Wing of Tomorrow Work Equipment Compliance Workshop Day 3

Similar documents
The following gives a brief overview of the characteristics of the most commonly used devices.

The Best Use of Lockout/Tagout and Control Reliable Circuits

PL estimation acc. to EN ISO

ES18 Security Theory/Regulations Answer Schedule

Implementing Emergency Stop Systems - Safety Considerations & Regulations A PRACTICAL GUIDE V1.0.0

New Thinking in Control Reliability

Operating instructions Safety Rope Emergency Stop Switches ZB0052 / ZB0053 ZB0072 / ZB0073

PLEASE READ CAREFULLY BEFORE INSTALLING OR USING MEGA POOL SAVER MPS 1100

Original Date of Issue: 04/09

A4s Operation Manual

Low Voltage Electricity System Safety Rules & Associated Safety Guidance

Health & Safety Policy and Procedures Manual SECTION 6 ELECTRICAL SAFETY / CONTROL OF HAZARDOUS ENERGY

Managing for Liability Avoidance. (c) Lewis Bass

2. The purpose of this program is to achieve the following objectives:

Integrating Safety and Automation

A4 Operation Manual. Fig.1-1 Controller Socket Diagram

Definitions found in several locations:

Ground Fault Circuit Interrupter(GFCI) Policy

Electrical. OSHA Office of Training and Education 1

General Requirements of the NEC Advanced Course. Building Officials and Inspectors Educational Association

CT433 - Machine Safety

Introduction to Machine Safety Standards

Gas Network Craftsperson

SAFETY QUALITY TECHNOLOGY. Guidance on Safe Isolation Procedures

Table 1: Safety Function (SF) Descriptions

This training session covers electrical safety for unqualified persons. Unqualified persons are machine operators, operators of powered industrial

PSSI 6 Demarcation of Work Areas in Substations

Why do I need dual channel safety? Pete Archer - Product Specialist June 2018

Roller AC Servo System

Ventam 85 Installation & Commissioning Instructions

Elements of a Lockout/Tagout Program OSHA

Isolation of power supplies

TEST REPORT Safety Laboratory-MD Team Report No.: RA/2013/90003

GAS FUEL VALVE FORM AGV5 OM 8-03

Electrical Safety. Introduction

Preview to the 2018 NFPA 70E, the Standard for Electrical Safety in the Workplace

Application Note. Safety Sub-functions SSC Category 1, up to PL c PUS Category 1, up to PL c. Application Note SSC, PUS, Category 1, up to PL c STOP

Spirax Compact FREME Flash Recovery Energy Management Equipment

Ultima. X Series Gas Monitor

DuPage County Environmental, Safety, Health & Property Loss Control Program Hazardous Energy Control (Lockout/Tagout)

LOCK-OUT/TAG-OUT (LO/TO) SAFETY PROGRAM

List all key terms and acronyms used in the procedure, and their definitions.

These Electricity Safety Rules and associated National Safety Instructions are written to safeguard personnel working for or on behalf of National

C&G 2395 Exam Paper June Section A-All questions carry equal marks. Answer all three questions. Show all calculations.

e.do Gripper Safety requirements, technical features and assembly and integration instructions

Lockout/Tagout CE Marking Requirements WHITE PAPER

Energy Control. Suite 2A, 55 Frid Street Hamilton, ON L8P 4M3 office: cell:

LOCK-OUT / TAG-OUT SYSTEM & PROCEDURE

The definition of a competent person given in the Electricity at Work Regulations 1989 (EWR) is as follows:

Safety-critical systems: Basic definitions

SAFETY DIRECTIVE 2.0 DEPARTMENTS AFFECTED. This Administrative Directive shall apply to all Town of Marana departments and employees.

