Now the future of the Machine Safety Directive has been agreed, system designers and machinery manufacturers need to decide how to proceed in future months. Paul Considine of Wieland Electric puts the case for embracing the new standards
Following months of speculation, confusion and reversed decisions, the European Committee for Standardisation (CEN) has opted for a two year transition period where machinery manufacturers can either comply with EN 954-1 or EN ISO 13849-1. Consequently, the new Machinery Directive will not be fully implemented until 31 December 2011.
This provides designers of machine safety systems with something of a quandary. Do they continue with EN 954-1 for as long as possible - on the grounds it is easier and cheaper to work with? Or do they make the switch to EN ISO 13849-1 (or the alternative EN (IEC) 62061) now? In my view, it makes sense to embrace the new standards as soon as possible, and there are several reasons for this. And, as is discussed later, new technologies can be employed to make compliance considerably easier and more cost-effective than many people realise.
In this respect, it's important to consider the reasons for introducing the new Machinery Directive in the first place - as well as the implications of carrying on with the old standards.
EN 954-1 is being phased out because it hasn't kept pace with the changes in technology that have been applied increasingly to ensuring and managing machine safety. In particular, EN 954-1 focuses on calculated risk using a simple category system, whereby system behaviours are set against categories.
The issue here is the wider implementation of programmable electronics in safety systems means such a simple system is no longer appropriate. So essentially, the new Machinery Directive brings the regulations into line with what is already current practice. In addition, the new systems that comply with EN ISO 13849-1 or EN (IEC) 62061 will be able to provide information on the probability of failure, enabling potential problems to be nipped in the bud before they become actual problems.
Given the general recognition EN 954-1 is no longer suitable for many applications, there is clearly a health and safety issue to be taken into account. This, in itself, is a good reason for adopting the new standard as safety must be of paramount concern to all companies.
Because of this, end customers that understand these implications are likely to insist on machines that comply with the new Directive, so to some extent that will determine the route forward for many manufacturers. Added to this, even when the end customer isn't fully acquainted with all of the facts, I would argue specifiers and suppliers have a responsibility to provide accurate advice on the options open to them.
There are also other commercial reasons for taking on the new standards as soon as possible. In the past where European regulations have been phased in, different EC members have responded in different ways, so adopting the new regulations will increase the likelihood of acceptance throughout Europe. Ultimately, this could also have a bearing on CE marking.
In fact, CE marking is an important consideration, as any alterations to the system in future may require it to be CE marked again. If it is compatible with EN 954-1 after this standard has been withdrawn in 2011, such alterations will doubtless be more complex and expensive. It's also important to note that, although the Directive applies principally to new machines, any modifications to existing machines will also be covered by the same requirements as cover new machines. Therefore, just as a new machine should be accompanied by a Declaration of Conformity to the Machinery Directive from the manufacturer, so any company carrying out such modifications may also have to issue such a declaration.
This is because the requirement applies to any organisation that ‘places a machine on the market' - and in this context modifying a machine counts as placing it on the market. So, along with the Declaration of Conformity, there needs to be a technical file that can be made available to the authorities on request.
Consequently, adopting the new standards will ‘future proof' the system against such difficulties.
Looking beyond Europe, it's also important to bear in mind that EN ISO 13849-1 and EN (IEC) 62061 are both international standards - in contrast to EN 954-1. Thus, for end users with global facilities that want to standardise across their estate, this will be an important consideration.
Returning to the important issue of safety, this is where I feel most of the benefits come from adopting the new standards. It is accepted within the new Machinery Directive that zero risk is not achievable in the real world, but arriving at an acceptable residual risk is feasible. In practical terms, this means safety control systems must either be designed to ensure the probability of functional errors is acceptably low - or any errors should not bring about a loss of the safety function if the former cannot be achieved. And that's where the harmonised standards come in.
EN ISO 13849-1 takes its core from the familiar categories in EN 954-1:1996 by examining complete safety functions, including all the components involved in their design. However, it goes beyond this qualitative approach to include a quantitative assessment of the safety functions, based on a performance level (PL) that builds on the category approach.
The components and devices that make up the system require the following safety parameters:
- Category (structural requirement)
- PL: Performance level
- MTTFd: Mean time to dangerous failure
- B10d: Number of cycles by which 10% of a random sample of wearing components have failed dangerously
- DC: Diagnostic coverage
- CCF: Common cause failure
- TM: Mission time
The standard also describes how to calculate the PL that can be achieved when several safety-related parts are combined into one overall system. Any deviations from EN ISO 13849-1 are referred to IEC 61508.
As noted above, EN ISO 13849-1 will be operated in conjunction with EN 62061, which is a sector-specific standard under IEC 61508. Based on quantitative and qualitative examinations of the safety-related control functions, it describes the implementation of safety-related electrical and electronic control systems on machinery. It also examines the overall life cycle from the concept phase through to decommissioning.
In EN 62061, the performance level is described through the safety integrity level (SIL) and the safety functions identified from the risk analysis are divided into safety subfunctions. As a safety-related control system is made up of several subsystems, these safety subfunctions are assigned to the actual devices (hardware or software) that are the subsystems or subsystem elements. The safety-related characteristics of these subsystems are described through the SIL and Probability of Dangerous Failure Per Hour (PFHD) parameters.
Cost effective compliance
There can be no doubt, therefore, the new regulations will make a significant contribution to improving safety in the workplace, in line with modern systems and working practices. At the same time, it's just as clear they bring with them a higher level of complexity and potentially increase the workload of those who are responsible for managing safety. However, as mentioned above, there is an opportunity to deploy newer safety system technologies to ease this burden without compromising on safety.
For example, in ensuring safety systems are operating properly at every level, higher efficiencies can be introduced by ensuring that all levels, or sub-functions, can be addressed through the same system. This is also more convenient.
In addition, such technologies can be very effective in ensuring that any downtime resulting from safety shut-down is kept to a minimum. This can be achieved by integrated fault diagnosis into the system that is responsible for safety-related control functions. So, rather than faults being traced manually by engineers before they can rectify them, the diagnostics can narrow down the search and often resolve the problem without calling in specialist engineers. And even when specialist input is required, the faster fault tracing means they spend less time on site, thus reducing costs.
Of course, electronic monitoring systems have been available for some time but they have tended to be expensive so that the return on investment calculation didn't stack up in many situations. Now, though, there are low cost systems employing advanced technologies that won't break the bank yet will provide continual monitoring of every aspect of safety - from post-top emergency buttons to light beams on conveyors - as well as facilitating fast location and diagnosis of faults. Furthermore, they operate from a centralised computer so that all of the information is readily accessible at any time.
Over and above these benefits, the same system can be used in the early design stages to simulate operation before the safety system goes live, so many potential problems can be designed out in advance.
All of which boils down to a smarter way of doing things that not only ensures legislative compliance but also offers ongoing time and cost savings. So it makes a lot of sense to take a fresh look at the technologies available and how they can be implemented to best effect.