This part of IEC 61800 , which is a product standard, specifies requirements and makes recommendations for the design and development, integration and validation of safety related power drive systems ( PDS(SR)) in terms of their functional safety considerations. It applies to adjustable speed electrical power drive systems covered by the other parts of the IEC 61800 series of standards as referred in IEC 61800‑2 .

NOTE 1

The term “integration” refers to the PDS(SR) itself, not to its incorporation into the safety-related application.

NOTE 2

Other parts of IEC 61800 cover rating specifications, EMC, electrical safety, etc.

This International Standard is applicable where functional safety of a PDS(SR) is claimed and the PDS(SR) is operating mainly in the high demand or continuous mode (see 3.15)

While low demand mode operation is possible for a PDS(SR), this standard concentrates on high demand and continuous mode. Safety sub-functions implemented for high demand or continuous mode can also be used in low demand mode. Requirements for low demand mode are given in IEC 61508 series. Some guidance for the estimation of average probability of dangerous failure on demand (PFD _avg) value is provided in Annex F.

This part of IEC 61800 sets out safety-related considerations of PDS(SR)s in terms of the framework of IEC 61508 , and introduces requirements for PDS(SR)s as subsystems of a safety-related system. It is intended to facilitate the realisation of the electrical/ electronic/ programmable electronic (E/E/PE) parts of a PDS(SR) in relation to the safety performance of safety sub-function(s) of a PDS.

Manufacturers and suppliers of PDS(SR)s by using the normative requirements of this part of IEC 61800 will indicate to users (system integrator, original equipment manufacturer) the safety performance for their equipment. This will facilitate the incorporation of a PDS(SR) into a safety-related control system using the principles of IEC 61508 , and possibly its specific sector implementations (for example IEC 61511 , IEC 61513 , IEC 62061 or ISO 13849 ).

By applying the requirements from this part of the IEC 61800 series, the corresponding requirements of IEC 61508 that are necessary for a PDS(SR) are fulfilled.

This part of IEC 61800 does not specify requirements for:

the hazard and risk analysis of a particular application;
the identification of safety sub-functions for that application;
the initial allocation of SILs to those safety sub-functions;
the driven equipment except for interface arrangements;
secondary hazards (for example from failure in a production or manufacturing process);
the electrical, thermal and energy safety considerations, which are covered in + IEC 61800‑5‑1 ;
the PDS(SR) manufacturing process;
the validity of signals and commands to the PDS(SR).
security aspects (e.g. cyber security or PDS(SR) security of access)

NOTE 3

The functional safety requirements of a PDS(SR) are dependent on the application, and can be considered as a part of the overall risk assessment of the installation. Where the supplier of the PDS(SR) is not responsible for the driven equipment, the installation designer is responsible for the risk assessment, and for specifying the functional and safety integrity requirements of the PDS(SR).

This part of IEC 61800 only applies to PDS(SR)s implementing safety sub-functions with a SIL not greater than SIL 3.

Figure 1 shows the installation and the functional parts of a PDS(SR) that are considered in this part of IEC 61800 and shows a logical representation of a PDS(SR) rather than its physical description.

[Image removed.]