Standard Operating Procedure #COE-SOP-0001 Chemical Fume Hood Operation

Lockout/Tagout Training Overview. Safety Fest 2013

Electrical Shore Connections

MISSOURI UNIVERSITY OF SCIENCE & TECHNOLOGY Procedure: 3.6

ARKANSAS TECH UNIVERSITY FACILITIES MANAGEMENT HEALTH AND SAFETY MANUAL (LOCKOUT/TAGOUT) 30.0

PLANT HAZARD AND EQUIPMENT RISK ASSESSMENT

Lockout/Tagout - Energy Control Program

2018 NFPA 70E Significant Changes 7/27/2017. EFCOG Electrical Safety Task Group Workshop, July 2017

Safely on the way in the automotive and Tier 1 supplier industry

11/2/2017. Course Objectives. Overview

Stand-Alone Bubble Detection System

QPEO2/037N Credit Value: 15 QCF Level: 2 GLH: 68 Maintaining electrical equipment/systems

Department of Electrical Engineering & Computer Science. Electrical Safety. for Staff and Students in EECS Instructional Laboratories

Applications & Tools. Evaluation of the selection of a safetyrelated mode using non-safety-related components

Gas density monitor With integrated transmitter Model GDM-100-TI

Measurement accessories METPOINT OCV for the measurement in systems up to 40 bar

VERTICAL AIR COMPRESSORS

Operating instructions Capacitive sensor KIA (M30) / / 2010

Safety in pneumatic automation

Electrical Safety. Unqualified Worker

Circuit breakers PR 60

Electrical Safety Program

Inspection and Testing Pocket Notes

PSSI 3 High Voltage Metal-Enclosed Switchgear

Session: 14 SIL or PL? What is the difference?

Electrical Safety Work Practices

PERIODIC INSPECTION REPORT FOR AN ELECTRICAL INSTALLATION

Code of Practice for the Inspection and Testing of Portable Electrical Equipment (PAT)

Florida Building Code 6 th Edition (2017) Residential. Broward County Edition Loose-leaf Supplement

Hazardous Energy Control (Lockout-Tagout)

Electrical. Version 1.0

Why do I need to do an Arc-Flash Analysis?

VERTICAL AIR COMPRESSORS

Pressure Systems Safety Regulation

ELECTRICAL (COMPREHENSIVE) SAFETY PROGRAM REGULATORY STANDARD: OSHA - 29 CFR CFR , ,

2017 NWHA TECHNICAL SEMINAR. Arc Flash Hazard Awareness MIKE BRENDLE LLC

PART Q CONTROL OF HAZARDOUS ENERGY (LOCKOUT-TAGOUT)

PLANT HAZARD AND EQUIPMENT RISK ASSESSMENT

C&G Level 3 Award in the Periodic Inspection, Testing and Certification of Electrical Installations

Check with local zoning official for property line distance requirements.

Inspection and Testing

C&G 2395 Exam Paper April Section A - All questions carry equal marks. Answer all three questions. Show all calculations.

Lockout/Tagout Program

Safety Manual: Hazardous Energy. January, 2017

ISOLATION ISSUE 2 1 AIM 2 4 REASONS FOR INCLUSION 3 6 PLANT AND EQUIPMENT REQUIREMENTS 3 7 SYSTEM & PROCEDURAL REQUIREMENTS 4 8 PEOPLE REQUIREMENTS 6

Risk and Hazard Management

Application Note. Safety Sub-function PUS Category 1, up to PL c. Application Note PUS, Category 1, up to PL c M20 S22 R20 M1 Q20

Manually Propelled Risk and Hazard Management

Lock Out - Tag Out Safety Program

Transcription:

Wing of Tomorrow Work Equipment Compliance Workshop Day 3 www.saferoption.com Health Safety Environment Messam & Rider Ltd Content C Type Standards (Cont) Robots and Integration EN 10218-1 EN 10218-2 EN 11161 ISO/TS 15066 Electrical Safety Functional Safety 2 1

C TYPE STANDARDS (CONT) EN 10218-1 Industrial Robots (2011) Definition Automatically controlled, reprogrammable multipurpose manipulator, programmable in three or more axes, Which can be either fixed in place or mobile for use in industrial automation applications 2

