IEC 61508 FAQ Frequently Asked Questions

A:

IEC 61508, "Functional safety of electrical/electronic/programmable electronic safety-related systems", is an product-oriented (hardware/software) functional safety standard created by the International Electrotechnical Commission (IEC). The standard is well established in the industrial process control and automation industry, and is finding a foothold in the automotive industry, heavy machinery, mining and other fields where safety and reliability are paramount. The IEC 61508 standard provides a basis for other product-specific or sector-specific safety standards, such as the IEC 61511 standard which is focused on the functional safety requirements of the process industry sector.

Corporations and other organizations in Europe, Asia, North America, Australia and New Zealand have applied the IEC 61508 standard to the development of industrial applications such as safety circuits, turbine controls, hydroelectric power plants, railway signaling systems and large-scale mechanical devices used for manufacturing. Meeting the requirements of IEC 61508 for software development entails a complex, systematic development process, emphasizing requirements traceability, criticality analysis, and validation.

A:

Human safety is the main focus of the IEC 61508 standard. It aims to protect human life through analysis of the functionality of products, machinery, and equipment that can affect human safety. IEC 61508 can also be a valuable tool to help to minimize risk in non-safety related applications, and it can be used to protect critical products, machinery, or equipment from damage.

A:

Functional safety refers to the ability to avoid the risk of physical injury due to incorrect system operation in response to system inputs.

A:

1. It provides a set of requirements and recommendations.

The IEC 61508 standard provides a set of requirements and recommendations to promote functional safety. The IEC 61508 standard is comprised of seven sub-sections containing different requirements and guidelines. They include:

• IEC 61508-1 General requirements
• IEC 61508-2 Requirements for electrical/electronic/programmable electronic safety-related systems
• IEC 61508-3 Software requirements
• IEC 61508-4 Definitions and abbreviations
• IEC 61508-5 Examples of methods for the determination of safety integrity levels
• IEC 61508-6 Guidelines on the application of IEC 61508-2 and IEC 61508-3
• IEC 61508-7 Overview of measures and techniques

The Software requirements section can be applied to safety-related software components, including components included in a safety-related system and components or tools used to develop a safety-related system. This can include operating systems, various application programs, and tools used for development, design or testing. The set of requirements ranges from preparation of user operation procedures and maintenance information, to component modification and validation methods, to failure avoidance and response analysis.

2. It allows for subsystem classification for systems with multiple safety criticality levels.

Complex systems incorporate multiple hardware and software components or subsystems which require differing degrees of safety. The IEC 61508 standard allows for a range of safety criticality levels for independent assessment of subsystems and components. It is possible to classify subsystems and components into the following categories:

• Safety Critical: single fault can result in a dangerous failure
• Safety Relevant: a single fault in combination with a second fault can result in a dangerous failure
• Interference Free: faults can not cause a dangerous failure

Safety Critical components require the most scrutiny and tend to be the most expensive in terms of time, cost, and certification effort. Safety Relevant and Interference Free components require correspondingly less scrutiny and associated cost.

3. It defines a set of Safety Integrity Levels (SIL) to quantify risk reduction.

The IEC 61508 standard defines a set of Safety Integrity Levels (SIL) based on the probability of a dangerous failure over time. The following table outlines these SIL levels. The IEC 61508 SIL3 rating is considered the highest level of risk reduction achievable using a single programmable electronic system.

A:

The IEC 61508 standard incorporates requirements both at both the process and product levels. The standard includes methods for the entire lifecycle of a product: design, development, testing, manufacturing, operation, maintenance, and decommissioning. It also assesses the use of specific safety-related approaches and mechanisms in product operation. Typically, a hardware/software product is certified as a complete system. Individual hardware or software components can also be certified independent of incorporation in a final product embodiment.

A:

The IEC 61508 standard contains both normative and informative elements. Normative elements are used to describe conditions that are necessary to conform to in order to claim compliance with the IEC 61508 standard.

Normative elements use the terms "shall" to describe requirements and "should" or "it is recommended that" to describe recommendations. Informative elements are used to describe conditions that are beneficial for understanding or use, but are not required in order to claim compliance with the IEC 61508 standard. Informative elements do not use the term "shall" because they do not describe requirements.

A:

Certification is done through internationally accredited IEC 61508 certification agencies, such as TÜV Industrial Services with specially trained certification services in Europe, North America and Asia. A certificate from TÜV is considered authoritative evidence of compliance to the IEC 61508 standard.

A:

The use of IEC 61508 COTS certified components allows you to minimize safety certification cost through the reuse of certified components and meet safety provisions in less time.