IEC 61800-5-2:2016
(Main)Adjustable speed electrical power drive systems - Part 5-2: Safety requirements - Functional
Adjustable speed electrical power drive systems - Part 5-2: Safety requirements - Functional
IEC 61800-5-2:2016 specifies requirements and makes recommendations for the design and development, integration and validation of safety related power drive systems (PDS(SR)) in terms of their functional safety considerations. It applies to adjustable speed electrical power drive systems covered by the other parts of the IEC 61800 series of standards as referred in IEC 61800-2. IEC 61800-5-2, which is a product standard, sets out safety-related considerations of PDS(SR)s in terms of the framework of IEC 61508, and introduces requirements for PDS(SR)s as subsystems of a safety-related system. It is intended to facilitate the realisation of the electrical/ electronic/programmable electronic (E/E/PE) parts of a PDS(SR) in relation to the safety performance of safety sub-function(s) of a PDS. This edition includes the following significant technical changes with respect to the previous edition:
a) rational added in the scope why low demand mode is not covered by this standard,
b) definition added for: "category" and "safety function",
c) "Other sub-functions" sorted into "Monitoring sub-functions" and "Output functions",
d) deleted "proof test" throughout the document because for PDS(SR) a proof test is not applicable,
e) replaced the term "safety function" by "safety sub-function" throughout the document,
f) Updated references to IEC 61508 series Ed.2010,
g) Added the principle rules of ISO 13849-1 and reference to tables of ISO 13849-2,
h) 6.1.6 Text replaced by Table 2,
i) 6.1.7 Integrated circuits with on-chip redundancy matched to changed requirement in IEC 61508-2: 2010, Annex E,
j) 6.2.8 Design requirements for thermal immunity of a PDS(SR)
k) 6.2.9 Design requirements for mechanical immunity of a PDS(SR),
l) 6.1.6 SIL for multiple safety sub-functions within one PDS(SR),
m) 6.1.7 Integrated circuits with on-chip redundancy,
n) 6.2.1 Basic and well-tried safety principles,
o) 6.2.2.1.4 Diagnostic test interval when the hardware fault tolerance is greater than zero,
p) 6.2.5.2.7 PDS(SR) parameterization,
q) 9 Test requirements,
r) 9.3 Electromagnetic (EM) immunity testing,
s) 9.4 Thermal immunity testing,
t) 9.5 Mechanical immunity testing,
u) Annex A Sequential task table,
v) Annex D, D.3.16, Motion and position feedback sensors updated,
w) Annex E Electromagnetic immunity (EM) requirement for PDS(SR),
x) Annex F Estimation of PFDavg value for low demand with given PFH value.
Entraînements électriques de puissance à vitesse variable - Partie 5-2: Exigences de sécurité - Fonctionnelle
L'IEC 61800-5-2:2016 spécifie des exigences et donne des recommandations pour la conception et le développement, l'intégration et la validation des entraînements de puissance relatifs à la sécurité (PDS(SR)), en considération de leur sécurité fonctionnelle. Elle s'applique aux entraînements électriques de puissance à vitesse variable couverts par les autres parties de la série de normes IEC 61800 à laquelle il est fait référence dans l'IEC 61800-2. L'IEC 61800-5-2, qui est une norme de produit, expose des considérations relatives à la sécurité des PDS(SR) prises dans le cadre de l'IEC 61508 et présente des exigences pour les PDS(SR) en tant que sous-systèmes d'un système relatif à la sécurité. Elle est destinée à faciliter la réalisation des parties électriques/électroniques/électroniques programmables (E/E/PE) d'un PDS(SR) en liaison avec la performance de sécurité d'une ou des sous-fonctions de sécurité d'un PDS. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) ajout, dans le domaine d'application, de la justification pour laquelle le mode de fonctionnement à faible sollicitation n'est pas couvert par la présente norme,
b) ajout des définitions de "catégorie" et de "fonction de sécurité",
c) "Autres sous-fonctions" réorganisées en "Sous-fonctions de contrôle" et en "Fonctions de sortie",
d) suppression du terme "essai périodique" dans l'ensemble du document dans la mesure où cet essai n'est pas applicable à un PDS(SR),
e) remplacement du terme "fonction de sécurité" par "sous-fonction de sécurité" dans l'ensemble du document,
f) mise à jour des références à la série IEC 61508 Éd. 2010,
g) ajout des règles de principe de l'ISO 13849-1 et d'une référence aux tableaux de l'ISO 13849-2,
h) 6.1.6 texte remplacé par le Tableau 2,
i) 6.1.7 Modification des Circuits intégrés avec redondance sur la puce pour correspondre aux exigences de l'Annexe E de l'IEC 61508-2:2010,
j) 6.2.8 Exigences relatives à la conception pour l'immunité thermique d'un PDS(SR),
k) 6.2.9 Exigences relatives à la conception pour l'immunité mécanique d'un PDS(SR),
l) 6.1.6 SIL pour plusieurs sous-fonctions de sécurité dans un PDS(SR),
m) 6.1.7 Circuits intégrés avec redondance sur la puce,
n) 6.2.1 Principes de sécurité de base et principes de sécurité éprouvés,
o) 6.2.2.1.4 Intervalle entre essais de diagnostic pour une tolérance aux défauts supérieure à zéro du matériel,
p) 6.2.5.2.7 Paramétrage du PDS(SR),
q) 9 Exigences relatives aux essais,
r) 9.3 Essais d'immunité électromagnétique (EM),
s) 9.4 Essais d'immunité thermique,
t) 9.5 Essais d'immunité mécanique,
u) Annexe A Table de tâches séquentielles,
v) Annexe D, D.3.16, mise à jour de Capteurs de signal de retour de mouvement et de position,
w) Annexe E Exigences d'immunité électromagnétique (EM) pour le PDS(SR),
x) Annexe F Estimation de la valeur PFDmoy pour une faible sollicitation avec la valeur de la PFH donnée.
General Information
- Status
- Published
- Publication Date
- 17-Apr-2016
- Technical Committee
- SC 22G - Adjustable speed electric power drive systems (PDS)
- Drafting Committee
- MT 12 - TC 22/SC 22G/MT 12
- Current Stage
- PPUB - Publication issued
- Start Date
- 18-Apr-2016
- Completion Date
- 15-Apr-2016
Relations
- Effective Date
- 05-Sep-2023
Overview - IEC 61800-5-2:2016 (Functional Safety for PDS(SR))
IEC 61800-5-2:2016 is the product standard that defines functional safety requirements for adjustable speed electrical power drive systems designated as safety‑related (PDS(SR)). It specifies requirements and recommendations for design, development, integration and validation of the E/E/PE elements of a PDS(SR), and positions those requirements within the IEC 61508 framework. The edition clarifies scope (including why low‑demand mode is not covered), updates references (IEC 61508 Ed.2010), and adds cross‑references to ISO 13849‑1/2 principles.
Key technical topics and requirements
- Design lifecycle & management of functional safety: requirements for planning, safety requirements specification (SRS), architecture specification and documentation for PDS(SR) development.
- Design and development rules: basic and well‑tried principles, architectural constraints, software and hardware realization, and requirements for integrated circuits with on‑chip redundancy.
- Safety sub‑functions: definition and categorization of safety sub‑functions (stopping, monitoring, output functions such as safe brake control (SBC)) and guidance for multiple safety sub‑functions within a single PDS(SR).
- Safety integrity metrics: methods to estimate probability of dangerous random hardware failures (PFH), safe failure fraction (SFF), PFHavg / PFD estimation, and treatment of diagnostic intervals and fault tolerance.
- Immunity and robustness testing: mandatory test requirements covering electromagnetic (EM) immunity, thermal immunity and mechanical immunity (vibration/shock) with performance criteria (fail‑safe state).
- Integration, verification and validation: hardware/software integration tests, verification/validation activities, test documentation and modification control processes.
- Annexes and informative material: sequential task tables, PFH/PFD estimation examples, failure rate databases, fault lists, sensor updates (motion/position feedback), and normative EM immunity requirements (Annex E).
