iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC TR 63161:2022

(Main)

Assignment of a safety integrity requirements - Basic rationale

Assignment of a safety integrity requirements - Basic rationale

IEC TR 63161:2022 can be used where a risk assessment according to ISO 12100 has been conducted for a machine or process plant and where a safety related control function has been selected for implementation as a protective measure against specified hazards. This document describes an example basic logical rationale to assign a safety integrity requirement to the selected function.
The description is generic and as far as reasonably possible independent from any specific tool or method that can be used for assignment of a safety integrity requirement. The requirement can be expressed as a safety integrity level (SIL), or performance level (PL).
An example basic rationale is described that is embodied by such methods and tools, as far as they follow a risk based quantitative approach.
Conversely, the logic described in this document can be used as a reference for assessing specific methods or tools for safety integrity assignment. This can clarify how far the respective tool/method is following a risk based quantitative approach, and where deviations from that approach are imposed by other considerations. In real applications, the quantitative risk based approach can be modified or overridden by other considerations in many cases and for good reasons. It is not within the scope of this document to discuss or evaluate such reasons. Usually the reasons for deviations from a given tool or method from a quantitative logic are provided, so that this can be discussed in the proper frame.
Examples for such analyses are provided for common assignment tools in the format of risk graphs and risk matrices.
This document can be used for safety related control functions in all modes of application: continuous mode, high demand mode and low demand mode of application.

General Information

Status
Published
Publication Date
12-Jul-2022
ICS
13.110 - Safety of machinery
Technical Committee
TC 44 - Safety of machinery - Electrotechnical aspects
Drafting Committee
PT 63161 - TC 44/PT 63161
Current Stage
PPUB - Publication issued
Start Date
01-Aug-2022
Completion Date
13-Jul-2022
Ref Project

Buy Standard

IEC TR 63161:2022 - Assignment of a safety integrity requirements - Basic rationaleIEC TR 63161:2022 - Assignment of a safety integrity requirements - Basic rationale
PreviousNext
Technical report
IEC TR 63161:2022 - Assignment of a safety integrity requirements - Basic rationale
English language
46 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC TR 63161 ®
Edition 1.0 2022-07
TECHNICAL
REPORT
colour
inside
Assignment of safety integrity requirements – Basic rationale

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform IEC Products & Services Portal - products.iec.ch
The advanced search enables to find IEC publications by a Discover our powerful search engine and read freely all the
variety of criteria (reference number, text, technical publications previews. With a subscription you will always have
committee, …). It also gives information on projects, replaced access to up to date content tailored to your needs.
and withdrawn publications.
Electropedia - www.electropedia.org
IEC Just Published - webstore.iec.ch/justpublished
The world's leading online dictionary on electrotechnology,
Stay up to date on all new IEC publications. Just Published
containing more than 22 300 terminological entries in English
details all new publications released. Available online and once
and French, with equivalent terms in 19 additional languages.
a month by email.
Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Customer Service Centre - webstore.iec.ch/csc

If you wish to give us your feedback on this publication or need
further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TR 63161 ®
Edition 1.0 2022-07
TECHNICAL
REPORT
colour
inside
Assignment of safety integrity requirements – Basic rationale

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 13.110 ISBN 978-2-8322-3944-5

– 2 – IEC TR 63161:2022 © IEC 2022
CONTENTS
FOREWORD . 4
INTRODUCTION . 6
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 7
4 Risk based quantitative approach . 10
4.1 General . 10
4.2 Sequence of steps in functional safety assignment . 10
4.3 Reference information . 12
4.3.1 General . 12
4.3.2 Accident scenario . 13
4.3.3 Hazard zone . 13
4.3.4 Severity of harm . 13
4.3.5 Safety control function . 14
5 Quantified parameters of a functional safety assignment . 14
5.1 General . 14
5.2 Parameter types . 14
5.2.1 General . 14
5.2.2 Probability . 14
5.2.3 Event rate . 14
5.3 Probability of occurrence of harm . 15
5.4 Quantification of risk . 15
5.5 Target failure measure . 15
5.6 Probability of occurrence of a hazardous event – P . 16
r
5.7 Exposure parameter – F . 17
r
5.8 Probability of avoiding or limiting harm – A . 18
v
5.8.1 General . 18
5.8.2 Vulnerability (V) . 18
5.8.3 Avoidability (A) . 19
5.9 Demand types and related event rates . 19
5.9.1 Event classes . 19
5.9.2 Demand and demand rate . 20
5.9.3 Initiating events and rate of initiating events I . 20
R
5.9.4 Safety demands and safety demand rate D . 21
R
5.9.5 Tolerable risk limit – Parameter L . 22
(S)
5.10 Additional parameters . 23
6 General principle of functional safety assignment . 25
6.1 Basics . 25
6.1.1 Applicability to complete functions . 25
6.1.2 Risk relation . 25
6.1.3 Logical independence of parameters . 25
6.2 High demand or continuous mode of operation . 25
6.3 Low demand mode of operation . 26
7 Assignment of the demand mode . 27
7.1 Demand mode – General . 27

