ac motor
Trang 17 chapter Personnal and
Trang 27 Personnal and machines safety
1 2 3 4 5 6 7 8 9 10 11 12 M
Trang 37.1 Introduction
7 Personnal and machines safety
After presenting and defining the rules which govern safety, we shall focus on the machinery and the product technologies to meet customer requirements and comply with constraints.
Legislation requires us to take preventive action to preserve and protectthe quality of the environment and the human health To achieve theseobjectives, there are European Directives which must be applied by plantoperators and by manufacturers of equipment and machines
It also assigns the responsibility for possible injury
• Notwithstanding the constraints, machine safety increases productivity by:
- preventing industrial accidents,
- ensuring the health and safety of all personnel by suitable safetymeasures that take into account the machine’s application and thelocal environment
• Cutting direct and indirect costs by:
- reducing physical harm,
- reducing insurance premiums,
- reducing production loss and delay penalties,
- limiting harm and cost of maintenance
• Safe operation involves two principles: safety and reliability of operation ( C Fig.1)
- Safety is the ability of a device to keep the risk incurred by personswithin acceptable limits
- Reliability of operation is the ability of a system or device to performits function at any moment in time and for a specified duration
• Safety must be taken into account from the design phase and kept
in place throughout all stages of a machine’s life cycle: transport, installation, adjustment, maintenance, dismantling
• Machines and plants are sources of potential risk and the Machinery Directive requires a risk assessment for every machine to ensure that any risk is less than the tolerable one.
• Risk is defined in accordance with EN 1050 as follows ( C Fig 2): seriousness multiplied by the probability of occurrence.
A Fig 1 Safety and reliability of a system
A Fig 2 Definition of risk
Risk
related topotentialhazard
Severity
Of thepossibleharm for theconsideredhazard
Probability of occurrence
Of the harm
- frequency and duration of exposure
- possibility of avoiding or limiting the harm
- Probability of the occurrence of an eventwhich may cause harm
Trang 4
7.1 Introduction 7.2 Industrial accidents
7 Personnal and machines safety
• The European Standard EN1050 (Principles of Risk assessment)
defines an iterative process to achieve safety in machinery It states thatthe risk for each individual hazard can be determined in four stages
This method provides the basis for the requisite risk reduction using thecategories described in EN954 The diagram (C Fig 3)shows thisiterative process which will be detailed further on
7.2 Industrial accidents
An industrial accident occurs through work or in the workplace andcauses minor to serious injury to a person operating or working on amachine (fitter, operator, maintenance worker, etc.)
• Human-related factors (designers, users)
- Poor grasp of machine design
- Over-familiarity with danger through habit and failure to takedangerous situations seriously
- Underestimation of hazards, causing people to ignore safety guards
- Relaxed attention to supervisory tasks (fatigue)
- Failure to comply with procedures
- Increased stress (noise, work rates, etc.)
- Uncertainty of employment which can lead to inadequate training
- Inadequate or bad maintenance, generating unsuspected hazards
7
A Fig 3 Machine safety process
Trang 5
7.2 Industrial accidents
7 Personnal and machines safety
• Machine-related factors
- Inadequate guards
- Sophisticated type of control and supervisory systems
- Inherent machine hazards (reciprocal motion of a machine, suddenstarting or stopping)
- Machines not suited to the application or environment (sound alarmsdeadened by the noise of surrounding machinery)
• Plant-related factors
- Movement of personnel (automated production line)
- Machinery from different sources and using different technologies
- Flow of materials or products between machines
- Varying degrees of physical danger to the user
- Stoppage of the machine involved
- Stoppage of similar machine installations for inspection, for example
by the Health and Safety Inspectorate
- Alterations to make machines comply with regulations wherenecessary
- Change of personnel and training new personnel for the job
- Damage to the company brand image
Trang 67.3 European legislation
7 Personnal and machines safety
7.3 European legislation
The main purpose of Machinery Directive 98/37/EC is to compelmanufacturers to guarantee a minimum safety level for machinery andequipment sold within the EU
To allow free circulation of machinery within the European Union, the ECmarking must be applied to the machine and an EC declaration ofcompliance issued to the purchaser
This directive came into effect in January 1995 and has been enforcedsince January 1997 for all machines requiring compliance
