醫療器材檢測是將創新設計變成可靠、適合銷售的產品過程中的重要環節。
醫療器材檢測是將創新設計變成可靠、適合銷售的產品過程中的重要環節。
a. significant risk is related to a function of a medical device, or
b. product specific standard contains explicit requirements related to functional safety.
Significant risk means that there is an unacceptable risk related to a function before risk mitigation measures have been applied or that there is a high severity (e.g. death or serious injury) behind a functional risk regardless of the probability.Simplified architecture |
Suitability and requirements |
Pure control system (C)
"Not suitable" A pure control system (C) is not acceptable for functional safety as it violates item 2) of the philosophy. |
|
Control system + independent shutdown path (C + WD) "Could be acceptable" Requirements for self-tests: - self-tests of C in times ≤ FTT and the category "medium" according to IEC 61508 It might be possible to reduce the self-tests by implementing a diverse (not redundant) control and protective system within the only physical channel. The diversity will be such that no single hardware failure affects both channels in the same way. Potential common-mode-failures still needs be covered by the intense self-tests mentioned before. |
|
Control system + protective system (CP) "The standard case" Requirements for self-tests: - self-test of P in times≤MFOT and the category "simple" according to IEC 61508. The self-test can be done piece by piece or as black-box for the functionality. |
|
Control system + protective system (CPP) "This case used when self-tests are not possible" Requirements for self-tests: - none |
|
Control system + protective system in one piece of hardware (CP in one hardware) "The complex case" Requirements for self-tests: - the level of self-tests needed for the controller (C and P) depends on the diversity of C and P |
Select Your Location
Global
Americas
Asia
Europe
Middle East and Africa