IEC TR 62685:2010

IEC/TR 62685 ®
Edition 1.0 2010-12
TECHNICAL
REPORT
RAPPORT
TECHNIQUE
colour
inside
Industrial communication networks – Profiles –
Assessment guideline for safety devices using IEC 61784-3 functional safety
communication profiles (FSCPs)

Réseaux de communication industriels – Profils –
Lignes directrices pour l’évaluation des appareils de sécurité utilisant les profils
de communication pour la sécurité fonctionnelle (FSCP) de la CEI 61784-3

IEC/TR 62685:2010
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form

or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester.
If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication,

please contact the address below or your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni
utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et les

microfilms, sans l'accord écrit de la CEI ou du Comité national de la CEI du pays du demandeur.

Si vous avez des questions sur le copyright de la CEI ou si vous désirez obtenir des droits supplémentaires sur cette

publication, utilisez les coordonnées ci-après ou contactez le Comité national de la CEI de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 info@iec.ch
Switzerland www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

Useful links:
IEC publications search - www.iec.ch/searchpub Electropedia - www.electropedia.org
The advanced search enables you to find IEC publications The world's leading online dictionary of electronic and
by a variety of criteria (reference number, text, technical electrical terms containing more than 30 000 terms and
committee,…). definitions in English and French, with equivalent terms in
It also gives information on projects, replaced and additional languages. Also known as the International
withdrawn publications. Electrotechnical Vocabulary (IEV) on-line.

IEC Just Published - webstore.iec.ch/justpublished Customer Service Centre - webstore.iec.ch/csc
Stay up to date on all new IEC publications. Just Published If you wish to give us your feedback on this publication
details all new publications released. Available on-line and or need further assistance, please contact the
also once a month by email. Customer Service Centre: csc@iec.ch.

A propos de la CEI
La Commission Electrotechnique Internationale (CEI) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications CEI
Le contenu technique des publications de la CEI est constamment revu. Veuillez vous assurer que vous possédez
l’édition la plus récente, un corrigendum ou amendement peut avoir été publié.

Liens utiles:
Recherche de publications CEI - www.iec.ch/searchpub Electropedia - www.electropedia.org
La recherche avancée vous permet de trouver des Le premier dictionnaire en ligne au monde de termes
publications CEI en utilisant différents critères (numéro de électroniques et électriques. Il contient plus de 30 000
référence, texte, comité d’études,…). termes et définitions en anglais et en français, ainsi que
Elle donne aussi des informations sur les projets et les les termes équivalents dans les langues additionnelles.
publications remplacées ou retirées. Egalement appelé Vocabulaire Electrotechnique
International (VEI) en ligne.
Just Published CEI - webstore.iec.ch/justpublished
Service Clients - webstore.iec.ch/csc
Restez informé sur les nouvelles publications de la CEI.
Just Published détaille les nouvelles publications parues. Si vous désirez nous donner des commentaires sur
Disponible en ligne et aussi une fois par mois par email. cette publication ou si vous avez des questions
contactez-nous: csc@iec.ch.
IEC/TR 62685 ®
Edition 1.0 2010-12
TECHNICAL
REPORT
RAPPORT
TECHNIQUE
colour
inside
Industrial communication networks – Profiles –

Assessment guideline for safety devices using IEC 61784-3 functional safety

communication profiles (FSCPs)

Réseaux de communication industriels – Profils –

Lignes directrices pour l’évaluation des appareils de sécurité utilisant les profils

de communication pour la sécurité fonctionnelle (FSCP) de la CEI 61784-3

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
PRICE CODE
INTERNATIONALE
CODE PRIX U
ICS 13.160; 35.100.05 ISBN 978-2-83220-721-5

– 2 – TR 62685  IEC:2010
CONTENTS
FOREWORD . 4

INTRODUCTION . 6

1 Scope . 7

2 Normative references . 7

3 Terms, definitions, symbols and abbreviations . 9

3.1 Terms and definitions . 9

3.2 Symbols and abbreviations . 11
4 General . 12
5 Test bed and operations . 13
6 General test conditions . 14
7 Climatic tests . 15
8 Mechanical tests. 15
9 Markings and identification . 16
10 User manual . 16
11 Electromagnetic immunity . 17
11.1 Test bed for EMC testing . 17
11.2 Existing EMC standards for functional safety . 17
11.3 Phase I testing (normal immunity) . 17
11.4 Phase II testing (increased immunity) . 19
11.5 Rules . 20
12 Electrical safety . 20
12.1 General . 20
12.2 Ingress protection (IP) . 21
12.3 Insulation rating. 21
12.4 Electrical shock . 21
12.5 Clearance and creepage distances . 21
12.6 Flame-retardancy . 21
13 Suitability of components . 21
14 Simple circumvention . 22
15 Explosive atmosphere . 22

