IEC 61508 is the international foundation standard for functional safety of electrical, electronic,
and programmable electronic (E/E/PE) safety-related systems. It defines a complete safety lifecycle, methods for
determining acceptable risk, and requirements for designing, implementing, operating, and maintaining safety systems
that protect people, equipment, and the environment from hazardous failures.
Topic:Functional Safety & Industrial Networking
Standard:IEC 61508 – Functional Safety of Electrical/Electronic/Programmable Electronic (E/E/PE) Safety-Related Systems
Figure – IEC 61508 functional safety lifecycle, Safety Integrity Levels (SIL), and Safety Instrumented Systems (SIS).
Overview
IEC 61508 is the international foundation standard for Functional Safety of electrical, electronic,
and programmable electronic systems.
Unlike IEC 62443, which protects systems from intentional cyber threats, IEC 61508 protects people,
equipment and the environment from hazardous failures.
The standard defines a complete safety lifecycle, methods for determining acceptable risk, and
requirements for designing, implementing, operating and maintaining safety systems.
Many industry-specific safety standards are based on IEC 61508, including:
IEC 61511 (Process Industry)
IEC 62061 (Machine Safety)
ISO 13849
IEC 61513 (Nuclear)
IEC 61800-5-2 (Functional Safety of Drives)
Purpose
IEC 61508 aims to ensure that:
Hazards are identified
Risks are reduced to acceptable levels
Safety systems perform correctly when required
Random hardware failures are minimized
Systematic design errors are controlled
Safety functions continue throughout the equipment lifecycle
Why Functional Safety Matters
Industrial plants contain many hazards:
High pressure
High temperature
Rotating equipment
Hazardous chemicals
Explosive atmospheres
High voltage
Heavy machinery
Failures can result in:
Injury or death
Environmental damage
Equipment destruction
Production downtime
Legal liability
Functional safety reduces these risks by ensuring safety systems respond correctly.
Functional Safety vs Cybersecurity
Functional Safety
Cybersecurity
Prevents accidental hazards
Prevents deliberate attacks
IEC 61508
IEC 62443
Random failures
Malicious actors
Equipment failure
Unauthorized access
Protects people
Protects systems and data
Safety Instrumented Systems (SIS)
Firewalls, IDS, Authentication
Modern plants require both.
Cybersecurity failures can compromise safety systems.
Safety systems must therefore also be secured under IEC 62443.
What is Functional Safety?
Functional Safety means:
The automatic protection functions perform correctly whenever required.
Examples include:
Emergency shutdown (ESD)
Burner shutdown
High pressure trip
High temperature shutdown
Motor overspeed protection
Gas detection shutdown
Fire suppression activation
The safety function operates automatically without operator intervention.
Detected faults place the system into a safe condition.
Proof Testing
Not every failure is automatically detected.
Proof testing periodically confirms:
Sensors operate correctly
Logic solver functions correctly
Final elements move correctly
Examples:
Trip testing
Valve stroke testing
ESD testing
Sensor calibration
Safety Lifecycle Documentation
IEC 61508 requires documentation including:
Hazard analysis
Safety requirements specification (SRS)
SIL calculations
Verification records
Validation reports
Maintenance records
Proof test records
Change management
Competency records
Functional Safety Management (FSM)
A management system ensures:
Competent personnel
Defined procedures
Verification
Independent assessment
Documentation
Lifecycle management
Functional Safety is as much about management as technology.
Software Safety
Software must be developed using rigorous processes.
Requirements include:
Requirements traceability
Code reviews
Static analysis
Unit testing
Integration testing
Validation testing
Configuration management
Version control
Higher SIL requires more rigorous development methods.
Industrial Networking Considerations
Industrial communication can affect safety performance.
Networks carrying safety data should provide:
High availability
Deterministic communication
Low latency
Redundancy
Fault detection
Time synchronisation
Error detection
Examples include:
Safety PLC networks
Remote I/O safety networks
Safety fieldbus systems
Safety Ethernet
Functional Safety Communication
Standard Ethernet alone does not provide functional safety.
Safety communication protocols add:
CRC protection
Sequence numbers
Time expectation
Duplicate detection
Source authentication
Data integrity checking
Timeout monitoring
Examples include:
PROFIsafe
CIP Safety
Safety over EtherCAT (FSoE)
OpenSafety
CC-Link Safety
These protocols safely transmit safety data over standard industrial Ethernet while meeting functional safety
requirements.
Functional Safety and IEC 62443
Modern safety systems are increasingly connected.
Cyber attacks may:
Disable SIS
Prevent shutdown
Change safety logic
Modify trip setpoints
Block communications
Disable alarms
IEC 61508 ensures the safety system functions correctly, while IEC 62443 protects it from cyber compromise.
