Last edit: 27/04/2023
On the 27th April 2023 the new edition (4th) of ISO 13849-1 was published.
A new figure 2 (shown at the side) was added to clarify that Functional Safety, and therefore both ISO 13849-1 and IEC 62061, are applicable only when we decide to use a Safety Function to reduce a risk in a Machinery. It is therefore applicable at the second step in the 3 steps risk reduction method described in ISO 12100. It can, even if rarely, be applied in step 3.
The concept of Safety Requirements Specification, already present in the 2015 edition of ISO 13849-1 is now fully developed. A new chapter 5.2 was added, together with Annex M. In essence, the risk assessment is made by a team with different competences and together they decide how to reduce all the risks present is a machinery. When they decide to use a Safety Function they need to detail what each specific function has to do. The safety requirements specification provide the necessary information at the transition from the risk assessment and risk reduction process according to ISO 12100 to the SRP/CS design and evaluation process according to ISO 13849-1, especially if these two processes are performed by different persons or groups. The concept is also present in IEC 62061 as Functional Requirements Specification. Example of information to be included in the SRS or FRS are:
- A brief description of the safety function;
- The event that triggers the safety function;
- The reaction to be initiated by the safety function output(s) to reach the intended safe state;
- The required performance level PLr for each safety function;
The most visible change, with respect to the 2015 edition, is the fact the Validation process was moved from ISO 13849-2 to ISO 13849-1 and it was better detailed. The purpose of the validation process is to confirm that the SRP/CS meets the overall safety requirements specification (SRS) defined at the end of the risk reduction process. Therefore, the SRP/CS validation ensures that the safety functions achieve the intended risk reduction and is intended to be part of the overall validation process of the machine. The validation process should be carried out by a person who is independent from the one who designed of the SRP/CS. Please consider that an independent person is a person not involved in the design of the SRP/CS and it does not necessarily mean that a third-party is required.
Among the measures to be adopted to reduce the systematic failures of a Safety System, IEC 61511 has the concept of Management of Functional Safety. It recommends the creation of a team which is responsible for carrying out and reviewing each of the SRP/CS safety life-cycle phases. It can be a quite a time consuming activity that may not be completely feasible when dealing with Machinery Safety. In the new edition of ISO 13849-1 the concept has been added in Annex G.5. A functional safety plan should be drawn up and documented for each SRP/CS design project, and should be updated as necessary. In particular, the functional safety plan should:
- Identify the relevant activities in the SRP/CS design process (specification, design, integration, analysis, testing, verification, validation) and details of when they should take place;
- Identify the roles and resources necessary for carrying out and reviewing each of these activities;
- Establish a validation plan.
Another new aspect is that it will finally made clear is that a SRP/CS should not be specified in terms of a Category, but only of a Performance Level. In EN 954-1 the Category was the indication of the Reliability level of an SRP/CS. Type C Standards were requiring an SRP/CS Category 3 or Category 1: that was the common language used. In the new edition of ISO 13849-1, the concept is made crystal clear: the Category is a way to achieve the Performance level of a subsystem. Therefore, it is improper to describe an SRP/CS in terms of a Category: a safety system has a PFHD and a Performance Level (or a SIL, if IEC 62061 is used) but, necessarily, no Category (nor Architecture).
GT Engineering took part in the development of the new edition, attending the meetings held at international level. The Markov models behind the standard were made by colleagues from the German IFA, the same group that developed the SISTEMA software. It was a great teamwork in which many countries took part constantly and with technical passion.
GT Engineering will keep you updated about the key new aspects in the course of the year.
Once the ISO standard will be published, it will be approved as EN standard at the same time, thanks to what is defined as the parallel ISO/CEN process achieved with “The Vienna Agreement“.
This is an important time for Functional Safety of machinery since in 2021 the second standard used was published: IEC 62061: GT Engineering also took part in the drafting of this latter standard and we already discussed in other articles on our website that the two new editions have now many aspects in common, even if they retain some differences that we are going to discuss on our site..