GB 28526-2012 PDF in English
GB 28526-2012 (GB28526-2012) PDF English
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GB 28526-2012 | English | 145 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Electrical safety of machinery -- Functional safety of safety-related electrical, electronic and programmable electronic control systems
| Valid |
Standards related to: GB 28526-2012
PDF Preview
GB 28526-2012: PDF in English GB 28526-2012
Electrical safety of machinery. Functional safety of safety-related electrical, electronic and programmable electronic control systems
ICS 29.020
K09
National Standards of People's Republic of China
Electrical safety of machinery safety-related electrical, electronic and
Functional safety of programmable electronic control systems
(IEC 62061.2005, Safetyofmachinery-Functionalsafetyofsafety-related
electrical, electronicandprogrammableelectroniccontrolsystems, IDT)
Issued on. 2012-06-29
2013-05-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅴ
Introduction Ⅳ
1 Scope 1
2 Normative references 2
3 Terms and definitions, abbreviations 3
3.1 Definitions Table 3 Alphabetically
3.2 Terms and definitions 4
3.3 11 Acronym
4 12 Functional Safety Management
4.1 Objective 12
4.2 Requirements 12
5 safety-related control function specifications (SRCF) 13
5.1 Objective 13
5.2 SRCF Requirements Specification 13
6 safety-related electrical control system design and integration (SRECS) 14
6.1 Objective 14
6.2 General requirements 15
6.3 Behavior (SRECS) is detected SRECS failure of claim 15
6.4 SRECS systematic safety integrity requirements 16
6.5 safety-related electrical control system selection 17
6.6 safety-related electrical control system (SRECS) design and development 17
6.7 subsystem enables 21
6.8 diagnostic functions to achieve 32
6.9 SRECS hardware 33
Software safety requirements specification 33 6.10
Software design and development 34 6.11
6.12 safety-related electrical control system integration and testing 39
6.13 SRECS installation 40
7 SRECS usage information 40
7.1 Objective 40
7.2 installation, use and maintenance of documents 40
8 safety-related electrical control system to confirm 41
8.1 Objective 41
41 8.2 General Requirements
8.3 SRECS systematic safety integrity Claim 41
9 Amendment 42
9.1 Objective 42
9.2 modify the program 42
9.3 configuration management program 43
10 File 44
Appendix A (Informative Appendix) SIL assignment 46
Annex B (informative) safety-related electrical control system (SRECS) design concepts and requirements of the Terms of Use example 5, 6
Annex C (informative) Embedded Software Design and Development Guide 57
Annex D (informative) Failure mode of electrical/electronic components 63
Appendix E (normative) in accordance with GB/T 17799.2-2003 for industrial environments SRECS electromagnetic phenomena (EM) and
Raise the level of immunity 67
Annex F (informative) common cause failures (CCF) Sensitivity Evaluation 69
Figure 1 IEC 62061 and other relevant standard relational Ⅶ
Figure 2 SRECS design and development process workflow 19
Figure 3 subsystem modules configured security requirements (see 6.6.2.1.1) 20
4 subsystem design and development process (see Figure 6B Box 2) 23
Figure 5 is decomposed into functional blocks redundancy block elements and their associated sub-elements 24
Figure 6 represents a logical subsystem A 28
Figure 7 represents a logical subsystem B 29
Figure 8 represents a logic subsystem C 29
9 D subsystem logical representation 30
Figure A.1 workflow SIL assignment process 46
Figure A.2 parameters for risk assessment 47
Figure A.3 SIL assignment process in the form of example 51
Figure B.1 functional decomposition of the term 52
Figure B.2 machine Example 53
Figure B.3 SRCF asked for clarification 53
Figure B.4 decomposition function block structure 53
B.5 SRECS preliminary conceptual diagram of the structure 54
Figure B.6 subsystem (SS1 to SS4) embedded diagnostics capability SRECS architecture 55
B.7 subsystem SS3 embedded diagnostic functions SRECS architecture 55
Figure B.8 For the SRECS PFHD assessment 56
Table 1 IEC 62061 and ISO 13849-1 Recommended for (revision) Ⅷ
Table 2 Overview of standards and targets 1
Table 3 Safety Integrity Level. SRCF target failure value 14
Table 1 Characteristics of four subsystems and subsystems used in Example 2 (see note 6.6.3.3) 21
