iec 62368-1: standard approach - tuv sud customer day 2015 safety of electronic equipment philosophy...
TRANSCRIPT
IEC 62368-1: A new ‘hazard-based’ standard approach Matthew Emery TÜV SÜD Product Service
Customer Day 2015 15-07-15 TÜV SÜD
Name Matthew Emery
Title: Product Safety Specialist
Employer: TÜV SÜD Product Service
Experience: 8 years experience in Product Testing
History: Worked for lighting manufacturer for 8 years
Telephone: +44 (0)1489 558 128
E-mail: [email protected]
Who am I?
TÜV SÜD
1 Existing Product Safety Standards
2 Introduction to IEC 62368-1
3 Injury Classification
4 Energy Sources
5 Safeguards
Introduction
6 Models for Protection
15-07-15 Customer Day 2015
Customer Day 2015 15-07-15
Existing product safety standards: • Blurred borderline between different classes of products • Too diverse: safety requirements differed widely due to the evolution of
“Multi-Media” products • Changed too frequently because: − design oriented rather than performance based − Maintenance cycles required for any technology evolution
• Were lacking for some product families
TÜV SÜD
ECMA - 287
Customer Day 2015 15-07-15
Safety of electronic equipment Philosophy applied: To define hazard-based requirements using engineering principles and taking into account relevant IEC standards and pilot documents. Where technical discrepancies between standards emerged, conclusion was based on engineering principles.
TÜV SÜD
Standard ECMA-287:1999
Customer Day 2015 15-07-15
• Technology independent safety standard • Scope is ICT and CE equipement rated less than 600Vrms • Covers products currently under the scope of IEC 60065 and IEC 60950-
x • New standard NOT simply a merger of IEC 60065 and IEC 60950) • ECMA International Technical Committee 12 draft, based on IEC basic
safety publications and HBSE (Hazard Based Safety Engineering) principles
• Free to download - http://www.ecma-international.org/publications/standards/Ecma-287.htm
• Contributed to IEC TC108 for further elaboration
TÜV SÜD
ECMA-287 - Facts
Customer Day 2015 15-07-15
• New safety standard (NOT a merger of IEC 60065 and 60950-1) • Covers products currently under the scopes of IEC 60065 and IEC
60950-x • Hazard based • Technology independent • Based on sound engineering principles, research and field data
TÜV SÜD
IEC 62368-1 – What is it?
Customer Day 2015 15-07-15
• Clearly identify the hazard being addressed • Clearly state principles upon which hazard is addressed • Follows of IEC pilot publication • Use of IEV definitions • Performance based (conformance based on tests rather than on
construction) • Type test standard • Useful to designers • Suitable to assess conformance by suppliers, purchasers and certifiers
(but NOT a certification document) • Meet above in a “user friendly” manner
TÜV SÜD
IEC 62368-1 – Objectives
Customer Day 2015 15-07-15
The standard: • Covers all specified hazards • Each hazard will be in a separate section • Will include examples of accepted constructions • Include basics of three block model in “Principles of Safety” • Adjunct Documents − Interpretations
(clarification of standard, newly identified accepted constructions, etc.) − Part 2 documents for a few very special cases
TÜV SÜD
IEC 62368-1 – Structure
Customer Day 2015 15-07-15
For each hazard clause will be formatted as follows: • Clause − State objective of clause
• Specify the energy source (as far as possible three (3) levels) and define the limits between the energy levels − Specify principal; supplemental and reinforced safeguards
• Location of safeguard − Specify safeguard properties − Specify safeguard parameters (e.g. materials)
• Specify safeguard tests/construction
TÜV SÜD
IEC 62368-1 – Format
Customer Day 2015 15-07-15
HAZARD, HAZARDOUS: An energy source that exceeds body susceptibility limits. ISO/IEC Guide 51: potential source of harm SAFE, SAFETY: Situation where at least one safeguard is interposed between the body and a hazardous energy source. ISO/IEC Guide 51: freedom from unacceptable risk
TÜV SÜD
IEC 62368-1 – Definitions
Customer Day 2015 15-07-15
Injury occurs ONLY when energy of sufficient magnitude and duration is imparted to a body part.