PDF Catalog

PDF Pages	PDF Title
2	National foreword
9	English CONTENTS
13	FOREWORD
15	INTRODUCTION
16	1 Scope
17	2 Normative references Figures Figure 1 – Installation and functional parts of a PDS(SR)
19	3 Terms and definitions Tables Table 1 – Alphabetical list of terms and definitions
25	4 Designated safety sub-functions 4.1 General
26	4.2 Safety sub-functions 4.2.1 General Figure 2 – Safety function consisting of safety sub-functions
27	4.2.2 Limit values 4.2.3 Stopping functions
28	4.2.4 Monitoring functions
30	4.2.5 Output functions – Safe brake control (SBC) 5 Management of functional safety 5.1 Objective 5.2 Requirements for the management of functional safety 5.3 PDS(SR) development lifecycle
31	5.4 Planning of PDS(SR) functional safety management Figure 3 – PDS(SR) development lifecycle
33	5.5 Safety requirements specification (SRS) for a PDS(SR) 5.5.1 General 5.5.2 Safety sub-functions requirements specification
34	5.5.3 Safety integrity requirements specification
35	5.6 PDS(SR) safety system architecture specification 5.6.1 General 5.6.2 Requirements for safety system architecture specification
36	6 Requirements for design and development of a PDS(SR) 6.1 General requirements 6.1.1 Change in operational status 6.1.2 Design standards 6.1.3 Realisation 6.1.4 Safety integrity and fault detection
37	6.1.5 Safety and non-safety sub-functions 6.1.6 SIL for multiple safety sub-functions within one PDS(SR) Table 2 – Example for determining the SIL from hardware and software independence
38	6.1.7 Integrated circuits with on-chip redundancy 6.1.8 Software requirements 6.1.9 Design documentation 6.2 PDS(SR) design requirements 6.2.1 Basic and well-tried safety principles 6.2.2 Requirements for the estimation of the probability of dangerous random hardware failures per hour (PFH)
39	Table 3 – Safety integrity levels: target failure measures for a PDS(SR) safety sub-function
41	6.2.3 Architectural constraints
42	6.2.4 Estimation of safe failure fraction (SFF) Table 4 – Maximum allowable safety integrity level for a safety sub-function carried out by a type A safety-related subsystem Table 5 – Maximum allowable safety integrity level for a safety sub-function carried out by a type B safety-related subsystem
43	6.2.5 Requirements for systematic safety integrity of a PDS(SR) and PDS(SR) subsystems
46	6.2.6 Design requirements for electromagnetic (EM) immunity of a PDS(SR) 6.2.7 Design requirements for thermal immunity of a PDS(SR) 6.2.8 Design requirements for mechanical immunity of a PDS(SR) 6.3 Behaviour on detection of fault 6.3.1 Fault detection 6.3.2 Fault tolerance greater than zero 6.3.3 Fault tolerance zero 6.4 Additional requirements for data communications
47	6.5 PDS(SR) integration and testing requirements 6.5.1 Hardware integration 6.5.2 Software integration 6.5.3 Modifications during integration 6.5.4 Applicable integration tests 6.5.5 Test documentation
48	7 Information for use 7.1 General 7.2 Information and instructions for safe application of a PDS(SR)
49	8 Verification and validation 8.1 General
50	8.4 Documentation 9 Test requirements 9.1 Planning of tests 9.2 Functional testing
51	9.3 Electromagnetic (EM) immunity testing 9.3.1 General 9.3.2 Intended EM environment 9.3.3 Performance criterion (fail safe state – FS) 9.4 Thermal immunity testing 9.4.1 General
52	9.4.2 Functional thermal test 9.4.3 Component thermal test 9.5 Mechanical immunity testing 9.5.1 General 9.5.2 Vibration test 9.5.3 Shock test 9.5.4 Performance criterion for mechanical immunity tests (fail safe state – FS) 9.6 Test documentation
53	10 Modification 10.1 Objective 10.2 Requirements 10.2.1 General 10.2.2 Modification request 10.2.3 Impact analysis 10.2.4 Authorization 10.2.5 Documentation
54	Annexes Annex A (informative) Sequential task table Table A.1 – Design and development procedure for PDS(SR)