7.2 Assignment criteria . 30
8 Relation to ISO 12100 . 30
9 Tools for functional safety assignment . 31
9.1 General . 31
9.2 Selection of independent parameters . 32
9.3 Logarithmizing parameters . 32
9.4 Discretization of parameters . 32
9.5 Parameter scores . 33
9.6 Scoring methods in strict sense . 34
Annex A (informative) Examples of SIL assignment tools numerical analysis . 35
A.1 General . 35
A.2 Assignment of score values to parameter entries . 35
A.3 Extraction of tolerable risk limits . 36
A.4 Risk matrix of IEC 62061 . 38
A.5 Risk graph of ISO 13849 . 41
A.6 Risk graphs for low demand mode of operation . 43
Bibliography . 46

Figure 1 – Sequence of steps in functional safety assignment. 12
Figure 2 – Protection layers, event rates and their relation. 22
Figure 3 – Hazard rate according to the Henley / Kumamoto equation . 29
Figure 4 – Elements of risk according to ISO 12100 . 31
Figure 5 – Discretization of parameters . 33
Figure A.1 – Extraction of tolerable risk limits . 37
Figure A.2 – Risk matrix based on IEC 62061 . 38
Figure A.3 – Maximum allowable PFH as function of the score sum for the different
severity levels . 39
Figure A.4 – Representation by a continuous numerical interpolation . 40
Figure A.5 – Risk graph of ISO 13849-1 . 41
Figure A.6 – Interpolation per severity level . 43
Figure A.7 – Risk graph for low demand mode of operation . 44
Figure A.8 – Risk graph for low demand mode of operation – from Figure 7 of VDMA
4315-1 . 45

Table 1 – Parameters overview . 24
Table A.1 – Relation between PLs and ranges in PFH . 42

– 4 – IEC TR 63161:2022 © IEC 2022
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
ASSIGNMENT OF SAFETY INTEGRITY REQUIREMENTS –
BASIC RATIONALE
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC Publication(s)"). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly ind
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 62061:2021(Main)
Safety of machinery - Functional safety of safety-related control systems

IEC 62061:2021 specifies requirements and makes recommendations for the design, integration and validation of safety-related control systems (SCS) for machines. It is applicable to control systems used, either singly or in combination, to carry out safety functions on machines that are not portable by hand while working, including a group of machines working together in a coordinated manner.
This document is a machinery sector specific standard within the framework of IEC 61508 (all parts).
The design of complex programmable electronic subsystems or subsystem elements is not within the scope of this document.
The main body of this sector standard specifies general requirements for the design, and verification of a safety-related control system intended to be used in high/continuous demand mode.
This document:
– is concerned only with functional safety requirements intended to reduce the risk of hazardous situations;
– is restricted to risks arising directly from the hazards of the machine itself or from a group of machines working together in a coordinated manner;
This document does not cover
– electrical hazards arising from the electrical control equipment itself (e.g. electric shock - see IEC 60204-1);
– other safety requirements necessary at the machine level such as safeguarding;
– specific measures for security aspects – see IEC TR 63074.
This document is not intended to limit or inhibit technological advancement.
IEC 62061:2021 cancels and replaces the first edition, published in 2005, Amendment 1:2012 and Amendment 2:2015. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
– structure has been changed and contents have been updated to reflect the design process of the safety function,
– standard extended to non-electrical technologies,
– definitions updated to be aligned with IEC 61508-4,
– functional safety plan introduced and configuration management updated (Clause 4),
– requirements on parametrization expanded (Clause 6),
– reference to requirements on security added (Subclause 6.8),
– requirements on periodic testing added (Subclause 6.9),
– various improvements and clarification on architectures and reliability calculations (Clause 6 and Clause 7),
– shift from "SILCL" to "maximum SIL" of a subsystem (Clause 7),
– use cases for software described including requirements (Clause 8),
– requirements on independence for software verification (Clause 8) and validation activities (Clause 9) added,
– new informative annex with examples (Annex G),
– new informative annexes on typical MTTFD values, diagnostics and calculation methods for the architectures (Annex C, Annex D and Annex H).

