Functional safety

Designing safety-related electrical control systems to meet IEC 62061

3-Day Training Course

Course description:

This in-depth course covers the functional safety of machinery in accordance with the IEC 62061 standard. It is aimed at those involved in the design of systems, subsystems or elements that are used to perform Safety Related Control Functions (SRCFs) and need to achieve a Safety Integrity Level (SIL 1 to 3).
The course starts with typical examples of SRCFs used in modern industrial machinery and how the required performance (SIL) of these functions is determined. The course is based on the IEC 62061 standard to show how the safety integrity is achieved through following a systematic lifecycle of design, analysis, verification and validation. The introductory session is suitable for a wider audience just needing an overview.

Reliability principles are clearly explained and practical exercises are performed to show how failure rates and modes can be determined and used, together with defined architectures, to establish the overall SIL.

Target audience:

The course is intended for engineers (electrical/electronic/mechanical) who are designing and integrating Safety Related Electrical Control Systems (SRECS) and those in the associated project management and quality roles.

Learning outcomes:

Participants gain a thorough overview of IEC 62061 and are shown how to demonstrate evidence of compliance for each phase of the lifecycle, including SIL determination, design and integration requirements, architectural and reliability analyses, verification and validation, user documentation and the management of functional safety for the project.

Supporting material:

Examples of Reliability Block Diagrams, Failure Modes and Effects Analysis (FMEA) and practical SIL assessments show how the methodologies work. Exercises are performed by the participants working either individually or as a group led by the trainer.

Each attendee receives a manual based on the lecture slides, supplementary hand-outs, templates, checklists and a certificate of attendance for each individual’s training record. Frequent question and answer sessions are included for clarification.

Course Outline


This day introduces the key principles and concepts of functional safety and Safety Integrity Levels, plus the basic reliability theory and modelling on which hardware safety integrity is built. The sessions covered in the following days assume an understanding of the basic principles covered in Day 1, which are also fundamental to developing core competence in functional safety.

1. Introduction and context
• Examples of machine hazards and safety-related control functions
• The need to quantify risk and safety integrity
• Safety functions, E/E/PE systems, SIL and relationship with PL
• Random hardware and systematic failures
• IEC 62061 overview and relationship with other standards
• Understanding the jargon
2. Specification of safety-related control functions
• Risk reduction strategy
• Information required to specify the SRCFs
• Functional and safety integrity requirements specification
• SIL assignment method from IEC 62061 Annex A
3. Reliability concepts
• Failure rate and probabilities
• Basic terms and their relationships: MTBF, λ, MTTF, PFD, PFH, MTTR, T
• Reliability functions and equations
• Types of failure (safe, dangerous, diagnosed, etc)
• Reliability Block Diagrams
• Assumptions
• PRACTICAL EXERCISE: Creating a RBD model and failure rate calculations
4. Failure modes, effects and diagnostics analysis (for elements)
• General structure of an FMEDA
• Choosing component failure rate sources (field data or predictive model)
• Allocating failure modes and judging diagnostics coverage
• Verifying the FMEDA and judgements used
• PRACTICAL EXERCISE: Perform FMEDA (group exercise)
5. System architectures
• Systems, subsystems and elements
• ‘Simple’ and ‘complex’ elements
• Architectural constraints (HFT and SFF) and systematic constraints
• PRACTICAL EXERCISE: Identifying SILCL from given scenarios


The scope of Day 2 is concerned with the specific requirements from IEC 62061 for the hardware design and analysis of the SRECS, subsystems and elements.

6. SRECS – general requirements
• General considerations
• Selection: pre-design or develop
• Avoidance of systematic failures
• Control of systematic faults
• EM immunity
7. SRECS – design and development
• General requirements
• System architecture
• Mapping of function blocks to subsystems
• Defining the SIL of the SRECS
• PRACTICAL EXERCISE: Define function bocks and allocate to subsystems
8. Subsystems – design and development
• General requirements, pre-designed or develop
• Subsystem design and architectural constraints
• Requirements for elements, pre-designed or develop
• Safe failure fraction (SFF)
• Estimation of the system dangerous failure rate
• PRACTICAL EXERCISE: Review and selection of elements (from datasheets)
9. PFH calculations and CCF modeling
• Reliability models for specified architectures
• PFH calculations for specified architectures
• Estimating common cause failure (CCF) and Annex F
• PRACTICAL EXERCISE: Calculating PFH and assess CCF
10. Diagnostics and control of failures
• Requirements for SRECS behaviour on detection of a fault
• Requirements for the control of systematic failures
• Realisation of diagnostic functions
• Testing the diagnostic functions
• PRACTICAL EXERCISE: Identifying diagnostics requirements


The scope of Day 3 is about the software and the methods prescribed by IEC 62061 that are to be used during the realisation activities to ensure the systematic safety integrity is achieved, such as verification, validation, modification, management of functional safety, etc.

11. Software considerations
• Software safety requirements specification
• Embedded software (FVL) considerations
• Application software (LVL) considerations
• Configuration management
• Tool chain considerations
• Application software design, integration and testing
12. SRECS realisation lifecycle requirements
• Defining a lifecycle model
• Integration: general and test requirements
• Validation: analytical and testing requirements
• Modification process
• PRACTICAL EXERCISE: Performing an impact analysis
13. Documentation requirements
• General documentation requirements
• Scope and examples of documentation
• SRECS design documentation
• SRECS user documentation for installation, use and maintenance
• PRACTICAL EXERCISE: Creating a document index from a given lifecycle
1. Functional Safety Management (FSM)
• The FSM plan and relationship with the ISO 9001 QMS
• FSM essentials: policy, strategy, roles and responsibilities, etc
• Verification and Validation plans
• Review, approval and control procedures
• Management of supply chain, quality plans and liaison with customers
• Management of competence and guidance for job roles
• PRACTICAL EXERCISE: Develop safety and quality plan with lifecycle stages
15. Final session
• Question and answers
• Optional: Specific project concerns / discussion about practical application
• Feedback

Contact Silmetric:

Courses are normally delivered at the customer’s site. For prices and availability please contact us at or call +44(0)1244 457671