58	Annex B (informative) Example for estimation of PFH B.1 General B.2 Example PDS(SR) structure B.2.1 General Figure B.1 – Example PDS(SR)
59	B.2.2 Subsystem A/B B.2.3 Subsystem PS/VM Figure B.2 – Subsystems of the PDS(SR)
60	B.3 Example PDS(SR) PFH value determination B.3.1 Subsystem “A/B” (main subsystem) Figure B.3 – Function blocks of subsystem A/B
62	Table B.1 – Determination of DC factor of subsystem A/B
63	Figure B.4 – Reliability model (Markov) of subsystem A/B
65	B.3.2 Subsystem “PS/VM” Figure B.5 – Function blocks of subsystem PS/VM Table B.2 – PFH value calculation results for subsystem A/B
66	Table B.3 – Determination of DC factor of subsystem A/B
67	Figure B.6 – Reliability model (Markov) of subsystem PS/VM
68	B.3.3 PFH value of the safety sub-function STO of PDS(SR) Table B.4 – PFH value calculation results for subsystem PS/VM
69	B.4 Reduction of DC and SFF depending on test interval
70	Annex C (informative) Available failure rate databases C.1 Databases C.2 Helpful standards concerning component failure
72	Annex D (informative) Fault lists and fault exclusions D.1 General D.2 Remarks applicable to fault exclusions D.2.1 Validity of exclusions D.2.2 Tin whisker growth D.2.3 Short-circuits on PWB-mounted parts
73	D.3 Fault models D.3.1 Conductors/cables D.3.2 Printed wiring boards/assemblies D.3.3 Terminal block Table D.1 – Printed wiring boards/assemblies
74	D.3.4 Multi-pin connector D.3.5 Electromechanical devices Table D.2 – Terminal block Table D.3 – Multi-pin connector
75	D.3.6 Transformers D.3.7 Inductances D.3.8 Resistors D.3.9 Resistor Networks D.3.10 Potentiometers D.3.11 Capacitors D.3.12 Discrete semiconductors Table D.4 – Electromechanical devices (for example relay, contactor relays)
76	D.3.13 Signal Isolation components D.3.14 Non-programmable integrated circuits D.3.15 Programmable and/or complex integrated circuits Table D.5 – Signal Isolation components Table D.6 – Non-programmable integrated circuits
77	D.3.16 Motion and position feedback sensors Table D.7 – Programmable and/or complex integrated circuits
78	Table D.8 – Motion and position feedback sensors
81	Annex E (normative) Electromagnetic (EM) immunity requirement for PDS(SR) E.1 General E.2 Immunity requirements – low frequency disturbances
82	Table E.1 – Minimum immunity requirements for voltage deviations, dips and short interruptions
83	Table E.2 – PDS(SR) minimum immunity requirements for voltage deviations, dips and short interruptions on main power ports with a rated voltage above 1 000 V
84	E.3 Immunity requirements – high frequency disturbances Table E.3 – Immunity requirements – high frequency disturbances
86	Table E.4 – General frequency ranges for mobile transmitters and ISM for radiated tests
87	Table E.5 – General frequency ranges for mobile transmitters and ISM for conducted tests
88	Annex F (informative) Estimation of PFDavg value for low demand with given PFH value F.1 General F.2 Estimation of PFDavg value for low demand with given PFH value
89	Bibliography

Published By	Publication Date	Number of Pages
BSI	2017	92


PDF Format	Searchable	Printable	Preview Now

Status	Revision Underway
Pages	92
Publication Date	2017-09-22
ISBN	978 0 580 81980 3
Standard Number	BS EN 61800-5-2:2017
Title	Adjustable speed electrical power drive systems – Safety requirements. Functional
Identical National Standard Of	EN 61800-5-2:2017, IEC 61800-5-2:2016
Replaces	BS EN 61800-5-2:2007
Descriptors	Electrical transmission systems, Electrical safety, Electrical components, Programming, Variable-speed drives, Equipment safety, Power transmission systems, Control systems, Electronic equipment and components, Adjustment, Electric motors, Velocity, Electrical equipment
Publisher	BSI
Committee	PEL/22
ICS Codes	29.130.99 - Other switchgear and controlgear

BS EN 61800-5-2:2017

PDF Catalog

Related products

BS EN 61800-5-2:2017 – TC:2020 Edition