Technical Articles 4 min read

Machine safety: SIL and PL assessment according to IEC 62061 and ISO 13849

Technical analysis: Machine safety: SIL and PL rating calculation according to IEC 62061 and ISO 13849

Machineveiligheid: SIL- en PL-beoordeling volgens IEC 62061 en ISO 13849 - UNITEC-D Industrial MRO
Dit artikel analyseert de berekeningsmethodieken voor machineveiligheid volgens ISO 13849 en IEC 62061. Het biedt ingenieurs praktische richtlijnen voor het bepalen van PL en SIL om naleving en operat

1. Introduction

In modern industrial production, especially in the mechanical engineering and automation sectors in the Benelux, machine safety is a fundamental aspect of design and operations. The goal is to minimize risks to personnel and equipment, while ensuring operational availability. The European Machinery Directive (2006/42/EC) requires machines to meet strict safety requirements. Two international standards are applied to validate safety functions: ISO 13849-1 (for Performance Levels, PL) and IEC 62061 (for Safety Integrity Levels, SIL). Correctly understanding and applying these standards is essential for every reliability engineer and machine designer.

2. Fundamental Principles

Safety systems work by detecting a risk, processing this signal and carrying out a safe action (for example switching off an engine). Both PL and SIL are based on a probabilistic approach: the probability of failure per hour (PFHd). ISO 13849-1 focuses on the architecture and reliability of components, expressed in PL a to e. IEC 62061 is more strongly based on the system architecture and IEC 61508, expressed in SIL 1 to 3.

3. Technical Specifications & Standards

The calculation of safety functions is based on several critical parameters:

  • MTTFd (Mean Time To Dangerous Failure): The average time to a dangerous failure.
  • DC (Diagnostic Coverage): The effectiveness of a system's self-diagnosis.
  • CCF (Common Cause Failure): Measures to prevent failure due to common causes (e.g. overvoltage, vibration).
  • PFHd: The probability of a dangerous failure per hour, the most important metric for determining safety integrity.

The basic formula applies to a safety function: PFHd(total) = PFHd(sensor) + PFHd(logic) + PFHd(actuator).

4. Selection & Sizing Guide

The selection of the right architecture depends on the required risk reduction level, determined via a risk analysis according to NEN-EN-ISO 12100.

Architecture (Category)Max. accessible PLMax. accessible SILFeatures
Cat B/1PL cSIL 1Single channel, basic functions.
Cat 2PL cSIL 1Single with periodic control.
Cat 3PL dSIL 2Dual channel, error detection possible.
Cat 4PL eSIL 3Dual channel with high DC, fault tolerant.

5. Installation & Commissioning

Correct design is insufficient without correct installation. Important guidelines are:

  • Cabling: Use shielded cables to minimize EMC interference (according to IEC 61000-6-2).
  • Redundancy: For categories 3 and 4, ensure physical separation of the channels to prevent CCF.
  • Test frequencies: Validate the safety function during commissioning and plan periodic functional tests (e.g. annually).

6. Failure Modes & Root Cause Analysis

Understanding how components fail is necessary for predictive maintenance. Common failure modes include:

  • Contact welding: With relays or contactors, often due to exceeding the rated current (AC-3 load).
  • Sensor drift: Drift in proximity switches due to temperature differences or mechanical wear.
  • Software errors: Logical errors in the safety PLC.

Use component B10d values ​​(number of cycles to 10% failure) to estimate service life: MTTFd = B10d / (0.1 * n_op), where n_op is the number of cycles per year.

7. Predictive Maintenance & Condition Monitoring

Modern safety systems support diagnosis via fieldbuses (e.g. PROFIsafe, CIP Safety). This enables continuous monitoring:

  • Diagnostic data: Error codes from safety PLCs provide insight into the health of specific channels.
  • Cycle count: Automatic registration of the number of actuator actions for timely replacement advice (preventive maintenance).

8. Comparison matrix

The table below compares the relationship between PL and SIL based on PFHd values.

Performance Level (PL)SIL (IEC 62061)PFHd range (1/h)
PL a-≥ 10^-5 to < 10^-4
PL bSIL 1≥ 3 x 10^-6 to < 10^-5
PL cSIL 1≥ 10^-6 to < 3 x 10^-6
PL dSIL 2≥ 10^-7 to < 10^-6
PL eSIL 3≥ 10^-8 to < 10^-7

9. In summary

Determining the appropriate safety level for industrial machines is a technical process that requires strict compliance with applicable standards. By correctly applying ISO 13849-1 and IEC 62061 you create a safe and reliable working environment. UNITEC-D supports you in this process with an extensive range of certified safety components that meet the highest industry standards. Consult our e-catalog for certified safety components: https://www.unitecd.com/e-catalog/

10. References

  • NEN-EN-ISO 13849-1: Safety of machines - Parts of control systems with a safety function.
  • IEC 62061: Safety of machinery – Functional safety of safety-related electrical, electronic and programmable electronic control systems.
  • NEN-EN-ISO 12100: Safety of machines – General design principles.
  • IEC 61508: Functional safety of electrical/electronic/programmable electronic safety-related systems.

Related Articles