The user has obligations defined by the health and safety directives89/655/EEC which are based on all standards
v Introduction
The harmonized European safety standards establish technical specificationswhich comply with the minimum safety requirements defined in the relateddirectives
Compliance with all applicable harmonized European standards ensurescompliance with the related directive
The main purpose is to guarantee a minimum safety level for machineryand equipment sold within the EU market and allow the free circulation
of machinery within the European Union
v Three groups of European standards
Trang 77.3 European legislation
7 Personnal and machines safety
The figure 6lists the main European safety standards
EN ISO12100-1, -2 A Machinery safety - basic concepts, principles for
designPart 1 TerminologyPart 2 principles
EN 574 B Two-handed control devices - design principles
EN 418 B Emergency stop equipment - design principles
EN 954-1 B Safety-related parts of control systems - design
principles
EN 349 B Minimum gaps to avoid crushing of human body
parts
EN 294 B Safety distances to prevent danger zones being
reached by the upper limbs
EN 811 B Safety distances to prevent danger zones being
reached by the lower limbs
EN 1050 B Machinery safety - Principles for risk assessment
EN 60204-1 B Machinery safety - Electrical equipment of machines
Part 1: general requirements
EN 999 B Positioning of protective equipment in respect of
approach speeds of body parts
EN 1088 B Locking devices associated with guards - design
and selection principles
EN 61496 B Electro-sensitive protective equipment
Part 1 general requirementPart 2 particular requirement for light barrier
EN 1037 B Prevention of unexpected start-up
EN 60947-5-1 B Switching for LV electromechanical control circuits
N 842 B Visual danger signals - General requirements,
design and testing
EN 201 C Safety requirements for injection moulding machines
for plastics and rubber
EN 692 C Safety requirements for mechanical presses
EN 693 C Safety requirements for hydraulic presses
EN 289 C Safety requirements for moulding machines by
compression and by transfer
EN 422 C Safety requirements for design and construction of
moulding machines by metal blowing
EN 775 C Manipulating industrial robots - safety requirements
EN 415-4 C Packaging machines
Part 4: palletisers - safety requirements
EN 619 C Safety and EMC requirements for equipment for
mechanical handling of unit loads
EN 620 C Safety and EMC requirements for fixed belt
conveyors for bulk material
EN 746-3 C Industrial thermo processing equipment
Part 2: Safety requirements for the generation anduse of atmosphere gases
EN 1454 C Safety requirements for portable disc cutting
machines with thermal motor
A Fig 6 Some machinery safety requirements
Trang 8
7.3 European legislation
7 Personnal and machines safety
v EN 954-1 Safety related parts of Control systems
Standard EN 954-1 “Safety related parts of control systems” came intoforce in March 1997 This type B standard stipulates the safety-relatedrequirements for control systems It specifies their categories anddescribes the characteristics of their safety functions
In type C standards, these parts of the system are called categories
In this standard, performance of safety-related parts with regard tooccurrence of faults is classified in five categories (B, 1, 2, 3, 4) Anupgrade (prEN ISO 13849-1) is in the planning stage
• Fault categories ( C Fig.7)
7
A Fig 7 The five fault categories
A Fig 8 Choice table
B A fault can lead to loss of the safety Component selectionfunction
1 As for category B but higher reliability Component selectionrequired of the safety function
2 A fault can lead to loss of the safety Self-monitoringfunction between inspection periods
Loss of the safety function is detected
by the control (at each test)
3 For a single fault, the safety function is Redundancyalways ensured
Only a few faults will be detected
Accumulation of undetected faults can lead to loss of the safety function
4 When faults arise, the safety function is Redundancy + self-monitoringalways ensured
Faults will be detected
in time to prevent loss of the safety function(s)
- F : Frequency and/or exposure to a hazard
- P : Possibility of preventing accident
Resulting categories define resistance to faults and the behaviour ofcontrol systems in the event of a fault (C Fig 8)
S Accident result
S1 Slight injury S2 Serious or permanent injury to or death of a person
F Presence in the danger zone
F1 Rare to fairly frequent F2 Frequent to permanent
P Possibility of preventing accident
P1 Possible in certain circumstances P2 Virtually impossible
Trang 9
7.3 European legislation
7 Personnal and machines safety
To illustrate those concepts we present an assessment of risk in ahydraulic press with manual materiel feeding (C Fig 9)
- Seriousness of injury: S2 since serious permanent injury could occur.
