Catalogs > Safety Products Catalog > Principles, Standards and Implementation > System Design According to IEC/EN 62061
System Design According to IEC/EN 62061
| System Design According to IEC/EN 62061 |  |
Subsystem Design: IEC/EN 62061 | |
Transition Methodology for Categories | |
IEC/EN 62061 Terminology Overview | |
Diagnostic Coverage (DC) | |
| Management of Functional Safety | |
Probability of Dangerous Failure (PFHD) | |
Proof Test Interval | |
Safe Failure Fraction (SFF) | |
Systematic Failure | |
During the writing of IEC/EN 62061, it was realized that all the required data for systems and devices would take some considerable time to become fully available. Two tables were included to help with the existing subsystem designs that are based on the original Categories concept and have been proven in use to be effective. They provide equivalency for PFHd and Architectural Constraints (Hardware Fault Tolerance). They facilitate a useful transition path to the functional safety standards. Tables 14 and 15 below are shown in a simpler form than what appears in the Standards. If they are studied, it becomes apparent that as the architectures of the Category systems can be converted to probability of failurer of danger that can be claimed for a subsystem.
| Category | Hardware Fault Tolerance | Diagnostic Coverage | PFHD (Can Be Claimed for the Subsystem) |
| 1 | 0 | 0% | See IEC 62061 |
| 2 | 0 | 60…90% | ³10–6 |
| 3 | 1 | 60…90% | ³2 x 10–7 |
| 4 | >1 | 60…90% | ³3 x 10–8 |
| 1 | >90% | ³3 x 10–8 | |
| Table 14: Category based PFHD claim | |||
Also, for low complexity category based subsystems, Table 7 from IEC/EN 62061 is available. Table 14 is a simplified version of Table 7 from the standard. Use this table when a category-based subsystem becomes part of the SRCS that must meet IEC/EN 62061. For simplicity, the safety system designer can claim a PFHD of 2 x 10-7 for a category 3 based system that has 60% diagnostic coverage. Alternatively, the safety system designer can perform a complete analysis to determine if a better PFHD can be claimed.
| Category | Hardware Fault Tolerance | SFF | Max. SIL Claim Limit According to Architectural Constraints |
| 1 | 0 | <60% | See IEC 62061 |
| 2 | 0 | 60…90% | SIL 1 |
| 3 | 1 | < 60% | SIL 1 |
| 1 | 60…90% | SIL 2 | |
| 4 | >1 | 60…90% | SIL 3 |
| 1 | >90% | SIL 3 | |
| Table 15: Category based architectural constraints | |||
Table 15 can be used to determine the SIL Claim Limit of a category-based subsystem. The diagnostic coverage of the category-based system must be converted to safe failure fraction.
Knowing the PFHD and SILCL of a category-based system, the safety system designer can apply these values into one of the subsystems shown in Figure 149. If the category-based system is the complete SRCS, then equivalent SIL and PFHD are determined by Tables 14 and 15. The safety system designer must also satisfy the requirements for common cause failures, systematic failures and proof test interval. The scoring system for common cause failures is slightly different for each standard. The concepts for systematic safety integrity are similar in both standards; neither standard uses a scoring system. The proof test interval may be considered the same as the mission time, or a shorter interval may be chosen.