You are on page 1of 40

Safety Solutions on Tour

Introduction to Functional Safety

Copyright © 2006 Rockwell Automation, Inc. All rights reserved.


Functional Safety Agenda

1. What is Functional Safety
2. Why Modern Safety Systems 3. Key Technologies 4. Summary

Copyright © 2006 Rockwell Automation, Inc. All rights reserved.


Safety in the Workplace
Functional Safety Falling Electric Shock Temperature Noise Crushing Chemicals Radiation

Copyright © 2006 Rockwell Automation, Inc. All rights reserved.


Functional Safety Definition

• Random hardware faults, systematic design errors or human mistakes shall not result in a malfunction of a safety related system with the potential consequence of:
– Injury or death of humans or – Hazards to the environment or – Loss of equipment or production

Copyright © 2006 Rockwell Automation, Inc. All rights reserved.


Inc.Main Goal: Keep People Safe Copyright © 2006 Rockwell Automation. All rights reserved. 5 .

Cutting Thermal Pressure Releasing Effects (Bursting Vessels. property or the environment Copyright © 2006 Rockwell Automation. Inc. Hazards are physical objects or chemical substances that have the potential for causing harm to people.What are Hazards on a Machine or Process? • Physical – Falling / Moving Objects – Collisions – Collapsing Structures • Electrical – Flashover and Burns – Electrocution – Wrong Connection / Loose Connection • Chemical – – – – – Explosion Fire Toxic Material Release Wrong mix of chemicals Radiation • Mechanical / Process – – – – Pinch Points or Entanglement Abrasion. Grinding. 6 . Jets of Gas or Liquids) – Welding Torches. Gases etc. All rights reserved.

If there are hazards . Inc. there must be Risk Reduction • Functional safety is based on the concept of Risk Reduction • A Risk Assessment is performed to quantify the hazards on a machine • For each hazard. All rights reserved... risk is reduced by adding layers of protection Unprotected Risk Risk Reduction #1 Design Hazard Out of Machine Lower Risk Risk Reduction #2 Implement Safety Guarding Risk Reduction #3 Training on Safe Operating Procedures Tolerable Risk Lower Risk Layers of Protection Figure: Example of layered risk reduction Copyright © 2006 Rockwell Automation. 7 .

Define and Quantify Risk Risk Consequences Chances Frequency How Bad? How Likely? TEXT How Often? Copyright © 2006 Rockwell Automation. 8 . Inc. All rights reserved.

. Inc.Risk – Same Hazard / Different Locations Identical process incidents pose more risk in a populated area than in an unpopulated area + = + = 9 Copyright © 2006 Rockwell Automation. All rights reserved.

All rights reserved. Inc.Tolerable Risk • • Practically impossible to drive risk to zero At some point we are willing to accept the amount of risk posed • This point is referred to as tolerable risk Copyright © 2006 Rockwell Automation. 10 .

11 .Risk Estimation • A common way to quantify the amount of risk to be reduced is to use a Risk Graph Consequence of Unwanted event Minor injury Possible under right circumstances Exposure to hazard is rare Almost Impossible Serious injury or single death Possible under right circumstances Exposure to hazard is frequent Almost Impossible Exposure to hazard is rare Death of several persons Exposure to hazard is frequent Frequency of Possibility to avoid Unwanted event unwanted event Probability of Unwanted event Very Small Small Relatively High Start Death of many people Copyright © 2006 Rockwell Automation. All rights reserved. Inc.

All rights reserved. Inc. 12 .Risk Reduction Design it out Fixed enclosing guard Monitoring Training & supervision Personal protective equipment Most Preferred Least Preferred Copyright © 2006 Rockwell Automation.

