Why Conventional EMC Testing is Insufficient for Functional Safety

At the recent PSES Sym­po­sium, I attend­ed a cou­ple of inter­est­ing work­shops on EMC and Func­tion­al Safe­ty. One was called “Work­shop on EMC & Func­tion­al Safe­ty” pre­sent­ed by Kei­th Arm­strong, Bill Radasky and Jacques Dela­balle. The oth­er was a paper pre­sen­ta­tion called “Why Con­ven­tion­al EMC Test­ing is Insuf­fi­cient for Func­tion­al Safe­ty” pre­sent­ed by Kei­th Arm­strong.

For read­ers who are new to the idea of Func­tion­al Safe­ty, this field deals

At the recent PSES Sym­po­sium, I attend­ed a cou­ple of inter­est­ing work­shops on EMC and Func­tion­al Safe­ty. One was called “Work­shop on EMC & Func­tion­al Safe­ty” pre­sent­ed by Kei­th Arm­strong, Bill Radasky and Jacques Dela­balle. The oth­er was a paper pre­sen­ta­tion called “Why Con­ven­tion­al EMC Test­ing is Insuf­fi­cient for Func­tion­al Safe­ty” pre­sent­ed by Kei­th Arm­strong.

For read­ers who are new to the idea of Func­tion­al Safe­ty, this field deals with the abil­i­ty of a prod­uct or sys­tem to func­tion in it’s intend­ed use envi­ron­ment, or in any fore­see­able use envi­ron­ments, while reli­ably pro­vid­ing the pro­tec­tion required by the users. Here’s the for­mal def­i­n­i­tion tak­en from IEC 61508–4:1998:

func­tion­al safe­ty
part of the over­all safe­ty relat­ing to the EUC and the EUC con­trol sys­tem which depends on the cor­rect func­tion­ing of the E/E/PE safe­ty-relat­ed sys­tems, oth­er tech­nol­o­gy safe­ty-relat­ed sys­tems and exter­nal risk reduc­tion facil­i­ties

equip­ment under con­trol (EUC)
equip­ment, machin­ery, appa­ra­tus or plant used for man­u­fac­tur­ing, process, trans­porta­tion, med­ical or oth­er activ­i­ties

NOTE — The EUC con­trol sys­tem is sep­a­rate and dis­tinct from the EUC.

Table 1: (E/E/PE) elec­tri­cal / elec­tron­ic / pro­gram­ma­ble elec­tron­ic

Reli­a­bil­i­ty require­ments are found in two key stan­dards, ISO 13849 and IEC 61508. These two stan­dards over­lap to some degree, and do not define reli­a­bil­i­ty cat­e­gories in the same way, which fre­quent­ly leads to con­fu­sion. In addi­tion there is a Machin­ery Sec­tor Spe­cif­ic stan­dard based on IEC 61508, called IEC 62061, Safe­ty of machin­ery – Func­tion­al safe­ty of safe­ty-relat­ed elec­tri­cal, elec­tron­ic and pro­gram­ma­ble elec­tron­ic con­trol sys­tems. These three stan­dards make ref­er­ence to EM effects on sys­tems but do not pro­vide guid­ance on how to assess these phe­nom­e­na. This is where IEC TS 61000–1-2 comes into play.

All three experts are mem­bers of IEC TC 77 and are direct­ly engaged in writ­ing the sec­ond edi­tion of IEC TS 61000–1-2 (more info on this at the bot­tom of this post). This IEC Tech­ni­cal Spec­i­fi­ca­tion deals with elec­tro­mag­net­ic (EM) effects on equip­ment that result in func­tion­al safe­ty prob­lems, like fail­ures in guard­ing cir­cuits, or fail­ures in some of the new pro­gram­ma­ble safe­ty sys­tems. This is becom­ing an increas­ing­ly impor­tant issue as pro­gram­ma­ble con­trols migrate into the tra­di­tion­al­ly hard­wired safe­ty world. In fact, Kei­th point­ed out that EM effects are present even in many of our “tried and true” cir­cuits, but the fail­ures have been incor­rect­ly attrib­uted to oth­er phe­nom­e­na because most elec­tri­cal engi­neers have not been used to think­ing about these phe­nom­e­na, espe­cial­ly in 24Vdc relay-based con­trol cir­cuits.

In the work­shop, the pre­sen­ters dis­cussed a typ­i­cal prod­uct life cycle, then went on to explore the typ­i­cal envi­ron­ments that a prod­uct may be exposed to, includ­ing the EM and phys­i­cal envi­ron­ments. They went on to dis­cuss the need for an EMC-relat­ed Risk Assess­ment and then fin­ished up by look­ing at Elec­tro­mag­net­ic Safe­ty Plan­ning. The whole work­shop took the entire sec­ond day of the Sym­po­sium.

A key point in the work­shop is that con­ven­tion­al EMC test­ing can­not prac­ti­cal­ly prove that sys­tems are safe. This is due to the struc­ture of the EMC tests that are nor­mal­ly under­tak­en, includ­ing the use of fixed mod­u­la­tion fre­quen­cies dur­ing immu­ni­ty test­ing, fail­ure to assess inter­mod­u­la­tion effects and many oth­er issues. In addi­tion, EMC test­ing does not and can­not test for aging effects on per­for­mance, wear & tear and oth­er use-relat­ed con­di­tions. The pre­sen­ters dis­cussed a num­ber of ways that these prob­lems could be addressed and ways that test­ing could be extend­ed in selec­tive ways to attack pre­dict­ed vul­ner­a­bil­i­ties. EMC test­ing does not con­sid­er the reli­a­bil­i­ty require­ments of the test­ed prod­uct (i.e. IEC 61508–1 SIL-3 or SIL-4).

