Asia

Account

Menu
Menu
< Back to Articles
Machine Safety / Occupational Safety

Machine Guard Factors (Control Integrity, Energy Isolation, Alternate Lockouts, Risk Reduction)

It's easy to say, "Safety is everyone's goal," but what does that really mean? 

Good workplace safety practices can reduce the risk of injury not only to machine operators, but also to non-operators such as maintenance personnel. It also reduces the risk of accidental damage to machinery and other company assets, or harming the environment. Common industry standards acknowledge that there is no such thing as zero risk, but they do provide guidance to machine builders and operators on how to minimize risk. This is commonly called a machine guard. Here we would like to discuss some of the key factors.

Control safety

The most important point for Machine Guard is to evaluate the entire system, not just the electrical part, to minimize unnecessary exposure to risk. This is because the system should be evaluated based on the weakest link in the control link.                                                                                                                                                                                             
 

Several standards (ISO 13849-1, ANSI/ASSE Z244.1, and ANSI/PMMI B155.1) specify input devices, sensing devices, and interlocking devices, as well as “output devices” such as pneumatic and hydraulic valves. It defines the control system as including “equipment”.
 

High Control Reliability Valve | Category 4 | DM2C Series

The function of fluid control valves mimics the function of electrical control relays and follows the same rules for classifying "safety integrity". A properly specified machine safeguarding system therefore includes provisions for pneumatic valves that include:

  • It must be functionally redundant
  • Must monitor for faults (include performance-degrading faults that can cause loss of redundancy) without relying on external machine control or safety circuits.
  • In the event of pressure loss or other similar disturbances, a safe return must be made.
  • When a fault is detected, further operations should be prohibited until it is corrected.
  • Equipped with a dedicated input dedicated to the reset function, which can be reset simply by removing or adding air pressure and hydraulic pressure should not.
  • Must not be automatically reset.

Now, high control reliability is generally considered Safety Category 3 or 4 as defined by the ISO 13849-1 / EN954-1 standard for all types of circuits. For Category 3, this ISO standard states that “A single failure in any of these control devices shall not lead to loss of the safety function.'' Faults must be detected. It also states that for Category 4, "accumulation of undetected faults does not result in loss of safety function."

However, providing control reliability with fluid power is not quite the same as with electrical control. For example, simple redundancy in a safety circuit requires the equivalent functionality of four discs instead of two. Of the four discs, two handle the inlet function and the other two handle the stop function (energy release). Many self-designed systems run the risk of having hidden potential flaws that are invisible and unexpected and are therefore excluded from design and safety review. This can result in dangerous situations. Good examples are spool crossover conditions and valve ghost positions, which are not usually shown on schematics.

Two common abnormal conditions can affect valve safety. The first resembles an electrical control failure, such as a relay stuck in the open or closed position. The second abnormal condition is poor valve performance, such as a sticky disc or slow valve response. In these cases, the valve disc moves to the proper position, but the slow shifting affects the machine's safe stopping distance or accurate timing.

The ANSI B11.19- 2003 standard mandates the implementation of monitoring systems to detect the condition of these valves in critical applications, and the ANSI/PMMI B155.1 standard requires that downtime be affected if there are, they are requesting performance degradation monitoring. A simple solution to these is to use Category 3 or Category 4 valves with self-monitoring designed to detect both conditions.

The use of double valves remained rather unknown for many years, with the exception of a few specific industries, such as the stamping industry, which first started demanding control reliability. Double valves provide double internal functionality (redundancy) so that a malfunction of one valve does not interfere with the normal operation of the overall valve. This detection and suppression function is commonly referred to as monitoring.

No two standard air valves can perform the same safety protection function, regardless of whether they are used in parallel or in series. By simply incorporating two standard air valves into the circuit, there is no provision for detecting abnormal operation of one valve, and even worse, there is no provision for detecting performance degradation such as slow response . is not. Moreover, there is no provision to prevent restarting the circuit until the valve is repaired. If one valve malfunctions, the second valve continues to function, thus eliminating redundancy. The circuit is unaware of the loss of redundancy and does not stop working as a warning that redundancy has been compromised. Then, when the second valve also behaves abnormally, there is no "backup" and control integrity is lost.

Whenever the reliability of hydraulic and pneumatic equipment becomes an issue, the use of double valves is the preferred solution. Typical applications include emergency stops, two-hand controls, light curtains, safety gates, pneumatic locking devices for safety gates, hydraulic brakes, air brakes, amusement rides, hoists, elevators, pinch point applications, or any other where the control system operates applications, all of which depend on valve action.
 

