Chapter 39
Safety
Any electronic equipment must be designed for safe operation. Most countries have some form of product liability legislation which puts the onus on the manufacturer to ensure that his product is safe. The responsibility devolves onto the product design engineer, to take reasonable care over the safety of the design. This includes ensuring that the equipment is safe when used properly, that adequate information is provided to enable its safe use, and that adequate research has been carried out to discover, eliminate or minimize risks due to the equipment.
There are various standards relating to safety requirements for different product sectors. In some cases, compliance with these standards is mandatory. In the European Community, the Low Voltage Directive (73/23/EEC) applies to all electrical equipment with a voltage rating between 50 and 1000VAC or 75 and 1500VDC, with a few exceptions, and requires member states to take all appropriate measures:
“To ensure that electrical equipment may be placed on the market only if, having been constructed in accordance with good engineering practice in safety matters in force in the Community, it does not endanger the safety of persons, domestic animals or property when properly installed and maintained and used in applications for which it was made.”
If the equipment conforms to a harmonized CENELEC or internationally agreed standard, then it is deemed to comply with the Directive. Examples of harmonized standards are EN 60065:1994, “Safety requirements for mains-operated electronic and related apparatus for household and similar general use,” which is largely equivalent to IEC Publication 60065 of the same title; or EN 60950-1:2002, “Information technology equipment. Safety. General requirements,” equivalent to IEC 60950-1. Proof of compliance can be by a Mark or Certificate of Compliance from a recognized laboratory, or by the manufacturer’s own declaration of conformity. The Directive includes no requirement for compulsory approval for electrical safety.
39.1 The Hazards of Electricity
The chief dangers (but by no means the only ones, see Table 39.1) of electrical equipment are the risk of electric shock, and the risk of a fire hazard. The threat to life from electric shock depends on the current which can flow in the body. For AC, currents less than 0.5 mA are harmless, while those greater than 50–500 mA (depending on duration) can be fatal.† Protection against shock can be achieved simply by limiting the current to a safe level, irrespective of the voltage. There is an old saying, “It’s the volts that jolts, but the mils that kills.” If the current is not limited, then the voltage level in conjunction with contact and body resistance determines the hazard. A voltage of less than 50V AC rms, isolated from the supply mains or derived from an independent supply, is classified as a Safety Extra-Low Voltage (SELV) and equipment designed to operate from an SELV can have relaxed requirements against the user being able to contact live parts.
Table 39.1 Some safety hazards associated with electronic equipment
| Hazard | Main risk | Source |
| Electric shock | Electrocution, injury due to muscular contraction, burns | Accessible live parts |
| Heat or flammable gases | Fire, burns | Hot components, heatsinks, damaged or overloaded components and wiring |
| Toxic gases or fumes | Poisoning | Damaged or overloaded components and wiring |
| Moving parts, mechanical instability | Physical injury | Motors, parts with inadequate mechanical strength, heavy or sharp parts |
| Implosion/explosion | Physical injury due to flying glass or fragments | CRTs, vacuum tubes, overloaded capacitors and batteries |
| Ionizing radiation | Radiation exposure | High-voltage CRTs, radioactive sources |
| Nonionizing radiation | RF burns, possible chronic effects | Power RF circuits, transmitters, antennas |
| Laser radiation | Damage to eyesight, burns | Lasers |
| Acoustic radiation | Hearing damage | Loudspeakers, ultrasonic transducers |
Aside from current and voltage limiting, other measures to protect against electric shock are:
39.2 Safety Classes
IEC publication 60536 classifies electrical equipment into four classes according to the method of connection to the electrical supply and gives guidance on forms of construction to use for each class. The classes are:
Class 0: Protection relies on basic functional insulation only, without provision for an earth connection. This construction is unacceptable in the UK.
Class I: Equipment is designed to be earthed. Protection is afforded by basic insulation, but failure of this insulation is guarded against by bonding all accessible conductive parts to the protective earth conductor. It depends for its safety on a satisfactory earth conductive path being maintained for the life of the equipment.
Class II: The equipment has no provision for protective earthing and protection is instead provided by additional insulation measures, such as double or reinforced insulation. Double insulation is functional insulation, plus a supplementary layer of insulation to provide protection if the functional insulation fails. Reinforced insulation is a single layer which provides equivalent protection to double.
Class III: Protection relies on supply at safety extra low voltage and voltages higher than SELV are not generated. Second-line defenses such as earthing or double insulation are not required.