Table 5 subsystem architecture restrictions. the use of this subsystem SRCF may require the maximum SIL 25
Table 6 architectural limitations. Classification related SILCL 26
Table 7 the probability of dangerous failure 27
Table 8 SRECS information and documents 45
Table A.1 Severity (Se) classification 48
Frequency (Fr) and duration of exposure classification 48 Table A.2
Table A.3 Probability (Pr) Category 49
Table A.4 avoid or limit the probability of harm (Av) Level 50
Table A.5 used to determine the probability of injury level parameters (CI) 50
Table A.6 SIL assignment matrix 50
Table D.1 electrical/electronic failure mode rate Example 63
Table E.1 SRECS electromagnetic phenomena (EM) and improve immunity 67
Table E.2 RF field test to select the frequency 68
Table E.3 conducting RF field to select the frequency 68
Table F.1 CCF assessment guidelines 69
Table F.2 CCF factor (β) Assessment 70
Foreword
5,6.4,6.6.3,6.10,6.12 this standard are mandatory, the rest are recommended.
This standard was drafted in accordance with GB/T 1.1-2009 given rules.
This standard uses the translation method identical with IEC 62061.2005 "Safety of machinery safety-related electrical, electronic and programmable electronic control
System security features. "
The editorial changes made the following standard.
--- Standard name changed to "Electrical safety of machinery safety-related electrical, electronic and programmable electronic control systems safety function";
--- Delete international standards foreword.
The standard proposed by China Machinery Industry Federation.
The standard mechanical and electrical systems by the National Standardization Technical Committee (SAC/TC231) centralized.
This standard is drafted by. National Machine Products Quality Supervision and Inspection Center, Chinese Academy of Sciences Institute of Computing Technology Co., Ltd.
Participated in the drafting of this standard. Solid Technology (Shenzhen) Co., Ltd., Beijing KND CNC Technology Co., Ltd., Jinan Lingkang number
Control Technology Co., Ltd., Suzhou City, measuring Detection Technology Co., Ltd., Zhejiang Kaida Machine Tool Group Co., Ltd.
The main drafters of this standard. Cho Kwong, Yin Zhenyu, Zhao Qin Zhi, Yang Jingyan, Huang Lin, in the East, Gong Xiaoyun, Zhang Chengrui, Yang Hongli, Zhu Ping,
He Yujun, Hu Yi.
introduction
Since the result of automation required to increase production and reduce operating staff strength, machinery safety-related electrical control system (hereinafter referred to as
SRECS) play an increasingly important role in achieving the overall machine safety. In addition, it SRECS themselves increasingly using sophisticated electronic technology.
In the absence of standards before, people are less reluctant to accept SRECS safety-related functions to deal with major machine dangerous, because such technologies
Performance uncertainty.
This standard mechanical designers, and other personnel control system manufacturers and integrators and norms involved, SRECS design and validation
Personnel. It is required to achieve the stated performance methods and requirements.
This standard describes the specific application within the frame of the machine in the field of IEC 61508. It is mainly the major danger in order to improve the machine in the event (see
Specifications for safety-related electrical control system under ISO 12100-1 section 3.8) conditions.
This standard provides the mechanical part of the machine-specific features SRECS security framework. It includes only security lifecycle from the safety requirements with
Set to confirm the safety related aspects of processes. Requirements to provide information about the safe use of SRECS of machines, it
After phase SRECS life related.
SRECS when used as part of the safety assessment, in many cases, the machine may lead to lower risk. Typical case
Using interlocking guards, when it is open, meaning that the danger zone is accessed, then the initiative to send a signal to the electrical control system, stop
Dangerous machine operation. Similarly, in automation, the electrical control system generally used to achieve proper machining operations can often
Failure by reducing the risk of a direct result of the control system in order to achieve security. This standard provides the following methods and requirements.
