Fixed and movable machine guards: Standards, selection criteria, and testing

2
Fixed, movable guards and

safety devices
Practical work to protect against risk,
new standards and how they affect the work.
Kim Dahl, Machine safety specialist, Troax AB. 2017-03-27

3
Kim Dahl
Machine safety specialist
Head of standards, Troax AB
2002 KAM, Troax DK
2006-2009 Product manager, Troax AB
2009-2012 Sales manager, Troax Nordic
2012-2015 Global sales coordinator
2015 Machine safety specialist
SIS TK 282 Machinery ISO TC 199 WG 07 Interlocking devices.

SIS TK 278 Robots and robotic devices ISO TC 199 WG 11 Permanent means of access to machinery
ISO TC 199 WG 05 design of machinery and risk assessment. ISO 14120 Project leader
ISO TC 199 WG 06 Safety distances and ergonomic aspects. ISO 13857 Project leader
ISO TC 199 WG 08 Safe Control System. Member of SIS and ISO since 2006
4
Content
Risk assessment
Standards
Selection of guards:
What shall be protected
Design and construction
Access to the machine
Documentation
New ISO 14120
Summary
5
Risk assessment
What shall we protect?
What type of environment?
Which energies shall we take

into account?
Which standards can we use?

6
Standards for guards
ISO 12100
ISO 10218
ISO 14120
ISO 13855
ISO 13857
ISO 14119
ISO 14122
7
Which objects shall we protect?

8
Is there a risk for collision?
What energies shall the fixed guard

or movable guard withstand?
5.4.2 Impact and ejection resistance

Guards shall, as far as practicable, be designed
and the material selected to withstand and
contain reasonably foreseeable impacts and
ejections according to 5.1.3.
9
Selection of guarding
The main criteria are:
the likelihood and the foreseeable degree of

injury indicated in the risk assessment
the intended use of the machine as defined in

ISO 12100
misuse and manipulation
risks; on the machine, the nature and

frequency of access
10
Selection of guarding
If practicable, the risk shall be protected
by the enclosing protection.
When enclosing fixed guard arent practical,

guard of suitable type must be selected e.g.
fixed guards, movable guards, or adjustable
guards.
Guards to protect against risks, for example,

robots must be fixed guards and interlocking
movable guards.
11
Design of guards
Safety distance is calculated based on the
mesh size in combination with the height
of the fixed and movable guard.
Fixed guard shall be designed and

constructed in such a way that climbing
isnt possible.
12
Selection of the height

of guards
Height of protection is
determined by the safety
distance to the hazardous zone.
13
Selecting the color

of the guard
Fixed guard should have
transparency and may not interfere
with the viewing. Therefore, the
choice of colour is important.
Yellow should be avoided;

difficult to find emergency stop
interferes with the transparency
of the process
14
Selection of fastening
The selection of fastenings
and tools shall be made in
according to the risk
assessment.
Fasteners which can

be easily loosened or
removed such as wing
nuts or quick couplings,
can not be used.
15
Selection of fastening
Fixed guards must be unable to
remain in place without their fixings.
The images show examples of fastener system

that do not comply with the requirements of the
Machinery Directive or ISO 1420. Fixed guard
(mesh panel) can remain in place without the bolt
is fastened.
16
Tools
A wrench or similar tool must be used to

open the fixed guard.
It is always the owner / manufacturer of

the machine, which shall develop and
provide a safe working procedure that
specifies who is authorized to dismount
the fixed guard and when fixed guard can
be dismounted.
17
Movable guards
If access is required for machine
adjustments or maintenance:
Fixed guard can be used if foreseeable

access is less than once per week.
Movable guards - for example, a door /

hatch shall be used, if access is more than
once per week. Door / hatch shall be
interlocked or interlocked and locked.
18
Interlocking devices
Interlocking device for movable guards,
is regulated by ISO 14119 and ISO
13849 determines the PL.
Important to remember is
the escape option
19
Information for use

Indicates actions to be taken before the
fixed guards are removed.
The information shall also impose

requirements on safe procedures for the
removal of guards, including the proper
use of tools and safe work procedures.
Instructions for use shall be provided as

part of the documentation for the
machine.
20
Verification of guards
Visual inspection
Practical tests
Measurements
Observation during operation
Review of risk assessment
Review of specifications,
drawings and documentation
21
ISO 14120
Scope:
New wording
New issues
Normative references has been updated to

current standards
Terms and definitions are clear and precise

in order to avoid any misinterpretation of the
standard
22
ISO 14120
Annex C
Describes the pendulum test
23
ISO 14120
Annex B Describes projectile test
24
Tests of fixed and

movable guards
Requirements from the Automotive industry
Now adopted as a testing method of ISO
Ensures that tests are carried out in a common way

across the world
The risk assessments, state the requirements for the

selection of fixed and movable guards
25
Summary
Important to follow standards
Reduces documentation
Consider the selection of fixed

and movable guards
- then you can feel safe
26
Thanks for your time.

ISSA-Section Machine and
System Safety
1st Iberoamerican Conference on
Machinery Safety
April 3rd 5th, 2017, Sao Paulo
Otto Grnemann
Overview Section MSS 1
ISSA (International Social Security Association):
www.issa.int
Founded in 1927
more than 330 member institutions in over 150
countries
International organization bringing together
institutions and organizations of all fields of social
security
Target: supporting the social security in a
globalized world by promoting high standards
in social safety and health
Headquarters of the ISSA-Secretariat in Geneva
Special Commission on Prevention (of
occupational risks) with its 13 international
Sections
coordinate and conduct activities designed to
promote prevention of occupational accidents
and diseases at the international level.
It adopts specific positions on important
prevention issues.
Section Machine and System Safety
Board:
President: Juergen Schulin, BGN Mannheim (D)
Vice Presidents:
Carlo de Petris, INAIL Rom (I)
Dr. Peter Rdin, Suva Luzern (CH)
Secretary General: Dr. Hans-Jrgen Bischoff (D)
http://www.issa.int/de/web/prevention-machines/about
Core fields of the Section MSS
Risk assessment and risk

management at the workplace
when using machines and
systems
More information:
Risks in Modern Society
(Risk Book)
http://www.springer.com/de/book/9781402082887
Core fields of the Section MSS
Guideline for machine safety in Europe (only in
German)
Machinery for Europe in compliance with European
directives and standards
Summary in
English and
German

Current project groups
Control devices
Human factor, ergonomics and safe
machines
Stop defeating of protective devices on
machines
Explosion protection
Project to start: Digital manufacturing
Project group Control Devices:
Detect and consider developments in the field of control
devices at an early stage for aspects of safety and
security on machines.
Take control devices as an important element of
machines into an integrated consideration
Co-design the international standardization if possible
and transfer new findings on an internationa level
Prepare and present expert know how practice-oriented
=> seminars => publications (safety flyers)
Seminars functional safety and validation
April 24th, 2017: Hangzhou
April 26th, 2017, Seoul
Target Group:
Occupational health and safety
managers and experts. Designers of
control systems, machine/production
line builders, engineers. Test and
certification bodies concerned about
the risks associated with machines.
Safety Flyers
Subjects published up to now:

Project group Explosion Protection:
Collection of examples: 1st
example = Mills
Dust explosion on machines and
equipment
Part 1:
Mills, crushers, mixers,
separators, screeners
Part 2:
Conveyors, transfers and
receivers
11
Information on www.stop-defeating.org:
It contains:
5 important steps each for manufacturers
dealers users
practical examples.
New project:
How does digital/smart manufacturing influence
safety + security of protective devices?
Project group
Stop defeating of Protective Devices

Interested in cooperation? Questions?
Please contact:
Secretariat General
scholl@ivss.org
Phone: +49 621 4456 2213
A NR 12 e as Normas Internacionais
AFT Aida Cristina Becker
Coordenadora CNTT NR-12
So Paulo abril 2017
CLT 1943 Ttulo II - Seco III
Segurana do trabalho
Art. 192. As partes moveis de quaisquer
mquinas ou os seus acessrios (inclusive
correias e eixos de transmisso), quando ao
alcance dos trabalhadores, devero ser
protegidas por dispositivos de segurana que
os garantam suficientemente contra qualquer
acidente.
http://www2.camara.leg.br/legin/fed/declei
/1940-1949/decreto-lei-5452-1-maio-1943-
415500-publicacaooriginal-1-pe.html
http://portal.mte.gov.br/data/files/FF8080814D5270F0014D71FF7438278E/Estrat%C3%A9gia%20Nacional%20de%20Redu%C3%A7%C3%A3o%20do
s%20Acidentes%20do%20Trabalho%202015-2016.pdf
www.hse.gov.uk/statistics/european/
NR 12 - Mquinas e Equipamentos (1978)
12.2.2. - As mquinas e os equipamentos com
acionamento repetitivo, que no tenham
proteo adequada, oferecendo risco ao
operador, devem ter dispositivos apropriados
de segurana para seu acionamento.
http://www010.dataprev.gov.br/sislex/paginas/63/mte/1978/3214.htm
DECRETO N 1.255, de 29
de setembro de 1994
Promulga a Conveno n
119, da Organizao
Internacional do Trabalho,
sobre Proteo das
Mquinas, concluda em
Genebra, em 25 de junho
de 1963
http://www.planalto.gov.br/ccivil_03/decreto/1990-1994/D1255.htm
Artigo 1
1. - Todas as mquinas, novas ou de segunda mo, movidas

por foras no-humanas, sero consideradas mquinas para
os fins de aplicao da presente Conveno.
Artigo 2
A venda, Locao, Cesso a Qualquer Outro Ttulo e Exposio
de mquinas que estiverem desprovidas de dispositivos de
proteo apropriados, devero ser proibidas pela legislao
nacional e ou impedidas por outras medidas igualmente
eficazes.
http://www.previdencia.gov.br/arquivos/office/3_081014-111357-495.pdf
1995 CCT - Mquinas Injetoras de Plstico converteu-se em uma Conveno
Coletiva. Essa primeira conveno estabeleceu as bases para uma transio na
substituio do maquinrio obsoleto ou na adaptao de dispositivos de segurana
(Anexo -PPRMI).
1996 Acordo Tripartite para Proteo em Cilindros de massa de panificao

Portaria 25/96 Anexo II NR-12- Requisitos de segurana Cilindros de massa.
1998 CCT Metalrgicos SP- Anexo PPRPS ( mais tarde unificado com PPRMI, CCT
de tratamento de superfcie/galvnicas e estendido para todo o estado de SP.
http://www.scielo.br/scielo.php?script=sci_arttext&pid=S0102-88392003000200004
http://www.padeiros.org.br/images/noticiasimg/AMassa_Cipeiros_Nov2014.pdf
http://www.segurancaetrabalho.com.br/download/ind-panificacao.pdf
Art. 2 Consumidor toda pessoa fsica ou jurdica que adquire ou utiliza
produto ou servio como destinatrio final.
Art. 3 Fornecedor toda pessoa fsica ou jurdica, pblica ou

privada, nacional ou estrangeira, bem como os entes despersonalizados,
que desenvolvem atividade de produo, montagem, criao,
construo, transformao, importao, exportao, distribuio ou
comercializao de produtos ou prestao de servios.
1 Produto qualquer bem, mvel ou imvel, material ou

imaterial.
Seo IV Das Prticas Abusivas
Artigo 39 vedado ao fornecedor de produtos e servios:

VIII) colocar, no mercado de consumo, qualquer produto ou
servio em desacordo com as normas expedidas pelos
rgos oficiais competentes (regulamentos tcnicos) ou, se
normas especficas no existirem, pela Associao Brasileira
de Normas Tcnicas (normas tcnicas) ou outra entidade
credenciada pelo Conselho Nacional de Metrologia,
Normalizao e Qualidade Industrial Conmetro.
http://europa.eu/youreurope/business/product/standardisation-in-europe/index_pt.htm
Reviso tripartite da NR -12
Trazer informaes sobre boas prticas em segurana de
mquinas;
Nova gerao de mquinas : Concepo com segurana
intrnseca da mquina ;
Adequao das mquinas existentes;
Reduo das assimetrias regionais quanto a proteo dos
trabalhadores;
Reduo dos acidentes tpicos;
Preveno de doenas;
http://www.trabalho.gov.br/seguranca-e-saude-no-trabalho/normatizacao/normas-regulamentadoras/norma-regulamentadora-n-12-
seguranca-no-trabalho-em-maquinas-e-equipamentos
Anexo IV - Glossrio
Aguardamos a publicao de Portaria com alterao do item 12.51, entre outros:
12.51. Durante a utilizao de protees distantes da mquina ou equipamento com possibilidade de alguma pessoa ficar
na zona de perigo, devem ser adotadas medidas adicionais de proteo coletiva para impedir a partida da mquina
enquanto houver pessoas nessa zona. (redao em vigor)
12.51. Sempre que forem utilizados sistemas de segurana, inclusive protees distantes, com possibilidade de alguma
pessoa ficar na zona de perigo, deve ser adotada uma das seguintes medidas adicionais de proteo coletiva para
impedir a partida da mquina enquanto houver pessoas nessa zona:
a) sensoriamento da presena de pessoas;
b) protees mveis ou sensores de segurana na entrada ou acesso zona de perigo, associadas a rearme (reset)
manual.
12.51.1 A localizao dos atuadores de rearme (reset) manual deve permitir uma viso completa da zona protegida
pelo sistema.
12.51.2 Quando no for possvel o cumprimento da exigncia do item 12.51.1, deve ser adotado o sensoriamento da
presena de pessoas nas zonas de perigo com a visualizao obstruda, ou a adoo de sistema que exija a ida zona
de perigo no visualizada, como, por exemplo, duplo rearme (reset).
12.51.3 Deve haver dispositivos de parada de emergncia localizados no interior da zona protegida pelo sistema, bem
como meios de liberar pessoas presas dentro dela.
Publicao de NT sobre robs e robs colaborativos
As normas tcnicas tipo C como a ISO 10218 partes 1 e 2 (normas que esto em fase de estudo para
publicao na verso ABNT), definem que os meios para se determinar as velocidades e distncias entre o
operador e o sistema robotizado - seja ele um modelo colaborativo ou no - e as partes de segurana do
sistema de controle devem possuir nvel de desempenho d (PL Performance Level d) com categoria de
segurana 3. Alm disso, o prprio rob para ser considerado apto para uma aplicao de Colaborao
Homem Rob deve ter suas caractersticas de segurana de acordo com o que especificado na norma ISO
10218-1:2011, pargrafo 5.4, ou seja, nvel de desempenho d com categoria de segurana 3.
Outro ponto fundamental sobre sistemas que utilizam robs que seja sempre considerada na apreciao de
riscos a clula inteira (aplicao, dispositivos, garra, rob) e no apenas o rob.
Voltando a mencionar especificamente as aplicaes utilizando robs colaborativos, onde o contato com os
seres humanos algo que muito provavelmente vai acontecer, deve-se necessariamente observar os valores
mximos de fora e presso especificados na ISO/TS 15066 (Robots and robotic devices Collaborative
robots). Alm desse cuidado, fundamental, muito importante, realizar sempre a devida apreciao de riscos,
seguindo as orientaes da norma ABNT NBR ISO 12100.
Tambm importante salientar que mesmo o rob colaborativo, independente de sua tecnologia e nvel de
segurana, no ir garantir por si s que a sua aplicao ser segura!
Complementando, esto destacadas algumas definies da norma ISO 10218-2 (Robots and robotic devices
Safety requirements for industrial robots Part 2: Robot systems and integration) sobre o trabalho
colaborativo.
Em maro foi aprovada na CTPP a reviso do texto do anexo
VIII Prensas e acrescentado item para o anexo IX- injetora
- ABNT NBR 13930 Prensas mecnicas (EN 692)

- ABNT NBR 16092-1 Prensas hidrulicas (EN 693)
- EN 12622 Dobradeiras hidrulicas
- ISO 16092 consists of the following parts, under the general
title Machine tools safety Presses:
Part 1: General safety requirements
Part 2: Safety requirements for mechanical presses
Part 3: Safety requirements for hydraulic presses
Part 4: Safety requirements for pneumatic presses
Art. 3 Acrescentam-se, ao Anexo IX, da NR-12, que dispe sobre
Injetora de Materiais Plsticos, os seguintes itens:
1.2.1.7.3. Ficam dispensadas da instalao do dispositivo mecnico
de segurana autorregulvel as mquinas fabricadas ou
importadas que atendam aos requisitos da norma ABNT NBR
13536:2016 ou da norma harmonizada EN 201.
1.2.1.7.3.1. As mquinas fabricadas a partir de 01/06/2016 devem
atender aos requisitos da norma ABNT NBR 13536:2016 e suas
alteraes, observado o disposto no item 12.5.1 desta Norma.
1.2.1.7.3.2. As mquinas importadas devem atender a norma
tcnica harmonizada EN 201, vigente em sua data de fabricao,
ou a norma ABNT NBR 13536:2016 e suas alteraes, observado
o disposto no item 12.5.1 desta Norma.
ISO 20430 - Plastics and rubber machines -- Injection moulding machines -- Safety requirements
1st Seminario Internacional
de Seguridad de Maquinaria - (SISEMAQ)
SAFE CONTROLS
INTRODUCTION TO FUNCTIONAL SAFETY (ISO 13849)
Otto Grnemann
Industrial Safety Systems
Product Marketing Services
2016 18 07
2
YOUR SPEAKER
Otto Grnemann
Manager for machinery safety

- Standards & regulations -
Since 1995 employee of SICK AG

- Industrial Safety Division -
Member of different standardization committees of

ISO IEC CEN DIN AENOR ISSA
Appointed European expert for machinery safety for the

Brasil-EU dialogos sectroriais
Otto Grnemann, SICK 04.April 2017 Page 3

RISK ASSESSMENT & RISK REDUCTION
ISO 12100 & DESIGN OF SRP/CS

SAFETY FUNCTION
DEFINITION
: Is intended to reach or to keep the safe status of a machine
: Is performed by safety related parts of control systems. (SRP/CS)
: The failure of a safety function can lead to an immediate increase of the risk
: Shall be a result from the risk assessment
: Shall include the following properties:
- Detection (signal input)
- Signal processing
- Reaction (signal output)
- in due time if required
A precise description of the required safety function is the first and most important step !

SAFETY FUNCTION
ISO 13849-1
: Safety related stop function : Control modes & mode selection
: Manual reset function : Interaction between SRP / CS
: Start-/ restart function : Monitoring of parametrization of safety
related values (inputs)
: Local control
: Emergency stop function
: Muting function
: Response time
: Hold to run
: Safety related parameters
: Enabling device
: Fluctuation, loss & restoration of the
: Prevention of unexpected start-up power supply
: Escape & rescue of trapped persons : Indications & alarms
: Isolation & energy dissipation
SRP / CS
SAFETY RELATED PARTS OF THE CONTROL SYSTEM
INPUTS LOGIC OUTPUTS

CHARACTERISTICS OF SRP/CS
: SRP/CS can consist in physical (Hardware) and virtual (Software) components
: SRP/CS can be a separate or an integrated part of the machine control system.
: SRP/CS can execute operational functions in addition to the safety functions.
(e.g. PSDI mode of a safety light curtain)
SRP/CS 1 SRP/CS 2 SRP/CS 3
I1 L1 O1 I1 L1 O1
Power
Sensor Logic I L O
elements
I2 L2 O2 I2 L2 O2

