Functional Safety Made Simple: A Guide to IEC 61508 for Manufacturing
What Is IEC 61508?
As discussed previously, industrial manufacturing firms need to prevent dangerous failures that may occur with the use of their system. The challenge is that oftentimes systems are incredibly complex with many interdependencies, making it difficult to fully identify every potential safety risk.
According to the International Electrotechnical Commission, leading contributors to failure include:
- Systematic or random failure of hardware or software
- Human error
- Environmental interference, such as temperature, weather, and more
- Loss of electrical supply or other system disturbance
- Incorrect system specifications in hardware or software
IEC 61508 creates requirements to ensure that systems are designed, implemented, operated, and maintained at the safety level required to mitigate the most dangerous risks. The international standard is used by a wide range of manufacturers, system engineers, designers, and industrial companies, and others that are audited based on compliance. The standard applies to safety-critical products including electrical, electronic, and programmable-related systems.
Why Was IEC 61508 Developed?
The primary goal of the standard is human safety, and it’s based on a couple of principles, including:
- Use of a safety lifecycle. The lifecycle outlines the best practices around identifying risks and mitigating potential design errors.
- Probable failure exercises. This assumes that if a device does fail, a “fail-safe” plan is needed.
IEC 61508 applies to all industries; however, even though it covers a broad range of sectors, every industry has its own nuances. As a result, many have developed their own standards based on IEC 61508.
Industry-specific functional safety standards include ones for:
- Industrial – IEC 61496-1, IEC 61131-6, ISO 13849, IEC 61800-5-2, ISO 13850, IEC 62061, IEC 62061, ISO 10218
- Transportation – EN 5012x, ISO 26262, ISO 25119, ISO 15998
- Buildings – EN/ 81/ EN 115
- Medical devices – IEC 60601, IEC 62304
- Household appliances – IEC 60335, IEC 60730
- Energy systems and providers – IEC 62109, IEC 61513, IEC 50156, IEC 61511
The standard includes Safety Integrity Levels (SILs), which cover four stages from SIL 1 to SIL 4 and indicate whether a safety function is likely to result in a dangerous failure.
The Seven Parts of IEC 61508
The IEC 61508 standard covers the most common hazards that could occur in the event of a failure. The goal of the standard is to mitigate or reduce failure risk to a specific tolerance level. The standard includes a lifecycle with 16 phases, broken into seven parts, including:
- Part 1: General requirements
- Part 2: Requirements for electric, electric programmable safety-relevant systems
- Part 3: Software requirements
- Part 4: Abbreviations and definitions
- Part 5: Examples and methods to determine the appropriate safety integrity levels
- Part 6: Guidelines on how to apply Part 2 and Part 3 Part 7: An overview of techniques and measures
The first three parts highlight the standard’s requirements, and the rest explain the guidelines and provide examples of development.
IEC 61508 Certification: Is it Required?
IEC 61508 certification is optional in most cases, unless you contract with a firm that requires it, or it’s required by your local government. Even if it’s not mandatory, achieving certification provides peace of mind and creates a clear path to improving safety. Certification is offered through international agencies specializing in IEC 61508, such as the TÜV SÜD. Completing certification provides creditability around your IEC 61508 compliance and is a point of differentiation if bidding on a contract against multiple contractors.
Hazard and Risk Analysis for Determining SIL
Understanding functional safety requires a hazard analysis and risk assessment of the equipment under control (EUC).
The hazard analysis identifies all possible hazards of a product, process, or application. This will determine the functional safety requirements to meet a particular safety standard.
A risk assessment is needed for every hazard that you identify. The risk assessment will evaluate the frequency and likelihood of that hazard occurring, as well as the potential consequences if it does happen.
The risk assessment determines the appropriate SIL level, and you can then use either qualitative or quantitative analysis to assess the risk. The guidelines don’t require a specific method of analysis, so use whatever method you prefer.