Safety in work place.
In the manufacturing world, although safety is always stressed as the most important part of the manufacturing process, situations arise whether due to downtime, production stress, poor maintenance procedures or poor engineering design that tend to raise the safety issue.
Many a times it has been seen and has been a part of situations where a manufacturing crisis arises due to a machine malfunction that causes a slowdown in production or an unscheduled downtime. More often than not, those individuals that are paid to fix the problem (maintenance technicians and plant engineers) feel the pressure from management to get the machine back up and running ASAP.
This circumstance causes the greatest likelihood of personnel letting down their guard concerning safety, and the safe operation of machinery can get overlooked. Sometimes quick fixes are applied to meet production requirements, but these quick fixes often times end up causing more problems in the future if the time is not dedicated to thoughtfully planning a solution and implement it correctly and thoroughly.
These circumstances are where it has been seen, emergency stops jumped, fuses shorted, safety interlocks (limit switches, proximity sensors, light curtains) forced to “fix” the problem. Although the problem can be temporarily “quieted” so production can continue, a “quieted” problem ends up becoming a very loud problem at a later time.
So how do we overcome the issue of safety vs. productivity? As engineers, we know that having experienced problems like this, engineers are compelled to try to “prevent” it from happening again, either by over-designing the machine, or by putting in additional (and often superfluous) safety interlocks or procedures. Unfortunately, this often results in an engineering “catch 22.” For example, when an interlock is designed to be safe and also idiot-proof, (that is, make it nearly impossible to override or force), it usually makes it much harder for maintenance personnel (who tend to like the simple designs) to access a device to do general or preventative maintenance.
This is exactly where and why training and feedback need to be a continual process in the manufacturing environment. As personnel and responsibilities change, the on-hand maintenance crew often does not have the specific expertise for each specific machine. Continual training is vital to keep the existing workforce efficient, and to also train new personnel.
The alternative is that outside (expensive) contractors may be needed to solve problems. We have often heard statements like “well I know how this particular machine operates in and out, but don’t have a clue about how the packing machine works.”
If machine designs were consistent (wiring methods, safety interlocks, etc.), then it would be advantageous to have a “jack-of-all-trades” maintenance crew maintaining the machines. However, as newer safety technologies or methods are introduced, training must be an essential part of the operation. With properly trained personnel, old machines can be kept running safely and efficiently, while new machines (which are designed safer due to newer safety regulations) are more thoroughly understood and operated correctly; meaning, the whole system can function, old and new, effectively and safely.
Standards
There are application standards that exist for specifics such as how to calculate safe mounting distances for machine guarding using light curtains. For example, ANSI/RIA R15.06 discusses the use of light curtains for robot guarding.
Although there are construction standards for design, construction and testing of presence-sensing devices (which are typically the devices used for automated machinery interlocking safeties), there are currently no standards in North America. IEC61496, an IEC standard entitled “Safety of Machinery— Electro sensitive Protective Equipment” is accepted as the default standard, and the Underwriters Laboratories, Inc. has adopted the IEC61496 into their standards.
UL’s version contains specific examples concerning such things as number of outputs required, the need for key-operated switches, transformer construction, and failure conditions.
OSHA and other organizations such as ANSI provide information on proper machine guarding, construction, and the use of automated machinery (machine tools).
The ANSI B11 Machine Tool Safety Standards are probably one of the best sources of machine tool guarding information for North America. The specific parts of B11 related to automated machinery include the following:
• B11:20: Manufacturing Systems/Cells
• B11:21: Machine Tools Using Lasers for Processing Material
• B11:22: Turning Centers and Automatic, Numerically Controlled Turning Machines
• B11:23: Machining Centers and Automatic, Numerically Controlled Milling, Drilling and Boring Machines
• B11:24: Transfer Machines
Safety Methodologies
When an automated machine is being newly designed or if designs are being implemented to upgrade older machinery, there are three main safety methodologies and practices that should be considered:
• Design with maintenance in mind
• Interlocking principles and devices
• Safety controls and programmable logic controllers (PLCs)
Although the main issues are divided into different categories, often their details overlap one another. Safety devices must be designed to account for future maintenance, to use interlocking principles and elements to prevent the operator from damaging the machine or personnel (or the machine from damaging itself), and with new approved control methods that can considerably save hardware and cabling costs and lead to reduced troubleshooting time with increased diagnostic capabilities.
