Performance level: The key to machine safety

Introduction to the performance level concept

In today’s rapidly evolving world of industrial automation, performance level plays a key role in ensuring the safety of machines and equipment. Performance level is the degree to which a system can achieve a specified level of safety, minimizing the risk of failures and accidents. In the context of the Machinery Directive 2006/42/EC, type B harmonized standards such as EN ISO 13849-1 define the general design principles that must be met for machines to obtain the CE mark. Performance level is one of the key elements of these standards, affecting every aspect of the design, audit, and safety management of machines and production lines.

Introduction to the EN ISO 13849-1 Standard

EN ISO 13849-1 is a key machine safety document that sets out the requirements for the design, implementation, and assessment of safety-related control systems. Its main purpose is to ensure that these systems achieve the required levels of reliability and functionality, minimizing the risk of failures that could lead to hazards for operators and the working environment. This standard is harmonized with the Machinery Directive 2006/42/EC, which means compliance with it is essential for obtaining CE marking for machines and equipment placed on the European market.

Basic Concepts and Scope of the Standard

EN ISO 13849-1 defines performance level (PL) as the degree to which a system can achieve a specified level of safety, measured in five categories from PL a to PL e, where PL e is the highest safety level. Performance level depends on several factors, such as system architecture, diagnostics, and component reliability.

The standard covers a broad range of aspects related to the design and assessment of safety-related control systems, including:

• Risk analysis: Identifying and assessing potential hazards associated with machine operation.
• Safety requirements specification: Defining the requirements for the safety functions that the control system must fulfill.
• Control system design: Creating and implementing systems that comply with the specified performance level.
• Assessment and verification: Carrying out tests and analyses to confirm that the systems meet the requirements of the standard.

Risk Analysis and Definition of Safety Requirements

The first step in achieving compliance with EN ISO 13849-1 is to carry out a detailed risk analysis. The purpose of this analysis is to identify potential hazards and assess the risk associated with each of them. Based on the results of the risk analysis, safety requirements for the control systems are defined.

A key tool in this process is risk analysis according to EN ISO 12100, which provides a methodology for systematic risk assessment. This methodology includes hazard identification, risk assessment, and the definition of control measures intended to reduce risk to an acceptable level.

Control System Design

Designing control systems in accordance with EN ISO 13849-1 involves several key stages, including:

• Definition of safety functions: Determining which control functions are safety-critical and what their requirements are.
• Component selection: Choosing suitable components that meet reliability and diagnostic requirements.
• System architecture: Designing the structure of the control system, taking redundancy and diagnostics into account.
• Reliability calculations: Performing reliability calculations, such as Mean Time to Failure (MTTF) and Mean Time to Repair (MTTR), to determine the overall performance level of the system.

Implementation and Integration

Once the control system has been designed, the next step is implementation and integration with the machine. This stage includes:

• Component installation: Installing the selected components in accordance with the design.
• System integration: Connecting the various parts of the control system to ensure cooperation and compatibility.
• Functional testing: Carrying out functional tests to make sure the system operates in line with the design assumptions.

Verification and Validation

A key element of compliance with EN ISO 13849-1 is the verification and validation process, which includes:

• Design verification: Checking whether the control system design meets all specified requirements.
• Validation testing: Carrying out validation tests, including simulations and practical tests, to ensure that the system operates in accordance with the required performance level.
• Documentation: Preparing detailed documentation that includes test results and analyses, confirming the system’s compliance with the standard.

Calculation Example for PL e and PL c

Calculations for PL e and PL c are essential to ensure that safety-related control systems meet the required reliability standards. Below are example calculations for both performance levels.

Example 1: Calculations for PL e

System description:

• A production machine control system with an emergency stop (E-Stop) function.
• Architecture: category 4, with dual channels and monitoring.
• The required level is PL e.

Calculation steps:

1. Identify the system components:
   • Two E-Stop buttons (dual channel).
   • Two safety relays.
   • A PLC with safety functions.
2. Mean time to dangerous failure (MTTF_d):
   • Each E-Stop button has MTTF_d = 100 years.
   • Each safety relay has MTTF_d = 50 years.
   • The PLC has MTTF_d = 30 years.
3. Diagnostic coverage (DC):
   • For category 4, diagnostic coverage is 99% (0.99).
4. Common cause failure factor (CCF):
   • The CCF value for category 4 is at least 65%.
5. Calculate the MTTF_d of the entire system:
   • E-Stop buttons (dual channel): 1 / (1 / 100 + 1 / 100) = 50 years.
   • Safety relays: 1 / (1 / 50 + 1 / 50) = 25 years.
   • PLC: 1 / (1 / 30 + 1 / 30) = 15 years.
6. Calculate the system MTTF_d:
   • Combination of all elements: 1 / (1 / 50 + 1 / 25 + 1 / 15) = 9.68 years.
7. Calculate PFH (Probability of dangerous Failure per Hour):
   • For PL e, PFH must be below 10^-8 per hour.
   • Using the MTTF_d and DC values: PFH = 1 / (MTTF_d * 365 * 24) * (1 – DC) = 1 / (9.68 * 365 * 24) * (1 – 0.99) = 1.18 * 10^-8

Conclusion: The system does not achieve PL e, because the calculated PFH does not fall within the required value for PL e.

Example 2: Calculations for PL c

System description:

• A machine control system with a safety guard monitoring function.
• Architecture: category 2, with periodic monitoring.
• The required level is PL c.

