Electrical, electronic and programmable electronic products and components, which are applied in safety-related applications require a high degree of safety, reliability and quality. Failure within these devices can put both people and the environment in dangerous situations.
As a worldwide independent testing and certification institute, we support companies in developing and manufacturing safety-related products and systems according to the requirements of the relevant standards (IEC 61508, IEC 61511 and others).
Within our testing activities we assess products and provide technical reports. If a product has been successfully developed and tested in conformance to the applicable industrial standards, we issue a certificate confirming the functional safety of the product.
This TÜV Rheinland certificate as well as the corresponding test mark is acknowledged worldwide within the industry.
Please contact us to learn more about how our functional safety certification services for safety-related products can benefit your company.
Type approvals provide proof that the product meets the requirements of relevant product standards and can be used in the specified range of operation. It provides a basis for the producer's CE declaration of conformity, as all relevant European Directives (at least low voltage- and EMC-directives) necessary for the proof of conformity are applied.
Because of the complexity of today's devices, these tests are carried out parallel to product development. The testing authority cooperates with the manufacturer during the early product specification and conception phases. This is an important advantage enabling manufacturers to streamline development efforts.
A type approval is structured in the following phases:
The Automation and Functional Safety division of TÜV Rheinland is accredited by the DAkkS as a Testing Laboratory acc. to DIN EN ISO/IEC 17025.
The examination results are reviewed and conformity assessed by the related Certification Body.
After the successful conclusion of the main inspection, the 3rd phase of implementing certification of the product follows.
The test mark "Functional Safety FS" is applied to products, requiring product- or application standards of functional safety to be used in safety-related applications.
Failsafe behavior according to a defined safety level (SIL, PL or other) has to be proven in accordance to the relevant standards for these products.
All aspects of functional safety must be considered:
The test mark shows that products are suitable for the use in a safety function to a defined SIL / PL according to the described requirements of the user manual.
The test mark "Functional Safety FS" includes the "type approved" test mark confirming appropriate testing content.
Functional Safety (FS) is the safeguard against hazards resulting from faulty and interrupted functionality. Functionally safe controls and protective equipment are installed and used to protect people, the environment and goods of value. Such controls are applied to industrial machines, with potentially dangerous movements and emissions, in chemical plants, for devices used in the railway automotive and medical industries, etc.
Safety must be ensured under normal and/or undisturbed conditions and maintained in case of abnormal conditions, requiring products to be designed in such a way that fault, failures and external influences do not result in an undetected loss of safety.
The objective of functional safety is to protect against unacceptable direct risks of physical injury or damaged health and harmful indirect threats to property or the environment. Today, the objective is sometimes extended to the protection against the damage and destruction of goods of value.
Functional safety is intrinsically end-to-end in scope, so it must consider component or subsystem function as part of the overall functionality of the complete system. While functional safety standards focus on electrical, electronic and programmable systems (E/E/PS), the focus on end-to-end scope requires that, in practice, functional safety methods must be extended to include non-E/E/PS parts of the system being actuated, controlled or monitored by electrical, electronic or programmable systems.
includes the following minimal steps:
1. Identifying the required safety functions. A process of function reviews and formal risk and hazard analysis are applied to distinguish hazards and corresponding safety functions.
2. Assessment of risk-reduction required by the safety function using a safety integrity level (SIL) inspection. A safety integrity level refers to the end-to-end safety function of the overall safety-related system, not only to a component or part of the system.
3. Ensuring safety functions are performed according to the design intent while considering conditions of incorrect operator input and failure modes. This requires having both the design and lifecycle managed by qualified and competent engineers carrying out processes to a recognized functional safety standard. Today, the “mother” IEC / EN 61508 or one of its industry specific standards (sector-application standards) are regarded as the recognized standards for functional safety.
4. Verification that the system meets the assigned SIL, by determining the mean time between failures (MTBF) and the safe failure fraction (SFF), along with appropriate tests. The safe failure fraction is the probability of the system failing in a safe state: dangerous or critical states are identified by a failure mode effects analysis (FMEA) or a failure mode criticality analysis (FMECA).
5. Perform functional safety audits to examine and assess the evidence that the appropriate safety life-cycle management techniques were applied consistently and thoroughly in the relevant life-cycle stages of the product.
Neither safety nor functional safety can be determined without considering the complete system and the environment with which it interacts. Functional safety is inherently end-to-end in scope.
Figure 1: IEC 61508 as the “mother” standard for functional safety and derived sector-application standards
Any requirement of functional safety for a component, subsystem or system should be independently certified according to one of the recognized functional safety standards. A certified product can then be claimed to be functionally safe to a particular safety integrity level or a performance level in a specific range of applications: the certificate is provided to the customer with a test report describing the scope and limits of performance.
It is possible to certify both products and processes managing product life-cycle.
|Reference Case: HIPPS Castor, Spain||121 KB||Download|