16 Field verification (process automation devices) . 22
Annex A (informative) Comparison of immunity levels in several IEC standards . 24
Annex B (informative) Product, sector and application specific requirements . 27
Bibliography . 28

Figure 1 – Environmental view on safety functions . 6
Figure 2 – Example of a mixed module remote I/O . 12
Figure 3 – Example test bed for EMC and other testing . 14
Figure 4 – Example of application areas within an automation application . 17
Figure 5 – Generic procedural model for safety EMC testing (part 1) . 18
Figure 6 – Generic procedural model for safety EMC testing (part 2) . 19
Figure 7 – EMC mitigation using a cabinet . 20
Figure 8 – Justification for field verification with process automation devices . 22

TR 62685  IEC:2010 – 3 –
Table 1 – Overview of the environmental tests for safety devices . 13

Table 2 – General test conditions. 14

Table A.1 – Comparison of immunity levels . 24

– 4 – TR 62685  IEC:2010
INTERNATIONAL ELECTROTECHNICAL COMMISSION

____________
INDUSTRIAL COMMUNICATION NETWORKS –

PROFILES –
Assessment guideline for safety devices using IEC 61784-3

functional safety communication profiles (FSCPs)

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of

patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. However, a
technical committee may propose the publication of a technical report when it has collected
data of a different kind from that which is normally published as an International Standard, for
example "state of the art".
IEC 62685, which is a technical report, has been prepared by subcommittee 65C: Industrial
networks, of IEC technical committee 65: Industrial-process measurement, control and
automation.
This bilingual version (2013-04) corresponds to the monolingual English version, published in
2010-12.
TR 62685  IEC:2010 – 5 –
The text of this technical report is based on the following documents:

Enquiry draft Report on voting

65C/610/DTR 65C/626/RVC
Full information on the voting for the approval of this technical report can be found in the

report on voting indicated in the above table.

The French version of this standard has not been voted upon.

This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 6 – TR 62685  IEC:2010
INTRODUCTION
During the development of IEC 61784-3:2010, the need was recognized for a separate

document covering environmental tests, proofs and information checks, which were currently

specified in the German document GS-ET-26 [37] . This document has been one of the

starting points for IEC 61784-3 and most of its contents have been already taken into account

in IEC 61784-3. The material related to environmental tests, proofs and information checks

has been transformed, updated and supplemented into this new document.

NOTE IEC 61784-3 explains the relevant principles for functional safety communications with reference to

IEC 61508 series and specifies several safety communication layers (profiles and corresponding protocols) based
on the communication profiles and protocol layers of IEC 61784-1, IEC 61784-2 and the IEC 61158 series.

The combination of the IEC 61508 series , with its new view on complete safety functions,
and of the FSCPs in the IEC 61784-3 series, eases the implementation of safety functions.
Further benefits can be achieved, if the environmental conditions can be defined and
harmonized for FSCP devices.
The objective of this document is to specify the requirements for FSCP devices on how to
fulfill environmental and deployment conditions. It addresses the needs of designers,
manufacturers, assessment bodies, and test laboratories.
Figure 1 provides a basic overview on safety functions, FSCP devices and the impact of the
environment. It demonstrates the necessity of harmonized environmental requirements.

IEC  2535/10
Figure 1 – Environmental view on safety functions

___________
Numbers in square brackets refer to the Bibliography.
In this Technical Report, “IEC 61508” is used for “IEC 61508 series”.

