Seb Strutt and Iain Smith, Safety Managers at Sick UK, provide answers to some questions that are frequently asked about the new Machinery Directive 2006/42/EC.
The new Machinery Directive is causing a flurry of activity, with issues, articles and guides in abundance to help engineers drill down towards the small print [see, for example, the free guide from MachineBuilding.net]. Most people are now getting to grips with the basics of what the legislation is all about and starting to plan the practical steps to take.
If Sick's customers are anything to go by, embarking on the journey can initially raise more questions than answers. So here are a few questions that safety specialists at Sick have been asked recently - and the answers provided, which may assist in clarifying some of the points.
As well as better safety in the workplace, there are direct financial benefits to the imposition of this improved safety legislation in the workplace. The functional safety documentation from the machine manufacturer must be of a far higher standard. The manufacturer has to ensure the machine is safe for its design lifetime, and must document any deviations from this with designated mean-time-to-dangerous failure (MTTFd) rates.
Thus the manufacturer will have to state what maintenance and tests a safety function might need during the equipment's lifecycle, or whether critical safety components need to be changed after a given period of operation. Together with more comprehensive safety validation documentation, this means that operating and lifetime costs will be much more transparent, as all component replacement issues should have been identified early.
The intention behind these changes in regulations and standards is to ensure all countries in the EEA (European Economic Area) are working to the same machinery design principles and ultimately reducing risk. Although that, in itself, has a cost benefit, better information from the equipment manufacturer should provide an additional tangible benefit.
If the manufacturer of an individual product does not supply the requisite reliability performance data, the user still has some options (apart from sourcing elsewhere of course!). If the manufacturer confirms the well tried safety principles are applied or manufacture to the relevant product standard, then the suggested value from Annex C, Table C.1 EN ISO 13849-1 can be used for most typical components. However, if the manufacturer only supplies a B10 figure, and not a B10d value, then the specifier/designer should assume 50 per cent of the B10 failures are dangerous.
In looking at PFHd (probability of dangerous failure per hour) of low-complexity components within EN 62061, the B10 and B10d figures can be used to calculate the failure rates based on an estimated frequency of demand. The calculations for these are not complex, but the procedure should be followed carefully; examples can be found in Sick's Six steps to a safe machine publication.
If you are designing machinery against a Type C standard, do not be alarmed if the Type C standard refers to EN 954-1. All C Type standards are under review and will be republished with references to the new controls standard. After 29 December 2009, EN 13849-1 will replace 954-1 entirely as a successor standard [but see this more recent announcement confirming the extended transition period for EN 954-1 - Ed]. It would be wise to design the control system to meet the category or architecture requirements of EN 954-1 as stated in the current Type C standard. Because the architecture and category descriptions are largely the same in EN 13849-1 it may be advisable to complete the reliability and validation processes that are additional to the requirements of EN 954-1 in readiness for the new Type C standards.
EN 62061 does not replace 954-1, and does not share the same architecture descriptions as EN ISO 13849-1 or EN 954-1.
There is some debate about this, but it requires slightly more than a cursory glance at the standards to establish which is the most appropriate for your situation.
At the beginning of each standard there is a selection matrix showing the appropriate selection of EN ISO 13849 or EN 62061. However, these designations are not exclusive and can be used together; in the majority of cases, EN ISO 13849 is sufficient for machinery safety applications from low risk (PLa) to high risk (PLe).
Also, the matrix is a little imprecise when it suggests that 'if the safety system is programmable then 62061 applies.' This has been misinterpreted by many engineers as using a PLC or similar controller but this supposition is too simplistic. It actually depends on the software requirements and not just on whether a PLC or similar is used, as, in fact, the standards go on to define the term programmable by the software requirements for the safety-related system.
If you are using a Limited Variability Language (LVL) such as a supplier-certified function block diagram or ladder logic, EN ISO 13849 can be applied.
If you are using Full Variability Language (FVL) such as C, C++ or Assembler, EN 60621 (and EN 61508) should be applied for high-risk applications.
EN ISO 13949 and EN 60621 apply to new machinery and systems but, if you alter an existing machine beyond its original design limits or when upgrading a machine with a PLC, for example, you are deemed to be manufacturing a new machine and it therefore needs to be CE marked afresh.
All new machinery sold after 1 January 2010 must be CE marked to the new Machinery Directive 2006/42/EC and the new standards should be used to show compliance. Here in the UK, second-hand machinery must be suitable to allow the employer to meet his obligations according to the Provision and Use of Work Equipment Regulations (PUWER) (similar regulations exist elsewhere in Europe). If it was manufactured after 1 January 1993 it should bear a CE mark showing compliance to the previous Machinery Directive.
Although CE marked, this does not automatically mean that the machine is safe. The manufacturer has designed the machine under his/her interpretation of the regulations and, as such, the owner should ensure all safety critical functions and components are designed and implemented correctly for the application.
And when you integrate it into your production line, you must ensure that its safety measures are not compromised by your existing systems.
A one-day course offered by Sick introduces engineers to the two functional safety standards and gives a working understanding of their content and application. Unique worksheets with action cues keep the overview of each standard within easy reach, and worked examples help make complicated issues digestible.
Alternatively Sick has produced the Six steps to a safe machine publication, which, step by step, introduces the Laws and Directives, Risk Assessment, Safe Design, Protective Measures, Residual Risk, Overall Validation and Placing onto the Market.
If you have any further questions for the Sick safety team, contact Seb Strutt or Iain Smith at email@example.com or firstname.lastname@example.org. To register for a Sick safety seminar in your area visit www.sick.co.uk or email Andrea Hornby at email@example.com to request a copy of the Six Steps to Safety guide.