  • Standard
    289 pages
    English language
    sale 15% off
  • Standard
    304 pages
    English and French language
    sale 15% off
IEC
IEC 62061:2021/AMD1:2024(Amendment)
Amendment 1 - Safety of machinery - Functional safety of safety-related control systems
  • Standard
    21 pages
    English and French language
    sale 15% off
IEC
IEC TS 61496-5:2023/COR1:2023(Corrigendum)
Corrigendum 1 - Safety of machinery – Electro-sensitive protective equipment - Part 5: Particular requirements for radar-based protective devices
  • Technical specification
    1 page
    English language
    sale 15% off
IEC
IEC TS 62998-3:2023(Main)
Safety of machinery - Safety-related sensors used for the protection of persons - Part 3: Sensor technologies and algorithms

IEC TS 62998-3:2023 gives guidance on:
- analysis of sensor technologies of different wavelength ranges, measurement methods, and the sensing unit arrangement in an SRS, respectively the arrangement of SRSs in an SRSS;
- representative physical properties of safety-related objects with due consideration of their material characteristics and the sensor technology/technologies used in an SRS/SRSS to achieve the detection capability and comparable results during verification and validation;
- analysis of the interference of objects present in the surrounding on the safety related objects and thereby the influence on the dependability of the detection capability;
- use of algorithms during design, development and maintenance to achieve appropriate detection capability and dependability of detection;
- appropriate use of algorithms during the integration of SRS or SRSS by the integrator to improve execution of measurement information or provide decision information derived from measurement information.
If an SRS/SRSS uses sensor technologies not stated in this document, then the generic approach in accordance with IEC TS 62998-1 applies.

  • Technical specification
    51 pages
    English language
    sale 15% off
IEC
IEC TS 61496-5:2023(Main)
Safety of machinery – Electro-sensitive protective equipment - Part 5: Particular requirements for radar-based protective devices

IEC TS 61496-5:2023 provides particular requirements for the design, construction and testing of non-contact electro-sensitive protective equipment (ESPE) designed specifically to provide whole-body detection of a person or persons as part of a safety-related system, employing radar protective devices (RPDs) responsive to diffuse reflection of radar signals for the sensing function using frequency-modulated continuous-wave (FMCW) technique. Special attention is directed to features which ensure that an appropriate safety-related performance is achieved. An ESPE can include optional safety-related functions, the requirements for which are given in Annex A of IEC 61496-1:2020 and Annex A of this document.
The requirements given in this document are related to the detection of adult persons being present in an industrial manufacturing environment.
This document does not specify the dimensions or configurations of the detection zone and its disposition in relation to hazardous parts for any particular application, nor what constitutes a hazardous state of any machine. It is restricted to the functioning of the ESPE and how it interfaces with the machine.
This document does not consider the aspects of a moving RPD application. Additional consideration can be necessary, if the RPD supplier specifies the RPD for use on moving application.
Additional requirements and tests can apply if setup of the RPD differs from Figure 2 and Figure 4.
Where this document does not contain all necessary provisions, IEC TS 62998-1 is used.
For those aspects not considered in this document it is also possible to additionally use provisions from IEC TS 62998-1.
Excluded from this document are RPDs that employ electromagnetic radiation outside the range 9 GHz to 81 GHz (identified as subset of band 10 and band 11 in accordance with ITU Radio Regulations). For sensing devices that employ electromagnetic radiation outside this range, this document can be used as a guide. National regulations can limit the available frequencies.
This document can be relevant to applications other than those for the protection of persons, for example for the protection of machinery or products from mechanical damage. In those applications, different requirements can be appropriate, for example when the materials to be recognized by the sensing function have different properties from those of persons.
This document does not deal with requirements for ESPE functions not related to the protection of persons (e.g. using sensing unit data for navigation).
While a data interface can be used to control optional safety-related ESPE functions (Annex A), this document does not provide specific requirements. Requirements for these safety-related functions can be determined by consulting other standards (for example, IEC 61508, IEC 62046, IEC 62061, and ISO 13849-1).
This document does not deal with EMC emission requirements.
The contents of the corrigendum of October 2023 have been included in this copy.