Energy sequestration

Energy Isolation Lockout/Tagout (LOTO) is another high priority topic. Standard LOTO requires all energy to be dissipated and the condition of the machine checked before workers enter the protected area of the machine. The standard defines "de-energized" as disconnecting all energy sources from the machine and ensuring that no residual stored energy remains in the circuit. For fluid power, this requires a manually operated energy isolation valve. that is,

  • Attach keys in a secure and tamper-proof manner;
    • Located outside the protected area and easily accessible
  • Have a way to check the energy dissipation before the employee enters the protected area
    • Not used in the normal production process
  • Equipped with full size exhaust port (ANSI/PMMI B155.1-2006, CSA Z142-02)
    • Easy-to-understand operation (handle position is ON or OFF type only)
    • It can be easily identified as a LOTO valve
    • Locking is possible only in the OFF position

And, of course, companies should have written company policies and train relevant employees.

 

Lockout & Exhaust valve for LOX® LOTO

Alternate lockout

The ANSI/ASSE Z244.1-2003 (R2008) standard also addresses other lockout techniques called "alternative control methods". These systems can reduce costs and improve machine uptime. However, alternative methods apply only to routine and repetitive tasks that are integral to the production process and based on risk assessments that provide effective personal protection. The machine should also have a standard lockout system for repairs and other tasks.

The alternative control method has two beneficial time-saving benefits. First, increase safety by using a single lock point (remote low-voltage system) which simplifies and speeds up lockout and avoids leaving unlocked points. is possible. Workers do not have to move around the machine to approach different points to lock out or unlock. These systems place electrical lockout switches connected to the control system where access to the machine is required and incorporate appropriate relief valves for pneumatic and hydraulic lockouts.

A second feature (benefit) of the alternative lockout system is that it eliminates the need to remove all energy. In fact, removing all the energy can sometimes lead to a more dangerous situation. This saves a lot of time and money when a large amount of compressed air is accumulated in the system.
 

3/2 Normally Closed | Category 2 | Sensor Ring Valve

The standard is also useful for routine, repetitive, or non-production-critical tasks that require power, such as troubleshooting control circuits. The new standard recognizes that there is no such thing as zero risk, and that there is always risk to perform certain tasks. In this case, the standard requires the use of Category 3 or 4 equipment with high control reliability for control systems and valves controlling unisolated energy.

 

Risk reduction

There is no such thing as "zero" risk. These standards therefore require that all possible risks be evaluated in order to find out how they can be most effectively reduced. The best way to approach risk assessment is to do it as a team. One of the major changes introduced by ANSI B11.TR3-2000 is that both the "machine manufacturer" and the "user" are responsible for performing the assessment.

Hydraulic accumulator tank return valves that must be monitored or manually operated
A pilot-operated check valve (PO check) that is designed to hold the load in place and essentially trap the pressure )which must be released during the lockout process.)

  • Use of 3-position all-port block valves to trap pressure
  • Hazard when a hose or tube fitting is blown off
  • Pressure spikes that occur when compressed air is re-supplied after a LOTO that cuases sudden movement of the cylinder and shocks the machine

All of these, or more, require a thorough analysis of the circuit to reveal potential hazards, even if no hazards have occurred in the past. The standard states that whenever something can happen, it should be considered.

 

Redundancy 2/2 PO Check Valve | Category 3




To design a reliable control circuit, engineers must separate the reliability links for each device link. Each link must represent control equipment that meets the control reliability specifications above. If a device does not meet all these criteria, it is not considered a control device, but simply a component for integration into a circuit, requiring the introduction of additional devices to achieve control reliability. or the circuit must
be redesigned.

If the electrical control is already of high control reliability, updating the system may not be difficult. Some valves have all the monitoring logic built in, so you don't need to change your existing external control circuitry for valve monitoring. Simply replace your existing pneumatic or hydraulic valves with valves for critical applications and properly wire them into your system to bring your fluid control to a state of high control reliability.

So the next time you design a circuit, ensure that ISO, ANSI, OSHA, and their concurring standards are applied to the entire control circuit from start to finish, linking the reliability chain. Remember that you can't break a

ROSS Asia K.K. Uses Cookies


We utilize cookies to personalize and enhance your overall experience on our website. When you select "Accept All Cookies", you are agreeing to our use of cookies. You may customize what cookies you accept by selecting the "Settings" link below. Please read the Cookies Section in our Data Privacy Policy for more details or to make changes to your Settings selection.


California Residents: Please review the California Privacy Rights section in our Privacy Policy.


These cookies help us improve and optimize our website by tracking user behavior.

These cookies help you navigate our website by supplying optimized recommendations based on your preferences.

Functionality Cookies

These cookies enhance the functionality and convenience of our website, including experiences such as automatic log in which utilizes encrypted user data.

Settings