Machine safety networks

Networked safety: Learn everything you wanted to know about safety networks and their functions but were afraid to ask. Machine safety network checklist includes one often overlooked point.


Figure 1: With the Sick Flexi Loop network, up to 32 safety sensors can be connected to one safety controller. Courtesy: SickVery few safety networks existed 10-plus years ago; what existed were covered by little understood safety standards, and most networks were proprietary. In 2014, all kinds of new safety network capabilities and ideas are certified, standardized, and available off the shelf.

Today, there's DeviceNet Safety (CIP Safety), Profisafe, AS-Interface Safety at Work (ASi-SaW), EtherCat FSoE, and Powerlink openSafety, just to name a few machine safety networks. How do you choose a network? There are many features and benefits that make selection a daunting task without significant familiarity with machine safety, let alone safety networks.

Let's take a quick step back and look at where and how safety networks came into play. Safety used to be totally separate from machine control. A stand-alone safety control system performed safety functions, with its own sensors, controllers, and network communications. If a fault occurred, it was the safety system's job to stop the machine and sound an alarm. Although the control system was perfectly capable of performing the same safety functions, the idea was to provide a redundant system in case the main control system failed.

Having a second control system became expensive and awkward. In most cases, machine controls came from one vendor, while the safety system came from another, which complicated engineering, integration, and aftermarket support. So efforts began to consolidate safety functions into machine control systems.

Now safety functions can now be incorporated into control systems, using safety networks to bring sensor information to the control system. Safety PLCs, for example, can perform both control and safety functions, meeting the safety requirements of ANSI and IEC.

Today, machine safety over a network is achieved with redundant or dual-channel systems that monitor for faults and prevent a restart when a fault occurs. But how does redundancy work in a network with only one pair of wires or a single channel of communications? The answer is surprisingly simple: it was recognized and acknowledged in IEC 61508 and other standards that redundancy within communications protocols was sufficient to meet the same levels of safety as dual-channel, hardwired systems. 

Checklist: Questions about safety networks

To determine which safety network is best for a particular environment, ask the following questions.

1. What do you want to achieve? Is the goal to:

  • Just stop the machine safely and nothing more?
  • Know why the machine stopped or complete diagnostics?
  • Configure new safety devices?
  • Both configure and diagnose field devices?

To answer these questions, information is needed about the project budget, how important the machine is to the process, and how much downtime is acceptable.

2. Just as importantly, what level of system security is required? What is the required speed and reliability of the response times? It is of paramount importance that these parameters are easy to determine and within acceptable limits.

3. Are staff members with sufficient training and understanding of the system available? Consider the complexity of configuring and maintaining the system. From my experience, this is the most underestimated factor. I have seen many systems not configured correctly initially, or altered after they were in operation in a manner detrimental to safety.

Two key standards provide guidance. Introduction of performance levels in ISO13849-1 and -2 and the recently adopted ANSI/RIA15.06 Robot and Robot Systems standard provide requirements to design, implement, validate, and maintain safety networks and other programmable safety systems. 

Safety functions over networks

The technical definition of a safety function per ISO12100 is "a function of the machine whose failure can result in an immediate increase in risk(s)." These functions are carried out by the safety related control part of the system and reduce risk to the user. Most safety functions are simple, such as emergency stops and protective stops.

But what about other safety components, such as light curtains, gate switches, safety mats and area scanners, or functions such as muting, bypass or presence-sensing device initiation (PSDI), etc.? These are easily implemented with a safety controller, but some functions can become difficult to perform reliably with a safety network simply because of response times.

For example, in a high-speed packaging line, if the system requires product to enter or leave through a light curtain or a PSDI, the speed at which the product is leaving can present a challenge for even the quickest networked systems.

If muting of the light curtain is performed over a safety network, the light curtain may not mute quickly enough, resulting in a trip of the light curtain. Usually, the culprit is the network and the safety PLC. Together, they have a response time that can exceed the time the product is in front of the muting sensors, thereby triggering the safeguard before it has a chance to be muted. This is an example of asking the system to do too much.