EN 10218-1 Industrial Robots (2011) Hazard Analysis and Risk Assessment Significant hazards listed in Annex A Hazard analysis required to identify other hazards Each hazard risk assessed, considering: The intended operations of the robot, Unexpected start-up; Reasonably foreseeable misuse of the robot; Access by personnel from all directions; The effect of failure in the control system; and Hazards associated with the specific robot application. Robot Accident - 1 An automotive firm that developed a culture of violation were fined 50,000 after an industrial robot struck a worker in the throat, damaging his voice box and almost paralysing him down one side of his body. As part of the repairs, operator needed to watch the machine s operating cycle but his view was blocked by the solid guard that enclosed the robot. To see better he decided to enter the guarded danger zone, where the robot hit him. HSE inspectors discovered that viewing the cycle from inside the guarded area was common practice. The company s risk assessment did not address the risks from maintenance operations or those posed by the robots inside the guarding. 3

Robot Accident - 1 Maintenance personnel often have to work within the guarded area of machinery, said the HSE s investigating inspector. Safe access arrangements must be provided and these should be written into maintenance procedures and have full management commitment. The inspector warned that if workers see supervisors and managers violate procedures, as happened in this case, they start to think their company condones this. There was a culture of violation in this factory and it is very sad that it took an almost fatal accident for the company to identify this. Robot Accident - 2 Worker horrifically burned after robotic arm traps him against vat of molten metal super-heated to 700C Worker suffered a heart attack, a stroke and was left with partial brain damage following the horrifying accident. Company fined 150,000 Worker tried to clean some spillage from the floor by a machine at the forge. Ordinarily, a worker attempting this would stop the machine and approach it from the back. However injured person approached the machine from the operational side, and it is not clear whether he actually pressed the stop button. 4

Robot Accident - 2 The court heard he may have thought he had time to nip in and clean the area before the device which trapped him completed its cycle, but his memory is so badly affected in the wake of the accident he cannot say what happened. Judge said: For some reason the worker didn t isolate or stop it. I think he thought he had pressed it, because that s what he always did, and on this occasion sadly he hadn t pressed it. There was no fencing preventing workers from approaching the machine in the way he did, placing not just him at risk, but seven other employees who performed the same tasks. EN 14238 - Manipulators Scope 5

Specific Considerations List of hazards Supporting structure Strength and stability Load holding Vacuum lifter Magnets Clamps No drift Controls (EN 13557) Protection against risks Verification Information for use EN 14238 - Manipulators 6

EN 14238 - Manipulators ROBOTS 7

EN10218-1 Robots Usually supplied as partly completed machinery Declaration of Incorporation No CE mark EN10218-2 Robot Integration One or more robots Together with: End effector Handling equipment Control systems Protective devices Safety fence Is a machine 8

EN10218-2 Robot Integration CE marked Declaration of conformity Integrator is the manufacturer Responsible for conformity EN10218-2 Robot Integration Relationship between standards relating to robot cell integration 9

EN11161 Integrated manufacturing Systems Integrated manufacturing system - IMS Group of machines working together in a coordinated manner, linked by a materialhandling system, Interconnected by IMS controls for the purpose of manufacturing, treatment, movement or packaging of discrete parts or assemblies. EN11161 Integrated manufacturing Systems 10

EN11161 Integrated manufacturing Systems Applying the risk assessment methodology: Specification of the IMS, Identification of hazards and hazardous situations, Risk estimation and risk evaluation, Risk reduction. EN11161 Integrated manufacturing Systems Limits Use Space Lifecycle Functionality Work rate Modes Safety functions 11

EN11161 Integrated manufacturing Systems Tasks Work to be performed Human interaction Phases Space and layout EN11161 Integrated manufacturing Systems Access Operators Materials Mobile equipment 12

EN11161 Integrated manufacturing Systems Hazards and hazardous situations interaction of individual machines work in the vicinity of other parts of IMS work at height with a risk of falling; interfaces between machines EN11161 Integrated manufacturing Systems Risk estimation and risk evaluation Risk reduction elimination of the hazard by design; risk reduction by determination of task zone(s); Safeguarding; Providing information for use Validation 13

