1、Industrial-process measurement, control andautomation Evaluation of system properties for the purpose of system assessmentPart 7: Assessment of system safetyBS EN 61069-7:2016BSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06National forewordThis British Standard is th
2、e UK implementation of EN 61069-7:2016. It isidentical to IEC 61069-7:2016. It supersedes BS EN 61069-7:1999 which iswithdrawn.The UK participation in its preparation was entrusted by TechnicalCommittee GEL/65, Measurement and control, to Subcommittee GEL/65/1,System considerations.A list of organiz
3、ations represented on this committee can be obtained onrequest to its secretary.This publication does not purport to include all the necessary provisions ofa contract. Users are responsible for its correct application. The British Standards Institution 2016.Published by BSI Standards Limited 2016ISB
4、N 978 0 580 85997 7ICS 25.040.40Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 31 October 2016.Amendments/corrigenda issued since publicationDate Text affectedBRI
5、TISH STANDARDBS EN 61069-7:2016EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 61069-7 September 2016 ICS 25.040.40 Supersedes EN 61069-7:1999 English Version Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 7:
6、Assessment of system safety (IEC 61069-7:2016) Mesure, commande et automation dans les processus industriels - Apprciation des proprits dun sytme en vue de son valuation - Partie 7: Evaluation de la scurit dun systme (IEC 61069-7:2016) Leittechnik fr industrielle Prozesse - Ermittlung der Systemeige
7、nschaften zum Zweck der Eignungsbeurteilung eines Systems - Teil 7: Eignungsbeurteilung der Sicherheit eines Systems (IEC 61069-7:2016) This European Standard was approved by CENELEC on 2016-07-20. CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the cond
8、itions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CENELEC member. This European Standard e
9、xists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions. CENELEC members are the n
10、ational electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland,
11、Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. European Committee for Electrotechnical Standardization Comit Europen de Normalisation Electrotechnique Europisches Komitee fr Elektrotechnische Normung CEN-CENELEC Management Centre: Avenue Marnix 17,
12、B-1000 Brussels 2016 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members. Ref. No. EN 61069-7:2016 E BS EN 61069-7:2016EN 61069-7:2016 2 European foreword The text of document 65A/795/FDIS, future edition 2 of IEC 61069-7, prepared by SC 65A “System
13、 aspects“, of IEC/TC 65 “Industrial-process measurement, control and automation“ was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as EN 61069-7:2016. The following dates are fixed: latest date by which the document has to be implemented at national level by publication of an id
14、entical national standard or by endorsement (dop) 2017-04-20 latest date by which the national standards conflicting with the document have to be withdrawn (dow) 2019-07-20 This document supersedes EN 61069-7:1999. Attention is drawn to the possibility that some of the elements of this document may
15、be the subject of patent rights. CENELEC and/or CEN shall not be held responsible for identifying any or all such patent rights. Endorsement notice The text of the International Standard IEC 61069-7:2016 was approved by CENELEC as a European Standard without any modification. In the official version
16、, for Bibliography, the following notes have to be added for the standards indicated: IEC 60243 NOTE Harmonized in EN 60243 series. IEC 60529 NOTE Harmonized as EN 60529. IEC 60695-2 NOTE Harmonized in EN 60695-2 series. IEC 60664-1 NOTE Harmonized as EN 60664-1. IEC 60695-11-10 NOTE Harmonized as E
17、N 60695-11-10. IEC 60695-11-20 NOTE Harmonized as EN 60695-11-20. IEC 60825-1 NOTE Harmonized as EN 60825-1. IEC 61010-1:2010 NOTE Harmonized as EN 61010-1:2010 (not modified). IEC 61069-3 NOTE Harmonized as EN 61069-3. IEC 61069-4 NOTE Harmonized as EN 61069-4. IEC 61069-5:2016 NOTE Harmonized as E
18、N 61069-5:2016 (not modified). BS EN 61069-7:2016EN 61069-7:2016 3 IEC 61069-6:2016 NOTE Harmonized as EN 61069-6:2016 (not modified). IEC 61069-8 NOTE Harmonized as EN 61069-8. IEC 61508 NOTE Harmonized in EN 61508 series. IEC/TS 62603-1 NOTE Harmonized as CLC/TS 62603-1. CISPR 22 NOTE Harmonized a
19、s EN 55022. ISO 31010:2009 NOTE Harmonized as EN 31010:2010 (not modified). BS EN 61069-7:2016EN 61069-7:2016 4 Annex ZA (normative) Normative references to international publications with their corresponding European publications The following documents, in whole or in part, are normatively referen
20、ced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. NOTE 1 When an International Publication has been modified by common modific
21、ations, indicated by (mod), the relevant EN/HD applies. NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here: www.cenelec.eu. Publication Year Title EN/HD Year IEC 61069-1 2016 Industrial-process measurement, control and automation - E
22、valuation of system properties for the purpose of system assessment - Part 1: Terminology and basic concepts EN 61069-1 201X 1)IEC 61069-2 2016 Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 2: Assessment methodolo
23、gy EN 61069-2 201X 1)1) To be published. BS EN 61069-7:2016 2 IEC 61069-7:2016 IEC 2016 CONTENTS FOREWORD . 3 INTRODUCTION . 5 1 Scope 7 2 Normative references. 7 3 Terms, definitions, abbreviated terms, acronyms, conventions and symbols 7 3.1 Terms and definitions 7 3.2 Abbreviated terms, acronyms,
24、 conventions and symbols 7 4 Basis of assessment specific to safety . 8 4.1 System safety properties . 8 4.1.1 General . 8 4.1.2 Hazard reduction 9 4.1.3 Hazard isolation . 9 4.1.4 Immunity / robustness 9 4.1.5 Aversion 9 4.1.6 Mitigation . 9 4.2 Factors influencing system safety 9 4.3 Hazards, harm
25、s and propagation paths 9 4.3.1 Kinds of hazards 9 4.3.2 Receivers of harms 11 4.3.3 Propagation paths 12 5 Assessment method 12 5.1 General . 12 5.2 Defining the objective of the assessment . 12 5.3 Design and layout of the assessment . 13 5.4 Planning of the assessment program . 13 5.5 Execution o