TR 62685  IEC:2010 – 7 –
INDUSTRIAL COMMUNICATION NETWORKS –

PROFILES –
Assessment guideline for safety devices using IEC 61784-3

functional safety communication profiles (FSCPs)

1 Scope
This Technical Report provides information about the assessment aspects of safe
communication such as test beds, proof of increased interference immunity (EMC for
functional safety), electrical safety, and other environmental requirements.
This document is only applicable to safety devices for functional safety communication which
are developed according to IEC 61508 and IEC 61784-3.
NOTE This document does not cover the more complex aspects of preserving existing devices and applications in
the field and migration from safety rules before IEC 61508.
The scope covers general industrial environments such as defined in IEC 61131-2 or
IEC 61000-6-2 and process automation environments such as those covered in the IEC 61326
series.
Reference is made to the ERS (Equipment Requirements Specification) and/or SRS (Safety
Requirements Specification) of a particular safety application to verify the necessary immunity
of devices and systems according to IEC 61508.
2 Normative references
The following referenced documents are indispensable for the application of this document.
For dated references, only the edition cited applies. For undated references, the latest edition
of the referenced document (including any amendments) applies.
IEC 60068-2 (all parts) , Environmental testing – Part 2-x: Tests
IEC 60079 (all parts) , Explosive atmospheres
IEC 60300-3-2, Dependability management – Part 3-2: Application guide – Collection of

dependability data from the field
IEC 60721-3 (all parts) , Classification of environmental conditions – Part 3 Classification of
groups of environmental parameters and their severities
IEC 60721-3-1, Classification of environmental conditions – Part 3 Classification of groups of
environmental parameters and their severities – Section 1: Storage
IEC 60721-3-2, Classification of environmental conditions – Part 3: Classification of groups of
environmental parameters and their severities – Section 2: Transportation
___________
Relevant parts of the series depend on the context – see detailed requirements in the following clauses.

– 8 – TR 62685  IEC:2010
IEC 60721-3-3, Classification of environmental conditions – Part 3-3: Classification of groups

of environmental parameters and their severities – Stationary use at weatherprotected

locations
IEC/TS 61000-1-2, Electromagnetic compatibility (EMC) – Part 1-2: General – Methodology

for the achievement of functional safety of electrical and electronic systems including

equipment with regard to electromagnetic phenomena

IEC 61000-4-3, Electromagnetic compatibility (EMC) – Part 4-3: Testing and measurement

techniques – Radiated radio-frequency electromagnetic field immunity test

IEC 61000-4-6, Electromagnetic compatibility (EMC) – Part 4-6: Testing and measurement
techniques – Immunity to conducted disturbances, induced by radio-frequency fields
IEC 61000-6-2, Electromagnetic compatibility (EMC) – Part 6-2: Generic standards –
Immunity for industrial environments
IEC 61010 (all parts) , Safety requirements for electrical equipment for measurement, control,
and laboratory use
IEC 61131-2:2007, Programmable controllers – Part 2: Equipment requirements and tests
IEC 61241 (all parts) , Electrical apparatus for use in the presence of combustible dust
IEC 61326 (all parts) , Electrical equipment for measurement, control and laboratory use –
EMC requirements
IEC 61326-1, Electrical equipment for measurement, control and laboratory use – EMC
requirements – Part 1: General requirements
IEC 61326-3-1, Electrical equipment for measurement, control and laboratory use – EMC
requirements – Part 3-1: Immunity requirements for safety-related systems and for equipment
intended to perform safety-related functions (functional safety) – General industrial
applications
IEC 61326-3-2, Electrical equipment for measurement, control and laboratory use – EMC
requirements – Part 3-2: Immunity requirements for safety-related systems and for equipment
intended to perform safety-related functions (functional safety) – Industrial applications with
specified electromagnetic environment

IEC 61496-1, Safety of machinery – Electro-sensitive protective equipment – Part 1: General
requirements and tests
IEC 61496-1, Amendment 1 (2007)
IEC 61508 (all parts), Functional safety of electrical/electronic/programmable electronic
safety-related systems
IEC 61508-2:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 2: Requirements for electrical/electronic/programmable electronic
safety-related systems
IEC 61508-3:2010, Functional safety of electrical/electronic/programmable electronic safety-
related systems – Part 3: Software requirements
___________
Relevant parts of the series depend on the context – see detailed requirements in the following clauses.