--- Specify each safety-related control functions performed by the SRECS required safety integrity levels;
--- Make SRECS designed for specific safety-related control functions;
--- Designed integrated security related subsystems comply with ISO 13849;
--- Confirmation SRECS.
The standard is expected to reduce systemic risk within the framework for ISO 12100-1 described and in accordance with ISO 14121 (EN1050) description
Principles referred to, in conjunction with the risk assessment. Safety Integrity Level (SIL) assignment method recommended in information provided in Appendix A.
Taking into account the internal control system of random electrical failure or system failure probability and results, the performance and coordination SRECS expected risk
Reducing measures.
Figure 1 shows the relationship between this standard and other relevant standards.
Table 1 summarizes the application of this standard and ISO 13849-1 revision proposals.
IEC 62061 and ISO 13849-1 (under revision) provides mechanical safety-related control system design and implementation requirements. In the standard range
Inside, use any of them, it can be presumed to meet the relevant basic safety requirements. Table 1 summarizes the IEC 62061 and ISO 13849-1 (Amendment
In) range.
NOTE. ISO 13849-1 is currently being developed by ISO TC199 and CEN.TC114 making.
Diagram 1 IEC 62061 and other relevant standards
Table 1 IEC 62061 and ISO 13849-1 Recommended for (revision)
Perform safety-related control techniques ISO 13849-1 (under revision) IEC 62061
A non-electrical, such as hydraulic X are not included
B electromechanical, such as relays or limit specified complex electronic structure (see Note 1) and reach PL = e all structures and achieve SIL3
C Complex electronics, such as a programmable limit specified structure (see Note 1) and reach PL = d All structure and achieve SIL3
DA and limit the assigned structure B combination (see Note 1) and reach PL = e X See Note 3
EC limits specified structure and composition B (see Note 1) and reach PL = d All structure and achieve SIL3
FC in combination with A, B or C with A and X combination See Note See Note 2 X 3
"X" indicates that the item is processed by the column headings shown in this standard.
Note 1. The specified structure ENISO 13849-1 (Rev.) specified in appendix B, provides a simplified method to quantify performance levels.
Note 2. For complex electronics. According ENISO 13849-1 (revision) using the assigned structure, to PL = d or in accordance with any IEC 62061
structure.
Note 3. For non-electrical technology, in accordance ENISO 13849-1 (revision) as specified in part subsystem.
Electrical safety of machinery safety-related electrical, electronic and
Functional safety of programmable electronic control systems
1 Scope
This standard machinery safety-related electrical and electronic and programmable electronic control systems (SRECS) design, integration and validation requirements
And give advice (see Notes 1 and 2).
This standard applies to individual or combined way to use a control system to enable non-portable working machine to perform safety-related
Control functions, including a group of machines working together in a coordinated manner, does not apply to portable working machine.
Note 1. In this standard, the "electrical control system," the term means "electrical, electronic and programmable electronic (E/E/PE) control system", "SRECS" represents
"Safety related electrical, electronic and programmable electronic control systems."
Note 2. In this standard, the design assumptions complex programmable electronic subsystems or subsystem elements related to IEC 61508 requirements. This standard provides consumers
Law, not of such elements as SRECS subsystem and subsystem components development.
This standard is applicable standards do not restrict or impede technological progress. It does not include the desired or required by other standards or regulations for the protection of personal
From danger all the requirements (for example protection, non-electrical or non-electrical interlock control). Each type of machine has unique requirements to meet the needs,
To provide adequate security.
This standard.
--- Relates only expected to reduce the risk of personal injury or health hazards of direct access to the machine or use the machine directly caused by safety features
Wide requirements;
--- Limited risk of the machine itself or dangerous machine groups to work together in a coordinated manner arising directly;
Note 3. reduce the risk caused by other hazards require related fields in the standard. For example, the machine is part of the processing activities, the mechanical and electrical
Control system functional safety requirements should meet other requirements (such as GB/T 21109), as long as the safety-related processing.
--- Does not provide non-electrical machinery (for example, hydraulic, pneumatic) control elements of the performance requirements;
Note 4. Although this standard specifically for electrical control system, but the provisions of the framework and methodology can be applied to other art control system security
Related components.