39.3 Insulation Types
As outlined above, the safety class structure places certain requirements on the insulation which protects against access to live parts. The basis of safety standards is that there should be at least two levels of protection between the casual user and the electrical hazard. The standards give details of the required strength for the different types of insulation, but the principles are straightforward:
39.3.1 Basic Insulation
Basic insulation provides one level of protection but is not considered fail-safe, and the other level is provided by safety earthing. A failure of the insulation is therefore protected against by the earthing system.
39.3.2 Double Insulation
Earthing is not required because the two levels of protection are provided by redundant insulation barriers, one layer of basic plus another supplementary; if one fails the other is still present, and so this system is regarded as fail-safe. The double-square symbol 
indicates the use of double insulation.
39.3.3 Reinforced Insulation
Two layers of insulation can be replaced by a single layer of greater strength to give an equivalent level of protection.
39.4 Design Considerations for Safety Protection
The requirement for inaccessibility has a number of implications. Any openings in the equipment case must be small enough that the standard test finger, whose dimensions are defined in those standards that call up its use, cannot contact a live part (Figure 39.1). Worse, small suspended bodies (such as a necklace) that can be dropped through ventilation holes must not become live. This may force the use of internal baffles behind ventilation openings.
Figure 39.1 The test finger and the suspended foreign body
Protective covers, if they can be removed by hand, must not expose live parts. If they do, they must only be removable by use of a tool. Or, use extra internal covers over live portions of the circuit. It is anyway good practice to segregate high-voltage and mains sections from the rest of the circuit and provide them with separate covers. Most electronic equipment runs off voltages below 50V and, provided the insulation offered by the mains isolating transformer is adequate, the signal circuitry can be regarded as being at SELV and therefore not live.
Any insulation must, in addition to providing the required insulation resistance and dielectric strength, be mechanically adequate. It will be dropped, impacted, scratched and perhaps vibrated to prove this. It must also be adequate under humid conditions: hygroscopic materials (those that absorb water readily, such as wood or paper) are out. Various standards define acceptable creepage and clearance distances versus the voltage proof required. As an example, EN 60065 allows 0.5 mm below 34V rising to 3 mm at 354V and extrapolated thereafter; distances between PCB conductors are slightly relaxed, being 0.5 mm up to 124V, increasing to 3 mm at 1240V. Creepage distance (Figure 39.2) denotes the shortest distance between two conducting parts along the surface of an insulating material, while clearance distance denotes the shortest distance through air.
Figure 39.2 Creepage and clearance distance
Easily discernible, legible and indelible marking is required to identify the apparatus and its mains supply, and any protective earth or live terminals. Mains cables and terminations must be marked with a label to identify earth, neutral and live conductors, and class I apparatus must have a label which states “WARNING: THIS APPARATUS MUST BE EARTHED.” Fuse holders should also be marked with their ratings and mains switches should have their “off” position clearly shown. If user instructions are necessary for the safe operation of the equipment, they should preferably be marked permanently on the equipment.
Any connectors which incorporate live conductors must be arranged so that exposed pins are on the dead side of the connection when the connector is separated. When a connector includes a protective earth circuit, this should mate before the live terminals and unmate after them. (The CEE-22 6A connector as an example.)
39.5 Fire Hazard
It is taken for granted that the equipment won’t overheat during normal operation. But you must also take steps to ensure that it does not overheat or release flammable gases to the extent of creating a fire hazard under fault conditions. Any heat developed in the equipment must not impair its safety. Fault conditions are normally taken to mean short-circuits across any component, set of terminals or insulation that could conceivably occur in practice (creepage and clearance distances are applied to define whether a short circuit would occur across insulation), stalled motors, failure of forced cooling and so on.
The normal response of the equipment to these types of faults is a rise in operating current, leading to local heating in conductors. The normal protection method is by means of current limiting, fuses, thermal cutouts or circuit breakers in the supply or at any other point in the circuit where over-current could be hazardous. As well as this, flame-retardant materials should be used wherever a threat of overheating exists, such as for pcb base laminates.
Fuses are cheap and simple but need careful selection in cases where the prospective fault current is not that much higher than the operating current. They must be easily replaceable, but this makes them subject to abuse from unqualified users (hands up, anyone who hasn’t heard of people replacing fuselinks with bent nails or pieces of cigarette-packet foil). The manufacturer must protect his liability in these cases by clear labeling of fuseholders and instructions for fuse replacement.
Thermal cutouts and circuit breakers are more expensive, but offer the advantage of easy resetting once the fault has cleared. Thermal devices must obviously be mounted in close thermal contact with the component they are protecting, such as a motor or transformer.
† IEC Publication 60479 gives further information.