Safety Solutions on Tour

Introduction to Functional Safety

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Functional Safety Agenda

1. What is Functional Safety

2. Why Modern Safety Systems 3. Key Technologies 4. Summary

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Safety in the Workplace

Functional Safety Falling Electric Shock Temperature Noise Crushing Chemicals Radiation

Safety
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Functional Safety Definition

Random hardware faults, systematic design errors or human mistakes shall not result in a malfunction of a safety related system with the potential consequence of:
Injury or death of humans or Hazards to the environment or Loss of equipment or production

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Main Goal: Keep People Safe

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

What are Hazards on a Machine or Process?

Physical
Falling / Moving Objects Collisions Collapsing Structures

Electrical
Flashover and Burns Electrocution Wrong Connection / Loose Connection

Chemical
Explosion Fire Toxic Material Release Wrong mix of chemicals Radiation

Mechanical / Process
Pinch Points or Entanglement Abrasion, Grinding, Cutting Thermal Pressure Releasing Effects (Bursting Vessels, Jets of Gas or Liquids) Welding Torches, Gases etc.

Hazards are physical objects or chemical substances that have the potential for causing harm to people, property or the environment
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

If there are hazards ... there must be Risk Reduction

Functional safety is based on the concept of Risk Reduction A Risk Assessment is performed to quantify the hazards on a machine For each hazard, risk is reduced by adding layers of protection

Unprotected Risk

Risk Reduction #1 Design Hazard Out of Machine

Lower Risk

Risk Reduction #2 Implement Safety Guarding

Risk Reduction #3 Training on Safe Operating Procedures

Tolerable Risk

Lower Risk

Layers of Protection
Figure: Example of layered risk reduction
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Define and Quantify Risk

Risk

Consequences

Chances

Frequency

How Bad?

How Likely?
TEXT

How Often?

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Risk Same Hazard / Different Locations

Identical process incidents pose more risk in a populated area than in an unpopulated area

=
9

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Tolerable Risk
Practically impossible to drive risk to zero At some point we are willing to accept the amount of risk posed

This point is referred to as tolerable risk

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

10

Risk Estimation
A common way to quantify the amount of risk to be reduced is to use a Risk Graph
Consequence of Unwanted event
Minor injury Possible under right circumstances Exposure to hazard is rare Almost Impossible Serious injury or single death Possible under right circumstances Exposure to hazard is frequent Almost Impossible Exposure to hazard is rare Death of several persons Exposure to hazard is frequent

Frequency of Possibility to avoid Unwanted event unwanted event

Probability of Unwanted event

Very Small
Small Relatively High

Start

Death of many people

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

11

Risk Reduction

Design it out
Fixed enclosing guard Monitoring Training & supervision Personal protective equipment

Most Preferred

Least Preferred

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

12

What is the function of a Safety System? The Function of a safety system is to monitor and control conditions on a machine or process that are hazardous in themselves or, if no action were taken, may give rise to hazardous situations The Safety System runs in parallel with the Production System
Focus of Production System is throughput Focus of Safety System is protection

Control System Operating Equipment Safety System

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

13

Safety is a System View ...

Sensors
(e.g. Door Interlock)

Main Goals

Actuator(s) Logic Solver

(e.g. Safety Relay or PLC) (e.g. Motor)

Sensors
(e.g. E-Stop)

Actuator(s)
(e.g. clamp)

Sensors
(e.g. Speed Reference)

Improve Safety Simplify LOTO Improve MTTR Increase Machine Availability Improve Cost of Doing Business

Each hazard on a machine will consist of one or more safety loops that monitor and control its supply of energy
As determined by the risk assessment

Each safety product must be applied as part of a whole to effectively reduce risk
Safety is the sum of its parts and safety is only as good as its weakest link

The complexity of the inputs (sensors) and outputs (actuators) and the flexibility of the control will determine the type of logic solver
Stand-alone relay, modular relay or safety PLC
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

14

Key Takeaways
A safety system is only as effective as its weakest link.
You need to consider all aspects of the system (input, control, output) and how they work together to meet current safety standards.

Safety is about assessing the danger presented by machine hazards and designing solutions to reduce the possibility of a dangerous failure
Risk reduction with a goal of eliminating the risk or reducing it within reason (tolerable risk)

You should follow a process for developing, deploying and maintaining safety solutions
Consider using the Safety Lifecycle as a model

Your primary goal for safety is to protect employee health and safety while maintaining or increasing productivity. The Government (OSHA, NFPA,Other) is not responsible for safety systems ... You are! The government will only enforce regulations.

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

17

Questions so far...

1. What is Safety 2. Modern Safety Systems

3. Key Technologies
4. Summary

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

18

Why Safety?
Is Safety New? - NO Is Safety Important? - YES Who is Responsible? - EVERYONE Are Safety and Productivity initiatives ever at odds? Are Safety Systems or Procedures Ever Bypassed? Are people ever injured in manufacturing machinery accidents? Goals: Integrated Controls Solutions that are safer AND more productive BY DESIGN.

Safety Thinking is Evolving

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

19

Safety - Continuous Changes

New Manufacturing Processes New Design Processes New Operating Procedures New Standards and Specifications New Safety Technologies

New System Design Philosophies

Safety Specifications and Technologies Evolving
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

20

Challenging Conventions Consumer Safety Culture Expectations of populace just look at cars! Manufacturing Safety Culture
Safety makes things STOP, not GO Safety costs $$$!! Safety by luck - We are safe (repeat 1000 times) Changes introduce risks NOTHING HAPPENS Typical approach is REACTIVE An injury results in the application of a few widgets Incomplete, high variation, inconsistent not good! Manufacturers exposed to increased liability

Safety is not an Accident

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

21

Safety Drivers Global Standardization and Specification Costs of non-compliance

Insurance, OSHA violations, employee turnover, workers comp., litigation, etc.

Soft measure for Wall St.

Turnover, Best Place to Work, Insurance costs, Injury Rates

Rallying point for labor organization

Safety has a Broad Reach

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

22

Where is Your Company?

Reactive or Proactive? Safety philosophy driven from top down

Safety credo, specifications, etc.

Safety driven from the bottom up

Safety addressed on a case-by-case basis (injury by injury!)

Are formal Risk Assessments being performed? Is safety Designed In or Added On?
What is Your Company Culture?
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

23

Modern Safety Thinking Its a Culture; Its a Process; Its a design Philosophy It is a combination of people systems (procedures) and technologies (components, circuits) It is a systematic approach Not a component approach!!!
Machine Safety is like an anchor chain only as strong as the weakest link.

It is a lifecycle from system concept, through Risk Assessment, Design, Build, Start-Up, Validation, Operations and Decommissioning Safety Specifications drive the Safety Lifecycle
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

24

Safety the Bigger Picture

Safety Impacts:
Floor space/Footprint via performance (Safe Distance) Big money!! Direct Labor Content and Operator Efficiencies HUGE money!! Ergonomics Productivity (System Design considerations) Insurance Costs, Cost of Doing Business Employee Morale, Company Goodwill, Labor Relations

Safety is Good Business!

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

25

Safety Do we have a Problem? Are Safety Procedures Ever Bypassed?

Do People take the Short Cut to expedite maintenance procedures? Is LOTO (Lock Out Tag Out) always followed?

Are Safety Systems or Technologies ever Bypassed?

Are people using a Cheater Key? Note: Some systems are so poorly designed and integrated that maintenance people are forced to bypass the safety system just to get their jobs done!

?
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

?
26

Safety must be Easy and Intuitive

Safety System Design Concepts Passive System Design

Ensures the easy way is the safe way

Configurable System Design

Ensures the necessary functionality to accommodate maintenance procedures without bypassing the safety system. This approach will help to limit exposure to hazards while expediting maintenance procedures and reducing MTTR.

Lockable Safety Systems

Easy, Intuitive and Secure

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

27

Safety Application - Perimeter Guarding Example Application of safety technology based upon the Risk Assessment.
Cross functional team including Operators, Skilled Trades, Engineers, etc.

System is configured to control and manage exposure to the hazards within the work cell.
Gate Box approach Trapped key approach

Passive System Function Lockable May provide Point of Operation control via Enable pendant. Passive, Configurable, Lockable
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

28

Improved Productivity via Safety System Design

Typical Downtime Event

OK Down OK

MTTR = 12 minutes
Machine Stops Maintenance Arrives Fault Identified

LOTO

Repair Performed

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

Machine Unlocked

Machine back in Auto

Production Resumes

Repair Tested

29

Improved Productivity via Safety System Design If the safety system design meets target safety level, the safety system may be used in lieu of LOTO, reducing MTTR by ~3 minutes. Manufacturers value of 1 minute of production = $12K Average downtime events per plant per year = 3000 Value of safety solution due to improved productivity (via reduced MTTR) = $12K X 3 X 3000 = $108M/yr

Safety = Productivity = Profitability

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

30

Summary Safety is a shared responsibility we are all stakeholders! Every manufacturer must provide for a safe work environment. Well designed systems improve both Safety and Productivity. Safety is a System Solution not just components.
Integrated into the control, information and people systems

Safety is Specification Based. Leverage Internal and External application knowledge and expertise
Maintenance, Engineering, Operations, Suppliers

Single source full service safety supplier can help with comprehensive safety solutions.
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

31

Questions so far...

