IET
Decrease font size
Increase font size
Topic Title: ISO 13849 Hydraulic Press
Topic Summary:
Created On: 31 December 2013 10:10 PM
Status: Read Only
Linear : Threading : Single : Branch
Search Topic Search Topic
Topic Tools Topic Tools
View similar topics View similar topics
View topic in raw text format. Print this topic.
 31 December 2013 10:10 PM
User is offline View Users Profile Print this message



sur4j

Posts: 4
Joined: 31 December 2013

Hello,

I am a mechanical engineer trying to learn about the ISO 13849 regulation as a full assessment is required at my workplace. The assessment will be done for a hydraulic press and I am having a bit of difficulty understanding where to start.

The basic operation for the press is a direction (up or down) is set, two push-buttons are operated and the heated platen rises or lowers accordingly.

Firstly, does the regulation only apply to the guarding around the press?

I am having some difficulty on the initial stage (risk assessment), I have managed to identify some control measures: emergency stops required, light curtains, non contact door sensors for the guarding, I am having difficulty finding any others could anyone please suggest anything else that I could look at?

What do I apply the initial Performance Level to? I mean I know that I need to calculate a PL for each safety function (emergency stop, light curtain, etc...) but what is the initial PL that these get compared to because for the above each control measure will have an associated hazard therefore I would have thought that there would be many initial PL's.

I would greatly appreciate any help at all with this as my experience with control systems is very little, Thank you.

Edited: 31 December 2013 at 11:25 PM by sur4j
 02 January 2014 03:44 PM
User is offline View Users Profile Print this message



iie63674

Posts: 72
Joined: 17 May 2006

Hello.
I think you're starting in the wrong place; you need to perform a risk assessment in accordance with ISO 12100, then decide on a risk reduction plan. Some of the risk reduction will be done by safety functions implemented in the control system. Then use ISO 13849 to determine the PL required for each of the safety functions, and design your control measures to achieve the required PL.
 02 January 2014 10:29 PM
User is offline View Users Profile Print this message



jarathoon

Posts: 1033
Joined: 05 September 2004

Just some thoughts, by no means comprehensive...

Hydraulic presses have a safety culture all to their own.

http://www.hse.gov.uk/search/s...=hydraulic%20press%20

e.g.

http://www.hse.gov.uk/foi/inte...ims/manuf/3_12_02.htm

"Summary"

"This guidance explains the agreed EU position on the conditions necessary for using two-hand controls as the sole device for safeguarding against mechanical hazards in the tools area of hydraulic presses in production mode."


In safety terms Hydraulic presses must be as close to deterministically safe (fail safe) as can be achieved, not just probabilistically safe to some defined performance level. Concentrating on probabilistic safety calculations independent of the up to date health and safety literature pertaining specifically to the safe use of hydraulic presses seems inadvisable to me.

For a company risk assessment every possible failure mode must be thought through in a full systems level HAZOP asessment, that includes working practices involving production managers etc, just as much as you the machine designer. I don't think this can be done without reference to the specialist safety literature on Hydraulic Presses, including what is on the HSE website. As a machine designer I would think about ways that can be used to detect individual failure modes before they can in combination lead to an accident.

The reliability of the two-buttons press system used to operate the press has to be considered in detail, independently from other secondary protections like light curtains or mechanical guards.

For the two button hydraulic press, if one of the buttons has failed ON before the start of the operation, then the press should trip with a fault code that puts a requirement on the engineering staff to service the machine before it can be reset and reused.

Next there is the possibility that one of the buttons starts to stick and fails ON for just long enough that it allows the hand previously pressing it to move into the operational press area, without the press itself having been tripped (assuming no guard in place). If you can find statistics on button sticking and the length of time they might stick I would be very suprised. In fact if you do find any as a function of button lifetime and how clean the working environment is etc, please let me know.

A button sticking test could be used to trap this failure mode. This is where the operator presses the buttons, takes their hands off, and then represses both of them, when a lamp signals them to do this more or less straight away. If the button sticking test fails (either one of the buttons released too slowly) then the press should trip with a fault code that puts a requirement on the engineering staff to service the machine before it can be reset and reused. A button sticking test could be carried out one or more times a day. I suppose it could even be done before every pressing in the extreme, but that might cause repetitive strain injury though and reduce the button lifetime unnecessarily.

Then move on to the more complex safety systems. The light curtain might fail in a host of different ways, intermittent or continuous. It might fail ON or OFF or not operate quickly enough because it was incorrectly specified or configured, or replaced with the wrong type when last serviced. If the light curtain trips the machine this might end up being a rare enough to be recordable as a near miss, with a management/engineering investigation to find out what happened, and what can be done to avoid it in future.

Then there are failures or eventualities involving more that one person in the operating area - this must be fully considered by you even though it is not part of the control system as such. e.g. What is the proceedure when training new people to use the machine?

What is the function of the emergency stop? If it controls more than the press, how wide an area surrounding the machine does it cover? Who is allowed to reset it?

What is the place of staff training and management?

e.g. Any piece work payment systems in place should not penalise staff for machine downtime due to a safety system tripping the machine. Their defeat should be detectable and with sophisicated defeat not acting to incentive to increase their piece work rates.

What is the place of preventative maintenance regimes?

There is always the danger in making calculations too quickly, it can lead to disengagement from the problem at hand, an overly mechanistic mindset; with people concentrating on the things that are easy to calculate, rather than more critical issues which are hard to calculate and are best thought about qualitatively, at least at the beginning of the analysis process.


-------------------------
James Arathoon
 03 January 2014 08:52 AM
User is offline View Users Profile Print this message



iie63674

Posts: 72
Joined: 17 May 2006

James, I agree in general with your comments, particularly your final paragraph - hence my suggestion to go back to ISO 12100 rather than going straight to calculations.
One of the problems with the standards that take a probabilistic approach to functional safety (such as IEC 61508, 61511, 62061 or ISO 13849) is that they give a false impression of determinism. As engineers, we are used to calculations that give a precise result, whereas the calculations for SIL or PL are only a form of educated guesswork. The results have little meaning when applied to an individual machine; a constant failure rate among a number of machines means that for any individual machine the probability of a failure is the same at any point in its lifecycle. The quality of available reliability data also leaves something to be desired.
I'm not saying there is no place for calculation of the probability of failure leading to a SIL or PL, but the first priority must be consideration of the possible failure modes, and their effects, and then design to minimise those effects and/or enable easy diagnostics.
For example, rather than your proposed button sticking test (assuming an electrical control system) why not use normally-closed pushbuttons with positive opening operation, so that the "failure to open" failure mode can be disregarded? Most two-hand control units will require a change of state on both buttons within 0,5 seconds, and will lock out if a button sticks anyway.
Two-hand controls are used on many presses and other dangerous machines, but should not be considered to be protective equipment, because they only give any protection for the machine operator and not to anyone else in the vicinity of the machine. This was a point of contention between the UK and other countries in several standards committees, in which some countries argued that part of the operator's role is to see that no other person is near the press before he presses the buttons!
 07 January 2014 09:27 PM
User is offline View Users Profile Print this message



sur4j

Posts: 4
Joined: 31 December 2013

Hello,

Thank you for the very detailed reply. What has actually happened is, there has been a machine risk assessment done previously by a certified health and safety company, they had listed all the hazards and control measures some of which to me were unclear, we have attempted to contact the company to gain a better understanding however were unable to get much support.

The hazards and control measures which are confusing me are the following:

Hazard: Injury due to the failure of the control system due to the fact that a full 13849 assessment is required. The performance level required by EN 693 2001 A1 2009 is category 4 and the machine does not appear to be at that level.
Control Measure: A 13849 assessment is further to the PUWER assessment.

This is why I started looking into the regulation and asked this question, could you please explain to me what I must do for this? Another hazard/control measure that had confused me was:

Hazard: Injury due to failure of the safety related circuit of the two handed control for raising the tool. The two handed controller is type one which is not in accordance with EN 693.
Control measure: Install a two handed type I I I C controller in accordance with EN 693 and EN 574.

I have looked at the EN 693 regulation and found the safety distance from the press for the two handed controls however, the EN 574 is a bit confusing. I found the following check list online for this:

machinesafetyspecialists.com/Two%20Hand%20Control%20EN%20Categories.aspx

There are a few things about this that confuse me, what does it mean when it says "Synchronous action (within .5seconds)" is it about the delay in the circuit at which point the two buttons are pressed? next on the list is "use of proven components" does the supplied have this information? And also the last two which go into the 13849 Category 3 & 4, from what I have read these are self monitoring systems, in the case of two push buttons how would this be set up?

Also, I have noticed on almost all of the examples I have seen on these topics that the safety device in my case the two handed control enters a safety relay first and then the output (contactor) however, the current two handed controls are wired directly into the contactor, does the circuit need to be split and safety relay need to be added between the buttons and contactor?

One last thing which I thought was strange. They shown a hazard which basically said the press's are over 20 years old and were defined to the old regulation (EN 954) and that it cannot be confirmed if any safety relays are used. The control measure for this was unsure that the safety level of the machine was verified by showing that they meet the required performance level as shown in the EN 13849 report, they supplied us with a document which was called 13849 assessment and had the following graph for a lot of the components (eg, the emergency stop, direction switch, etc for each press)

epub1.rockwellautomation.com/images/web-proof-large/GL/42706.jpg

I do not understand what I am supposed to do with these results, do I have to conduct a full 13849 assessment and check my results against the ones they had given?

This has really confused me and I have asked many people these questions and had no answers therefore, I would appreciate any help at all with this. Thank you.

Edited: 07 January 2014 at 09:56 PM by sur4j
 08 January 2014 12:15 PM
User is offline View Users Profile Print this message



jarathoon

Posts: 1033
Joined: 05 September 2004

Provision and Use of Work Equipment Regulations 1998 (PUWER)

http://www.hse.gov.uk/work-equ...t-machinery/puwer.htm

"When providing power presses for working on cold metal, you must thoroughly examine them and their safeguards before first putting them into use, and periodically afterwards. This means you must ensure that the inspection and testing of guards and protection devices is carried out by a competent person at frequent intervals, and that records of these examinations, inspections and tests are kept."

"Safe use of power presses. Provision and Use of Work Equipment Regulations 1998 as applied to power presses"

http://www.hse.gov.uk/pubns/books/l112.htm

If you look for and cannot find and locate historic records of previous examinations, inspections and tests carried out on this machine by a competent person, then your company is breaking HSE regulations and this would be the most urgent matter to address first.

If the historic maintenance, service and test record for the machine is not up to date then you should inform the production managers of your finding and urgently get the machine serviced by a competent person (to at least make sure it meets its current specification in regards to safe operation) pending an appropriately designed refurbishment to life extend the equipment.

I am not sure if a refurbishment of your machine needs to conform to European regulations and be CE marked. It certainly needs to conform with existing HSE regulations.

Given that the HSE is currently consulting on proposals to review it's Approved Codes of Practice (ACOPs) in this area I would contact the HSE for detailed clarification on this matter.



-------------------------
James Arathoon
 08 January 2014 07:26 PM
User is offline View Users Profile Print this message



sur4j

Posts: 4
Joined: 31 December 2013

Hi James, thanks for the reply.

Currently we have none of this but I am going to set it up stating first thing tomorrow, I will test the emergency devices currently fitted (interlocks, emergency stops) and keep a log (does this have to be done daily?) and also get a hold of all the maintenance activities carried out in the past and then set up planned preventative maintenance plans and periodic inspections.

Now coming back to the 13849 regulation, as mentioned above there is have been Performance Levels (PL) applied to the safety related components of each press (emergency stop & two handed controls) by the company which created this assessment and a control measure for us is to ensure our systems meet these Pl's we also require category 4 architecture from what I have read requires us to be able to detect the fault and stop the system safely. When calculating the performance level for each component using the following chart:

epub1.rockwellautomation.com/images/web-proof-large/GL/32255.jpg

How do I determine the category and DC?

Edited: 08 January 2014 at 08:38 PM by sur4j
 09 January 2014 09:26 AM
User is offline View Users Profile Print this message



iie63674

Posts: 72
Joined: 17 May 2006

Sur4j, sorry for the delayed reply, I've been away for a couple of days.

My initial reaction is disappointment that the "certified health and safety company" who had previously assessed the machine doesn't understand the word 'hazard'.

You don't really need to worry in detail about the content of EN 574, which is really for the manufacturers of such controls, but it is clear that your existing two hand control doesn't include a safety relay hence is not really a two hand control but just a pair of pushbuttons in series. A compliant two hand control will include a safety relay or other monitoring means such that the two buttons have to be pressed within 0,5 seconds for a stroke to take place (this is the meaning of "synchronous action"), and released before the next stroke can be initiated.
You need to add a safety relay into the circuit; I'd be choosing one from Schneider, but other makes are available.

I can't comment on the Rockwell document since I can't open your link; the document from 'machinesafetyspecialists' is written from a US perspective, but at a quick glance doesn't have any major errors.

You do not have to bring the press up to the standards that would apply to a new one, however you do need to perform a risk assessment under PUWER and add whatever safety measures are indicated by that RA. James has provided links to the HSE guidance, but as I said earlier, you need a copy of BS EN ISO 12100 for guidance on the risk assessment and reduction process.
There's some useful information at http://www.schneider-electric....ine-Safety-Guide.pdf.

Let me know if I can help.
 09 January 2014 04:45 PM
User is offline View Users Profile Print this message



sur4j

Posts: 4
Joined: 31 December 2013

Thank you very much for your reply it was very helpful.

Just to confirm when you say " two buttons have to be pressed within 0,5 seconds" does that mean that if the second button is pressed 0.5 seconds after the first button the machine will not operate and will require repressing of the two buttons simultaneously (within 0.5 seconds of each other) to operate?

Also, two of our press's have one electric push button and one mechanically operated handle which mechanically operates a hydraulic valve. To conform to the required regulations will the manually operated valve need to be replaced with an electrical pushbutton linked to as you said a safety relay? In which case do you think a solenoid operated valve would be the best replacement?

Again, thank you for your guidance, I really appreciate the help.
 09 January 2014 08:05 PM
User is offline View Users Profile Print this message



iie63674

Posts: 72
Joined: 17 May 2006

Hi, to be more precise, if the 2nd button is pressed more than 0,5 sec after the first, this should be considered as an attempt to bypass the safety feature of the two-hand control, and the machine should go to a lock-out condition until a reset control is actuated (e.g. another pushbutton or sometimes a key-operated switch).

In theory the part-electric, part hydraulic control should obey the same rules (unless otherwise indicated by the risk assessment). This might need a sensor on the hydraulic valve to provide an electrical signal into the safety relay. You might need a solenoid-operated valve so that the safety relay can inhibit movement until it receives the correct start signals - I can't say without seeing the press and its control circuit diagram. Diversity of the control media is generally a good thing though, as it reduces the probability of common cause failures.
 09 January 2014 08:41 PM
User is offline View Users Profile Print this message



jarathoon

Posts: 1033
Joined: 05 September 2004

I have seen on the HSE Website various day courses that might help you out in your risk assessment and design work.

Search HSE Website

They have a "Machinery Series - Machinery Risk Assessment Essentials" day course which includes

Course includes
- What is the difference between hazard and risk and other definitions
- Hazard identification process and techniques
- Risk estimation process and techniques
- Risk evaluation, what does ALARP mean in practice
- Assessment, handling and control of hazardous substances
- Reasonably foreseeable misuse, an introduction to human factors
- Machine interventions
- Risk assessment practice

Perhaps go along to a course like this with one or two of the production managers.



-------------------------
James Arathoon
 24 February 2014 04:58 PM
User is offline View Users Profile Print this message


Avatar for dougflorence                                      .
dougflorence

Posts: 74
Joined: 25 July 2008

Hi Sur4j,

Did you get this sorted? It is quite a complex topic and its a bit difficult to address it fully on the forum. Some of the suggestions above are helpful, but none is a complete answer. It sounds to me as though you may well have cause for concern. EN 693 would be a good starting point. The control system aspects are relatively simple but you do need to ensure your hydraulics are suitable as well.

If you are still not sure I may be able to help, PM me. I just love taking about machinery safety :-)

Doug Florence
Statistics

See Also:



FuseTalk Standard Edition v3.2 - © 1999-2014 FuseTalk Inc. All rights reserved.