Body Transfer mechanism
Hazardous energy source
(capable of causing pain or inquiry)
Energy source Effect on the body Effect on combustible materials
Class 1 Not painful, but may be detectable Ignition not likely
Class 2 Painful, but not an injury Ignition possible, but limited growth and spread of fire
Class 3 Injury Ignition likely, rapid growth and spread of fire
TÜV SÜD
IEC 62368-1 – Injury Classification
Customer Day 2015 15-07-15
• Electric shock energy source • Electrically caused fire energy source • Chemical energy source (e.g. chemicals (including batteries)) • Mechanical energy source (e.g. moving parts, sharp edges, physical
stability) • Thermal energy source (e.g. skin burn) • Radiation energy source (e.g. ionizing, non-ionizing, acoustic)
TÜV SÜD
IEC 62368-1 – Energy Sources
Customer Day 2015 15-07-15
Forms of energy Examples of body response or property damage Clause
Electrical energy = ES (e.g. energized conductive parts)
Pain, fibrillation, cardiac arrest, respiratory arrest, skin burn, internal organ burn 5
Thermal energy = PS (e.g. electrical ignition, spread of fire)
Electrically caused fire leading to burn related pain or injury or property damage 6
Chemical reaction (e.g. electrolyte, poison) Skin damage, organ damage, or poisoning 7
Kinetic energy = MS (e.g. moving parts of equipment, or a moving body part against an equipment part)
Laceration, puncture, abrasion, contusion, crush, amputation, or loss of a limb, eye, ear
8
Thermal energy = TS (for example, hot accessible parts)
Skin burn 9
Radiated energy = RS (e.g. electromagnetic, optical, acoustic)
Loss of sight, skin burn, or loss of hearing 10
Examples of body response or property damage related to energy sources
TÜV SÜD
IEC 62368-1 – Body Response/Property Damage
Customer Day 2015 15-07-15
Unless otherwise specified, a class 1 source is an energy source with levels not exceeding class 1 limits under: • normal operating conditions; and • abnormal operating conditions that do not lead to a single fault condition;
and • single fault conditions that do not result in class 2 limits being exceeded. Under normal operating conditions and abnormal operating conditions, the energy in a class 1 source, in contact with a body part, may be detectable, but is not painful nor is it likely to cause an injury. For fire, the energy in a class 1 source is not likely to cause ignition. Under single fault conditions, a class 1 energy source, under contact with a body part, may be painful, but is not likely to cause injury. TÜV SÜD
IEC 62368-1 – Class 1 Energy Source
Customer Day 2015 15-07-15
Class 2 energy source Unless otherwise specified, a class 2 source is an energy source with levels exceeding class 1 limits and not exceeding class 2 limits under normal operating conditions, abnormal operating conditions, or single fault conditions. The energy in a class 2 source, under contact with a body part, may be painful, but is not likely to cause an injury. For fire, the energy in a class 2 source can cause ignition under some conditions. Class 3 energy source A class 3 source is an energy source with levels exceeding class 2 limits under normal operating conditions, abnormal operating conditions, or single fault conditions, or any energy source declared to be a class 3 source. The energy in a class 3 source, under contact with a body part, is capable of causing injury. For fire, the energy in a class 3 source may cause ignition and the spread of flame where fuel is available.
TÜV SÜD
IEC 62368-1 – Classes 2 & 3 Energy Source
Customer Day 2015 15-07-15
A safeguard is a device or scheme or system that: • Is interposed between an energy source capable of causing pain or injury
and a body part, and • Reduces the likelihood of transfer of energy to a body part
Body Safeguard Hazardous energy sources
TÜV SÜD
IEC 62368-1 – Safeguards
Customer Day 2015 15-07-15
Injury does not occur when the energy source is non-hazardous.
