Published: May 2023
Over a period of five years, the important international standard on machinery safety control systems has been revised. This blog post discusses its content and approach, and the changes made to help improve machine safety.
is the newly revised standard giving guidance on the design and assessment of safety control systems that ensure the safety of machinery.
It deals with the part of a control system that performs a safety function, starting from a safety-related input(s) to generating safety-related output(s). The safety-related parts of control systems are called SRP/CS for short. These can consist of hardware or software, and can be separate from the machine control system or an integral part of it. Machinery considered by this standard covers a very wide range, from simple (e.g. small kitchen machines or automatic doors and gates) to complex (e.g. packaging machines, printing machines, presses and integrated machinery into a system), which is why this is such a widely used standard.
Systematic approach
sets out a systematic approach to designing and assessing SRP/CS for machinery. It provides detailed requirements for safe design, verification, validation and use of machinery to ensure safety. It also provides guidance on how to establish and achieve the required performance levels of risk reduction needed to achieve effective risk control. The ability of SRP/CS to perform a safety function under foreseeable conditions is allocated one of five levels, called performance levels (PL). The required performance level (PLr) for a particular safety function is determined by risk estimation where risk is a combination of the probability of occurrence of harm and the severity of that harm.
Dangerous failure
To help design the SRP/CS and assess the achieved PL, uses a methodology based on categorizing architectures with specific design criteria and specified behaviour under faults conditions. These architectures are allocated one of five levels, termed Categories B, 1, 2,3, and 4.
Functional safety considers the failure characteristics of elements or components performing a safety function. For each safety function, this failure characteristic is expressed as the probability of dangerous failure per hour (PFHD). A dangerous failure is one which prevents a safety function operating when required or decreases the probability that it operates when required.
Comprehensive revision
has been comprehensively revised. The project was run by ISO TC 199 Safety of Machinery as the lead, and was a joint collaboration with CEN TC 114 (parallel work). The work was undertaken by experts from various national bodies, with drafting taking place within ISO TC 199 WG8 Safe Control Systems.
As a result of their painstaking work, the revision provides improvements overall, with a more logical approach to the design of a safety control system. It now crucially incorporates aspects of validation into one standard. Greater attention is also now given to software due to the ever-increasing usage of software systems in industry and further clarity is provided in relation to the specification of safety requirements. As such, the standard provides greater clarity than existed previously thereby allowing users to design safety control systems with a greater degree of certainty.