EN ISO 13849-1

EN 954-1 is the standard that OEMs have followed in order to ensure compliance with European safety legislation. However, this standard will be phased out and replaced with EN ISO 13849-1:2009 “Safety of machinery – Safety-related parts of control systems.” In contrast to EN 954-1, the new ISO 13849-1 standard incorporates the quantification of component reliability approach of the IEC EN 61508 standard. This is a more comprehensive and hence more time consuming method of system qualification.

While both standards (EN 954-1 & EN ISO 13849-1) require OEMs to conduct a hazard and risk analysis, it is only the EN 954-1 that allows a deterministic approach of selecting system architecture based on the result of the risk analysis. EN 954-1 does not require component statistical life data in order to validate the system category.

In contrast, the new EN ISO 13849-1 standard introduces a probabilistic approach to function verification. Here the hazard and risk assessment results in Performance Levels (a, b, c, d, and e), which are comparable to the Safety Integrity Levels (SIL: a,1,2,3) from IEC 61508. Based on the derived Performance Level, a system architecture (category) is chosen for the safety function, and then verified. The sum of the components must meet the statistical minimum MTTFd and diagnostic coverage (DCavg), required by the standard (see Figure 2).

The following aspects are evaluated:

1. The category (CAT) / designated architectures
2. The mean time to dangerous failure (MTTFd)
3. The level of diagnostic coverage (DC)
4. The common cause failures (CCF)
5. The software safety requirements