Iec 61069 7 2016

To o tain total eviden e would req ire complete evaluation or example u der al influen in factors of al s stem pro erties relevant to the sp cific mis ion or clas of mis ion.. 4 Ba is o

properties for the purpose of sy stem assessment –

Part 7: Assessment of sy stem safety

des propriétés d'un sy stème en vue de son évaluation –

Partie 7: Évaluation de la sécurité d'un sy stème

THIS PUBLICATION IS COPYRIGHT PROT CTED

Copyright © 2 16 IEC, Ge e a, Switzerla d

Al rig ts reserv d Unles oth rwise sp cifie , n p rt of this p blc tio ma b re ro u e or uti ze in a y form

or b a y me ns,ele tro ic or me h nic l in lu in p oto o yin a d microfim, with ut p rmis io in writin from

eith r IEC or IEC's memb r Natio al Commite in th c u try of th re u ster If y u h v a y q estio s a o t IEC

c p rig t or h v a e q iry a o t o tainin a ditio al rig tsto this p blc tio , ple se c nta t th a dres b low or

y ur lo al IEC memb r Natio al Commite for furth r informatio

Droits d re ro u tio réserv s Sa f in ic tio c ntraire, a c n p rtie d c te p blc tio n p ut être re ro uite

ni uti sé so s q elq e forme q e c soit et p r a c n pro é é, éle tro iq e o mé a iq e, y c mpris la p oto o ie

et les microfims, sa s la c rd é rit d l EC o d Comité n tio al d l EC d p ys d d ma d ur Si v usa ez d s

q estio s sur le c p rig t d l EC o si v us d sirezo te ir d s droits su pléme taires sur c te p blc tio , uti sez

les c ord n é s ci-a rès o c nta tez le Comité n tio al d l EC d v tre p ysd résid n e

Th Intern tio al Ele trote h ic l Commis io (IEC) is th le din glo al org nizatio th t pre ares a d p blsh s

Intern tio al Sta d rds for al ele tric l ele tro ic a d relate te h olo ies

Ab ut IEC publ c tio s

Th te h ic l c nte t of IEC p blc tio s is k pt u d r c nsta t re iew b th IEC Ple se ma e sure th t y u h v th

latest e itio , a c rig n a or a ame dme t mig t h v b e p blsh d

IEC Catalog e - webstore.ie c / catalog e

Th sta d-alo e a plc tio for c nsultin th e tire

biblo ra hic l infor matio o IEC Inter natio al Sta d rds,

Te h ic l Sp cific tio s, Te h ic l Re orts a d oth r

d c me ts Av ia le for PC, Ma OS, An r oid Ta lets a d

iPa

IEC publc tio s s arc - w w.ie c /se rc pub

Th a v n e se rc e a les to fin IEC p blc tio s b a

v riety of crite a (r efer en e n mb r, te t, te h ic l

c mmite ,…) It also giv s informatio o pr oje ts, re la e

a d w ith r awn p blc tio s

IEC J st Publs ed - webstore.ie c / j stpubls ed

Sta u to d te o al n w IEC p blc tio s Just Pu lsh d

d tais al n w p blc tio s rele se Av ia le o ln a d

also o c a mo th b emai

Ele to edia - ww w.ele to edia.org

Th w or l 's le din o ln dictio ary of ele tro ic a d

ele tr i al terms c ntainin 2 0 0 ter ms a d d finitio s in

En lsh a d Fre c , w ith e uiv le t terms in 15 a ditio al

la g a es Also k now n as th Inter natio al Ele tr ote h ic l

Vo a ulary (IEV) o ln

IEC Glos ary - std.ie c / glos ary

6 0 0 ele trote h ic l ter min lo y e tr i s in En lsh a d

Fre c e tr acte from th Terms a d Definitio s cla se of

IEC p blc tio s is u d sin e 2 0 Some e tr i s h v b e

c le te fr om e r lier p blc tio s of IEC TC 3 , 7 , 8 a d

CIS R

IEC Cu tomer Serv ic Cente - webstore.ie c / cs

If y u w ish to giv us y our fe d a k o this p blc tio or

n e furth r as ista c ,ple se c nta t th Customer Ser vic

Ce tr e: csc@ie c

A pro os de lIEC

L Commis io Ele trote h iq e Intern tio ale (IEC) est la première org nisatio mo diale q i éla ore et p ble d s

Normes intern tio ales p ur to t c q i a trait à léle tricité, à léle tro iq e et a x te h olo ies a p re té s