Electrical Hazard --- does not include electrical control equipment itself caused (eg electric shock, see GB 5226.1).
The objective of this standard specific provisions in Table 2.
Table 2 Overview of standards and objectives
Terms target
Functional Safety Management
To achieve SRECS functional safety requirements, provide for the necessary management and technical activities
Safety-related control function specifications
Establish procedures, requirements relating to safety control functions. These requirements specifications and functional requirements of safety and integrity
Requirements expressed in terms of specification
Design of safety-related electrical control system
And Integration
In order to meet functional safety requirements, regulations SRECS selection criteria and/or design and implementation. include.
Select the system architecture;
Select the safety-related hardware and software;
Design of hardware and software;
Verify the design of hardware and software to meet the functional safety requirements
TABLE 2 (cont.)
Terms target
SRECS usage information
Provisions provide SRECS use of information requirements, which provide random data. include.
Provide user manuals and procedures;
Provide maintenance manuals and procedures
Confirm safety-related electrical control system
SRECS shall apply to the confirmation process requirements. Including SRECS inspection and testing to ensure that it reaches
To the safety requirements specification requirements.
Modify safety-related electrical control system
When modifying SRECS, the provisions modify the program requirements, including.
Before any modification of the SRECS, make the appropriate plans and verification;
Upon completion of any modifications to meet SRECS safety requirements specification
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein
Member. For undated references, the latest edition (including any amendments) applies to this document.
GB 5226.1-2008 Safety of machinery - Electrical machinery and electrical equipment - Part 1. General requirements (IEC 60204-1.2005,
IDT)
GB/T 15706.1-2007 Safety of machinery - Basic concepts, general principles for design - Part 1. Basic terminology, methodology
(ISO 12100-1.2003, IDT)
GB/T 15706.2-2007 Safety of machinery - Basic concepts, general principles for design - Part 2. Technical principles (ISO 12100-2.
2003, IDT)
GB/T 16855.1-2008 Safety of machinery - Safety-related control system components - Part 1. General principles for design (ISO 13849-1.
2006, IDT)
GB/T 16855.2-2007 Safety of machinery - Safety-related control system components - Part 2. Confirm (ISO 13849-2.2003,
IDT)
GB/T 16856.1-2008 Safety of machinery - Risk assessment - Part 1. Principles (ISO 14121-1.2007, IDT)
GB/T 16856.2-2008 Safety of machinery - Risk assessment - Part 2. Implementation guidance and examples of methods (ISO /T R14121-2.
2007, IDT)
GB/T 17799.2-2003 Electromagnetic compatibility - Generic standards - Immunity for industrial environments (IEC 61000-6-2.1999,
IDT)
GB 18209.1-2010 Electrical safety of machinery - Indication, marking and actuation - Part 1. Requirements for visual, auditory and tactile signals
Requirements (IEC 61310-1.2007, IDT)
GB 18209.2-2010 Electrical safety of machinery - Indication, marking and actuation - Part 2. Requirements for marking (IEC 61310-2.2007,
IDT)
GB 18209.3-2010 Electrical safety of machinery - Indication, marking and actuation - Part 3. actuator location and operating requirements
(IEC 61310-3.2007, IDT)
GB/T 20438.2-2006 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 2. Electrical/Electronic /
A programmable electronic safety-related systems (IEC 61508-2.2000, IDT)
Functional safety GB/T 20438.4-2006 electrical/electronic/programmable electronic safety-related systems - Part 4. Definitions and abbreviations
Language (IEC 61508-4.1998, IDT)
Functional safety GB/T 21109.1-2007 process industry Safety Instrumented Systems Part 1. Framework, definitions, system, hardware
And software requirements (IEC 61511-1.2003, IDT)
IEC 61508-3 electrical/electronic/programmable electronic safety-related systems Functional safety - Part 3. Software requirements (Functional