Interlocking Principles and Devices
In discrete automated manufacturing, where there tends to be a significant amount of moving machinery, protective measures must be implemented to protect the worker and machine from the moving devices. For instance, when a machine guard (that will prevent access to a dangerous area) is being designed, the security and type of interlocking principles and devices should be thoroughly discussed between the facility’s safety, maintenance and engineering personnel. While, for instance, it may prove to be a simple design (and easily maintainable) to use a limit switch to detect whether a machine guard door is open, as opposed to using a specifically designed electronic safety switch, or a mechanically actuated switch, thought must be put into the design so that the interlock cannot be “cheated.” By cheated, I’m suggesting that someone can actuate the limit switch, with one hand, while still able to open the guard door, but without shutting down the machine.
Safety Controls and PLCs
New safety control devices marketed as Safety PLCs are not really new. According to industry experts, the Safety PLC concept traces its history to the late 1970s. Traditionally, standard PLCs were used in pairs in process industries which would allow a safe and orderly equipment shutdown by the redundant PLC if the primary PLC fails. It is an expensive method requiring a great deal of engineering, hardware, wiring and custom software to implement the safety portion.
Newer Safety PLCs build the redundancy into a single PLC chassis by incorporating multiple processors that perform the same logic, checking each other, only writing the outputs upon agreement. The dual processor Safety PLC is priced about 25 to 30 percent higher over a comparable standard PLC.
Several PLC manufacturers’ Safety PLC lines incorporate two identical central processing units and include a variety of built-in self-monitoring hardware systems and diagnostics, while other manufacturer’s units go even further and use tripling processors as well as triply redundant input and output (I/O) systems.
The manufacturing facility’s product, whether it is a continuous process or discrete product manufacturing, will tend to dictate the type of Safety PLC to implement. Fault tolerant systems are typically better for process industries, while fail-safe systems tend to be better for discrete manufacturing. For discrete manufacturing, you want to stop the motion immediately so you do not hurt someone; for the process industry you want to keep it running so you do not have a dangerous work environment (over temperature or pressure situations, leakage of flammable or toxic materials, etc.) or cause economic damage in lost product or equipment.
Although each Safety PLC method adds costs to a machine’s design, when you consider the all inclusive costs (design, commissioning, installation, etc.), the hardware costs for a Safety PLC controlled system is maybe about 10 percent of the whole project.
The bottom line is when considering the cost of implementing manufacturing safety; one should keep in mind the results of a recent study by the American Society of Safety Engineers which puts the ratio of indirect to direct costs of an industrial accident as high as 8:1. If, through a safely designed machine, and adequately trained personnel, one accident is prevented (along with the investigations, legal costs, worker compensation costs, insurance costs, etc.), the costs for training personnel and purchasing the extra safety equipment will pay for itself many times over—and increase overall productivity.
Choice of Safety Category
“A fault in the control circuit logic, or failure of or damage to the control circuit must not lead to dangerous situations.” This is the declaration of the EU’s Machinery Directive and EN 292-2:1991 under the heading 1.2.7. “Failure of the control circuit”, EN terminates on November 1, 2009 to be replaced completely by EN ISO 13849-1. During the transition period, it is possible to choose which of the two standards to apply. A further standard that can be applied to safety related parts is EN 62061.
The significance of this statement is that a fault such as a jammed relay, a short circuit in a transistor or a short circuit between two conductors should and must not result in the safety function failing with the risk of consequent personal injuries. Please note, “a fault” means that the system is only expected to handle one fault at a time. Two components failing at the same time is not regarded as likely as long as they cannot be made to fail by an external interference. This safety requirement has not been recently introduced with the machine directive, but has existed in other regulations for many years.
Choice of Category
It is above all a question of the technique available. Gate operation equipment can for example be fitted with a control led interlocking switch (category 1). However, interlocking circuits with relays and transistors, etc. normally require solutions in categories 2–4 in order to achieve a higher safety level than for standard control circuits. Appendix B to EN954-1 shows an example of how a category is chosen. The example gives some guidance but is quite inadequate. The safety category is chosen based on the safety risk of the machinery. The risk is estimated based on the parameters S, F and P.