functional Safety UL Functional Safety Mark

Similar documents
Achieving Functional Safety with Global Resources and Market Reach

Functional Safety Certification and the ULA

IEC Overview Report

Frequently Asked Questions

Frequently Asked Questions

The New Paradigm for Medical Device Safety. Addressing the Requirements of IEC Edition 3.1

Intelligent development tools Design methods and tools Functional safety

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

Controlling Risks Safety Lifecycle

SUPPORTING THE RAIL INDUSTRY UNIQUE SOLUTIONS FOR UNIQUE SITUATIONS

You Must Know About the New RIA Automation Standard

Network Certification Body

What is ISO 9001 and should i care? SAFER, SMARTER, GREENER

TÜ V Rheinland Industrie Service

Overview of Standards for CO Detection Products

IEC Functional Safety Assessment. ASCO Numatics Scherpenzeel, The Netherlands

Implementing ISO 9000 Quality Management System

Version: 1.0 Latest Edition: Guideline

Functional Safety Management: As Easy As (SIL) 1, 2, 3

Quality Manual. This manual is proprietary and no part thereof shall be copied without written authorisation from the company. Ref: Quality Manual.

Functional Safety Management of the development process of safety related programmable electronic systems at Jaquet Technology Group

UL S RISK ASSESSMENT PROGRAM HELPING UNDERSTAND HAZARDS IN MACHINERY

Introduction of ISO/DIS (ISO 26262) Parts of ISO ASIL Levels Part 6 : Product Development Software Level

Engineering Procurement Construction Quality Plan

Implementation of a Quality Management System for Aeronautical Information Services -1-

TÜV Rheinland Functional Safety Program Functional Safety Engineer Certification

Jonathan Wilson. Sector Manager (Health & Safety)

Safety & Performance in the Wire and Cable Industry

Demystifying the European Machinery Directive and SEMI Requirements for the Industrial Automation and Semiconductor Markets

TÜV UK Ltd Guidance & Self Evaluation Checklist

Hardware safety integrity Guideline

Reducing Steps to Achieve Safety Certification

Trends in Machinery/ Automation Safety

Info 15:2 TRAINING 2015/2016. Info 13:19

Quality management systems

1 For more information T: / E: DAP@ul.com / W: ul.com/dap

Welcome to UL Protecting People, Products and Places

Lightning Protection Services Prevent loss from lightning damage with UL s Inspection Certificate

PABIAC Safety-related Control Systems Workshop

SOFTWARE VERIFICATION RESEARCH CENTRE SCHOOL OF INFORMATION TECHNOLOGY THE UNIVERSITY OF QUEENSLAND. Queensland 4072 Australia TECHNICAL REPORT

Performance Standards and Test Procedures for Environmental Data Management Software. Martin Lloyd

DeltaV SIS for Burner Management Systems

Regulatory Asset Management: Harmonizing Calibration, Maintenance & Validation Systems

Want to exceed customer expectations and stand out from the crowd? Third party approval of management systems from BRE Global.

A holistic approach to Automation Safety

Total Solutions Verification

ELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL

Quality Supplier Requirements for Beckwith Electric Co., Inc.

MANAGEMENT SYSTEMS CERTIFICATION FROM AUTOMOTIVE SPECIALISTS

Asset Management System. Integrated technology for overall equipment effectiveness

Chapter 1. The ISO 9001:2000 Standard and Certification Process

Optimize Your Automation System and Engineering Investment

Module 13. Software Reliability and Quality Management. Version 2 CSE IIT, Kharagpur

Frequently Asked Questions. Unannounced audits for manufacturers of CE-marked medical devices. 720 DM a Rev /10/02

DESIGNED FOR QUALITY ASSURANCE

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

HM Workers Compensation SERVICE. SAVINGS. SUCCESS. THE SMARTER APPROACH. WORKERS COMPENSATION Highmark Casualty Insurance Company

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

Document Reference APMG 15/015

Cisco Unified Communications Scoped Planning and Design Services

Security Controls What Works. Southside Virginia Community College: Security Awareness

Assured Joint Integrity

Cargo by Cargo. Carbon and Sustainability (C&S) Assurance Guide

Vilter motor starter solutions The NEW industry standard in motor starter packages

Company Management System. Business Continuity in SIA

A discussion of information integration solutions November Deploying a Center of Excellence for data integration.

