Mr. Nute,
Per IEV definition 192-10-06, fail-safe is:
"capable of preserving safety in the case of failure
Note 1 to entry: The safe conditions should be defined for the particular
application."
Per IEC62368-1, fail-safe only applies to stuff in annex K (safety interlocks).
Where the mitigation is more of an exercise in reducing energy after an
interlock open, rather than any specific reliable performance level. There is
no 'fail-safe' in IEC60950-1 (probably because TC108 had a Romulan spy at the
time of the 1st edition).
As for MTTF, it tends towards a ritualized mathematical ceremony per Mil217 and
SR322 (hooded robes are required to perform the calculations). Reliability is
more secular, but is a 'localized' property per the scoped standard's test
requirements. And have seen some designs that fail-safe the fail safe; that is,
a decreased reliability, but less likely to fail to an unsafe condition. Choose
your poison.
Avoiding the HazLoc ('intrinsic' safety) morass, the stuff in UL1310 and
UL5085-3 resembles something that is reliably long-term fault tolerant (note
the non-use of 'fail-safe') for limited categories of equipment.
So, it is obvious that my stupidity (and evil thoughts) prevent me from
answering your questions, because this is another "it depends". That is, fail
safe depends on integrating properly rated components into clever designs, and
implementing ingenious test methods. In my little cloistered world, there are
no fail-safe components and there are no reliable fail-safe systems. But there
can be extensively tested products that have been subject to incremental design
improvements, where the probability of a catastrophic life-time failure
increasingly favors your side.
Brian
From: Richard Nute [mailto:[email protected]]
Sent: Thursday, March 08, 2018 1:42 PM
To: [email protected]
Subject: Re: [PSES] IEC60950-1 Limited Power Source via IC current limiter
In my early days in product safety, safety was prohibited from relying on
conduction in a vacuum, gas, or semiconductor.
Today. we rely on semiconductor current limiters and similar devices, e.g.,
GFCI control circuits.
Are such limiters and control circuits fail-safe devices?
Or, are they "reliable" devices and circuits where their lifetime is expected
(proven) to be greater than the host equipment?
Rich
-
----------------------------------------------------------------
This message is from the IEEE Product Safety Engineering Society emc-pstc
discussion list. To post a message to the list, send your e-mail to
<[email protected]>
All emc-pstc postings are archived and searchable on the web at:
http://www.ieee-pses.org/emc-pstc.html
Attachments are not permitted but the IEEE PSES Online Communities site at
http://product-compliance.oc.ieee.org/ can be used for graphics (in well-used
formats), large files, etc.
Website: http://www.ieee-pses.org/
Instructions: http://www.ieee-pses.org/list.html (including how to unsubscribe)
List rules: http://www.ieee-pses.org/listrules.html
For help, send mail to the list administrators:
Scott Douglas <[email protected]>
Mike Cantwell <[email protected]>
For policy questions, send mail to:
Jim Bacher: <[email protected]>
David Heald: <[email protected]>