1. What is Safety 2. Modern Safety Systems 3. Key Technologies

4. Summary

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

32

What Makes a Product Safe?

Important Concept What makes a product safe is that it is designed using safety principles and complies with recognized safety standards What are the principles common in products designed for safety?
The Three Ds of Safety Duality, Diversity, Diagnostics All safety products are designed using a combination of the Three Ds The Three Ds are used so the system will react properly when a fault occurs (e.g. turn off outputs)

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

33

The Three Ds of Safety

Duality (Also known as Redundancy)
If one thing fails, there is another thing that can bring the system to a safe state In parallel for Inputs or in series for Outputs

Diversity
Protects against two things failing in exactly the same way at the same time Example: Using one NO and one NC set of contacts Example: Using both a high and a low input channel to a safety device

Diagnostics
Safety products spend much of their time performing self-diagnostics If a problem is detected, the system will go to its safe state and will not allow the system to be restarted until the problem is fixed Example: A safety PLC has a significantly higher degree of self-diagnostic versus a standard PLC (> 90% vs. 50%)

Two of the three methods mentioned above must be implemented to achieve Category 4 / SIL 3 Copyright 2006 Rockwell Automation, Inc. All rights reserved.

D D D
34

Processor Structure of Standard PLC

Standard PLC

Input Module

Output Module

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

35

CPU Structure of Safety PLC / 1oo2D

Safety PLC
Duality

Input Module

Diagnostics

Output Module
Diversity

Can you find the Three Ds???

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

36

Structure of a Safety Relay System

Diagnostics Diversity Duality

Can you find the Three Ds???

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

37

What Makes Safety Components Safe?

Direct Driven Contacts
Actuating force drives contacts open (breaks welds). These are the type of contacts that are in Safety Interlock Switches. Does not rely on a spring to open contacts such as a Limit switch.
Symbol Found on Switch
Welded contact isforced open when actuator is removed

Mechanically Linked
Linked means that if one contact welds, all contacts stay closed for monitoring! These types of contacts are found in Safety Contactors and relays to detect faults.

Redundant Contacts
Redundant contacts act as a back-up to each other in case a contact were to fail. This provides a higher degree of reliability Example: Two normally closed, (1) N.O. and (1) N.C., or (2) PNP outputs

Symbol Found on Front of Contactor

Tamper Resistance
Features designed into safety components inherently make the device more safe. EXAMPLE: Coded magnetic safety switches

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

38

How do I Know a Product is Safe?

All safety rated products are developed to meet specific standards for safety
EN 954-1 (Safety Categories) IEC 61508 (Safety Integrity Levels for Programmable Safety Systems) EN 1088 (Safety Interlocks)

Most safety rated products are certified by professional 3rd party organizations to demonstrate compliance to specific safety standards
Examples of third party certification organizations include TUV Rheinland, TUV Nord and BG

www.tuv.com
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

40

Questions so far...

1. What is Safety 2. Modern Safety Systems 3. Key Technologies 4. Summary

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

41

Lets take a quiz

1) Implementing a safety system will cause reduced production? 2) Safety systems are complex and require a specially certified Engineer

3) The first step in the safety lifecycle is to identify risks

4) The main goal of implementing a safety solution is to increase productivity 5) When identifying risks, you must consider the consequences, chances and frequency 6) The best engineering method for risk reduction is to deploy a safety control system 7) Who is responsible for safety? 8) One way a safety system can improve productivity is by reducing the duration of a down time event. 9) The 3 Ds of a safety product are: Duality, Diversity and Diagnostics 10) Rockwell Automation has the broadest offering of safety solutions
Copyright 2006 Rockwell Automation, Inc. All rights reserved.

False False True False True False All

True
True True
42

Questions ??

1. What is Safety 2. Modern Safety Systems

3. Key Technologies
4. Summary

Copyright 2006 Rockwell Automation, Inc. All rights reserved.

43