Collaborative Robots Collaborative Robots Collaborative robot robot designed for direct interaction with a human within a defined collaborative workspace (EN 10218-2) 14

Collaborative Robots EN 10218-2 includes some requirements for collaboration, but not fully developed Safety-rated monitored stop Hand guiding Speed and separation monitoring Power and force limiting by design or control Collaborative Robots Hazard identification. New terms quasi-static contact contact between an operator and part of a robot system, where the operator body part can be clamped transient contact contact between an operator and part of a robot system, where the operator body part is not clamped and can recoil or retract from the moving part of the robot system 15

Collaborative Robots Collaborative Robots ISO/TS 15066 includes further details on collaboration. Not harmonised to the machinery directive Safety-rated monitored stop Robot stops when collaborative workspace is entered. Robot automatically re-starts when person leaves workspace. 16

Collaborative Robots Collaborative Robots Hand Guiding Operator uses a hand-operated device to transmit motion commands to the robot system. 17

Collaborative Robots Hand Guiding Operating sequence: the robot system is ready for hand guiding when it enters the collaborative workspace and issues a safety-rated monitored stop the operator may then enter the collaborative workspace; when the operator has taken control of the robot system with the hand guiding device, the safety-rated monitored stop is cleared and the operator performs the hand guiding task; when the operator releases the guiding device, a safety-rated monitored stop shall be issued; when the operator has exited the collaborative workspace, the robot system may resume non-collaborative operation. Collaborative Robots Speed and separation monitoring The robot shall be equipped with a safety-rated monitored speed function And a safety-rated monitored stop function If distance falls below the separation distance: Robot initiates a protective stop Hazardous tools are stopped 18

Collaborative Robots Power and force limiting Physical contact between the robot system and an operator can occur either intentionally or unintentionally Quasi static contact Transient contact (or dynamic impact) System should be designed that such contact is infrequent and avoidable Collaborative Robots Risk assessment considers: exposed operator body regions; origin of contact events, i.e. intentional action or unintentional contact probability or frequency of occurrence; type of contact event, i.e. quasi-static or transient; contact areas, speeds, forces, pressures, etc Objects with sharp, pointed, shearing or cutting edges, such as needles, shears, or knives, and parts shall be avoided. 19

Collaborative Robots Contact exposure to sensitive body regions, including skull, forehead, larynx, eyes, ears face Prevented wherever reasonably practicable Collaborative Robots Passive and Active Risk Reduction Passive Addresses mechanical design of robot system Active Addresses control design of robot system 20

Collaborative Robots Passive design measures, include Increasing contact surface area Rounding edges and corners Smooth surfaces Absorbing energy and reducing impact forces Padding Deformable components Limiting movement masses Collaborative Robots Active design measures, include Limiting forces Limiting velocities Limiting momentum Safety rated soft axis Safety rated monitored stop Proximity or contact detection 21

Collaborative Robots Power and Force Control Limits Threshold limits for Quasi static, and Transient contact Not to be exceeded Collaborative Robots Power and Force Control Limits 22

Collaborative Robots Biomechanical limits Ergonomic limits can be different from the biomechanical limits. For frequent contacts or other special cases, the applicable threshold limit values can be further reduced to an ergonomically acceptable level. Collaborative Robots Biomechanical limits 23

Biomechanical limits Biomechanical limits 24

Collaborative Robots Biomechanical limits Pressure values Based on pain onset levels Single study only No extensive research Tests on 100 healthy adults Single test piece Additional studies may modify these values Collaborative Robots Biomechanical limits Force values Independent study 188 sources of information Broad body regions only Based on max force to cause minor injury (Category 1 on the AIS scale) Adherence should prevent bleeding wound To be replaced in future from research more specific to collaborative robots 25