The solution may be to move this particular function off of the network by hardwiring its inputs and outputs directly to the safety PLC or to a separate safety relay.

Safety on a smaller scale

Advanced safety networks can run the most complex machines, although the cost of implementation, programming, engineering, and hardware in such a system may exceed what is necessary.

The point behind new safety performance levels is to allow a user more flexibility in choosing hardware, thus allowing reduction of cost and increased efficiency.

In many cases, machines are not as big and complex from a safety point of view as one might think, so it's possible to safeguard these systems on a smaller scale with a dedicated separate safety system.

A separate safety system isn't managing both machine control and safety simultaneously, but instead returns to the separate safety system and network design of the past. Due to advancements in machine control systems, safety systems, and networks, integration of separate systems is much simpler than before, making this a viable option in many cases.

There are now newer, simpler networks available that allow use on small scale applications. ASi-SaW, for instance, provides simplified safety on a smaller scale without the additional cost or complexity of managing larger amounts of diagnostic or configuration data over safety channels, keeping the system fast and relatively easy to set up.

Figure 2: Sick Flexi Line system links up to 32 safety controllers. Courtesy: SickAnother example includes a safety network solution (Figure 1) that allows connection of up to 32 safety sensors via nodes. This type of solution costs less, makes the safety device network independent, and gives enough diagnostic information to minimize downtime. These systems require no addressing or data configuration, greatly simplifying installation and saving cost on engineering and installation time. Another recently introduced type of solution (Figure 2) allows up to 32 safety controllers to be connected and to share networked emergency protective stop information between cells or machines.

These newer systems maintain the highest level of safety rating and keep things simple, important to lower manufacturing costs, increase flexibility, and shorten time to market with a new product. The future promises to hold more solutions and surprises as safety systems become simpler to implement and more affordable.

Machine safety: Back to the future

Older dedicated safety networks and safety control systems were cumbersome, expensive, awkward, and hard to support. Today, safety networks are incorporated into control systems, thus simplifying overall system integration and programming.

But in many cases, safety networks and safety PLCs are overkill, too slow or too expensive for simpler machines and safety functions. The development of simpler safety controllers and safety networks makes it possible to go back to the future-that is, use similar ideas from 10 years ago, but in a more practical and less expensive way.

- Ian Brough is a national product manager for safety interfaces for Sick Inc. Edited by Mark T. Hoske, content manager, CFE Media, Control Engineering,

ONLINE May has more information and links to additional safety resources. See the Control Engineering machine safety blog.

Key concepts

  • Older dedicated safety networks and safety control systems were cumbersome, expensive, awkward, and hard to support.
  • Today, safety networks are incorporated into control systems, thus simplifying overall system integration and programming.
  • Simpler safety controllers and safety networks can lower cost and make installation and operation easier.

Consider this

Right-sizing machine safety networks to the application can save time and labor. 

ONLINE extra

About the author: Ian Brough has been in the industrial controls market for almost 30 years and is currently a national product manager for safety interfaces for Sick Inc. 

- See related articles below.

The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
Pipe fabrication and IIoT; 2017 Product of the Year finalists
The future of electrical safety; Four keys to RPM success; Picking the right weld fume option
A new approach to the Skills Gap; Community colleges may hold the key for manufacturing; 2017 Engineering Leaders Under 40
Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
The cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Power system design for high-performance buildings; mitigating arc flash hazards
VFDs improving motion control applications; Powering automation and IIoT wirelessly; Connecting the dots
Natural gas engines; New applications for fuel cells; Large engines become more efficient; Extending boiler life

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
The maintenance journey has been a long, slow trek for most manufacturers and has gone from preventive maintenance to predictive maintenance.
This digital report explains how plant engineers and subject matter experts (SME) need support for time series data and its many challenges.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.
Maintenance Manager; California Oils Corp.
Associate, Electrical Engineering; Wood Harbinger
Control Systems Engineer; Robert Bosch Corp.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me