IEC 61784-3:2021/AMD1:2024

IEC 61784-3 ®
Edition 4.0 2024-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
AMENDMENT 1
AMENDEMENT 1
Industrial communication networks – Profiles –
Part 3: Functional safety fieldbuses – General rules and profile definitions

Réseaux de communication industriels – Profils –
Partie 3 : Bus de terrain de sécurité fonctionnelle – Règles générales et
définitions de profils
IEC 61784-3:2021-02/AMD1:2024-04(en-fr)

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni
utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et
les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform IEC Products & Services Portal - products.iec.ch
The advanced search enables to find IEC publications by a Discover our powerful search engine and read freely all the
variety of criteria (reference number, text, technical publications previews, graphical symbols and the glossary.
committee, …). It also gives information on projects, replaced With a subscription you will always have access to up to date
and withdrawn publications. content tailored to your needs.

IEC Just Published - webstore.iec.ch/justpublished
Electropedia - www.electropedia.org
Stay up to date on all new IEC publications. Just Published
The world's leading online dictionary on electrotechnology,
details all new publications released. Available online and once
containing more than 22 500 terminological entries in English
a month by email.
and French, with equivalent terms in 25 additional languages.

Also known as the International Electrotechnical Vocabulary
IEC Customer Service Centre - webstore.iec.ch/csc
(IEV) online.
If you wish to give us your feedback on this publication or need

further assistance, please contact the Customer Service
Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC -  IEC Products & Services Portal - products.iec.ch
webstore.iec.ch/advsearchform Découvrez notre puissant moteur de recherche et consultez
La recherche avancée permet de trouver des publications IEC gratuitement tous les aperçus des publications, symboles
en utilisant différents critères (numéro de référence, texte, graphiques et le glossaire. Avec un abonnement, vous aurez
comité d’études, …). Elle donne aussi des informations sur les toujours accès à un contenu à jour adapté à vos besoins.
projets et les publications remplacées ou retirées.

Electropedia - www.electropedia.org
IEC Just Published - webstore.iec.ch/justpublished
Le premier dictionnaire d'électrotechnologie en ligne au monde,
Restez informé sur les nouvelles publications IEC. Just
avec plus de 22 500 articles terminologiques en anglais et en
Published détaille les nouvelles publications parues.
français, ainsi que les termes équivalents dans 25 langues
Disponible en ligne et une fois par mois par email.
additionnelles. Egalement appelé Vocabulaire

Electrotechnique International (IEV) en ligne.
Service Clients - webstore.iec.ch/csc

Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 61784-3 ®
Edition 4.0 2024-04
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
AMENDMENT 1
AMENDEMENT 1
Industrial communication networks – Profiles –
Part 3: Functional safety fieldbuses – General rules and profile definitions
Réseaux de communication industriels – Profils –
Partie 3 : Bus de terrain de sécurité fonctionnelle – Règles générales et
définitions de profils
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 25.040.40, 35.100.05 ISBN978-2-8322-8279-3
– 2 – IEC 61784-3:2021/AMD1:2024
© IEC 2024
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
INDUSTRIAL COMMUNICATION NETWORKS –
PROFILES –
Part 3: Functional safety fieldbuses –
General rules and profile definitions

AMENDMENT 1
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) IEC draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). IEC takes no position concerning the evidence, validity or applicability of any claimed patent rights in
respect thereof. As of the date of publication of this document, IEC had not received notice of (a) patent(s), which
may be required to implement this document. However, implementers are cautioned that this may not represent
the latest information, which may be obtained from the patent database available at https://patents.iec.ch. IEC
shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to IEC 61784-3:2021 has been prepared by subcommittee 65C: Industrial
networks, of IEC technical committee 65: Industrial-process measurement, control and
automation.
© IEC 2024
The text of this Amendment is based on the following documents:
Draft Report on voting
65C/1284/FDIS 65C/1291/RVD
Full information on the voting for its approval can be found in the report on voting indicated in
the above table.
The language used for the development of this Amendment is English.
This document was drafted in accordance with ISO/IEC Directives, Part 2, and developed in
accordance with ISO/IEC Directives, Part 1 and ISO/IEC Directives, IEC Supplement, available
at www.iec.ch/members_experts/refdocs. The main document types developed by IEC are
described in greater detail at www.iec.ch/publications/.
A list of all parts of the IEC 61784-3 series, published under the general title Industrial
communication networks – Profiles – Functional safety fieldbuses, can be found on the IEC
website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under webstore.iec.ch in the data related to the
specific document. At this date, the document will be
• reconfirmed,
• withdrawn, or
• revised.
_____________
INTRODUCTION to Amendment 1
This Amendment 1 discusses the concepts of a comprehensive channel model for data integrity
calculations for functional safety communications protocols (FSCPs) as specified in
IEC 61784-3:2021. The comprehensive channel model addresses data corruption error types
where multiple contiguous bits are affected by a single fault.
It also reviews typical relationships between the possible errors and the various safety
measures which can be implemented.

