IEC TS 62998-1:2019

IEC TS 62998-1 ®
Edition 1.0 2019-05
TECHNICAL
SPECIFICATION
colour
inside
Safety of machinery –
Safety-related sensors used for the protection of persons
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
IEC TS 62998-1 ®
Edition 1.0 2019-05
TECHNICAL
SPECIFICATION
colour
inside
Safety of machinery –
Safety-related sensors used for the protection of persons

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 13.110; 21.020 ISBN 978-2-8322-6819-3

– 2 – IEC TS 62998-1:2019 © IEC 2019
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 9
2 Normative references . 10
3 Terms and definitions . 10
3.1 Characteristics and performance criteria . 11
3.2 Dependability . 12
3.3 Procedures and architectural deliberations . 14
3.4 Terms related to system . 16
3.5 Fusion. 18
3.6 Safety related information . 18
3.7 Test . 20
3.8 User groups . 22
3.9 Verification and validation . 22
4 Lifecycle and interconnection to safety-related electrical control systems (SCS) . 24
4.1 General . 24
4.2 Hazard and risk analysis . 26
4.2.1 General . 26
4.2.2 Hazard caused by SRS/SRSS. 27
4.2.3 Required SRS/SRSS performance class . 28
4.3 Correspondence SRS/SRSS performance class . 28
5 Design and development phase . 29
5.1 General . 29
5.2 SRS/SRSS functions . 29
5.3 Design analysis. 30
5.4 Simulation . 30
5.5 Sensing zone(s) . 31
5.6 Safety related zone . 31
5.7 Automation related zone . 31
5.8 Detection capability and dependability . 31
5.8.1 General . 31
5.8.2 Object classes and physical properties . 32
5.8.3 Environmental influences . 33
5.9 User interface . 37
5.9.1 General . 37
5.9.2 Mounting . 37
5.9.3 Safety related information . 37
6 Integration and installation phase . 40
6.1 General . 40
6.2 Fusion of SRS into an SRSS . 40
6.2.1 General . 40
6.2.2 Limits of use after fusion . 41
6.2.3 Detection capability after fusion . 41
6.2.4 Sensing zone(s) after fusion . 42
6.2.5 Dependability under environmental condition after fusion . 42
6.2.6 Safety related information after fusion . 42

6.2.7 SRSS performance class after fusion . 43
6.2.8 Response time after fusion . 44
6.2.9 Verification and validation after fusion . 44
6.3 Calibration at user side . 44
6.3.1 General . 44
6.3.2 Calibration procedure and equipment . 45
6.3.3 Verification and validation of calibration . 45
7 Operation, maintenance and modification phases . 45
8 Verification and validation . 46
8.1 General . 46
8.2 Verification of an SRS/SRSS . 46
8.3 Validation of an SRS/SRSS . 47
8.4 Analysis . 48
8.5 Test . 49
8.5.1 General . 49
8.5.2 Test classification . 49
8.5.3 Test method and test setup . 50
8.5.4 Test piece . 51
8.5.5 Test plan and test results . 51
9 Information for use . 52
Annex A (informative)  Examination of systematic capabilities . 54
Annex B (informative) User groups . 55
B.1 User groups of SRS/SRSS and groups addressed by this document . 55
B.2 User groups addressed by fusion . 55
Annex C (informative)  Functional decomposition and/or integration . 58
Annex D (normative) Generation and application of simulation models . 59
D.1 General . 59
D.2 Recommendations for use. 59
D.3 Simulation objectives and measures to achieve them . 59
D.4 Verification. 62
Annex E (informative) Child properties and behaviour . 64
E.1 General . 64
E.2 Sizes of parts of body . 64
Annex F (informative) Environmental influences . 68
F.1 General . 68
F.2 Example 1 for application of environmental influences . 68
F.3 Example 2 for application of environmental influences . 70
Annex G (informative) Faults, failures and influences resulting in a loss of SRS/SRSS
safety related function. 71
G.1 General . 71
G.2 Failure to danger . 74
G.3 Normal operation . 75
G.4 Signal to initiate the fault reaction function and confidence information as
part of safety related information . 75
Annex H (informative) Test aspects . 77
H.1 General . 77
H.2 Mechanical influence test . 77
Annex I (informative)  Examples of functions, safety related information and fusion . 81

– 4 – IEC TS 62998-1:2019 © IEC 2019
I.1 Example of functions . 81
I.2 Example of safety related information . 82
I.3 Example of fusion . 83
Bibliography . 87

