FAQs concerning functional safety

Questions and answers concerning functional safety

Our experts answer your questions.

Can't find the answer to your question? Get in touch!

If you don't find an answer to your query, simply complete the form provided below. We look forward to all your questions and suggestions concerning functional safety.

No, individual components cannot have a SIL or PL.

The SIL classification always relates to a complete safety function, while the SILCL relates to the subsystem (in accordance with EN 62061).

A relationship can be established between the PL and SIL by means of the PFHd value. Please note that the PFHd notes do not take into consideration the particular specifications of the two standards with regard to the approved structure, diagnostic coverage or their systematic requirements.

According to both standards, a DC of 99% can be assumed for force-guided contacts with redundant (2-channel) switching devices and relays. A diagnostic function with a suitable error response or at least one warning prior to the hazard is required.

No, just a single fault usually results in a failure. In the case of magnetically operated or RFID-based systems, it is possible for the manufacturer to attest to a hardware fault tolerance of 1.

No, the user can calculate a PFHd value for wear parts for the relevant application from the B10d value based on the number of operating cycles.

MTBF (mean time between failure) describes the time between two failures.

MTTF (mean time to failure) describes the time to the first failure.

D stands for dangerous.

MTTFd (mean time to dangerous failure) describes the time to the first dangerous failure.

Yes; however, for operating system software in accordance with PL e, the requirements of IEC 61508-3 must be taken into consideration.

The annexes of EN ISO 13849-1 and EN 62061 list substitute reference values for commonly used components. However, where available, the manufacturer values should always be used.

No, EN ISO 13849-1 only describes high-demand mode. This is why you can only perform a MTTF assessment with additional measures such as forced dynamization.

No, there is no separate mandatory certification for software that is based on both standards. The focus is the size and complexity of the overall project. A software test may be necessary as part of the verification and validation of safety functions. Information on this topic can be found in EN ISO 13849-1, Section 4.6, EN 62061, Sections 6.9 and 6.10, and EN 61508-3.

No, along with statistical characteristics such as MTTF and B10d, the component must also be suitable for the function in question from a functional point of view and must satisfy certain minimum requirements. For example, design and safety requirements (implementation and application of basic safety principles).


C6 The Exchange
Calmount Park
Dublin 12
D12 XE18