  • Technical specification
    49 pages
    English language
    sale 15% off
IEC
IEC TS 63394:2023(Main)
Safety of machinery - Guidelines on functional safety of safety-related control systems

IEC TS 63394:2023 In the context of the safety of machinery, the sector standard IEC 62061, along with ISO 13849 1, provides requirements to manufacturers of machines for the design, development and integration of safety-related control systems (SCS) or safety-related parts of control systems (SRP/CS), depending on technology used (mechanical, pneumatic, hydraulic or electrical technologies) to perform safety function(s). This document does not replace ISO 13849-1 and IEC 62061. This document gives additional guidance to the application of IEC 62061 or ISO 13849-1.
This document:
– gives guidelines and specifies additional requirements for specific safety functions based on the methodology of ISO 12100, which are relevant in machinery and respecting typical boundary conditions of machinery;
– considers safety functions which are designed for high demand mode of operation yet are rarely operated, called rarely activated safety functions;
– gives additional information for the calculation of failure rates using other (non-electronic) technologies based e.g. on Weibull distribution, because all the formula defined in IEC 62061 and ISO 13849-1 are based on exponential distribution.
Therefore, the basis for these guidelines and additional requirements is
– a typical classification of safety functions;
– a consideration of typical architectures used for designing safety functions;
– a consideration of modes of operation of safety functions;
– the derivation and evaluation of PFH formulas for subsystems considering the used technology.
This document does not address low demand mode of operation according to IEC 61508.
This document does not take into account either layer of protection analysis (LOPA) or basic process control system (BPCS), according to IEC 61511 as a risk reduction measure.
This document considers all lifecycle phases of the machine regarding functional safety, and SCS or SRP/CS.

  • Technical specification
    142 pages
    English language
    sale 15% off
IEC
IEC TS 63074:2023(Main)
Safety of machinery - Security aspects related to functional safety of safety-related control systems

IEC TS 63074:2023 identifies the relevant aspects of the IEC 62443 series related to security threats and vulnerabilities that are considered for the design and implementation of safety-related control systems (SCS) which can lead to the loss of the ability to maintain safe operation of a machine.
Typical security aspects related to the machine with potential relation to SCS are:
– vulnerabilities of the SCS either directly or indirectly through the other parts of the machine which can be exploited by security threats that can result in security attacks (security breach);
– influence on the safety characteristics and ability of the SCS to properly perform its function(s);
– typical use case definition and application of a corresponding threat model.
Non-safety-related aspects of security threats and vulnerabilities are not considered in this document.
The focus of this document is on intentional malicious actions. However, intentional hardware manipulation (e.g. wiring, exchange of components) or foreseeable misuse by physical manipulation of SCS (e.g. physical bypass) is not considered in this document.
This document does not cover security requirements for information technology (IT) products and for the design of devices used in the SCS (e.g., product specific standards can be available, such as IEC TS 63208).

  • Technical specification
    30 pages
    English language
    sale 15% off
IEC
IEC TS 61496-4-3:2022(Main)
Safety of machinery - Electro-sensitive protective equipment - Part 4-3: Particular requirements for equipment using vision based protective devices (VBPD) - Additional requirements when using stereo vision techniques (VBPDST)

