I recently read that the European Commission has decided to delay the manda­tory imple­men­ta­tion of EN ISO 13849–1 2008 and EN 62061. The 2006 edi­tion of ISO 13849–1 moves the bar con­sid­er­ably higher for machine builders, requir­ing much more exten­sive analy­sis of con­trol reli­a­bil­ity require­ments as part of the design cycle. EN 62061 pro­vides a machin­ery spe­cific imple­men­ta­tion of IEC 61508 for  sys­tems includ­ing pro­gram­ma­ble equip­ment in the safety related parts of the con­trol sys­tem. The orig­i­nal manda­tory imple­men­ta­tion date for these stan­dards was 31-​​Dec-​​2009. This has now been pushed out to 31-​​Dec-​​2012 accord­ing to machineb​uild​ing​.net.

[More on the exten­sion of EN 954–1]

[More on the imple­men­ta­tion of EN 62061]

Background

European Union

When EN 954–1 was intro­duced in 1996, it set out a whole new cri­te­ria for the eval­u­a­tion of safety sys­tem con­trol reli­a­bil­ity in machin­ery. This stan­dard intro­duced the idea of the famil­iar Reliability Categories, B, 1–4. This stan­dard ended the days where a sin­gle chan­nel cir­cuit with any con­ve­nient sens­ing device could be con­sid­ered to be accept­able for safety appli­ca­tions in most indus­trial applications.

The next few years were chal­leng­ing ones for machine builders and design­ers as they learned to imple­ment these require­ments in their prod­ucts. The con­trol com­po­nents man­u­fac­tur­ers intro­duced broad arrays of con­trol com­po­nents, like guard mon­i­tor­ing relays, emer­gency stop relays and enabling-​​device relays to assist design­ers by pro­vid­ing build­ing block com­po­nents to sim­plify designs and reduce costs.

The first edi­tion of ISO 13849–1 was pub­lished in 1999. The new ISO stan­dard was essen­tially a straight adop­tion of EN 954–1, bring­ing the doc­u­ment into the ISO devel­op­ment model. Stakeholders were aware that changes to the doc­u­ment were needed, and that addi­tional clar­ity was required to assist design­ers in cor­rectly imple­ment­ing the stan­dard. Additional tools were envi­sioned to help users bet­ter apply reli­able con­trol design prin­ci­ples in their products.

In 2006, the sec­ond edi­tion of ISO 13849–1 was pub­lished, and in May 2007 noti­fied in the Official Journal of the European Union, see OJ 2007/​C 104/​01. The manda­tory imple­men­ta­tion date was set to 31-​​Dec-​​2009, and the two-​​year tran­si­tion period began. During this period either the 1999 edi­tion or the 2007 edi­tion could be applied and com­pli­ance with the rel­e­vant por­tions of the EU Machinery Directive could be claimed.

North America

It took a bit longer for con­trol reli­a­bil­ity to creep into the North American designer’s con­scious­ness. Manufacturers who were mar­ket­ing prod­uct in the EU became aware of EN 954–1 as they worked on com­pli­ance with the CE Marking direc­tives that applied to their prod­ucts. In the USA, ANSI RIA R15.06 intro­duced con­trol reli­a­bil­ity require­ments in the 1999 edi­tion, and soon after CSA pub­lished CSA Z434 which closely fol­lowed RIA’s stan­dard with some small but sig­nif­i­cant changes. These stan­dards intro­duced the SIMPLE, SINGLE-​​CHANNEL, MONITORED SINGLE-​​CHANNEL and CONTROL RELIABLE def­i­n­i­tions into robot sys­tem design­ers thinking.

These con­cepts were later included in CSA Z432, Safeguarding of Machinery, and are being incor­po­rated into the ANSI B11 fam­ily of machin­ery safety stan­dards. ANSI’s soon-​​to-​​be-​​published  B11-​​GSR, General Safety Requirements, stan­dard will fur­ther embed these con­cepts into US machin­ery safety standards.

Recent amend­ment of ANSI RIA 15.06 by ANSI RIA ISO 10218–1 brings ISO 13849–1 into the North American mar­ket by asso­ci­a­tion, since the ISO robotic stan­dard directly ref­er­ences the ISO con­trol reli­a­bil­ity stan­dards. How long it will take for Canada to fol­low suit is unknown at this time, but CSA Z434 is just start­ing review and may be har­mo­nized with the US, the EU and the International standards.

Need to know more about the US amend­ment of R15.06 by 10218–1? See Jeff Fryman’s report on the RIA web site.

Rationale

According to MachineBuilding​.net, “…many man­u­fac­tur­ers are not yet ready to apply the replace­ment stan­dard EN ISO 13849–1.” Sources in the UK have long been con­cerned that many small and medium enter­prises were hav­ing dif­fi­culty apply­ing EN 954–1, with­out increas­ing the bur­den by adding sig­nif­i­cantly more analy­sis to the design task. Consultations between the EC Machinery work­ing group and the European Commission led to the deci­sion to post­pone the date.

Implications

What are the impli­ca­tions of this delay?

First, I think that many machine builders will heave a sigh of relief, hav­ing gained a bit more than three years grace on the dead­line. This will give them more time to work on their designs and to com­plete third-​​party eval­u­a­tions used to sup­port their Declaration of Conformity. This will also allow those who are inclined to “slide” three more years to delay doing anything.

On the other hand, the con­trols man­u­fac­tur­ers spent at least the last two years gear­ing up their prod­ucts to meet design­ers require­ments under the new stan­dard. One of the sig­nif­i­cant require­ments is the pro­vi­sion of fail­ure rate data for com­po­nents from inter­lock switches to relays and light cur­tains to emer­gency stop but­tons. Significant test­ing is required to be able to pro­vide MTTFd or B10d num­bers usable in the design analysis.

For com­pa­nies that pro­vide train­ing in this area, more time is now avail­able to get clients trained, but some of the urgency has been removed, poten­tially extend­ing the return on invest­ment in devel­op­ment of courses on this standard.

Ultimately, the losers are the users of the equip­ment. This stan­dard pro­vides an oppor­tu­nity to sig­nif­i­cantly improve the reli­a­bil­ity of the safety sys­tems on indus­trial machines. The exten­sion only delays this needed improve­ment by three years, and by an untold num­ber of oth­er­wise pre­ventable injuries. While I under­stand the pres­sures that the old dead­line put on man­u­fac­tur­ers, it is my expe­ri­ence that this kind of pres­sure is fre­quently nec­es­sary to drive the changes that soci­ety demands. While these changes directly affect those mar­ket­ing in the EU today, the changes to the North American stan­dards mean that this impor­tant stan­dard will soon be a part of North American designer’s think­ing as well. It will be inter­est­ing to see what other effects this change has over the next three years.

Many thanks to Glyn Garside for send­ing me a few cor­rec­tions to the orig­i­nal post! Mr. Garside is a reg­u­lar reader and con­trib­u­tor to the EMC-​​PSTC list server main­tained by the IEEE Product Safety Engineering Society.

[More infor­ma­tion on the List Server]

[More infor­ma­tion on the Society]

Copyright secured by Digiprove © 2012Some Rights Reserved