Function Safety Specification
AS4024.1501/1503
ISO13849-1
Step3 of a project is writing Function Safety Spesification (FSS). But before that let us start with some basics
1- What is functional safety?
2- How reliable does your system need to be?
3- What are categories and performance levels?
4- How are they calculated?
Functional Safety: That portion of the safety of the machine and the machine control system which depends on the correct functioning of the safety-related part of a control system, other technology safety-related systems and external risk reduction facilities Safety-Related part of the Control System (SRP/CS): Part of a control system that responds to safety-related input signals and generates safety-related output signals. A fixed guard, for example, is NOT functional safety that just is fixed and it’s always gonna be there however an interlocked access gate which would shut down the driver of the hazardous machine would be functional safety because if any part of that failed then the risk would go back to what it was because of the interlock failed or the logic system failed or the output that stops the machine from being able to move when the doors open failed then you could open the door while the machine was still running.
First Step:
is conduction a Risk assessment based on ISO1200 or AS4024.1201. Below is a sample risk assessment and try to reduce the risk based on the hierarchy level.
- Inherently safe by design
- Engineering control (SRP/CS involved)
- Administrative control
In a variety of different standards across the world so the first thing you’re trying to do is make it inherently safe Doug but by design, you design out the risk completely if you can’t do that then use engineering controls which are interlocks or guards or kind of anything that doesn’t involve human input and it just removes the possibility of you getting to that risk or removes that reduces that risk and then finally if you can’t achieve a good enough risk several weird engineering controls and you look at administrative controls and that’s things like lockout tagout or instructions or basically just asking people very nicely by putting signs or PPE things that kind of humans have to be involved.
Risk analysis involves in
1)determination of the limits of the machine;
2)hazard identification; and
3)risk elimination.
Risk evaluation: Risk analysis provides the information required for risk evaluation which in turn allows judgment to be made on the safety of the machine system.
Second Step:
Risk Assessment Calculator: A Risk Assessment Calculator is designed to assist with carrying out risk assessments. However, it is the user’s responsibility to ensure that risk assessments are carried out in accordance with AS 4024:2006 (Safeguarding of machinery. Risk assessment. Principles).
choose appropriate values for the
– Likelihood of Occurrence (LO),
– Frequency of Exposure (FE),
– Degree of Possible Harm (DPH)
– Number of Persons at risk (NP).
In addition to the list of hazards, there is also a list of hazardous situations and a list of hazardous events. See BS EN ISO 14121-1 for more information about these.
The Hazard Rating Number (HRN) is calculated automatically (LO x FE x DPH x NP)
| LO (Likelihood of Occurrence) | ||
|---|---|---|
| 0.033 | Almost impossible | Only in extreme circumstances |
| 1 | Highly unlikely | Though conceivable |
| 1.5 | Unlikely | But could occur |
| 2 | Possible | But unusual |
| 5 | Even chance | Could happen |
| 8 | Probable | Not surprising |
| 10 | Likely | To be expected |
| 15 | Certain | No doubt |
| DPH (Degree of Possible Harm) | |
|---|---|
| 0.1 | Scratch or bruise |
| 0.5 | Laceration or mild ill-effect |
| 2 | Break of minor bone or minor illness (temporary) |
| 4 | Break of major bone or major illness (temporary) |
| 6 | “Loss of one limb eye hearing (permanent)” |
| 10 | Loss of two limbs or eyes (permanent) |
| 15 | Fatality |
| FE (Frequency of Exposure) | |
|---|---|
| 0.5 | Annually |
| 1 | Monthly |
| 1.5 | Weekly |
| 2.5 | Daily |
| 4 | Hourly |
| 5 | Constantly |
| NP (Number of Persons at risk) | |
| 1 | 1-2 persons |
| 2 | 3-7 persons |
| 4 | 8-15 persons |
| 8 | 16-50 persons |
| 12 | 50+ persons |
| FE (Frequency of Exposure) | |
| 0.5 | Annually |
| 1 | Monthly |
| 1.5 | Weekly |
| 2.5 | Daily |
| 4 | Hourly |
| 5 | Constantly |
PL (Performance Level) Combine component
Below is a handy table
For example, if we combine more than 3 component (e.g relay and safety door ) which are PLe individually, the combination end up with PLd. or combining more than 2 SRP/CS which are PLc will end up a machine with safety category PLb
Performance level (PL) and Categories
MTTF is meantime to dangerous failure. Meantime to failure (MTTF) is the amount of time on average that a part can run before it breaks.
MTTF LOW is between 3 to 10 years
MTTF Medium is between 10 to 30 years
MTTF Hight is between 30 to 100 years
Category Architect Single or Dual Channel
Single Channel:
Category B:
Designed in accordance with relevant standards
Can withstand the expected influences
Category 1:
Requirements of B
Well-tried components and safety principles
MTTFd > 30 years
Category 2:
Requirements of 1
Well-tried safety principles
Test the safety function at suitable intervals
Common cause failure > 65 years
Dual Channel:
Category 3:
Requirements of 2
well-tried safety principles
A single fault of the SRP/CS does not lead to loss of safety function
“When reasonably practicable” a single fault is detected at or before next demand on the safety functions
Category 4:
Requirements of 3
well-tried safety principles
A single fault of the SRP/CS does not lead to loss of safety function
A single fault is detected at or before next demand on the safety function
Accumulation of faults shall not lead to loss of the safety function
Electrical Engineer 