Machine safety is governed by two standards: EN/ISO 13849-1 and EN/IEC 62061. Both standards are harmonized to the EU Machinery Directive 2006/42/EC, which defines the Essential Health and Safety Requirements (EHSR) for machinery. Although their methods for performing risk assessment are different, both standards — EN ISO 13849-1 and EN 62061 — when correctly applied, achieve the same result.
The EU Machinery Directive requires that machine manufacturers eliminate or minimize hazards as much as reasonable, apply necessary protective measures against hazards that cannot be eliminated, and inform users of the risks that remain and requirements for training or personal protective equipment. Although this directive is specific to the European Union (EU), it is recognized and followed in other regions around the world, to better facilitate equipment shipments outside the EU.
The EN/ISO 13849-1 machine safety standard uses a qualitative risk graph, or flow chart, to assign a performance level (PL), based on three criteria:
- severity of injury
- frequency and/or exposure time to the hazard
- possibility of avoiding the hazard or limiting the harm
The performance level (PL) is designated by an alphabetic character, a thru e, with PLe being the highest risk level.
Once the performance level has been determined, the architecture that facilitates the defined performance level is classified into one of six categories (“B” and 1 thru 5, with B being the least safe and 5 being the most safe). The architecture category is determined by combining the performance level (PL) with quantitative measures of diagnostic coverage (DC) and mean time to dangerous failure (MTTFd).
The EN/IEC 62061 machine safety standard (often written as just EN 62061) assigns a safety integrity level (SIL) to each function based on the severity of the potential harm (Se) and the probability of the harm occurring.
The severity of potential harm is given a score from 1 to 4, with 4 being the most severe. The probability of harm occurring is broken down into three parameters:
- frequency and duration of exposure (Fr)
- probability of an event occurring (Pr)
- probability of avoiding or limiting the harm (Av)
Each of these parameters is scored from 1 to 5, with 5 being the “worst,” or least safe situation, and their scores are summed to determine a class (Cl). The SIL rating is then chosen from a matrix that plots the severity scores (Se) and classes (Cl).
Once the safety integrity level (SIL) has been assigned, the system is broken into subsystems, whose architectures are classified as A, B, C, or D, with D being the “highest,” or safest. Each architecture is associated with a formula to determine the probability of dangerous failure per hour (PFHd) of the subsystem.
Note that performance level (PL) ratings under EN/ISO 13849-1 are also correlated with probability of dangerous failures per hour (PFHd) values, so direct comparisons can be made between EN/ISO 13849-1 performance levels and EN 62061 safety integrity levels.
There is no strict guideline regarding the use of machine safety standards for particular applications, but the choice may be influenced by:
- Prior experience with one standard or risk assessment methodology
- The use of safety-related controls that are not based on electrical, electronic, or programmable electronic systems (use EN/ISO 13849-1)
- A requirement to use SIL ratings to demonstrate safety integrity (use IEC 62061)
- Use of equipment in process industries where other safety-related systems are characterized in terms of SIL (use IEC 62061)