TR 62685  IEC:2010 – 9 –
IEC 61511 (all parts), Functional safety – Safety instrumented systems for the process

industry sector
IECEx 61779-x (all parts), IECEx Test Report for IEC 61779-x (1998) ed 1.0 – Electrical

apparatus for the detection and measurement of flammable gases

IEC 61784-3 (all parts) , Industrial communication networks – Profiles – Functional safety

fieldbuses
IEC 61784-3:2010, Industrial communication networks – Profiles – Part 3: Functional safety

fieldbuses – General rules and profile definitions

IEC 62013 (all parts) , Caplights for use in mines susceptible to firedamp
IEC 62061, Safety of machinery – Functional safety of safety-related electrical, electronic and
programmable electronic control systems
IECEx 62086-1, IECEx Test Report for IEC 62086-1 (2001) ed 1.0 – Electrical apparatus for
explosive gas atmospheres – Electrical resistance trace heating – Part 1: General and testing
requirements
ISO 13849-1, Safety of machinery – Safety-related parts of control systems – Part 1: General
principles for design
3 Terms, definitions, symbols and abbreviations
3.1 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1.1
communication system
arrangement of hardware, software and propagation media to allow the transfer of messages
(ISO/IEC 7498 application layer) from one application to another
3.1.2
error
discrepancy between a computed, observed or measured value or condition and the true,
specified or theoretically correct value or condition

[IEC 61508-4:2010], [IEC 61158]
NOTE 1 Errors may be due to design mistakes within hardware/software and/or corrupted information due to
electromagnetic interference and/or other effects.
NOTE 2 Errors do not necessarily result in a failure or a fault.
3.1.3
failure
termination of the ability of a functional unit to perform a required function or operation of a
functional unit in any way other than as required
NOTE 1 The definition in IEC 61508-4 is the same, with additional notes.
[IEC 61508-4:2010, modified], [ISO/IEC 2382-14.01.11, modified]
___________
Relevant parts of the series depend on the context – see detailed requirements in the following clauses.

– 10 – TR 62685  IEC:2010
NOTE 2 Failure may be due to an error (for example, problem with hardware/software design or message

disruption).
3.1.4
fault
abnormal condition that may cause a reduction in, or loss of, the capability of a functional unit

to perform a required function

NOTE IEV 191-05-01 defines “fault” as a state characterized by the inability to perform a required function,

excluding the inability during preventive maintenance or other planned actions, or due to lack of external
resources.
[IEC 61508-4:2010, modified], [ISO/IEC 2382-14.01.10, modified]

3.1.5
fieldbus
communication system based on serial data transfer and used in industrial automation or
process control applications
3.1.6
hazard
state or set of conditions of a system that, together with other related conditions will inevitably
lead to harm to persons, property or environment
3.1.7
message
ordered series of octets intended to convey information
[ISO/IEC 2382-16.02.01, modified]
3.1.8
performance level (PL)
discrete level used to specify the ability of safety-related parts of control systems to perform a
safety function under foreseeable conditions
[ISO 13849-1]
3.1.9
risk
combination of the probability of occurrence of harm and the severity of that harm
NOTE For more discussion on this concept see Annex A of IEC 61508-5:2010.
[IEC 61508-4:2010], [ISO/IEC Guide 51:1999, definition 3.2]

3.1.10
safety communication layer (SCL)
communication layer that includes all the necessary measures to ensure safe transmission of
data in accordance with the requirements of IEC 61508
3.1.11
safety data
data transmitted across a safety network using a safety protocol
NOTE The safety communication layer does not ensure safety of the data itself, only that the data is transmitted
safely.
3.1.12
safety device
device designed in accordance with IEC 61508 and which implements the functional safety
communication profile
TR 62685  IEC:2010 – 11 –
3.1.13
safety function
function to be implemented by an E/E/PE safety-related system or other risk reduction

measures, that is intended to achieve or maintain a safe state for the EUC, in respect of a

specific hazardous event
NOTE The definition in IEC 61508-4 is the same, with an additional example and reference.

