The “tried-and-tested” EN 954 standard will only continue to apply for the evaluation of safety control systems for just under three years. Then it will finally be replaced by the edited version of the EN ISO 13849-1, which is already valid. EN 62061, however, also applies now – when the safe design of electrical controllers is concerned. What does the standards duo mean in practice? And why are there two standards for the “same” subject? Which standard should machines constructors and plant users employ? Dr. Michael Schaefer and Michael Hauke from the Trade Association of Industrial Safety (BGIA) provide SICK insight with a full explanation.

SICK insight: What are the general tasks of the Trade Association of Industrial Safety, particularly with regard to standards?

Dr. Schaefer: The BGIA, with about 250 employees, is a central research institute of the commercial trade associations. Our tasks include research into safety at work; advising trade associations, member works and federations; and testing and certifying, in particular, new technologies for which no standards yet exist. We develop principles for the application of recognised scientific processes and their transfer for practical use. Closely connected with this is participation in the creation of standards, which provides a concrete practical reference to regulations that are formulated in abstract terms. The new EN ISO 13849-1, as the successor standard to the familiar EN 954, is an example of this.

SICK insight: Why is or was the proven EN 954 no longer up to date and why is it being replaced by EN ISO 13849-1?

M. Hauke: Despite all the updating that has taken place over the years, EN 954 was increasingly coming up against its technological limits. Although applicable for programmable systems and complex electronics, it contained no detailed demands. Reliability values for individual system components, and the quality of testing measures, could not be sufficiently taken into account during categorisation. Finally, the topic of complexity was not included – and the risk of system failures generally rises with the number of its components. All in all, the consideration of failure probability as required, for example, by the fundamental IEC 61508 electrical safety standard, was not sufficiently brought to the fore. The new EN ISO 13849-1 complements the familiar assessment criteria with additional values, e.g. the reliability of components, the quality of testing, or susceptibility to multiple faults. Faults are now not merely counted – the probability of their occurrence is calculated on the basis of device characteristics. Thus the categories of the EN 954 are now reflected in the Performance Levels of the EN ISO 13849-1 with additional content.

SICK insight: The EN 62061 was created practically parallel to EN ISO 13849-1. Tautology? Or where do the differences lie?

Dr. Schaefer: That’s right, both standards were largely driven forward simultaneously. We are dealing with two different standards worlds: that of machine construction and that of electrotechnics. While the EN ISO 13849-1 has principally been designed as a comprehensive and practicable standard for safety-oriented parts of controllers for machine construction, the EN 62061 (as a sector standard for IEC 61508) provides a framework for the functional safety of safety-oriented electrical control systems and their sub-systems in machines. It succeeds in making the statistical processes, and the electronics themselves, acceptable in safety technology internationally. It is thus, among other things, of interest for the development departments of safety technology producers. Highly electronic systems, however, are also sometimes acquired because of the non-applicability of pneumatic, hydraulic or mechanical systems; the complex calculation process; or the wide-ranging obligation for documentation which can, in extreme cases, extend to several hundred pages, among other reasons.

SICK insight: What should machine producers and plant users orient themselves upon?

M. Hauke: We recommend the EN ISO 13849-1 for machine constructors. It covers all the technologies, is logical and practical for smaller and medium-sized companies and, in many cases, contains a clear reference to an applicable C-standard. Categorisation into B, 1, 2, 3 and 4 is already understood in principle and its improvement with regard to the reliability, structure, robustness and diagnosis of safety technology is more comprehensible. Whereby the column diagrams developed by the BGIA also help. Large companies, and most producers of safety technology, use the EN 62061 in parallel – because the increased effort can, under certain conditions, result in a slightly better evaluation. This pays when high unit numbers are involved, or when the target application is not precisely known. Both roads, in effect, reliably lead to Rome.

SICK insight: Where and how can producers, users, planners or inspection personnel find out more?

Dr. Schaefer: There are a range of possibilities. Companies like SICK offer thorough specialist seminars on all aspects of the new standards situation. Groups like the VDMA, the ZVEI or the technical monitoring associations make similar offers. We in the BGIA are rather less directed towards the end users, and follow the “train the trainer” philosophy, i.e. we focus on multiplicators in organisations. What we do offer any interested producer or user, however, is a variety of tools for these standards, e.g. at www.hvbg.de/bgia (WebCode 1674855). The spectrum ranges from a disk on calculating the Performance Level, up to our SiSteMa freeware (which will be available in the second quarter of 2007), with which users can determine the safety of machine controllers on a PC using the EN ISO 13849-1. A new BGIA report is planned for autumn, dealing with the topic of standards for safe control systems and containing about three dozen examples of circuits and calculations.

SICK insight: A final question: do the two standards have a “joint” future – will there sometime be THE standard for safe control systems?

Dr. Schaefer: Standard dualism means complexity – and users, in particular, understandably do not like this. There are therefore efforts underway to combine the contents of the EN ISO 13849-1 and the EN 62061 in a single standard. But because this cannot be achieved overnight, users should decide on one of the two alternatives on the basis of their specific interests. What is certain is that both standards lead to a comparable safety level – though via differing routes and with differing levels of effort.

SICK insight: Dr. Schaefer, Mr Hauke, thank you very much for this conversation.