A pro os de publc tio s IEC

L c nte u te h iq e d s p blc tio s IEC est c nstamme t re u Ve i ez v us as urer q e v us p s é ez lé itio la

plus ré e te, u c rig n um o ame d me t p ut a oir été p blé

Catalog e IEC - webstore.ie c / catalog e

Ap lc tio a to ome p ur c nsulter to s les r enseig eme ts

biblo ra hiq es sur les Normes intern tio ales,

Sp cific tio s te h iq es, Ra p r ts te h iq es et a tr es

d c me ts d l EC Disp nible p ur PC, Ma OS, ta letes

An roid et iPa

Re h rc e de publc tio s IEC - w w.ie c / se rc pub

L r ec er ch a a c e p rmet d tr ou er d s p blc tio s IEC

e uti sa t difér ents c tères (n mér o d référe c , te te,

c mité d’étu es,…) Ele d n e a s i d s infor matio s sur les

pr ojets et les p blc tio s rempla é s o r etir ées

IEC J st Publs ed - webstore.ie c / j stpubls ed

Restez infor mé sur les n u eles p blc tio s IEC Just

Pu lsh d d tai e les n u eles p blc t io s p r ues

Disp nible e lg e et a s i u e fois p r mois p r emai

Ele to edia - ww w.ele to edia.org

L pr emier dictio n ir e e lg e d ter mes éle tro iq es et

éle tr i u s I c ntie t 2 0 0 termes et d finitio s e a glais

et e fr an ais, ainsi q e les ter mes é uiv le ts d ns 15

la g es a ditio n les Eg leme t a p lé Vo a ulair e

Ele tr ote h iq e Inter natio al (IEV) e lg e

Glos aire IEC - std.ie c / glos ary

6 0 0 e tré s termin lo iq es éle tr ote h iq es, e a glais

et e fr an ais, e tr aites d s articles Ter mes et Définitio s d s

p blc tio s IEC p r ues d p is 2 0 Plus c rtain s e tr ées

a té e res e traites d s p blc tio s d s CE 3 , 7 , 8 et

CIS R d l EC

Serv ic Clents - webstore.ie c / cs

Si v us d sir ez n us d n er d s c mme tair es sur c te

p blc tio o si v us a ez d s q estio s c nta tez-n us:

csc@ie c

properties for the purpose of sy stem assessment –

Part 7: Assessment of sy stem safety

des propriétés d'un sy stème en vue de son évaluation –

Partie 7: Évaluation de la sécurité d'un sy stème

Warnin ! Mak e s re th t y ou o tain d this publc tion from a a thorize distributor

Ate tion! Ve i ez v ou a s rer qu v ou av ez o te u c te publc tion via u distribute r a ré

c lo r

insid

CONTENTS

FOREWORD 3

INTRODUCTION 5

1 Sco e 7

2 Normative referen es 7

3 Terms, definition , a breviated terms, acron ms, con ention an s mb ls 7

3.1 Terms an definition 7

3.2 Ab reviated terms, acron ms, con ention an s mb ls 7

4 Basis of as es ment sp cific to safety 8

4.1 Sy tem safety pro erties 8

4.1.1 General 8

4.1.2 Hazard red ction 9

4.1.3 Hazard isolation 9

4.1.4 Immu ity / ro u tnes 9

4.1.5 Aversion 9

4.1.6 Mitigation 9

4.2 Factors influen in s stem safety 9

4.3 Hazard , harms an pro agation p th 9

4.3.1 Kin s of hazard 9

4.3.2 Receivers of harms 1

4.3.3 Pro agation p th 12 5 As es ment method 12 5.1 General 12 5.2 Definin the o jective of the as es ment 12 5.3 Desig an layout of the as es ment 13 5.4 Plan in of the as es ment program 13 5.5 Exec tion of the as es ment 13 5.6 Re ortin of the as es ment 13 6 Evaluation tec niq es 14 6.1 General 14 6.2 Analytical evaluation tec niq es 14 6.3 Empirical evaluation tec niq es 14 6.4 Ad itional to ic for evaluation tec niq es 14 An ex A (informative) Check l st an /or example of SRD for s stem fu ctional ty 15 An ex B (informative) Checkl st an /or example of SSD for s stem fu ctional ty 16 B.1 SSD information 16 B.2 Check p ints for s stem safety 16 Bibl ogra h 17 Fig re 1 – General layout of IEC 610 9 6

Fig re 2 – Sy tem safety 8

INTERNATIONAL ELECTROTECHNICAL COMMISSION

Part 7: Assessment of system safety

1) Th Intern tio al Ele trote h ic l Commis io (IEC) is a worldwid org nizatio for sta d rdizatio c mprisin

al n tio al ele trote h ic l c mmite s (IEC Natio al Commite s) Th o je t of IEC is to promote

intern tio al c -o eratio o al q estio s c n ernin sta d rdizatio in th ele tric l a d ele tro ic fields To

this e d a d in a ditio to oth r a tivities, IEC p blsh s Intern tio al Sta d rds, Te h ic l Sp cific tio s,

Te h ic l Re orts, Pu lcly Av ia le Sp cific tio s (PAS) a d Guid s (h re fer refere to as “IEC

Pu lc tio (s)”) Th ir pre aratio is e truste to te h ic l c mmite s; a y IEC Natio al Commite intereste

in th su je t d alt with ma p rticip te in this pre aratory work Intern tio al g v rnme tal a d n

n-g v rnme tal org nizatio s laisin with th IEC also p rticip te in this pre aratio IEC c la orates closely

with th Intern tio al Org nizatio for Sta d rdizatio (ISO) in a c rd n e with c n itio s d termin d b

a re me t b twe n th two org nizatio s

2) Th formal d cisio s or a re me ts of IEC o te h ic l maters e pres , as n arly as p s ible, a intern tio al

c nse sus of o inio o th rele a t su je ts sin e e c te h ic l c mmite h s re rese tatio from al

intereste IEC Natio al Commite s

3) IEC Pu lc tio s h v th form of re omme d tio s for intern tio al use a d are a c pte b IEC Natio al