Practical applications & who uses this standard
IEC 61800-5-2 is essential for:
- Drive manufacturers and OEMs designing safety‑related adjustable speed drives
- System integrators and machine builders implementing PDS(SR) as part of machine safety systems
- Functional safety engineers performing SIL/PFH/SFF assessments and validation testing
- Certification bodies and testing labs assessing compliance with IEC 61508‑aligned product safety requirements Practical uses include specifying safety sub‑functions (e.g., safe torque off, safe brake control), defining test programs for EM/thermal/mechanical immunity, and documenting safety architectures for approval and CE/market compliance.
Related standards & keywords
- Related: IEC 61508 (functional safety), ISO 13849‑1/2; cross‑references and principles are integrated into IEC 61800‑5‑2.
- SEO keywords: IEC 61800-5-2, PDS(SR), functional safety, adjustable speed drives, SIL, PFH, PFD, EM immunity, safe brake control, E/E/PE, ISO 13849, IEC 61508.
IEC 61800-5-2:2016 RLV - Adjustable speed electrical power drive systems - Part 5-2: Safety requirements - Functional Released:4/18/2016 Isbn:9782832233535
IEC 61800-5-2:2016 - Adjustable speed electrical power drive systems - Part 5-2: Safety requirements - Functional
Frequently Asked Questions
IEC 61800-5-2:2016 is a standard published by the International Electrotechnical Commission (IEC). Its full title is "Adjustable speed electrical power drive systems - Part 5-2: Safety requirements - Functional". This standard covers: IEC 61800-5-2:2016 specifies requirements and makes recommendations for the design and development, integration and validation of safety related power drive systems (PDS(SR)) in terms of their functional safety considerations. It applies to adjustable speed electrical power drive systems covered by the other parts of the IEC 61800 series of standards as referred in IEC 61800-2. IEC 61800-5-2, which is a product standard, sets out safety-related considerations of PDS(SR)s in terms of the framework of IEC 61508, and introduces requirements for PDS(SR)s as subsystems of a safety-related system. It is intended to facilitate the realisation of the electrical/ electronic/programmable electronic (E/E/PE) parts of a PDS(SR) in relation to the safety performance of safety sub-function(s) of a PDS. This edition includes the following significant technical changes with respect to the previous edition: a) rational added in the scope why low demand mode is not covered by this standard, b) definition added for: "category" and "safety function", c) "Other sub-functions" sorted into "Monitoring sub-functions" and "Output functions", d) deleted "proof test" throughout the document because for PDS(SR) a proof test is not applicable, e) replaced the term "safety function" by "safety sub-function" throughout the document, f) Updated references to IEC 61508 series Ed.2010, g) Added the principle rules of ISO 13849-1 and reference to tables of ISO 13849-2, h) 6.1.6 Text replaced by Table 2, i) 6.1.7 Integrated circuits with on-chip redundancy matched to changed requirement in IEC 61508-2: 2010, Annex E, j) 6.2.8 Design requirements for thermal immunity of a PDS(SR) k) 6.2.9 Design requirements for mechanical immunity of a PDS(SR), l) 6.1.6 SIL for multiple safety sub-functions within one PDS(SR), m) 6.1.7 Integrated circuits with on-chip redundancy, n) 6.2.1 Basic and well-tried safety principles, o) 6.2.2.1.4 Diagnostic test interval when the hardware fault tolerance is greater than zero, p) 6.2.5.2.7 PDS(SR) parameterization, q) 9 Test requirements, r) 9.3 Electromagnetic (EM) immunity testing, s) 9.4 Thermal immunity testing, t) 9.5 Mechanical immunity testing, u) Annex A Sequential task table, v) Annex D, D.3.16, Motion and position feedback sensors updated, w) Annex E Electromagnetic immunity (EM) requirement for PDS(SR), x) Annex F Estimation of PFDavg value for low demand with given PFH value.
IEC 61800-5-2:2016 specifies requirements and makes recommendations for the design and development, integration and validation of safety related power drive systems (PDS(SR)) in terms of their functional safety considerations. It applies to adjustable speed electrical power drive systems covered by the other parts of the IEC 61800 series of standards as referred in IEC 61800-2. IEC 61800-5-2, which is a product standard, sets out safety-related considerations of PDS(SR)s in terms of the framework of IEC 61508, and introduces requirements for PDS(SR)s as subsystems of a safety-related system. It is intended to facilitate the realisation of the electrical/ electronic/programmable electronic (E/E/PE) parts of a PDS(SR) in relation to the safety performance of safety sub-function(s) of a PDS. This edition includes the following significant technical changes with respect to the previous edition: a) rational added in the scope why low demand mode is not covered by this standard, b) definition added for: "category" and "safety function", c) "Other sub-functions" sorted into "Monitoring sub-functions" and "Output functions", d) deleted "proof test" throughout the document because for PDS(SR) a proof test is not applicable, e) replaced the term "safety function" by "safety sub-function" throughout the document, f) Updated references to IEC 61508 series Ed.2010, g) Added the principle rules of ISO 13849-1 and reference to tables of ISO 13849-2, h) 6.1.6 Text replaced by Table 2, i) 6.1.7 Integrated circuits with on-chip redundancy matched to changed requirement in IEC 61508-2: 2010, Annex E, j) 6.2.8 Design requirements for thermal immunity of a PDS(SR) k) 6.2.9 Design requirements for mechanical immunity of a PDS(SR), l) 6.1.6 SIL for multiple safety sub-functions within one PDS(SR), m) 6.1.7 Integrated circuits with on-chip redundancy, n) 6.2.1 Basic and well-tried safety principles, o) 6.2.2.1.4 Diagnostic test interval when the hardware fault tolerance is greater than zero, p) 6.2.5.2.7 PDS(SR) parameterization, q) 9 Test requirements, r) 9.3 Electromagnetic (EM) immunity testing, s) 9.4 Thermal immunity testing, t) 9.5 Mechanical immunity testing, u) Annex A Sequential task table, v) Annex D, D.3.16, Motion and position feedback sensors updated, w) Annex E Electromagnetic immunity (EM) requirement for PDS(SR), x) Annex F Estimation of PFDavg value for low demand with given PFH value.
IEC 61800-5-2:2016 is classified under the following ICS (International Classification for Standards) categories: 13.110 - Safety of machinery; 29.130.99 - Other switchgear and controlgear; 29.200 - Rectifiers. Convertors. Stabilized power supply. The ICS classification helps identify the subject area and facilitates finding related standards.
IEC 61800-5-2:2016 has the following relationships with other standards: It is inter standard links to IEC 61800-5-2:2007. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.
You can purchase IEC 61800-5-2:2016 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of IEC standards.
Standards Content (Sample)
IEC 61800-5-2 ®
Edition 2.0 2016-04
REDLINE VERSION
INTERNATIONAL
STANDARD
colour
inside
Adjustable speed electrical power drive systems –
Part 5-2: Safety requirements – Functional
IEC 60000:2016-01 RLV(en)
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 info@iec.ch
Switzerland www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 20 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 15 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.
IEC publications search - www.iec.ch/searchpub IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 65 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and
CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: csc@iec.ch.
IEC 61800-5-2 ®
Edition 2.0 2016-04
REDLINE VERSION
INTERNATIONAL
STANDARD
colour
inside
Adjustable speed electrical power drive systems –
Part 5-2: Safety requirements – Functional
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 13.110; 29.200 ISBN 978-2-8322-3353-5
