Safety of Machinery and Control Systems - Directive for
Transcription
Safety of Machinery and Control Systems - Directive for
Safety of Machinery and Control Systems Directive for Surge Protection of Control Systems EN/ISO 13849-1 Harmonized in the Directive on Machinery since May 2007 EN ISO 13849-1 follows EN 954-1 as main standard for the design of safety related control systems in the field of “Machinery Safety”. The standard, ratified in November 2006, has been harmonised in the Directive on Machinery since May 2007. The previous standard EN 954-1 is thus formally withdrawn, however, it may still be used until the end of December 2011, although there is a controversial discussion among experts whether EN 954-1, in spite of its harmonization, still is the state of the art. In addition to the generally approved statements of the previous standard, especially the considerations of probabilities and the possible consequences are new. Additional requirements for programmable electronic systems have been defined and a so-called Performance Level (PL) has been introduced. Basically the hazard situation affects the achievable PL (see graphic). The intensity of each hazard situation is scaled into five steps ranging from “a” to “e”. At PL “a” the control function is just a little contribution to reduce the risk, whereas it is high at PL “e”. The higher the risk, the higher the requirements for the control system, the more im-portant are the safety related measures to avoid failures. In order to determine the achieved Performance Level the safety function is to be structured in three parts, namely the sensor, the logic and the actuator. Similar to the Safety Integrity Level (SIL) of IEC EN 61508 calculations to determine the failure probability are made in order to provide further measures for the safety of each subsystem, if necessary. In this context the systems or sub-systems often are also designed redundantly. Even if the fail safety of each sub-system has already been optimised, or sub-systems are used redundantly, simultaneously arising faults may have serious consequences in different parts. www.klinkmann.fi One single cause, such as a lightning strike, often can have a lot of concurrent effects. In order to prevent such causes and their effects, the Common-Cause-Failure-Management (CCF) is described in EN 13849-13.1.6. It refers to systems designed with at least two or more channels. For avoiding that, due to a common cause, different parts of the system fail at the same time, the CCF approach offers a simple method. List of measures with points system (maximum: 100 points) - Separation of signal paths 15 pts - Diversity 20 pts - Protection against surges, overpressure, etc. 15 pts - Approved components 5 pts - FMEA 5 pts - Competence/training of the developers 5 pts - EMC or filtering of the pressure medium and Protection against pollution 25 pts - Temperature, humidity, shock, vibration etc. 10 pts There is a point rating of measurements which contribute to the general safety of the channels. Out of 100 possible points at least 65 are to be achieved. Strikingly, already 15 points are granted for surge protection, which is almost one quar-ter of the required 65 points. Finn Electric / Klinkmann – surge protection solution for Machinery and Control System. Optimal grounding and lighting protection. Finn Electric / Klinkmann support and consult in correct safety and protection solution. We train and deliver DEHN surge protection modules as well as DEHN grounding and lighting protection products. Ask our solution and offer. Riga tel. +371 6738 1617 klinkmann@klinkmann.lv Helsinki tel. +358 9 540 4940 automation@klinkmann.fi St. Petersburg tel. +7 812 327 3752 klinkmann@klinkmann.spb.ru Moscow tel. +7 495 641 1616 moscow@klinkmann.spb.ru Yekaterinburg tel. +7 343 287 19 19 yekaterinburg@klinkmann.spb.ru Samara tel. +7 846 273 95 85 samara@klinkmann.spb.ru Кiev tel. +38 044 495 33 40 klinkmann@klinkmann.kiev.ua Vilnius tel. +370 5 215 1646 post@klinkmann.lt Tallinn tel. +372 668 4500 klinkmann.est@klinkmann.ee Мinsk tel. +375 17 200 0876 minsk@klinkmann.com Surge protection for increasing the safety of machinery EN ISO 13849 describes the “Safety of Machinery” Part 1 - Safety-related parts of control systems For risk minimisation a necessary performance level PL is specified for the system. EN ISO 13849-1 Table 3 Performance Level (PL) Probability of a dangerous failure per hour 10-4 10-5 a 10-6 b c Protection of low risks 10-7 d 10-8 e Protection of high risks Systematic evaluations of the achieved PL. One of the resulting measures is among others the so-called Common-Cause-Failure-Management (CCF). Purpose for 2-channel systems is to minimise the probability that just one single cause may turn both channels at the same time into a safety critical state, e.g. a lightning strike! Surge protection for increasing the safety of machinery EN 13849-1-3.1.6: Common-Cause-Failure-Management An evaluation method of the measures taken against CC Failures is the scoring according to Table F1 CC Failures of different parts due to common causes List of measures with points system (maximum: 100 points) - Separation of the signal paths - Diversity - Protection against surges, overpressure, etc. - Approved components - FMEA - Competence/training of the developers - EMC or filtering of the pressure medium and protection against pollution - Temperature, humidity, shock, Vibration etc. Target: at least 65 points 15 pts 20 pts 15 pts 5 pts 5 pts 5 pts 25 pts 10 pts There is a points rating of the performed measures. Out of a possiblity of 100 points the aim is to achieve at least 65!