safetyofelectrical/electronic/programmableelectronicsafety-relatedsystems-Part 3. Softwarere-
quirements)
3 Terms and definitions, abbreviations
3.1 Definitions of the table in alphabetical order
Definition number
Applications applicationsoftware 3.2.46
Architectural limitations architectureconstraint 3.2.36
Architecture architecture 3.2.35
Common Cause Failure commoncausefailure 3.2.43
Complex parts complexcomponent 3.2.8
Control controlfunction 3.2.14
Dangerous failure dangerousfailure 3.2.40
Requirements demand 3.2.25
Diagnostic coverage diagnosticcoverage 3.2.38
Electrical control system electricalcontrolsystem 3.2.3
Embedded Software embeddedsoftware 3.2.47
Failure failure 3.2.39
Fault fault 3.2.30
Fault-tolerant faulttolerance 3.2.31
Full variability language type fulvariabilitylanguage (FVL) 3.2.48
Function Block functionblock 3.2.32
Function block element functionblockelement 3.2.33
Functional safety functionalsafety 3.2.9
Hardware safety integrity hardwaresafetyintegrity 3.2.20
Danger (from mechanical) hazard (frommachinery) 3.2.10
Dangerous situation hazardoussituation 3.2.11
High demand or continuous mode highdemandorcontinuousmode 3.2.27
Limited variability language type limitedvariabilitylanguage (LVL) 3.2.49
Low complexity member lowcomplexitycomponent 3.2.7
Low demand mode lowdemandmode 3.2.26
Mechanical control system machinecontrolsystem 3.2.2
Table (Continued)
Definition number
Mechanical (machine) machinery (machine) 3.2.1
The average time between failures MeanTimeToFailure (MTTF) 3.2.34
The probability of dangerous failure per hour probabilityofdangerousfailureperhour (PFHD) 3.2.28
Verification test prooftest 3.2.37
Protective measures protectivemeasure 3.2.12
Random hardware failures randomhardwarefailure 3.2.44
Risk risk 3.2.13
Fail-safe safefailure 3.2.41
Safe failure fraction safefailurefraction 3.2.42
Security features safetyfunction 3.2.15
Safety Integrity safetyintegrity 3.2.19
Safety Integrity Level safetyintegritylevel (SIL) 3.2.23
Safety-related control functions safety-relatedcontrolfunction (SRCF) 3.2.16
Safety-related electrical control system safety-relatedelectriccontrolsystem (SRECS) 3.2.4
Security-related software safety-relatedsoftware 3.2.50
SIL claim limit SILclaimlimit 3.2.24
Software safety integrity softwaresafetyintegrity 3.2.21
SRECS diagnostic functions SRECSdiagnosticfunction 3.2.17
SRECS fault reaction SRECSfaultreactionfunction 3.2.18
Subsystem subsystem 3.2.5
Subsystem element subsystemelement 3.2.6
System failure systematicfailure 3.2.45
Systematic safety integrity systematicsafetyintegrity 3.2.22
Target failure value targetfailurevalue 3.2.29
Confirm validation 3.2.52
Verify verification 3.2.51
3.2 Terms and Definitions
The following terms and definitions apply to this document.
3.2.1
Mechanical machinery
Machine machine
A combination of a number of parts and components from which there is at least one part can be moved and has appropriate mechanical operation of the actuator, control
Braking and power circuit. Combinations of certain application purposes, such as materials processing, treatment, handling or packaging.
"Mechanical" This term also includes a combination of machines, the purpose of the application is about the same number of machines arranged, controlled as a complete machine
That exert their function.
Note 1. This is used in "combination" in the usual sense of the term is not only a combination of electrical components.
Note 2. rewrite GB/T 15706.1-2007, Definition 3.1.
3.2.2
Mechanical control system machinecontrolsystem
On from the process, other mechanical input element, the operator or external control device responds and generates output, the mechanical press
The system according to a predetermined manner.
3.2.3
Electrical control system electricalcontrolsystem
All electrical, electronic and programmable electronic control systems, including mechanical components for providing operational control, monitoring, interlock, communications, protection
And safety-related control functions.
Note. The safety-related control functions can be performed by a separate component or complete implementation of non-safety-related functions of the machine control system.