– 2 – IEC 61800-5-2:2016 RLV © IEC 2016
CONTENTS
FOREWORD . 7
INTRODUCTION . 10
1 Scope and object . 11
2 Normative references. 12
3 Terms and definitions . 14
4 Designated safety sub-functions . 22
4.1 General . 22
4.2 Safety sub-functions . 23
4.2.1 General . 23
4.2.2 Limit values . 23
4.2.3 Stopping functions . 23
4.2.4 Other safety Monitoring functions . 25
4.2.5 Output functions – Safe brake control (SBC) . 26
5 Management of functional safety . 26
5.1 Objective . 26
5.2 Requirements for the management of functional safety . 27
5.3 PDS(SR) development lifecycle . 27
5.4 Functional safety Planning of PDS(SR) functional safety management . 28
5.5 Safety requirements specification (SRS) for a PDS(SR) . 30
5.5.1 General . 30
5.5.2 Safety functionality sub-functions requirements specification . 30
5.5.3 Safety integrity requirements specification . 31
5.6 PDS(SR) safety system architecture specification . 32
5.6.1 General . 32
5.6.2 Requirements for safety system architecture specification . 32
6 Requirements for design and development of a PDS(SR) . 33
6.1 General requirements . 33
6.1.1 Change in operational status . 33
6.1.2 Design standards . 33
6.1.3 Realisation . 33
6.1.4 Safety integrity and fault detection . 33
6.1.5 Safety and non-safety sub-functions . 34
6.1.6 SIL to be used for multiple safety sub-functions within one PDS(SR) . 34
6.1.7 Integrated circuits with on-chip redundancy . 35
6.1.8 Software requirements . 35
6.1.8 Review of requirements .
6.1.9 Design documentation . 35
6.2 PDS(SR) design requirements . 36
6.2.1 Basic and well-tried safety principles . 36
6.2.2 Requirements for the estimation of the probability of dangerous random
hardware failures per hour (PFH). 36
6.2.3 Architectural constraints . 38
6.2.4 Estimation of safe failure fraction (SFF) . 41
6.2.5 Electromagnetic (EM) immunity requirement of a PDS(SR) .
6.2.5 Requirements for systematic safety integrity of a PDS(SR) and
PDS(SR) subsystems . 41
6.2.6 Design requirements for electromagnetic (EM) immunity of a PDS(SR). 45
6.2.7 Design requirements for thermal immunity of a PDS(SR) . 45
6.2.8 Design requirements for mechanical immunity of a PDS(SR) . 45
6.3 Behaviour on detection of fault . 45
6.3.1 Fault detection . 45
6.3.2 Fault tolerance greater than zero . 46
6.3.3 Fault tolerance zero . 46
6.4 Additional requirements for data communications . 46
6.5 PDS(SR) integration and testing requirements . 47
6.5.1 Hardware integration . 47
6.5.2 Software integration . 47
6.5.3 Modifications during integration . 47
6.5.4 Applicable integration tests . 47
6.5.5 Test documentation . 48
7 Information for use . 48
7.1 General . 48
7.2 Information and instructions for safe application of a PDS(SR) . 48
8 Verification and validation . 50
8.1 General . 50
8.2 Verification . 50
8.3 Validation . 50
8.4 Documentation . 50
9 Test requirements . 51
9.1 Planning of tests . 51
9.2 Functional testing . 51
9.3 Electromagnetic (EM) immunity testing . 51
9.3.1 General . 51
9.3.2 Intended EM environment . 51
9.3.3 Performance criterion (fail safe state – FS) . 52
9.4 Thermal immunity testing . 52
9.4.1 General . 52
9.4.2 Functional thermal test . 52
9.4.3 Component thermal test . 52
9.5 Mechanical immunity testing . 52
9.5.1 General . 52
9.5.2 Vibration test . 53
9.5.3 Shock test . 53
9.5.4 Performance criterion for mechanical immunity tests
(fail safe state – FS) . 53
9.6 Test documentation . 53
10 Modification . 53
10.1 Objective . 53
10.2 Requirements . 53
10.2.1 General . 53
10.2.2 Modification request . 54
10.2.3 Impact analysis . 54
10.2.4 Authorization. 54
10.2.5 Documentation . 54
– 4 – IEC 61800-5-2:2016 RLV © IEC 2016
Annex A (informative) Sequential task table. 55
Annex B (informative) Example for determination estimation of PFH . 60
B.1 General . 60
B.2 Example PDS(SR) structure . 60
B.2.1 General . 60
B.2.2 Subsystem A/B . 61
B.2.3 Subsystem PS/VM . 61
B.3 Example PDS(SR) PFH value determination . 62
B.3.1 Subsystem “A/B” (main subsystem) . 62
B.3.2 Subsystem “PS/VM” . 67
B.3.3 PFH value of the safety sub-function STO of PDS(SR) . 71
B.4 Reduction of DC and SFF depending on test interval . 71
Annex C (informative) Available failure rate databases . 73
C.1 Databases . 73
C.2 Helpful standards concerning component failure . 74
Annex D (informative) Fault lists and fault exclusions . 75
D.1 General . 75
D.2 Remarks applicable to fault exclusions . 75
D.2.1 Validity of exclusions . 75
D.2.2 Tin whisker growth . 75
D.2.3 Short-circuits on PWB-mounted parts . 75
D.3 Fault models . 76
D.3.1 Conductors/cables . 76
D.3.2 Printed wiring boards/assemblies . 76
D.3.3 Terminal block . 77
D.3.4 Multi-pin connector . 77
D.3.5 Electromechanical devices . 78
D.3.6 Transformers . 82
D.3.7 Inductances . 82
D.3.8 Resistors . 82
D.3.9 Resistor Networks . 82
D.3.10 Potentiometers . 82
D.3.11 Capacitors . 82
D.3.12 Discrete semiconductors . 82
D.3.13 Signal Isolation components . 82
D.3.14 Non-programmable integrated circuits . 83
D.3.15 Programmable and/or complex integrated circuits . 84
D.3.16 Motion and position feedback sensors . 84
Annex E (normative) Electromagnetic (EM) immunity requirement for PDS(SR) . 89
E.1 General . 89
E.2 Immunity requirements – low frequency disturbances . 89
E.3 Immunity requirements – high frequency disturbances . 92
Annex F (informative) Estimation of PFD value for low demand with given PFH
avg
value . 96
F.1 General . 96
F.2 Estimation of PFD value for low demand with given PFH value . 96
avg
Bibliography . 97
Figure 1 – Installation and functional elements parts of a PDS(SR) . 12
Figure 2 – Safety function consisting of safety sub-functions . 23
Figure 3 – Architectures for data communication ( a) White channel; b) Black channel) .
Figure 3 – PDS(SR) development lifecycle . 27
Figure B.1 – Example PDS(SR) . 60
Figure B.2 – Subsystems of the PDS(SR) . 61
Figure B.3 – Function blocks of subsystem A/B . 62
Figure B.4 – Reliability model (Markov) of subsystem A/B . 65
Figure B.5 – Function blocks of subsystem PS/VM . 68
Figure B.6 – Reliability model (Markov) of subsystem PS/VM . 70
Table 1 – Alphabetical list of terms and definitions . 13
Table 2 – Example for determining the SIL from hardware and software independence . 32
Table 3 – Safety integrity levels: target failure measures for a PDS(SR) safety sub-
function . 33
Table 4 – Hardware safety integrity: architectural constraints on type A safety-related
subsystems Maximum allowable safety integrity level for a safety sub-function carried
out by a type A safety-related subsystem . 36
Table 5 – Hardware safety integrity: architectural constraints on type B safety-related
subsystems Maximum allowable safety integrity level for a safety sub-function carried
out by a type B safety-related subsystem . 37
Table A.1 – Design and development procedure for PDS(SR) . 50
Table B.1 – Determination of DC factor of subsystem A/B . 59
Table B.2 – PFH value calculation results for subsystem A/B . 62
Table B.3 – Determination of DC factor of subsystem A/B . 63
Table B.4 – PFH value calculation results for subsystem PS/VM . 66
Table D.1 – Conductors/cables .
Table D.1 – Printed wiring boards/assemblies . 71
Table D.2 – Terminal block . 72
Table D.3 – Multi-pin connector . 72
Table D.4 – Electromechanical devices (for example relay, contactor relays) . 73
Table D.5 – Signal Isolation components . 76
Table D.6 – Transformers .
Table D.7 – Inductances .
Table D.8 – Resistors .
Table D.9 – Resistor networks .
Table D.10 – Potentiometers .
Table D.11 – Capacitors .
Table D.12 – Discrete semiconductors (for example diodes, Zener diodes, transistors,
triacs, GTO thyristors, IGBTs, voltage regulators, quartz crystal, phototransistors, light-
emitting diodes [LEDs]) .
Table D.13 – Optocouplers .