Commite s in th t se se Whie al re so a le eforts are ma e to e sure th t th te h ic l c nte t of IEC

Pu lc tio s is a c rate, IEC c n ot b h ld resp nsible for th wa in whic th y are use or for a y

misinterpretatio b a y e d user

4) In ord r to promote intern tio al u iformity, IEC Natio al Commite s u d rta e to a ply IEC Pu lc tio s

tra sp re tly to th ma imum e te t p s ible in th ir n tio al a d re io al p blc tio s An div rg n e

b twe n a y IEC Pu lc tio a d th c r esp n in n tio al or re io al p blc tio sh l b cle rly in ic te in

th later

5) IEC itself d es n t pro id a y atestatio of c nformity In e e d nt c rtific tio b dies pro id c nformity

as es me t servic s a d, in some are s, a c s to IEC marks of c nformity IEC is n t resp nsible for a y

servic s c rie o t b in e e d nt c rtific tio b dies

6) Al users sh uld e sure th t th y h v th latest e itio of this p blc tio

7) No la i ty sh l ata h to IEC or its dire tors, emplo e s, serv nts or a e ts in lu in in ivid al e p rts a d

memb rs of its te h ic l c mmite s a d IEC Natio al Commite s for a y p rso al injury, pro erty d ma e or

oth r d ma e of a y n ture wh tso v r, wh th r dire t or in ire t, or for c sts (in lu in le al fe s) a d

e p nses arisin o t of th p blc tio , use of, or rela c u o , this IEC Pu lc tio or a y oth r IEC

Pu lc tio s

8) Ate tio is drawn to th Normativ refere c s cite in this p blc tio Use of th refere c d p blc tio s is

in isp nsa le for th c re t a plc tio of this p blc tio

9) Ate tio is drawn to th p s ibi ty th t some of th eleme ts of this IEC Pu lc tio ma b th su je t of

p te t rig ts IEC sh l n t b h ld resp nsible for id ntifyin a y or al su h p te t rig ts

International Stan ard IEC 610 9-7 has b en pre ared by s bcommite 6 A: Sy tem

asp cts, of IEC tec nical commite 6 : In u trial-proces me s rement, control an

automation

This secon edition can els an re laces the first edition publ s ed in 19 9 This edition

con titutes a tec nical revision

This edition in lu es the fol owin sig ificant tec nical c an es with resp ct to the previou

edition:

a) re rganization of the material of IEC 610 9-7:19 9 to ma e the overal set of stan ard

more organized an con istent;

b) IEC TS 6 6 3-1 has b en in orp rated into this edition

The text of this stan ard is b sed on the fol owin doc ments:

Ful information on the votin for the a proval of this stan ard can b fou d in the re ort on

votin in icated in the a ove ta le

This publcation has b en drafed in ac ordan e with the ISO/IEC Directives, Part 2

A l st of al p rts in the IEC 610 9 series, publ s ed u der the general title Industrialp roces

me sureme nt, co trol a d au tomato – Ev luato of system pro e rtes for th p u rp ose of

system as es me t, can b fou d on the IEC we site

The commit e has decided that the contents of this publcation wi remain u c an ed u ti

the sta i ty date in icated on the IEC we site u der "htp:/ we store.iec.c " in the data

related to the sp cific publ cation At this date, the publ cation wi b

• reconfirmed,

• with rawn,

• re laced by a revised edition, or

• amen ed

IMPORTANT – Th 'colour in ide' logo on the cov r pa e of this publ c tion indic te

that it contains colours whic are consid re to be us ful for th cor e t

understa ding of its conte ts Us rs s ould therefore print this doc me t usin a

colour printer

INTRODUCTION

IEC 610 9 de ls with the method whic s ould b u ed to as es s stem pro erties of a

b sic control s stem (BCS) IEC 610 9 con ists of the folowin p rts

Part 1: Terminolog an b sic con e ts

Part 2: As es ment methodolog

Part 3: As es ment of s stem fu ctional ty

Part 4: As es ment of s stem p rforman e

Part 5: As es ment of s stem de en a i ty

Part 6: As es ment of s stem o era i ty

Part 7: As es ment of s stem safety

Part 8: As es ment of other s stem pro erties

As es ment of a s stem is the ju gement, b sed on eviden e, of the s ita i ty of the s stem

for a sp cific mis ion or clas of mis ion

To o tain total eviden e would req ire complete evaluation ( or example u der al influen in

factors) of al s stem pro erties relevant to the sp cific mis ion or clas of mis ion

Sin e this is rarely practical, the rationale on whic an as es ment of a s stem s ould b

b sed is:

– the identification of the imp rtan e of e c of the relevant s stem pro erties,

– the plan in for evaluation of the relevant s stem pro erties with a cost ef ective

dedication of ef ort to the variou s stem pro erties

In con u tin an as es ment of a s stem, it is cru ial to b ar in min the ne d to gain a

maximum in re se in confiden e in the s ita i ty of a s stem within practical cost an time

con traints

An as es ment can only b car ied out if a mis ion has b en stated (or given), or if an

mis ion can b h p thesized In the a sen e of a mis ion, no as es ment can b made;

however, evaluation can sti b sp cified an car ied out for u e in as es ments p rformed

by others In s c cases, IEC 610 9 can b u ed as a g ide for plan in an evaluation an it

provides method for p rformin evaluation , sin e evaluation are an integral p rt of

as es ment

In pre arin the as es ment, it can b dis overed that the definition of the s stem is to

nar ow For example, a faci ty with two or more revision of the control s stems s arin

resources, for example a network, s ould con ider is ues of co-existen e an inter-o era i ty

In this case, the s stem to b in estigated s ould not b l mited to the “new” BCS; it s ould

in lu e b th That is, it s ould c an e the b u daries of the s stem to in lu e enou h of the

other s stem to ad res these con ern

The series stru ture an the relation hip amon the p rts of IEC 610 9 are s own in Fig re 1

Figure 1 – Ge eral la out of IEC 610 9

IEC

Part 1: T rmin logy an bas ic co ce t s

Part 2: As es me t met ho ology

Part s 3 t o 8: As ses sme t of each sy st em pro ert y

• Ge eric re uireme t of proce ure of as es me t

‐ Overview, ap roa h an p ases

‐ Re uireme t s for ea h p ase

‐ Ge eral d scrip o of ev luatio tech iq es

• Basics of as es me t sp cific to ea h pro ery

‐ Pro eries an in u ncin factor

• As es me t meth d for ea h pro ery

• Ev luatio t ech iq esfor ea h pro ery

IEC 6 0 9: Indust ial-proces measurement , cont oland automation –

Evaluation of systemproper ies f or the purpose of systemas es ment

INDUSTRIAL-PROCESS MEASUREMENT, CONTROL AND AUTOMATION –

Part 7: Assessment of system safety

This p rt of IEC 610 9:

– sp cifies the detai ed method of the as es ment of s stem safety of a b sic control

s stem (BCS) b sed on the b sic con e ts of IEC 610 9-1 an methodolog of

IEC 610 9-2,

– defines b sic categorization of s stem safety pro erties,

– des rib s the factors that influen e s stem safety an whic ne d to b ta en into ac ou t

when evaluatin s stem safety, an

– provides g idan e in selectin tec niq es from a set of o tion (with referen es) for

evaluatin the s stem safety

The tre tment of safety in this stan ard is confined to hazard that can b present within the

BCS itself That is, the BCS itself as a ph sical entity wi not imp se a hazard

Con ideration of hazard that can b introd ced by the proces or eq ipment u der control,

of the BCS to b as es ed, are ex lu ed

The folowin doc ments, in whole or in p rt, are normatively referen ed in this doc ment an

are in isp n a le for its a pl cation For dated referen es, only the edition cited a pl es For

u dated referen es, the latest edition of the referen ed doc ment (in lu in an

amen ments) a pl es

IEC 610 9-1:2 16, Industrialproce ss me sureme t, co trol a d au tomato – Ev luato of

system p rop erte s for th purp ose of system as es me t – Part 1: Termin logy a d b asic

co ce ts

IEC 610 9-2:2 16, Industrialproces me sureme t, co trol a d au tomato – Ev luato of

system p rop erte s for th purp se of system as es me t – Part 2: As e ssme t meth dolo y

3 Terms, definitions, abbreviated terms, acronyms, conventions and s mbols

3.1 Terms a d definitions

For the purp ses of this doc ment, the terms an definition given in IEC 610 9-1 a ply

3.2 Abbre iate terms, a ron ms, conv ntions a d s mbols

For the purp ses of this doc ment, the a breviated terms, acron ms, con ention an

s mb ls given in IEC 610 9-1 a ply

4 Ba is of asse sment specific to safety

4.1 Sy tem s fety propertie

4.1.1 Ge eral

A s stem can have a n mb r of interaction with its en ironment, some of whic can imp se

a hazardou con ition

This stan ard con entrates on the con ition of the s stem whic can cau e harm It is

imp rtant to recog ize that these con ition can c an e throu h the l fe c cle of the s stem

The extent to whic the s stem is fre of hazard can b expres ed as s stem safety

pro erties A s stem is not alway fre of hazard even if the in ivid al p rts that comp se the

s stem are themselves fre of hazard; for example, in ivid al p rts can b sta le where s the

same p rts config red to form a s stem can b u sta le an therefore hazardou

Sy tem safety pro erties of a BCS in al its asp cts (mec anical, electrical, etc.) de en up n

factors of its desig an its de en a i ty

The as es ment of the s stem safety s ould in lu e evaluation of s stem safety pro erties

related to activities an me s res for the s stem d rin every phase of its l fe c cle

Examples of these activities an me s res are:

– o eratin , maintenan e an de-commis ionin proced res,

– s mb ls an textual warnin s given,

– disp sal of p ckin material, waste prod cts from eq ipment, re laced comp nents an

cle nin material

The as es ment s ould also in lude en ironmental asp cts

The s stem safety pro erties can c an e over the dif erent phases of its l fe c cle d e to the

n mb r of hazardou con ition present s c as:

– h draul c ac umulators where pres ures mig t b lock d in by c eck valves,

– electrical y c arged devices ( or example ca acitors),

– n cle r waste an c emicals stored in containers exp sed to cor osion

When as es in the s stem safety, the fol owin asp cts s ould b con idered:

– kin s of hazard ,

– receivers of the con eq en es of a hazard,

– pro agation p th ,

– risk red ction me s res

Sy tem safety pro erties are categorized as s own in Fig re 2

IEC System safety

Hazard re u tio Hazard isolatio Immu ity / ro ustn s Av rsio Mitig tio

Sy tem safety can ot b as es ed directly an can ot b des rib d by a sin le pro erty.

Sy tem safety can only b determined by analy is an testin of e c of its pro erties

in ivid al y

4.1.2 Hazard re u tion

Hazard red ction is the ef ort to red ce the n mb r an /or severity of the hazard

Example: If les energ is u ed, the temperatures of devices are l k ly to b lower The lowest

h draul c pres ure ne ded to tran fer the neces ary p wer is u ed, to avoid hig tra p d

energ

4.1.3 Hazard isolation

Hazard isolation is the ef ort to isolate the hazard

Example: In tal n circ it bre k rs an dis on ects in ide p nels deig ed to s p res arc

flas

4.1.4 Immu ity / robustne s

Immu ity / ro u tnes al ows the s stem to a sorb or b immu e to hazard

Example: A BCS is immu e to p wer l ne s rges 2 % b yon its o eratin ratin Or it can

a sorb EMC interferen e an sti provide pro er data tran fers

4.1.5 Av rsion

Aversion al ows a s stem to avert a hazard

Example: Interlocks or SIS ca a i ty is provided to en ure the hazard can ot oc ur

4.1.6 Mitigation

Mitigation protects only p rt of the s stem if other s stems are compromised

Example: Alarms, evac ation are examples where a hazard may have made itself felt, but

some method is sti provided to ma e b st efort to minimize los

4.2 Fa tors influe cing s stem s fety

The s stem safety can b af ected by the influen in factors l sted IEC 610 9-1:2 16, 5.3

General y the largest influen in factor is h man b in s

4.3 Hazards, harms a d propa ation paths

4.3.1 Kinds of h zard

4.3.1.1 Ge eral

This s bclau e en omp s es a set of hazard

As a minimum, the kin s of hazard ad res ed by 4.3.1.2 to 4.3.1.8 s al b con idered

As des rib d in the s o e, con ideration of hazard that can b introd ced by the proces or

eq ipment u der control, of the BCS to b as es ed, are ex lu ed

4.3.1.2 Me ha ic l

Weig t can b a source of harm, for example d rin l fin or when fal n down

Pres ure can b a source of harm, for example d e to bre k ge of pip s or containers

Elasticity can b a source of harm, for example d e to bre k ge of sprin s or mec anical

stru tures

Vibration can b a source of harm, for example d e to fatig e of material or the emis ion of

ex es ive sou d

Temp rature can b a source of harm, for example d e to items he tin throu h friction,

in uf icient co l n , p or/ aulty in ulation In certain circ mstan es extreme cold can also b

hazardou by red cin flexibi ty an afectin h man tis ue

We r can b a source of harm, for example d e to rele se of toxic p rticles or d e to

we k nin p rts

Mec anical desig can b a source of harm, for example d e to the in orp ration of s arp

ed es or rou h s rfaces

4.3.1.3 Ele tric l

The voltage or c r ent can b a source of harm, for example d e to s ort circ itin (he t or

byp s in isolation (electrical s ock)

NOT Th ele tric l e ergies whic are th so rc s of h zards c n origin te from within th system a d/or from

th p wer su ply to th system

4.3.1.4 Ele troma n tic field

The s stem can emit electromag etic field of diferent inten ities an freq en ies whic can

b a source of harm Emis ion l mits for eq ipment are given in the relevant prod ct, prod ct

fami y an generic EMC stan ard , for example CISPR 2 Guidan e on the l mits for harm to

h man can b fou d, for example, in ENV 5 16 -1 an ENV 5 16 -2

4.3.1.5 Lig t

The s stem can emit lg t of diferent inten ities an freq en ies whic can b a source of

harm; for example, s ort circ it or o eration of o tic emiters (s c as laser sources) can

prod ce an pro agate l g t at an inten ity that can re c a hazardou level For laser

sources, refer to IEC 6 8 5-1

4.3.2 Rec iv rs of harms

4.3.2.1 Ge eral

The level of harm that can b ac e ted by a receiver de en s on

– the c aracteristic of the typ of receiver an

– the are in whic the receiver is located

Within the en ironment of a BCS, diferent are s can b identified s c as the control ro m,

man facturin faci ty or are s r ou din the man facturin faci ty These are

clas ification are typical y given in international, national or pro rietary stan ard Within

e c of these are s, in ivid al levels of harm an hazardou situation can b ac e ta le for

e c typ of receiver

The diferent typ s of receivers are l sted in 4.3.2.2 to 4.3.2.4

4.3.2.2 Huma

Hazard whic can exist in the BCS can af ect the h man b d in diferent way Some

examples are given b low:

a) mec anical:

1) weig t can, for example, bre k b nes;

2) ex es pres ure can, for example, le d to general injury, the bre kin of b nes, eye

an /or e r damage, or the cola se of the lu g ;

3) elasticity can, for example, le d to general injury or the bre kin of b nes;

4) vibration can, for example, le d to e r damage;

5) temp rature can, for example, le d to burn ;

b) electrical s ort circ it or s ock can, for example, cau e burn , fibri ation of the he rt or

eye damage;

c) electromag etic field can, for example, cau e alteration of the meta ol sm, eye damage

or destru tion of an organ;

d) l g t can, for example, cau e eye damage or burn ;

e) radio ctivity can, for example, cau e alteration of the meta olsm, eye damage or

destru tion of an organ;

f biological s bstan es can p netrate an , for example, cau e alteration of the meta olsm

or modification of the al mentary track;

g) c emical s bstan es can p netrate an , for example, cau e alteration of the meta ol sm,

eye damage, destru tion of an organ, skin ir itation or neurological damage

4.3.2.3 Biologic l

Hazard whic can exist in the BCS can af ect biological s stems s c as flora, fau a an the

ecological s stem, in simi ar way as des rib d in 4.3.2.2 The degre of the ph sical injury to

a biological s stem can b dif erent from that to a h man

4.3.2.4 Eq ipme t

Hazard whic can exist in the BCS can afect s r ou din eq ipment in dif erent way Some

examples are given b low:

a) mec anical:

1) weig t, pres ure, elasticity can, de en in on the severity, res lt in misalg ment,

b n in or bre kin p rts, etc

2) vibration can, de en in on the severity, res lt in misal g ment, metal fatig e, p rts

comin lo se, etc

3) temp rature can, de en in on its level, res lt in misal g ment, decre sed l fe time,

los of mec anical stren th, degasification, burnin , etc

b) electrical sources can, de en in on the severity, res lt in s p ly p wer distortion,

bre kdown d e to overlo d, c r ent s rges, flas over, burn , etc

c) electromag etic field can, de en in on the severity, res lt in electromag etic in

ter-feren e, alteration of data, etc

d) l g t or radio ctivity can, de en in on the level, res lt in c an es of material pro erties

d e to ultra-violet or laser-l g t, etc

e) biological: no efect forese n;

f c emical s bstan es can, de en in on the severity, res lt in c emical tran formation of

Althou h sin le pro agation p th can b identified, it is very ofen the case that a complete

pro agation p th is a combination of several sin le typ s of pro agation p th

Some sin le pro agation p th are lsted in 4.3.3.2 to 4.3.3.5

4.3.3.2 Dire t propa ation path

A direct pro agation p th me n that the receiver is in direct contact with the source of harm

( or example a fin er tou hin a hig -voltage con u tor)

4.3.3.3 Indire t propa ation path

An in irect pro agation p th me n that the receiver is in contact with the source of harm via

an mova le item ( or example a to l or a lad er) or a fixed con tru tion element ( or example

s p orts or rai s)

4.3.3.4 Dy amic propa ation path

A d namic pro agation p th me n that the receiver is in time-de en ent contact with the

source of harm via an d namic media ( or example flowin l q id or gases)

4.3.3.5 Conta t-le s propa ation path

A contact les pro agation p th me n that the receiver is exp sed to the source of harm via,

for example, radiation , l g t or electromag etic field

The statements compi ed in ac ordan e with IEC 610 9-2:2 16, 5.3.3 s ould in lu e the

fol owin in ad ition to the items l sted in IEC 610 9-2:2 16, 5.3.3:

– kin s of hazard an their pro agation p th from the s stem to its en ironment;

– influen in factors that can cre te a hazardou con ition in ide the s stem;

– risk red ction me s res provided to minimize the con eq en es of hazardou con ition ;

– risk red ction me s res provided to minimize the pro a i ty that a conju ction of

phenomena whic can cre te hazardou con ition can arise;

– way in whic the dif erent s stem mod les an elements interact an the p s ibi ty that a

lack of safety can arise at the s stem level as a res lt of the interaction ;

– glo al pre-knowled e avai a le an extent to whic the s stem safety pro erty s ould b

as es ed

Doc mentin col ated information s al fol ow the method in IEC 610 9-2:2 16, 5.3.4

Selectin as es ment items s al fol ow IEC 610 9-2:2 16, 5.3.5

As es ment sp cification s ould b develo ed in ac ordan e with IEC 610 9-2: 2 16, 5.3.6

Comp rison of the SRD an the SSD s al folow IEC 610 9-2:2 16, 5.3

NOT 1 A c e klst of SR for system d p n a i ty is pro id d in An e A

NOT 2 A c e klst of S D for system d p n a i ty is pro id d inAn e B

5.4 Pla nin of the a s s me t program

Plan in of the as es ment program s al fol ow the method as laid down IEC 610 9-2:2 16,

