I recently read that the European Commission has decided to delay the mandatory implementation of EN ISO 13849 – 1 2008 and EN 62061. The 2006 edition of ISO 13849 – 1 moves the bar considerably higher for machine builders, requiring much more extensive analysis of control reliability requirements as part of the design cycle. EN 62061 provides a machinery specific implementation of IEC 61508 for systems including programmable equipment in the safety related parts of the control system. The original mandatory implementation date for these standards was 31-Dec-2009. This has now been pushed out to 31-Dec-2012 according to machinebuilding.net.
[More on the implementation of EN 62061]
When EN 954 – 1 was introduced in 1996, it set out a whole new criteria for the evaluation of safety system control reliability in machinery. This standard introduced the idea of the familiar Reliability Categories, B, 1 – 4. This standard ended the days where a single channel circuit with any convenient sensing device could be considered to be acceptable for safety applications in most industrial applications.
The next few years were challenging ones for machine builders and designers as they learned to implement these requirements in their products. The control components manufacturers introduced broad arrays of control components, like guard monitoring relays, emergency stop relays and enabling-device relays to assist designers by providing building block components to simplify designs and reduce costs.
The first edition of ISO 13849 – 1 was published in 1999. The new ISO standard was essentially a straight adoption of EN 954 – 1, bringing the document into the ISO development model. Stakeholders were aware that changes to the document were needed, and that additional clarity was required to assist designers in correctly implementing the standard. Additional tools were envisioned to help users better apply reliable control design principles in their products.
In 2006, the second edition of ISO 13849 – 1 was published, and in May 2007 notified in the Official Journal of the European Union, see OJ 2007/C 104/01. The mandatory implementation date was set to 31-Dec-2009, and the two-year transition period began. During this period either the 1999 edition or the 2007 edition could be applied and compliance with the relevant portions of the EU Machinery Directive could be claimed.
It took a bit longer for control reliability to creep into the North American designer’s consciousness. Manufacturers who were marketing product in the EU became aware of EN 954 – 1 as they worked on compliance with the CE Marking directives that applied to their products. In the USA, ANSI RIA R15.06 introduced control reliability requirements in the 1999 edition, and soon after CSA published CSA Z434 which closely followed RIA’s standard with some small but significant changes. These standards introduced the SIMPLE, SINGLE-CHANNEL, MONITORED SINGLE-CHANNEL and CONTROL RELIABLE definitions into robot system designers thinking.
These concepts were later included in CSA Z432, Safeguarding of Machinery, and are being incorporated into the ANSI B11 family of machinery safety standards. ANSI’s soon-to-be-published B11-GSR, General Safety Requirements, standard will further embed these concepts into US machinery safety standards.
Recent amendment of ANSI RIA 15.06 by ANSI RIA ISO 10218 – 1 brings ISO 13849 – 1 into the North American market by association, since the ISO robotic standard directly references the ISO control reliability standards. How long it will take for Canada to follow suit is unknown at this time, but CSA Z434 is just starting review and may be harmonized with the US, the EU and the International standards.
Need to know more about the US amendment of R15.06 by 10218 – 1? See Jeff Fryman’s report on the RIA web site.
According to MachineBuilding.net, “…many manufacturers are not yet ready to apply the replacement standard EN ISO 13849 – 1.” Sources in the UK have long been concerned that many small and medium enterprises were having difficulty applying EN 954 – 1, without increasing the burden by adding significantly more analysis to the design task. Consultations between the EC Machinery working group and the European Commission led to the decision to postpone the date.
What are the implications of this delay?
First, I think that many machine builders will heave a sigh of relief, having gained a bit more than three years grace on the deadline. This will give them more time to work on their designs and to complete third-party evaluations used to support their Declaration of Conformity. This will also allow those who are inclined to “slide” three more years to delay doing anything.
On the other hand, the controls manufacturers spent at least the last two years gearing up their products to meet designers requirements under the new standard. One of the significant requirements is the provision of failure rate data for components from interlock switches to relays and light curtains to emergency stop buttons. Significant testing is required to be able to provide MTTFd or B10d numbers usable in the design analysis.
For companies that provide training in this area, more time is now available to get clients trained, but some of the urgency has been removed, potentially extending the return on investment in development of courses on this standard.
Ultimately, the losers are the users of the equipment. This standard provides an opportunity to significantly improve the reliability of the safety systems on industrial machines. The extension only delays this needed improvement by three years, and by an untold number of otherwise preventable injuries. While I understand the pressures that the old deadline put on manufacturers, it is my experience that this kind of pressure is frequently necessary to drive the changes that society demands. While these changes directly affect those marketing in the EU today, the changes to the North American standards mean that this important standard will soon be a part of North American designer’s thinking as well. It will be interesting to see what other effects this change has over the next three years.
Many thanks to Glyn Garside for sending me a few corrections to the original post! Mr. Garside is a regular reader and contributor to the EMC-PSTC list server maintained by the IEEE Product Safety Engineering Society.