Performance level calculation of machine control systems: Experiences

Marita Hietikko, Timo Malm

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsProfessional

    Abstract

    Functional safety of machine control systems is related to the capability of a control system to implement the safety functions correctly. There are two standards concerning this topic: IEC 62061 deals with electrical and programmable electronic machine control systems and it defines safety integrity levels (SIL), whereas ISO 13849-1 defines safety performance levels (PL) and provides basis upon which the design and performance of safety related parts of machine control systems can be assessed. This paper focuses on the methods of ISO 13849-1. The safety performance level (PLr) required from a control system is defined either in a machine specific standard or it has to be defined using risk analysis. If the required performance level is known, it is possible to design and develop a safety function or control system corresponding to this required level. In order to calculate performance level of a safety function, the following information is needed: average mean time to dangerous failure (MTTFd), diagnostic coverage (DC), and safety category of a control system. In addition, specific requirements relevant to PL and technology need to be fulfilled, relating to e.g. software, systematic failures and common cause failures. The implemented safety function architecture, which is presented as a safety block diagram, has to be fitted with one of the designated architectures of ISO 13849-1 for using formulas provided in this standard. The PL of the safety function is estimated as a result of the calculations. A tool for calculating PL using principles and formulas of ISO 13849-1 standard was developed, and the experiences on using this tool and creating safety block diagrams are brought out in this paper. The tool uses semi-automatic method for calculations, meaning that the values can be transferred from one sheet to other using macros, and it can also be used for the documentation of safety-related control functions. It was detected that especially source information used in calculations, e.g. given MTTFd values, may have a remarkable effect on results. The results were also compared to the results of SISTEMA, which uses different approach, i.e. probability of dangerous failure per hour (PFHd), for calculating PL.
    Original languageEnglish
    Title of host publicationSIAS 2010
    Subtitle of host publicationThe 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010
    Number of pages7
    Publication statusPublished - 2010
    MoE publication typeD3 Professional conference proceedings
    Event6th International Conference on Safety of Industrial Automation Systems, SIAS 2010 - Tampere, Finland
    Duration: 14 Jun 201015 Jun 2010
    Conference number: 6

    Conference

    Conference6th International Conference on Safety of Industrial Automation Systems, SIAS 2010
    Abbreviated titleSIAS 2010
    CountryFinland
    CityTampere
    Period14/06/1015/06/10

    Fingerprint

    Control systems
    Risk analysis
    Macros

    Keywords

    • machines
    • control system
    • safety

    Cite this

    Hietikko, M., & Malm, T. (2010). Performance level calculation of machine control systems: Experiences. In SIAS 2010: The 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010
    Hietikko, Marita ; Malm, Timo. / Performance level calculation of machine control systems : Experiences. SIAS 2010: The 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010. 2010.
    @inproceedings{38a60ddc94164a6aa6da15bdb9301400,
    title = "Performance level calculation of machine control systems: Experiences",
    abstract = "Functional safety of machine control systems is related to the capability of a control system to implement the safety functions correctly. There are two standards concerning this topic: IEC 62061 deals with electrical and programmable electronic machine control systems and it defines safety integrity levels (SIL), whereas ISO 13849-1 defines safety performance levels (PL) and provides basis upon which the design and performance of safety related parts of machine control systems can be assessed. This paper focuses on the methods of ISO 13849-1. The safety performance level (PLr) required from a control system is defined either in a machine specific standard or it has to be defined using risk analysis. If the required performance level is known, it is possible to design and develop a safety function or control system corresponding to this required level. In order to calculate performance level of a safety function, the following information is needed: average mean time to dangerous failure (MTTFd), diagnostic coverage (DC), and safety category of a control system. In addition, specific requirements relevant to PL and technology need to be fulfilled, relating to e.g. software, systematic failures and common cause failures. The implemented safety function architecture, which is presented as a safety block diagram, has to be fitted with one of the designated architectures of ISO 13849-1 for using formulas provided in this standard. The PL of the safety function is estimated as a result of the calculations. A tool for calculating PL using principles and formulas of ISO 13849-1 standard was developed, and the experiences on using this tool and creating safety block diagrams are brought out in this paper. The tool uses semi-automatic method for calculations, meaning that the values can be transferred from one sheet to other using macros, and it can also be used for the documentation of safety-related control functions. It was detected that especially source information used in calculations, e.g. given MTTFd values, may have a remarkable effect on results. The results were also compared to the results of SISTEMA, which uses different approach, i.e. probability of dangerous failure per hour (PFHd), for calculating PL.",
    keywords = "machines, control system, safety",
    author = "Marita Hietikko and Timo Malm",
    note = "Project code: 16458",
    year = "2010",
    language = "English",
    isbn = "978-952-5183-40-5",
    booktitle = "SIAS 2010",

    }

    Hietikko, M & Malm, T 2010, Performance level calculation of machine control systems: Experiences. in SIAS 2010: The 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010. 6th International Conference on Safety of Industrial Automation Systems, SIAS 2010, Tampere, Finland, 14/06/10.