Inc. may give rise to hazardous situations • The Safety System runs in parallel with the Production System – Focus of Production System is throughput – Focus of Safety System is protection Control System Operating Equipment Safety System Copyright © 2006 Rockwell Automation.What is the function of a Safety System? • The Function of a safety system is to monitor and control conditions on a machine or process that are hazardous in themselves or. 13 . All rights reserved. if no action were taken.

g. Inc. Sensors (e.. clamp) Sensors (e.g.Safety is a System View . Door Interlock) Main Goals Actuator(s) Logic Solver (e. All rights reserved. modular relay or safety PLC Copyright © 2006 Rockwell Automation.g. E-Stop) Actuator(s) (e.g. 14 . Motor) Sensors (e.g. Speed Reference) • • • • • Improve Safety Simplify LOTO Improve MTTR Increase Machine Availability Improve Cost of Doing Business • Each hazard on a machine will consist of one or more “safety loops” that monitor and control its supply of energy – As determined by the risk assessment • Each safety product must be applied as part of a whole to effectively reduce risk – Safety is the sum of its parts and safety is only as good as its weakest link • The complexity of the inputs (sensors) and outputs (actuators) and the flexibility of the control will determine the type of logic solver – Stand-alone relay.. Safety Relay or PLC) (e.g.

– You need to consider all aspects of the system (input. 17 .. All rights reserved. • The Government (OSHA. deploying and maintaining safety solutions – Consider using the Safety Lifecycle as a model • Your primary goal for safety is to protect employee health and safety while maintaining or increasing productivity.Other) is not responsible for safety systems ..Key Takeaways • A safety system is only as effective as it’s weakest link. You are! The government will only enforce regulations. • Safety is about assessing the danger presented by machine hazards and designing solutions to reduce the possibility of a dangerous failure – Risk reduction with a goal of eliminating the risk or reducing it within reason (tolerable risk) • You should follow a process for developing. control. output) and how they work together to meet current safety standards. NFPA. Inc. Copyright © 2006 Rockwell Automation.

All rights reserved. Modern Safety Systems 3. Key Technologies 4.. Inc.  1.Questions so far.. Summary Copyright © 2006 Rockwell Automation. What is Safety  2. 18 .

EVERYONE Are Safety and Productivity initiatives ever at odds? Are Safety Systems or Procedures Ever Bypassed? Are people ever injured in manufacturing machinery accidents? • Goals: Integrated Controls Solutions that are safer AND more productive BY DESIGN.YES Who is Responsible? . 19 . All rights reserved. Safety Thinking is Evolving Copyright © 2006 Rockwell Automation.Why Safety? • • • • • • Is Safety New? .NO Is Safety Important? . Inc.

20 .Safety . All rights reserved. Inc.Continuous Changes • • • • New Manufacturing Processes New Design Processes New Operating Procedures New Standards and Specifications • New Safety Technologies • New System Design Philosophies Safety Specifications and Technologies Evolving Copyright © 2006 Rockwell Automation.

“We are safe” (repeat 1000 times) Changes introduce risks  NOTHING HAPPENS Typical approach is REACTIVE • An injury results in the application of a few “widgets” • Incomplete.Challenging Conventions • Consumer Safety Culture – Expectations of populace – just look at cars! • Manufacturing Safety Culture – – – – – Safety makes things STOP. Inc. high variation. not GO Safety costs $$$!! Safety by luck . inconsistent – not good! • Manufacturers exposed to increased liability Safety is not an Accident Copyright © 2006 Rockwell Automation. All rights reserved. 21 .

OSHA violations. 22 . All rights reserved.Safety Drivers • Global Standardization and Specification • Costs of non-compliance – Insurance. Injury Rates • Rallying point for labor organization Safety has a Broad Reach Copyright © 2006 Rockwell Automation. employee turnover. Inc. – Turnover. workers comp.. etc. • “Soft” measure for Wall St. litigation. “Best Place to Work.” Insurance costs.

specifications. Inc. etc. 23 .Where is Your Company? • Reactive or Proactive? • Safety philosophy driven from top down – Safety credo. • Safety driven from the bottom up – Safety addressed on a case-by-case basis (injury by injury!) • Are formal Risk Assessments being performed? • Is safety Designed In or Added On? What is Your Company Culture? Copyright © 2006 Rockwell Automation. All rights reserved.