PERFORMANCE LEVEL AND SAFETY INTEGRITY LEVEL
: The degree of reliability of an SRP/CS is the ability to fulfill the required function under the
specified conditions. It is measured in the average probability of a dangerous failure per hour
(PFHD)
: ISO 13849-1 classifies this PFHD in ranges called Performance Levels PL
: IEC 62061 classifies this PFHD in ranges called Safety Integrity Levels
Performance SIL
Average probabiliy of dangerous
Level (PL) IEC 61508
failure per hour (1/h)
ISO 13849-1 EN 62061
-5 -4
a 10 to < 10 none
-6 -5
b 3 x 10 to < 10
-6 -6
1
c 10 to < 3 x 10
-7 -6
d 10 to < 10 2
-8 -7
e 10 to < 10 3
BEHAVIOR UNDER FAULT CONDITIONS
: Resistance to faults
- The system is able to perform its function without been adversely affected by
overloads or environmental situations
: Fault Tolerance
- The system is able to perform its function even if overloads or arising

environmental situations lead to a fault in its parts

HOW DO CONTROL SYSTEMS FAIL
COMPONENT FAILURES
: Random failures
- Spontaneous failure of a hardware component at any time
Solutions :
Contact does not open ! use of reliable components
over dimensioning
use of proven in use
components

RELIABILITY
FAILURE RATE
: is a parameter that describes the reliability of components and systems.
: It is the failure rate of systems the time (1/T)
: The value of (and MTTFd) depends on the quality of elements, their number, their behavior
under certain environmental conditions, the ability to withstand overloads etc . . .
Initial failures Worn-out failures
Failure rate = 1/MTFFd

Random failures
normal use
Bathtube curve
Time t
RELIABILITY
MTTFD
: MTTF is the inverse value of - mean time to a failure
MTTF = 1 /
: MTTF is the average time in which 63,2% of the applied systems fail
: MTTFD is the average time in which 63,2% of the applied systems fail to danger
100%
80%
63,2% 63%
60%
Faults
Fehler [%]
Sum of failures
40% F(t)=1-e-t
Failure (%)
20%
0%
0 5 10 15 20 25 30
Zeit [a]
MTTF=10y Time (Y)

RELIABILITY
MATERIAL FATIGUE
: Mechanical elements under dynamic or cyclic loads may fail at loads smaller than those resulting from the
traction resistance or elastic limits.
: Therefore such elements shall be designed to withstand thiis so calle Material fatigue
: Already in 1860 A. Whler stated the basics for the scientific study of the material fatigue using a
continuous oscillation tests resulting in the so called S/N or Whler curves)
Whler curve
Load /
Tension
Single or Temporal Resistant

short to fatigue
104 105 106 107 108 August Whler
N of cycles (*1819 1914)
MATERIAL FATIGUE
LESSONS LERNED ?
: 28.04.1988. Catastrophic damage of the fuselage of a Boeing 737-200 plane
Aloha Airlines 243
: After 89090 starting/landing cycles 1/3 of the cabin roof was ripped off during the flight

MATERIAL FATIGUE
LESSONS LERNED ?
: 09.07.2008. Breaking of a powered axle on a high speed train ICE Type 406 short after leaving Cologne
main station
: Design and use errors : use at the fatigue limit and with highest number of cycles
: Micro fractures caused by oscillation where not detected during routine ultrasonic tests
: The German federal train authority shortened the inspection intervals from 300.000 to 60.000 km
BAM
COMPONENT FAILURES
: Random failures
- Spontaneous failure of a hardware component at any time
Contact does not open ! Solution : redundant elements (contactor) !

AVOIDANVE OF FAILURES
REDUNDANCY AND DIVERSITY
: REDUNDANCY
- A system which presents a multiple parallel structure. In case of

failure of a component the redundant component takes over the
required
: DIVERSITY
- Is the technique of using of different elements or technologies in a

redundant system To prevent common cause failures or single fault
failures in redundant systems diversity may be used.
- Diversity helps to prevent systematic failures or unexpected

behavior of the safety control system

COMPONENT FAILURES
: Common cause failure (CCF)
- failures of different items, resulting from a single event
- these failures are not consequences of each
After an over current (e.g. short circuit)
Solution : appropriate over current protection !
Sticking (welding) of the contacts !

RESISTANCE AGAINST COMPONENT FAILURES
: Common cause failures are failures of different items, resulting from a single event but are
not consequences of each other, They may be
- Failures due to operating conditions
- Systematic or design failures.
: The resistance against dangerous failures due to common cause failures shall be taken
carefully into consideration while assessing the reliability of a SPR/CS
= =
=
COMPONENT FAILURES
: Systematic failure
- Failure related to a certain cause which can only be eliminated by modification of the
design, the manufacturing process, operational procedures or other factors
Short-circuit to +24V DC ! Solution : independent outputs !

SYSTEMATIC FAILURES
: The Mars Climate Orbiter spacecraft was destroyed the 23-9-
1999 as the result of passing Mars at only 57 km altitude,
instead of the planned 140-150 km due to friction with the
planets thin atmosphere.
: The loss of the spacecraft was due to a programming error of

the control team at JPL in Pasadena
: This team was using the imperial metric system instead of

the international one for the calculation of reentry and
trajectory parameters while the spacecraft control system
supplied by the manufacturer was designed with the decimal
metric system according NASA specifications
: The cost of the failed mission was about 650 millions of US$

STRUCTURE & REAL REDUNDANCY
: If it is required that the failure of a component shall not lead to the loss of the
safety function, a redundant structure shall be applied
: Redundancy applies to all components which could fail to danger
Failure (jamming) of the valve ! Solution : real redundancy !

STRUCTURE & REAL REDUNDANCY
SRP/CS can be designed with different structures :
: The occurrence of a fault can lead to the INPUT LOGIC OUTPUT
Interconnection Interconnection
loss of the safety function
(Single channel systems)
INPUT LOGIC OUTPUT
: The occurrence of a fault may lead to the
loss of the safety function, but shall be
detected by the test system and shall Monitoring
Test System Auxiliary-OUTPUT
generate an auxiliary output that initiates
an appropriate control action.
Monitoring
INPUT LOGIC OUTPUT
: The occurrence of a single fault does not Cross-Monitoring

lead to the loss of the safety function Interconnection Interconnection
INPUT LOGIC OUTPUT
(Dual channel systems)
Otto Grnemann, SICK 04.April 2017 Monitoring Page 24

DIAGNOSTIC MEASURES
: On a redundant system it may be required that the accumulation of failures shall
not lead to the loss of the safety function
: Diagnostic measures shall be applied to detect the failures in due time
: The ability to detect failures is estimated with the Diagnostic coverage parameter
Accumulation of undetected Failures ! Solution : external device monitoring (EDM) !

FUNCTIONAL SAFETY
DEFINITION AND PARAMETERS
: Functional safety is the ability of the safety related parts of the control system to
execute a safety function under foreseeable conditions
: This ability depends from the following characteristics:
- Reliability of the components (Quality)
- Possibility of failure detection (Diagnostic)
- Behavior in case of a failure (Structure)
- Appropriate design (Process)
: The functional safety is the engineering branch which covers the requirements and
characteristics of the safety related parts of control systems.
FUNCTIONAL SAFETY
THE SAFETY TEMPLE
:The functional safety depends on :

Probability
of dangerous failure
RESISTANCE
DIAGNOSTIC
STRUCTURE
RELIABILITY
PROCESS
ISO 13849-1
RELATIONSHIPS BETWEEN THE PARAMETERS
A table with detailed values of this figure is given at Annex K of EN-ISO 13849-1

THANK YOU FOR YOU ATTENTION.
Otto Grnemann
Product Marketing Support
Tel.: +49 7681 202 5420
Otto.Goernemann@sick.de
29
17/04/2017
1st International Seminar of Machinery Safety SISEMAQ,

Sao Paulo (Brazil) 3rd to 5th April 2017
Safcety of machinery IEC 60204-1
Patrick Gehen, Siemens , DGUV 04.April 2017
1
17/04/2017
Safety of machinery International and European Key Players
approx.
IEC/ TC 64
20 ISO product- IEC ACOS
Electrical Installations &
committees
protection against electric
Shock
IEC/ TC 44
non CEN National ISO/ TC 199 non CENELEC
Electrotechnical
Mirror Safety National Mirror
EC Machinery aspects of Machinery
Committees of Machinery Committees
Working Group Safety
CLC TC 44X
national Mirror CEN TC 114 EU Machinery national Mirror
Electrotechnical
Committees Safety Directive Committees
aspects of Machinery
in CEN of Machinery 2006/42/EC in CENELEC
Safety
approx. 40 CEN
Product
Committees
CEN Advisory
Nucleus
Machinery
consistent set of standards
Safety of machinery International and European Key Players
In European Machinery Directive Annex I
The manufacturer of machinery or his authorized representative must

ensure that a risk assessment is carried out in order to determine the health
and safety requirements which apply to the machinery
The machinery must then be designed and constructed taking into account
the results of the risk assessment
For electrical risks EN 60204-1 (identical to IEC 60204-1) applies
Thats we want to prevent
2
17/04/2017
IEC 60204-1 - Scope
Latest version: Edition 6.0 2016-10
This part of IEC 60204 applies to electrical, electronic and programmable

electronic equipment and systems to machines not portable by hand while
working, including a group of machines working together in a co-ordinated manner
The equipment covered by this part of IEC 60204 commences at the point of
connection of the supply
to the electrical equipment of the machine
Annex C lists examples of machines covered by the standard
IEC 60204-1 Examples of machines covered by this standard
Metalworking machinery
Plastics and rubber machinery
Wood machinery
Material handling machines
(robots, conveyors, transfer machines, )
Textile machines
Food machinery
Printing, paper and board machinery
Packaging machinery
Hoisting machinery

3
17/04/2017
IEC 60204-1 General requirements
The risks associated with the hazards relevant to the electrical equipment shall be assessed as
part of the overall requirements for risk assessment of the machine
Hazardous situations can result from
failures or faults electric shock, arc or fire

failures or faults malfunctioning of the machine
disturbances in power sources malfunctioning of the machine
loss of continuity of circuits failure of a safety function
electromagnetic, electrostatic disturbances malfunctioning of the machine
release of stored energy (el., mechanical) electric shock, unexpected
movement
surface temperatures injuries

IEC 60204-1 General requirements

It is recommended that, where the user is known, Annex B be used to
facilitate an exchange of information between the user and the supplier(s)
on basic conditions and additional user specifications related to the electrical
equipment
1. Special conditions (see Clause 1)
a) Is the hoisting machine to be used in the open air? Yes No

4. Incoming electrical supplies
b) Will the hoisting machine handle or transport Yes/No If yes, specification
explosive, flammable or otherwise hazardous material ?
Specify for each source of supply:
c) Is the hoisting machine for use in potentially Yes/No If yes, specification
explosive or flammable atmospheres? a) Nominal voltage (V) AC DC
d) Is the hoisting machine for use in mines? Yes No If a.c., number of Frequency
phases
2. Electrical supplies and related conditions (see Prospective short-circuit current at the point of supply
4.3) to the hoisting machine (kA r.m.s.) (see also item 2)
a) Anticipated voltage fluctuations (if more than 10 %) b) Type of power supply earthing (see IEC 60364-1) TN (system with TT (system with
one point directly one point directly
b) Anticipated frequency fluctuations (if more than Continuous Short time earthed, with a earthed but the
2 %) protective protective
conductor (PE) conductor (PE) of
c) Indicate possible future changes in electrical directly the hoisting
equipment that will require an increase in the electrical connected to that machine not
supply requirements point); specify if connected to that
the earthed point earth point of the
d) Specify voltage interruptions in supply if longer than is the neutral system)
specified in Clause 4 where electrical equipment has to point (centre of
maintain operation under such conditions the star) or
another point
3. Physical environment and operating conditions
IT (system that is
(see 4.4)
not directly
earthed)
4
17/04/2017
IEC 60204-1 Incoming supply conductor terminations and devices

for disconnecting and switching off
Indication/marking
Terminal for connection (cross-sectional area)
Supply disconnecting (isolating) device
e.g. switch-disconnector, with or without fuses; circuit-breaker IEC
60947-2
Operating means (for example, a handle) external to the enclosure
of the electrical equipment
Excepted circuits (e.g. circuits supplying equipment for correct
operation, lighting circuits, socket outlets)
New symbols
Disconnector isolator
Disconnector circuit-breaker
IEC 60204-1 Protection

General requirements
against electric shock
(basic and fault protection, see IEC 60364series)

Basic protection (former edition: direct contact)
Protection by enclosures (opening only under special conditions)

Protection by insulation of live parts
Protection against residual voltages (greater than 60 V)
Protection by barriers (see IEC 60364-4-41)
Protection by placing out of reach or protection by obstacles
Definition of live part: conductor or conductive part intended to be

energized in normal use, including a neutral conductor, but, by
convention, not a PEN conductor
5
17/04/2017
IEC 60204-1 Protection against electric shock
(basic and fault protection, see IEC 60364series)
Fault protection (former edition: indirect contact)

(due to an insulation fault between live parts and exposed conductive parts)
Prevention of the occurrence of a touch voltage (class II equipment, electrical

separation)
Protection by automatic disconnection of supply (protective bonding of exposed
conductive parts, and additional measures depending on TN, TT or IT systems)
Protection by the use of PELV (Protective Extra-Low Voltage)
Definition of exposed conductive part: conductive part of electrical equipment, which

can be touched and which is not live under normal operating conditions, but which can
become live under fault conditions
IEC 60204-1 Overcurrent protection

Overcurrent protection shall be provided where the current in any circuit can exceed either the rating
of any component or the current carrying capacity of the conductors, whichever is the lesser value.
Design current Ib
Current carrying capacity Iz
Supply conductors (outside of the machine) 1,45 Iz
Parameters of
Power circuits conductors
Control circuits
Socket outlets Acceptable range for
I A
Parameters of
Lighting circuits protective devices tripping current I2
Transformers (according to manufacturers instructions)

Nominal current or
current setting In Ib In Iz IEC 1396/05
Location (in the cross-sectional area of the conductors)

Rated current or setting depending on current carrying capacity of the conductors
(maximum allowable interrupting time, co-ordination with other electrical devices, see Annex D)
6
17/04/2017
Automatic disconnection
Typical arrangement for fault loop

impedance (Zs) measurement in TN systems
Automatic disconnection
Typical arrangement for fault loop

impedance (Zs) measurement
for power drive system circuits in TN systems
7
17/04/2017
IEC 60204-1 Equipotential bonding

Protective bonding is a basic provision for fault protection
to enable
protection of persons
against electric shock
Protective bonding circuit:
(1) Interconnection of protective conductor(s) and the PE terminal
(2) Connection of exposed conductive parts
(3) Protective conductor connected to an electrical equipment mounting plate used as a protective
conductor
(4) Connection of conductive structural parts of the electrical equipment
(5) Conductive structural parts of the machine
Parts connected to the protective bonding circuit which are not to be used as protective conductor:
(6) Metal ducts of flexible or rigid construction
(7) Metallic cable sheaths or armouring
(8) Metallic pipes containing flammable materials
(9) Extraneous conductive parts, if earthed independently from the power supply of the machine and
liable to introduce a potential, generally the earth potential, (see 17.2 d)), e.g.:
metallic pipes,
fences,
ladders,
handrails.
(10) Flexible or pliable metal conduits
(11) Protective bonding of support wires, cables tray and cable ladders
Connections to the protective bonding circuit for functional reasons:
(12) Functional bonding
Legend to reference designations:
T1 Auxiliary transformer
U1 Mounting plate of electrical equipment
What is a protective bonding circuit?
Interconnection of
PE terminal(s)
Protective conductors in the equipment of the machine (incl. sliding contacts)
Conductive structural parts and exposed conductive parts of the electrical
equipment
Conductive structural parts of the machine
8
17/04/2017

Some important requirements of protective bonding circuits are
GREEN-AND-YELLOW
It is not necessary to connect exposed conductive parts when

Small parts (surface less than approximately 50 mm x 50 mm)
contact with live parts is unlikely
This applies to small parts such as screws, rivets, and nameplates and to parts inside an
enclosure, irrespective of their size (for example electromagnets of contactors or relays and
mechanical parts of devices)
Continuity necessary (e.g. when routine maintenance)

Protective conductor connecting point marked by
PE or GREEN-AND-YELLOW or symbol
IEC 60417-5019
IEC 60204-1 Functional bonding
The objective of functional bonding is to reduce:
the consequence of an insulation failure which could affect the operation of the machine
electrical disturbances to sensitive electrical equipment which could affect the operation of the
machine
induced currents from lightning which could damage the electric equipment.
Functional bonding is achieved by connection to the protective bonding circuit, but where the
level of electrical disturbances on the protective bonding circuit is not sufficiently low for proper
functioning of electrical equipment, it can be necessary to use separate conductors for protective
and functional bonding.
9
17/04/2017
IEC 60204-1 Control circuits and control functions

Use of transformers
Nominal voltage of AC control circuits < 230 V (50 Hz) or < 277 V (60 Hz)
Overcurrent protection
Definition of stop category 0, 1 and 2

Operations (start, stop)
Emergency operations
Emergency stop (functional aspects, see ISO 13850)
Emergency switching off
Other control functions (operating modes, monitoring of command actions,

hold-to-run controls, two-hand control, enabling control)
Cabless control systems
Measures to minimize risk in the event of failure
IEC 60204-1 Control circuits and control functions

Examples for protections against insulation faults
(to prevent malfunction such as unintentional starting, potentially hazardous motions, or
prevent stopping of the machine)
Earthed control circuits Non-earthed control circuit

fed by transformer fed by transformer
10
17/04/2017
IEC 60204-1 Operator interface
Minimize he possibility of inadvertent operation Fault (hazardous condition)

Ergonomic principles Abnormal condition
Action by the operator required
Location and mounting Machine is running
Monitoring
Degree of protection (IP rating in accordance with IEC 60529)
Actuators (colors and marking)

Indicator lights and displays
Emergency stop devices
Enabling control devices

(two-position type or three-position type)
IEC 60204-1 Controlgear: location, mounting, and enclosures
Accessibility and maintenance

Identification without moving them or the wiring
Access (e.g. terminals > 0,2 m above the servicing level)
Doors of enclosures (limited use of devices, e.g. operating)
Physical separation or grouping (e.g. power circuits, valves, )
Enclosures
Heating effects
Degree of protection (at least IP22)
Doors and openings (e.g. wider than 0,9 m, opening angle >95)
11
17/04/2017
IEC 60204-1 Conductors and cables

Selected so as to be suitable
for the operating conditions
(voltage, current, protection against electric shock, grouping of cables)
for external influences
(temperature, corrosive substances, mechanical stresses, )
Cross-sectional area of conductors (see table 6)
Current-carrying capacity (Iz)
Flexible cables with Class 5 or Class 6 conductors
Voltage drop of 5% from the point of supply to the load

in any power circuit
IEC 60204-1 Wiring practices

All connections secured against accidental loosening
Cables runs (no splices or joints)
Examples cable installation between enclosures
Cables in conduit and cable trunking systems
Circuits operate at different voltages

(separation by suitable barriers or conductors insulated for the highest voltage)
12
17/04/2017
IEC 60204-1 Wiring practices

Identification of conductors
GREEN-AND-YELLOW Protective conductor / protective bonding conductor
BLUE (unsaturated) Neutral conductor
Recommendation
BLACK AC and DC power circuits
RED AC control circuits
BLUE DC control circuits
ORANGE Excepted circuits
IEC 60204-1 Electric motors and associated equipment

The protection requirements
Protection of motors against overheating
Overspeed protection
Enclosures for motors and degree of protection
Criteria for motor selection

Type of duty cycle (see IEC 60034-1)
Fixed speed or variable speed operation (and influence of ventilation)
Mechanical vibration
Method of starting and the possible influence of the inrush current
.
13
17/04/2017
IEC 60204-1 Socket-outlets and lighting

Socket-outlets that are intended to be used for accessory equipment hand-held (power
tools, test equipment)
Continuity of the protective bonding circuit to the socket-outlet

Automatic disconnection time (see table A.1 or A.2)
Residual current protection (RCDs) when current rating not exceeding 20 A
Local lighting of the machine and of the equipment
Nominal voltage (less < 250 V, recommended 50 V)

Dedicated supply
IEC 60204-1 Thank you for your attention!
Patrick Gehlen
IEC/ TC44 Chairman
DE TI SR
Schuhstr. 60
91052 Erlangen, Germany
E-Mail: patrick.gehlen@siemens.com
siemens.com
14
1st Seminario Internacional
de Seguridad de Maquinaria - (SISEMAQ)
IEC/EN 62061 and recommendations for practical use
David Main-Reade, ROCKWELL 04.April 2017

David Main-Reade
Engineering Consultant
Europe, Middle East and Africa
TV Rheinland FS Expert Machinery ID No 206/13
TV Rheinland FS Engineer SIS ID No 10527/15
Safety control system (SCS) view the machine as a fortress
Is the Safety Control System everything?
Hierarchy of Protective Measures
More
Design it out
Preferred
Fixed enclosing guard
Safety function
Awareness means, training and

procedures (administrative)
Less
Personal protective equipment Preferred
Clause 4
The safety control system (SCS) shall be designed and constructed so that the principles of
ISO 12100 are fully taken into account.
The design of the SCS shall take into account the intended use and reasonably foreseeable
misuse of the machine
Clause 4
Integration within the risk reduction process of ISO 12100
IEC/EN 62061
Safety of machinery Functional safety of safety-related electrical, electronic and
programmable electronic control systems
Published: 2005; Amendment 1: 2013
Machinery sector implementation of IEC 61508, and provides a simple process for
system designers
Uses SIL (Safety Integrity Level)
Only (currently) applies to electrical technology
Focuses on documentation and provides specific requirements on fault exclusion
Amendment in 2015 was editorial to bring references up-to-date

IEC/EN 62061
Safety of machinery Functional safety of safety-related electrical, electronic and
programmable electronic control systems
Relationship with EN ISO 13849 is provided via ISO 23849 (IEC 62061-1)
A non-complex subsystem designed to ISO 13849 can be used in a system
designed to IEC 62061
A non-complex subsystem designed to IEC 62061 can be used in a system
designed to ISO 13849
A complex subsystem designed to IEC 61508 can be used in a system
designed to IEC 62061 or ISO 13849
The essence in one slide: 2
1
3
Clause 4
Management of functional safety
The functional safety plan is intended to provide measures for preventing incorrect specification, implementation,
and ensuring any modification is handled correctly
Clause 4
Action plan
Documentation Audit trail
Responsibilities Who does what?
Project management for safety

Clause 5
Requirements for the specification of
Safety-Related Control Functions
Safety Integrity requirements specification - What SIL is required
Functional requirements specification What must it do?
If Then Else functionality
Interaction of persons with the machine (e.g. repairing, setting, cleaning)
Use task based risk assessment
Productivity and safety must
both be considered
Check carefully at this stage
Clause 6 Safety function
Design and Integration

Input Logic Output
Functional decomposition Sub function 1 Sub function 2 Sub function 3
Input Logic Output

Random Hardware Failure Sub system 1 Sub system 2 Sub system 3
Systematic Integrity
Diagnostic Coverage (Safe
failure Fraction)
Safety function
Common Cause Failure
Convert the safety function

into a safety system
Clause 7
Information for use
Clause 8
Validation
Clause 9
Modification
Clause 10
Documentation
Start with EN ISO 12100
ISO TR 14121-2: Helps with guidance on risk assessment and examples
of methods
Task Analysis Hazard Identification Risk Evaluation

What are the control system safety functions?
Control System Safety Functions
Functional requirements specification
Cleaning Mode - Lock the guard door when
closed unless power is OFF motion is
stopped and robot in home position
Automatic Operation Mode - Isolate power

to robot if guard door is not closed.
Teach Mode - Allow power for robot

teaching under safe speed conditions and
with local control enabling device activated.
Robot axis power Robot axis motion Release of stored Lock release Robot in home Guard Lock
status status energy request position Command Status
ON NOT STOPPED NOT RELEASED ON
ON NOT STOPPED RELEASED ON
ON STOPPED NOT RELEASED ON
ON STOPPED RELEASED ON
OFF NOT STOPPED NOT RELEASED ON
OFF NOT STOPPED RELEASED ON
OFF STOPPED NOT RELEASED ON
OFF STOPPED RELEASED YES YES OFF
Cleaning Mode - Lock the guard door when closed unless power
is OFF, motion is stopped and robot in home position
Guard Door Output Actuators
Status Status
OPEN OFF
CLOSED ON
Automatic Operation Mode - Prevent robot motion if guard

door is not closed.
Safe Speed Enabled Guard Door Manual Local Control Priority Output Actuators Status
Status Enabled
NO CLOSED NO OFF
NO CLOSED YES OFF
NO OPEN NO OFF
NO OPEN YES OFF
YES CLOSED NO OFF
YES CLOSED YES OFF
YES OPEN NO OFF
YES OPEN YES ON
Teach Mode - Allow power for robot teaching under safe speed
conditions and with local control enabling device activated.
Go to IEC/EN 62061 Annex A Automatic Operation Mode - Prevent robot motion if
guard door is not closed.
What is the required SIL for each safety function?

Go to IEC/EN 62061 Annex A Automatic Operation Mode - Prevent robot motion if
guard door is not closed.
In this example we could require SIL 3

Automatic Operation Mode
Prevent robot motion if guard
Convert the Control System Safety door is not closed.
Function into safety related control system
Function decomposed into Guard door Logic Disable robot

position motion
sub-functions sensing
Automatic Operation Mode
Prevent robot motion if guard
Convert the Control System Safety door is not closed.
Function into safety related control system
Function decomposed into Guard door Logic Disable robot

position motion
Guard Safety Safety motion

Each sub-function is interlock monitoring controller
implemented by a sub-system device relay
Guard door interlocking system

Each subsystem must satisfy Sub system 1 Sub system 2 Sub system 3
requirements for
See Clause 6
Common Cause Failure Guard Safety Safety Motion

See Annex F interlock monitoring controller
device relay
Safety Related Electrical Control System

Guard door interlocking system
The maximum SIL Claim Limit (SIL CL) for each subsystem is given by Table 5
Sub system 1 Sub system 2 Sub system 3
The minimum probability of dangerous failure per hour PFHD for the system is
given by Table 3
Sub system 1 Sub system 1 Sub system 1
SIL CL = 3 SIL CL = 3 SIL CL = 3
PFHD = 1.2 x 10-9 PFHD = 4.5 x 10-9 PFHD = 1.9 x 10-9

System PFHD total = 7.6 x 10-9
Teach Mode - Allow power for robot teaching under safe speed conditions and with local control
enabling device activated
In this example we could require SIL 2