    Performance level calculation of machine control systems : Experiences. / Hietikko, Marita; Malm, Timo.

    SIAS 2010: The 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010. 2010.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsProfessional

    TY - GEN

    T1 - Performance level calculation of machine control systems

    T2 - Experiences

    AU - Hietikko, Marita

    AU - Malm, Timo

    N1 - Project code: 16458

    PY - 2010

    Y1 - 2010

    N2 - Functional safety of machine control systems is related to the capability of a control system to implement the safety functions correctly. There are two standards concerning this topic: IEC 62061 deals with electrical and programmable electronic machine control systems and it defines safety integrity levels (SIL), whereas ISO 13849-1 defines safety performance levels (PL) and provides basis upon which the design and performance of safety related parts of machine control systems can be assessed. This paper focuses on the methods of ISO 13849-1. The safety performance level (PLr) required from a control system is defined either in a machine specific standard or it has to be defined using risk analysis. If the required performance level is known, it is possible to design and develop a safety function or control system corresponding to this required level. In order to calculate performance level of a safety function, the following information is needed: average mean time to dangerous failure (MTTFd), diagnostic coverage (DC), and safety category of a control system. In addition, specific requirements relevant to PL and technology need to be fulfilled, relating to e.g. software, systematic failures and common cause failures. The implemented safety function architecture, which is presented as a safety block diagram, has to be fitted with one of the designated architectures of ISO 13849-1 for using formulas provided in this standard. The PL of the safety function is estimated as a result of the calculations. A tool for calculating PL using principles and formulas of ISO 13849-1 standard was developed, and the experiences on using this tool and creating safety block diagrams are brought out in this paper. The tool uses semi-automatic method for calculations, meaning that the values can be transferred from one sheet to other using macros, and it can also be used for the documentation of safety-related control functions. It was detected that especially source information used in calculations, e.g. given MTTFd values, may have a remarkable effect on results. The results were also compared to the results of SISTEMA, which uses different approach, i.e. probability of dangerous failure per hour (PFHd), for calculating PL.

    AB - Functional safety of machine control systems is related to the capability of a control system to implement the safety functions correctly. There are two standards concerning this topic: IEC 62061 deals with electrical and programmable electronic machine control systems and it defines safety integrity levels (SIL), whereas ISO 13849-1 defines safety performance levels (PL) and provides basis upon which the design and performance of safety related parts of machine control systems can be assessed. This paper focuses on the methods of ISO 13849-1. The safety performance level (PLr) required from a control system is defined either in a machine specific standard or it has to be defined using risk analysis. If the required performance level is known, it is possible to design and develop a safety function or control system corresponding to this required level. In order to calculate performance level of a safety function, the following information is needed: average mean time to dangerous failure (MTTFd), diagnostic coverage (DC), and safety category of a control system. In addition, specific requirements relevant to PL and technology need to be fulfilled, relating to e.g. software, systematic failures and common cause failures. The implemented safety function architecture, which is presented as a safety block diagram, has to be fitted with one of the designated architectures of ISO 13849-1 for using formulas provided in this standard. The PL of the safety function is estimated as a result of the calculations. A tool for calculating PL using principles and formulas of ISO 13849-1 standard was developed, and the experiences on using this tool and creating safety block diagrams are brought out in this paper. The tool uses semi-automatic method for calculations, meaning that the values can be transferred from one sheet to other using macros, and it can also be used for the documentation of safety-related control functions. It was detected that especially source information used in calculations, e.g. given MTTFd values, may have a remarkable effect on results. The results were also compared to the results of SISTEMA, which uses different approach, i.e. probability of dangerous failure per hour (PFHd), for calculating PL.

    KW - machines

    KW - control system

    KW - safety

    M3 - Conference article in proceedings

    SN - 978-952-5183-40-5

    BT - SIAS 2010

    ER -

    Hietikko M, Malm T. Performance level calculation of machine control systems: Experiences. In SIAS 2010: The 6th International Conference on Safety of Industrial Automated Systems, Tampere, 14.-15.6.2010. 2010