Table D.6 – Non-programmable integrated circuits . 77
Table D.7 – Programmable and/or complex integrated circuits . 78
Table D.8 – Motion and position feedback sensors . 79
– 6 – IEC 61800-5-2:2016 RLV © IEC 2016
Table E.1 – Minimum immunity requirements for voltage deviations, dips and short
interruptions . 84
Table E.2 – PDS(SR) minimum immunity requirements for voltage deviations, dips and
short interruptions on main power ports with a rated voltage above 1 000 V . 85
Table E.3 – Immunity requirements – high frequency disturbances . 86
Table E.4 – General frequency ranges for mobile transmitters and ISM for radiated
tests . 88
Table E.5 – General frequency ranges for mobile transmitters and ISM for conducted
tests . 89
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
ADJUSTABLE SPEED ELECTRICAL
POWER DRIVE SYSTEMS –
Part 5-2: Safety requirements – Functional
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
This redline version of the official IEC Standard allows the user to identify the changes
made to the previous edition. A vertical bar appears in the margin wherever a change
has been made. Additions are in green text, deletions are in strikethrough red text.
– 8 – IEC 61800-5-2:2016 RLV © IEC 2016
International Standard IEC 61800-5-2 has been prepared by subcommittee 22G: Adjustable
speed electric drive systems incorporating semiconductor power converters, of IEC technical
committee 22: Power electronic systems and equipment.
This second edition cancels and replaces the first edition published in 2007. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) rational added in the scope why low demand mode is not covered by this standard
b) definition added for: “category” and “safety function”
c) “Other sub-functions” sorted into “Monitoring sub-functions” and “Output functions”
d) deleted “proof test” throughout the document because for PDS(SR) a proof test is not
applicable
e) replaced the term “safety function” by “safety sub-function” throughout the document
f) Updated references to IEC 61508 series Ed.2010
g) Added the principle rules of ISO 13849-1 and reference to tables of ISO 13849-2
h) 6.1.6 Text replaced by Table 2
i) 6.1.7 Integrated circuits with on-chip redundancy matched to changed requirement in
IEC 61508-2: 2010, Annex E
j) 6.2.8 Design requirements for thermal immunity of a PDS(SR)
k) 6.2.9 Design requirements for mechanical immunity of a PDS(SR)
l) 6.1.6 SIL for multiple safety sub-functions within one PDS(SR)
m) 6.1.7 Integrated circuits with on-chip redundancy
n) 6.2.1 Basic and well-tried safety principles
o) 6.2.2.1.4 Diagnostic test interval when the hardware fault tolerance is greater than zero
p) 6.2.5.2.7 PDS(SR) parameterization
q) 9 Test requirements
r) 9.3 Electromagnetic (EM) immunity testing
s) 9.4 Thermal immunity testing
t) 9.5 Mechanical immunity testing
u) Annex A Sequential task table
v) Annex D, D.3.16, Motion and position feedback sensors updated
w) Annex E Electromagnetic immunity (EM) requirement for PDS(SR)
x) Annex F Estimation of PFD value for low demand with given PFH value
avg
The text of this standard is based on the following documents:
FDIS Report on voting
22G/332/FDIS 22G/335/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts of the IEC 61800 series, published under the general title Adjustable speed
electric drive systems, can be found on the IEC website.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC website under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 10 – IEC 61800-5-2:2016 RLV © IEC 2016
INTRODUCTION
As a result of automation, demand for increased production and reduced operator physical
effort, control systems of machinery and plant items play an increasing role in the
achievement of overall safety. These control systems increasingly employ complex electrical/
electronic/programmable electronic devices and systems.
Prominent amongst these devices and systems are adjustable speed electrical power drive
systems (PDS) that are suitable for use in safety-related applications (PDS(SR)).
Examples of industrial applications are:
• machine tools, robots, production test equipment, test benches;
• papermaking machines, textile production machines, calendars in the rubber industry;
• process lines in plastics, chemicals or metal production, rolling-mills;
• cement crushing machines, cement kilns, mixers, centrifuges, extrusion machines;
• drilling machines;
• conveyors, materials handling machines, hoisting equipment (cranes, gantries, etc.);
• pumps, fans, etc.
This standard can also be used as a reference for developers using PDS(SR) for other
applications.
Users of this standard should be aware that some type C standards for machinery currently
refer to ISO 13849-1 for safety-related control systems. In this case, PDS(SR) manufacturers
may be requested to provide further information (e.g. category and/or performance level PL)
to facilitate the integration of a PDS(SR) into the safety-related control systems of such
machinery.
NOTE ”Type C standards” are defined in ISO 12100-1 as machine safety standards dealing with detailed safety
requirements for a particular machine or group of machines.
Previously, in the absence of standards, there has been a reluctance to accept electronic, and
in particular programmable electronic, devices and systems in safety-related functions
because of uncertainty regarding the safety performance of such technology.
There are many situations where control systems that incorporate a PDS(SR) are employed,
for example as part of safety measures that have been provided to achieve risk reduction. A
typical case is guard interlocking in order to exclude personnel from hazards where access to
the danger zone dangerous area is only possible when rotating parts have attained a safe
condition stopped. This part of IEC 61800 gives a methodology to identify the contribution
made by a PDS(SR) to identified safety sub-functions and to enable the appropriate design of
the PDS(SR) and verification that it meets the required performance.
Measures are given to co-ordinate the safety performance of the PDS(SR) with the intended
risk reduction taking into account the probabilities and consequences of its random and
systematic faults.
ADJUSTABLE SPEED ELECTRICAL
POWER DRIVE SYSTEMS –
Part 5-2: Safety requirements – Functional
1 Scope and object
This part of IEC 61800, which is a product standard, specifies requirements and makes
recommendations for the design and development, integration and validation of safety related
power drive systems (PDS(SR)) in terms of their functional safety considerations. It applies to
adjustable speed electrical power drive systems covered by the other parts of the IEC 61800
series of standards as referred in IEC 61800-2.
NOTE 1 The term “integration” refers to the PDS(SR) itself, not to its incorporation into the safety-related
application.
NOTE 2 Other parts of IEC 61800 cover rating specifications, EMC, electrical safety, etc.
This International Standard is only applicable where functional safety of a PDS(SR) is claimed
and the PDS(SR) is operating mainly in the high demand or continuous mode (see 3.15). For
low demand applications, see IEC 61508.
While low demand mode operation is possible for a PDS(SR), this standard concentrates on
high demand and continuous mode. Safety sub-functions implemented for high demand or
continuous mode can also be used in low demand mode. Requirements for low demand mode
are given in IEC 61508 series. Some guidance for the estimation of average probability of
dangerous failure on demand (PFD ) value is provided in Annex F.
avg
This part of IEC 61800, which is a product standard, sets out safety-related considerations of
PDS(SR)s in terms of the framework of IEC 61508, and introduces requirements for
PDS(SR)s as subsystems of a safety-related system. It is intended to facilitate the realisation
of the electrical/ electronic/ programmable electronic (E/E/PE) elements parts of a PDS(SR) in
relation to the safety performance of safety sub-function(s) of a PDS.
Manufacturers and suppliers of PDS(SR)s by using the normative requirements of this part of
IEC 61800 will indicate to users (control system integrators, machinery and plant designers,
original equipment manufacturer) the safety performance for their equipment. This will
facilitate the incorporation of a PDS(SR) into a safety-related control system using the
principles of IEC 61508, and possibly its specific sector implementations (for example
IEC 61511, IEC 61513, IEC 62061 or ISO 13849).
By applying the requirements from this part of the IEC 61800 series, the corresponding
requirements of IEC 61508 that are necessary for a PDS(SR) are fulfilled.
This part of IEC 61800 does not specify requirements for:
• the hazard and risk analysis of a particular application;
• the identification of safety sub-functions for that application;
• the initial allocation of SILs to those safety sub-functions;
• the driven equipment except for interface arrangements;
• secondary hazards (for example from failure in a production or manufacturing process);
• the electrical, thermal and energy safety considerations, which are covered in
+IEC 61800-5-1;
– 12 – IEC 61800-5-2:2016 RLV © IEC 2016
• the PDS(SR) manufacturing process;
• the validity of signals and commands to the PDS(SR).
• security aspects (e.g. cyber security or PDS(SR) security of access)
NOTE 3 The functional safety requirements of a PDS(SR) are dependent on the application, and must can be
considered as a part of the overall risk assessment of the installation. Where the supplier of the PDS(SR) is not
also responsible for the driven equipment, the installation designer is responsible for the risk assessment, and for
specifying the functional and safety integrity requirements of the PDS(SR).
NOTE 3 Even though malevolent actions can influence the functional safety of PDS(SR), security aspects are not
considered in this standard.