Calculation steps:

1. Identify the system components:
   • A safety guard with a position sensor.
   • A safety relay.
   • A PLC with safety functions.
2. Mean time to dangerous failure (MTTF_d):
   • Safety guard: MTTF_d = 20 years.
   • Safety relay: MTTF_d = 50 years.
   • PLC: MTTF_d = 30 years.
3. Diagnostic coverage (DC):
   • For category 2, diagnostic coverage is 90% (0.90).
4. Calculate the MTTF_d of the entire system:
   • Safety guard: MTTF_d = 20 years.
   • Safety relay: MTTF_d = 50 years.
   • PLC: MTTF_d = 30 years.
5. Calculate the system MTTF_d:
   • Combination of all elements: 1 / (1 / 20 + 1 / 50 + 1 / 30) = 10.64 years.
6. Calculate PFH (Probability of dangerous Failure per Hour):
   • For PL c, PFH must be below 10^-6 per hour.
   • Using the MTTF_d and DC values: PFH = 1 / (MTTF_d * 365 * 24) * (1 – DC) = 1 / (10.64 * 365 * 24) * (1 – 0.90) = 1.08 * 10^-6

Conclusion: The system does not achieve PL c, because the calculated PFH does not fall within the required value for PL c.

Comparison with EN IEC 62061

The EN 62061 standard, which covers the functional safety of safety-related electrical, electronic and programmable electronic control systems, is often compared with EN ISO 13849-1. Both standards are intended to ensure machine safety, but they differ in approach and scope.

• Scope: EN IEC 62061 focuses primarily on electrical, electronic and programmable systems, while EN ISO 13849-1 covers a broader range of technologies, including mechanical and hydraulic systems.
• Level of detail: EN 62061 is more detailed in its technical requirements for electronic systems, while EN ISO 13849-1 offers a more general approach that can be applied across different technologies.
• Risk assessment: Both standards require a risk analysis, but EN IEC 62061 places greater emphasis on detailed risk assessment and the implementation of control measures in programmable systems.

The role of performence level in industrial automation

Performence level is an essential part of production process automation, where precision and reliability are critical. Implementing the appropriate performence level in machine control systems directly affects both efficiency and operational safety. One example of the use of performence level is in the design of production lines, where each machine must meet specific safety requirements to ensure smooth, fault-free operation of the entire manufacturing process. Production process automation requires not only efficiency, but also compliance with safety standards, which is achieved through a properly defined performence level.

Safety audit and performence level

A safety audit is a process that assesses whether machines comply with safety standard requirements, including performence level. Industrial automation integrators play a key role in carrying out such audits, ensuring that systems meet the highest safety standards. Performence level is assessed on the basis of risk analysis and functional testing, which verify whether control systems operate in line with the design assumptions and applicable standards. A safety audit may also include a review of technical documentation, verification testing, and machine inspection to identify potential hazards.

Machine design in line with performence level requirements

Machine design requires both mechanical and electronic aspects to be taken into account in order to meet performence level requirements. Mechanical systems, such as pneumatic and hydraulic systems, must be carefully strength-calculated to ensure reliability and safety under different operating conditions. Electronic systems, in turn, must provide reliability and functional safety, which is particularly important in control systems. Performence level defines the minimum requirements that control systems must meet to minimize the risk of failure. As part of the design process, the design office also takes into account the requirements of harmonized standards such as EN ISO 13849-1 and EN 62061, which specify requirements for both types of systems and ensure a comprehensive approach to machine safety.

CE certification of machinery and performence level

The EN ISO 13849-1 standard sets out requirements for CE certification of machinery, focusing on safety aspects related to performence level. CE certification is necessary for machinery to be legally placed on the market within the European Union. The EN 62061 standard, which also addresses functional safety, introduces additional requirements for electronic and programmable systems, increasing the complexity of the certification process. Both standards are harmonized with the Machinery Directive 2006/42/EC, which means that meeting their requirements is equivalent to ensuring compliance with European safety regulations.

Performence level and adapting machines to minimum requirements

Adapting machines to minimum requirements in line with performence level calls for detailed procedures and regular audits. Practical examples show how these procedures are applied across different industries to ensure safety and regulatory compliance. Performence level is a key element in machine modernization, where existing equipment is adapted to new safety standards. This process includes, among other things, risk analysis according to EN ISO 12100, adapting existing control systems, and carrying out tests and verification to ensure that machines meet current safety requirements. Adapting machines to minimum requirements in accordance with performence level is essential to ensure their safe and efficient operation.

Importance for Industry 4.0

The EN ISO 13849-1 standard is of key importance in the context of Industry 4.0, which is characterized by a high degree of automation and system integration. In Industry 4.0, control systems must be not only reliable, but also flexible and scalable in order to meet rapidly changing production requirements. The performence level defined in EN ISO 13849-1 ensures that control systems are designed to the highest safety standards, which is essential in complex and automated production environments.

Performence Level: Summary

The EN ISO 13849-1 standard is a key document for ensuring the safety of machinery and control systems. By complying with it, companies can be confident that their control systems meet the latest safety requirements, minimizing the risk of failures and accidents. Performence level is the central element of this standard, defining requirements for the reliability and functionality of control systems. Compliance with EN ISO 13849-1 is essential for obtaining the CE mark and ensuring that machinery placed on the European market is safe for users and the working environment.