5.4

As es ment activities s al b develo ed in ac ordan e with IEC 610 9-2:2 16, 5.4.2

The final as es ment program s ould sp cify p ints sp cified in IEC 610 9-2:2 16, 5.4.3

5.5 Ex c tion of th a s s me t

The exec tion of the as es ment s al b in ac ordan e with IEC 610 9-2:2 16, 5.5

5.6 Reportin of th a s s me t

The re ortin of the as es ment s al b in ac ordan e with IEC 610 9-2:2 16, 5.6

The re ort s al in lu e information sp cified in IEC 610 9-2:2 16, 5.6 Ad itional y, the

as es ment re ort s ould ad res the folowin p ints:

6 Ev luation tec niques

Within this stan ard, several evaluation tec niq es are s g ested Other method may b

a pl ed but, in al cases, the as es ment re ort s ould provide referen es to doc ments

des ribin the tec niq es u ed

Those evaluation tec niq es are categorized as des rib d in IEC 610 9-2:2 16, Clau e 6

Factors influen in the s stem safety ac ordin to 4.2 s al b ta en into ac ou t

The tec niq es given in 6.2, 6.3 an 6.4 are recommen ed to as es s stem safety

It is not p s ible to evaluate the s stem safety pro erties as one entity In te d e c s stem

safety pro erties s ould b ad res ed se arately

6.2 Analytic l e aluation te hnique

Safety evaluation tec niq es for BCSs are mainly analytical

For e c kin of hazard, the fol owin ste s s ould b ta en:

– c eck whether a hazard is present an , for e c hazard present, c eck if certification are

avai a le an are also vald u der the o eratin con ition stated in the SRD or by

man atory reg lation ;

– if satisfactory certification are not avai a le, an a pro riate risk analy is s ould b

a pled, for example the analy is des rib d in ISO 31010 In s p ort of s c an analy is,

one of the evaluation tec niq es of 6.3 can b a pl ed

6.3 Empiric l e aluation te hnique

Empirical evaluation tec niq es are s p lementary to analytical ones

Whenever analytical tec niq es can ot g arante the safety level of the s stem, an empirical

evaluation s ould b car ied out in order to as es those asp cts on whic there is a lack of

– mec anical: testin method of en los res as des rib d, for example, in IEC 6 5 9;

– electrical: in ulation co rdination an electric stren th testin as des rib d, for example,

in the IEC 6 2 3 series an IEC 6 6 4-1;

– electromag etic field : me s rement tec niq es as des rib d, for example, in CISPR 2 ;

– thermal: fire hazard testin as des rib d, for example, in IEC 6 6 5-2, IEC 6 6 5-1 -10

an IEC 6 6 5-1 -2

6.4 Additional to ic for e alu tion te h iqu s

No ad itional items are noted

Annex A

(informativ )

Check l st and/or example of SRD for system functional ty

The s stem req irement doc ment s ould b reviewed to c eck that the risk red ction

me s res req ired for the s stem have b en ad res ed an are l sted as des rib d in

IEC 610 9-2

The efectivenes of the safety as es ment is stron ly de en ent up n the comprehen i

ve-nes of the statement of req irements

Partic lar at ention s ould b given to c eckin that adeq ate information is given on:

– the a pl ca le international, national or comp n safety stan ard or reg lation an , in

p rtic lar, IEC 60 6 -1 an IEC 61010-1,

– the admis ible emis ion levels for the kin s of hazard l sted in 4.2,

– the are s where the BCS an its mod les an elements are to b situated, refer in to

are clas ification stan ard , for example,

– the workin con ition within these are s whic s ould b fulfi ed to al ow ac es to the

BCS, an the proced res to o tain work p rmits,

– the p rmited infrin ements of these working con ition , their freq en y an the

emergen y proced res to b folowed in this case,

– the admis ible emis ion levels for the kin s of hazard l sted in 4.2 for the neig b urin

are s of the BCS,

– the extent to whic the BCS is inten ed to b u ed to provide safety fu ction outside of

the s o e of the IEC 615 8 series

Annex B

(informativ )

Checkl st and/or example of SSD for system functional ty

B.1 SSD information

The s stem sp cification doc ment s ould b reviewed to c eck that the pro erties given in

the SRD are l sted as des rib d in IEC 610 9-2:2 16, Clau e B.2

B.2 Check points for system safety

The s stem sp cification doc ment s ould b reviewed to c eck that the risk red ction

me s res of the BCS are l sted as des rib d in IEC 610 9-2

Partic lar at ention s ould b given to c eckin that adeq ate information is given on the

fol owin :

– kin s of hazard within the BCS, an the risk red ction me s res ta en to l mit the p s ible

con eq en es;

– levels of emis ion , even if they are lower than the safe an /or al owed l mits;

– a pro riate safety certification , is uin in titution an con isten y with national

reg lation ;

– an maintenan e action req ired whic can infrin e the s stem safety an the precaution

to b ta en in these circ mstan es, to avoid an hazardou con ition ;

– sp cial in tal ation req irements to g arante the s stem safety

Bibl ography

IEC 6 2 3 (al p rts), Electric stre gth of insu latn materials – Test meth ds

IEC 6 5 9, Degre s ofprotecto p ro ided b y e closures (IP Code )

