Machine Safety: For a safe machine, I’ll just install a small safety PLC
To mitigate a machine hazard, might it work to install one small safety PLC, then slave the other distributed standard PLCs to the safety PLC? Would that avoid the need for a risk assessment for the whole machine and create compliance? The answer is no. At least seven steps follow a risk assessment.
“Have you heard the one about a manufacturing plant discussing options on how to modify an existing machine’s architecture and how to mitigate a hazard? They’re actually evaluating someone’s plan to install one small safety PLC for this hazard and to slave the other distributed standard PLCs to the safety PLC. Therefore, we won’t have to do a risk assessment of the whole machine and we’ll be in compliance”!
This is not a joke! I’ve seen this story unfold multiple times over the past 10 years.
An applications approach as described above does not attempt to identify all hazards and mitigation plans on a machine. And, I would argue that the machine is completely unsafe. A complete solution following a risk assessment could involve:
- Redundant components, sensors, actuators, etc.
- Safety certified components to different Cat levels
- Redundant cabling
- Additional state monitoring
- Safety certified software
- Validation & documentation
- An updated risk assessment
- ... and more.
It is commonly understood today that a risk assessment forms the foundation for design / modification. All hazards need to be identified and mitigated on a machine one by one to acceptable levels. Okay, there are some folks out there that simply require a machine (and all of its hazards) to be mitigated to meet one Category, such as Cat 2 or Cat 3. When this happens a risk assessment is still required and many of the hazard mitigation solutions could well be over-engineered with a costly investment.
Is there any valid excuse for not performing a risk assessment today? No! Machine standards and regulations do not provide conditions on how to avoid completing the required risk assessment for each machine. And, simply slaving existing standard PLCs on a machine to a safety PLC does not meet the requirements for the safety related parts of a control system (SRP/CS).
Or more simply said, it does not meet the requirements for the safety-related circuits!
Has this presented you with any new perspectives? Add your comments or thoughts to the discussion by submitting your ideas, experiences, and challenges in the comments section below.
Contact: http://www.jbtitus.com for “Solutions for Machine Safety”.
- Events & Awards
- Magazine Archives
- Digital Reports
- Global SI Database
- Oil & Gas Engineering
- Survey Prize Winners
- CFE Edu