Body No safeguard necessary
Non-hazardous energy source
A non-hazardous energy source is: An energy source that is less than the body susceptibility to that energy
TÜV SÜD
IEC 62368-1 – Non-hazardous Energy Source
Customer Day 2015 15-07-15
A BASIC SAFEGUARD is: A safeguard that is effective under normal and abnormal operating conditions whenever hazardous energy is present
Body Basic safeguard
Hazardous energy source
Supplementary safeguard
TÜV SÜD
A SUPPLEMENTARY SAFEGUARD is: A safeguard that is effective in the event of a single fault of any part, including a fault of the basic safeguard
IEC 62368-1 – Supplementary Safeguards
Customer Day 2015 15-07-15
A REINFORCED SAFEGUARD is: A single, robust safeguard that is effective under normal operating conditions, abnormal operating conditions, and single fault condition.
Body Reinforced safeguard
Hazardous energy source
TÜV SÜD
IEC 62368-1 – Reinforced Safeguard
Customer Day 2015 15-07-15
Hierarchy of safeguards I. Equipment safeguards are always useful, since they do
not require any knowledge or actions by persons coming into contact with the equipment
II. Installation safeguards are useful when a safety
characteristic can only be provided after installation (e.g. equipment has to be bolted to the floor to provide stability)
III. Behavioural safeguards are useful when the equipment requires an energy source to be accessible.
Safeguard
TÜV SÜD
IEC 62368-1 – Hierarchy of Safeguards
Customer Day 2015 15-07-15
Basic safeguard
Supplementary safeguard
Reinforced safeguard
Effective under normal operating conditions
Effective in the event of failure of the basic safeguard
Effective under normal operating conditions and in the event of a single fault condition
Example: Basic Insulation
Example: Supplementary Insulation
Example: Reinforced Insulation
Example: Normal temperatures below ignition temperatures
Example: fire enclosure Not applicable
Equipment safeguard: Physical part of an equipment
TÜV SÜD
IEC 62368-1 – Equipment Safeguard
Customer Day 2015 15-07-15
Basic safeguard
Supplementary safeguard
Reinforced safeguard
Effective under normal operating conditions
Effective in the event of failure of an equipment basic safeguard
Effective under normal operating conditions and in the event of a single fault condition elsewhere in the equipment
Example: Wire size
Example: Overcurrent protective device
Example: Socket outlet
Installation safeguard: Physical part of a man-made installation
TÜV SÜD
IEC 62368-1 – Installation Safeguard
Customer Day 2015 15-07-15
Basic safeguard
Supplementary safeguard
Reinforced safeguard
In the absence of any equipment safeguard, effective under normal operating conditions
Effective in the event of failure of an equipment basic safeguard
In the absence of any equipment safeguard, effective under normal operating conditions and in the event of a single fault con-dition elsewhere in the equip-ment
Example: Gloves
Example: Insulating floor mat
Example: Electrically-insulated glove for handling live conductors
Personal safeguard: Physical device worn on the body
TÜV SÜD
IEC 62368-1 – Personal Safeguard
Customer Day 2015 15-07-15
Basic safeguard
Supplementary safeguard
Reinforced safeguard
In the absence of any equipment safeguard, effective under normal operating conditions
Effective in the event of failure of an equipment basic safeguard
Only effective on an exceptional basis, when providing all appropriate safeguards would prevent the intended functioning of the equipment
Example: Instructional safeguard to disconnect telecommunication cable before opening cover
Example: After opening a door, an instructional safeguard warning against hot parts
Example: Instructional safeguard warning of hot parts in a photocopier, or a continuous roll paper cutter on a commercial printer
Instructional safeguard: Voluntary or instructed behaviour
TÜV SÜD
IEC 62368-1 – Instructional Safeguard
Customer Day 2015 15-07-15
Accessibility to electrical energy sources and safeguard
Q: What are the requirements between these non-accessible sources? A: None, as the enclosure is double insulated, the sources are not accessible.
Equipment Enclosure Double Insulated
ES 3 source
ES2 source
ES1 source
TÜV SÜD
IEC 62368-1 – Accessibility to Energy Sources
Customer Day 2015 15-07-15
Accessibility to electrical energy sources and safeguard Now there is an accessbile connection
A: 1. Basic insulation between ES1 & ES2 A: 2. Double or reinforced insulation between ES1 & ES3 A: 3. Insulation between ES2 & ES3 depends on the insulation between ES1 & ES2
Accessible Part/Interface
Equipment Enclosure Double Insulated
ES 3 source
ES2 source
ES1 source
?
Q: What are the requirements between the sources in this case?
TÜV SÜD
IEC 62368-1 – Accessibility to Energy Sources
Customer Day 2015 15-07-15
Accessibility to electrical energy sources and safeguard Now there are two accessible connections from independent sources
Accessible Connection
Equipment Enclosure Double Insulated
ES1 source
ES1 source
Q: What are the requirements between the sources in this case?
A: 1. According to B.4 (single fault condition), the insulation or any components between the sources need to be shorted A: 2. If one of the two ES1 sources would reach ES2 levels - basic safeguard (Note that a source that exceeds ES1 levels is not an ES1, but an ES2 source!!!) A: 3. If both ES1 sources stay within ES1 limits - no safeguard (functional insulation)
TÜV SÜD
IEC 62368-1 – Accessibility to Energy Sources
Customer Day 2015 15-07-15
Ordinary person: all persons other than “instructed” and “skilled”. Includes users and persons who may have access to or be in the vicinity of the equipment. Under normal or abnormal operating conditions, should not be exposed to energy sources capable of causing pain or injury. Under a single fault condition should not be exposed to energy sources capable of causing injury. Instructed person: instructed and trained or supervised by a skilled person to identify energy sources that may cause pain and to take precautions to avoid unintentional contact or exposure. Under normal operating conditions, abnormal operating conditions or single fault conditions, should not be exposed to energy sources capable of causing injury. Skilled person: persons who have training or experience in the equipment technology, particularly knowing the various energies and magnitudes used. Expected to use their training and experience to recognize energy sources capable of causing pain or injury and to take action for protection. Should be protected against unintentional contact or exposure to sources capable of causing injury.
TÜV SÜD
IEC 62368-1 – Behavioural Safeguards
Customer Day 2015 15-07-15
Person Behavioural safeguards Ordinary Instructional safeguard: means of providing information, describing the existence and location of an
energy source capable of causing pain or injury Intended to invoke a specific behaviour to reduce the likelihood of transfer of energy to a body part.
Instructional safeguards may be considered acceptable protection to bypass an equipment safeguard such that the person is made aware of how to avoid contact with a class 2 or class 3 energy source.
Instructed Precautionary safeguard is the training and experience or supervision of an instructed person by a skilled person to use precautions to protect the person against class 2 energy sources. During equipment servicing, an instructed person may need to remove or defeat an equipment safeguard. In this case, an instructed person is expected to then apply precaution as a safeguard to avoid injury.
Skilled Skill safeguard is the education, training, knowledge and experience of the skilled person that is used to protect that person against class 2 or class 3 energy sources. During equipment servicing, a skilled person may need to remove or defeat an equipment safeguard. In this case, a skilled person is expected to then apply skill as a safeguard to avoid injury
TÜV SÜD
IEC 62368-1 – Behavioural Safeguards
Customer Day 2015 15-07-15
The limit values for determining whether or not an energy source is hazardous and the safeguard tests and parameters are based on IEC Basic and Group safety publications.
No
No
IDENTIFY ENERGYSOURCE
IS SOURCEHAZARDOUS?
IDENTIFY MEANS BY WHICHENERGY CAN BE
TRANSFERRED TO A BODY PART
DESIGN SAFEGUARD WHICHWILL PREVENT ENERGY
TRANSFER TO A BODY PART
MEASURE SAFEGUARDEFFECTIVENESS
IS SAFEGUARDEFFECTIVE?
DONE
Yes
Yes
TÜV SÜD
IEC 62368-1 – Limit Values
Customer Day 2015 15-07-15
1. Identify the ES1, ES2 and ES3 parts and circuits and their respective safeguards (ES = Electrical energy)
2. Identify the PS1, PS2, and PS3 circuits and the fire safeguard methods (PS = Thermal energy)
3. Identify the MS1, MS2, and MS3 parts and circuits and their respective safeguards (MS = Kinetic energy)
4. Identify the TS1, TS2, and TS3 parts and circuits and their respective safeguards (TS = Thermal energy)
5. Identify the RS1, RS2, and RS3 parts and circuits and their respective safeguards (RS = Radiated energy)
No
No
IDENTIFY ENERGYSOURCE
IS SOURCEHAZARDOUS?
