Machine Safety is the primary concern when a machine is partially or fully automated. The demand for safety especially counts for mobile machines because people are directly working on and with these machines. One example is the crane and lifter market. It becomes more and more crucial to correspond to strict rules with any machine, as human lives may be in danger if a machine fails.
In Europe, EN ISO 13849-1 is the corresponding norm for machine safety, precisely describing the requirements for the design and integration of safety-related parts of control systems using programmable electronic systems. So it is a measure of the reliability of safety-related functions.
The norm was released in 2007, when it replaced norm EN 954-1 and the latest review of EN ISO 13849-1 was in 2015.
It refers to the system architecture and analyses the reliability of hardware as well as software routines of the system. It applies to safety-related parts of control systems for machines, no matter what technology and energy are used (electrical, hydraulic, pneumatic, mechanical, etc.).
According to this standard, different PL (Performance Levels) represent the functional safety category. There are two different types of performance levels:
The performance level required (PLr) and the achieved performance level (PL). The first one is determined by estimating the criteria severity of injury, frequency and exposure to hazard and the possibility of avoiding the hazard.
There are two categories of the severity of injury: S1 and S2. S1 stands for slight injuries, S2 for severe injuries and death.
The frequency and/or exposure to hazard is also categorized: F1 stands for seldom to less often and/or short exposure time, while F2 stands for frequent to continuous and/or long exposure time.
P1 and P2 are the categories for the possibility of avoiding a hazard or limiting harm. P1 means that it is possible under specific conditions, while P2 means it is scarcely possible.
The achieved performance level (PL) is not dependent on the hazard situation, but on the construction of the control system or the safety components.
You have five different categories, from PLa up to PLe, which is the highest level. The PL level is determined by various parameters: Safety category, MTTFd, DC and CCF.
The first parameter is the Safety Category of the system, depending on the architecture and the behavior in error. The different levels are B, 1, 2, 3, 4. This is the primary parameter and states the action of the control system or the safety-related parts of it in case of a fault.
Another criterion is Mean Time to Dangerous Failure (MTTFd) of the safety-related system or parts of it. The three levels are high (30 to 100 years), middle (10 to 30 years) and low (3 to 10 years)
The Diagnostic Coverage (DC) degree of the system is the third parameter. It is a measure of the effectiveness of the diagnostics. The four different levels are high (≥99%), middle (90-99%), low (60-90%) not existent (<60%).
And the Common Cause Failures (CCF), which describes the reliability of the whole safety-related system in terms of common cause failures. It is differentiated into ≥65 points and
When the achieved PL has been determined, it has to be checked if it matches to the PLr. That means PL must be higher or equal to PLr, otherwise the control system/ machine is not allowed to work.