Business and Design Benefits of Integrated Safety and Control

By Control Engineering Staff September 13, 2005

To access a free white paper from Siemens detailing the evolution and business advantages of machine safety, click here .

Integration of safety and control has been a major topic of discussion in manufacturing over the past few years. To find out how OEMs view the debate, we focused on an OEM of packaging machinery—Cloud Packaging Solutions—for whom safety has long been a critical component due to high amounts of user interaction with their products and the ever-increasing number of global safety standards.

Cloud Packaging Solutions, based in Des Plaines, IL, is a major manufacturer of high-speed packaging machinery. In the late 1950s the company developed the original horizontal form fill seal-style packaging machine—a technology that is still in use today. Cloud Packaging sells its products globally—50% domestic and 50% international.

We spoke with Todd Hartman, senior electrical engineering at Cloud Packaging Solutions, to get a feel for how Cloud Packaging has managed the incorporation of safety into its machines. Hartman has been with the company for more than 25 years, bearing witness to the evolution of machine control safety systems.

Tell us about how Cloud Packaging is using integrated safety systems. Integrated safety solutions are used in the more complex machines we’re building. Most recently we used integrated safety in a machine with 17 axes of motion, which results in fairly complex safety system requirements. We needed a safety system on this machine that could bring all of these axes down rapidly and in a coordinated fashion, but safely—both for the operator and for the machine.

Our machines are hard guarded and interlocked with solenoid latching. Emergency stops are triggered by e-stop buttons or a failure in a process (for example, if a servo drive fails catastrophically). A section of the machine with 17 axes of motion is ATEX certified (explosion proof), therefore we had to build-in areas with purge control. If the purge control alarms, all power is shut off and the machine is brought to a safe stop.

Were customer requirements behind the use of integrated safety on this complex machine? CE standards, which are quite rigorous and becoming more commonly accepted here in U.S., drove the choice of integrated safety for this machine. In the last few years we’ve seen several new standards concerning safety and risk assessment here in U.S. and I believe we’ll soon see a more unified set of standards throughout the world. It’s been a radical change here in the U.S. from the old-style methodology for safety on machinery.

Since the CE standards came into play, the responsibility has been on the machinery manufacturer to ensure that the machines they provide are safe for use and will not cause undue risk to the operator of the equipment.

Prior to the availability of integrated safety, the safety control system would be made up of a series of safety relays that would have long strings of operator inputs or guard switches wired into the safety relays. Some of the machines we made would have five or six of these safety relays, which were not inexpensive pieces of equipment and they had complex wiring in between them to ensure the reliability and safety of the system. Additionally, for each individual device you’d have diagnostic wiring from each of the safety relays back to the PLC. This setup led to a very convoluted wiring plan for the safety system. Because of the long string of wiring to each individual device, miswiring was very common. And with the two sets of wires coming back from each device—one for diagnostics and one for safety—if there was miswiring, the diagnostics might not be telling you the truth.

With integrated safety, you have just one set of wires or, at most, two sets coming back from each input (e-stop, contactor, or guard switch), going straight to the PLC and functioning as your diagnostic and safety input. With the simpler wiring, there’s much less likelihood of miswiring.

Also, with one single contact coming back to the PLC, it’s easy to do diagnostics because the diagnostics are also your safety signal. If there is any miswiring with an integrated safety system, it’s very obvious. For example, if you are doing redundant signals from each input device, both of the signals have to be true for the logic to be true. If either one is not true, the logic is false. You can see this right at the device I/O card.

What Siemens systems are used in your packaging machinery? The SIMATIC S7300F family of failsafe controllers, Siemens e-stop buttons and contactors, Masterdrives, Micromaster variable frequency drives, and SIMATIC HMI. There’s been a lot of discussion in the industry recently about integrated safety and control versus keeping the two separate. How do you view this debate? To me, the only reason for using two separate control scenarios is in fairly simple systems—such as a machine with one e-stop button and two guards. In these cases, it’s more cost efficient to use two separate systems. But if the machine is any more complex than this, with multi-axis servo systems, for example, you get into more complex needs for your safety system.

What’s happening with safety now is the same thing that’s already happened with motion control. It used to be that motion was always treated separately from the control system, but a great percentage of machines now are doing motion on a platform with control logic integrated. This integration does away with a lot of the interconnected wiring and interconnected communications, which always seemed to be one more thing that could cause problems.

To those who believe that if safety and controls are not separate, it’s not safe, I would counter by saying the cross diagnostics built into high-end safety PLCs are certified to always stop in a reliable fashion if there’s a failure. And that’s the key to any safety system—incredibly high reliability and failing to a known safe condition. These safety PLCs do that.

From an OEM point of view, what are the business benefits of using a system with integrated safety and controls?

If another OEM were considering using integrated safety in its machines, what recommendations would you give? I would say that if you are building machines with large safety systems or complex tasks to complete in the safety system, then integrated safety should be considered. It provides a much easier check procedure when bringing a machine up for the first time because of the reduction of miswiring. It also reduces the odds of a machine going out to a customer with a safety system that might not operate as designed.

I would also caution that there are not many suppliers of truly integrated safety systems out there. Those systems that aren’t true are built with secondary devices with higher end communications added on to bring the safety system into the PLC. But that only solves a small part of the problem. A truly integrated system, like Siemens Safety Integrated, has the entire safety system built into the PLC, and it programs under one environment.

To access a free white paper from Siemens detailing the evolution and business advantages of machine safety, click here .