Safety and risk minimization in the operator control of plant machinery

Machine and operator safety must be considered at all stages of its service life and never become an afterthought


Courtesy: Hasbro, CFE MediaModern machines are being produced with faster lead times—and designed to operate at considerably higher speeds than in the past. In the great race to meet production deadlines and budgets, safety must never be an afterthought. The least effective and most costly safety fixes are made after a machine has been commissioned and problems arise. Machine and operator safety must be considered at all stages of its service life from design to commissioning to operation and maintenance. 

Machine functional safety standards still a work in progress

Operating safely at higher performance dynamics calls for uniform safety concepts at the component, machine and system design levels. Mechanical engineers developing safe machines are bound by standards and need to know how these aggregate standards may affect their designs. Not only is it important to understand the application ranges, but also how standards differ and overlap.

Effective in 2010, the comprehensive Machinery Directive (MD) 2006/42/EC defines requirements to be met for machines intended for the European Economic Area (EEA). MD is universally applicable for machinery, replaceable equipment, safety components, load handling devices, chains, ropes and lifting straps, detachable cardan shafts, partial machines and service elevators.

When a machine is built, mechanical engineers must confirm that MD requirements are met, indicated by affixing the CE mark to the machine, indicating that it can be put to market in the EEA. While CSA Standard Z432-04-Safeguarding of Machinery includes basic concepts and general safety considerations for design, the new European MD is designed to ensure consistent global standards of safety—commonly referred to as harmonization.

All machine safety standards are intended to ensure that safety doesn’t get shortchanged. Until recently, a safe torque off (STO) and safe stop 1 (SS1) function was sufficient for most applications. However, the trend towards increased functional safety in electrical drive and automation technology has gained traction. EN ISO 13849-1 and EN IEC 62061 both address issues of functional safety of machinery.

In the field of machine and systems engineering, the EN IEC 62061 standard addresses the functional safety of safety-related electrical, electronic and programmable electronic control systems. As such, the standard does not apply to hydraulic, pneumatic or electromechanical safety-related control elements, for example. In December 2011, EN ISO 13849-1 completely replaced EN 954-1. For machine builders and plants this meant changes affecting product certification, specifically requiring that probability calculations be taken into account when defining safety. EN ISO 13849-1 can be applied to the safety-related parts of control systems and all types of machines, regardless of the technology and energy used (electrical, hydraulic, pneumatic, mechanical, etc.).

Implementing safety at the product level can provide the best possible support to those responsible for machine safety and overall plant performance levels. Regardless of whether an engineer chooses to work in compliance with EN ISO 13849-1 or EN IEC 62061, probability calculations are now required to verify the reliability of the safety-related parts of machine controls. So, the relevant safety-related parameters of individual components come into play. 

Understanding specification functions of safety-related parts

What risks does the machine pose? That should be among the first questions asked during the design phase. It can be fundamentally assumed that any hazard prevailing on a machine will sooner or later cause damage if protective measures are not taken. Therefore all potential hazards must be identified very early in development.

A comprehensive risk and hazard analysis can identify and assess risks posed by each potential hazard. Findings of the analysis can then be used to make decisions about the need to reduce risks. If these initial steps identify a need for risk minimization, each of the standards set out a hierarchy of measures to mitigate and minimize hazards to acceptable levels via design measures, protective devices and user information.

Like its predecessor standard, EN ISO 13849-1 uses a risk graph. The graph indicates PLr (performance level required). This is the new gauge used to measure actual performance level (PL) achieved following implementation of defined safety components. The PL refers to the ability of safety-related parts of a control system (SRP/CS) to perform a safety function designed to achieve the expected reduction in risk. Both quantitative and qualitative aspects are taken into account. In short, the PL must be greater than or equal to the PLr.

Risk parameters, including frequency, severity of injury, and avoidance tactics, must now be evaluated for each hazard identified in the risk and hazard analysis. If design measures can be taken to minimize the risk, the risk graph process (iterative method) is repeated, with the aim of achieving a lower PLr for previously more serious hazards. If this can be achieved, the risk will have been successfully minimized by design.

