2.4 Safety-related parts of control systems

Parts of machine controls that perform safety tasks are referred to by those who set standards as "safety-related parts of control systems." These parts may consist of hardware or software and may be separate or integrated parts of the machine control. Safety-related parts of controls include the entire chain of action of a given safety function consisting of sensor, control and actuator. They can be constructed with different levels of complexity and may consist, e.g., of a safety switch and safety relay or may be realized as a safety-related PLC of an entire system.

The general objective is to design these control components so that the safety of the control function and the behavior of the control in the case of failure corresponds to the level of risk reduction determined in the risk assessment. Certain control-related measures for fault prevention may be suitable for, e.g., applications with a low level of risk, but may not be adequate for applications with a higher risk. For these applications, for example, additional measures for fault tolerance or fault detection would then be required.

The higher the risk reduction to be provided by the safety-related control component, the higher the required safety level or the safety-related performance level of the control component. The standards listed below use different classification systems and definitions for these safety levels.

Performance level
(EN ISO 13849-1)
Average probability of a failure to danger [1/h]
EN IEC 62061
a   10-5 ≤ PFHd < 10-4 --
b 3 10-6 ≤ PFHd < 10-5 SIL 1
c   10-6 ≤ PFHd < 3 10-6 SIL 1
d   10-7 ≤ PFHd < 10-6 SIL 2
e   10-8 ≤ PFHd < 10-7 SIL 3