This part of IEC 61800 only applies to PDS(SR)s implementing safety sub-functions with a SIL
not greater than SIL 3.
Figure 1 shows the installation and the functional elements parts of a PDS(SR) that are
considered in this part of IEC 61800
NOTE Figure 1 and shows a logical representation of a PDS(SR) rather than its physical
description.
Installation or part of the installation
PDS(SR)
Control section
Diagnostic functions
Modulation
External signals
Communications Torque/speed/position
and
and control
and I/O control
protection
Sensors
Power Power section Motor
Driven load
IEC
Figure 1 – Installation and functional elements parts of a PDS(SR)
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and
are indispensable for its application. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any
amendments) applies.
NOTE 1 This does not mean that compliance is required with all clauses of the referenced documents, but rather
that this document makes a reference that cannot be understood in the absence of the referenced documents.
NOTE 2 References to various parts of IEC 61508 are undated, except where specific clauses are indicated.
IEC 60204-1, Safety of machinery – Electrical equipment of machines – Part 1: General
requirements
IEC 61000-2-4:2002, Electromagnetic compatibility (EMC) – Part 2-4: Environment –
Compatibility levels in industrial plants for low-frequency conducted disturbances
IEC 61000-4-2:2008, Electromagnetic compatibility (EMC) – Part 4-2: Testing and
measurement techniques – Electrostatic discharge immunity test
IEC 61000-4-3:2006, Electromagnetic compatibility (EMC) – Part 4-3: Testing and
measurement techniques – Radiated, radio-frequency, electromagnetic field immunity test
IEC 61000-4-3:2006/AMD1:2007
IEC 61000-4-3:2006/AMD2:2010
IEC 61000-4-4:2012, Electromagnetic compatibility (EMC) – Part 4-4: Testing and
measurement techniques – Electrical fast transient/burst immunity test
IEC 61000-4-5:2014, Electromagnetic compatibility (EMC) – Part 4-5: Testing and
measurement techniques – Surge immunity test
IEC 61000-4-6:2013, Electromagnetic compatibility (EMC) – Part 4-6: Testing and
measurement techniques – Immunity to conducted disturbances, induced by radio-frequency
fields
IEC 61000-4-29:2000, Electromagnetic compatibility (EMC) – Part 4-29: Testing and
measurement techniques – Voltage dips, short interruptions and voltage variations on d.c.
input power port immunity tests
IEC 61000-4-34:2005, Electromagnetic compatibility (EMC) – Part 4-34: Testing and
measurement techniques – Voltage dips, short interruptions and voltage variations immunity
tests for equipment with input current more than 16 A per phase
IEC 61000-6-7:2014, Electromagnetic compatibility (EMC) – Part 6-7: Generic standards –
Immunity requirements for equipment intended to perform functions in a safety-related system
(functional safety) in industrial locations
IEC 61400-21:2008, Wind turbines – Part 21: Measurement and assessment of power quality
characteristics of grid connected wind turbines
IEC 61508 (all parts), Functional safety of electrical/electronic/programmable electronic
safety-related systems
IEC 61508-1:1998 2010, Functional safety of electrical/electronic/programmable electronic
safety-related systems – Part 1: General requirements
IEC 61508-2:2000 2010, Functional safety of electrical/electronic/programmable electronic
safety-related systems – Part 2: Requirements for electrical/electronic/programmable
electronic safety-related systems
IEC 61508-3:1998 2010, Functional safety of electrical/electronic/programmable electronic
safety-related systems – Part 3: Software requirements
– 14 – IEC 61800-5-2:2016 RLV © IEC 2016
IEC 61508-5, Functional safety of electrical/electronic/programmable electronic safety-related
systems – Part 5: Examples of methods for the determination of safety integrity levels
IEC 61508-6:2000 2010, Functional safety of electrical/electronic/programmable electronic
safety-related systems – Part 6: Guidelines on the application of IEC 61508-2 and
IEC 61508-3
IEC 61508-7:2000 2010, Functional safety of electrical/electronic/programmable electronic
safety-related systems – Part 7: Overview of techniques and measures
IEC 61800-1, Adjustable speed electrical power drive systems – Part 1: General requirements
– Rating specifications for low voltage adjustable speed d.c. power drive systems
IEC 61800-2:2015, Adjustable speed electrical power drive systems – Part 2: General
requirements – Rating specifications for low voltage adjustable frequency speed a
...
IEC 61800-5-2 ®
Edition 2.0 2016-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Adjustable speed electrical power drive systems –
Part 5-2: Safety requirements – Functional
Entraînements électriques de puissance à vitesse variable –
Partie 5-2: Exigences de sécurité – Fonctionnelle
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 info@iec.ch
Switzerland www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 20 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 15 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.
IEC publications search - www.iec.ch/searchpub IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 65 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and
CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: csc@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.
A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.
Catalogue IEC - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
Application autonome pour consulter tous les renseignements
Le premier dictionnaire en ligne de termes électroniques et
bibliographiques sur les Normes internationales,
électriques. Il contient 20 000 termes et définitions en anglais
Spécifications techniques, Rapports techniques et autres
et en français, ainsi que les termes équivalents dans 15
documents de l'IEC. Disponible pour PC, Mac OS, tablettes
langues additionnelles. Egalement appelé Vocabulaire
Android et iPad.
Electrotechnique International (IEV) en ligne.
Recherche de publications IEC - www.iec.ch/searchpub
Glossaire IEC - std.iec.ch/glossary
La recherche avancée permet de trouver des publications IEC 65 000 entrées terminologiques électrotechniques, en anglais
en utilisant différents critères (numéro de référence, texte, et en français, extraites des articles Termes et Définitions des
comité d’études,…). Elle donne aussi des informations sur les publications IEC parues depuis 2002. Plus certaines entrées
projets et les publications remplacées ou retirées. antérieures extraites des publications des CE 37, 77, 86 et
CISPR de l'IEC.
IEC Just Published - webstore.iec.ch/justpublished
Service Clients - webstore.iec.ch/csc
Restez informé sur les nouvelles publications IEC. Just
Published détaille les nouvelles publications parues. Si vous désirez nous donner des commentaires sur cette
Disponible en ligne et aussi une fois par mois par email. publication ou si vous avez des questions contactez-nous:
csc@iec.ch.
