Start Requirement: PLr (steps 1 to 3)

Is there a type C standard for this machine?

If yes, use it as a template.

Determination of the limits of the machinery Design of the control system (steps 4 to 9)
Risk assessment (ISO 12100)

PL
Hazard identification
Risk analysis

Risk estimation PL ≥ PLr

No

Risk evaluation Yes

Yes Next safety function

Is the machinery safe? End
No
Risk reduction measures
Avoidance by:
1. inherently safe design
2. safeguarding
3. information for use

Risk reduction measures

Avoidance by:
1. inherently safe design
2. safeguarding
3. information for use
Risk reduction

No Does the
measure depend on a
control system?
ISO 13849

Yes

Safety function (SRP/CS)

according to ISO 13849
V

Residual risks (new hazards)?

Assessment according to ISO 12100
t

Risk low

PLr Severity of injury (S)

P1 S1 Slight (normally reversible injury)
a
F1 S2 Serious (normally irreversible injury or death)
P2
b
S1
P1
b
F2
Frequency and/or exposure to hazard (F)
P2
c F1 Seldom to less often and/or exposure
time is short
P1 F2 Frequent to continuous and/or exposure time is long
c
F1
P2
S2 d

P1
d Possibility of avoiding hazard or limiting harm (P)
F2
P1 Possible under specific conditions
P2
e P2 Scarcely possible

Risk high

Category B Category 1 Category 2 Category 3 Category 4 Laser scanner Dangerous The right parameters for different technologies
Which components are relevant 1A Sensors Logic Actuators
3 years S1 movement
for the safety function? F1 Failure rate
MTTFd low Failure rate Hydraulic Pneumatic Hydraulic Electronic
10 years Start of the undetected
Which hazards (dangerous of the detected components components subsystems subsystems
dangerous failures
MTTFd medium movements) do exist? 1S3 dangerous failures
I L O I L O I L O I1 L1 O1 I1 L1 O1
30 years Cylinder! 1V5
MTTFd high a b 1V3 1V4 Channel 1
100 years TE OTE I2 L2 O2 I2 L2 O2 Which components prevent it? Fa
K1 ilur Fd
(Stop the movements)? K1 K1 e rate /MTT
Inputs K1 of the total dangerous failures 1
Valves! F1 K1
1S3 1V4 1V3
What controls these components? Safety PLC e. g., laser Safety
Performance Level a Safety PLC! 1V5 Channel 2
scanner PLC
PFHd: ≥ 10–5 to < 10–4 [h–1]
Outputs (PL, PFHd) (PL, PFHd) Supplier: Supplier: Supplier: Supplier:
What triggers this function? K1
Performance Level b Sensor! • MTTFd (B 10) • B 10 • PLr category (certified product)
PFHd: ≥ 3 * 10–6 to < 10–5 [h–1] 1V2 1Z2 • (Valve: MTTFd) • PL (PFH d)
What tests this function, Diagnostic • Category
Performance Level c 1V5a
how, and how often? element
PFHd: ≥ 10–6 to < 3 * 10–6 [h–1] 1S3
Position monitoring! 1V5b Machine manufacturer (OEM): Machine manufacturer (OEM): Machine manufacturer (OEM): Machine manufacturer (OEM):
Performance Level d 1V1 1S1 1S2 1Z1 • Category • Category • DC • PL of the system (by
1V3
PFHd: ≥ 10–7 to < 10–6 [h–1] What supports this function SRP/CSa SRP/CSb SRP/CSc • DC • DC • CCF addition of the PFHd
(safety principles)?
M • CCF • CCF • PL of the system values)
Performance Level e Environmental conditions: 1M 1P
3~ • PL of the system • PL of the system
PFHd: ≥ 10–8 to < 10–7 [h–1] Temperature, level, pressure, filter!