- Frequency and exposure time: F2 since the operator is permanently
present
- Possibility of avoiding the hazard: P2since it is virtually impossible to
avoid
The result on the risk graph is category 4
To supplement this example we will select the guard locking devices (EN 1088 standard)
In this example (C Fig 10) the diagram conforms to category 4 Whenfaults occur, they are detected in time to prevent loss of the safetyfunction
v Functional safety and safety integrity level (SIL)
New technologies help to make savings which can be achieved byimplementing an intelligent safety strategy This standard takes into accountthe use of these new technologies in safety products and solutions andprovides guidelines to calculate the probability of failures
More and more devices and products dedicated to machinery safety nowincorporate complex programmable electronic systems
The complexity of these systems makes it difficult in practice to determinethe behaviour of such safety devices in the event of a fault This is whystandard IEC/EN 61508 entitled “Functional safety of electrical, electronicand programmable electronic systems” provides a new approach byconsidering the reliability of safety functions
It is a basic safety standard for industry and the process sectors
IEC/EN 62061 stipulates the requirements and makes recommendationsfor the design, integration and validation of safety-related electrical,electronic and programmable electronic control systems (SRECS) formachinery within the framework of IEC/EN 61508
EN 62061 is harmonised with the European Machinery Directive
The Safety Integrity Level (SIL) is the new measure defined in IEC 61508regarding the probability of failure in a safety function or system
A Fig 9 Assessment of risk in a hydraulic press
A Fig 10 Guard locking application
Trang 10
7.3 European legislation
7 Personnal and machines safety
• Definition of Functional Safety according to IEC/EN 61508
Functional safety is a part of the overall safety of equipment under control(EUC)
It depends on the correct functioning of safety-related systems whichinclude electrical, electronic and programmable electronic parts and otherexternal risk reduction devices
• Safety Integrity Level (SIL)
There are two ways to define the SIL, depending on whether the safetysystem is run in low demand mode or in continuous or high demandmode (C Fig 11) The scale of functional safety is on 4 levels, from SIL1
to SIL4, the latter having the highest level of safety integrity
Safety is achieved by risk reduction (IEC/EN 61508) (C Fig.12) Theresidual risk is the risk remaining after protective measures have beentaken, Electrical, Electronic and Programmable Electronic safety-relatedsystems (E/E/EP) contribute to risk reduction
Safety integrity levels estimate the probability of failure For machinery,the probability of dangerous failure per hour in a control system isdenoted in IEC/EN 62061 as the PFHd (C Fig.13)
7
A Fig 12 Position of standard EN 61508 and related standards
A Fig 11 Risk reduction
Trang 11
7.3 European legislation
7 Personnal and machines safety
IEC 61508 considers two modes of operation:
- high demand or continuous mode – where the frequency of demandmade on a safety-related system is greater than one per year orgreater than twice the proof test frequency,
- low demand mode – where the frequency of demand made on asafety-related system is no greater than one per year and no greaterthan twice the proof test frequency
IEC/EN 62061 does not consider the low demand mode to be relevant formachinery safety
SIL 4 is not considered in IEC/EN 62061, as it is not relevant to the riskreduction requirements normally associated with machinery
Safety integrity levels are calculated by the probability of failure l which isexpressed as follows: λ= λs+λdd+λdu
where:
λsrate of safe failures
λddrate of detected dangerous failures
λdurate of undetected dangerous failures
In practice, dangerous failures are detected by specific functions
The calculation of the PFHd, for a system or subsystem depends onseveral parameters:
- the dangerous failure rate (λd) of the subsystem elements,
- the fault tolerance (i.e redundancy) of the system,
- the diagnostic test interval (T2),
- the proof test interval (T1) or lifetime whichever is smaller,
- susceptibility to common failures (λ)
The graph (C Fig 14)illustrates IEC/EN 61508-5 and the graph (C Fig 15)
the risk parameters
Safety integrity High demand or continuous mode of operation Low demand mode of operationlevel (Probability of a dangerous failure per hour) (Average probability of failure to perform its design function on demand)
A Fig 13 SIL integrity level
A Fig 14 Risk graph
Trang 12
7.3 European legislation
7 Personnal and machines safety
7
Consequences (C) C1 Minor injury 1 The classification system has been developed to deal with injury and death
C2 Serious permanent injury to people Other classification schemes would need to be developed for
to one or more persons, environmental or material damagedeath to one person
C3 Death to several people 2 For the interpretation of C1, C2, C3and C4, the consequences of the accidentC4 Very many people killed and normal healing shall be taken into account
Frequency of, and F1 Rare to more often 3 See comment 1 aboveexposure time in, the exposure in the
hazardous zone (F) hazardous zone
F2 Frequent to permanent exposure in the hazardous zonePossibility of avoiding P1 Possible under certain 4 This parameter takes into account:
the hazardous event (P) conditions • operation of a process (supervised (i.e operated by skilled or unskilled persons)
or unsupervised),P2 Almost impossible • • rate of development of the hazardous event (for example suddenly, quickly or
• actual safety experience (such experience may exist with an identical EUC
or a similar EUC or may not exist)
Probability of the W1 A very slight probability that 5 The purpose of the W factor is to estimate the frequency of the unwanted unwanted occurence (W) the unwanted occurences will occurrence taking place without the addition of any safety-related systems
come to pass and only a few (E/E/PE or other technology) but including any external risk reduction facilitiesunwanted occurrences are likely
W2 A slight probability that the 6 If little or no experience exists of the EUC, or the EUC control system, or of aunwanted ocurences will come similar EUC and EUC control system, the estimation of the W factor may be
to pass and few unwanted made by calculation In such an event a worst case prediction shall be madeoccurrences are likely
W3 A relatively high probability that the unwanted occurrences willcome to pass and frequentunwanted occurrences are likely
A Fig 15 Risk parameters (example in IEC/EN 61508 )
A Fig 16 Assessment process
The figure 16shows the process of risk assessment for a machine