[IEC 61508-4:2010, modified]
3.1.14
safety function response time
worst case elapsed time following an actuation of a safety sensor connected to a fieldbus,
before the corresponding safe state of its safety actuator(s) is achieved in the presence of
errors or failures in the safety function channel
NOTE This concept is introduced in IEC 61784-3:2010, 5.2.4 and addressed by the functional safety
communication profiles defined in the other parts of the IEC 61784-3 series.
3.1.15
safety integrity level (SIL)
discrete level (one out of a possible four), corresponding to a range of safety integrity values,
where safety integrity level 4 has the highest level of safety integrity and safety integrity level
1 has the lowest
NOTE 1 The target failure measures (see IEC 61508-4:2010, 3.5.17) for the four safety integrity levels are
specified in Tables 2 and 3 of IEC 61508-1:2010.
NOTE 2 Safety integrity levels are used for specifying the safety integrity requirements of the safety functions to
be allocated to the E/E/PE safety-related systems.
NOTE 3 A safety integrity level (SIL) is not a property of a system, subsystem, element or component. The correct
interpretation of the phrase “SILn safety-related system” (where n is 1, 2, 3 or 4) is that the system is potentially
capable of supporting safety functions with a safety integrity level up to n.
[IEC 61508-4:2010]
3.1.16
safety measure
measure to control possible communication errors that is designed and
implemented in compliance with the requirements of IEC 61508
NOTE 1 In practice, several safety measures are combined to achieve the required safety integrity level.
NOTE 2 Communication errors and related safety measures are detailed in IEC 61784-3:2010, 5.3 and 5.4.

3.1.17
safety-related application
programs designed in accordance with IEC 61508 to meet the SIL requirements of the
application
3.1.18
safety-related system
system performing safety functions according to IEC 61508
3.2 Symbols and abbreviations
EMC Electromagnetic Compatibility
EMF Electromagnetic Field
ESD Electrostatic Discharge
EUC Equipment Under Control [IEC 61508-4:2010]

– 12 – TR 62685  IEC:2010
EUT Equipment Under Test
E/E/PE Electrical/Electronic/Programmable [IEC 61508-4:2010]

Electronic
FS Functional Safety
FSCP Functional Safety Communication Profile

IP Ingress Protection
PC Performance Criterium
PDS Power Drive System
PL Performance Level [ISO 13849-1]
RF Radio Frequency
SIL Safety Integrity Level [IEC 61508-4:2010]
SR Safety Relevant
4 General
As a general rule, the environmental and electrical safety requirements should be the same
as for non-safety devices, except EMC, where more stringent requirements apply (see
Clause 11). Thus, designers and users are not forced to consider many different standards.
IEC 61131-2 is such a standard that is considered to provide minimum requirements for non-
safety and for safety fieldbus devices, as well as for devices combining non-safety and safety
modules (see Figure 2). More specific or stringent requirements may be defined by sector,
application specific, or product standards.
Fieldbus with FSCP
0 0
0 0
7 7
7 7
Head Non safety- Safety-
station related I/O related I/O
modules modules
IEC 61131-2 / IEC 61131-2 /
IEC 61010 IEC 61010 +
IEC 6xxxx/WDC
IEC  2536/10
NOTE The relative positions of safety and non safety modules shown here are only examples.
Figure 2 – Example of a mixed module remote I/O
This guideline applies to general industrial environments such as defined in IEC 61131-2 or
IEC 61000-6-2 and process automation environments such as those covered in the IEC 61326
series (see Table 1).
TR 62685  IEC:2010 – 13 –
Table 1 – Overview of the environmental tests for safety devices

Issue Factory automation Process automation Remarks

(machinery, industrial (specified
environments such as electromagnetic

defined in IEC 61000-6-2) environment)

Test bed and operations See Clause 5 See Clause 5 Concepts include but are

not limited to barriers,
Extensions of the test bed
FISCO (Fieldbus Intrinsi-
for intrinsically safe
cally Safe Concept), etc.
fieldbus physics
General test conditions See Clause 6 See Clause 6

Depending on the
deployment area: See
classification in the
IEC 60721-3 series
Climatic tests See Clause 7 See Clause 7,
classifications in
IEC 60721-3-3
Mechanical tests See Clause 8, IEC 61131-2 See Clause 8,
classifications in
IEC 60721-3-1
Markings and See Clause 9 See Clause 9
identification
User manual See Clause 10 See Clause 10
Electromagnetic See Clause 11 See Clause 11 See Figure 4 for selection
immunity of the appropriate
IEC 61326-3-1 with special IEC 61326-3-2
standard
requirements in
IEC 61496-1
Electrical safety See Clause 12 See Clause 12
Ingress protection (IP) See 12.2 See 12.2, type "field
device" shall be ≥ IP65,
other types ≥ IP20
Insulation rating See 12.3 See NOTE
Electrical shock See 12.4 See 12.4
Clearance and creepage See 12.5 See NOTE
distances
Flame-retardancy See 12.6 See NOTE
Suitability of components See Clause 13 See Clause 13
Simple circumvention See Clause 14 See Clause 14
Explosive atmosphere - See Clause 15

Field verification - See Clause 16 SIL2 devices designed to
achieve SIL3 via e.g.
1oo2 shall have software
designed for SIL3
Product, sector and See Annex B See Annex B
application specific
requirements
NOTE Usually no requirements, exceptions possible depending on deployment.

