Safe speed monitoring - standards and ways to implement it

Would you ever feel safe driving a car without a speedometer? Of course not, and - just as with motor vehicles - machinery can have safe operating speeds that should be adhered to.

In a machine, a speed monitoring system can be essential for safe control of the machine and protection of the operator and other people in the vicinity of the machine. So how do we know what the permissible safe limits of operation should be?

To answer these questions, we can turn to the relevant legislation. And, whatever your opinion about Europe, there is no doubt that we are fortunate in having unified safety legislation via the European Union that has set high standards for the rest of the world to follow.

However, the plethora of Directives and standards, combined with the very specific terminology used, can make it seem heavy going. The Machinery Directive, like any other Directive, is long and complex, with many clauses and sub-clauses that must all be adhered to when designing and building a machine.

It would be very difficult for someone to design a machine and simply assume, or even prove, that they have complied with every clause in the Machinery Directive. So the specifications to cover each aspect of the design and manufacture of machines are helped by agreeing Standards. 'Harmonised' standards across the EU can be used to give purchasers the confidence that a machine meets the requisite safety levels and presumes conformance to the Directive, whether it is made in London or Latvia.

Machinery safety standards

A list of harmonised standards for the Machinery Directive can be found in the freely available Official Journal of the EU, and each standard is one of three types:

• A-Type standards: Relate to basic safety containing basic terminology, principles of design and general aspects that can be applied to all machinery
• B-Type standards: Address a safety aspect or protective device that can be used in a wide range of machinery - for example: ISO 13849-1 Safety of machinery - Safety-related parts of control systems - Part 1: General principles for design, IEC 61496-1 Safety of machinery - Electro-sensitive protective equipment - Part 1: General requirements and tests
• C-Type standards: Contain all safety requirements for a specific machine or type of machine. If this standard exists, it has priority over the A-type or B-type standards - for example: IEC 415-7 Safety of packaging machines - Part 7: Group and secondary packaging machines

The relevant directives and standards are usually added to the machine builder's Declaration of Conformity (DoC), which has to accompany any machinery as required by the Machinery Directive.

Speed monitoring

Now let us go back to speed monitoring, which is covered by B and/or C-Type standards, depending on the machine in question. There are various machine speed parameters that could influence the risk of harm on a machine against identified limits. If the machine exceeds those limits then suitable measures are initiated. Thus, the monitoring of the speed becomes a safety function. Of course, there are many different types of machine; if a C-Type standard exists for your machine, then you may find the speeds that have been agreed, though not always.

Below are some examples from C-Type standards and also what the B-Type standard says about speed.

C-Type standards

BS EN 693 covers the safety of hydraulic presses. It states that the closing speed shall not exceed 10mm/s when using a hold-to-run control device.

BS EN 1010-5 covers the safety requirements for the design and construction of printing and paper converting machines, specifically corrugated board production and the conversion of flat and corrugated board. Among the references to speeds in this standard, two examples are:

• On the unwinding of corrugated board machines, the hold-to-run speeds can be increased to 15m/min when inserting the chucking cones and moving the lifting arms as long as the hold-to-run buttons are located at a minimum distance of 850mm from the lifting arms.
• On a splicer on a corrugated board machine where hold-to-run control is used for safeguarding the movement of the dancer roll into position for web threading, the hold-to-run speed shall not exceed 15m/min.

BS EN ISO 10218 covers the safety requirements for industrial robots (Part 2: Robot systems and integration). The standard states that the maximum speed of the Tool Centre Point (TCP) shall not exceed 250mm/s in manual mode and shall be possible only with the added use of an enabling device.

B-Type standard

BS EN ISO 13849 is a B-Type standard and covers the general principles for design of Safety-related Parts of Control Systems (SRP/CS). This standard can be used where no C-Type standard exists. There are no speeds quoted but it does state that that when safety-related parameters deviate from their limits then appropriate measures shall be initiated.

Performance Level (PL) and Safety Integrity Level (SIL)

IEC 61800-5-2 (BS EN 61800-5-2) is a B-type standard and defines the safety functions for drives. It specifies the requirements and makes recommendations for the design, development, integration and validation of adjustable-speed electrical Power Drive Systems (PDS). These are the systems that are suitable for use in safety-related applications (PDS(SR)) in terms of their functional safety.

The Performance Level of the speed monitoring circuit may be defined in the C-Type standard (for example, BS EN ISO 10218 states that 'Safety-related parts of control systems shall be designed so that they comply with PL=d with structure category 3 as described in ISO 13849-1:2006').

If no C-Type standard exists, then ISO 13849 or IEC 62061 can be used. If, for example, a safe speed is identified as a condition for locking or unlocking a gate, then this would form part of the safety function and should undergo the same functional safety design process as the interlocking function.

ISO 13849 and IEC 62061 both outline a method for determining the required safety performance level for a safety function. Each method can be used to determine the required performance level (PL), or the required Safety Integrity Level (SIL) respectively, see examples below:

Figure 2: Performance Level required (PLr) according to ISO 13849.

Figure 3: Safety Integrity Level (SIL) according to IEC 62061.

How to monitor speed safely

Once the required safety performance level has been determined, the speed monitoring control system can be designed. The two ways that speed monitoring can be implemented are either externally, when the safety is implemented outside the drive and the speed controller requires feedback, or internally, where the safety feedback is inside the drive as an integral function.

Either way, it is common to use rotary encoders and, as a general rule, when used with appropriate and relevant associated speed monitoring equipment, a single encoder can give you PLc/SIL1 and two encoders can achieve up to PLe/SIL3.

There are also encoders designed specifically for safety, such as Sick's DFS60S Pro (a safety-rated Sin/Cos encoder). If such a Sin/Cos encoder was used with a compatible safety controller, such as the Sick Flexi Soft, then this would provide you with a SRP/CS that achieves PLd/SIL2 - see below:

Figure 4: PLd/SIL2 speed monitoring safety function.

Conclusion

In summary, speed in machinery is an important parameter with respect to safety and should always be considered as part of the risk assessment. C-Type and B-Type standards can give guidance; however, risk assessment tools do not replace good engineering judgement but aid it. Careful consideration should be given to the determination of the required safety performance level of a speed monitoring circuit and it should be designed accordingly.

For more information about Sick safety products and systems, or any of Sick's industrial instrumentation products, please contact Andrea Hornby on +44 (0)1727 831121 or email [email protected], or go to www.sick.co.uk.