3TK28 Safety Relays
General data
7/67
Siemens LV 1 · 2006
77
■
Application
Classification of a machine in categories acc. to EN 954-1
The 98/37/EG machinery directive stipulates that every machine
must comply with the applicable guidelines and standards.
Measures must be taken to keep the risk to persons as small as
possible.
The first step is for the project engineer to perform a risk
evaluation according to EN 1050 "Guidelines for risk
assessment". The ambient conditions of the machine have to be
considered, for example. Then any overall risk must be
evaluated. Risk evaluation must be performed in such a manner
that the procedure and conclusions can be retraced.
The dangers and possible technical measures for reducing risk
must also be specified.
After risk assessment, the category according to which the
safety circuits will be designed and implemented is specified
with the aid of EN 954-1.
This category defines the technical requirements for the
configuration of the safety equipment. There are five categories
(B, 1, 2, 3 and 4), whereby B (for Basic category) is the category
of the lowest risk and the one which defines the minimum
demands made on the control system.
Possible selection of the categories acc. to EN 954-1
Summary of the requirements for categories acc. to EN 954-1
Starting point for risk assessment
of the safety related part of the control S Severity of the injury F Frequency and/or duration of
the exposure to danger P Possibility to avoid the danger
S1 Minor (usually reversible)
injury F1 From rarely to often and/or
short duration of exposure P1 Possible under certain
conditions
S2 Serious (normally
irreversible) injury including
death
F2 From frequently to
constantly and/or long
duration of exposure
P2 Hardly possible
Selection of the category
B, 1 to 4: Categories for parts of controllers with relevance for safety
●Preferred categories for reference points
●Possible categories which demand additional measures
❍Measures that may be excessive with respect to the particular risk
Category
(not to be applied
in any specific
hierarchy)
Summary of requirements System response Principles for achieving
safety
B The safety related parts of controllers and/or their protective
devices as well as their components must be designed,
constructed, selected, assembled and combined in
accordance with the applicable standards in such a way that
they can resist the expected external influences.
The occurrence of a fault can result
in loss of the safety function. Mainly characterized by the
selection of components
1 The requirements of B must be met.
Well-proven components and well-proven safety principles
must be implemented.
The occurrence of a fault can result
in loss of the safety function but the
probability of it occurring is less
than for Category B.
2 The requirements of B must be met and well-proven safety
principles must be implemented.
The safety functions must be tested at regular intervals by the
machine control.
The occurrence of a fault can result
in loss of the safety function
between tests.
The loss of the safety function will
be detected by the test.
Mainly characterized by the
structure
3 The requirements of B must be met and well-proven safety
principles must be implemented.
Parts with relevance for safety must be implemented such that
a single fault in any of these components does not result in loss
of the safety function, and whenever reasonably possible, the
individual fault is detected.
When the single fault occurs, the
safety function is always
maintained.
Some but not all faults are detected.
An accumulation of undetected
faults may lead to loss of the safety
function.
4 The requirements of B must be met and well-proven safety
principles must be implemented.
Parts with relevance for safety must be implemented such that
a single fault in any of these components does not result in loss
of the safety function, and the individual fault is detected
during or before the next activation of the safety function or, if
this is not possible, an accumulation of faults will not result in
loss of the safety function.
When faults occur, the safety
function is always maintained.
The faults are detected early to
prevent loss of the safety function.
NSC0_00302
B1 23 4
S1
S2
F1
F2
P1
P2
P1
P2
Category