Do We Really Need a New Safety Standard?

Author:
By: Patrick Le Fevre, Powerbox

Date
09/30/2019

 PDF
Understanding the history, background and motivations behind changes in standards helps reduce the frustrations caused by those changes

Figure 1: IEC/EN 62368-1 is not a merge of the two standards IEC/EN 60065 and IEC/EN 60950 but a completely new one introducing a new way of working

Safety regulations have been in place for decades in the power industry and as we know only too well, all have been through lots of revisions. And although each revision has made them more stringent and tailored to our businesses, we have become familiar with designing products to conform to latest versions. So why do safety authorities change things that have been in place for so many years?

This is a question we hear so many times from power designers and without knowing the history and background it would be difficult to understand the motivation for IEC/EN 62368-1. Indeed, the transition from a well-established 1952 standard to something fundamentally different requires some explanation.

On the road to 2020-20-12

On December 20, 2020 the safety standard IEC/EN 62368-1 for High Technology Products will become applicable in Europe and U.S.A, and will supersede IEC/EN 60065 and IEC/EN 60950. The empowerment of IEC/EN 62368-1 is an important step forwards, principally aiming to make audio/video, information and communication technology products safer but in fact its implications within the electronics industry, and the range of products concerned goes far beyond the defined segment.

It seems December 20, 2020 is a long ways off, however if we consider the time it will take to: Identify legacy products and/or components to transition from IEC/EN 60065/60950 to IEC/EN 62368-1 ; identify and mitigate any potential non-compliance issues and how to solve them ; and to learn about the new standard and how it’s going to affect new designs and change our way of working, there is no time to lose.

Origins

Over 20 years ago, safety and standardization experts considered that the growing number of equipment incorporating communications accessible to professional and non-professional users might require specific safety standards for what will become the so called Information and Communication Technologies (ICT).

In the late nineties, the old 1952 IEC/EN 60065 standard governing audio/video equipment went through six revisions and despite IEC/EN 60950 governing safety in IT equipment being released in October 2001, when taking into consideration technology roadmaps presented by the ICT leaders (e.g. Ericsson, Cisco, Nokia), safety and regulatory experts realized that when billions of connected devices are released to the market, IEC/EN 60065 and IEC/EN 60950 might not be sufficiently relevant without mentioning applications that in those days were more science fiction than reality.

In 2001, the International Electrotechnical Commission (IEC) merged two technical committees, TC74 (data processing equipment and office machines) and TC92 (electronic equipment for household and similar equipment), to form Technical Committee 108 (TC108) responsible for the safety of electronic equipment within the field of audio/video, information and communication technology (Figure 1).

TC 108 was the formal starting point of a project to develop a new standard suitable for the changing telecommunications industry. A massive amount of work took place drafting the foundations of what in June 2010 materialized as the first edition of IEC/EN 62368-1.

What’s new in 62368-1?

First of all, it is important to understand that IEC/EN 62368-1 is not a merger of IEC/EN 60065 and IEC/EN 60950, but a completely new standard introducing a new way of working.

Taking into consideration that the wave of new products in audio/video, ICT and related areas will be used by a large number of professional and non-professional users, but also that a number of new applications including communications outside the scope of the existing IEC/EN 60065 and IEC/EN 60950 might not be covered by those standards or require a complex revision of them, TC 108 adopted a fundamental different approach.

Instead of developing a new ‘restrictive and directive’ standard, it decided to develop a new one based on the best practices already defined by the European Computer Manufacturers Association (ECMA) in ECMA-287.

ECMA-287 is a safety standard for electronic equipment developed in the late nineties to respond to new market conditions in that business segment. ECMA-287 is a hazard-based engineering standard that defines a hazard as an energy source that exceeds the limits of the human body’s susceptibility to harm.

The first edition was released in 1999, followed in December 2002 by the second edition. The final draft of the second edition was used by the IEC TC108 Hazard Based Development Team as the master reference when developing IEC/EN 62368-1.

Incident-based vs. Hazard-based

Historically, safety standards follow a set of rules and criteria developed around an Incident-based methodology. This methodology has the principle of using the inversion of bad experiences, analysis of historically based incidents, and prescribing limited acceptable constructional methods for a specific business segment and range of applications.