Figure 1 – Measurement accuracy and measurement uncertainty . 12
Figure 2 – Example 1 of SRS architecture . 24
Figure 3 – Example 2 of SRS architecture . 25
Figure 4 –Example of SRSS architecture . 25
Figure 5 – Interconnection of an SRS/SRSS into hazard and risk analysis . 27
Figure 6 – Safety related information of an SRS/SRSS . 38
Figure A.1 – Example for examination of systematic capabilities using safety related
sensor standards . 54
Figure C.1 – Interconnection of functions and objects . 58
Figure C.2 – Example of functions performed in an SRSS . 58
Figure D.1 – Verification process . 62
Figure E.1 – Body height children . 65
Figure E.2 – Chest depth children . 66
Figure E.3 – Head width children . 66
Figure E.4 – Head length children . 67
Figure G.1 – Combination of faults, failures or errors resulting in additional risk

throughloss of safety function or bypassing . 72
Figure G.2 – Analysis of systematic capabilities during design and development to
prevent systematic faults resulting in failure to danger . 73
Figure G.3 – Mode of action for systematic fault resulting in fault reaction function . 76
Figure G.4 – Mode of action for errors resulting in appropriate confidence information . 76
Figure I.1 – Example of SRS applied on driveway intersection . 81
Figure I.2 – Example of SRS/SRSS providing decision and confidence information . 82
Figure I.3 – Example of SRS/SRSS providing measurement and confidence
information . 83
Figure I.4 – First dxample of fusion of 2 SRS into an SRSS with combined sensing

zones . 84
Figure I.5 – Fusion of SRS safety related information . 84
Figure I.6 – Approach of verification and validation based on SRS Information for use
and SRSS Safety Requirement specification . 85
Figure I.7 – Second example of fusion of 2 SRS into an SRSS with combined sensing
zones . 86

Table 1 – Correspondence between level of safety performance and minimum

required SRS/SRSS performance class . 29
Table 2 – Functions of an SRS/SRSS as applicable . 30
Table 4 – Limits for failure to danger condition (loss of the detection capability) due to
environmental interference for high demand mode . 35
Table 5 – Minimum required coverage probability/decision probability at high
demand rate . 39
Table 6 – Maximum applicable SRSS performance class after fusion using two SRS . 44

Table 7 – Means to be used for evaluation of verification measures and verification
results . 47
Table 8 – Overview of information for use to be provided . 52
Table B.1 – Roles and task of addressed user groups . 55
Table B.2 – Addressed user groups for different integration types using sensing unit,

SRS/ SRSS as element or SRS as subsystem . 56
Table D.1 – Simulation objectives and measures for SRS/SRSS of low complexity . 60
Table D.2 – Simulation objectives and measures for SRS/SRSS of high complexity . 61
Table E.1– Body height children . 64
Table E.2 – Chest depth children . 65
Table E.3 – Head width children . 66
Table E.4 – Head length children . 67
Table F.1 – Example 1 of environmental influence and classes according to
IEC 60721-3-5 . 69
Table F.2 – Example 2 of environmental influence and classes according to
IEC 60721-3-3 . 70
Table G.1 – Demand rates used for the calculation of Table G.2 values . 74
Table G.2 – Limits for failure to danger condition (loss of the detection capability) due
to environmental influence for high demand mode . 74
Table H.1 – Example of test plan and test result for mechanical influence test . 78

– 6 – IEC TS 62998-1:2019 © IEC 2019
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
SAFETY OF MACHINERY –
Safety-related sensors used for the protection of persons

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC
Publication(s)"). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. In
exceptional circumstances, a technical committee may propose the publication of a Technical
Specification when
• the required support cannot be obtained for the publication of an International Standard,
despite repeated efforts, or
• the subject is still under technical development or where, for any other reason, there is the
future but no immediate possibility of an agreement on an International Standard.
Technical Specifications are subject to review within three years of publication to decide
whether they can be transformed into International Standards.
IEC TS 62998-1, which is a Technical Specification, has been prepared by IEC technical
committee TC 44: Safety of machinery – Electrotechnical aspects.

The text of this Technical Specification is based on the following documents:
Draft TS Report on voting
44/826/DTS 44/839A/RVDTS
Full information on the voting for the approval of this Technical Specification can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts in the IEC 62998 series, published under the general title Safety of
machinery, can be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates that it
contains colours which are considered to be useful for the correct understanding of its contents.
Users should therefore print this document using a colour printer.