Lecture 8 About Quality and Quality Management Systems

IMQ RULES. Contents. IMQ Rules - Product certification

ISO 9001:2008 QUALITY MANUAL. Revision B

Multiple Award Schedules A roadmap to getting a Federal Supply Schedule contract

Development, Acquisition, Implementation, and Maintenance of Application Systems

Functional safety. Essential to overall safety

USING INSTRUMENTED SYSTEMS FOR OVERPRESSURE PROTECTION. Dr. Angela E. Summers, PE. SIS-TECH Solutions, LLC Houston, TX

Value Paper Author: Edgar C. Ramirez. Diverse redundancy used in SIS technology to achieve higher safety integrity

Pharmaceutical Wholesaler Site Inspection Checklist

Machineontwerp volgens IEC 62061

IBM Rational Rhapsody

MANAGEMENT SYSTEMS CERTIFICATION

The Role of Research and Universities in Standardisation and Regulatory Activities

Selecting Sensors for Safety Instrumented Systems per IEC (ISA )

e: w: Inspired Technologies

The Software Experts. Software Asset Management Services & Solutions

General Rules for the Certification of Management Systems Code: RG

DISCUSSION PAPER ON THE POSSIBLE DEVELOPMENT OF GUIDANCE ON THE USE OF SYSTEMS EQUIVALENCE/COMPARABILITY. (Paper prepared by New Zealand)

CommScope Intelligent Building Infrastructure Solutions (IBIS)

International Workshop Agreement 2 Quality Management Systems Guidelines for the application of ISO 9001:2000 on education.

ISO 9001 : 2000 Quality Management Systems Requirements

Page 1 of 7 Effective Date: 12/18/03 Software Supplier Process Requirements

ni.com/services NI Services

Steps to ISO/IEC Accreditation

Eagle Machining, Inc. Quality Management System

Data Sheet FUJITSU Storage ETERNUS LT260 Tape System

Integrating Performance Standards into an Asset Management System

Quality Assurance Program

ANSYS SCADE Model-Based Development Solutions for Industrial Equipment and Energy. Critical Systems & Software Development Solutions

Impact of Safety Standards to Processes and Methodologies. Dr. Herbert Eichfeld

How to Support a Successful State Safety Programme (SSP) and Safety Management System (SMS) Implementation. Recommendations for Regulators

Design of automatic testing tool for railway signalling systems software safety assessment

ISO 9001: 2008 Boosting quality to differentiate yourself from the competition. xxxx November 2008

Transcription:

functional Safety UL Functional Safety Mark Program

UL Functional Safety Mark Program With the advent and evolution of functional safety standards in North America and Europe, UL is now offering a UL Functional Safety Listing Mark that can be added for those qualifying companies in the process of getting a traditional Listing from UL. The new UL Listing Marks This white paper describes these new UL Listing Marks what is driving functional safety, the process of achieving the UL Functional Safety Listing Mark, the Maintenance Review Process once certification is achieved, and UL s unique and cost-effective follow- up services program to ensure that certification is maintained. What is Functional Safety and why is it Important? As digital technology has advanced in product design and development, so has the importance of functional safety. Functional safety is that part of overall safety that depends on the correct functioning of safety-related controlsystems. It includes evaluations of: Software Hardware Environmental Factors (e.g., electromagnetic compatibility, EMC) Safety Lifecycle Management Processes Functional safety examines the efficacy of the safety-related system by considering the input variables to a device and con- firming that the activating quantities of the output are within its designed parameters/ratings. So it goes beyond the traditional fire and electric shock safety associated with the traditional UL Listing Mark. The intent is for the Functional Safety Listing Mark to replace the traditional UL listing mark on products certified for functional safety. Manufacturers are not obliged to put both marks on their products; the combined Functional Safety Listing Mark is sufficient. However, those manufacturers who want to put both marks on their product are welcome to do so. The Drivers of Third Party Functional Safety Evaluation A host of factors are driving the demand for functional safety evaluation among equipment and device manufacturers. Principal among these are: Customer requirements. Customers may demand functional safety evaluation before purchasing equipment Market acceptance. Marketing products as having a functional safety certification helps maintain a product s validity in the marketplace page 2