Collaborative Robots Some examples of application: https://www.universal-robots.com/casestories/paradigm-electronics/ https://www.universal-robots.com/casestories/bajaj-auto/ Collaborative Robots From the manufacturer s website Not all guidance in ISO 10218-1 is clear and/or applicable for collaborative robots. At the time when ISO 10218-1 was written, collaborative robots was a new and developing field. UR Robots comply with all requirements for collaborative operation defined in ISO 10218-1, particularly using the method defined in clause 5.10.5. 26

Collaborative Robots EN10218-2 Clause 5.10.5 Collaborative Robots From the manufacturer s website ISO 10218-1 is for manufacturers of robots. UR is the manufacturer of UR robots. A naked robot is considered partly completed machinery and not a complete machine. ISO 10218-2 is for integrators of robot systems. The company that installs a UR robot in specific application is the integrator. UR is not an integrator. An integrated and installed robot is considered a complete machine. 27

HSE Research Report HSE Research Report 28

HSE Research Report Considerations Human body as a whole can be dynamically complex during collisions. Eg - rotational acceleration of the head can create damaging forces between the skull and brain even without any external impact force on the head itself. Forces on the neck due to rapid movement of either the head or body parts following impact with an object. HSE Research Report Considerations Maximum allowable injury level is defined at AIS Category 1 A single broken rib is an AIS Category 1 People can tolerate forces that lead to physical damage without subjectively unacceptable pain levels. Resilience of bone and soft tissue declines significantly with age 29

HSE Research Report Considerations Force limits that could lead to asphyxiation are not considered. Body regions defined are too limited Elbow points, wrists, breast tissue, genitals and feet are not covered. Primary objective must be to avoid collision and maintain a safe distance between person and robot, and that the force limits are for when the systems designed to maintain the safe distance fail HSE Research Report Considerations Complexities of body impacts taking the whole body system into account is not considered. Potential movement of the person relative to the robot, as this, combined with the robot velocity might raise collision force 30

HSE Research Report Human behaviour and reliability Accidents show that the moving robot part takes the injured person by surprise Even though they are aware they are within a robot zone and are aware of robot movements Indicates that human failure to stay in a safe 3- dimensional zone is predictable HSE Research Report Human behaviour and reliability Given the unreliability of humans to perform the way machinery designers might expect / want them to, illustrated by the prevalence of defeating machinery guards, And failure to carry out risk-reducing actions when dealing with machinery, Robot designers and risk assessors need to consider undesirable human behaviour and performance as foreseeable. 31

HSE Research Report Human behaviour and reliability Recent work suggests that human-robot interactions do present additional complications and the solutions are currently either academic or under development, but not ready for industrial applications. Defeating of guarding is a human performance failure, termed a violation. Violations are most often committed with good intentions rather than for any malicious reasons such as sabotage. HSE Research Report Conclusion The force limit values in (ISO/TS) 15066 appear to be conservative ( on the safe side ), Compared with other values found during this study, but this does not conclusively mean that the values are safe and realistic, There is a lack of research on the tolerance limits of the human body because of ethical and practical issues with obtaining good data in this field. 32

ELECTRICAL SAFETY Machinery Directive Need to comply with ESHRs 1.5.1. Electricity supply Designed, constructed and equipped that all hazards of an electrical nature are or can be prevented. The safety objectives set out in Low Voltage Directive shall apply to machinery. However, the obligations concerning conformity assessment and the placing on the market and/or putting into service of machinery with regard to electrical hazards are governed solely by the Machinery Directive. 33

Harmonised Standards EN60204 Safety of machinery Electrical equipment of machines Harmonised to Machinery Directive and Low Voltage Directive Safety of persons and property. Consistency of control response. Ease of maintenance. EN 60204 Scope EN 60204 applies to the application of electrical, electronic and programmable electronic equipment and systems to machines Not portable by hand while working, Hand held electrical tools have their own EN Standards Including a group of machines working together in a co-ordinated manner. 34

