Step-by-step design for safety for power system designers
In the webinar "Step-by-step design for safety for power system designers," David Bourner discussed how to take the stress out of safety certifications. The webinar presented a series of ordered steps that you can follow to help ensure that your next design passes testing the first time. In his presentation, David encourages power engineers first and foremost to locate and refer to the Safety standards in force for your marketplace. The product design team should then:
- Identify areas where isolation is required at system and component levels of design
- Partition high-voltage from low-voltage circuits on circuit boards or other substrates
- Adopt design rules for CAD layout that account for correct creepage and clearance spacings
- Select Safety rated components for fusing, transient suppression and emissions control
- Use a Certified Safety test facility for attaining the appropriate Safety Marks
- Adopt ROUTINE levels of safety testing prior to shipping out the product
This post explains how power designers can use these steps to remove the stress of safety certifications for their next design.
System safety specifications – equipment class for insulation level
The designer must select the appropriate protection method afforded by insulation relating to a given application.
- Class I requires a protective earth connection at the chassis. Any misconnection of a high voltage element to the container of the circuits then has no adverse consequence to the user.
- Class II is the double (or reinforced) isolation category. Two independent insulation barriers or special reinforced insulation prevent conduction of high-voltage to the user or low-voltage circuits.
- Class III systems have no voltages above a 42.2V to 60V ranged window: this is the Safe Electrical Low Voltage (SELV) limit. They operate in the SELV mode and insulation requirements are reduced.
The need for isolation – protecting users from high voltages
The source side of the power system could take AC or DC, but will almost inevitably have high voltages. The source side certainly cannot be assumed to be working in the SELV category. On the user side, the voltages may be lower, but it is still essential to check this to ensure adequate safety provisions. A particular location in the power chain must contain an isolation barrier, separating the high-voltage source side and the low-voltage user side.
Typically, magnetics are used to provide isolation in power systems, where the source connects to primary windings and isolated secondary windings are used to deliver energy to the user side of the system. In many cases, for example isolated power components, these magnetics are located within a module or component: its manufacturer will specify the level of isolation in the datasheet. Check to ensure that the published specification is sufficient for the application. Isolation in the converter is sometimes inadvertently compromised by additional external elements as found for example, in feedback circuits. Components such as opto-couplers may have lower than acceptable isolation voltages. Ensure any feedback circuits are designed to offer the same level or higher levels of isolation compared with the converter to avoid compromising safety.
Get the spacing right
Partitioning high voltage and low voltage circuits into separate domains or areas as part of the PCB layout is regarded as best practice. This will assist in examinations of layout to verify correct creepage and clearance distances. Being important elements of safe power system design, these are specified in technical standards such as IEC60950-1 annex F and IEC60664-1. Clearance is the shortest distance in air between two conductive parts, whereas creepage is the shortest distance along the surface of an insulator between two parts. The minimum distance is defined to ensure that the voltage differences won’t cause breakdown. Contaminants, whether in the air or settled on a PCB often call for wider separation. It is important to consider all components: for example, heatsinks are often not at ground potential and although they are not electronic components, they are part of the set of electrical nodes that define the application circuit.
Atmospheric air pressure and temperature are parameters normally taken as being at Standard Sea Level settings. In applications operating at high altitudes or where air pressure is very low, for example in aerospace or space flight equipment, the use of Paschen characteristics may be required to determine appropriate distances in the atmospheric dielectric. If these prove insupportable, it is necessary to introduce other dielectric materials around the affected circuits.
Deploy safety rated components
Although there are many different types of Safety Rated components, I will discuss two here: Safety capacitors and fuses.
X capacitors are used in differential EMI filters, while Y capacitors are located in certain parts of the circuitry to filter common-mode EMI. These are not standard capacitors: Safety rated capacitors are designed to always fail open circuit to prevent a failure causing a connection to ground. Y capacitors in particular should minimize leakage currents, as these will flow into ground. Standard capacitors should never be used in place of X and Y capacitors. Different classifications will be adopted based in the voltage levels commonly expected in the application front end circuitry.
Fuses are designed to break current flowing in a circuit in the event of a severe fault, whether caused by a ground fault or an internal device failure. They are regarded as the last mechanism that will ultimately prevent a fire. Designers are encouraged to use layers of different types of protections to prevent these and other user-based hazards.
Fuses don’t just have current ratings, they will also be specified with a voltage rating and a speed of opening called an I2t or energy rating. They are derated based on temperature. They should be selected and placed so that adequate clearing under various fault conditions is assured. Some systems will need more than one fuse, depending on the various pathways that electrical energy flows under different system operational scenarios.
Adopt the right kind of pre-shipment product testing
It’s important to assure safety through testing as well as design. In particular, hi-pot testing, where selected circuit terminals are subjected to high voltage is key to ensuring the isolation is functioning as intended in individual products that are then to be shipped to customers. For class I systems, ground bonding tests should also be carried out to ensure that the ground path provides a low-impedance return to the source.
Webinar: Stress free electrical safety