Together they provide Safe and Secure industrial operations.
Advantages
Internationally recognised
Reduces accidents
Protects personnel
Protects the environment
Improves reliability
Supports regulatory compliance
Forms the basis of many safety standards
Encourages lifecycle management
Limitations
Complex implementation
Extensive documentation
Requires specialist expertise
Can be costly
Time-consuming validation
Does not address cybersecurity directly
Requires ongoing maintenance and proof testing
Best Practices
Perform formal hazard and risk assessments.
Determine the required SIL before design.
Keep Safety Instrumented Systems (SIS) independent from the Basic Process Control System (BPCS) where appropriate.
Use certified hardware and software for the target SIL.
Design for diagnostics, redundancy, and fault tolerance.
Conduct regular proof testing and preventive maintenance.
Implement rigorous change management and functional safety management.
Protect safety networks and controllers using IEC 62443 cybersecurity controls.
Maintain complete lifecycle documentation and competency records.
Periodically reassess hazards following plant modifications.
Relationship to Industrial Networking
IEC 61508 influences the design and operation of industrial networks by requiring communication used for safety
functions to be dependable, timely, and fault-tolerant.
Networking considerations include:
Segregation of safety and control traffic where appropriate.
Deterministic network performance to meet safety response times.
Redundant communication paths to improve availability.
Continuous communication diagnostics and fault detection.
Certified safety communication protocols operating over industrial Ethernet.
Secure remote access and network segmentation to prevent cyber threats impacting safety functions.
Integration with redundancy technologies such as ring topologies and redundant controllers.
Common Applications
Oil & Gas Emergency Shutdown (ESD) systems
Chemical plant Safety Instrumented Systems (SIS)
Power generation turbine protection
Mining conveyor emergency stop systems
Water treatment chlorine shutdown systems
High-integrity burner management systems (BMS)
Railway signalling
Machine safety systems
Offshore production facilities
Critical infrastructure protection
Key Takeaways
IEC 61508 is the foundational international standard for functional safety of E/E/PE systems.
Its objective is to reduce risk to an acceptable level by ensuring safety functions operate correctly when demanded.
The standard introduces the Safety Lifecycle, Safety Integrity Levels (SIL), and rigorous requirements for hardware, software, and management.
Safety Instrumented Systems (SIS) implement Safety Instrumented Functions (SIFs) to place processes into a safe state automatically.
Safety communication over industrial networks requires specialised protocols such as PROFIsafe, CIP Safety, and FSoE, which add integrity and diagnostic mechanisms to standard Ethernet.
IEC 61508 addresses accidental and systematic failures, while IEC 62443 addresses cybersecurity threats. Together they provide the foundation for resilient, safe, and secure industrial automation systems.
Relevant Standards
Standard
Purpose
IEC 61508
Functional Safety – Generic standard for E/E/PE safety-related systems
IEC 61511
Functional Safety for the Process Industry (SIS)
IEC 62061
Functional Safety of Machinery Control Systems
ISO 13849
Safety of Machinery – Safety-related Parts of Control Systems
IEC 62443
Industrial Automation and Control Systems Cybersecurity
IEC 61784-3
Functional Safety Communication Profiles (e.g., PROFIsafe, CIP Safety, FSoE)
IEC 61800-5-2
Functional Safety of Variable Speed Drives
IEC 61508 Reference
Refer to: IEC 61508 (all parts), particularly:
Part 1 – General requirements
Part 2 – Requirements for E/E/PE safety-related systems
Part 3 – Software requirements
Part 4 – Definitions and abbreviations
Part 5 – Examples of methods for SIL determination
Part 6 – Guidance on Parts 2 and 3
Part 7 – Overview of techniques and measures
For industrial networking, IEC 61508 should be read alongside IEC 61784-3 (Functional Safety
Communication Profiles) and IEC 62443 to ensure both functional safety and cybersecurity are
addressed within modern Industrial Automation and Control Systems (IACS).
IEC 61508 (all parts): Functional Safety of Electrical/Electronic/Programmable Electronic
(E/E/PE) Safety-Related Systems – the foundational international standard for functional safety.
IEC 61508-1: General requirements for the safety lifecycle and functional safety management.
IEC 61508-2: Requirements for E/E/PE safety-related systems, including hardware fault tolerance
and Safety Integrity Level (SIL) determination.
IEC 61508-3: Software requirements for safety-related systems, including development methods
and verification for each SIL.
IEC 61784-3: Functional Safety Communication Profiles – defines safety communication over
industrial networks (e.g., PROFIsafe, CIP Safety, FSoE).
IEC 62443: Industrial Automation and Control Systems Cybersecurity – apply alongside IEC 61508
to protect safety systems from cyber compromise.