EN 60204 Scope Commences at the point of connection of the supply to the electrical equipment of the machine EN 60204-1 is applicable to supply voltages not exceeding 1000v ac And not exceeding 1500v for direct current (dc), and with nominal supply frequencies not exceeding 200 Hz. EN 60204 Risks due to electrical equipment Equipment failure leading to electrical shock. Control circuit failure leading to malfunction of the machine. Disturbance / interruption of the power source leading to malfunction of the machine. Safety related control circuit failure leading to failure of safety functions. EMC problems leading to malfunction of the machine. Release of stored energy leading to unexpected movements / electrical shock. High surface temperatures leading to burns. 35

EN 60204 Selection of devices and components dependant upon: Intended use. Conformity to applicable standards. Applied according to manufacturers instructions. Suitability for purpose. Ability to withstand the expected influence. Appropriate for the intended use. Suitably placed / positioned. Readily identifiable with physical durable marking of the component or device. EN60204 Block Diagram 36

EN 60204 Electrical Supplies and Isolation: A single incoming supply is recommended for machines. Second supplies at different voltages (eg 24v dc for electronic equipment) should be derived from the main supply. Isolators must be located between 0.6m and 1.9m from servicing level Isolators should be lockable Isolators to disconnect all supplies EN 60204 Electrical Supplies and Isolation: Excepted circuits do not need to be disconnected by the disconnecting device: Lighting circuits for lighting needed during maintenance or repair; Plug and socket outlets for the exclusive connection of repair or maintenance tools Circuits supplying equipment that should normally remain energized for correct operation Temperature control Program storage devices Excepted circuit cables should be coloured orange 37

EN 60204 EN 60204 Electrical Supplies and Isolation: Control on / off isolators should be black and grey. Emergency off isolators must be coloured red and yellow. 38

EN 60204 EN 60204 Electrical Supplies and Isolation: It must have one off (isolated) and one on position marked with "O" and "I. 39

EN 60204 Electrical Supplies and Isolation: The isolator should ideally be interlocked to the panel door. If this is not possible then IP2X protection must be installed to all devices that remain live when to door is opened. EN 60204 Protection Against Electric Shock - General: Persons must be protected from electric shock Direct contact. Indirect contact. 40

EN60204 Direct Contact (Basic Protection) Electric shock under fault free conditions conductors that carry current under normal circumstance (live and neutral) are circuit conductors. when a person or body part comes into contact with an un-insulated circuit conductor, then a shock through direct contact with that live part can occur EN60204 Direct Contact Examples 41

EN60204 Protection Against Electric Shock Direct Contact: Insulation Enclosures to IP2X Horizontal top surface to be IP4X Placing out of reach, Using obstacles, EN 60204 Indirect Contact (Fault Protection) Electric shock under single fault condition Contact with a conductive (metal) part (not part of the electrical system) that can be touched by a person. metal cases and enclosures known as exposed conductive parts 42

EN 60204 Indirect Contact under fault conditions such as a break in the insulation, un-insulated conductor touches the metal case exposed conductive part can become live person contacts exposed conductive part - shock between live and earth can occur. EN 60204 Indirect Contact (Fault Protection) Also between a live surface and an extraneous conductive part a conductive (metal) part that is not part of the electrical apparatus. Water pipes and gas pipes. Metal structures 43

Shock to Earth For electricity to flow, there has to be a circuit Yet a shock can occur when in contact with the live conductor only. This arises when a person is in contact with a live conductor and the mass of earth UK electrical system is referenced to earth, which we can take as zero potential. Shock to Earth Secondary winding of the distribution transformer is connected to earth. substation transformer 230V live 11KV neutral 0V neutral conductor connected to earth 0V 44

Shock to Earth Person contacts live exposed conductive part Only contact with the live side of the supply is necessary for a shock Contact with the ground (earth), completes the circuit to the supply neutral through the mass of earth Fault circuit Shock to Earth 45

Earthing Protective conductor connected to the exposed conductive part and earth Protective conductor known as the earth wire Low resistance path to earth for the fault current. Earthed appliances are known as Class I Earthing substation transformer fuse fault on washing machine live neutral earth neutral conductor connected to earth connection between exposed conductive part and common earth 46

