5 Steps to Developing a Compliant Safety System

In my last blog on The Importance of Machine Safety, I mentioned the safety life cycle as an important process to develop a compliant safety system according to current safety standards. Following this process is essential because it covers all aspects from start to finish. It’s easy to over engineer or miscalculate a portion of the safety system if this process is not adhered to. Simply put, following the safety life cycle is just good engineering practice because “safety is only as strong as its weakest link.” Let’s take a look at the five steps of a safety life cycle.

Step 1: Risk Assessment

A risk assessment is the foundation and most crucial portion of the safety life cycle. Everything stems out from this first step, but unfortunately in my experience, this step most often gets neglected. You won’t be able to achieve a complete and thorough safety system if you ignore the risk assessment. The risk assessment identifies hazards, and estimates and evaluates their risk level to determine if the risk is acceptable.

To identify hazards correctly you should use a team-based approach. Different employees have diverse tasks they are responsible for, each which could present various hazards. Then to calculate the risk level for each hazard, three things need to be considered: severity of injury, frequency of exposure and likelihood of avoidance. Lastly, evaluate hazards against the acceptable risk level. If the hazard falls above the acceptable level than intervention is necessary.

Step 2: Safety Requirements Specification

 Now that you have a list of the tasks involved to interact with the machine and their associated hazards, you can begin the risk reduction process. In this step of safety specification, you choose the best method of mitigating the hazard. There is a hierarchy of protective measures to implement using five different ways to mitigate hazards. For now, we will just discuss #3 on the list – monitoring access to the hazard. This includes any new safety technologies such as light curtains, safety switches, laser scanners, safety mats, safety relays, safety drives, etc. If this is your chosen path, then a detailed explanation should be written out describing the safety function. In other words, how should the safety circuit work and interact with the machine? For example, if the guard door is opened, then the safety switch contacts open that are wired into the safety relay. The safety relay outputs open and de-energize the safe torque off terminals of the drive which disables the line power to the motor.

Step 3: Design and Verification

At this point in the life cycle, the safety circuit is designed in every detail. Wiring diagrams and mechanical drawings are published. The safety circuit must be built to meet the Performance level (PL) or Safety Integrity Level (SIL) requirements which are based off the risk assessment. The risk level that was calculated correlates to a PL or SIL. This is another reason why the risk assessment is essential to this process — without it there is no way of knowing what level to build your safety circuit to. There are several factors that are considered in making sure your circuit meets the required rating: each safety product has their own PL/SIL rating, wiring, diagnostic coverage, Mean Time to Dangerous Failure (MTTDf), B10d, PFHd and Common Cause Failure (CCF). All these things must be verified to maintain the integrity of the safety circuit.

Step 4: Install and Validate

When installing the safety circuit, the standards call out basic and well-tried safety principles, circuit protection from over current, electromagnetic immunity and more. The installation instructions must be followed for each product in the circuit, as they are designed to be used within its limitations. After the installation is complete, carry out the validation plan. Test every part of the safety circuit to confirm that it responds as expected and within the time frame necessary. Does the hazard stop so there are no injuries? Induce faults into the system to make sure it will bring the machine to a safe state. Faults can be removing a wire from one of the channels of the safety switch or inducing a short between the two channels of the switch. How does the safety circuit respond? Did the safety relay pick up the fault and stop the drive?

Step 5: Maintain and Improve

Finally, the last step in the safety life cycle process is maintain and improve. Throughout this entire procedure every step should be documented and saved. What good is it to make the machine safe if you can’t prove it? Train employees on how to properly use the safety circuit. Skipping this step could cause them to find ways of defeating it. Part of maintaining the safety system involves constantly looking for ways to improve it. Maybe there are tasks not identified at the risk assessment that now must be incorporated? Not everything can be foreseen. The machine will go through changes which could impact the safety circuit. As new safety technologies become available, they should be compared to what is existing as they may make your machine more efficient.

This is a just brief overview of the safety life cycle and more can be said for each step. If you have questions about a particular step or how to determine the safety life cycle for your particular application, contact a Rumsey safety specialist today.

Upcoming Training

Here at Rumsey we take safety seriously. For this reason, we have several in-person training opportunities coming up this fall focusing on machine safety. Each session can stand alone or take all three for an in-depth understanding on safety standards.

September 11 – Practical Approach to Risk Assessment
October 2 – Safety Implementation
December 9-10 – SAF-TUV0T Functional Safety for Machinery Technician Certification (TÜV Rheinland)