Validation.Modern Safety Thinking • It’s a Culture. • It is a lifecycle – from system concept. Design. It’s a design Philosophy • It is a combination of people systems (procedures) and technologies (components. Build. Operations and Decommissioning Safety Specifications drive the Safety Lifecycle Copyright © 2006 Rockwell Automation. circuits) • It is a systematic approach – Not a component approach!!! – Machine Safety is like an anchor chain – only as strong as the weakest link. It’s a Process. All rights reserved. 24 . Start-Up. Inc. through Risk Assessment.

All rights reserved. 25 . Inc. Company Goodwill. Labor Relations Safety is Good Business! Copyright © 2006 Rockwell Automation. Cost of Doing Business – Employee Morale.Safety – the Bigger Picture • Safety Impacts: – Floor space/Footprint via performance (Safe Distance) • Big money!! – Direct Labor Content and Operator Efficiencies • HUGE money!! – Ergonomics – Productivity (System Design considerations) – Insurance Costs.

Safety – Do we have a Problem? • Are Safety Procedures Ever Bypassed? – Do People take the “Short Cut” to expedite maintenance procedures? – Is LOTO (Lock Out Tag Out) always followed? • Are Safety Systems or Technologies ever Bypassed? – Are people using a “Cheater Key”? – Note: Some systems are so poorly designed and integrated that maintenance people are forced to bypass the safety system just to get their jobs done! ? Copyright © 2006 Rockwell Automation. ? 26 Safety must be Easy and Intuitive . Inc. All rights reserved.

Intuitive and Secure Copyright © 2006 Rockwell Automation.Safety System Design Concepts • Passive System Design – Ensures the easy way is the safe way • Configurable System Design – Ensures the necessary functionality to accommodate maintenance procedures without bypassing the safety system. – This approach will help to limit exposure to hazards while expediting maintenance procedures and reducing MTTR. 27 . Inc. • Lockable Safety Systems Easy. All rights reserved.

28 . Configurable. • System is configured to control and manage exposure to the hazards within the work cell. etc. Lockable Copyright © 2006 Rockwell Automation. Inc. – Gate Box approach – Trapped key approach • Passive System Function • Lockable • May provide “Point of Operation” control via “Enable” pendant.Safety Application .Perimeter Guarding Example • Application of safety technology based upon the Risk Assessment. Passive. Skilled Trades. Engineers. – Cross functional team including Operators. All rights reserved.

All rights reserved. Machine Unlocked Machine back in Auto Production Resumes Repair Tested 29 . Inc.Improved Productivity via Safety System Design Typical Downtime Event OK Down OK MTTR = 12 minutes Machine Stops Maintenance Arrives Fault Identified LOTO Repair Performed Copyright © 2006 Rockwell Automation.

reducing MTTR by ~3 minutes. 30 . the safety system may be used in lieu of LOTO. • Manufacturer’s value of 1 minute of production = $12K • Average downtime events per plant per year = 3000 • Value of safety solution due to improved productivity (via reduced MTTR) = $12K X 3 X 3000 = $108M/yr Safety = Productivity = Profitability Copyright © 2006 Rockwell Automation. All rights reserved.Improved Productivity via Safety System Design • If the safety system design meets target safety level. Inc.

Inc. 31 . Suppliers • Single source full service safety supplier can help with comprehensive safety solutions. • Safety is a System Solution – not just components. All rights reserved. Engineering. Copyright © 2006 Rockwell Automation. – Integrated into the control. information and people systems • Safety is Specification Based. Operations. • Leverage Internal and External application knowledge and expertise – Maintenance.Summary • Safety is a shared responsibility – we are all stakeholders! • Every manufacturer must provide for a safe work environment. • Well designed systems improve both Safety and Productivity.

Summary Copyright © 2006 Rockwell Automation. What is Safety  2.  1.. All rights reserved. Key Technologies  4. Inc. Modern Safety Systems 3. 32 ..Questions so far.

