ISO 13849–1 Analysis — Part 1: Start with Risk Assessment

This entry is part 1 of 9 in the series How to do a 13849–1 analy­sis

I often get ques­tions from clients about how to get start­ed on Func­tion­al Safe­ty using ISO 13849. This arti­cle is the first in a series that will walk you through the basics of using ISO 13849. Keep in mind that you will need to hold a copy of the 3rd edi­tion of ISO 13849–1 [1] and the 2nd edi­tion of ISO 13849–2 [2] to use as you go along. There are oth­er stan­dards which you may also find use­ful, and I have includ­ed them in the Ref­er­ence sec­tion at the end of the arti­cle. Each post has a Ref­er­ence List. I will pub­lish a com­plete ref­er­ence list for the series with the last post.

Where to start?

So you have just learned that you need to do an ISO 13849 func­tion­al safe­ty analy­sis. You have the two parts of the stan­dard, and you have skimmed them, but you are feel­ing a bit over­whelmed and unsure of where to start. By the end of this arti­cle, you should be feel­ing more con­fi­dent about how to get this job done.

Step 1 — Risk Assessment

For the pur­pose of this arti­cle, I am going to assume that you have a risk assess­ment for the machin­ery, and you have a copy for ref­er­ence. If you do not have a risk assess­ment, stop here and get that done. There are sev­er­al good ref­er­ences for that, includ­ing ISO 12100 [3], CSA Z432 [4], and ANSI B11.TR3 [5]. You can also have a look at my series on Risk Assess­ment.

The risk assess­ment should iden­ti­fy which risks require mit­i­ga­tion using the con­trol sys­tem, e.g., use of an inter­locked gate, a light cur­tain, a two-hand con­trol, an enabling device, etc. See the MS101 glos­sary for detailed def­i­n­i­tions. Each of these becomes a safe­ty func­tion. Each safe­ty func­tion requires a safe­ty require­ments spec­i­fi­ca­tion (SRS), which I will describe in more detail a bit lat­er.

Safety Functions

The 3rd edi­tion of ISO 13849 [1] pro­vides two tables that give some exam­ples of safe­ty func­tion char­ac­ter­is­tics [1, Table 8] and para­me­ters [1, Table 9] and also pro­vides ref­er­ences to cor­re­spond­ing stan­dards that will help you to define the nec­es­sary para­me­ters. These tables should not be con­sid­ered to be exhaus­tive — there is no way to list every pos­si­ble safe­ty func­tion in a table like this. The tables will give you some good ideas about what you are look­ing for in machine con­trol func­tions that will make them safe­ty func­tions.

While you are iden­ti­fy­ing risk reduc­tion mea­sures that will use the con­trol sys­tem for mit­i­ga­tion, don’t for­get that com­ple­men­tary pro­tec­tive mea­sures like emer­gency stop, enabling devices, etc. all need to be includ­ed. Some of these func­tions may have min­i­mum require­ments set by Type B2 stan­dards, like ISO 13850 [6] for emer­gency stop which sets the min­i­mum per­for­mance lev­el for this func­tion at PLc.

Selecting the Required Performance Level

ISO 13849–1:2015 pro­vides a graph­i­cal means for select­ing the min­i­mum Per­for­mance Lev­el (PL) required for the safe­ty func­tion based on the risk assess­ment. A word of cau­tion here: you may feel like you are re-assess­ing the risk using this tool because it does use risk para­me­ters (sever­i­ty, frequency/duration of expo­sure and pos­si­bil­i­ty to avoid/limit harm) to deter­mine the PL. Risk assess­ment This tool is not a risk assess­ment tool, and using it that way is a fun­da­men­tal mis­take. Its out­put is in terms of per­for­mance lev­el, which is fail­ure rate per hour of oper­a­tion. For exam­ple, it is entire­ly incor­rect to say, “This machine has a risk lev­el of PLc” since we define PLs in terms of prob­a­ble fail­ure rate per hour.

ISO 13849-1 graphical selection tool for determining PLr requirement for a safety function
Graph­i­cal Per­for­mance Lev­el Selec­tion Tool [1]
Once you have assigned a required Per­for­mance Lev­el (PLr) to each safe­ty func­tion, you can move on to the next step: Devel­op­ing the Safe­ty Require­ments Spec­i­fi­ca­tion.

Book List

Here are some books that I think you may find help­ful on this jour­ney:

[0]     B. Main, Risk Assess­ment: Basics and Bench­marks, 1st ed. Ann Arbor, MI USA: DSE, 2004.

[0.1]  D. Smith and K. Simp­son, Safe­ty crit­i­cal sys­tems hand­book. Ams­ter­dam: Else­vier/But­ter­worth-Heine­mann, 2011.

[0.2]  Elec­tro­mag­net­ic Com­pat­i­bil­i­ty for Func­tion­al Safe­ty, 1st ed. Steve­nage, UK: The Insti­tu­tion of Engi­neer­ing and Tech­nol­o­gy, 2008.

[0.3]  Overview of tech­niques and mea­sures relat­ed to EMC for Func­tion­al Safe­ty, 1st ed. Steve­nage, UK: Overview of tech­niques and mea­sures relat­ed to EMC for Func­tion­al Safe­ty, 2013.


[1]     Safe­ty of machin­ery — Safe­ty-relat­ed parts of con­trol sys­tems — Part 1: Gen­er­al prin­ci­ples for design. 3rd Edi­tion. ISO Stan­dard 13849–1. 2015.

[2]     Safe­ty of machin­ery — Safe­ty-relat­ed parts of con­trol sys­tems — Part 2: Val­i­da­tion. 2nd Edi­tion. ISO Stan­dard 13849–2. 2012.

[3]      Safe­ty of machin­ery — Gen­er­al prin­ci­ples for design — Risk assess­ment and risk reduc­tion. ISO Stan­dard 12100. 2010.

[4]     Safe­guard­ing of Machin­ery. CSA Stan­dard Z432. 2004.

[5]     Risk Assess­ment and Risk Reduc­tion- A Guide­line to Esti­mate, Eval­u­ate and Reduce Risks Asso­ci­at­ed with Machine Tools. ANSI Tech­ni­cal Report B11.TR3. 2000.

[6]    Safe­ty of machin­ery — Emer­gency stop func­tion — Prin­ci­ples for design. ISO Stan­dard 13850. 2015.

Series Nav­i­ga­tionISO 13849–1 Analy­sis — Part 2: Safe­ty Require­ment Spec­i­fi­ca­tion”>ISO 13849–1 Analy­sis — Part 2: Safe­ty Require­ment Spec­i­fi­ca­tion

Author: Doug Nix

Doug Nix is Managing Director and Principal Consultant at Compliance InSight Consulting, Inc. ( in Kitchener, Ontario, and is Lead Author and Senior Editor of the Machinery Safety 101 blog. Doug's work includes teaching machinery risk assessment techniques privately and through Conestoga College Institute of Technology and Advanced Learning in Kitchener, Ontario, as well as providing technical services and training programs to clients related to risk assessment, industrial machinery safety, safety-related control system integration and reliability, laser safety and regulatory conformity. For more see Doug's LinkedIn profile.