5 Test bed and operations
As far as feasible, all parts of a safety bus system shall be tested together. Otherwise, parts
of a safety bus system can be tested separately. In this case, reference systems (test beds)
or simulators shall be defined by the particular FSCPs and made available. Effectiveness of
all implemented safety measures as well as conformance to a particular FSCP shall be proved
by the test bed software.
– 14 – TR 62685  IEC:2010
A test bed shall be chosen that takes into account worst case conditions, for example shortest

possible connections of devices. Signals that are required for the safety function shall be

emulated.
Relevant operational modes shall be defined such as cyclic data exchange of safety process

values or acyclic data exchange of safety parameterization data.

Figure 3 shows an example test bed for EMC and other testing. It is highly recommended for

FSCPs to define their appropriate test beds in order to achieve situations close to worst case

topologies and repeatable and comparable test results. In addition, it is highly recommended

to specify the critical network operations during testing.

Cu, 2mm
1)
One device to be a standard FSCP x/y FSCP x/y
1) 1)
fieldbus device Device Device
2)
Example for electric discharge
test
1m
1m
FSCP x/y
FSCP x/y FSCP x/y
Device
1) 1)
Device Device
(EUT)
>=1m 1m
2)
10 cm
Decoupling for
Cu, 2mm
Fieldbus
absence of reaction
IEC  2537/10
Figure 3 – Example test bed for EMC and other testing
6 General test conditions
During the tests, the equipments under test (EUT) shall be operated at the test conditions
outlined in the product documentation or at the conditions defined by the particular safety
communication profile.
Default test conditions are specified in Table 2.
Table 2 – General test conditions

Item Test conditions
Equipment power supply Rated voltage and frequency
Temperature 15 °C to 35 °C
Relative humidity
≤ 75 %
Barometric pressure 86 kPa to 106 kPa
Outputs Rated load
Pollution (see 12.5) Pollution degree 2 (temporarily through condensation)

The tests shall ensure that the safety bus system meets the specified technical data. At the
beginning of each test sequence, the correct operation of the equipment under test shall be
verified. Objective of the tests is to proof that the equipment under test performs during all the
tests according to its safety-related specifications.

TR 62685  IEC:2010 – 15 –
The test criteria are (amongst others):

• Operation of the equipment under test as intended in the technical specifications

• No destruction of components in the equipment under test (except EMC)

• No faulty or unexpected operation of the equipment under test (except EMC)

• No indications of overheating of any component

• No active part that intentionally carries dangerous voltages shall be touchable

• No damage to the housing
Uncertainties of measurement shall not exceed the following limits:

• for the measurement of reaction times: ±1 ms
• for temperature measurements: ±3 K
• for electrical measurements: ±1 %, as far as technically feasible and sensible
• for the measurement of relative humidity (RH): ±3 % RH
All measurements shall be carried out after stable temperature conditions have been reached.
This can be assumed when the temperature increase or decrease is less than 2 K/h.
7 Climatic tests
Climatic tests concern dry heat, cold, and cyclic damp heat withstand according to
IEC 61131-2.
Safety devices intended for safety instrumented systems (process automation) are classified
according to IEC 60721-3-3 and tested according to applicable parts of the IEC 60068-2
series.
Assessment: Inspections of information provided by the manufacturer and/or tests shall be
carried out.
8 Mechanical tests
All components of bus systems for the transmission of safety data shall have a sufficient
mechanical strength against the expected stresses, for example vibration, shock, impact, and
rigidity according to IEC 61131-2.

For components intended to be mounted on vibrating machinery, extended tests shall be
applied according to the individual safety requirement specification or to an applicable product
standard.
NOTE An example of such applicable product standards is IEC 61496-1 (electro-sensitive protective equipment).
Safety devices intended for safety instrumented systems (process automation) are classified
according to IEC 60721-3-2 and shall be tested according to the IEC 60068-2 series.
Assessment: Mechanical tests shall be carried out according to the standards specified in this
subclause, or more stringent standards specified by the manufacturer in accordance with the
application scope. Performance criterion A applies.