– 4 – IEC 61784-3:2021/AMD1:2024
© IEC 2024
3 Terms, definitions, symbols, abbreviated terms and conventions
3.1 Terms and definitions
Add the following new term and definition:
3.1.55
uniformly distributed segment
UDS
segment of a message consisting of contiguous bits within which error patterns are uniformly
distributed
3.2 Symbols and abbreviated terms
3.2.1 Abbreviated terms
Add, at the end of the list, the following new abbreviated term:
UDS uniformly distributed segment

5.4.1 General
Replace, at the beginning of the sentence, "5.4.9" with "5.4.8".

5.4.9 Different data integrity assurance systems
Delete this subclause.
5.5 Typical relationships between errors and safety measures
Replace, at the beginning of the second paragraph, "Actual protection of a measure against
errors" with "The effectiveness of a measure against errors".
Table 1 − Overview of the effectiveness of the various measures on the possible errors
Replace Table 1 (both title and contents) with the following new title and table:

© IEC 2024
Table 1 – Typical relationships between errors and safety measures
Safety measures
Communication errors
Corruption
d
X X
X
(see 5.3.2)
Unintended repetition
X X
(see 5.3.3)
Incorrect sequence
X X
(see 5.3.4)
Loss
X  X
(see 5.3.5)
Unacceptable delay
b
X X
(see 5.3.6)
Insertion
e e a
X X X X
(see 5.3.7)
Masquerade
d
X X X X X X
(see 5.3.8)
Addressing
X
(see 5.3.9)
NOTE Table adapted from IEC 62280:2014, Table 1.
a
Only for sender identification. Detects only insertion of an invalid source.
b
Required in all cases.
c
Void
d
Effective only if feedback message includes original data or information about the original data, and if the
receiver only acts on the data after acknowledging of the feedback message.
e
Effective only if the sequence numbers or time stamps of the source entities are different.

5.8.5.2.5 Contribution of masquerade errors (RR )
M
Add, at the end of the first paragraph, the following new sentence:
This Equation (3) assumes the SPDU structure differs from the structure of non-safety PDUs in
terms of location of the fields of uniqueness.

5.8.6.3 Residual error probability for data integrity RP
I
Add, at the end of the subclause, the following new note:
NOTE Annex I complements Annex B by providing a comprehensive data integrity model using CRC-based error
checking.
Sequence number
(see 5.4.2)
Time stamp
(see 5.4.3)
Time expectation
(see 5.4.4)
Connection
authentication
(see 5.4.5)
Feedback message
(see 5.4.6)
Data integrity
assurance
(see 5.4.7)
Redundancy with
cross checking
(see 5.4.8)
– 6 – IEC 61784-3:2021/AMD1:2024
© IEC 2024
5.8.12.1 General
Replace, in Note 1 and Note 3, "IEC 62061:2005, 6.11.2.3" with "IEC 62061:2021, 6.7.3 and
IEC 62061:2021, 6.7.4".
5.12 Safety manual
Add, at the end of the subclause, the following new text and table:
Table 5 lists the summary of topics to be added in the safety manual of products implementing
IEC 61784-3-x, if relevant.
Table 5 – Topics for the safety manual of products implementing IEC 61784-3-x
# Item Reference Notes
1 Safety function 5.1 and Guidance on the calculations of the PFH or PFDavg for a safety
decomposition 5.8.10 function shall be provided.
PFH, PFDavg
2 FSCP installation 5.7 If the safe behaviour of an FSCP or its provided PFH and PFDavg
aspects values depend on prerequisites made for the underlying
communication channel, these prerequisites should be mentioned in
the manual.
5.8.4 Potential prerequisites include, but are not limited to:
• maximum number of safe network endpoints;
• maximum number of non-safe network endpoints;
• maximum number of network devices (routers, switches);
• maximum or minimum safety PDU and non-safety PDU rates;
• watchdog time.
Where appropriate, it should be explained in the manual how the end
user can verify whether the prerequisites are fulfilled or not.
3 Installation 5.11 The requirements for installation of equipment using the
guideline communication technologies specified in IEC 61784-3 are specified in
IEC 61918 and IEC 61784-5-x.
4 Authenticity 5.8.7.1 According to 5.8.7.1, authenticity requirements shall be met during all
communication phases in 5.6 for which connection authentication is
relevant.
If automatic authenticity checks are not possible for certain phases
(e.g. at first-time connection establishment), this shall be documented.
5 Configuration and 5.8.12.1 Systematic configuration and parameterization errors can only be
parameterization safely prevented by verification and validation. The safety manuals
shall provide the necessary instructions.
(Relevant information see IEC 62061:2021, 6.7.3, 6.7.4 and
ISO 13849-1:2015, 4.6.4)
6 Electrical safety 5.10.1 The safety manual shall specify the constraints required of the devices
connected in a functional safety communication system, whether safety
devices or non-safety devices, including active network elements.
7 Security 5.9 Security shall be considered for safety-related applications that include
functional safety communication systems.
Security of industrial automation and control systems (IACS) is
addressed in IEC 62443 (all parts).
8 Safety function D.4.6 Maximum safety function response time specified by the manufacturer
response time and time required to complete a safety-related reaction shall not be
(SFRT) exceeded, even in the presence of errors and failures.

