Taking advantage of the new Machine Safety Directive
Author : Paul Considine, Wieland Electric
27 July 2010
The EU Machinery Directive may be seen by some as a nuisance but in fact it introduces opportunities for improving both safety and productivity.
Up to the end of 2011 machine owners and manufacturers have the choice of complying with the old Machine Safety Directive, based on EN 954-1, or the new one, in compliance with EN ISO 13849-1 or EN (IEC) 62061. And it is almost inevitable that any new legislation has implications for machine producers and end users. For example, some time will have to be devoted to getting to grips with the new legislation and there may even be some small increase in costs. So it’s easy to see why many machine owners are tempted to stick with the old EN 954-1 standard for as long as possible. And they can do so legally until 31st December 2011.
However, those that do could be missing the opportunity to take advantage of what, in my opinion, is a better standard that will increase safety in the workplace and bring other benefits besides. These benefits, including wider use of programmable safety relays, improved system design and faster rectification of faults, are discussed in more detail below.
The need for a new Machinery Directive has been brought about by the changes in technology that have been applied increasingly to ensuring and managing machine safety. Currently in the UK, the ‘old’ Machinery Directive 98/37/EC is implemented through the Supply of Machinery (Safety) Regulations 1992 to ensure compliance with EN 954-1. However, EN 954-1 hasn’t kept pace with the changes in the industry, so it has been necessary to update the regulations accordingly.
In particular, EN 954-1 focuses on calculated risk using a simple category system, whereby system behaviours are set against categories. The issue is that the wider implementation of programmable electronics in safety systems means that such a simple system is no longer appropriate. So essentially the new Machinery Directive brings the regulations into line with what is already current practice and has the potential to improve safety.
In addition, the new systems that comply with EN ISO 13849-1 or EN (IEC) 62061 will be able to provide information on the probability of failure, enabling potential problems to be nipped in the bud before they become actual problems.
It’s also worth noting that while any machines that are purchased now don’t have to comply with EN ISO 13849-1, any changes to those machines in the future may necessitate issuing a new Declaration of Conformity to the Machinery Directive which, assuming it’s after 2011, will require compliance with EN ISO 13849-1 anyway. And there’s a good chance that any such modifications will prove to be more expensive than it would have been to purchase a compliant machine in the first place.
Plus, there are additional commercial reasons for taking on the new standards as soon as possible. In the past where European regulations have been phased in, different EC members have responded in different ways, so adopting the new regulations will increase the likelihood of acceptance throughout Europe – and beyond. Ultimately, this could also have a bearing on CE marking. This is clearly an important consideration for those companies targeting global markets and multi-national end users that would like to standardise their machinery configuration across the entire portfolio.
Putting safety first
Clearly safety has to be at the top of everyone’s agenda and the new standards offer many benefits in this respect. It is accepted within the new Machinery Directive that zero risk is not achievable in the real world, but that arriving at an acceptable residual risk is feasible. In practical terms, this means that safety control systems must either be designed to ensure the probability of functional errors is acceptably low – or that any errors should not bring about a loss of the safety function if the former cannot be achieved. And that’s where the harmonised standards come in.
EN ISO 13849-1 takes its core from the familiar categories in EN 954-1:1996 by examining complete safety functions, including all the components involved in their design. However, it goes beyond this qualitative approach to include a quantitative assessment of the safety functions, based on a performance level (PL) that builds on the category approach.
The standard also describes how to calculate the PL that can be achieved when several safety-related parts are combined into one overall system. Any deviations from EN ISO 13849-1 are referred to IEC 61508.
As noted above, EN ISO 13849-1 will be operated in conjunction with EN 62061, which is a sector-specific standard under IEC 61508. Based on quantitative and qualitative examinations of the safety-related control functions, it describes the implementation of safety-related electrical and electronic control systems on machinery. It also examines the overall life cycle from the concept phase through to decommissioning.
In EN 62061, the performance level is described through the safety integrity level (SIL) and the safety functions identified from the risk analysis are divided into safety sub-functions. As a safety-related control system is made up of several subsystems, these safety sub-functions are assigned to the actual devices (hardware or software) that are the subsystems or subsystem elements. The safety-related characteristics of these subsystems are described through the SIL and Probability of Dangerous Failure Per Hour (PFHD) parameters.