On the fol­low­ing morn­ing, Kei­th Arm­strong pre­sent­ed his paper. In this paper, Mr. Arm­strong went into con­sid­er­able detail on the short­com­ings of con­ven­tion­al EMC test­ing when it comes to Func­tion­al Safe­ty. He sug­gest­ed some approach­es that could be used by man­u­fac­tur­ers to address these issues in safe­ty crit­i­cal appli­ca­tions.

The work­shop pre­sen­ta­tions and Mr. Armstong’s paper can be pur­chased through IEEE Xplore for those that did not attend the Sym­po­sium.

The IET has pub­lished a new book, avail­able for free from their web site, enti­tled Elec­tro­mag­net­ic Com­pat­i­bil­i­ty for Func­tion­al Safe­ty. This guide will be reviewed in a future post, so keep read­ing!

Kei­th Arm­strong, Bill Radasky and Jacques Dela­balle are mem­bers of IEC Tech­ni­cal Com­mit­tee 77, writ­ing IEC TS 61000–1-2 Ed 2.0, ELECTROMAGNETIC COMPATIBILITY (EMC) — PART 1–2: GENERALMETHODOLOGY FOR THE ACHIEVEMENT OF THE FUNCTIONAL SAFETY OF ELECTRICAL AND ELECTRONIC EQUIPMENT WITH REGARD TO ELECTROMAGNETIC PHENOMENA. Edi­tion 2 of this stan­dard should be pub­lished by Mar-2009 accord­ing to the IEC.

Kei­th Arm­strong is Prin­ci­pal Con­sul­tant at Cher­ry Clough Con­sul­tants in Broc­ton, UK.

Bill Radasky works with Metat­e­ch Cor­po­ra­tion from his office in Gole­ta, Cal­i­for­nia.

Jacques Dela­balle works for Schnei­der Elec­tric Indus­tries SAS in Greno­ble, France.

2008 IEEE PSES Symposium On Product Compliance Engineering

What a great Sym­po­sium! Dr. June Ander­sen kicked it off with a great keynote, and the rest of the ses­sions were excel­lent!

Last week I was at the 2008 PSES Sym­po­sium in Austin Texas.

This was one of the most suc­cess­ful Sym­posia held by the PSES, with 180 in atten­dance and 15 exhibitors in the hall. Atten­dees came from as far as Argenti­na, the UK and Israel!

Dr. June Ander­sen gave a great keynote address on Mon­day morn­ing, show­ing the group how IBM man­ages world­wide com­pli­ance in more than 180 dif­fer­ent mar­kets. Dr. Andersen’s back­ground is impres­sive, and a bit intim­i­dat­ing. I found her to be a warm, friend­ly and inter­est­ing per­son when we shared break­fast togeth­er before the con­fer­ece opened. Dr. Andersen’s pre­sen­ta­tion will be made avail­able through the PSES web site to mem­bers, so if you would like a copy and you’re not a mem­ber, now is a great time to join!

Kei­th Arm­strong of Cher­ry Clough Con­sul­tants, along with his col­leagues Jacques Dela­balle and Bill Radasky pre­sent­ed an inter­est­ing one-day work­shop on EMC and Func­tion­al Safe­ty, dis­cussing the effects of EMC on the safe­ty relat­ed parts of con­trol sys­tems. On Wednes­day, Kei­th com­plet­ed the series with a short pre­sen­ta­tion on the short­com­ings of con­ven­tion­al EMC test­ing in reveal­ing safe­ty-relat­ed design prob­lems. Def­i­nite­ly a worth­while series! Arm­stron, Dela­balle and Radasky are plan­ning a new work­shop for next-year’s Sym­po­sium in Toron­to that will car­ry on from this year, so if you are inter­est­ed in this area, plan to attend!

There were sev­er­al ses­sions on bat­ter­ies and the on-going work that the bat­tery com­pa­nies and the main bat­tery con­sumers are under­tak­ing to resolve the design and man­u­fac­tur­ing prob­lems that led to the note­book and cell phone fires in the past year. These ses­sions were packed and well reviewed by every­one I spoke with.

There were lots of oth­er pre­sen­ta­tions that I didn’t get a chance to attend — with 40 pre­sen­ta­tions and only one me, it was impos­si­ble to get to every one.

If you missed this year’s Sym­po­sium, start plannng for next year’s in Toron­to — it’s going to be great!

Welcome to the New Machinery Safety 101 Podcast blog!

Wel­come to the new and improved Machin­ery Safe­ty 101!

As 2008 draws to a close, Com­pli­ance InSight Con­sult­ing is enter­ing a new phase in it’s online life. We have been work­ing hard to launch our new web site, and with that our new Machin­ery Safe­ty 101 pod­cast and blog.

Watch this page for new shows and links to the old shows. We will also be post­ing news items and devel­op­ments in the machin­ery safe­ty world that we think you’d like to know about.

We are using Word­Press as our blog engine for a bunch of rea­sons, includ­ing the abil­i­ty for read­ers to com­ment on arti­cles and shows we post here. I hope that you will reg­is­ter and take advan­tage of this new capa­bil­i­ty. It’s also a great way to post ques­tions that we will do our best to answer. You can also sug­gest new show ideas if you want.

Thanks for check­ing out our blog and our pod­cast!

As always, you can sub­scribe to our pod­cast through iTunes.

Our old post­ings can still be found on our Archive Site.