Earthing Earthing Systems In areas where no earth is supplied by the Distribution Network Operator. The physical mass of earth is used as the return path. This is known as a TT system. Typical impedance here is high (21 Ohms) 47

Earthing Systems Preferable to supply a low impedance earth return. This can be via a separate neutral earth conductor. Called T-NS Earthing Systems The modern approach is for the neutral and earth conductor to be the same. But split at the consumer unit into 2 terminals. With a protected link. Protective multiple earthing (PME) 48

Equipotential Bonding Dangerous potentials can exist between live parts and other metal parts in contact with earth substation transformer contact with live surface fuse 240v live neutral Radiator zero volts earth fault on washing machine Insulated floor neutral conductor connected to earth return for shock path 0v water pipe in mass of earth Equipotential Bonding By connecting all extraneous conductive parts to the same common earth (equipotential bonding) In a fault condition, the live surface at 230v, the protective conductors (earth wires) are at 230v and water, gas pipes and radiators etc are at 230v. No potential difference exists between these parts. 49

Equipotential Bonding substation transformer contact with live surface fuse live 240v zero potential radiator 240v neutral earth equipotential bonding neutral conductor connected to earth water pipe in mass of earth EN60204 Protection Against Electric Shock Indirect Contact: Prevent the occurrence of a hazardous touch voltage Automatic disconnection of supply in time before touch voltage is hazardous 50

EN60204 Prevent the occurrence of a hazardous touch voltage Provision of class II equipment or by equivalent insulation; Eg double insulation Electrical separation Eg Isolating transformer EN60204 Protection by automatic disconnection of supply This protective measure comprises both: Protective bonding of exposed conductive parts Overcurrent protective devices in TN systems RCDs in TT systems 51

EN60204 Protection of Equipment From: Overcurrent arising from a short circuit; Overload and/or loss of cooling of motors; Abnormal temperature; Loss of or reduction in the supply voltage; Overspeed of machines/machine elements; Earth fault/residual current; Incorrect phase sequence; Overvoltage due to lightning and switching surges. EN60204 Control Circuits and Control Functions - Stop: Operational Stop Emergency Stop (EN ISO 13850) An emergency stop can only be a category 0 or 1 stop. The initiation of the emergency stop must supersede all modes of operation and other functions. There must be no automatic restart of the machine on reset. 52

EN60204 Control Circuits and Control Functions - Stop: Emergency Switching Off Device (EMO) Only if the hazard is from electricity. Must be used where avoidance of direct contact is achieved by placing out of reach EN60204 Wiring Practices Secure against accidental loosening of terminals. Two or more conductors to one terminal only if terminal is designed for that purpose. Only one protective conductor connected to one terminal connecting point. Soldered connections only where terminals suitable for soldering. Terminal blocks plainly marked or labelled to correspond with diagrams. Flexible conduits and cables - liquids shall drain away from fittings. Identification tags labels must be legible, permanent, appropriate for physical environment. 53

FUNCTIONAL SAFETY Functional Safety The more the risk reduction depends upon the safety-related control system (SRECS), The more the SRECS needs to be resistant to faults For example, what would be the extent of risk should an safety interlock switch fails on a machine guard such as short circuits, welded contacts etc 54

Functional Safety The first Type B standard to cover this issue was EN954:1996 This standard defined the category of behaviour of SRECS under fault conditions Category Functional Safety Categories of Architecture Category B control circuits are basic and can lead to a loss of the safety function due to a fault. Category 1 can also lead to a loss of the safety function, but with less probability than category B. 55

Functional Safety Categories of Architecture Category 2 detect faults by periodic testing at suitable intervals (the safety function can be lost between the periodic tests) Functional Safety Categories of Architecture Category 3 ensure the safety function, in the presence of a single fault, for example by employing two (redundant) channels, but a loss of the safety function can occur in the case of an accumulation of faults 56

