Catalogs > Safety Products Catalog > Principles, Standards and Implementation > System Design According to ISO/EN 13849 and SISTEMA
System Design According to ISO/EN 13849 and SISTEMA
| SISTEMA Software PL Calculation Tool |  |
System Structure | |
Reliability Data | |
Methods of Data Determination | |
Diagnostic Coverage | |
Common-Cause Failure | |
Mission Time | |
| Systematic Faults | |
Fault Exclusion | |
Performance Level (PL) | |
Subsystem Design and Combinations | |
Validation | |
Machine Commissioning | |
We have already touched on this subject when we considered the Designated Architecture Categories 2, 3 and 4. Those Categories require some form of diagnostic testing to check whether the safety function is still working. The term "diagnostic coverage" [usually abbreviated to DC] is used to characterise the effectiveness of this testing. It is important to realize that DC is not based just on the number of components that can fail dangerously. It takes account of the total dangerous failure rate. The symbol l (lambda) is used for "failure rate." DC expresses the relationship of the rates of occurrence of the two following types of dangerous failure:
- Dangerous detected failure [ldd] i.e. Those failures would cause, or could lead to, a loss of the safety function, but which are detected. After detection, a fault reaction function causes the device or system to go to a safe state.
- Dangerous failure [ld] i.e. All those failures that could potentially cause, or lead to, a loss of the safety function. This includes both the failures that are detected and those that are not. Of course the failures that are that are truly dangerous are the dangerous undetected ones [termed ldu].
DC is expressed by the formula;
DC = ldd/ld expressed as a percentage.
This meaning of the term DC is common to EN ISO 13849-1 and EN/IEC 62061. However the way that it is derived differs. The latter standard proposes the use of calculation based on failure mode analysis but EN ISO 13849-1 provides a simplified method in the form of look-up tables. Various typical diagnostic techniques are listed together with the DC percentage that their use is deemed to achieve. In some cases rational judgment is still required, for example in some techniques the achieved DC is proportional to how often the test is performed. It is sometimes argued that this approach is too vague. However the estimation of DC can depend on many different variables and whichever technique is used the result can usually only truly be described as approximate. It is also important to understand that the tables in EN ISO 13849-1 are based on extensive research conducted by the BGIA into the results achieved by known actual diagnostic techniques used in real applications. In the interest of simplification the standard divides DC into four basic ranges:
<60% = none
60% to <90% = low
90% to <99% = medium
99%+ = high
This approach of dealing with ranges instead of individual percentage values can also be considered to be more realistic in terms of achievable accuracy. The SISTEMA tool uses the same look-up tables as the standard. As the use of complex electronics increases in safety-related devices DC becomes a more important factor. It is likely that future work on the standards will look further into clarification of this issue. In the meantime the use of engineering judgment and common sense should be sufficient to lead to the correct choice of DC range.