IEC TS 61496-4-3:2022 is available as IEC TS 61496-4-3:2022 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC TS 61496-4-3:2022 specifies requirements for the design, construction and testing of non-contact electro-sensitive protective equipment (ESPE) designed specifically to detect persons or parts of persons as part of a safety-related system, employing vision-based protective devices (VBPDs) using stereo vision techniques (VBPDST) for the sensing function. Special attention is directed to features which ensure that an appropriate safety-related performance is achieved. An ESPE can include optional safety-related functions, the requirements for which are given in Annex A of IEC 61496-1:2020 and this document. Where this document does not contain all necessary provisions, IEC TS 62998-1 applies. It is also possible, for those aspects not considered in this document, to use provisions from IEC TS 62998-1 additionally. This document does not specify the dimensions or configurations of the detection zone and its disposition in relation to hazardous parts for any particular application, nor what constitutes a hazardous state of any machine. It is restricted to the functioning of the ESPE and how it interfaces with the machine. The detection principle is based on the evaluation of images from different viewing points (stereoscopic view) for the determination of distance information. This distance information is used to determine the position of an object(s).
– This document is limited to vision based ESPEs with fixed distances (stereo base) and fixed directions of the optical axes using a fixed focal length.
– It is limited to vision based ESPEs that do not require human intervention for detection.
– It is limited to vision based ESPEs that detect objects entering into or being present in a detection zone(s).
– It is limited to VBPDSTs employing radiation at wavelengths within the range 400 nm to 1 500 nm.
– This document does not address those aspects required for complex classification or differentiation of the object detected.
– This document does not consider the aspects of a moving ESPE installation.
Additional requirements and tests can apply in the following cases:
– Use of multi-spectral (colour) techniques;
– Setups other than as shown in Figure 2 and Figure 3 (e.g. changing backgrounds, horizontal orientation of the optical axis with respect to the floor);
– Intended for outdoor applications.
This document is relevant for VBPDSTs having a stated detection capability up to 200 mm. This document can be relevant to applications other than those for the protection of persons or parts of persons like arm or fingers (in the range 14 mm to 200 mm), for example the protection of machinery or products from mechanical damage. In those applications, additional requirements can be necessary, for example when the materials that are to be recognized by the sensing function have different properties from those of persons. This document does not deal with EMC emission requirements.
IEC TS 61496-4-3:2022 cancels and replaces the first edition published in 2015-05. This edition constitutes a technical revision. This edition includes the following technical changes with respect to the previous edition:
a) Some requirement clauses and test procedures have been adapted or removed because they have been consolidated in IEC 61496-1:2020 (e.g. 5.4.6.2 Light sources or Clause A.9).

  • Technical specification
    61 pages
    English language
    sale 15% off
  • Technical specification
    127 pages
    English language
    sale 15% off
IEC
IEC TS 61496-4-2:2022(Main)
Safety of machinery - Electro-sensitive protective equipment - Part 4-2: Particular requirements for equipment using vision based protective devices (VBPD) - Additional requirements when using reference pattern techniques (VBPDPP)

IEC TS 61496-4-2:2022 is available as IEC TS 61496-4-2:2022 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC TS 61496-4-2:2022 specifies requirements for the design, construction and testing of non-contact electro-sensitive protective equipment (ESPE) designed specifically to detect persons as part of a safety-related system, employing vision-based protective devices (VBPDs) using reference pattern techniques (VBPDPP) for the sensing function. Special attention is directed to features which ensure that an appropriate safety-related performance is achieved. An ESPE can include optional safety-related functions, the requirements for which are given in Annex A of IEC 61496-1:2020 and this document. Where this document does not contain all necessary provisions, then IEC TS 62998-1 applies. It is also possible, for those aspects not considered in this document, to use provisions from IEC TS 62998-1 additionally. This document does not specify the dimensions or configurations of the detection zone and its disposition in relation to hazardous parts for any particular application, nor what constitutes a hazardous state of any machine. It is restricted to the functioning of the ESPE and how it interfaces with the machine. A VBPDPP is defined as consisting of a single image-sensing device viewing on a passive reference pattern as the background and where the detection principle is based on blocking or partially preventing the view of the pattern. Information about the thickness, shape, surface characteristics or location of the object is not required for detection. For multi-image sensing devices, additional techniques, requirements and test procedures can be necessary.
- This document is limited to automatic vision-based ESPEs that do not require human intervention for detection.
- It is limited to automatic vision-based ESPEs that detect objects entering into, or are present in, a detection zone(s).
- It is limited to ESPEs using active illumination technique.
- Excluded from this technical specification are VBPDPPs employing radiation at wavelengths outside the range 400 nm to 1 500 nm.
- This document does not address those aspects required for complex classification or differentiation of the object detected.
This document is relevant for VBPDPPs having a stated detection capability up to 200 mm. This document does not deal with EMC emission requirements.
IEC TS 61496-4-2:2022 cancels and replaces the first edition published in 2014. This edition constitutes a technical revision. This edition includes the following technical changes with respect to the previous edition:
a) Some requirement clauses and test procedures have been adapted or removed because they have been consolidated in IEC 61496-1:2020 (e.g. 5.4.6.2 of IEC 61496-1:2020 Light sources or Clause A.9).

  • Technical specification
    38 pages
    English language
    sale 15% off
  • Technical specification
    84 pages
    English language
    sale 15% off
IEC
IEC 60204-1:2016/AMD1:2021(Amendment)
Amendment 1 - Safety of machinery - Electrical equipment of machines - Part 1: General requirements
  • Standard
    20 pages
    English and French language
    sale 15% off