IDENTIFY MEANS BY WHICHENERGY CAN BE
TRANSFERRED TO A BODY PART
DESIGN SAFEGUARD WHICHWILL PREVENT ENERGY
TRANSFER TO A BODY PART
MEASURE SAFEGUARDEFFECTIVENESS
IS SAFEGUARDEFFECTIVE?
DONE
Yes
Yes
TÜV SÜD
IEC 62368-1 – Limit Values
Customer Day 2015 15-07-15 TÜV SÜD
IEC 62368-1 – Electric Shock
Customer Day 2015 15-07-15
General Information Energy Source Result
Dia-gram Ref-erence
Operating Reference
Area of Contact
Frequency, Capacitance
or Pulse Duration
Determined Voltage Applicable
Voltage Limit
Determined Current
Appli-cable
Current Limit
Classification
L M S V Peak
V RMS Peak/RMS mA Peak
mA RMS
Peak/RMS
ES1 ES2 ES3
C1 Normal X 50-60Hz - 240 - - - - X C2 Normal X DC - 25.2 28Vdc - - - X C2 Faut F10 X DC - 28.6 40Vdc - - - X C1-C2 Normal - - - 100kHz 580 456 - - - - X C3 Normal X DC - 5.2 28Vdc - - - X C3 Fault F11 X DC - 5.4 40Vdc - - - X C3 Fault F12 X Hiccup 8.6 - 40Vdc - - - X C2-C3 Normal X 30kHz 69 45 65Vrms - - - X C4 Normal X DC - 3.4 28Vdc - - - X C4 Fault F13 X DC - 3.5 40Vdc - - - X C5 Normal X 60kHz/0.8nF 2500 - 5000Vpeak - 27 30 X C5 Fault F14 X 30kHz/0.8nF 1000 - 5000Vpeak - 33 35 X C6 Normal X 1kHz 35 - 42.4Vpeak - - - X C6 Fault F15 X DC - 24 40Vrms - - - X C7 Normal X Non-DC 120 140Vrms - - - X
Electrical energy source classification table
TÜV SÜD
IEC 62368-1 – Energy Source Classification
Customer Day 2015 15-07-15
Clause OVERVIEW OF EMPLOYED SAFEGUARDS 5.2 Electrically-caused injury
Body Part (e.g. Ordinary)
Energy Source (ES3: Primary Filter circuit)
Related clause (e.g., 5.3.6.3, etc.)
Safeguards
Basic Supplementary Reinforced (Enclosure)
6.2.2 Electrically-caused fire
Material part (e.g. mouse enclosure)
Energy Source (PS2: 100 Watt circuit)
Related clause (6.4.3.1)
Safeguards
Basic Supplementary (e.g., PTC)
Reinforced
7.5 Chemically-caused injury
Body Part (e.g., skilled)
Energy Source (e.g., hazardous material)
Related clause (7.4)
Safeguards
Basic (e.g. gloves)
Supplementary Reinforced
8.2 Mechanically-caused injury
Body Part (e.g. Ordinary)
Energy Source (MS3:Imploding part)
Related clause (8.5.5.1)
Safeguards
Basic Supplementary Reinforced (Enclosure)
9.3 Thermal Burn
Body Part (e.g., Ordinary)
Energy Source (TS2)
Related clause (9.3.2.2)
Safeguards
Basic (e.g. Instructional)
Supplementary Reinforced
10.2 Radiation
Body Part (e.g., Ordinary)
Energy Source (Output from audio port)
Related clause (10.4.2)
Safeguards
Basic (e.g., Instructional)
Supplementary Reinforced
Supplementary Information: (1) A block diagram can be attached to further detail the identified safeguards.
(2) “N” – Normal Condition; “A” – Abnormal Condition; “S” Short Circuit
TEST REPORT IEC 62368-1 Audio/video, information and communication technology equipment Part 1: Safety requirements
TÜV SÜD
IEC 62368-1 – Example Test Report
Customer Day 2015 15-07-15
Electrical energy transfer occurs when there are two or more electrical contacts to the body: The first electrical contact is between a body part and a conductive part of the equipment; the second electrical contact is between another body part; and earth, or another conductive part of the equipment.
