Bosch Rexroth VCH 08.1 Manual page 41

DOK-SUPPL*-VCH*08.1***-PR02-EN-P
Rexroth IndraControl VCH 08.1 Hand-held Terminal
Abbreviations
Selection of Performance Level
(PL) and Safety Categories in ac‐
cordance with EN ISO 13849-1
Abbreviation Term
B -
10d
MTTF Mean Time to Dangerous Failure Meant time to dangerous failure
d
Diagnostic Coverage
DC 4)
PL Performance Level
PFH Probability of Failure per Hour
SIL Safety Integrated Level
Fig.4-28: Abbreviations
The Machinery Directive (MD) demands that a fault in control circuit logic, or
interference or damage thereto, shall not lead to a hazardous situation. This
general approach is substantiated in EN ISO 13849-1 "Safety of machinery -
Safety related parts of control systems", which defines Performance Levels (PL
a to e) for control parts that are relevant to safety. The PL depends on the safety
category, the MTTF value and the degree of coverage of diagnosis (DC
d
the corresponding safety circuit.
As in the preceding standard EN 954-1, the safety category describes the
structure of the safety function. The Performance Level (PL), which describes
the conditional probability of failure and the defect discernability of the safety
function, has been added.
The selection of the PL has to be done by the manufacturer of a machine de‐
pending on the real risk potential. The risk potential will be determined from a
risk and hazard analysis. In case of hazards that can cause irrevisible injury or
death usually a Performance Level not less than PL "d" is required. The cate‐
gory of the Performance Level determines if
● the system has been built in 1-circuit technology, which means that a fail‐
ure will lead to a loss of safety, although the availability of components
and parts is high (category 1)
● the system has been built in 1-circuit technology, which means that a fail‐
ure will lead to a loss of safety, but the failure will be detected by the system
and will be displayed somehow or other (category 2)
● the system has been built in 2-circuit technology and that a fault will not
lead to loss of safety (category 3)
● the system has been built in 2-circuit technology and a build up of multiple
faults will not lead to loss of safety (category 4)
Starting from category 3 it is also important in this context that individual faults
are detected in time to avoid a build up of faults, which may finally lead to loss
of safety.
Faults that have to be detected in electric and electronic systems are e.g. short
circuits between multiple circuits, interrupts, short circuits or contacts that are
stuck together. Special certified safety control devices are often used to detect
DC also means direct current.
4)
Bosch Rexroth AG 39/117
Technical Data
Explanation
Number of cycles until 10% of the
components fail dangerously
(per channel)
(per channel)
Diagnostic of failures
Ability of safety-related parts to
perform a safety function under
predictable conditions to meet the
expected risk reduction
Probability of failure per hour
Safety integrated level
avg
) of