IEC 61131-6: Functional Safety (edition 1.0 - 2012)
Scope
This Part of the IEC 61131 series specifies requirements for programmable controllers (PLCs) and their associated peripherals, as defined in Part 1, which are intended to be used as the logic subsystem of an electrical/electronic/programmable electronic (E/E/PE) safety-related system. A programmable controller and its associated peripherals complying with the requirements of this part is considered suitable for use in an E/E/PE safety-related system and is identified as a functional safety programmable logic controller (FS-PLC). An FS-PLC is generally a hardware (HW) / software (SW) subsystem. An FS-PLC may also include software elements, for example predefined function blocks.
An E/E/PE safety-related system generally consists of sensors, actuators, software and a logic subsystem. This part is a product specific implementation of the requirements of the IEC 61508 series and conformity to this part fulfils all of the applicable requirements of the IEC 61508 series related to FS-PLCs. While the IEC 61508 series is a system standard, this part provides product specific requirements for the application of the principles of the IEC 61508 series to FS-PLC.
This Part of the IEC 61131 series addresses only the functional safety and safety integrity requirements of an FS-PLC when used as part of an E/E/PE safety-related system. The definition of the functional safety requirements of the overall E/E/PE safety-related system and the functional safety requirements of the ultimate application of the E/E/PE safety-related system are outside the scope of this part, but they are inputs for this part. For application specific information the reader is referred to standards such as the IEC 61511 series, IEC 62061, and the ISO 13849 series.
This part does not cover general safety requirements for an FS-PLC such as requirements related to electric shock and fire hazards specified in IEC 61131-2 .
This part applies to an FS-PLC with a Safety Integrity Level (SIL) capability not greater than SIL 3.
The objective of this part is:
- to establish and describe the safety life-cycle elements of an FS-PLC, in harmony with the general safety life-cycle identified in IEC 61508-1, -2 and -3;
- to establish and describe the requirements for FS-PLC HW and SW that relate to the functional safety and safety integrity requirements of a E/E/PE safety-related system;
- to establish evaluation methods for a FS-PLC to this part for the following parameters/criteria:
- a Safety Integrity Level (SIL) claim for which the FS-PLC is capable,
- a Probability of Failure on Demand (PFD) value,
- an average frequency of dangerous failure per hour value (PFH),
- a value for the safe failure fraction (SFF),
- a value for the hardware fault tolerance (HFT),
- a diagnostic coverage (DC) value,
- a verification that the specified FS-PLC manufacturer’s safety lifecycle processes are in place,
- the defined safe state,
- the measures and techniques for the prevention and control of systematic faults, and
- for each failure mode adressed in this part, the functional behaviour in the failed state.
- to establish the definitions and identity the principal charateristics relevant to the selection and application of FS-PLCs and their associated peripherals.
This part is primarily intended for FS-PLC manufacturers. It also includes the critical role of FS-PLC users through the user documentation requirements. Some user guidelines for FS-PLCs may be found in IEC 61131-4.