IEC 61800-5-2 ®
Edition 2.0 2016-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Adjustable speed electrical power drive systems –
Part 5-2: Safety requirements – Functional
Entraînements électriques de puissance à vitesse variable –
Partie 5-2: Exigences de sécurité – Fonctionnelle
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 13.110; 29.200 ISBN 978-2-8322-3302-3
– 2 – IEC 61800-5-2:2016 © IEC 2016
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 9
2 Normative references. 10
3 Terms and definitions . 12
4 Designated safety sub-functions . 18
4.1 General . 18
4.2 Safety sub-functions . 19
4.2.1 General . 19
4.2.2 Limit values . 20
4.2.3 Stopping functions . 20
4.2.4 Monitoring functions . 21
4.2.5 Output functions – Safe brake control (SBC) . 23
5 Management of functional safety . 23
5.1 Objective . 23
5.2 Requirements for the management of functional safety . 23
5.3 PDS(SR) development lifecycle . 23
5.4 Planning of PDS(SR) functional safety management . 24
5.5 Safety requirements specification (SRS) for a PDS(SR) . 26
5.5.1 General . 26
5.5.2 Safety sub-functions requirements specification . 26
5.5.3 Safety integrity requirements specification . 27
5.6 PDS(SR) safety system architecture specification . 28
5.6.1 General . 28
5.6.2 Requirements for safety system architecture specification . 28
6 Requirements for design and development of a PDS(SR) . 29
6.1 General requirements . 29
6.1.1 Change in operational status . 29
6.1.2 Design standards . 29
6.1.3 Realisation . 29
6.1.4 Safety integrity and fault detection . 29
6.1.5 Safety and non-safety sub-functions . 30
6.1.6 SIL for multiple safety sub-functions within one PDS(SR) . 30
6.1.7 Integrated circuits with on-chip redundancy . 31
6.1.8 Software requirements . 31
6.1.9 Design documentation . 31
6.2 PDS(SR) design requirements . 31
6.2.1 Basic and well-tried safety principles . 31
6.2.2 Requirements for the estimation of the probability of dangerous random
hardware failures per hour (PFH). 31
6.2.3 Architectural constraints . 34
6.2.4 Estimation of safe failure fraction (SFF) . 35
6.2.5 Requirements for systematic safety integrity of a PDS(SR) and
PDS(SR) subsystems . 36
6.2.6 Design requirements for electromagnetic (EM) immunity of a PDS(SR). 39
6.2.7 Design requirements for thermal immunity of a PDS(SR) . 39
6.2.8 Design requirements for mechanical immunity of a PDS(SR) . 39
6.3 Behaviour on detection of fault . 39
6.3.1 Fault detection . 39
6.3.2 Fault tolerance greater than zero . 39
6.3.3 Fault tolerance zero . 39
6.4 Additional requirements for data communications . 39
6.5 PDS(SR) integration and testing requirements . 40
6.5.1 Hardware integration . 40
6.5.2 Software integration . 40
6.5.3 Modifications during integration . 40
6.5.4 Applicable integration tests . 40
6.5.5 Test documentation . 40
7 Information for use . 41
7.1 General . 41
7.2 Information and instructions for safe application of a PDS(SR) . 41
8 Verification and validation . 42
8.1 General . 42
8.2 Verification . 43
8.3 Validation . 43
8.4 Documentation . 43
9 Test requirements . 43
9.1 Planning of tests . 43
9.2 Functional testing . 43
9.3 Electromagnetic (EM) immunity testing . 44
9.3.1 General . 44
9.3.2 Intended EM environment . 44
9.3.3 Performance criterion (fail safe state – FS) . 44
9.4 Thermal immunity testing . 44
9.4.1 General . 44
9.4.2 Functional thermal test . 45
9.4.3 Component thermal test . 45
9.5 Mechanical immunity testing . 45
9.5.1 General . 45
9.5.2 Vibration test . 45
9.5.3 Shock test . 45
9.5.4 Performance criterion for mechanical immunity tests (fail safe state –
FS) . 45
9.6 Test documentation . 45
10 Modification . 46
10.1 Objective . 46
10.2 Requirements . 46
10.2.1 General . 46
10.2.2 Modification request . 46
10.2.3 Impact analysis . 46
10.2.4 Authorization. 46
10.2.5 Documentation . 46
Annex A (informative) Sequential task table. 47
Annex B (informative) Example for estimation of PFH . 51
– 4 – IEC 61800-5-2:2016 © IEC 2016
B.1 General . 51
B.2 Example PDS(SR) structure . 51
B.2.1 General . 51
B.2.2 Subsystem A/B . 52
B.2.3 Subsystem PS/VM . 52
B.3 Example PDS(SR) PFH value determination . 53
B.3.1 Subsystem “A/B” (main subsystem) . 53
B.3.2 Subsystem “PS/VM” . 58
B.3.3 PFH value of the safety sub-function STO of PDS(SR) . 61
B.4 Reduction of DC and SFF depending on test interval . 62
Annex C (informative) Available failure rate databases . 63
C.1 Databases . 63
C.2 Helpful standards concerning component failure . 63
Annex D (informative) Fault lists and fault exclusions . 65
D.1 General . 65
D.2 Remarks applicable to fault exclusions . 65
D.2.1 Validity of exclusions . 65
D.2.2 Tin whisker growth . 65
D.2.3 Short-circuits on PWB-mounted parts . 65
D.3 Fault models . 66
D.3.1 Conductors/cables . 66
D.3.2 Printed wiring boards/assemblies . 66
D.3.3 Terminal block . 66
D.3.4 Multi-pin connector . 67
D.3.5 Electromechanical devices . 67
D.3.6 Transformers . 68
D.3.7 Inductances . 68
D.3.8 Resistors . 68
D.3.9 Resistor Networks . 68
D.3.10 Potentiometers . 68
D.3.11 Capacitors . 68
D.3.12 Discrete semiconductors . 68
D.3.13 Signal Isolation components . 69
D.3.14 Non-programmable integrated circuits . 69
D.3.15 Programmable and/or complex integrated circuits . 69
D.3.16 Motion and position feedback sensors . 70
Annex E (normative) Electromagnetic (EM) immunity requirement for PDS(SR) . 74
E.1 General . 74
E.2 Immunity requirements – low frequency disturbances . 74
E.3 Immunity requirements – high frequency disturbances . 77
Annex F (informative) Estimation of PFD value for low demand with given PFH
avg
value . 81
F.1 General . 81
F.2 Estimation of PFD value for low demand with given PFH value . 81
avg
Bibliography . 82
Figure 1 – Installation and functional parts of a PDS(SR) . 10
Figure 2 – Safety function consisting of safety sub-functions . 19
Figure 3 – PDS(SR) development lifecycle . 24
Figure B.1 – Example PDS(SR) . 51
Figure B.2 – Subsystems of the PDS(SR) . 52
Figure B.3 – Function blocks of subsystem A/B . 53
Figure B.4 – Reliability model (Markov) of subsystem A/B . 56
Figure B.5 – Function blocks of subsystem PS/VM . 58
Figure B.6 – Reliability model (Markov) of subsystem PS/VM . 60
Table 1 – Alphabetical list of terms and definitions . 12
Table 2 – Example for determining the SIL from hardware and software independence . 30
Table 3 – Safety integrity levels: target failure measures for a PDS(SR) safety sub-
function . 32
Table 4 – Maximum allowable safety integrity level for a safety sub-function carried
out by a type A safety-related subsystem . 35
Table 5 – Maximum allowable safety integrity level for a safety sub-function carried
out by a type B safety-related subsystem . 35
Table A.1 – Design and development procedure for PDS(SR) . 47
Table B.1 – Determination of DC factor of subsystem A/B . 55
Table B.2 – PFH value calculation results for subsystem A/B . 58
Table B.3 – Determination of DC factor of subsystem A/B . 59
Table B.4 – PFH value calculation results for subsystem PS/VM . 61
Table D.1 – Printed wiring boards/assemblies . 66
Table D.2 – Terminal block . 67
Table D.3 – Multi-pin connector . 67
Table D.4 – Electromechanical devices (for example relay, contactor relays) . 68
Table D.5 – Signal Isolation components . 69
Table D.6 – Non-programmable integrated circuits . 69
Table D.7 – Programmable and/or complex integrated circuits . 70
Table D.8 – Motion and position feedback sensors . 71
Table E.1 – Minimum immunity requirements for voltage deviations, dips and short
interruptions . 75
Table E.2 – PDS(SR) minimum immunity requirements for voltage deviations, dips and
short interruptions on main power ports with a rated voltage above 1 000 V . 76
Table E.3 – Immunity requirements – high frequency disturbances . 77
Table E.4 – General frequency ranges for mobile transmitters and ISM for radiated
tests . 79
Table E.5 – General frequency ranges for mobile transmitters and ISM for conducted
tests . 80
– 6 – IEC 61800-5-2:2016 © IEC 2016
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
ADJUSTABLE SPEED ELECTRICAL
POWER DRIVE SYSTEMS –
Part 5-2: Safety requirements – Functional
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 61800-5-2 has been prepared by subcommittee 22G: Adjustable
speed electric drive systems incorporating semiconductor power converters, of IEC technical
committee 22: Power electronic systems and equipment.
