Safety Critical Components Abnormal Operation Levels of Protection
Liability
TYPES OF HAZARD A safety standard is intended to reduce the likelihood of death, injury and property damage due to hazards in the areas of - Electrical Safety Operators and service personnel must be protected
against the danger of electric shock. The basic mechanism used is the separation of circuits, whereby parts of the product which may be touched are separated from parts which present a danger of electric shock.- Energy Hazards
High capacitance circuits and high current circuits, even at low voltage, may contain considerable energy. Arcing may cause the ejection of molten metal presenting a danger of fire and burns.
- Mechanical Safety The equipment must be mechanically stable. The user must be protected from sharp points and hazards from mechanical moving parts. - Heat
The user must not be able to access parts of the equipment which are at high temperature. - Fire High temperatures due to malfunction of components
within the product may cause a risk of fire. The enclosure of the product must be such that it prevents the spread of fire beyond the equipment. - Radiation Hazards
Exposure of operators and service personnel to any form of radiation the product may emit. - Chemical Hazards The product must limit contact with hazardous chemicals,
their vapours and fumes under normal and abnormal conditions. DESIGN MEASURES
The priorities to be observed in determining what design measures to adopt are:
- where possible, specify design criteria that will eliminate, reduce or guard against hazards
- where this is not practicable because the functioning of the equipment would be impaired, specify the use of protective means, independent of the equipment, such as personal protective
equipment (which is not specified in IEC 60950)
- where neither of these measures is practicable, or in addition to those measures, specify the provisions of markings and instructions regarding the residual risks.
SAFETY CRITICAL COMPONENTS The term 'Safety Critical Component' is frequently used in relation to product safety testing. Such a component can
affect the safety of the equipment. All components in primary circuitry are safety critical. Other components which protect the equipment under normal and fault conditions, such as thermal switches, optocouplers, etc.
are also safety critical. When your product is submitted to a test laboratory, you will be asked to get data sheets and approval licenses for safety critical components in your product. These
components, including manufacturer name and model number, will be recorded in the test report for your product. This means that the test report and your approval may become invalid if you substitute a different
component, instead of the one listed in the test report. See Product Submittal for a full discussion of safety critical components. ABNORMAL OPERATION & FAULT CONDITIONS
The concept of abnormal operation and single fault conditions is critical to the understanding of safety standards. These standards require that products are safe, not only in normal use, but also under conditions of
normal wear and tear, likely abuse, as well as the failure of any component and the chain of events that failure will cause. Note that the standard does not require that the
product continue to function under these conditions, but does require that the product does not create a hazard for its users or the environment. As an example of likely abuse of equipment, consider the
situation where a user puts a sheet of paper on the top of a computer monitor, blocking the air vents. The designer of the monitor must take this possibility into account in the
design. The monitor may be designed to operate normally even with the higher temperatures due to the blocked air vents. On the other hand the designer may include a thermal switch in the monitor to turn it off as the
temperature rises. Both these solutions are acceptable to the requirements of the standard. Of course it would not be acceptable if the monitor were to burst into flames as a result of blocking the air vents. Similarly, the designer must take into account the effects of shorting or opening of any electrical component in the product. The use of fuses will handle many of these situations. LEVELS OF PROTECTION As products must be safe under single fault conditions, they must be designed with two levels of protection. The
following table shows how the various levels of insulation and earthing can be used to achieve two levels of protection:
Protection Method |
Description |
Level |
Basic |
Basic Protection - considered to fail in single fault |
1 |
Supplementary |
Independent level of insulation, added to basic |
1 |
Double |
Basic + Supplementary |
2 |
Reinforced |
Single insulation system, equivalent to double |
2 |
Earthing |
Protection by connection of accessible parts to earth |
1 |
Functional |
Provides no protection |
0 |
Note that Basic Insulation and earthing can be combined to give two levels of protection. Basic insulation and
Supplementary Insulation can be combined to give Double Insulation. No other combinations are possible. LIABILITY
It is important to understand that compliance with the appropriate safety standard is not an absolute guarantee that the product is safe. A safety standard represents the
current engineering opinion of how a product can be demonstrated to be 'safe', within the framework of producing products at a reasonable economic cost. For example, most product safety standards require safety
under single, not double or treble fault conditions. Higher safety standards are necessary for nuclear power stations, aircraft or spacecraft, but the cost of incorporating them in day-to-day consumer products
would be prohibitive. In legal terms, a compliant product may cause death, injury or damage; the fact that the manufacturer can prove that it complies with the accepted safety standard may
prevent him from being held criminally negligent. It will not prevent him from being held civilly responsible. Nevertheless the possibility of a compliant product
causing such an incident is likely to be much lower than if the product were designed without taking into consideration the standard's requirements.
|
