

Published on

Better understand functional safety and how it applies to the equipment you build and use. As EN ISO 13849-1 (EN 954) and IEC 62061 become more prevalent in North American design and industry segments request Safety Integrity Level (SIL), Control Category and Protection Level (PL) ratings, our approach to machine safety stands to change.
This webinar provides practical advice for adopting these new standards by providing an overview of:
- Market trends
- Applicable standards
- Considerations for applying relevant standards
- Determining your level of machine safety design
Hosted by Design World, this educational webcast helps original equipment manufacturers and end users better understand functional safety and how it applies to the equipment you build.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
218
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Complying with New Functional Safety Standards

  1. 1. Complying with New Functional Safety Standards © 2012 Eaton Corporation. All rights reserved. 2
  2. 2. Before We Start This webinar will be available afterwards at designworldonline.com & email Q&A at the end of the presentation Hashtag for this webinar: #DWwebinar © 2012 Eaton Corporation. All rights reserved. 3
  3. 3. Moderator Presenter Natasha Townsend Jacob Feutz Design World Eaton © 2012 Eaton Corporation. All rights reserved. 4
  4. 4. Functional Safety Webinar June 14, 2012 © 2012 Eaton Corporation. All rights reserved.
  5. 5. Questions to answer • What is Functional Safety? • What is happening in the Functional Safety market? • What standard should I use for my machine? • What do I have to consider when applying that standard? • How do I determine what level of safety to design to? • What values go into a calculation? Can you walk me through one? • Others? © 2012 Eaton Corporation. All rights reserved. 6
  6. 6. What is functional safety? The complete explanation: The EU Machinery Directive 2006/42/EC stipulates that a machine should not pose any danger. However, as there is no 100% safety in engineering, the aim is to reduce these dangers to a tolerable level of residual risk by means of risk reduction measures. The overall safety of a machine defines the state in which it can be considered as being free of unwarranted risks to persons or as free of danger. The functional safety is part of the overall safety of a system which depends on the correct functioning of the safety-related systems and external risk reduction facilities. © 2012 Eaton Corporation. All rights reserved. 7
  7. 7. Functional safety is not: • Arc flash • Grounding • Fire suppressions systems • Short circuit protection • Surge protection • Motor protection • Others • www.eaton.com/ElectricalSafety © 2012 Eaton Corporation. All rights reserved. 8
  8. 8. What is happening in the functional safety market in North America? • Engineered based drivers: • The desire to have standards based methods and testing that a machine can be certified to • Customer based drivers: • Selling machines to European customers – where it is required for CE mark • Selling machines to NA customers who are now requiring safety assessments • Corporate based drivers: • NA companies that are owned or are now managed by European parent companies • Limit liability by designing to accepted standards © 2012 Eaton Corporation. All rights reserved. 9
  9. 9. The Eaton Safety Manual eaton.com/FS © 2012 Eaton Corporation. All rights reserved. 10
  10. 10. What standard should I use for my machine? © 2012 Eaton Corporation. All rights reserved. 11
  11. 11. What standard should I use for my machine? • Different “types” of standards: © 2012 Eaton Corporation. All rights reserved. 12
  12. 12. What standard should I use for my machine? © 2012 Eaton Corporation. All rights reserved. 13
  13. 13. What standard should I use for my machine? © 2012 Eaton Corporation. All rights reserved. 14
  14. 14. What standard should I use for my machine? IEC 62061 ISO 13849-1 • Applies only to electrical, electronic and programmable electronic systems • Can be used without limitation for hydraulic, pneumatic and electromechanical systems • Limited use for programmable electronic systems • For mixed systems use ISO 13849 • Any architecture can be used • Suitable as evidence of safety of devices and the overall safety functionality through calculation Specific architecture Up to PL d only • Calculation concept based on defined architectures • Suitable as evidence of safety of devices and the overall safety functionality using tables © 2012 Eaton Corporation. All rights reserved. 15
  15. 15. What do I have to consider when applying that standard? – ISO 13489-1 • Which necessary safety functions are performed by the safety-related parts of the controls system (SRP/CS)? • Which properties are required for the safety function? • Which performance level is required? • Which safety-related parts perform the safety function? • Which performance level (PL) was achieved for the SRP/CS? • Was the PL for the safety functions achieved? © 2012 Eaton Corporation. All rights reserved. 16
  16. 16. How do I determine what level of safety to design to? – ISO 13849-1 Risk estimation: PLr © 2012 Eaton Corporation. All rights reserved. 17
  17. 17. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 18
  18. 18. SISTEMA software http://www.dguv.de/ifa/de/pra/softwa/sistema © 2012 Eaton Corporation. All rights reserved. 19
  19. 19. SISTEMA software © 2012 Eaton Corporation. All rights reserved. 20
  20. 20. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 21
  21. 21. Control architecture - category © 2012 Eaton Corporation. All rights reserved. 22