Competitive advantage. Functional safety certification may differentiate a product from similar products Legislation. Emerging legislative requirements (e.g., some European Directives) may require that certain products be evaluated for functional safety Regulations. Some regulatory bodies such as the Occupational Safety and Health Administration (OSHA) require or encourage functional safety evaluation Trade Unions. Some unions require or encourage functional safety certified products in the workplace Insurance Companies. Customers insurers may require a functional safety evaluation before the customer installs equipment in the workplace or the insurer may provide discounted premiums to customers who use products evaluated for functional safety Functional Safety Management The safety lifecycle management audit is a mechanism used to help reduce systematic problems from appearing in the design of a product. If, for example, you have a manufacturing process, the quality control measures that go into that process really dictate the quality of the product coming out. Many of these measures may be procedural in nature, and tied to documentation having to do with the product specification or functional safety standard to which the product aspires. So the functional safety lifecycle management audit looks at those elements of the manufacturer s process that may impact the quality of the functional safety of the product being produced. Functional safety management concerns both the development of new products and the maintenance of safety processes for released products, to make sure that should there be any changes in the product or failures in the field, that these developments are considered carefully and correctly, and, when indicated, prompting modifications in accordance with the functional safety requirements. Functional Safety Standards It is important to note, customers must specify a published standard and safety rating (e.g., a Safety Integrity Level [SIL for IEC or EN standards], a Performance Level [PL for ISO standards], or class [for UL standards]) to Underwriters Laboratories for testing and evaluation of functional safety. Customers should have an understanding of their target market or specific usage and therefore have an expectation of the target SIL, PL or class they want their product to meet. Among the functional safety standards UL can certify for the Functional Safety Listing Mark: IEC 61508: Functional safety of electrical/electronic/programmable electronic safety-related systems ISO 13849: Safety of machinery Safety-related parts of control systems IEC/EN 62061: Safety of machinery Functional safety of safety-related electrical, electronic and programmable electronic control systems IEC 61511: Functional safety Safety instrumented systems for the process industry sector IEC 61800-5-2: Adjustable speed electrical power drive systems Part 5-2: Safety requirements Functional IEC 61496: Safety of machinery Electro-sensitive protective equipment EN 50271: Electrical apparatus for the detection and measurement of combustible gases, toxic gases or oxygen EN 954: Safety of machinery. Safety related parts of control systems. General principles for design ISO 10218: Robots for industrial environments Safety requirements UL 1998: Software in Programmable Components UL 991: Safety-Related Controls Employing Solid-State Devices ISO 26262: Road vehicles Functional safety (draft standard; publish date 2011) CSA C22.2 NO 0.8: Safety functions incorporating electronic technology Maintaining the Mark This is an example of what the marks look like with the marking elements included: All of the elements on the right hand side of the Functional Safety Listing Mark are called marking elements. These will include the product category, a specific product designate, the functional safety standard, the edition of the standard, the safety rating, and the words See installation manual for safety functions directly on the marking per se. The words up to before the functional safety rating indicate that there either are functions with lower functional safety ratings than the displayed maximum one, or that the functional safety rating depends on installation or commissioning of the product. So in the page 3

top example above, you can see that the product is a programmable controller, evaluated in accordance with IEC 61508, the first edition 1998, and up to a safety integrity level (SIL) of 3. UL puts the safety rating directly on the mark. This makes it easy for the user to understand exactly what has been certified. While the safety rating is indicated directly on the mark, there are additional pieces of information that are needed by systems integrators to properly integrate the device into a larger system and still satisfy that safety rating. Once an integrator or manufacturer sees the UL mark and identifies the product as a component in their system, they can then look at the Listing card for that product on UL s internet-based online certification directory to find specific information (e.g., hardware fault tolerance) that allows proper integration of the component into a larger system and maintains the safety level of the overall system. No matter what information is provided with the mark, as soon as it is a functional safety mark, the user must consult UL s Online Certification Directory (http://www.ul.com/database/) and also the installation manual for the product. Securing the Mark: The Functional Safety Certification Process Once the functional safety project is delivered from the company to UL and once the company designates the functional safety standard and safety rating it wants the product to be certified to the initial step is a kick-off meeting between the manufacturer and UL. To be most effective, this needs to occur during the customer s product design phase. Customers seeking functional safety evaluation should contact UL during their product s R&D phase. Whether at the client s location or UL offices, face-to-face meetings are conducted with personnel involved in product development. During these meetings, all parties collaborate on safety specifications to ensure that the features required by the specified standard are included in the initial design. During these meetings, UL and the customer jointly walk through the safety requirements, discuss necessary test planning, discuss and define the project timeline and key milestones, and conduct an overview of design documents, if they are available at this time. Importantly, the safety concept is reviewed in detail. The safety concept looks at the customer s strategy for implementing the safety requirements into the product. For example, will the product be designed to be able to detect component failures and react safely, or can they be eliminated and excluded by other design choices? What is important at this stage of the discussion is the need to understand the consequences of choices being made, and how those will impact the customer in the long run. For example, if a certain architecture is selected, how is that going to affect the certification, the safety requirements, and production? Kick-off Meeting Pre-audit and Initial Assessment Certification Audit Follow-up Surveillance Most effective during the product inception and initial design phase Collaborate to ensure that the features required by the specified standard are included in the initial design Understand the consequence of choices being made Discuss timeline and key milestones Discuss safety concept Discuss prototyping Should be carried out during the product s design phase Increase the probability of success of the certification audit UL engineers perform onsite GAP analysis for hardware, software and functional safety management system, based on the product concept and customer s processes Customer receives concept evaluation report with detailed action items UL audits the functional safety management system UL audits the product s compliance of the product s safety requirements with the designated standard and functional safety rating Evaluation of test and analysis documentation Product is certified UL uses two types of functional safety management system follow-up surveillance: quarterly and triennial Quarterly surveillance includes: - Verify that manufacturer is doing 100 percent functional test of hardware - Verify protective functions of the product Triennial surveillance includes: - Full life cycle evaluation - 3-year frequency matches IEC revision cycle page 4

Many details need to be discussed thoroughly at this stage, and this is why it is important for UL to be involved early in the process: to help the customer avoid missteps, realize the maximum value from the collaborative effort, and optimize the business value through the product lifecycle. Very often it is not possible for a customer to fully understand how their product will be applied in a larger safety system. Aspects to be considered include the internal concepts to accommodate the safety requirements redundancy, diversity, and self-diagnostics. The use of these concepts depends on other components in the system, the components that must be interfaced. This can be a whole science in itself. Customers should be clear about what they want, and they will get guidance from UL on how to design their product, especially the interfaces, in order to be compatible in as many applications as possible. Finally, any prototyping will be discussed, if it is available at this kick-off stage. The next collaborative phase is the pre-audit and initial assessment, designed to increase the probability of success of the certification audit. Between the kick-off meeting and this phase, several weeks or several months may elapse. During this period, customers continue to have full access to their UL project engineer if they have questions along the way. At the pre-audit and initial assessment, UL engineers travel to the customer s site, where they conduct a GAP analysis for the customer s proposed functional safety system, with a focus on traceability, testability, and ease of understanding. UL then reviews the product concept, including safety requirements specifications and safety concept. Finally, a GAP analysis is conducted for hardware and software based on the design concept. The output of this phase is a concept evaluation report, with detailed action items for the customer to address before the certification audit. Again, the period of time between the pre-audit/initial assessment and certification audit may vary greatly from project to project. UL is committed to work within the customer s timeline, and will not pressure the customer to have the certification audit before it is comfortable in moving forward. The certification audit is where the product is certified. UL audits the functional safety management system s compliance with the designated standard or standards and functional safety rating, such as SIL or PL. An evaluation is made of the completeness and correctness of the safety requirements and their implementation in the product. The compliance of the product s safety requirement with the standard or standards is then audited. Evaluation of development documentation and test and analysis documentation is conducted, as is the execution or witnessing of testing on the product. (At this time, UL fire/electric shock witness testing may also take place; or, if the customer prefers, the customer may send the product to UL and have the fire/electrical shock testing done in a UL laboratory). After the certification audit, there will typically be a few action items that the customer needs to address, but usually this occurs quickly. UL will then look at these responses, determine if they can be accepted, give them a certification if they can, or perhaps re-conduct portions of the certification audit to verify that the proper corrective actions were taken. Once UL verifies that everything is in order, the manufacturer can put the functional safety mark on the product. page 5