This second edition cancels and replaces the first edition published in 2007. This edition
constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous
edition:
a) rational added in the scope why low demand mode is not covered by this standard
b) definition added for: “category” and “safety function”
c) “Other sub-functions” sorted into “Monitoring sub-functions” and “Output functions”
d) deleted “proof test” throughout the document because for PDS(SR) a proof test is not
applicable
e) replaced the term “safety function” by “safety sub-function” throughout the document
f) Updated references to IEC 61508 series Ed.2010
g) Added the principle rules of ISO 13849-1 and reference to tables of ISO 13849-2
h) 6.1.6 Text replaced by Table 2
i) 6.1.7 Integrated circuits with on-chip redundancy matched to changed requirement in
IEC 61508-2: 2010, Annex E
j) 6.2.8 Design requirements for thermal immunity of a PDS(SR)
k) 6.2.9 Design requirements for mechanical immunity of a PDS(SR)
l) 6.1.6 SIL for multiple safety sub-functions within one PDS(SR)
m) 6.1.7 Integrated circuits with on-chip redundancy
n) 6.2.1 Basic and well-tried safety principles
o) 6.2.2.1.4 Diagnostic test interval when the hardware fault tolerance is greater than zero
p) 6.2.5.2.7 PDS(SR) parameterization
q) 9 Test requirements
r) 9.3 Electromagnetic (EM) immunity testing
s) 9.4 Thermal immunity testing
t) 9.5 Mechanical immunity testing
u) Annex A Sequential task table
v) Annex D, D.3.16, Motion and position feedback sensors updated
w) Annex E Electromagnetic immunity (EM) requirement for PDS(SR)
x) Annex F Estimation of PFD value for low demand with given PFH value
avg
The text of this standard is based on the following documents:
FDIS Report on voting
22G/332/FDIS 22G/335/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts of the IEC 61800 series, published under the general title Adjustable speed
electric drive systems, can be found on the IEC website.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC website under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 8 – IEC 61800-5-2:2016 © IEC 2016
INTRODUCTION
As a result of automation, demand for increased production and reduced operator physical
effort, control systems of machinery and plant items play an increasing role in the
achievement of overall safety. These control systems increasingly employ complex electrical/
electronic/programmable electronic devices and systems.
Prominent amongst these devices and systems are adjustable speed electrical power drive
systems (PDS) that are suitable for use in safety-related applications (PDS(SR)).
Examples of industrial applications are:
• machine tools, robots, production test equipment, test benches;
• papermaking machines, textile production machines, calendars in the rubber industry;
• process lines in plastics, chemicals or metal production, rolling-mills;
• cement crushing machines, cement kilns, mixers, centrifuges, extrusion machines;
• drilling machines;
• conveyors, materials handling machines, hoisting equipment (cranes, gantries, etc.);
• pumps, fans, etc.
This standard can also be used as a reference for developers using PDS(SR) for other
applications.
Users of this standard should be aware that some type C standards for machinery currently
refer to ISO 13849-1 for safety-related control systems. In this case, PDS(SR) manufacturers
may be requested to provide further information (e.g. category and performance level PL) to
facilitate the integration of a PDS(SR) into the safety-related control systems of such
machinery.
NOTE ”Type C standards” are defined in ISO 12100 as machine safety standards dealing with detailed safety
requirements for a particular machine or group of machines.
There are many situations where control systems that incorporate a PDS(SR) are employed,
for example as part of safety measures that have been provided to achieve risk reduction. A
typical case is guard interlocking in order to exclude personnel from hazards where access to
the dangerous area is only possible when rotating parts have stopped. This part of IEC 61800
gives a methodology to identify the contribution made by a PDS(SR) to identified safety sub-
functions and to enable the appropriate design of the PDS(SR) and verification that it meets
the required performance.
Measures are given to co-ordinate the safety performance of the PDS(SR) with the intended
risk reduction taking into account the probabilities and consequences of its random and
systematic faults.
ADJUSTABLE SPEED ELECTRICAL
POWER DRIVE SYSTEMS –
Part 5-2: Safety requirements – Functional
1 Scope
This part of IEC 61800, which is a product standard, specifies requirements and makes
recommendations for the design and development, integration and validation of safety related
power drive systems (PDS(SR)) in terms of their functional safety considerations. It applies to
adjustable speed electrical power drive systems covered by the other parts of the IEC 61800
series of standards as referred in IEC 61800-2.
NOTE 1 The term “integration” refers to the PDS(SR) itself, not to its incorporation into the safety-related
application.
NOTE 2 Other parts of IEC 61800 cover rating specifications, EMC, electrical safety, etc.
This International Standard is applicable where functional safety of a PDS(SR) is claimed and
the PDS(SR) is operating mainly in the high demand or continuous mode (see 3.15)
While low demand mode operation is possible for a PDS(SR), this standard concentrates on
high demand and continuous mode. Safety sub-functions implemented for high demand or
continuous mode can also be used in low demand mode. Requirements for low demand mode
are given in IEC 61508 series. Some guidance for the estimation of average probability of
dangerous failure on demand (PFD ) value is provided in Annex F.
avg
This part of IEC 61800 sets out safety-related considerations of PDS(SR)s in terms of the
framework of IEC 61508, and introduces requirements for PDS(SR)s as subsystems of a
safety-related system. It is intended to facilitate the realisation of the electrical/ electronic/
programmable electronic (E/E/PE) parts of a PDS(SR) in relation to the safety performance of
safety sub-function(s) of a PDS.
Manufacturers and suppliers of PDS(SR)s by using the normative requirements of this part of
IEC 61800 will indicate to users (system integrator, original equipment manufacturer) the
safety performance for their equipment. This will facilitate the incorporation of a PDS(SR) into
a safety-related control system using the principles of IEC 61508, and possibly its specific
sector implementations (for example IEC 61511, IEC 61513, IEC 62061 or ISO 13849).
By applying the requirements from this part of the IEC 61800 series, the corresponding
requirements of IEC 61508 that are necessary for a PDS(SR) are fulfilled.
This part of IEC 61800 does not specify requirements for:
• the hazard and risk analysis of a particular application;
• the identification of safety sub-functions for that application;
• the initial allocation of SILs to those safety sub-functions;
• the driven equipment except for interface arrangements;
• secondary hazards (for example from failure in a production or manufacturing process);
• the electrical, thermal and energy safety considerations, which are covered in
+IEC 61800-5-1;
• the PDS(SR) manufacturing process;
• the validity of signals and commands to the PDS(SR).
– 10 – IEC 61800-5-2:2016 © IEC 2016
• security aspects (e.g. cyber security or PDS(SR) security of access)
NOTE 3 The functional safety requirements of a PDS(SR) are dependent on the application, and can be
considered as a part of the overall risk assessment of the installation. Where the supplier of the PDS(SR) is not
responsible for the driven equipment, the installation designer is responsible for the risk assessment, and for
specifying the functional and safety integrity requirements of the PDS(SR).
This part of IEC 61800 only applies to PDS(SR)s implementing safety sub-functions with a SIL
not greater than SIL 3.
Figure 1 shows the installation and the functional parts of a PDS(SR) that are considered in
this part of IEC 61800 and shows a logical representation of a PDS(SR) rather than its
physical description.
Installation or part of the installation
PDS(SR)
Control section
Diagnostic functions
Modulation
External signals
Communications Torque/speed/position
and
and control
and I/O
control
protection
Sensors
Power Power section Motor
Driven load
IEC
Figure 1 – Installation and functional parts of a PDS(SR)
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and
are indispensable for its application. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any
amendments) applies.
IEC 60204-1, Safety of machinery – Electrical equipment of machines – Part 1: General
requirements
IEC 61000-2-4:2002, Electromagnetic compatibility (EMC) – Part 2-4: Environment –
Compatibility levels in industrial plants for low-frequency conducted disturbances
IEC 61000-4-2:2008, Electromagnetic compatibility (EMC) – Part 4-2: Testing and
measurement techniques – Electrostatic discharge immunity test
IEC 61000-4-3:2006, Electromagnetic compatibility (EMC) – Part 4-3: Testing and
measurement techniques – Radiated, radio-frequency, electromagnetic field immunity test
IEC 61000-4-3:2006/AMD1:2007
IEC 61000-4-3:2006/AMD2:2010
IEC 61000-4-4:2012, Electromagnetic compatibility (EMC) – Part 4-4: Testing and
measurement techniques – Electrical fast transient/burst immunity test
IEC 61000-4-5:2014, Electromagnetic compatibility (EMC) – Part 4-5: Testing and
measurement techniques – Surge immunity test
IEC 61000-4-6:2013, Electromagnetic compatibility (EMC) – Part 4-6: Testing and
measurement techniques – Immunity to conducted disturbances, induced by radio-frequency
fields
IEC 61000-4-29:2000, Electromagnetic compatibility (EMC) – Part 4-29: Testing and
measurement techniques – Voltage dips, short interruptions and voltage variations on d.c.
