When establishing the Performance Level the hardware is also assessed. Any single malfunction in some of these parts may not result in the loss of the safety function and each malfunction must be detected.
To realize this dual processors are used. A big processor for all functionalities and a smaller one for checking all vital processes; Diagnostic coverage (DC).
Redundant circuits are mandatory for remote controls that fall under Category 2 (ISO13849-1).
Redundant relays with forced contacts
By applying these relays dangerous faults such as sticky contacts can be recognised safely. To further increase this safety the relays are doubled (redundant).
Safety relays with forced contacts are used for installations that have a limited amount of safety functions and realise logical couplings, such as the emergency stop button.
This post is also available in: German French Dutch