For each safety-related part of the control system and/or the combination thereof that performs a safety function, the performance level (PL) must be determined (evaluated) by the estimation of the following principal aspects: 1) Category (Structure), 2) DC, 3)MTTFd, and 4) CCF.
| Denotation | Range |
|---|---|
| None | DC < 60% |
| Low | 60% ≤ DC < 90 |
| Medium | 90% ≤ DC < 99% |
| High | 99% ≤ DC |
DC is a measure of the effectiveness of the diagnostics, which may be determined as the ratio between the failure rate of detected dangerous failures and the failure rate of total dangerous failures. DC can exist for the whole or parts of a safety-related system. The four denotations shown in the table to the right are provided in ISO 13849-1.
| Denotation | MTTFd |
|---|---|
| Low | 3 years ≤ MTTFd < 10 years |
| Medium | 10 years ≤ MTTFd < 30 years |
| High | 30 years ≤ MTTFd < 100 years |
MTTFd (Mean time to dangerous failure) is an expectation of the mean time to dangerous failure on the whole or part of a safety-related system. The MTTFd is given for each channel, such as “I” (Input device), “L” (Logic), and “O” (output device). The three denotations shown in the table to the right are provided in ISO 13849-1.
The CCF (Common Cause Failure) relates to the failure of different items, resulting from a single event, where the failures are not consequences of each other. ISO 13849-1 provides a scoring process and quantification of measures against CCF. The total score must be 65 or better.
The following table can be used for determination of PL based on the above parameters.
Example: Category = 3, MTTFd = medium, DCavg = low, and CCF = ≥65 points
Relationship between PL and SIL (excerpt from ISO 13849-1:2006)
