Standards Development

Scope

1.1 This document covers those aspects to be considered when electrical/electronic/programmable electronic (E/E/PE) systems are used to carry out safety functions. A major objective of t

The goal of this document is to facilitate the development of product and application sector international standards by the technical committees responsible for the product or application sector. This will allow all the relevant factors, associated with the product or application, to be fully taken into account and thereby meet the specific needs of users of the product and the application sector. A second objective of this document is to enable the development of E/E/PE safety-related systems where product or application sector international standards do not exist.

The scope of this document is functional safety for E/E/PE safety-related systems but, apart from normative requirements in the hazard and risk analysis phase, does not itself provide normative requirements for malevolent action arising from a cybersecurity risk. However, if a cybersecurity assessment has identified that a reasonably foreseeable cyber security risk will arise, it is essential that measures be taken for all relevant phases of the overall, E/E/PE and software safety lifecycles in order to protect against such threats to ensure that functional safety is achieved.

NOTE 1  For requirements and/or guidance on cybersecurity see IEC 62443 series and ISO/IEC 27000 series.

NOTE 2 For guidance on the coordination between safety and security refer to IEC TR 63069.

1.2 In particular, this document

a) applies to safety-related systems when one or more of such systems incorporates electrical/electronic/programmable electronic elements;

NOTE 1 In the context of low complexity E/E/PE safety-related systems, certain requirements specified in this document can be unnecessary, and exemption from compliance with such requirements is possible (see 4.2, and the definition of a low complexity E/E/PE safety-related system in 3.4.3 of IEC 61508-4).

NOTE 2 Although a person can form part of a safety-related system (see 3.4.1 of IEC 61508-4), human factor requirements related to those aspects of the design of E/E/PE safety-related systems are not considered in detail in this document.

NOTE 3 This document can be applied to custom, low-volume and high volume production safety-related systems, subsystems, elements and compliant items.

NOTE 4 This document can be applied to parts of the safety function (e.g., compliant item or tool) but it does not provide a final SIL statement to a part of the safety function.

b) is generically based and applicable to all E/E/PE safety-related systems irrespective of the application;  

c) covers the achievement of a tolerable risk through the application of E/E/PE safety-related systems, but does not cover hazards arising from the E/E/PE equipment itself (for example electric shock);

d) applies to all types of E/E/PE safety-related systems, including protection systems and control systems;

e) does not cover E/E/PE systems where

– a single E/E/PE system is capable on its own of meeting the tolerable risk, and

– the required quantitative performance and integrity of the safety functions of the single E/E/PE system is less than that specified for safety integrity level 1 (the lowest safety integrity level in this document).

f) is mainly concerned with the E/E/PE safety-related systems whose failure could have an impact on the safety of persons and/or the environment; however, it is recognized that the consequences of failure could also have serious economic implications and in such cases this document could be used to specify any E/E/PE system used for the protection of equipment or product;

NOTE 7 See 3.1.1 of IEC 61508-4.g) considers E/E/PE safety-related systems and other risk reduction measures, in order that the safety requirements specification for the E/E/PE safety-related systems can be determined in a systematic, risk-based manner;

h) uses an overall safety lifecycle model as the organisational framework for dealing systematically with the processes and activities necessary for ensuring the functional safety of the E/E/PE safety-related systems;

NOTE 8 Although the overall safety lifecycle is primarily concerned with E/E/PE safety-related systems, it might also provide a technical framework for considering any safety-related system irrespective of the technology of that system (for example mechanical, hydraulic or pneumatic).

i) specifies the essential concept of safety integrity levels applicable to any sector application;

j) does not specify the selection of safety integrity levels required to address risks specific to sector applications (which must be based on detailed information and knowledge of the sector application).

k) provides general requirements for E/E/PE safety-related systems where no product or application sector international standards exist;

l) requires malevolent and unauthorised actions to be considered during hazard and risk analysis. The scope of the analysis includes all relevant safety lifecycle phases;

NOTE 9 For further details refer to ISO/IEC TR 19791 and IEC 62443 series.

m) does not cover the precautions that may be necessary to prevent unauthorized persons damaging, and/or otherwise adversely affecting, the functional safety of E/E/PE safety-related systems (see k) above);

n) does not specify the requirements for the development, implementation, maintenance and/or operation of security policies or security services needed to meet a security policy that may be required by the E/E/PE safety-related system;

o) does apply to software algorithms of software technology class I; does apply to software algorithms of software technology class II and in combination with the additional requirements provided in ISO/IEC TS 22440.

NOTE 1 The software technology classes relate to the generically used term “artificial intelligence” as defined in ISO/IEC 22989; for defintions refer to 61508-4, Clauses 3.2.15, 3.2.16 and 3.2.17.

NOTE 2 Refer to ISO/IEC TR 5469:2024 and to ISO/IEC TS 22440-1 for further details.

NOTE 3 The concept of safety integrity level as described in this document can be applied to the hardware used to execute or implement software algorithms of software technology class I, II or III

1.3 This part of the IEC 61508 series of standards includes general requirements that are applicable to all parts. Other parts of the IEC 61508 series concentrate on topics that are more specific:

– parts 2 and 3 provide additional and specific requirements for E/E/PE safety-related systems (part 2 for hardware and part 3 for software);

– part 4 gives definitions and abbreviations that are used throughout all parts of this document;

– part 5 provides guidelines on the application of part 1 in determining safety integrity levels, by showing example methods;

– part 6 provides guidelines on the application of parts 2 and 3;

– part 7 contains an overview of techniques and measures.

1.4  This document is a basic safety publication to be used in conjunction with the other parts of IEC 61508 for use by end users to evaluate functional safety applications, or by technical committees in the preparation of standards in accordance with the principles contained in IEC Guide 104 and ISO/IEC Guide 51. This document does not apply in the context of low complexity E/E/PE safety-related systems (see IEC 61508-4 3.4.3).

1.5 Figure 1 shows the overall framework of the IEC 61508 series and indicates the role that IEC 61508-1 plays in the achievement of functional safety for E/E/PE safety-related systems.

Please see draft for Figure 1 – Overall framework of the IEC 61508 series