Keith Armstrong
Cherry Clough Consultants Ltd.
There are now many standards on Functional Safety (Risk Management) that apply to relevant electronics, including IEC 61508 [1] and the standards developed from it listed in Section II of [2], and ISO 14971 [3].
They all require that EMI be dealt with, but complying with emissions and immunity EMC test standards, even using increased levels of immunity testing, has long been known to be insufficient for Functional Safety. Unfortunately, until now there has been no published alternative that provided a set of requirements and methods for assessing whether those requirements had been met.
By 2008 all of the guides, draft standards and IEC Technical Specifications (e.g. [4] [5]) on EMC for Functional Safety had assumed that – if big, heavy, costly ‘grey shielded boxes’ were not used – this could be dealt with by being clever enough in the EMC design, and in its verification and validation.
However, a number of companies tried to put this ‘Clever EMC’ approach into practise, and found that it was impractical for several reasons (described in [2] [6]). Discussions with these companies and other functional safety practitioners revealed an alternative, practical approach that used well-proven hardware and software design ‘techniques and measures’ (T&Ms) plus independent assessment.
Converting the initial concepts into a document that was accepted widely enough for the IET to publish [7] required a great deal of work by EMC experts and Functional Safety experts in the IET’s Working Group. It also involved over 160 high-quality comments on its first draft from a very wide range of experts in Functional Safety and EMC, including UK Government Safety Regulators.
This new approach has three parts, shown in Figure 1.
Unusual or extreme electromagnetic disturbances that exceed the protection achieved by compliance with immunity test standards, will cause EMI in the equipment. This EMI will cause errors, malfunctions or failures in the equipment’s signals and/or power supplies.
Since 2000, IEC 61508 [1] has recommended many dozens of well-proven T&Ms for system, hardware, software, and power supply design for detecting and/or recovering from errors, malfunctions or failures in signals and power supplies.
An industry has grown up around the use of these T&Ms to comply with Functional Safety requirements, both in design and its independent assessment. All of the global safety approvals bodies (Intertek, TÜV Rheinland/Nord/Süd, SGS, and many others) offer assessment services, and if an independent assessor does not approve a design, it is not permitted to be sold or deployed.
The IET’s new guide recommends IEC 61508’s T&Ms that are especially effective for dealing with EMI, in some cases recommending ways of using them to enhance their effectiveness.
To use the IET’s new guide, EMC engineers need to design and construct equipment that will continue to comply with their relevant EMC test standards throughout their lifetimes in their real environments (not just when they are new and in an EMC laboratory).
And designers and independent assessors in the Functional Safety world need to apply the T&Ms they already know very well in slightly different ways so that EMI should not cause unacceptable risks over the lifetime of the equipment.
The IET’s new guidelines [7] can be applied to complete safety-related systems, or to any parts of them, as shown in Figure 2. For example, some parts of a safety system could use the traditional ‘big grey box’ approach, while others use [7]’s T&Ms.
References
[1] IEC 61508 Ed.2:2010, “Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems”, IEC basic safety publication in seven parts.
[2] Keith Armstrong, “Cost-effective Risk Management of EMC without special EMC design expertise or testing”, IEEE 2013 Int’l EMC Symp., Denver, CO, USA, August 5-9, 2013, ISBN: 978-1-4799-0409-9
[3] ISO 14971 “Application of risk management to medical devices”
[4] IEC TS 61000-1-2, Ed.2.0, 2008-11, “Methodology for the achievement of the functional safety of electrical and electronic equipment with regard to electromagnetic phenomena”, IEC basic safety publication.
[5] The IET, “EMC for Functional Safety”, Aug. 2008, from www.theiet.org/factfiles/emc/emc-factfile.cfm, or www.emcacademy.org/books.asp
[6] Keith Armstrong, “The first practical techniques for achieving EMC for Functional Safety (without using big grey boxes)”, The EMC Journal, Issue 108, September 2013, www.theemcjournal.com
[7] The IET, “Overview of techniques and measures related to EMC and Functional Safety”, August 2013, free download: www.theiet.org/factfiles/emc/emc-overview.cfm.
