Post on 28-Nov-2014
EN 62061 and recommendations for the
practical use
Changing standards for changing technologies
Derek Jones – Convenor IEC 62061Rockwell Automation
1
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 2Derek Jones
09/09/2010
Context with other
standards
EN ISO 12100
EN ISO 14121
EN 62061
EN 60204
EN 61508
EN ISO 13849-1&2
IEC 62061-1
ISO 23849
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 3Derek Jones
09/09/2010
Clause 4
Management of functional safety
Project management
for safety
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 4Derek Jones
09/09/2010
Clause 5
Safety Requirements Specification
Functional requirements
specification
Safety Integrity requirements
specification
Interaction of persons with
the machine (e.g. repairing,
setting, cleaning)
i.e. Task based risk
assessment
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 5Derek Jones
09/09/2010
Clause 6
Design and Integration
Random Hardware Failure
Systematic Integrity
Common Cause Failure
Diagnostic Function
Functional decomposition
Safety function to Safety
system
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 6Derek Jones
09/09/2010
Clause 7
Information for use
Clause 8
Validation
Clause 9
Modification
Clause 10
Documentation
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 7Derek Jones
09/09/2010
ISO TR 14121-2: Safety of machinery — Risk assessment — Part 2:
Practical guidance and examples of methods
Task Analysis Hazard Identification Risk Evaluation
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 8Derek Jones
09/09/2010
• All operating modes – Lock the guard door
when closed unless power is OFF and
motion is stopped.
• Automatic Operation Mode - Isolate power if
guard door is not closed.
• Teach Mode - Allow power for robot
teaching under safe speed conditions and
with local control enabling device activated.
Functional requirements specification
SAFETY RELATED CONTROL FUNCTIONS
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 9Derek Jones
09/09/2010
Robot axis power
status
Robot axis motion
status
Release of stored
energy
Lock release
request
Robot in home
position
Guard Lock
Command Status
ON NOT STOPPED NOT RELEASED ON
ON NOT STOPPED RELEASED ON
ON STOPPED NOT RELEASED ON
ON STOPPED RELEASED ON
OFF NOT STOPPED NOT RELEASED ON
OFF NOT STOPPED RELEASED ON
OFF STOPPED NOT RELEASED ON
OFF STOPPED RELEASED OFF
All operating modes - Lock the guard door when closed unless
power is OFF and motion is stopped.
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 10
Guard Door
Status
Output Actuators
Status
OPEN OFF
CLOSED ON
Automatic Operation Mode - Isolate power if guard door is not
closed and locked
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 11
Safe Speed Guard Door
Status
Manual Local Control Priority
Enabled
Output Actuators Status
NO CLOSED NO OFF
NO CLOSED YES OFF
NO OPEN NO OFF
NO OPEN YES OFF
YES CLOSED NO OFF
YES CLOSED YES OFF
YES OPEN NO OFF
YES OPEN YES ON
Teach Mode - Allow power for robot teaching under safe speed conditions
and with local control enabling device activated.
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 12Derek Jones
09/09/2010
SIL allocation for each safety function
For example Allow power for robot teaching under safe
speed conditions and with local control enabling device
activated = SIL 3
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 13Derek Jones
09/09/2010
Safety Function: Allow power for robot
teaching under safe speed conditions and
with local control enabling device activated.
Safe Speed
Sensing
Door Closed
Sensing
Manual Local
Control
Logic Solving Output
Actuation
Shaft Encoders Guard Interlock
Switch
3 Position
Enabling Device
Safe Speed
Control Unit
Contactors
Safety Related Electrical Control System:
Allow power for robot teaching under safe
speed conditions and with local control
enabling device activated.
Clause 6
Design and Integration
SIL 3 required
Safe Speed Guard Door
Status
Manual Local
Control Priority
Enabled
Output
Actuators
Status
NO CLOSED NO OFF
NO CLOSED YES OFF
NO OPEN NO OFF
NO OPEN YES OFF
YES CLOSED NO OFF
YES CLOSED YES OFF
YES OPEN NO OFF
YES OPEN YES ON
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 14Derek Jones
09/09/2010
Shaft Encoders Guard Interlock
Switch
3 Position
Enabling Device
Safe Speed
Control Unit
Contactors
Safety Related Electrical Control System:
Allow power for robot teaching under safe
speed conditions and with local control
enabling device activated.
SIL 3 required for the Safety
Function
Each Subsystem must have a SIL
3 Claim Limit
Total PFHD to be within SIL 3
range SIL CL = 3
PFHD = 1x 10-8
Subsystem 1
SIL CL = 3
PFHD = 1x 10-8
Subsystem 5
SIL CL = 3
PFHD = 1x 10-8
Subsystem 3
SIL CL = 3
PFHD = 1.2x 10-9
Subsystem 2
SIL CL = 3
PFHD = 3.38x 10-9
Subsystem 4
Total PFHD = 3.458x 10-8
SIL achieved = 3
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 15
Shaft Encoders Guard Interlock
Switch
3 Position
Enabling Device
Safe Speed
Control Unit
Contactors
Safety Related Electrical Control System:
Allow power for robot teaching under safe
speed conditions and with local control
enabling device activated.
Management of functional
safety
Safety Requirements
Specification
Design an Integration
Random Hardware
Failure
Systematic Integrity
Common Cause
Failure
Diagnostic Function
Validation
Modification
Documentation
SIL CL = 3
PFHD = 1x 10-8
Subsystem 1
SIL CL = 3
PFHD = 1x 10-8
Subsystem 5
SIL CL = 3
PFHD = 1x 10-8
Subsystem 3
SIL CL = 3
PFHD = 1.2x 10-9
Subsystem 2
SIL CL = 3
PFHD = 3.38x 10-9
Subsystem 4
Total PFHD = 3.458x 10-8
SIL achieved = 3
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 16Derek Jones
09/09/2010
Copyright © 2009 Rockwell Automation, Inc. All rights reserved.16
A system designer? (machine builder)
A subsystem designer? (safety component designer)
Clause 6 - Who are you?
PFHD
SIL CL
PFHD
SIL CL
PFHD
SIL CL
EN 62061 and recommendations for the practical use
© CEN-CENELEC 2010 17Derek Jones
09/09/2010
Thank you