Last edit: 26/06/2023
Consider a machine with a rotating blade that is protected by a hinged solid cover. The blade is accessed for routine cleaning by lifting the cover. The cover is interlocked so that whenever it is lifted, an electromechanical, or electronic circuit, de-energises the motor and applies a brake. In this way, the blade is stopped before it could injure the operator. In order to ensure that safety is achieved, a risk assessment and a risk reduction are necessary.
- The first step is to identify the hazards associated with cleaning the blade. For this machine it might show that it should not be possible to lift the hinged cover more than 5 mm without the brake activating and stopping the blade. Therefore the risk assessment has established that we need to reduce the risk. Further analysis could reveal that the time for the blade to stop shall be 1 s or less. Therefore, we decided that the risk has to be reduced and we will use a safety-related control system.
- At this point we need to determine the performance requirements of the safety function. The aim is to ensure that the safety integrity of the safety function is sufficient to ensure that no one is exposed to an unacceptable risk associated with this hazard.
The harm resulting from a failure of the safety function could be the amputation of the operator’s hand or could be just a bruise. The risk also depends on how frequently the cover has to be lifted, which might be many times during daily operation, or it might be less than once a month.
The level of safety integrity required increases with the severity of injury and the frequency of exposure to the hazard.
The safety integrity of the safety function will depend on all the equipment that is necessary for the safety function to be carried out correctly: that means, the interlock, the associated electromechanical or electronic circuit and the braking system. Both the safety function and its safety integrity specify the required behaviour for the systems as a whole, within a particular environment.
To summarise, these two elements, “What the safety function shall do”, the safety function requirements, and “What degree of certainty is needed for the safety function”, the safety integrity requirements, are the foundations of functional safety.