Looking back, many safety standards revisions have been related to incidents with the potential to cause damage, and revision after revision set the rules for specific business segments. It worked well when the target segment was stable, but not so in the case of rapid evolution and new applications outside the original scope. IEC/EN 60950 and IEC/EN 60065 are very direct in how to design products, but slow to update for the regulators and costly for companies to re-qualify products.

A standard with too narrow a scope is limiting and restricting in its application. If we consider the speed of introduction of new technologies and connected devices released every year, it makes it almost impossible for regulatory bodies to align standards. It may be anecdotal, but how do you certify safety for an immersed power supply for servers in datacenters, which is a type of equipment not even considered possible a few years ago?

It is obvious that in new market conditions, incident-base standards have reached their limits and that was the reason for TC-108 to consider a new way of working.

Hazard-based Safety Engineering (HBSE) has been used for more than 25 years in other industries, and used by their regulatory agencies as a reference when elaborating safety standards. HBSE is a methodology that defines a hazard as an energy source that exceeds the limits of the body’s susceptibility to injury, defining a number of processes to guarantee users’ safety.

Based on the expertise and implementation of ECMA-287 to electronic equipment, IEC/EN 62368-1 extended the standard to cover a wider category of equipment and applications which due to time constraints were not covered by ECMA-287 Revision 2.

Moving from incident-based to hazard-based safety standards is a journey, and if for medical power supply designers used to IEC 60601-1 and risk assessment methodology it is a relatively simple one, for many others it will mean learning a new way of working.

Define hazards before anything else

The HBSE principle integrates safety in the very early stages of the product design cycle, so that subsequent product design eliminates them (figure 2). To do that, designers use best practice engineering supported by research and field data, including the risk of injuries, relevant equipment standards and pilot documents.

What is new for many is that HBSE not only covers electrical shock as it was in previous standards but many other potential hazards and energy sources. To simplify, the HBSE principle can be simplified in three bullet points:

•      All potential hazards capable of causing pain or damage to users are taken into account. Such dangers could be for example, electrical shock energy, mechanical energy, electrically caused fire, chemical energy, thermal energy and radiation energy (including acoustic or optical energy).

•      Proper safeguard schemes for hazard prevention are applied.

•      The effectiveness of these schemes is measured.

During the design process, when an energy source and a hazard is identified, the designers will have to consider how that energy could be transferred to a user and what would be the level of risk of injury. IEC/EN 62368-1 classifies three levels of energy sources, from not painful to injury (figure 3). As it is defined in the standard, the three categories apply to the effect on the user (body) and effect on combustible materials.

Once that is done, designers will have to guarantee proper safeguards and to measure their effectiveness (Figure 2).

Click image to enlarge

Figure 2: The Hazard-Based Safety Engineering (HBSE) principles integrates safety in the very early stage in the product design cycle, so that subsequent product design eliminates them

 

 

Click image to enlarge

Figure 3: Three classes of energy sources from not painful to injury

 

New terminologies and approach

Moving from incident-based to hazard-based methodology necessitates the need to understand HBSE nomenclature and best practices. New terminologies have been introduced in IEC/EN 62368-1 such as ‘Energy Sources’ and ‘Safeguards’. Simplification has also been introduced, for example Safety Extra Low Voltage (SELV) and Limited Current Circuits (LCC) referred to in 60950-1 have been combined, now falling under Energy Source Class 1, which is the level ordinary persons are allowed to access.

In the case of any hazard that may affect the user and/or operator, Class 2 and class 3 safeguards must be interposed between the energy source and the body.

Understanding the terminology is key to the learning process of IEC/EN 62368-1.

New applications

Since its first version, IEC/EN 62368-1 has been through three revisions, the latest one (Rev. 3) being in October 2018. The third edition took into consideration a large range of new applications. Five new application areas have been added. These are outdoor equipment, insulating liquids, work cells, wireless power transmitters, and fully isolated winding wire (FIW). There are also three new requirements for other areas - optical radiation, an alternative method for the determination of top, bottom and side openings for fire enclosures, and alternative requirements for sound pressure.

Considering the case of a power supply immersed in cooling liquid used to power a cloud mass-data server (Figure 4), the power supply is tested according to IEC/EN 62368-1, ensuring that it works safely (no risk of injury for user) but also that its insulation shouldn’t deteriorate during its lifetime. In this case the cooling liquid, which is non-flammable and exhibits a very high electrical impedance is part of the safeguard, was definitely not included in previous safety standards.

 

Powerbox

RELATED

 


-->