– 8 – IEC TS 62998-1:2019 © IEC 2019
INTRODUCTION
Safety related sensors are applied to machinery presenting a risk of personal injury. They
provide protection by causing the machine to revert to a safe condition before a person can
be placed in a hazardous situation.
IEC 61496 (all parts) provides design and performance requirements of electro-sensitive
protective equipment (ESPE). It gives a clear but limited guideline for
– specific sensor technologies (like optical sensors) or sensing functions (like capability to
detect a specified object);
– typical conditions representing indoor use in industrial environment;
– detection of objects representing parts of body of adults using the properties geometry
and reflectivity;
– design, functional requirements and tests in accordance with ESPE specific safety
performance classification in types (2,3 and 4).
Autonomous systems like automated guided vehicles ( AGV), service robotics or human
machine interaction in industries show an increasing demand, for example in
– new sensor technologies (e.g. radar, ultrasonic sensors),
– new kind of sensor functions (e.g. classification of objects, position of an object), and
– combination of different sensor technologies in a sensor system.
Sensor manufacturers or integrators use in such cases generic functional safety standards
as guideline for the safety related product design. Generic functional safety standards like
IEC 61508 (all parts) or sector specific machinery standards like IEC 62061 or ISO 13849 (all
parts) are general and product design can be carried out without inappropriate limitations.
Applying these standards would require a dedicated analysis of systematic capabilities of a
sensor or sensor system (e.g. dependability of the sensing function under tolerance
conditions and environmental influences). There is not enough guidance given in these
standards to prevent design failures or insufficient capability to detect the specified object in
certain environmental conditions. This can result in an intolerable risk for persons.
This document fills the gap for the examination of systematic capabilities between d es i gn
specific sensor standards and generic functional safety standards of electrical,
electronic or programmable electronic control systems.
NOTE 1 Examples for the examination of systematic capabilities by using different safety related sensor
standards are given in Annex A.
This document is addressed to safety related sensor manufacturers and integrators of safety
related sensors into a safety related sensor system.
NOTE 2 Examples for addressed user groups are given in Annex B.

SAFETY OF MACHINERY –
Safety-related sensors used for the protection of persons

1 Scope
This Technical Specification gives requirements for the development and integration of safety
related sensors (SRS) and safety related sensor systems (SRSS) used for protection of
persons with special attention to systematic capabilities.
This generic standard only applies if
– protection of persons is to be performed by using sensors, and
– standards for functional safety of electrical control systems address sensor(s) as
subsystem or subsystem element, and
– product specific sensor standards (e.g. IEC 61496 (all parts), IEC 60947-5-2) do not
contain all necessary provisions, or product specific sensor standards are not developed.
The approach of examination of systematic capabilities by using different safety related
sensor standards is described in Annex A.
The requirements and methods within this document are limited to the purpose of protection
of persons
– by detection of potentially hazardous objects,
– by detection of a body, parts of a body and objects associated to parts of a body entering
a hazardous area, or
– by classification respective discrimination of these against other objects.
NOTE 1 Application of SRS/SRSS in public can require detecting not only of persons, but also their associated
equipment, for example wheelchairs, walking sticks or infusion stands.
Performance classes of sensors and sensor systems are defined in accordance with existing
functional safety standards (e.g. IEC 62061, IEC 61508 (all parts), and ISO 13849 (all parts)).
NOTE 2 T here will be no definitions of or interconnections to the types as defined in IEC 61496-1 within this
document to simplify and prevent misuse. Simplification for end users is achieved by correlation to existing PL,
SIL or SIL .
cl
Special attention is given to the sensing function and dependability of the detection capability.
Environmental influences and tests for indoor and outdoor use are defined which influence
the sensing function and dependability of the detection capability.
NOTE 3 Environmental influences, their classification and test procedures are primarily specified in accordance
with generic environmental standards. More specific requirements and tests are only described in absence of
respective standards.
This document can be relevant to applications other than those for the protection of persons
in industries, for example, for the protection of persons in public like agriculture or metro
stations.
This document does not consider and address proven in use (e.g. processes or elements) as
done in IEC 61508-2.
– 10 – IEC TS 62998-1:2019 © IEC 2019
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and
are indispensable for its application. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any
amendments) applies.
IEC 60068 (all parts), Environmental testing
IEC 60204-1, Safety of machinery – Electrical equipment of machines – Part 1: General
requirements
IEC 60721 (all parts), Classification of environmental conditions
IEC 60825-1, Safety of laser products – Part 1: Equipment classification and requirements
IEC 61010-1, Safety requirements for electrical equipment for measurement, control, and
laboratory use – Part 1: General requirements
IEC 61508 (all parts), Functional safety of electrical/electronic/programmable electronic safety-
related systems
IEC 61496-1:2012, Safety of machinery – Electro-sensitive protective equipment – Part 1:
General requirements and tests
IEC 62061:2005, Safety of machinery – Functional safety of safety-related electrical,
electronic and programmable electronic control systems
IEC 62061:2005/AMD1:2012
IEC 62061:2005/AMD2:2015
IEC 62471, Photobiological safety of lamps and lamp systems
ISO 7250 (all parts), Basic human body measurements for technological design
ISO 13849 (all parts), Safety of machinery – Safety-related parts of control systems
ISO 25119 (all parts), Tractors and machinery for agriculture and forestry – Safety-related
parts of control systems
ISO 26262 (all parts), Road vehicles – Functional safety
CEN/CENELEC Guide 14, Child safety – Guidance for its inclusion in standards
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp

3.1 Characteristics and performance criteria
3.1.1
automation related zone
part of the sensing zone within which specified objects(s) are detected in order to perform an
automation related function
3.1.2
safety-related zone
part of the sensing zone within which specified safety related object(s) will be detected
3.1.3
sensing zone
zone defined by length, area or volume within which objects are detected and an SRS or
SRSS function is performed
3.1.4
systematic capability
measure (expressed on a scale of SC 1 to SC 4) of the confidence that the systematic safety
integrity of an element meets the requirements of the specified SIL, in respect of the specified
element safety function, when the element is applied in accordance with the instructions
specified in the compliant safety manual for the element
Note 1 to entry: Systematic capability is determined with reference to the requirements for the avoidance and
control of systematic faults (see IEC 61508-2 and IEC 61508-3).
Note 2 to entry: What a relevant systematic failure mechanism is, will depend on the nature of the element. For
example, for an element comprising solely software, only software failure mechanisms will need to be considered.
For an element comprising hardware and software, it will be necessary to consider both systematic hardware and
software failure mechanisms.
Note 3 to entry: A systematic capability of SC N for an element, in respect of the specified element safety
function, means that the systematic safety integrity of SIL N has been met when the element is applied in
accordance with the instructions specified in the compliant item safety manual for the element.
[SOURCE: IEC 61508-4:2010, 3.5.9]
3.1.5
detection
determination of the presence and/or value of a physical property
Note 1 to entry: As example classification can be a step of detection containing other steps like reception of
physical signal and filtering.
3.1.6
detection capability
ability to perform the detection within the limits of use as specified by the manufacturer
3.1.7
loss of detection capability
event of SRS/SRSS when detection is not achieved within the limits of use as specified by the
manufacturer
Note 1 to entry: A loss of detection could result from a degradation of detection capability. A degradation could be
of interest for analysis of reduced integrity of detection resulting in a dangerous state.
3.1.8
physical property
individual measurable property of an object being observed

– 12 – IEC TS 62998-1:2019 © IEC 2019
3.1.9
measurement accuracy
accuracy of measurement
accuracy
closeness of agreement between a measured quantity value and a true quantity value of a
measurand
SEE: Figure 1.
Figure 1 – Measurement accuracy and measurement uncertainty
[SOURCE: ISO/IEC Guide 99:2007, 2.13, modified – The notes to entry have been removed,
and the figure has been added.]
3.1.10
measurement uncertainty
non-negative parameter characterizing the dispersion of the quantity values being attributed
to a measurand, based on the information used
[SOURCE: ISO/IEC Guide 99:2007, 2.26, modified – The two other terms "uncertainty of
measurement" and "uncertainty" has been removed as well as the notes to entry.]
3.2 Dependability
3.2.1
availability
ability to be in a state to perform as required
Note 1 to entry: Availability depends upon the combined characteristics of the reliability (192-01-24),
recoverability (192-01-25), and maintainability (192-01-27) of the item, and the maintenance support performance
(192-01-29).
Note 2 to entry: Availability may be quantified using measures defined in Section 192-08, Availability related
measures.
[SOURCE: IEC 60050-192:2015, 192-01-23]
3.2.2
dependability
ability to perform as and when required
Note 1 to entry: Dependability includes availability (192-01-23), reliability (192-01-24), recoverability (192-01-25),
maintainability (192-01-27), and maintenance support performance (192-01-29), and, in some cases, other
characteristics such as durability (192-01-21), safety and security.
Note 2 to entry: Dependability is used as a collective term for the time-related quality characteristics of an item.