Convert the Control System Safety Teach Mode: Allow power for robot
Function into safety related control system teaching under safe speed conditions
and with local control enabling device
activated
Function
decomposed into Safe speed Guard door Manual local Logic Enable robot
sensing position control motion
Teach Mode: Allow power for robot
Convert the Control System Safety teaching under safe speed conditions
and with local control enabling device
Function into safety related control system activated
Function Safe speed Guard door Manual local Logic Enable robot
decomposed into sensing position control motion
sensing
sub-functions
Each sub-function is Shaft Guard 3 position Safe speed Safety motion

encoders interlock enabling sensing controller
implemented by a device device device
sub-system
Safety Related Electrical Control System: Allow power for robot

teaching under safe speed conditions and with local control enabling
device activated.
Each subsystem must satisfy
requirements for
Sub system 1 Sub system 2 Sub system 3 Sub system 4 Sub system 5
See Clause 6

See Annex F
Shaft Guard 3 position Safe speed Safety motion
device device device
Safety Related Electrical Control System: Allow power for robot teaching
under safe speed conditions and with local control enabling device
activated.
Safety Requirements Specification

SIL CL = 3 SIL CL = 3 SIL CL = 3 SIL CL = 3 SIL CL = 3
Design and Integration PFHD = 1x 10-8 PFHD = 1.2x 10-9 PFHD = 1x 10-8 PFHD = 3.38x 10-9 PFHD = 1x 10-8
Subsystem 1 Subsystem 2 Subsystem 3 Subsystem 4 Subsystem 5
Random Hardware Failure
Diagnostic Function Shaft Guard 3 position Safe speed Safety motion

Validation device device device
Modification
Documentation Total PFHD = 3.458x 10-8

SIL achieved = 3
What is your role?
A system designer? (machine builder)

Go to Clause 6.6
PFHD PFHD PFHD
SIL CL SIL CL SIL CL
A subsystem designer? (safety component designer)

Go to Clause 6.7
Safety Related Subsystem Designer Safety Related System Designer
(Safety Component Manufacturer) (Machine Builder)
FUNCTIONAL SAFETY MANAGEMENT FUNCTIONAL SAFETY MANAGEMENT
LOW COMPLEXITY SYSTEMATIC

SUBSYSTEM PFH SAFETY FUNCTION
SUBSYSTEMS CALCULATION SPECIFICATION
ARCHITECTURE /
DC CATEGORY 13849 Simplified method
Or SUBSYSTEM
62061 Simplified method 1 PFH
SUBSYSTEM ELEMENTS
CCF MTTF /
+
SUBSYSTEM
HIGH COMPLEXITY SUBSYSTEMS USE IEC 61508 OR EQUIVALENT 2 PFH
SUBSYSTEMS WITH FUNCTIONAL SAFETY PRODUCT STANDARD

+
SUBSYSTEM
3 PFH
E.G. IEC 61800-5-2
IEC 62061 Edition 2 What is under consideration?
Better structure and flow - Only go as detailed as you need to
Low demand safety functions for machinery - Liaison with IEC 61511
Cyber security implications
A security risk assessment shall be carried out to identify the threats and
vulnerabilities of the safety-related control system within a defined security
context and will refer to IEC 62443 and IEC 63074 (currently in draft)
Some common clauses with ISO 13849-1 e.g. Software and Diagnostics
Continuing liaison with ISO 13849
Next edition expected around 2019

Thank you
PNEUMATIC SAFETY
according to ISO 13849-1
Patrick Wotawa, SMC 04.April 2017

Safety design
ISO 13849-1 for

pneumatics?
Really?
Safety design
Are pneumatic
components
13849-1
dangerous?
ISO 13849
Which products to choose?
Which data is PRODUCT VALIDATION
necessary? Supplier document
Which products
can we use?
RELIABILITY DATA
Supplier document
Product validation
Validation document
Basic and well-tried safety

What is a validation
principles X
document from
a supplier?
Well-tried components X
Preferred reliability data provided by suppliers?
B10D / MTTFD
B10 / MTTF + RDF
B10 / MTBF
No reliability data
Option1:
20 million B10D for pneumatic components
(ISO 13849-1:2015 table C.1)
Hmm..No data
by the supplier?
Option2:
Use well-tried components
(ISO 13849-1:2015 clause 4.5.5)
ISO 13849-1:2015 Clause 4.5.5
well-tried components
or proven-in-use
Kinds of failures
Systematic
Random failure
hardware
failure
Common
cause
failure
hardware failure
Redundancy and diagnostics
Dump valves in action
Check valve with detection
State detection
Simple retrofitting
innovative
Safe stop horizontal
Safe stop with residual pressure release
Safe last position
SMC Brazil

Fixed and movable machine guards: Standards, selection criteria, and testing

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Fixed and movable machine guards: Standards, selection criteria, and testing

Hochgeladen von

Copyright:

Verfügbare Formate

2

Fixed, movable guards and

Kim Dahl, Machine safety specialist, Troax AB. 2017-03-27

SIS TK 282 Machinery ISO TC 199 WG 07 Interlocking devices.

New ISO 14120

What shall we protect?

What type of environment?

Which energies shall we take

Which standards can we use?

Standards for guards

Which objects shall we protect?

Is there a risk for collision?

What energies shall the fixed guard

5.4.2 Impact and ejection resistance

the likelihood and the foreseeable degree of

the intended use of the machine as defined in

misuse and manipulation

risks; on the machine, the nature and

When enclosing fixed guard arent practical,

Guards to protect against risks, for example,

Fixed guard shall be designed and

Selection of the height

Selecting the color

Yellow should be avoided;

Fasteners which can

The images show examples of fastener system

A wrench or similar tool must be used to

It is always the owner / manufacturer of

Fixed guard can be used if foreseeable

Movable guards - for example, a door /

Information for use

The information shall also impose

Instructions for use shall be provided as

Observation during operation

Review of risk assessment

Normative references has been updated to

Terms and definitions are clear and precise

Tests of fixed and

Now adopted as a testing method of ISO

Ensures that tests are carried out in a common way

The risk assessments, state the requirements for the

Important to follow standards

Consider the selection of fixed

Thanks for your time.

Risk assessment and risk

Overview Section MSS 6

Overview Section MSS 10

Overview Section MSS 13

1. - Todas as mquinas, novas ou de segunda mo, movidas

1996 Acordo Tripartite para Proteo em Cilindros de massa de panificao

Art. 3 Fornecedor toda pessoa fsica ou jurdica, pblica ou

1 Produto qualquer bem, mvel ou imvel, material ou

Artigo 39 vedado ao fornecedor de produtos e servios:

- ABNT NBR 13930 Prensas mecnicas (EN 692)

Manager for machinery safety

Since 1995 employee of SICK AG

Member of different standardization committees of

Appointed European expert for machinery safety for the

Otto Grnemann, SICK 04.April 2017 Page 3

Otto Grnemann, SICK 04.April 2017 Page 4

- Reaction (signal output)

- in due time if required

Otto Grnemann, SICK 04.April 2017 Page 5