– 16 – TR 62685  IEC:2010
9 Markings and identification
The safety components shall be marked according to IEC 61131-2 and/or relevant parts of the

IEC 61010 series.
The minimum size of symbols, letters and figures shall be 2 mm. The inscriptions shall be

durable.
Assessment: Inspection/measurement of the inscriptions (completeness, correctness,

unambiguity), rubbing each for 15 s with a water and a gasoline soaked cloth; afterwards, the

inscriptions shall be clearly legible, labels shall not be detached.

10 User manual
The EUT shall come with a user manual that allows for proper installation, configuration,
parameterization, programming, commissioning, troubleshooting, maintenance, and
decommissioning. It shall consider and cover all the appropriate issues listed in:
• IEC 61131-2, Clause 7 (general information to be provided by the manufacturer);
• IEC 61508-2:2010, Annex D (safety manual for compliant items);
• IEC 61508-3:2010, 7.4.2.12 and Annex D (safety manual for compliant items, additional
requirements for software elements);
• IEC 61784-3-x, 9.7 (safety manual of a particular safety communication profile).
These documents require, as far as applicable, the following items:
a) Intended use
b) Name of the manufacturer (brand, picture mark)
c) Type designation or serial number
d) Nominal operating voltage(s) with indication of voltage type and frequency
e) Power/current consumption
f) SIL claim according IEC 61508. In case of factory automation additionally PL/Category
according to ISO 13849-1 (successor of EN 954-1 [28]).
g) Statements on parameterization, configuration and programming as far as required
h) Advice on how to determine the safety function response times and/or maximum reaction
time(s) as required for example by IEC 61784-3 profiles
i) Required short circuit and overvoltage protection means, as far as applicable

j) Operating temperature range
k) Ingress protection class (IPxy); if required, separate statements on the individual
components
l) Rated insulation voltages and the degree of pollution
m) Required wiring and functional description of wiring blocks and connectors
n) Required safety instructions
o) Instructions on how to act in case of faults
p) Proof tests and proof test interval for the safety device
Assessment: Inspection of supplied technical information; check for completeness,
correctness and unambiguity.
TR 62685  IEC:2010 – 17 –
11 Electromagnetic immunity
11.1 Test bed for EMC testing
See Clause 5.
11.2 Existing EMC standards for functional safety

IEC 61784-3 recommends using IEC 61326-3-1 and IEC 61326-3-2 for electromagnetic

immunity requirements.
Figure 4 illustrates the different scopes of these two standards. IEC 61326-3-1 is related to
the machinery related part of an automation application (for example upstream logistics and
downstream logistics), whereas IEC 61326-3-2 is related to the process automation part
(production process) with specified electromagnetic environment, for example Ex-i.

IEC  2538/10
Figure 4 – Example of application areas within an automation application
NOTE In order to generalize the application of IEC 61326-3-1, work on the new generic standard IEC 61000-6-7

(see [11]) has been initiated. This standard will cover EMC requirements for functional safety. This Technical report
will be updated when IEC 61000-6-7 is published.
11.3 Phase I testing (normal immunity)
The EMC tests defined in IEC 61326-3-1 consist of two phases. In phase I the correct
function of a safety EUT shall be tested at the test levels and durations defined in
IEC 61326-1 for non-safety devices. This proposal differs from IEC 61326-3-1. Due to more
stringent requirements in IEC 61000-6-2 than those stated in IEC 61326-1, IEC 61000-6-2
shall be used for phase I EMC testing. Few of the levels and durations are slightly deviating
from IEC 61326-1 (see comparison table in Annex A). The performance criteria for phase I
are the same in both standards:
• Performance criterion A: The device under test shall continue to operate as intended
during and after the test within the specified ranges;
• Performance criterion B: During testing, temporary degradation, or loss of function or
performance which is self-recovering;

– 18 – TR 62685  IEC:2010
• Performance criterion C: During testing, temporary degradation, or loss of function or

performance which requires operator intervention or system reset occurs.

In contrast to IEC 61326-3-1, this proposal excludes performance criterion C as an option for

safety functions during phase I testing except in case of power supply voltage changes.

Figure 5 shows the generic concept for phase I and II testing. In phase II the equipment is

tested with increased test levels and durations according to IEC 61326-3-1 ("increased

immunity" according to IEC 61508).

Start
Apply tests, severity levels and performance criteria according to IEC
...