Safety rules for the construction and installation of lifts - Part 2: Hydraulic lifts

2004-06-02 TC will be submitting the draft to a second formal vote (target date DEC 2004) (SJ).
2004-06-21 (AAG) Res BT 31/2004: This WI will be reviewed at 23rd TCMG meeting (2004-09-07).
2004-08-03 CMC proposal to keep this WI (SJ).

Sicherheitsregeln für die Konstruktion und den Einbau von Aufzügen - Teil 2: Hydraulisch betriebene Personen- und Lastenaufzüge

Règles de sécurité pour la construction et l'installation des ascenseurs - Partie 2: Ascenseurs hydrauliques

Varnostna pravila za konstruiranje in vgradnjo dvigal (liftov) – 2. del: Hidravlična dvigala

General Information

Status
Withdrawn
Publication Date
22-Nov-2005
Withdrawal Date
22-Dec-2009
Current Stage
9960 - Withdrawal effective - Withdrawal
Start Date
23-Dec-2009
Completion Date
23-Dec-2009

Relations

Buy Standard

Amendment
EN 81-2:1999/A1:2006
English language
20 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-marec-2006
9DUQRVWQDSUDYLOD]DNRQVWUXLUDQMHLQYJUDGQMRGYLJDO OLIWRY ±GHO+LGUDYOLþQD
GYLJDOD
Safety rules for the construction and installation of lifts - Part 2: Hydraulic lifts
Sicherheitsregeln für die Konstruktion und den Einbau von Aufzügen - Teil 2: Hydraulisch
betriebene Personen- und Lastenaufzüge
Regles de sécurité pour la construction et l'installation des ascenseurs - Partie 2:
Ascenseurs hydrauliques
Ta slovenski standard je istoveten z: EN 81-2:1998/A1:2005
ICS:
91.140.90 'YLJDOD7HNRþHVWRSQLFH Lifts. Escalators
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN 81-2:1998/A1
NORME EUROPÉENNE
EUROPÄISCHE NORM
November 2005
ICS 91.140.90
English Version
Safety rules for the construction and installation of lifts - Part 2:
Hydraulic lifts
Règles de sécurité pour la construction et l'installation des Sicherheitsregeln für die Konstruktion und den Einbau von
élévateurs - Partie 2: Ascenseurs hydrauliques Aufzügen - Teil 2: Hydraulisch betriebene Personen- und
Lastenaufzüge
This amendment A1 modifies the European Standard EN 81-2:1998; it was approved by CEN on 13 May 2005.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for inclusion of this
amendment into the relevant national standard without any alteration. Up-to-date lists and bibliographical references concerning such
national standards may be obtained on application to the Central Secretariat or to any CEN member.
This amendment exists in three official versions (English, French, German). A version in any other language made by translation under the
responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France,
Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Slovakia,
Slovenia, Spain, Sweden, Switzerland and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre: rue de Stassart, 36  B-1050 Brussels
© 2005 CEN All rights of exploitation in any form and by any means reserved Ref. No. EN 81-2:1998/A1:2005: E
worldwide for CEN national Members.

Contents
Page
Foreword .3
1 Modifications in Clause 0 .4
2 Modifications in Clause 2 .4
3 Modifications in Clause 3 .4
4 Modifications in Clause 14 .5
5 Modifications in Clause 16 .11
6 Modifications in Annex A .12
7 Modifications in Annex F.13
8 Amended Annex M.14
Annex ZA (informative) Relationship between this European Standard and the Essential
Requirements of EU Directive 95/16/EC .20

Foreword
This European Standard (EN 81-2:1998/A1:2005) has been prepared by Technical Committee CEN/TC 10 “Lifts,
escalators and moving walks”, the secretariat of which is held by AFNOR.
This Amendment to the European Standard EN 81-2:1998 shall be given the status of a national standard, either
by publication of an identical text or by endorsement, at the latest by May 2006, and conflicting national standards
shall be withdrawn at the latest by May 2006.
This European Standard has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association, and supports essential requirements of EU Directive(s).
For relationship with EU Directive(s), see informative Annex ZA, which is an integral part of this European
Standard.
The 1998 edition of EN 81-2, under 14.1.2.1.1 b) 3) and Annex H foresees the use of electronic components in
safety circuits thus giving hardware provisions. This amendment extends their use to permit the inclusion of
software (programmable electronic systems - PESSRAL).
This amendment A1 covers those aspects that need to be addressed when programmable electronic systems
(PESSRAL) are used to carry out electric safety functions for lifts within the scope of EN 81-2:1998 and EN 81-
2:1998/A2:2004.
This amendment A1 covers the necessary additional precautions by replacing the relevant existing text of
EN 81-2:1998 or adding new clauses as indicated.
NOTE Drafting and presentation of the amended text has been arranged to comply with the presentation of EN 81-2:1998.
According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to implement this European Standard: Austria, Belgium, Cyprus, Czech Republic, Denmark,
Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,
Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.
1 Modifications in Clause 0
A new 0.2.6 shall be added as follows:
"0.2.6 Risk analysis, terminology and technical solutions have been considered taking into account the methods of
the EN 61508-series of standards. This led to a necessary classification of safety functions applied to PESSRAL.”
0.3.5 shall be amended as follows:
"0.3.5 The requirements of this European Standard regarding electrical safety devices are such that the possibility
of a failure of an electric safety device (see 14.1.2.1.1 b)) complying with all the requirements of this European
Standard needs not to be taken into consideration.”
2 Modifications in Clause 2
Clause 2 shall be amended as follows:
"EN 61508-1:2001, Functional safety of electrical/electronic/programmable electronic safety-related systems - Part
1: General requirements (IEC 61508-1:1998 + Corrigendum 1999).
EN 61508-2:2001, Functional safety of electrical/electronic/programmable electronic safety-related systems - Part
2: Requirements for electrical/electronic/programmable electronic safety-related systems (IEC 61508-2:2000).
EN 61508-3:2001, Functional safety of electrical/electronic/programmable electronic safety related systems - Part
3: Software requirements (IEC 61508-3:1998 + Corrigendum 1999).
EN 61508-4:2001, Functional safety of electrical/electronic/programmable electronic safety related systems - Part
4: Definitions and abbreviations (IEC 61508-4:1998 + Corrigendum 1999).
EN 61508-5:2001, Functional safety of electrical/electronic/programmable electronic safety related systems - Part
5: Examples of methods for the determination of safety integrity levels (IEC 61508-5 1998 + Corrigendum 1999).
EN 61508-7:2001, Functional safety of electrical/electronic/programmable electronic safety related systems - Part7:
Overview of techniques and measures (IEC 61508-7:2000)."
3 Modifications in Clause 3
Clause 3 shall be amended by the following definitions:
"programmable electronic system in safety related applications for lifts (PESSRAL)
(système électronique programmable dans les applications liées à la sécurité des ascenseurs (PESSRAL))
(programmierbares elektronisches System in sicherheitstechnisch relevanten Anwendungen für Aufzüge
(PESSRAL))
system for control, protection or monitoring based on one or more programmable electronic devices, including all
elements of the system such as power supplies, sensors and other input devices, data highways and other
communication paths, and actuators and other output devices, used in safety related applications as listed in
Tables A.1 and A.2.
system reaction time
(temps de réaction système)
(Systemreaktionszeit)
sum of the following two values:
a) time period between the occurrence of a fault in the PESSRAL and the initiation of the corresponding action on
the lift;
b) time period for the lift to respond to the action, maintaining a safe state
safety integrity level (SIL)
(niveau d'intégrité de sécurité)
(Sicherheits-Integritätslevel)
discrete level for specifying the safety integrity requirements of the safety functions to be allocated to the PESSRAL
NOTE In this European Standard SIL 1 is representing the lowest level and SIL 3 the highest."
