Standards & Safety 12 min read

Calculation of Performance Level (PL) in Safety Circuits: Compliance with ISO 13849-1 for the Brazilian Industry

Technical analysis: ISO 13849-1 Performance Level: calculating PL for safety circuits

Cálculo de Nível de Performance (PL) em Circuitos de Segurança: Conformidade com a ISO 13849-1 para a Indústria Brasileira - UNITEC-D Industrial MRO
A ABNT NBR ISO 13849-1 é crucial para projetar e validar sistemas de segurança em máquinas industriais, garantindo a conformidade com a NR-12 no Brasil. O cálculo do Nível de Performance (PL) quantifi

1. Introduction: The Essentiality of ISO 13849-1 in Brazilian Industrial Operations

The safety of machines and equipment is a fundamental pillar for productivity and sustainability in the industry. In Brazil, Regulatory Standard NR-12 establishes minimum requirements to ensure safety in the use of machines and equipment, and its application often refers to specific technical standards. Among them, ABNT NBR ISO 13849-1:2023, equivalent to ISO 13849-1:2023, plays a critical role. This standard defines the principles of design and validation of safety-related parts of control systems (PSRCS), with a special focus on determining the Performance Level (PL).

The correct application of ISO 13849-1 allows engineers and technicians to evaluate the ability of a security system to perform its functions under predictable failure conditions, minimizing operational risks and protecting human capital. The PL calculation is not merely a formality; is an engineering tool that quantifies the reliability of a safety function, ensuring that the residual risk is acceptable, in accordance with NR-12 guidelines.

2. Scope and Applicability: Who and What Must Comply

ABNT NBR ISO 13849-1 applies to the design and evaluation of PSRCS, regardless of the technology used (electrical, hydraulic, pneumatic, mechanical or any combination of them). Its application is vast and covers:

  • Machine Manufacturers: Responsible for designing and building machines that meet safety requirements from conception.
  • System Integrators: Companies that implement security systems on existing machines or new production lines.
  • Machine Users (Industries): Manufacturing, mining, food and beverage, pharmaceutical, automotive, steel, among others, companies that operate equipment where failures can result in significant damage to operators.
  • Specific Sectors: The standard is applicable to any sector that uses machines with safety functions, from presses and industrial robots to automated assembly lines and transport systems.

Equipment requiring PL assessment includes, but is not limited to, emergency stop systems, safety barriers, interlocking devices, two-hand controls, presence detection systems (light curtains, laser scanners), and safe speed control. The standard is essential for any component that directly participates in mitigating a specific risk.

3. Key Requirements: Summary of Essential Obligations

ABNT NBR ISO 13849-1 establishes a framework for the design of safety systems based on five Performance Levels (PL a, b, c, d, e), which correspond to different probabilities of dangerous failure per hour (PFHd). The main parameters for calculating PL include:

Table 1: Parameters and Impact on Performance Level (PL)

Parameter Description Impact on PL Mandatory
Category (Cat.) Architectural structure of the security system (B, 1, 2, 3, 4). Sets failure resistance. Fundamental. Higher categories (3, 4) allow for higher PLs. According to ABNT NBR ISO 13849-1.
MTTFd (Mean Time To Dangerous Failure) Average time to dangerous failure for each component. The higher the MTTFd, the higher the achievable PL. It must be calculated or provided by the component manufacturer.
DC (Diagnostic Coverage) Diagnostic coverage. Measure of the system's ability to detect failures. High DC (e.g. 99%) increases PL, especially for categories 2, 3 and 4. Project must include fault diagnosis methods.
CCF (Common Cause Failures) Common Cause Failures. Measure against failures that affect multiple parts. Adequate CCF prevention is crucial for elevated PLs (Cat. 3 and 4). Analysis and implementation of protection measures against CCF.
PFHd (Probability of Dangerous Failure per Hour) Probability of dangerous failure per hour. Final quantitative parameter of the PL. It must be less than the required PFHd. Calculated based on the above parameters.

4. Impact on Maintenance, Repair and Operations (MRO)

Compliance with ISO 13849-1 and, by extension, with NR-12, transforms the MRO approach. It's not just about replacing parts, but about maintaining the integrity of the security system.

  • Maintenance: Preventive and predictive maintenance programs must be reviewed. Inspection and testing of safety components must follow a strict schedule. For example, checking the diagnostic capability (DC) of a safety relay may require simulated tests every 1,000 hours of operation, with detailed recording of the results.
  • Procurement: The selection of spare parts becomes more careful. Suppliers must be able to provide reliability data (MTTFd) for their components. Traceability and certification of components are essential.
  • Documentation: Machine manuals, electrical and hydraulic diagrams, maintenance plans, test reports and the justification for the PL achieved must be meticulously maintained. NR-12 requires that this documentation be available for consultation by auditors and operators. Lack of clear documentation of a Cat. 3/PL d system, for example, can invalidate the entire risk assessment.
  • Training: Maintenance staff must be trained in PL analysis, safety function testing procedures, and identification of critical components.

5. Component Requirements and Certifications

Several components are critical to the security architecture and must meet specific requirements, often with compulsory certifications.

  • Safety Relays: They must be certified for safety applications, with MTTFd and DC data provided by the manufacturer. In Brazil, compliance with ABNT NBR ISO 13849-1 and ABNT NBR IEC 62061 standards (for electronic systems) is crucial.
  • Safety Sensors: Light curtains, laser scanners, interlock switches with locking, safety position sensors. They must have type certification and proven MTTFd.
  • Safety Actuators: Pneumatic or hydraulic safety valves that fail to a safe position (e.g. closed in the event of a power failure).
  • Safety Programmable Logic Controllers (PLCs): PLCs with integrated safety functions (Safety PLCs) must be certified to the appropriate Safety Integrity Level (SIL) or PL. INMETRO certification, when applicable to electrical equipment in classified areas (NR-10), is a differentiator.
  • Cables and Connectors: For applications in aggressive environments, they must be specified to resist temperature, chemical agents and vibration, maintaining the integrity of the safety circuit.