In touch with the programme
Another key advantage of EN ISO 13849-1 is that it enables much wider use of programmable safety relays. At the same time, these programmable products are becoming considerably more affordable, even for smaller projects. All of which creates opportunities for significant cost-savings when compared to stand-alone relays, as well as higher levels of safety.
The associated time and cost savings from programmable safety relays begin at the early design stages and go right through to everyday operations. For instance, when designing a system within specially designed software the safety circuits can be tested before even going to site. In contrast, when using stand-alone safety relays in systems with interlocking between just a few sub-systems, considerable time is required on site to test and re-test the hard-wiring.
Similarly, working out the hard wiring feedback protocol is very complex using traditional methods whereas a flexible logic editor will flag up potential problems so they can be designed out.
In parallel, programmable safety relays simplify the wiring enormously, as all of the components are simply wired back to a central I/O point. Thus, it avoids the extensive wiring required to provide feedback loops and interconnecting terminals that is the norm with stand-alone relays. A major benefit of this is that installation time is greatly reduced, which should have an impact on the overall cost of the project.
As a consequence of this, the overall number of sub-systems is reduced which ties in well with one of the key objectives of the Machinery Directive, as it is widely accepted that the more complex a system is, the more likely it is that faults will occur. In this way, a switch to programmable safety relays reduces the risk of faults and helps to achieve higher performance levels, as detailed in EN ISO 13849-1.
In addition, programmable systems offer constant test outputs to provide a complete diagnostic monitoring system that delivers cover at the highest possible level. And while it is possible to do this using stand-alone safety relays the wiring is very complex, and therefore expensive. Furthermore, programmable systems enable a full diagnosis through the software – something that can’t be done with stand-alone systems.
Newer technologies also make it possible to introduce integrated fault diagnosis into the safety-related control functions. So, rather than faults being traced manually by engineers before they can rectify them, the diagnostics can narrow down the search and often resolve the problem without calling in specialist engineers. And even when specialist input is required, the faster fault tracing means they spend less time on site, thus reducing costs.
These same principles also apply to the commissioning of the system, as the software spots any errors and helps to speed up the whole process, again saving time and money. And if the original settings are saved it is relatively easy to restore the system to its original settings if someone ‘tweaks’ a parameter and finds it doesn’t work.
Tied in to this is a full reporting structure that enables reports to be generated automatically and added to the technical file, avoiding all of the time often dedicated to producing reports manually. These reports can also be used to focus maintenance resources in the areas that most need them.
Of course, programmable safety relays have been around for some years but they have tended to be quite expensive. The take-up has also been quite slow because they could not be used with the EN 954-1 standard that is currently being phased out. However, it is now possible to exploit the benefits of high functionality systems at a sensible cost, while ensuring that all aspects of safety are continually monitored.
As the new standards come in, work by our company in this area has adopted a modular approach while also taking advantage of newer processing technologies, to drive these costs down and produce highly affordable systems. As a rule of thumb, a system using 3-4 stand-alone safety relays could achieve the additional benefits described above for around the same price, while it’s reasonable to expect significant savings in more extensive systems. And even for smaller systems many operators are finding that a slightly higher price is well worth paying for the benefits that are achieved.
Simpler compliance
As I mentioned earlier, there are now new, affordable hardware and software technologies that can greatly facilitate compliance with the new standards by making it easier to deal with the higher level of complexity that delivers the higher safety performance.
For example, the right software can provide developers and testers of safety-related machine controls with comprehensive support in the evaluation of safety in the context of EN ISO 13849-1. It enables users to model the structure of the safety-related parts of control system (SRP/CS), based on the designated architectures and, ultimately, permits automated calculation of the reliability values at various levels of detail, including that of the attained Performance Level (PL).
A practical advantage for the user is that each parameter change is reflected immediately on the user interface with its impact upon the entire system. Users are spared time-consuming consultation of tables and calculation of formulae since these tasks are performed by the software. This enables the user to vary parameter values and to assess the effects of changes with very little effort. The final results can be printed out in a summary document.
So when all of these considerations are taken into account it’s clear to me, and hopefully to the majority of people reading this article, that the new Machine Safety Directive brings sufficient advantages to make it worthwhile embracing the new standard and putting it to work.
Contact Details and Archive...