4 Modifications in Clause 14
14.1.2.1.1 b) shall be amended as follows:
" 4) programmable electronic systems in safety related applications in accordance with 14.1.2.6."
A new 14.1.2.6 shall be added as follows:
"14.1.2.6 Programmable electronic systems in safety related applications (PESSRAL)
Tables A.1 and A.2 give the safety integrity level for each electric safety device.
Programmable electronic systems designed in accordance with 14.1.2.6 cover the requirements of 14.1.2.3.2.
The minimum requirements of the safety functions common to all SILs are listed in Tables 7, 8 and 9. In addition
specific measures required for SILs 1, 2 and 3 are listed respectively in Tables 10, 11 and 12.
NOTE The EN 61508-7:2001 clauses listed in Tables 7 to 12 refer to the relevant requirements in EN 61508-2:2001 and
EN 61508-3:2001.
To avoid unsafe modification, measures to prevent unauthorised access to the program code and safety related
data of PESSRAL shall be provided, e.g. using EPROM, access code, etc.
If a PESSRAL and a non safety related system share the same hardware, the requirements for PESSRAL shall be
met.
If a PESSRAL and a non safety related system share the same PCB, the requirements of 13.2.2.3 shall apply for
the separation of the two systems.”
The following Tables shall be added:
Table 7 - Common measures to avoid and detect failures - Hardware design
EN 61508-7:2001
No Object Measure
reference
1 Processing unit Use of watch dog. A.9
2 Component selection Use of components only within their specifications.
I/O units and interfaces Defined safe state in the event of power failure or reset.
3 incl. communication
links
Defined safe shut-off state in case of over-voltage or under- A.8.2
4 Power supply
voltage.
5 Variable memory ranges Use of only solid state memories.
Variable memory ranges Read/write test of variable data memory during boot
procedure.
7 Variable memory ranges Remote access only to informative data (e.g. statistics).
No possibility to change the program code, either
8 Invariant memory ranges
automatically by the system or remote intervention.
Test of program code memory and fixed data memory during A.4.2
9 Invariant memory ranges boot procedure with a method at least equivalent to sum
check.
Table 8 - Common measures to avoid and detect failures - Software design
EN 61508-7:2001
No Object Measure
reference
Program structure (i.e. modularity, data handling, interface B.3.4/C.2.1
1 Structure
definition) according to the state of the art (see EN 61508-3). C.2.9/C.2.7
During boot procedures a safe state of the lift shall be
2 Boot procedure
maintained.
Limited use of interrupts: use of nested interrupts only if all C.2.6.5
3 Interrupts
possible sequences of interrupts are predictable.
No triggering of watchdog by interrupt procedure except in A.9.4
4 Interrupts
combination with other program sequence conditions.
No power down procedures, such as saving of data, for safety
5 Power down
related functions.
Stack manager in the hardware and/or software with C.2.6.4/
6 Memory management
appropriate reaction procedure. C.5.4
Iteration loops shorter than system reaction time, e.g. by
7 Program
limiting number of loops or checking execution time.
Array pointer offset checks, if not included in the used C.2.6.6
8 Program
programming language.
Defined handling of exceptions (e.g. divisions by zero,
9 Program overflow, variable range checking etc.) which forces the
system into a defined safe state.
No recursive programming, except in well tried standard C.2.6.7
libraries, in approved operating systems, or in high-level
10 Program language compilers. For these exceptions separate stacks for
separate tasks shall be provided and controlled by a memory
management unit.
Documentation of programming library interfaces and

11 Program operating systems at least as complete as the user program
itself.
Plausibility checks on data relevant to safety functions, e.g. C.2.5/C.3.1
12 Program
input patterns, input ranges, internal data.
If any operational mode can be invoked for testing or EN 61508-1:2001,
13 Program validation purposes normal operation of the lift shall not be 7.7.2.1
possible until this mode has been terminated.
Reach a safe state with due consideration to the system A.7/A.9
Communication system reaction time in a bus communication system with safety
(external and internal) functions in case of loss of communication or a fault in a bus
participant.
No reconfiguration of the CPU-bus system, except during the C.3.13
boot procedure.
15 Bus system
NOTE: Periodical refresh of the CPU-bus system is not
considered as being reconfiguration.
No reconfiguration of I/O lines, except during the boot C.3.13
procedures.
16 I/O handling
NOTE: Periodical refresh of the I/O configuration registers is
not considered as being reconfiguration.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.