Detecting danger

In virtually any potentially dangerous situation in our working lives, there are two parts of the safety equation to consider: Is the hardware inherently safe? And is the way it is used safe? Too often, the fact that the hardware – and its associated firmware, connections and so on – is designated safe to the appropriate levels is considered as an end in itself. However, as Dr Martin Kidman, safety specialist at SICK UK explains, the choices involved in the way the safety equipment is used must be subject to the same scrutiny and standards

Imagine you have two bungee ropes of different lengths for two bridge locations, one at 80m high and the other 150m. Not only do these ropes comply with the highest standards, but they also have an additional safety rope in case the bungees snap. Every week, however, both ropes are packed away into the same box. You would therefore think that some extra safety precautions should be taken when choosing a rope.

The same can be said when switching between protection fields on a safety laser scanner.

Field Switching

A laser scanner is a safety device that uses a spinning infrared laser beam in combination with ‘time of flight’ measuring to form a detection field, as in Figure 1.

The output light is emitted to various points (by a rotating mirror) and then the reflections are detected sensitively. The distance is calculated by measuring the elapsed time of echoes. Protection fields can then be created for these scanners using complementary software in order to safely detect people when they enter the field. It is possible to set up warning fields for diagnostics and non-safe detection, as in Figure 2.

Although modern scanners have been around since the 1990s, in 1976 Dr Irwin Sick developed an area scanner with a V-Shaped rotating beam and special reflector.

The technology has developed ever since and every new model has extra features such as more fields, longer distances and higher resolution. One such feature is the ability to change fields whilst in normal operation, which is a useful feature for increasing both productivity and safety by reducing the need for more than one set of OSSDs and improving the automated process.

A simple way to explain this is to look at a winding machine, as in Figure 3.

Many different types of winding machine are available, but they are generally used for wrapping a material – such as tape, plastic, metal etc. – onto a spool, bobbin or reel.

At high speed, however, winders can be dangerous as they not only have a drawing in capability but may also have other hazards such as an actuated knife, for example.

A safety laser scanner could be used here to safely detect a person approaching the machine, to slow down/shutdown the energy to the drive providing the rotation and maybe activate a breaking system. However, human interaction is usually required

in modes such as:

Slow speed
Maintenance
Roll change
Splice initiation, etc.

It is therefore beneficial to be able to switch between different size fields on the safety laser scanner. However, a very important question that may be overlooked in this application is what criteria are being used in order to make the decision to switch the fields? i.e. who chooses which length bungee rope to use…?

If, for example, there was a fault in the signals telling the scanner which mode the machine is currently in, or a fault in the signal telling the scanner what speed the reel is spinning at, then depending on the interface there is a possibility that an incorrect field could be chosen. In other words, if a small field was selected for slow speed but the machine was actually running at full speed, then it is likely that the machine would have a risk associated with it that could put workers at harm and therefore not be in compliance with the latest laws.

The law requires you to do everything ‘reasonably practicable’ to protect people from harm, therefore the selection of field needs to have a safety integrity or performance level assigned to it.

What is functional safety?

In order to meet the requirements of the Machinery Directive, harmonised standards have been developed. If a hazard cannot be removed by safe design, then technical protective measures can be used by means of protective devices such as a scanner, for example, to perform safety functions.

Where the effect of a protective measure is dependent on the correct function of a control system, the term functional safety is then used, and this is where the term ‘Safety-related part of a control system’ (SRP/CS) comes from. To implement functional safety, two of the type B harmonised standards that can be used to help the designer of safety systems are EN ISO 13849 and EN 62061. If there is a type C standard for a specific machine this should be used instead. However, for the purposes of this article, only EN ISO 13849 will be considered.

EN ISO 13849

EN ISO 13849 is a two-part standard that describes the general principles, design and validation of SRP/CS.

Safety functions are defined and given a performance level requirement (PLr) via risk assessment which is measured in probability of dangerous failure per hour (1/h). The circuit can then be assessed using a combination of manufacturer’s specifications and software tools, such as SISTEMA, to see if it exceeds the assigned PLr. Performance Levels range from PLa (> 10-5) to Ple (< 107) and the graph in Figure 4 (above) is given as an example in EN ISO 13849 to determine the level required.

Safety functions

The safety function defines how the risk is to be reduced by protective measures and is to be defined for each hazard that has not been eliminated in design. An exact definition of the safety function is necessary to obtain the required safety. The type and number of components needed for the function are derived from sensors, logic units and power control elements.

So, for the winding machine example, the safety function for stopping the rotation of the reel if the protection field is disturbed could be described as follows, see Figure 5.

This example shows a typical safety function consisting of an Input, Logic and an Output. In this particular case, when the scanner protection field is infringed (Input) the OSSD outputs drop out and the safety controller (Logic) then activates the final switching device (Output). The total Performance Level can only be as high as the lowest block. The scanner is PLd, the safety controller is PLe and the two contactors achieve PLe by calculation using EN ISO 13849 and SISTEMA. Thus, this safety function can at a maximum achieve PLd.

Let us, however, consider the switching of fields in this safety function. The switching of field must be of the same performance level as the safety function for operating a stop when the protection field is infringed.

If this was not the case then we have a high integrity protective measure with a low integrity selection function. It is easier to understand if this safety function is referred to as a ‘Mode Selection’ safety function. Therefore, this function could look like the arrangement in Figure 6.

If, for example, we had a standard plc at L which has no safety PL (or SIL for EN 62061) rating then it cannot be assumed that the safety circuit meets the requirements of PLd and therefore does not comply with the Machinery Directive.

Safety solutions

There are a number of different solutions that would give a ‘mode selection’ (field switching) safety function which achieves PLd. One particular example using SICK rotary encoders and a SICK ‘Flexi Soft’ safety controller with FX3-MOC drive monitor module can be seen below, in Figure 7.

This safety function achieves PLe by using two rotary encoders to determine speed/direction of the reel, and a PLe-rated safety controller with safe encoder inputs and PLe rated outputs.

If a single Sin/Cos rotary encoder is used then PLd can be achieved.

We must apply the logic and reasoning of EN ISO 13849 to the selection and operation of the safety functions. By using appropriately rated controllers

and software to support the use of rated switching devices such as laser scanners, it is easy to achieve the appropriate rating for the whole safety circuit. Corners must not be cut!

SICK

www.sick.com/uk

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Coda-Pin

Social Icons

Button Ads

Detecting danger

Related Posts

The Future is Orange – Techsil Launch New Biocompatible Plastics Adhesive which Fluoresces Orange

Renold Couplings To Launch New Product Ranges At Drives & Controls Exhibition

Bulgin Buccaneer® connectors at Southern Manufacturing & Electronics 2013

SICK’s sHub Smart Sensor Hub Prevents Machine Downtime

Coda-Pin

Social Icons

Button Ads