Functional Safety Categories of Architecture Category 4 Same configuration as Category 3 But with high MTTFd Functional Safety EN13849 This is the current standard for control systems of machinery Due to increasing technology and reliance on control systems, the assignment of Performance Level (PL) has been introduced. Performance levels are rated a, b, c, d, e. This is an extension of the design risk assessment process. 57

Control Systems Safety control functions have 3 main components Input receive signals to enable the control to recognize an unsafe event. A common example of an input device is a light curtain. Logic Monitors the input and output, determining the proper course of action to ensure safety. The logic element could be a simple safety relay, safety controller or a safety PLC. Output Is the power control element that ensures safety. For example, it might stop motion. In a motor control safety circuit, this element could be a simple electromechanical or safety contactor. Control Systems The overall Performance Level (PL) needs to be determined, taking into account the categories of components. 58

EN13849 EN13849 Identify Safety Functions to be performed 59

EN13849 The Performance Level of a control system is determined by: Defining the architecture (Category), Determine the Mean Time To Dangerous Failure (MTTFd), Determine the Diagnostic Coverage (DC), and Define the Common Cause Failure (CCF) EN13849 60

EN13849 Mean Time To Dangerous Failure (MTTFd) MTTFd assumes that if you wait long enough every system will fail MTTF is approx the time that will elapse until 63% of the components will fail, Only dangerous failures are considered, EN13849 Mean Time To Dangerous Failure (MTTFd) MTTFd can de determined by: Manufacturer s data Calculated using manufacturer s data (B10d) Tables in EN13849 This will give one of 3 levels of MTTFd 61

MTTFd Suppliers of safety modules such as relays and PLCs will supply the PL and Category for the product Reliability of components such a switches, contactors and valves is dependant on the number of operating cycles, which the supplier would not know. Therefore to determine the PL the MTTFd will need to be calculated or determined by the system designer MTTFd Calculating MTTFd Suppliers should provide the B10d value for switches and contactors etc. The B10d is the mean number of cycles until 10% of the components have failed. MTTFd = B10d 0.1 x nop nop is the average number of cycles of the components per year 62

MTTFd Calculating MTTFd nop = dop x hop x 3600 s/h t cycle dop is the mean operations in days per year hop is the mean operation in hours per day t is the mean time between 2 successive cycles PRACTICAL EXERCISE 63

Diagnostics Coverage Failures can lead to: Safe Condition, or Unsafe condition Failures can be Detected, or Undetected Safe Detected Safe Condition Safe Undetected Dangerous Detected Unsafe Condition Diagnostic coverage (DC) is a measure of how many dangerous failures the diagnostic system will detect Failures Dangerous Undetected Diagnostics Coverage Can be calculated as the ratio between rate of detected dangerous failures and the rate of total failures Supplied by manufacturer Estimated in EN13849 tables (or EN61508) Result given as a percentage 64

Diagnostics Coverage EN13849 Diagnostics Coverage 65

Common Cause Failure CCF Failures of different items, resulting from a single event, where these failures are not consequences of each other, Categories Cat 2,3 & 4 components Sufficient measures are required to protect against CCF 65 points is required on a scoring system to meet sufficient CCF measures Common Cause Failure EN13849 66

Common Cause Failure EN13849 Determine PL PL can be determined by a risk assessment Severity of injury S1 Examples include bruising and/or lacerations S2 Amputations or death Frequency and/or exposure times F2 should be selected if a person is frequently or continuously exposed to the hazard. (Including successive persons) F1 - Access to a hazard from time to time 67

Determine PL PL can be determined by a risk assessment Possibility of Avoiding Harm operation with or without supervision; operation by experts or non-professionals; speed with which the hazard arises (e.g. quickly or slowly); possibilities for hazard avoidance (e.g. by escaping); practical safety experiences relating to the process. Determine PL PL can be determined by a risk assessment Possibility of Avoiding Harm P1 should only be selected if there is a realistic chance of avoiding an accident P2 should be selected if there is almost no chance of avoiding the hazard. 68

Determine PL Evaluate the Required PL 69

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback