Basic understanding of safety circuits
the SRP/CS can be classified according to its: n Resistance to faults n Behavior if a fault does occur All design work on a machine incorporating safety should start with a risk assessment according to ISO 12100 to identify hazards and estimate risks. The risk- reduction process then involves first applying inherently safe design, then safeguards, and finally information for use. Any protective measures that depend on the control system must then be evaluated using a special iterative process. This involves determining the required performance level (PL r ) for each safety function and its mean time to dangerous failure (MTTF D ) to determine the reliability of the SRP/CS. Each part may be assigned a performance level from a through to e — with PL a having the highest probability of a dangerous fault and PL e having the lowest probability. The specific way that the failures may occur involves the considerations set out above for ISO 14119. Variations on safety- circuits — and some example arrangements For large enclosures such as gated robotic cells, safety arrangements are a little different. This is because guards are often closed with the operator inside the active workspace. So, in many instances,
All design work on a machine incorporating safety should start with a risk assessment according to ISO 12100 to identify hazards and estimate risks.
Figure 2: Particularly unique are safety circuits associated with robotics — especially for robotics that employ teach pendants (as shown here) as well as collaborative robots.
n Type 2 interlocking devices have mechanically actuated position switches with coded actuators such as a shaped actuator (tongue) or trapped-key. These are considerably more difficult to defeat. n Type 3 interlocking devices have non-contact position switches with uncoded actuators such as proximity switches. The difficulty involved in defeating Type 3 interlocks depends on the actuation principle involved. Capacitive, ultrasonic and optic actuators can be defeated by a wide range of objects. Inductive actuators may be defeated by any ferric metal object. Magnetic actuators require a magnet to defeat them. n Type 4 interlocking devices have non-contact position switches with coded actuators, such as RFID tags, coded magnets or coded optical tags. These are extremely difficult to defeat if properly constructed so that the coded actuator cannot be removed.
When designing a safety circuit, interlocking devices should be selected to minimize the possibility of a defeat. Consideration should also be given to: n The overall system stopping performance , which is the amount of time required for the machine to become safe after a stop command is issued. n The access time , which is the time it takes a person to reach the hazard after the stop command has been initiated. The overall system stopping performance must be significantly
trapped-key systems are used to ensure that operators are outside the workspace upon the closing of gates; and only then can the robot begin its full-speed operation. Of course, traditional robots can typically be operated in a low-speed teach mode with the operator in the cell, but when operating at full speed (unlike collaborative robots) they must not come into close proximity to humans. Even in teach mode, unless the robot is fitted with a force feedback system, there is still the danger of the operator being crushed. The handheld control unit is therefore normally fitted with a dead man’s switch which will shut down the robot if the operator becomes incapacitated.
Another automation situation requiring specialized safety is personnel-tended conveyor systems. Here, it may be necessary for personnel to work alongside conveyors operating rather quickly. This has a significant risk of entrapment resulting in serious injury, and so should be avoided wherever possible. But where such workspaces are essential to an operation’s productivity — as in Amazon Fulfillment Centers, for example — distributed stop switches in the form of pull-cords and stop strips must be installed. These give personnel a reliable means to stop the conveyor along its entire length. Such stops should be arranged so that an operator can easily grab or press them without having to hunt for them during an emergency.
The safety devices should also be positioned so that an injured or unconscious person falling or being pulled into the conveyor automatically triggers a stop. Multiple stop devices and redundant circuits may be required, and where conveyors are accessible from both sides, such safety devices must be present on both sides as well. Common safety-circuit components Mechanical switches include position switches, used to detect gate and guarding positions, and manually activated stop switches such as e-stop palm buttons and pull-cords. Non-contact switches, such as light and inductive sensors, may be also used in a similar
more rapid than the access time. There should also be
consideration of whether guards require emergency release, to allow manual opening from outside, or escape release to allow manual release from inside. ISO 13849 is referenced by ISO 14119, it is in two parts, covering the principles of designing and validating the safety-related part of a control system (SRP/ CS). According to this standard,
we get technical
20
21
Powered by FlippingBook