Copyright © 2016 Rockwell Automation, Inc. All rights reserved.

1

Machine Safety

Symposium

Software Tools

Copyright © 2016 Rockwell Automation, Inc. All rights reserved.

EN954 ISO 13849-1Implications of Changing Standards…

• Move towards global safety standards

–EN-954 (Safety Categories) officially withdrawn on January 1, 2012

–EN ISO 13849-1 (Performance Levels) in effect since then

• ISO 13849-1 Specifies circuit performance in terms of

performance levels (PL)–Structure…. Category

–Reliability…. MTTFd

–Monitoring… DC avg

• Risk Assessment criteria are defined and mapped to Required

performance Levels (PLr)–Based on severity, frequency & avoidance

•Risk Assessments evaluate the potential hazards in order to

determine the required performance level.

Two Sides of Functional Safety

Risk Assessment Model & Confirm PLr

Determines (PLr) Confirms PLr Achieved

Sistema Supports Both Sides of Analysis& Provides Critical Documentation

Risk Assessment…A Foundation of Good Engineering Practice

4

Machine Characteristics/Limits

Hazard Identification

Risk Estimation

Risk Reduction

Risk Evaluation

OKToo

High

Risk

Tolerable

Next

Hazard

Risk Analysis

Risk Evaluation/Reduction

-Repeatable-Team Based-Task Hazard Oriented-Analyzes

Severity, Frequency, Avoidance-Determines Appropriate PLr

-Mitigation Hierarchy-Solution Based OnStructure, Reliability,

& Monitoring-Confirms PLr is Achieved

Risk Estimation

5

ISO 13849 Risk Estimation… Severity

6

ISO 13849 Risk Estimation… Frequency

7

ISO 13849 Risk Estimation… Avoidance

8

PLr

Hierarchy of Risk Reduction Measures

9

10

Achieving PLr

• System Structure…. Category

• Component Reliability….MTTFd

• Monitoring Capability…. Diagnostic Coverage

• Common Cause Failure Analysis… CCF

11

Achieving PLr With ISO13849 Flexibility

• System Structure…. Category

• Component Reliability….MTTFd

• Monitoring Capability…. Diagnostic Coverage

• Common Cause Failure Analysis… CCF

Functional Safety Roadmap

1. Determine the Required Performance Level

Perform Risk Assessment considering all hazards

2. Decide on the Architecture/Category

Cat B, 1, 2, 3, 4

3. Collect Data

From vendor documentation or libraries

4. Do the PL Calculation

Manually or leverage software tools

13

Types of Categories (Structure)

13

CAT B/1 CAT 2

CAT 3 CAT 4 (higher diagnostic coverage that CAT 3)

13849

Functional Safety Roadmap

1. Determine the Required Performance Level

Perform Risk Assessment considering all hazards

2. Decide on the Architecture/Category… Cat B, 1, 2, 3, 4

3. Collect Data… MTTFd… From vendor documentation or libraries

4. Diagnostic Coverage and PL Verification

MTTFd Mean Time to Dangerous Failure

Low 0 -10 Years

Medium 10-30 Years

High 30-100 Years

DC Diagnostic Coverage = Detected Dangerous Failures / All Dangerous Failures

None DC < 60%

Low 60 < DC < 90%

Medium 90 < DC < 99%

High DC >99%

Utilize SISTEMA Software… www.machinesafetysolutions.com

15

a

b

c

d

ePer

form

ance

Lev

el

Designated

Architecture

Designated

Architecture

Designated

Architecture

Designated

Architecture

Designated

Architecture

Designated

Architecture

Designated

Architecture

Cat B Cat 1 Cat 2 Cat 2 Cat 3 Cat3 Cat 4

DC avg DC avg DC avg DC avg DC avg DC avg DC avg

<60% <60%

60% to <

90%

90% to <

99%

60% to <

90%

90% to <

99% 99%

Performance Level PLr

Structure (Category)

Diagnostic Coverage (DC)

Reliability (MTTF)

Balancing Structure (Cat), Reliability (MTTFd) and Diagnostic Coverage (Dcavg)

Copyright © 2016 Rockwell Automation, Inc. All rights reserved.

16

Introduction to

SISTEMA & Safety

Automation Builder

Copyright © 2011

Rockwell Automation, Inc.

17 17

Leverage SISTEMA for Real Time Validation

• SISTEMA – Safety Integrity Software Tool for the Evaluation

of Machine Applications

– SISTEMA provides a comprehensive method for evaluating ISO

13849-1 compliant Safety Control Circuits

– The tool enables you to model the structure of the safety-related control

components based upon the designated architectures.

– The tool offers automated calculation of a safety function’s attained PL

by using product data provided by safety product manufacturer.

– SISTEMA is a free software tool designed by Germany’s IFA (Institute

for Occupational Safety & Health).

SISTEMA simplifies the PL calculation of a safety function

Discover.RockwellAutomation.com

18

SISTEMA TerminologyRelationship of 7 Hierarchical Levels in Sistema

INPUT LOGIC OUTPUT

- Project: Refers to machine or summary of safety functions

- Safety Function: Safety oriented response to an triggering event

-Subsystem: Group of Blocks within a defined structureInput - Logic - Output

-Channel: Connection of Blocks in series

-Test Channel: Confirms safety function channel is executing properly

-Block: Component in the function or test channel

-Element: Component reliability measure expressed as B10d value by vendor.Number of cycles until 10% of sample fail dangerously

“Safe operating stop

when a guard door

is opened”

Channel 1

Channel 2

Logic

Device

Safety Output

Contactor 1

Safety Output

Contactor 1

Switch channel 1

Switch channel 2

contactslinkage

contactslinkage

Sistema Project View

20

SISTEMA RA Library View

Product Data

Library

Selection

Rockwell

Automation

Product Library

SISTEMA User Interface – Library View

Attribute Tabs

21

Sistema Report View

Copyright © 2009 Rockwell Automation, Inc. All rights reserved.

Review the SISTEMA project

information to ensure that the

components, structure and design

meet the required Performance Level

SISTEMA Data created & exported

23

SISTEMA… TUV Recommended

SISTEMA is the ONLY software tool recommended by TÜV!

– From TÜV Webinar in March 2009:

- Frank West

Senior Product Safety Service Engineer,

TÜV SUD

“We recommend [SISTEMA]. The important thing

to us as a third party assessor is that [SISTEMA] is

from a German governmental agency, so it’s not

attached to any particular vendor of components…

its neutrality is more reliable.

24

Free Software Download

‘Safety Solutions’

To Access the

Safety Portal

www.machinesafetysolutions.com

Safety Automation Builder

No-charge Software tool to help design a Machine Safety System

Name, description, etc. here

Create a Project

Choose or Import Graphics

Machine Images

Answer Risk Assessment Question

Answer Safety Function Question

Answer Required PL Question

Select the default PL for the system

Risk Assessment Questions

Click the zone shape and drag it onto the image

Re-size & rotate

as needed

Define Functional / Safety Zones

Click the hazard tab to create a hazard

Click the type of hazard then select

& drag the icon onto the image then

re-size as needed

Define Functional / Safety Zones

Input selection box for choose a

product type

Click on the configure box to start

Raise

Select & Configure Devices

Copyright © Rockwell Automation, Inc. All rights reserved.32

Free Software Download

‘Safety Solutions’

To Access the

Safety Portal

www.machinesafetysolutions.com

Introducing…Common Safety Functions Library

• Examples for “safety relay” and “safety PLC” systems

• Breadth of examples including

• E-stop

• Light Curtains (Muting & Non-muting)

• Two hand control

• Enabling Switch

• Guard-locking switches

• Door interlocks

• Thorough documentation, wiring, programming, analysis, and more

Introducing…Common Safety Functions Library

Machine Safety Symposium

http://www.machinesafetysolutions.com

35