© IEC 2024
15 Communication Profile Family 18 (SafetyNET p™ Fieldbus) – Profiles for
functional safety
Delete this clause and Footnote 14.

Add, after Annex H, the following new informative Annex I:
Annex I
(informative)
Comprehensive safety communication channel data
integrity model using CRC-based error checking
I.1 Overview
Annex I contains a black channel model for data integrity calculations based on binary
symmetric channel in addition to data corruption faults affecting multiple contiguous bits.
For data integrity calculations of safety communication channels, application of the binary
symmetric channel (BSC) model alone is useful for evaluating comparisons of CRC-based error
checking efficacy. However, it is not sufficient for modeling several data corruption error types.
Annex B recommends use of the BSC model unless a different model can be proven more
applicable for a particular functional safety communications protocol (FSCP). This
recommendation has a history based on a recognition that alternative models were generally
complex and difficult to calculate, and further, using a sufficiently conservative upper limit for
bit error probability P results in sufficiently conservative values for residual error probability
e
RP that can be used to evaluate the relative effectiveness of CRC-based error checking
I
implementations.
This Annex I describes a comprehensive data corruption model which is more applicable than
BSC alone for evaluating the data integrity of FSCPs. In addition to single bit error probability
(BSC), this comprehensive model accounts for faults that affect multiple data bits with a single
fault occurrence. These multiple-bit data faults are a prevalent type of data corruption fault
affecting black channels.
This comprehensive data corruption model adds to the BSC model yet is no more complicated
to calculate because, like BSC, it uses binary distribution. Further, it demonstrates that using
-2
BSC alone, with an upper limit of 10 for P is not sufficiently conservative for evaluating the
e
residual error probability of data corruption errors for FSCPs unless the associated black
channel is shown to exhibit only BSC type errors.
I.2 Basic principles
Although the BSC model accounts for some data corruption errors, a number of data error types,
where multiple contiguous bits are affected by a single fault, are not addressed with BSC alone.
For example, there are data corruption errors that do not follow the BSC model (see [81]):
• burst errors;
• overwrite errors;
• shift errors;
– 8 – IEC 61784-3:2021/AMD1:2024
© IEC 2024
• message length errors;
• bit slipping errors;
• masquerade errors;
• data errors before bit de-stuffing;
• data errors before symbol decoding;
• data errors before decompression;
• data errors before error correction;
• data errors before decryption.
To account for these multiple-bit error types, a comprehensive channel model for data integrity
calculations is needed.
I.3 General case
A comprehensive model has been developed (see [81]) that considers the aforementioned
multiple-bit data corruption error cases by applying approximation modeling using uniformly
distributed segments (UDS) and superimposes this with the BSC model.
The UDS model treats data corruption errors as affected segments of bits within which the error
patterns are uniformly distributed. All possible combinations of affected segment lengths,
positions, and bit values occur with equal probability.
In accordance with mathematical analysis, the UDS model is described by means of a binomial
distribution with probability parameter p up to 0,5. This UDS model is superimposed with the
BSC model (also using binomial distribution) with probability parameter p as described in
BSC
Annex B (using bit error probability P ) up to the limit p .
e max
NOTE 1 p represents a parameter of the binomial distribution for the UDS model, in contrast to its meaning in the
BSC model, where, for example, a P of 0,5 implies a case where on average one out of two bits is erroneous.
e
The comprehensive data corruption residual error probability RP is given by Equation (I.1).
I
Binom UDS Binom UDS
RP≤ max RP (p)×(1-P(f ))+ max RP (p)×P(f )
II I
(I.1)
0≤≤p 0,5
BSC
0pp≤ ≤
max
where
is the comprehensive data corruption residual error probability;
RP
I
BSC
p is the upper limit of the BSC bit error probability;
max
Binom
RP is the residual error probability with binomial distribution;
I
UDS
P(f ) is the probability of occurrence of a fault causing UDS errors.
-2
In the first summand, a maximum bit error probabilit
...