33 . All rights reserved. Diagnostics – All safety products are designed using a combination of the Three D’s – The Three D’s are used so the system will react properly when a fault occurs (e. Inc. Diversity.g.What Makes a Product Safe? • Important Concept “What makes a product safe is that it is designed using safety principles and complies with recognized safety standards” • What are the principles common in products designed for safety? – The Three D’s of Safety – Duality. turn off outputs) Copyright © 2006 Rockwell Automation.

there is another thing that can bring the system to a safe state – In parallel for Inputs or in series for Outputs • Diversity – Protects against two things failing in exactly the same way at the same time – Example: Using one NO and one NC set of contacts – Example: Using both a high and a low input channel to a safety device • Diagnostics – Safety products spend much of their time performing self-diagnostics – If a problem is detected. All rights reserved. Inc. D D D 34 . ≈ 50%) Two of the three methods mentioned above must be implemented to achieve Category 4 / SIL 3 Copyright © 2006 Rockwell Automation. the system will go to its “safe state” and will not allow the system to be restarted until the problem is fixed – Example: A safety PLC has a significantly higher degree of self-diagnostic versus a standard PLC (> 90% vs.The “Three D’s” of Safety • Duality (Also known as Redundancy) – If one thing fails.

Processor Structure of Standard PLC Standard PLC Input Module Output Module Copyright © 2006 Rockwell Automation. 35 . Inc. All rights reserved.

All rights reserved. Inc.CPU Structure of Safety PLC / 1oo2D Safety PLC Duality Input Module Diagnostics Output Module Diversity Can you find the Three D’s??? Copyright © 2006 Rockwell Automation. 36 .

Structure of a Safety Relay System Diagnostics Diversity Duality Can you find the Three D’s??? Copyright © 2006 Rockwell Automation. 37 . All rights reserved. Inc.

Inc. This provides a higher degree of reliability – Example: Two normally closed.O. all contacts stay closed – for monitoring! – These types of contacts are found in Safety Contactors and relays to detect faults. (1) N. All rights reserved. and (1) N. 38 . – Does not rely on a spring to open contacts such as a Limit switch. – EXAMPLE: Coded magnetic safety switches Copyright © 2006 Rockwell Automation. or (2) PNP outputs Symbol Found on Front of Contactor • Tamper Resistance – Features designed into safety components inherently make the device more safe.. – These are the type of contacts that are in Safety Interlock Switches. Symbol Found on Switch Welded contact isforced open when actuator is removed • Mechanically Linked – Linked means that if one contact welds.C.What Makes Safety Components Safe? • Direct Driven Contacts – Actuating force drives contacts open (breaks welds). • Redundant Contacts – Redundant contacts act as a back-up to each other in case a contact were to fail.

Inc. All rights reserved. 40 .How do I Know a Product is Safe? • All safety rated products are developed to meet specific standards for safety – EN 954-1 (Safety Categories) – IEC 61508 (Safety Integrity Levels for Programmable Safety Systems) – EN 1088 (Safety Interlocks) • Most safety rated products are certified by professional 3rd party organizations to demonstrate compliance to specific safety standards – Examples of third party certification organizations include TUV Rheinland. TUV Nord and BG Copyright © 2006 Rockwell Automation.tuv.

. Modern Safety Systems  3. What is Safety  2. Key Technologies  4. Inc. 41 .  1. All rights reserved.. Summary Copyright © 2006 Rockwell Automation.Questions so far.

9) The 3 D’s of a safety product are: Duality. you must consider the consequences. False False True False True False All True True True 42 .Let’s take a quiz 1) Implementing a safety system will cause reduced production? 2) Safety systems are complex and require a specially certified Engineer 3) The first step in the safety lifecycle is to identify risks 4) The main goal of implementing a safety solution is to increase productivity 5) When identifying risks. All rights reserved. Inc. chances and frequency 6) The best engineering method for risk reduction is to deploy a safety control system 7) Who is responsible for safety? 8) One way a safety system can improve productivity is by reducing the duration of a down time event. Diversity and Diagnostics 10) Rockwell Automation has the broadest offering of safety solutions Copyright © 2006 Rockwell Automation.

Inc. 43 . Summary Copyright © 2006 Rockwell Automation. What is Safety 2. All rights reserved. Key Technologies 4.Questions ??     1. Modern Safety Systems 3.