Energy transfer
mechansm
Energy source Body
Prospective touch voltage or
touch current
Two electrical contacts Body resistance
TÜV SÜD
IEC 62368-1 – Electrical Energy Transfer
Customer Day 2015 15-07-15
Models for protection against electrically-caused pain or injury Protection against electrically-caused pain or injury requires that one or more safeguards be interposed between an electrical energy source capable of causing pain or injury and a body part.
Safeguard Energy source Body
Prospective touch voltage and
touch current Electric insulation Body resistance
TÜV SÜD
IEC 62368-1 – Models for Protection
Customer Day 2015 15-07-15
Models for electrically-caused fire Electrically caused fire is due to conversion of electrical energy to thermal energy, where the thermal energy heats a fuel material followed by ignition and combustion.
Energy transfer mechansm Energy source Fuel material
Electrical energy conversion to thermal
energy
Conduction, convection,
radiation
Material exceeds ignition temperature
TÜV SÜD
IEC 62368-1– Models
Customer Day 2015 15-07-15
Models for protection against electrically caused fire The basic safeguard against electrically caused fire is that the temperature of a material, under normal operating conditions and abnormal operating conditions, does not cause the material to ignite. The supplementary safeguard against electrically-caused fire reduces the likelihood of ignition or, in the case of ignition, reduces the likelihood of spread of fire.
Safeguard Energy source Fuel material
Electrical energy conversion to thermal
energy Thermal resistance
Material does not exceeds ignition
temperature Fuel material Energy source Safeguard
Electrical energy conversion to thermal
energy Fuel ignition Enclosure contains
the fire
TÜV SÜD
IEC 62368-1– Models for Protection
Customer Day 2015 15-07-15
SAFEGUARDS against electrically caused fire
TÜV SÜD
IEC 62368-1– Safeguards
Customer Day 2015 15-07-15 TÜV SÜD
IEC 62368-1–Models for Chemical Injury
Customer Day 2015 15-07-15 TÜV SÜD
IEC 62368-1–Models for Chemical Injury
Customer Day 2015 15-07-15
MS = Kinetic energy MS1 - Mechanical energy source with levels not exceeding MS1 limits under normal operating conditions and abnormal operating conditions and not exceeding MS2 under single fault conditions. MS2 - Mechanical energy source with levels not exceeding MS2 limits under normal operating conditions, abnormal operating conditions, and single fault conditions, but is not MS1. MS3 - Mechanical energy source with levels exceeding MS2 limits under normal operating conditions, abnormal operating conditions or single fault conditions, or any mechanical energy source declared to be treated as MS3 by the manufacturer.
TÜV SÜD
IEC 62368-1– Definitions
Customer Day 2015 15-07-15
Models for thermally-caused injury Thermally caused injury may occur when thermal energy capable of causing injury is transferred to a body part .
Energy source Body part
Energy transfer
mechansm Energy source Body
Temperature, Material, Mass, etc.
Body part touches hot part
Body part thermal resistance
Safeguard Energy source Body
Temperature, Material, Mass, etc.
Thermal insulation Body part thermal resistance
TÜV SÜD
IEC 62368-1– Models for Thermally-Caused Fire
Customer Day 2015 15-07-15
TS = Thermal energy TS1 - Thermal energy source with temperature levels not exceeding TS1 limits under normal operating conditions; and not exceeding TS2 limits under abnormal operating conditions; or single fault conditions. TS2 - Thermal energy source where the temperature exceeds the TS1 limits; and under normal operating conditions, abnormal operating conditions or single fault conditions the temperature does not exceed the TS2 limits. Where the malfunction of the equipment is evident, no limits apply. TS3 - Thermal energy source where the temperature exceeds the TS2 limits in Table 38 under normal operating conditions or under abnormal operating conditions, or under single fault conditions.
TÜV SÜD
IEC 62368-1– Definitions
TÜV SÜD Product Service Slide 46 Customer Day 2015 15-07-15
Thank you for listening Matthew Emery Product Safety Specialist TÜV SÜD Product Service +44 (0)1489 558128 [email protected]