[SOURCE: IEC 60050-192:2015, 192-01-22, modified – The specific use "of an item" given
after the term has been removed.]
3.2.3
reliability
ability to perform as required, without failure, for a given time interval, under given conditions
Note 1 to entry: The time interval duration can be expressed in units appropriate to the item concerned, for
example calendar time, operating cycles, distance run, etc., and the units should always be clearly stated.
Note 2 to entry: Given conditions include aspects that affect reliability, such as: mode of operation, stress levels,
environmental conditions, and maintenance.
Note 3 to entry: Reliability can be quantified using measures defined in Section 192-05, Reliability related
concepts: measures.
[SOURCE: IEC 60050-192:2015, 192-01-24, modified – The specific use "of an item" given
after the term has been removed.]
3.2.4
error
discrepancy between a computed, observed or measured value or condition, and the true,
specified or theoretically correct value or condition
[SOURCE: IEC 60050-192:2015, 192-03-02, modified – The notes to entry have been
removed.]
3.2.5
failure
termination of the ability of an item to perform a required function
Note 1 to entry: After failure, the item has a fault.
Note 2 to entry: "Failure" is an event, as distinguished from "fault", which is a state.
Note 3 to entry: This concept, as defined, does not apply to items consisting of software only.
Note 4 to entry: In practice, the terms "fault" and "failure" are often used synonymously.
3.2.6
failure to danger
failure which results in the inability to perform the safety related function within the stated
response time
3.2.7
fault
inability to perform as required, due to an internal state
Note 1 to entry: A fault of an item results from a failure, either of the item itself, or from a deficiency in an earlier
stage of the life cycle, such as specification, design, manufacture or maintenance. See latent fault (192-04-08).
Note 2 to entry: Qualifiers, such as specification, design, manufacture, maintenance or misuse, may be used to
indicate the cause of a fault.
Note 3 to entry: The type of fault may be associated with the type of associated failure, for example wear-out fault
and wear-out failure.
Note 4 to entry: The adjective "faulty" designates an item having one or more faults.
[SOURCE: IEC 60050-192:2015, 192-04-01, modified – The specific use "of an item" given
after the term has been removed.]

– 14 – IEC TS 62998-1:2019 © IEC 2019
3.3 Procedures and architectural deliberations
3.3.1
risk analysis
systematic use of available information to identify hazards and to estimate the risk
[SOURCE: ISO/IEC Guide 51:2014, 3.10]
3.3.2
risk reduction measure
protective measure
action or means to eliminate hazards or reduce risks
EXAMPLE Inherently safe design; protective devices; personal protective equipment; information for use and
installation; organization of work; training; application of equipment; supervision.
[SOURCE: ISO/IEC Guide 51:2014, 3.13]
3.3.3
tolerable risk
level of risk that is accepted in a given context based on the current values of society
[SOURCE: ISO/IEC Guide 51:2014, 3.15, modified – The note to entry has been removed.]
3.3.4
design and development
activities that take an idea or requirement and transform these into a product
Note 1 to entry: The process of design and development usually follows a series of defined steps starting with an
initial idea, transforming that into a formal specification, and resulting in the creation of a working prototype and
whatever documentation is required to support production of the goods or provision of the service.
[SOURCE: IEC 62430:2009, 3.1]
3.3.5
simulation
modelling of an SRS/SRSS or of subparts via calculation or via a software behavioural model
used for a systematic and/or stochastic analysis of functional performance and the correct
dimensioning and interaction of its subsystems
3.3.6
calibration
set of operations which establishes, by reference to standards, the relationship which exists,
under specified conditions, between an indication and a result of a measurement
Note 1 to entry: This term is based on the "uncertainty" approach.
Note 2 to entry: The relationship between the indications and the results of measurement can be expressed, in
principle, by a calibration diagram.
Note 3 to entry: Standards used as reference could be scale of length objects located in the sensing zone
continuously or temporarily.
Note 4 to entry: Within this document, only calibration at the user side is specifically addressed. Calibration used
during production of an SRS/SRSS is a measure which can be used to achieve the stated detection capability at
manufacturer side, is part of analysis during design and development and not specifically addressed.
[SOURCE: IEC 60050-311:2001, 311-01-09, modified – Notes 3 and 4 to entry have been
added.]
3.3.7
calibration procedure
documented, verified, and validated procedure that specifically describes a set of operations
used in the performance of particular
...