A Closer Look at the New Mark The Maintenance Review and Follow-up Maintenance Processes UL acknowledges the work involved in certifying functional safety and attaining the functional safety mark. So if a customer makes a change to an existing functional safety certified product, UL does not require that they go through the entire certification process again. If a change is made, the customer does an impact analysis or impact assessment of the change. For example, changing a certain component may not be safety critical. If the change is determined not to be safety critical, the UL report is updated and the customer can continue to use the functional safety mark. However, if the change is safety critical, UL opens a maintenance review project to evaluate the product. The entire certification audit is not conducted, just the necessary evaluation to assess the change. If the modified product passes these additional evaluations, the UL report is updated and the customer can continue to use the mark. For products having passed certification and carrying a UL Functional Safety Mark, UL ensures the integrity of the mark using a two-layered surveillance program. This program provides the highest level of assurance in the industry that any product bearing the UL Functional Safety Mark meets functional safety requirements by means of a quarterly and triennial assessment. First is Quarterly Surveillance. This is similar to existing types of follow-up programs that UL conducts. A traditional UL mark has a quarterly inspection. During this quarterly inspection, a field representative from UL a field inspector will verify that the manufacturer is doing a 100% functional test of hardware, that protective functions of the product match what is in the UL report, and that the software version matches what is in the report. Further, for critical components identified in the functional safety investigation, UL will verify that they match what is in the report. Regular fire/ electric shock surveillance is included in this inspection. Secondly, UL conducts an audit of the functional safety management system once every three years. This is unique to the UL Functional Safety Mark program, differentiating it from traditional UL listing marks. The main aspect of this triennial audit is to make sure that the company s processes are as originally assessed that their risk management and change management processes haven t changed themselves. So UL looks not only at the marked product itself, but also at the critical processes that support the product. A further objective is to evaluate whether the current functional safety management system still is adequate or needs improvement and adjustment. In this way it provides value to the manufacturer by identifying opportunities and guidance for improvement of processes and organization. This triennial audit is performed by UL Engineering staff and includes a full life cycle evaluation. Typically this audit takes a day or two. UL chose three years as the frequency of the audit because that period matches the IEC revision cycle. This frequency also provides assurance that the functional safety management system is maintained and adjusted following the dynamics and continuous changes of modern manufacturing organizations.if the product or management system is not in conformance, UL issues a variation notice (VN) that the company will respond to in order to keep its functional safety mark. UL will provide constructive support in finding solutions. A Symbol of Leadership One of the great benefits of the UL Functional Safety Mark program is, once a manufacturer has this mark, its customers immediately have a higher level of confidence when purchasing the marked product. UL has a safety engineering philosophy and approach that has been used to test products and write safety standards for more than a century. As such, it s not surprising that the UL Mark is the most recognized symbol of safety in the world; and that others in the safety certification arena have shifted their philosophies to more closely match that of UL. UL remains highly responsive to unique technical needs. Our deep domain expertise gives us the flexibility to work with the demands and specifications you provide for each project. We then tailor the service offering to meet your specific product evaluation needs. With its new Functional Safety Mark program, UL brings the value of its traditional follow-up service and field surveillance along with the added benefit of a quality management system perspective. It s what you would expect from a leader. For more information on UL s Functional Safety Mark program, please visit www.ul.com/functionalsafety page 6 UL and the UL logo are trademarks of Underwriters Laboratories Inc. 2011 Copyright 2011 Underwriters Laboratories 238.06/11.us

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information