  22. 22. Control architecture – Cat. B The safety-related parts of the control system shall, as a minimum, be designed in accordance with the current state of the art. They shall withstand the influences which are to be expected. © 2012 Eaton Corporation. All rights reserved. 23
  23. 23. Control architecture – Cat. 1 The safety-related parts of the control system must be designed and constructed using well-tried components and well-tried safety principles. A well-tried safety principle is, for example, the use of position switches with positively opening contacts. Normally, the category cannot be implemented with electronic components. © 2012 Eaton Corporation. All rights reserved. 24
  24. 24. Control architecture – Cat. 2 The safety functions of the safety-related parts of a control system must be checked at suitable intervals. The check can be performed automatically or manually and at least with each startup and before a hazardous situation occurs. The check can also be carried out periodically during operation as determined by the risk analysis. A hazardous situation may occur on the machine between the checks. © 2012 Eaton Corporation. All rights reserved. 25
  25. 25. Control architecture – Cat. 3 A single fault in a safety-related part of the control system does not lead to the loss of the safety function. An accumulation of undetected faults may cause a hazardous situation on the machine, since not all faults must be detected. An example of this is the use of a redundant circuit without self monitoring. © 2012 Eaton Corporation. All rights reserved. 26
  26. 26. Control architecture – Cat. 4 A single fault in a safety-related part of the control system does not lead to the loss of the safety function. This fault must be detected immediately or before the next potential danger, e.g. when closing the door before a restart of the machine. If this is not possible, the accumulation of faults must not lead to the loss of the safety function. © 2012 Eaton Corporation. All rights reserved. 27
  27. 27. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 28
  28. 28. Calculating MTTFd - Manually © 2012 Eaton Corporation. All rights reserved. 29
  29. 29. Calculating MTTFd – using SISTEMA © 2012 Eaton Corporation. All rights reserved. 30
  30. 30. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 31
  31. 31. Calculating DC - Manually © 2012 Eaton Corporation. All rights reserved. 32
  32. 32. Calculating DC – using SISTEMA © 2012 Eaton Corporation. All rights reserved. 33
  33. 33. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 34
  34. 34. Calculating CCF - Manually © 2012 Eaton Corporation. All rights reserved. 35
  35. 35. Calculating CCF – using SISTEMA © 2012 Eaton Corporation. All rights reserved. 36
  36. 36. What values go into a calculation?– ISO 13849-1 • Control architecture (category) • MTTFd – mean time to dangerous failure • DC – diagnostic coverage • CCF – common cause failure • Relationship between the above © 2012 Eaton Corporation. All rights reserved. 37
  37. 37. Relating values to an achieved PL © 2012 Eaton Corporation. All rights reserved. 38
  38. 38. Achieved PL in SISTEMA © 2012 Eaton Corporation. All rights reserved. 39
  39. 39. What values go into a calculation?– IEC 62061 • Risk assessment • Control architecture • Safety characteristics of the subsystems • • • • • • • • • • λd – Dangerous failure rate DC – Diagnostic coverage β – Common cause failures (CCF) T1 – proof test or life time T2 – Diagnostic test interval PFHd – Probability of dangerous failure SIL – Safety integrity level of the subsystem SFF – Safe failure fraction SIL CL – SIL claim limit SIL – Safety integrity level of the entire system © 2012 Eaton Corporation. All rights reserved. 40
  40. 40. Application example - products • Application: Dual channel emergency stop with redundant series contactors Input • Monitored Manual Restart • Cross Circuit Recognition • Controlling three motors Control • Pushbutton start/stop control • Protection Level Required: e Output © 2012 Eaton Corporation. All rights reserved. 41
  41. 41. Application example – control diagram © 2012 Eaton Corporation. All rights reserved. 42
  42. 42. Application example – power diagram © 2012 Eaton Corporation. All rights reserved. 43
  43. 43. Application example – calculated values © 2012 Eaton Corporation. All rights reserved. 44
  44. 44. Application example - products • Application: Single channel position switch • Monitored Manual Restart Input • Controlling two motors. Pushbutton input to programmable controller. • Protection Level Required: c Control Output © 2012 Eaton Corporation. All rights reserved. 45
  45. 45. Application example – control diagram © 2012 Eaton Corporation. All rights reserved. 46
  46. 46. Application example – power diagram © 2012 Eaton Corporation. All rights reserved. 47
  47. 47. Application example – calculated values © 2012 Eaton Corporation. All rights reserved. 48
  48. 48. Thank You © 2012 Eaton Corporation. All rights reserved. 49
  49. 49. © 2012 Eaton Corporation. All rights reserved. 50
  50. 50. Questions? Design World Eaton Natasha Townsend Jacob Feutz ntownsend@wtwhmedia.com JacobBFeutz@eaton.com Phone: 440.234.4531 Phone: 414.449.7356 Twitter: @DW_Electrical Twitter: @eatoncorp Eaton.com/fs © 2012 Eaton Corporation. All rights reserved. 51
  51. 51. Thank You  This webinar will be available at designworldonline.com & email  Tweet with hashtag #DWwebinar  Connect with  Twitter: @DesignWorld  Facebook: facebook.com/engineeringexchange  LinkedIn: Design World Group  YouTube: youtube.com/designworldvideo  Discuss this on EngineeringExchange.com © 2012 Eaton Corporation. All rights reserved. 52
  52. 52. © 2012 Eaton Corporation. All rights reserved. 53
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×