3.2.4
Safety-related electrical control systems Safety-relatedelectriccontrolsystem
SRECS
Whose failure could lead to an immediate increase in the risk of mechanical and electrical control systems.
NOTE. SRECS includes all electrical control system from the power circuit and control circuit, which may lead to failure of the safety function is reduced or lost.
3.2.5
Subsystem subsystem
Entity SRECS senior structural design, failure of any subsystem will lead to failure of safety-related control functions.
Note 1. The complete subsystem may consist of a number of identifiable and separate subsystem unit, assigned together to perform the role of sub-function blocks.
Note 2. This definition is limited to the GB/T 20438.4 general definition. Following a set of design elements interaction may include interaction between hardware, software and
people. System can customize an element into another system, it becomes subsystems.
Note 3. In the public language, "subsystem" can refer to any details of an entity. In contrast, the present standard uses the term "subsystem" is art
Pragmatics within clearly defined level range. "subsystem" is the first level subdivision of the system. Section is further broken down by the subsystem produced called "daughter
EC element. "
3.2.6
Subsystem element subsystemelement
Part of the subsystem consists of a single element or any element group.
3.2.7
Low Complexity element lowcomplexitycomponent
Class element.
--- Failure mode is well defined; and
--- Behavior under fault conditions can be completely determined.
Note 1. Overrides GB/T 20438.4-2006, the definition of 3.4.4.
Note 2. Under fault conditions, the behavior of low-complexity components can be determined by analysis and/or test methods.
Note 3. subsystem or subsystems element contains one or more limit switches, which may be inserted through the operation of electromechanical relays, the contacts of one or more cutting
The motor is an example of low-complexity components.
3.2.8
Complex components complexcomponent
Class element.
--- Failure mode is not well defined; or
--- Behavior under fault conditions can not be fully determined.
3.2.9
Functional safety functionalsafety
Safety - Part machinery and mechanical control system depends on the correct function of the SRECS, other technology safety-related systems and external risk
Reduction facilities.
Note 1. Overrides GB/T 20438.4-2006, the definition of 3.1.9.
Note 2. This standard only consider applications depends on the function of mechanical safety SRECS proper function.
Note 3. ISO /IEC Guide 51 is defined as a security risk exemption can not be accepted.
3.2.10
Danger (from the machine) hazard
Potential physical injury or damage to health sources.
Note 1. Overrides GB/T 15706.1-2007, definitions 3.6.
Note 2. The term hazard can be expected by their origin or nature of the injury (eg, risk of electric shock, crush hazard, cutting hazard, toxic hazard, fire hazard) were
Provisions.
3.2.11
Dangerous situation hazardoussituation
Personnel exposed to hazardous environments.
NOTE. rewrite GB/T 15706.1-2007, definitions 3.9.
3.2.12
Protective measures protectivemeasure
Measures to reduce risks.
NOTE. rewrite GB/T 15706.1-2007, definitions 3.18.
3.2.13
Risk risk
The probability of occurrence of injury and injury severity synthesis.
[GB/T 15706.1-2007, the definition 3.11]
3.2.14
Control controlfunction
Assessment information or input signal and generates an output information or action function.
3.2.15
Security features safetyfunction
Its failure will result in an increased risk of machine functions immediately.
[GB/T 15706.1-2007, the definition 3.28]
Note. This definition differs from GB T 20438.4 and GB/T 16855.1 definition /.
3.2.16
Safety-related control functions Safety-RelatedControlFunction
SRCF
Control function having a predetermined level of integrity SRECS execution, expected to maintain a safe condition of the machine or prevent the risk
An immediate increase.
3.2.17
SRECS diagnostic functions SRECSdiagnosticfunction
Expected SRECS for detecting faults, and upon detecting a failure to produce a specific output or action function.
Note. This feature is expected to detect a possible cause SRCF dangerous failure and trigger specific fault reaction.
3.2.18
SRECS fault reaction SRECSfaultreactionfunction
When a fault in the SRECS range by SRECS diagnostic function detects, triggering the feature.
3.2.19
Safety Integrity safetyintegrity
In all cases the provisions, SRECS su......
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|