What is the correct way to restart machinery safely inside a safeguarded space when there is no visibility?
‘Reset’ and ‘Start Cycle’ push buttons are often fitted to OEM equipment but where do the reset functions of safety related parts of controls systems
(SRP/CS) get defined? The relevant sections of ISO13849-1 – Safety of Machinery – Safety-related parts of control systems – Part 1: General principles for design are discussed below to assist with answers to common questions.
We see it all the time with automation, a part being processed has been moved out of position and needs to be readjusted. The operator’s role is now to enter the area, readjust the part and go through the process to restart the automatic cycle. Seems like something we are familiar with? What considerations are made to their safety during this activity?
Starting at the beginning means we should cover some wording used within safety of machinery standards.
Starting at the beginning means we should cover some wording used within safety of machinery standards.
The advice from ISO13849 also states that the reset actuator shall be situated outside the safeguarded space and in a safe position from which there is good visibility for checking that no person is within the danger zone.
However, we all know the practicalities of always being able to visibly see the whole safeguarded space is not realistic in all applications. What do we do if an operator may need to walk around the far side of the equipment to perform an activity where they will not be visible? How do we avoid someone picking up a workpiece from under a piece of equipment and them not being seen when someone presses restarts the system?
Some schools of thoughts would be to restrict the ability for a person to stand in these less-visible areas by fitting sloping surfaces or other means. Another suggestion could be to use presence detection to detect whether a person is ever present within the area – In large areas or those with environmental restrictions like dust or process material makes these options unfeasible or cost-prohibitive.
These types of applications may lead us towards considering the requirements of ISO14118 Safety of machinery — Prevention of Unexpected Start-Up. However, ISO13849-1 offers advice on special reset procedures for: “where the visibility of the danger zone is not complete”.
The practical advice given in the standards is use a second reset device. In this arrangement the reset function is initiated within the dangerous zone by the first device in combination with a second reset device outside the safeguarded space. The combination of these devices as a reset procedure needs to be completed within a limited time before the control system can accept a start command.
When we typically see this in applications, we know these reset devices inside the safeguards as ‘acknowledgment pushbutton’. The procedure is that an operate must acknowledge no one is currently behind the piece of equipment blocking visibility before leaving the area to complete the reset on the second device. The sequence of operation and time limits are all programmed within the PLC.
RFID Badges
For those customers looking for an additional level of authentication, RFID badges can be used in place of the pushbuttons. This can confirm it is the same operator that has preformed both elements of the reset procedure.