IEC 6 6 5-2 (al p rts), Fire h zard te stn – Part 2: Test meth ds

IEC 6 6 4-1, Insulato co rdin to for e quip me t wihin low-v lage system s – Part 1:

Principles, re u ireme ts a d te sts

IEC 6 6 5-1 -10, Fire h zard testn – Part 1 -10 : Test flames – 5 Wh rizo tal a d ve rtcal

flame te st meth ds

IEC 6 6 5-1 -2 , Fire h zard testn – Part 1 -20 : Te st flames – 500 W flame te st meth d

IEC 6 8 5-1, Safety of laserp roducts – Part 1: Equipme t clas ificato a d re uireme ts

IEC 61010-1:2 10, Safety re u ireme ts for e lectrical e quipm ent forme surem ent, co trol a d

lab oratory use – Part 1: G en ral re qu ireme ts

IEC 610 9-3, Industrialp roce ss me su reme t, co trol a d au tomato – Ev lu ato ofsystem

p ro erte s for th p u rp ose of system as es me t – Part 3: As es me t ofsystem functo al y

IEC 610 9-4, Industrialp roce ss me su reme t, co trol a d au tomato – Ev lu ato ofsystem

p ro erte s for th p u rp se of system as e ssme nt – Part 4: As es me t of system

p erforma ce

IEC 610 9-5:2 16, Industrialproces me sureme t, co trol a d au tomato – Ev luato of

system p rop erte s for th p urp se of system as e ssme t – Part 5: As e ssme t of system

de p endab il y

IEC 610 9-6:2 16, Industrialp roces me sureme t, co trol a d automato – Ev luato of

s ystem p rop ertes for th p urp se of system as es me t – Part 6: As es me t of system

op erab il y

IEC 610 9-8, Industrial p roces me asureme t, co trol a d au tomato – Ev lu ato of system

p rop ertes for th p urp ose of system as e ssme t – Part 8: As e ssme t of oth r system

p ro e rte s

IEC 615 8 (al p rts), Fu ncto al safety of ele ctrical/electro ic/p rogrammab le electro ic

safety-related systems

IEC TS 6 6 3-1, Industrial p roce ss co trol systems – G u ideln for e alu atn p roce ss co trol

systems – Part 1: Sp ecificato s

CISPR 2 , Informato te ch ology e quipme nt – Radio disturb ance ch racte ristc – Limis a d

m eth ds of me sureme nt

ISO/IEC Guide 51, Safety asp ects – G uidelne s forth irinclusio in sta dards

ISO 31010:2 0 , Risk m an geme nt – Risk as e ssme nt tech iques

ENV 5 16 -1, Hu ma e p sure to ele ctroma n tc fields Low-fre u ency (0 Hz to 10 kHz)

ENV 5 16 -2, Hu m an e xp sure to electroma ne tic fie lds High-fre uency ( 0 kHz to 300 G Hz)

_ _ _ _ _ _ _

AVANT-PROPOS 19

INTRODUCTION 21

1 Domaine d'a pl cation 2

2 Réf éren es normatives 2

3 Termes, définition , a réviation , acron mes, con ention et sy mb les 2

3.1 Termes et déf i ition 2

3 2 Abréviation , acronymes, con ention et s mb les 2

4 Prin ip s de b se de lévaluation sp cifiq e à la séc rité 2

4.1 Pro riétés de la séc rité d'u s stème 2

4.1.1 Général tés 2

4.1 2 Réd ction des dan ers 2

4.1.3 Isolation des dan ers 2

4.1.4 Immu ité / ro u tes e 2

4.1.5 Aversion 2

4.1.6 At én ation 2

4.2 F cteurs ayant u e influen e s r la séc rité d'u s stème 2

4.3 Dan ers, dommages et c emin de pro agation 2

4.3.1 Typ s de dan ers 2

4.3.2 Réce teurs de dommages 2

4.3.3 Chemin de pro agation 2

5 Méthode d'évaluation 2

5.1 Général tés 2

5.2 Définition de lo jectif de lévaluation 2

5.3 Con e tion et agen ement de lévaluation 2

5.4 Planif i ation d programme d'évaluation 3

5.5 Exéc tion de l évaluation 3

5 6 Rédaction d ra p rt d'évaluation 3

6 Tec niq es d'a préciation 3

6.1 Général tés 3

6.2 Tec niq es d’a préciation analytiq e 31

6.3 Tec niq es d'a préciation empiriq e 31

6.4 Sujets s p lémentaires de tec niq es d'a préciation 31

An exe A (inf ormative) Liste de contrôle et ou exemple de CdC p ur la f on tion alté d'u s stème 3

An exe B (inf ormative) Liste de contrôle et ou exemple de CdS p ur la f on tion alté d'u s stème 3

B.1 Inf ormation relatives au CdS 3

B.2 Points de contrôle de la séc rité d'u s stème 3

Biblogra hie 3

Fig re 1 – Stru ture générale de l IEC 610 9 2

Fig re 2 – Séc rité d s stème 2