However, in many cases, design measures are insufficient, so protective devices are needed to achieve adequate risk minimization. It is within this context that safety functions executed by SRP/CS are defined. SRP/CS measures include the entire safety chain comprised of sensors (detect), logic (process) and actuators (switches). Safety functions are defined on the basis of both the application and the hazard. They are often specified as a Type C (product standard), which sets out precise specifications for special machines. In the absence of a C standard, safety functions are defined by the machine designer. Typical safety functions are described in more detail in EN ISO 13849-1 Section 5.1 Specification of safety functions. The safety functions for adjustable speed electrical power drive systems are not described in EN ISO 13849-1, but in the separate standard IEC 61800-5-2.

The EN ISO 13849-1 standard requires that a specification of functional safety requirements be drafted containing details about each safety function to be executed. To this end, the Plr must be defined as described above and documented in writing. Additionally, one must define the necessary interfaces with other control functions and required error responses specified. The PL must be estimated for each selected SRP/CS executing a safety function. Parameters include identifying each structure by category, mean time to failure danger of individual components, diagnostic coverage, common cause failure, the behavior of safety function under error conditions, safety related software, systematic errors, and the ability to execute a safety function under foreseeable ambient conditions in the plant operation. Standard EN ISO 13849-1 uses a graph to describe a simple way of estimating the PL. The graph illustrates the relationship between the familiar category from EN 954-1 and new relevant safety-related parameters.

<< First < Previous Page 1 Page 2 Next > Last >>

Top Plant
The Top Plant program honors outstanding manufacturing facilities in North America.
Product of the Year
The Product of the Year program recognizes products newly released in the manufacturing industries.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
October 2018
Tools vs. sensors, functional safety, compressor rental, an operational network of maintenance and safety
September 2018
2018 Engineering Leaders under 40, Women in Engineering, Six ways to reduce waste in manufacturing, and Four robot implementation challenges.
GAMS preview, 2018 Mid-Year Report, EAM and Safety
October 2018
2018 Product of the Year; Subsurface data methodologies; Digital twins; Well lifecycle data
August 2018
SCADA standardization, capital expenditures, data-driven drilling and execution
June 2018
Machine learning, produced water benefits, programming cavity pumps
Spring 2018
Burners for heat-treating furnaces, CHP, dryers, gas humidification, and more
October 2018
Complex upgrades for system integrators; Process control safety and compliance
September 2018
Effective process analytics; Four reasons why LTE networks are not IIoT ready

Annual Salary Survey

After two years of economic concerns, manufacturing leaders once again have homed in on the single biggest issue facing their operations:

It's the workers—or more specifically, the lack of workers.

The 2017 Plant Engineering Salary Survey looks at not just what plant managers make, but what they think. As they look across their plants today, plant managers say they don’t have the operational depth to take on the new technologies and new challenges of global manufacturing.

Read more: 2017 Salary Survey

The Maintenance and Reliability Coach's blog
Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
One Voice for Manufacturing
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Maintenance and Reliability Professionals Blog
The Society for Maintenance and Reliability Professionals an organization devoted...
Machine Safety
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
Research Analyst Blog
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Marshall on Maintenance
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
Lachance on CMMS
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
Material Handling
This digital report explains how everything from conveyors and robots to automatic picking systems and digital orders have evolved to keep pace with the speed of change in the supply chain.
Electrical Safety Update
This digital report explains how plant engineers need to take greater care when it comes to electrical safety incidents on the plant floor.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Randy Steele
Maintenance Manager; California Oils Corp.
Matthew J. Woo, PE, RCDD, LEED AP BD+C
Associate, Electrical Engineering; Wood Harbinger
Randy Oliver
Control Systems Engineer; Robert Bosch Corp.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Design of Safe and Reliable Hydraulic Systems for Subsea Applications
This eGuide explains how the operation of hydraulic systems for subsea applications requires the user to consider additional aspects because of the unique conditions that apply to the setting
click me