26、f the assessment . 13 5.6 Reporting of the assessment . 13 6 Evaluation techniques 14 6.1 General . 14 6.2 Analytical evaluation techniques 14 6.3 Empirical evaluation techniques. 14 6.4 Additional topics for evaluation techniques 14 Annex A (informative) Check list and/or example of SRD for system
27、functionality 15 Annex B (informative) Checklist and/or example of SSD for system functionality . 16 B.1 SSD information 16 B.2 Check points for system safety 16 Bibliography . 17 Figure 1 General layout of IEC 61069 . 6 Figure 2 System safety 8 BS EN 61069-7:2016IEC 61069-7:2016 IEC 2016 3 INTERNAT
28、IONAL ELECTROTECHNICAL COMMISSION _ INDUSTRIAL-PROCESS MEASUREMENT, CONTROL AND AUTOMATION EVALUATION OF SYSTEM PROPERTIES FOR THE PURPOSE OF SYSTEM ASSESSMENT Part 7: Assessment of system safety FOREWORD 1) The International Electrotechnical Commission (IEC) is a worldwide organization for standard
29、ization comprising all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and in addition to other activities, IEC publishes Intern
30、ational Standards, Technical Specifications, Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with may participate
31、in this preparatory work. International, governmental and non-governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for Standardization (ISO) in accordance with conditions determined by agreement between th
32、e two organizations. 2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee has representation from all interested IEC National Committees. 3) IEC Publications hav
33、e the form of recommendations for international use and are accepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any misi
34、nterpretation by any end user. 4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications transparently to the maximum extent possible in their national and regional publications. Any divergence between any IEC Publication and the corresponding natio
35、nal or regional publication shall be clearly indicated in the latter. 5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any services c
36、arried out by independent certification bodies. 6) All users should ensure that they have the latest edition of this publication. 7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and members of its technical committees and IEC National
37、Committees for any personal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications. 8) Attention is dra
38、wn to the Normative references cited in this publication. Use of the referenced publications is indispensable for the correct application of this publication. 9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent rights. IEC shall not
39、 be held responsible for identifying any or all such patent rights. International Standard IEC 61069-7 has been prepared by subcommittee 65A: System aspects, of IEC technical committee 65: Industrial-process measurement, control and automation. This second edition cancels and replaces the first edit
40、ion published in 1999. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) reorganization of the material of IEC 61069-7:1999 to make the overall set of standards more organized and consistent; b) I
41、EC TS 62603-1 has been incorporated into this edition. BS EN 61069-7:2016 4 IEC 61069-7:2016 IEC 2016 The text of this standard is based on the following documents: FDIS Report on voting 65A/795/FDIS 65A/805/RVD Full information on the voting for the approval of this standard can be found in the rep
42、ort on voting indicated in the above table. This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. A list of all parts in the IEC 61069 series, published under the general title Industrial-process measurement, control and automation Evaluation of system properties for t
43、he purpose of system assessment, can be found on the IEC website. The committee has decided that the contents of this publication will remain unchanged until the stability date indicated on the IEC website under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, t
44、he publication will be reconfirmed, withdrawn, replaced by a revised edition, or amended. IMPORTANT The colour inside logo on the cover page of this publication indicates that it contains colours which are considered to be useful for the correct understanding of its contents. Users should therefore
45、print this document using a colour printer. BS EN 61069-7:2016IEC 61069-7:2016 IEC 2016 5 INTRODUCTION IEC 61069 deals with the method which should be used to assess system properties of a basic control system (BCS). IEC 61069 consists of the following parts. Part 1: Terminology and basic concepts P
46、art 2: Assessment methodology Part 3: Assessment of system functionality Part 4: Assessment of system performance Part 5: Assessment of system dependability Part 6: Assessment of system operability Part 7: Assessment of system safety Part 8: Assessment of other system properties Assessment of a syst
47、em is the judgement, based on evidence, of the suitability of the system for a specific mission or class of missions. To obtain total evidence would require complete evaluation (for example under all influencing factors) of all system properties relevant to the specific mission or class of missions.
48、 Since this is rarely practical, the rationale on which an assessment of a system should be based is: the identification of the importance of each of the relevant system properties, the planning for evaluation of the relevant system properties with a cost-effective dedication of effort to the variou
49、s system properties. In conducting an assessment of a system, it is crucial to bear in mind the need to gain a maximum increase in confidence in the suitability of a system within practical cost and time constraints. An assessment can only be carried out if a mission has been stated (or given), or if any mission can be hypothesized. In the absence of a mission, no assessment can be made; however, evaluations can still be specified and carried out for use in assessments performed by others. I
