3.1.2 Safety Certification
The safety option is certified for use in safety applications up to and including SIL 2 according to EN IEC 61508 and EN IEC
62061, Performance Level PL d and Category 3 according to EN ISO 13849-1. Safety requirements are based on the
standards valid at the time of certification. The IFA (Institute for Occupational Safety & Health) has approved the safety
option for use in safety-related applications where the de-energised state is considered to be the safe state. All of the
examples related to I/O included in this manual are based on achieving de-energisation as the safe state.
3.1.3 Implementation in Control Systems
In many cases design measures are not sufficient and protective devices are needed to minimise risk. In this context, safety
functions executed by SRP/CS (safety related parts of control systems) are defined. SRP/CS includes the entire safety chain
with sensor (detect), logic (process) and actuator (switch).
Safety functions are defined on the basis of both the application and the hazard. They are often specified in a Type C
standard (a product standard) which provides precise specifications for special machines. If a C standard is not available, the
machine designer defines the safety functions. Typical safety functions are described in more detail in EN ISO 13849-1,
section 5,
Specification of Safety Functions
. The safety functions for frequency converter systems are described in IEC
61800-5-2.
130BC962.10
Detect
Sensor
E.g. lightcurtain
Process
Switch
Logic
E.g. MCB 15x
Actuator
E.g. FC 302
Illustration 3.2 Sensor-Logic-Actuator Safety Chain
3.2 Functions
3.2.1 Specification of Safety Functions
The standards require a specification of functional
requirements. The specification must contain details about
each safety function that should be executed. Also define
the
•
necessary interfaces with other control functions
•
required error responses
•
performance level required PLr or achievable SIL
level
3.2.1.1 Performance Level (PL) and Safety
Integrity Level (SIL)
For safety-related control systems, Performance Level (PL),
according to EN ISO 13849-1, and SIL levels, according to
EN IEC 61508 and EN IEC 62061, include a rating of the
system's ability to perform its safety functions.
All of the safety-related components of the control system
must be included in both a risk assessment and the
determination of the achieved levels. Refer to EN ISO
13849-1, EN IEC 61508 or EN IEC 62061 standards for
complete information on requirements for PL and SIL
determination.
3.2.2 Validation of Performance Level
Check whether the required Performance Level “PLr”,
determined in the risk assessment, is achieved by the
selected system for each safety function used.
Check the calculation using the SISTEMA SW Tool of IFA
(Institute for Occupational Safety & Health). Danfoss
provides a component library which can be used for the
calculation. Danfoss offers corresponding services to
support the system check by calculation. Library can be
downloaded from
www.dguv.de/ifa/en/pra/softwa/sistema
If using another validation method for the performance
level, use the characteristic safety values specified.
Functions and System Overvi...
Operating Instructions
MG34W302
Danfoss A/S © Rev. 2014-02-11 All rights reserved.
11
3
3