Risk assessment: How do I weight manufacturing hazards that I’ve found?

The risk involved with a given machine or process depends on what bad things can happen, and how likely they are. This risk analysis tutorial explains how to weight hazards.


As engineers, we are trained to design systems based on quantitative physical models based on careful measurements. We are, however, often faced with situations where quantitative data is unavailable and measurements are difficult or impossible to make. Risk assessment provides a prime example of this difficulty. Of course, the fact that risk analysis is a critical component of what we do just makes the situation harder.

Risk attributed to a failure mode is the product of the risk’s severity times the probability that it will occur. Source: RWD Technologies and Control Engineering

Conceptually, risk assessment is quite simple, as the accompanying sidebar (See Quantitative risk assessment, below) shows. If there are a given number of ways the system can fail, and each failure has foreseeable consequences, it’s a simple matter of forming a vector representing the failure consequences, and another representing the probabilities of the failure modes, and taking the scalar product of the two vectors.

The devil, as usual, is in the details. First, the consequences of each failure mode would have to be quantified. Since the severity of these consequences is highly subjective, assigning a quantitative value to its severity is difficult, to say the least.

Henry Ford has been apocryphally quoted as once saying: “If you don’t break a few axles once in a while, you’re making them too strong.”

Motorists stranded on dirt roads in the Mojave Desert when the axles on their Model T Fords broke were known to take issue with this statement.

Henry Ford supposedly put a low value on the consequences of Model T axle failures. The stranded motorists put it much, much higher.

Probabilities are much easier to quantify reliably. Just keep records of all the failures, and divide the number of failures by a usage measure. Suppose you record 525 axle failures on Model Ts that ran a total of 750,000 miles. You could easily calculate that the axle-failure probability was 0.07 percent per vehicle mile, or 700 ppm. If you decide that’s just not acceptable, and improve Model T axle strength, however, it won’t be of much comfort to the 525 motorists whose axles broke while you collected data.

Five standards, promulgated by different organizations provide guidance on methods by which engineers can qualitatively classify risks:

  • ANSI B11-TR3-2000 – Technical Report; Risk Assessment and Risk Reduction – A Guide to Estimate, Evaluate and Reduce Risk Associated with Machine Tools
  • ANSI/RIA R15.06-1999 – American National Standard for Industrial Robots and Robot Systems – Safety Requirements
  • ISO 12100-1:2003 – Safety of Machinery – Basic concepts, general principles for design – Part 1: Basic terminology, methodology
  • ISO 14121–1:1999(E) – Safety of Machinery – Principles of risk assessment
  • EN 954-1 – European Standard – Safety of Machinery

ANSI B11.TR3-2000 provides the decision matrix shown in Table Estimating the Level of Risk. This table divides the severity of harm into four categories, and provides four probability levels as well. At each row/column intersection, it provides a category of risk running from negligible to high.

While these standards provide a method for assessing risk, they do not provide the knowledge required to make the assessment. That is, the knowledge needed to say that a particular failure mode falls into the “Moderate” severity of harm column, or which probability row to assign it to. That knowledge must come from outside the standard. You get it from well informed engineers having expertise with both risk assessment in general, and the particular type of equipment involved.

Some companies have that expertise in house. The manufacturer of a bottle-capping machine, for example, should have the expertise to list the possible failure modes associated with that machine, as well as their severity. They should also be able to assess the probability of that failure in their test cell under their final-test conditions.

They cannot, however, be expected to know how probable a failure might be on your production floor. It will be different. It might be higher, or lower, but it will be different. There are just too many unknowns for them to predict, such as:

  • What guards will be installed around the machine?
  • How well trained are your operators and maintenance personnel?
  • How closely does your management supervise operation and maintenance activities to ensure that guards are kept in place, and interlocks are not bypassed?
  • How well maintained will the equipment be to ensure that safety systems are kept at optimum performance?

While risk assessments can, and should, be made during the system’s design and fabrication, there should be another risk assessment made upon system installation. Assessments should be renewed on a regular basis, such as annually, throughout the system’s life, because its condition will change with age, and failure probabilities will change as well.

While the equipment manufacturer should provide initial risk assessment for the system, and customer companies should insist that a risk report be delivered as part of the equipment’s documentation, it is up to the customer to assess risk in the final production environment. Again, some companies have this expertise in house. This in-house expertise, however, usually is in engineering groups that are tasked with other time-consuming jobs as well. Many companies simply do not have this in-house exprtise.

Thus, it is often wise for automation customers to go to third-party consultants to conduct risk assessments. Some standards and regulatory agencies provide guidance – in the form of lists of qualified risk assessment professionals – to whom automation customers can turn for help. They will not, however, provide actual recommendations. It is up to the customer to choose a risk assessment consultant through their usual supplier-vetting process.


Estimating the level of risk

Severity of harm
Probability of occurrence of harmCatastrophicSeriousModerateMinor
Very likelyHighHighHighMedium

Quantitative risk assessment

Risks involved with a particular automatic machine installation arise from a number (N) of possible events. Conceptually, the analysis follows the convolution model shown in equation 1:

R = a1P1 + a2P2 + … + aNPN,            [1]

where R is the total risk, ai is a weighting factor quantifying the severity of the damage incurred if the ith event actually happens. The Pi values represent the probability that the ith event will happen. The ai values, once set, are consistent throughout the system’s life, but the Pi values change as things like guarding, physical location, etc. change.

The difficulty arises because assigning ai values is highly subjective, and evaluating the probabilities takes a great deal of empirical data, which may or may not be available. Recognizing these difficulties, current standards do not require an actual quantitative risk assessment. Instead, they provide guidance to mitigate risk to acceptable levels in a qualitative way.

Scott Krumwiede, manager, RWD Technologies, contributed to this tutorial.

For more on equipment safety, visit the Siemens Website at www.sea.siemens.com/safety.

For more on risk assessments, visit the RWD Technologies Website at www.rwd.com.

Also read:

- Manufacturing risk mitigation, re-assessment, and the future - Tutorial: The first pass at making a risk assessment looks at the machine in its raw condition – without interlocks, guards, and other safety features. This allows us to clearly identify the possible failure conditions, and how likely they are to arise on their own. The second step is to...

- Risk assessments: Use consensus standards to help identify, evaluate, mitigate hazards - Risk assessments are among the best tools available for plants to use to promote workplace safety. They are a means for scrutinizing a process or piece of equipment to identify hazards, determine the severity of those hazards, and eliminate them or mitigate them to a tolerable level. Here are five major standards are currently associated with risk assessment, and one more you should know.

- Risk assessments: Following these simple steps helps make safety a habit - Making safety a priority just makes good business sense. But is it really a habit at your place? The U.S. Occupational Safety and Health Administration (OSHA) thinks it should be. Over the past year or so, the agency has shown renewed interest in workplace safety—and also in one of the primary tools available for promoting it: the risk assessment. See the four phases of risk assessment.

The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
HMI effectiveness; Distributed I/O; Engineers' Choice Award finalists; System Integrator advice; Inside Machines
Women in engineering; Engineering Leaders Under 40; PID benefits and drawbacks; Ladder logic; Cloud computing
Robotic integration and cloud connections; SCADA and cybersecurity; Motor efficiency standards; Open- and closed-loop control; Augmented reality
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. As we know, PLCs aren’t the only option for making decisions in a control loop, but they are likely why you’re here.
This digital report explains how motion control advances and solutions can help with machine control, automated control on assembly lines, integration of robotics and automation, and machine safety.
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
Cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me