The traceability of safety components, with their respective certificates of conformity and technical sheets containing reliability data, is a mandatory requirement. For electrical equipment, NR-10 imposes strict conditions for installations and services, and the use of certified components directly contributes to this compliance.

6. Practical Compliance Checklist for Maintenance Managers

An effective checklist is vital to ensure ongoing compliance and operational security:

  1. Check that all machines with critical safety functions have an updated risk assessment, in accordance with NR-12.
  2. Confirm that the required PL (PLr) for each safety function was correctly determined by the risk assessment.
  3. Ensure that the PL achieved (PLa) by the safety system has been calculated and documented.
  4. Check the safety system design documentation (categories, MTTFd, DC, CCF).
  5. Confirm that all safety components (relays, sensors, PLCs) have MTTFd data provided by the manufacturer.
  6. Perform regular audits of PL calculations to validate their accuracy.
  7. Implement a preventive maintenance plan that includes periodic testing of safety functions.
  8. Record the results of all safety function tests in detail.
  9. Ensure that the maintenance team is trained in the ISO 13849-1 standard and safety procedures.
  10. Verify the traceability of critical replacement components, including certificates of origin and conformity.
  11. Ensure that the spare parts inventory includes only compatible and certified components.
  12. Implement protection measures against common cause failures (CCF) in security systems.
  13. Review and update machine safety documentation with each significant modification or repair.
  14. Make safety documentation (manuals, diagrams, reports) available for inspection.
  15. Check the physical integrity of protections and safety devices regularly.
  16. Perform root cause analysis for any security breaches to identify and correct deficiencies in the system.
  17. Establish a procedure for managing modifications (MOC – Management of Change) in security systems.
  18. Ensure that the interfaces between different security systems are clear and do not compromise the PL.
  19. Ensure that security software is properly validated and versioned.
  20. Periodically review the plant's emergency plan, considering safety gaps.

7. Common Non-Compliance Issues

Auditors often identify deficiencies in the following aspects:

  • Incomplete Documentation: Lack of PL calculations, updated diagrams or test reports.
  • Incorrect PL calculations: Errors in determining the MTTFd, DC or CCF, leading to an overestimated PL.
  • Inadequate Components: Use of spare parts without the necessary reliability data or without adequate certification. A safety sensor replaced by a standard sensor can degrade the system PL.
  • Lack of Periodic Testing: Security systems are not tested regularly, allowing undetected dangerous flaws to accumulate.
  • Ineffective CCF Measures: Insufficient circuit separation, use of components from different manufacturers or technologies for redundancy, lack of protection against electromagnetic interference.
  • Insufficient Training: Maintenance teams lacking knowledge of the complexity of security systems.
  • Unauthorized Bypasses: Temporary or permanent deactivation of security functions to "speed up" production.

8. Penalties and Legal Responsibilities

Non-compliance with NR-12 and, by extension, with ABNT NBR ISO 13849-1, leads to serious consequences, both for the company and its managers.

  • Fines: The Ministry of Labor and Employment (MTE) inspection may impose high fines, calculated based on the number of employees, the type of infraction and its recurrence. Fines for non-compliance with NR-12 can range from hundreds to tens of thousands of reais per irregular item.
  • Machine interdiction: In cases of serious and imminent risk, machines or entire sectors of the factory may be interdicted, resulting in production stoppage and substantial financial losses.
  • Civil Actions and Compensation: In the event of workplace accidents, the company may be held civilly liable for material, moral and aesthetic damages, with compensation that can reach millions of reais. A fatal accident can result in lifetime pension payments for dependents, set at minimum wages.
  • Criminal Liability: Managers and engineers may be held criminally liable for bodily injury or manslaughter, as a result of negligence, incompetence or recklessness that lead to accidents. The penalty can vary from detention to imprisonment, depending on the severity.
  • Impact on Image and Reputation: Serious accidents and non-compliance compromise the company's image in the market, affecting relationships with customers, investors and the community.
  • High Insurance Costs: Insurance companies may deny coverage or significantly increase premiums in the event of a history of non-compliance or accidents.

For example, the failure of an emergency stop system with PLc, where a PLd was required, and which results in a lost-time accident, can generate a fine of R$50,000.00 and a civil action with a claim for compensation of R$500,000.00, in addition to the cost of image and the potential loss of quality certifications (e.g.: ISO 9001).

9. Conclusion: The Commitment to Safety and Quality

Compliance with ABNT NBR ISO 13849-1 is more than a legal requirement; It is an investment in worker safety and operational efficiency. Understanding and correctly applying Performance Level principles ensures that security functions act reliably, minimizing risks and protecting the company's assets.

Choosing certified components and establishing robust MRO processes are decisive in achieving and maintaining compliance. Partnerships with suppliers who understand these requirements and offer high-quality products with complete documentation and reliability data are essential.

For certified components that meet the highest security and reliability standards, visit the UNITEC-D E-Catalog.

10. References

  • ABNT NBR ISO 13849-1:2023 – Machinery safety — Safety-related parts of control systems — Part 1: General principles for design.
  • ABNT NBR ISO 12100:2020 – Machine safety — General design principles — Risk assessment and reduction.
  • ABNT NBR IEC 62061:2019 – Machine safety — Functional safety of safety-related control systems.
  • Regulatory Standard NR-12 – Occupational Safety in Machines and Equipment (MTE Ordinance No. 1,282, of 2018).
  • Ministry of Labor and Employment (MTE) – NR-12 Guides and Manuals.

Related Articles