input power port immunity tests
IEC 61000-4-34:2005, Electromagnetic compatibility (EMC) – Part 4-34: Testing and
measurement techniques – Voltage dips, short interruptions and voltage variations immunity
tests for equipment with input current more than 16 A per phase
IEC 61000-6-7:2014, Electromagnetic compatibility (EMC) – Part 6-7: Generic standards –
Immunity requirements for equipment intended to perform functions in a safety-related system
(functional safety) in industrial locations
IEC 61400-21:2008, Wind turbines – Part 21: Measurement and assessment of power quality
characteristics of grid connected wind turbines
IEC 61508-1:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 1: General requirements
IEC 61508-2:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 2: Requirements for electrical/electronic/programmable electronic
safety-related systems
IEC 61508-3:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 3: Software requirements
IEC 61508-6:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3
IEC 61508-7:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 7: Overview of techniques and measures
IEC 61800-1, Adjustable speed electrical power drive systems – Part 1: General requirements
– Rating specifications for low voltage adjustable speed d.c. power drive systems
IEC 61800-2:2015, Adjustable speed electrical power drive systems – Part 2: General
requirements – Rating specifications for low voltage adjustable speed a.c. power drive
systems
IEC 61800-3:2004, Adjustable speed electrical power drive systems – Part 3: EMC
requirements and specific test methods
IEC 61800-3:2004/AMD1:2011
– 12 – IEC 61800-5-2:2016 © IEC 2016
IEC 61800-4, Adjustable speed electrical power drive systems – Part 4: General requirements
– Rating specifications for a.c. power drive systems above 1 000 V a.c. and not exceeding
35 kV
IEC 61800-5-1:2007, Adjustable speed electrical power drive systems – Part 5-1: Safety
requirements –
...
IEC 61800-5-2:2016は、調整可能な速度の電力駆動システム(PDS(SR))に関する安全要求を定義し、設計、開発、統合、検証における機能的安全の考慮事項に焦点を当てています。この標準は、IEC 61800シリーズの他の部分でカバーされている調整可能な速度の電力駆動システムに適用され、特に安全関連システムのサブシステムとしてのPDS(SR)の要求を明らかにしています。 この標準の強みは、IEC 61508のフレームワークに基づいた安全関連の考慮を行い、E/E/PE部品の安全性能の実現を容易にする点です。具体的には、PDS(SR)における安全サブ機能の充実したガイダンスが提供されており、安全性向上に寄与します。 本版では前回の版に対して以下の重要な技術的変更がなされました。まず、低需要モードがこの標準に含まれない理由の論理が追加され、さらに「カテゴリー」と「安全機能」の定義が追加されました。「他のサブ機能」は「監視サブ機能」と「出力機能」に分類されるなど、文書全体の明確性が向上しています。また、証明試験の削除や「安全機能」という用語の「安全サブ機能」への置き換えにより、標準がより実用的な形へと進化しています。 更に、IEC 61508シリーズの更新された参照や、ISO 13849-1の原則が導入されたことは、PDS(SR)の設計要求に対する新たな方向性を示しており、その関連性を一層強化しています。設計要件において、PDS(SR)の熱耐性や機械的免疫に関する具体的な指示も加わり、実際のシステムにおける安全性を確保するための基盤を提供しています。 加えて、テスト要件に関する詳細が充実しており、電磁免疫、熱免疫、機械的免疫に関する具体的なテスト方法が確立されています。これにより、実際の運用環境におけるPDS(SR)の性能信頼性を高めることが可能です。また、附属文書においては、シーケンシャルタスク表や運動および位置フィードバックセンサーの更新がなされ、実務面での有用性が向上しています。 このように、IEC 61800-5-2:2016は、調整可能な速度の電力駆動システムにおける安全性を強化するための重要な指針となっており、技術者や企業にとってその実装は必須であると言えるでしょう。
The IEC 61800-5-2:2016 standard addresses the safety requirements of adjustable speed electrical power drive systems, specifically focusing on functional safety considerations pertinent to power drive systems (PDS(SR)). This standard plays a crucial role in ensuring that safety-related power drive systems are designed, integrated, and validated according to recognized safety benchmarks. The scope of IEC 61800-5-2:2016 is comprehensive, applying to all adjustable speed electrical power drive systems and integrating relevant aspects from the broader IEC 61800 series. By establishing a framework that aligns with IEC 61508, this standard effectively lays out safety-related considerations, ensuring PDS(SR)s function safely as part of larger safety-related systems. A significant strength of this standard is its detailed updates compared to previous editions. The introduction of definitions and categorization, specifically for "category" and "safety function," enhances clarity and precision in communication. The clear distinction between "Monitoring sub-functions" and various "Output functions" allows for better categorization and understanding of the roles within a PDS(SR). The revision process has also eliminated terms that may lead to confusion; for instance, the removal of "proof test" acknowledges its inapplicability to PDS(SR), thus streamlining the focus on relevant safety measures. Additionally, replacing "safety function" with "safety sub-function" throughout the document fosters consistency and promotes a more detailed understanding of safety hierarchies within power drive systems. Key updates concerning design requirements address pressing concerns in the industry today. By incorporating criteria for thermal and mechanical immunity, IEC 61800-5-2:2016 ensures that PDS(SR)s can withstand operational stresses, thereby reinforcing safety and reliability. The emphasis on integrated circuits with on-chip redundancy in line with IEC 61508-2:2010 highlights a commitment to maintaining robust safety protocols. Furthermore, the newly included diagnostic test intervals and updated test requirements (including electromagnetic and thermal immunity testing) are practical enhancements that equip users with the necessary guidelines to ensure ongoing compliance and safety validation. The annexes, such as the Sequential task table and updates on motion and position feedback sensors, provide targeted resources for better implementation of safety protocols, reinforcing the relevance of IEC 61800-5-2:2016 in contemporary practice. In summary, IEC 61800-5-2:2016 stands out not only in its thorough approach to safety within adjustable speed electrical power drive systems but also in its adaptability to technological advancements and industry demands. Its comprehensive nature combined with practical updates makes it a pertinent resource for professionals dedicated to ensuring functional safety in power drive systems.
IEC 61800-5-2:2016 표준은 가변 속도 전기 전력 구동 시스템의 안전 요구사항에 대한 기능적 요구사항을 명시하고 있습니다. 이 표준은 안전 관련 전력 구동 시스템(PDS(SR))의 설계, 개발, 통합 및 검증에 관한 요구사항과 권장사항을 제공합니다. 특히, IEC 61800-2에서 언급된 다른 IEC 61800 시리즈 표준에 해당하는 가변 속도 전기 전력 구동 시스템에 적용됩니다. 이 표준의 주요 강점은 PDS(SR)의 안전 기능을 IEC 61508 프레임워크 내에서 안전 관련 고려사항으로 설정하고 있다는 점입니다. PDS(SR)를 안전 관련 시스템의 하위 시스템으로 간주하여 안전 성능을 고려한 전기/전자/프로그래머블 전자(E/E/PE) 부분의 실현을 용이하게 합니다. IEC 61800-5-2:2016에서는 이전 판과 비교하여 몇 가지 중요한 기술적 변경 사항이 포함되어 있습니다. 예를 들어, 저 수요 모드가 이 표준의 범위에서 제외된 이유에 대한 논리가 추가되었고, "카테고리" 및 "안전 기능"에 대한 정의가 포함되었습니다. 또한, "다른 하위 기능"은 "모니터링 하위 기능" 및 "출력 기능"으로 분류되어 보다 명확해졌고, 전반적으로 "안전 기능"이라는 용어는 "안전 하위 기능"으로 변경되었습니다. 하드웨어 결함 허용 능력이 영(0)보다 큰 경우의 진단 테스트 간격과 같은 설계 요구사항이 추가되어 보다 엄격한 안전 기준을 제시하고 있습니다. 각종 테스트 요구사항이 포함되어 있으며, 이를 통해 EMI(전자기 적합성), 온도 내성, 기계적 내성 테스트 등 다양한 안전 검증 방안을 제공합니다. Annex 섹션에서는 순차 작업 테이블, 전자기 내성 요구사항 및 저 수요에서의 PFDavg 값 추정에 관한 지침이 업데이트되어 있으며, 이러한 요소들은 PDS(SR)의 기능적 안전성을 극대화하는 데 기여합니다. 결론적으로, IEC 61800-5-2:2016 표준은 안전 관련 전력 구동 시스템의 안전 기능 및 설계 요구사항을 명확히 하고 있으며, 이로 인해 가변 속도 전기 전력 구동 시스템의 안전성을 높이는 데 중요한 역할을 수행하고 있습니다.
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.
Loading comments...