Every machine builder knows that they have to meet stringent safety requirements to protect workers from the risk of injury. If they build machines for the EU market, they should know that the European regulatory landscape is more advanced than in most other regions, with newer and more rigorous requirements for safety design and testing.
EU-equivalent safety capabilities are also being adopted by many non-European manufacturers despite the lack of specific in-country regulations. Sooner or later, every machine builder will need to offer functional safety capabilities or be left behind. Let’s look at what that means.
How Do You Define Safety?
In its simplest form, the word “safety” means being protected from harm or minimizing the risk of harm through the control of recognized hazards. But what does it mean in a manufacturing environment? Add a word—“machine safety”—and it means removing or controlling hazards in the operation of a machine that could otherwise cause injury, for example through unintended contact with a moving part.
The simplest approach to machine safety is to install partitions or fences that separate operators from the machine motion. Because these are cumbersome and hinder operator control, machine builders often take the somewhat more sophisticated approach of shutting the machine down under unsafe conditions through the use of light curtains, emergency controls, safety mats or other devices.
However, sudden shutdowns can sometimes produce a cascade of unpredictable responses that put operators at risk. And while a well-designed machine safety system should make that risk rare, there’s a more pervasive problem: shutdowns.
Every Shutdown Means Shutting Down Productivity
It’s not just a matter of an occasional safety incident here and there. Often, procedures such as cleaning, maintenance, adjustments and even changeovers could be performed more efficiently if the machine were running—perhaps at a slower speed—rather than shutting it down completely.
Operators know this, and in real-world conditions they are often tempted to disable, bypass or shortcut traditional machine safety features, including barriers and shutoff devices. It’s human nature—the same impulse that motivates drivers to speed through yellow or even red lights because they don’t want to be delayed.
So well-designed machine safety can fulfill regulatory requirements. But machine safety doesn’t necessarily ensure operator safety, nor can it advance the business goal of maximizing productivity.
Functional Safety Increases Productivity
Instead of adding “machine” to “safety,” let’s add a different word: “functional safety.” This is a set of standards that define methods for avoiding random and systematic failures and controlling failures when they do occur. Machines intended for sale in the EU must meet functional safety standards such as IEC 62061, ISO 13849 and/or others. In North America, manufacturing customers are also increasingly requiring compliance with these functional safety standards even in the absence of regulatory mandates.
While operator safety is still paramount, functional safety enables engineers to maximize the productivity of their machines. In fact, by providing for operator safety while the machine remains in motion, the human impulse to bypass safety features and “run the red light” is greatly reduced. Many operations that formerly required a shutdown and restart can now be completed while the machine continues producing at reduced or even full speed.
In other words, functional safety is a means to keep machines functioning safely, even when powered on. It enables:
● Flexible manufacturing, with simplification of frequent changeovers
● Safe access to equipment in motion during operation and maintenance
● New modes of operation that reduce downtime
● The ability to continue operating within safety constraints—for example, by limiting speed or force instead of cutting power
Functional safety is a paradigm shift. Instead of enforcing a separation between the operator and the machine motion, it permits safe interaction between operator and motion, enabling a significant increase in machine productivity.
Functional Safety Is a Process
To implement functional safety, machine designers need to perform a risk assessment. This involves determining the probability of harm (the frequency and/or degree of exposure) and the potential severity of harm (slight or serious) if an incident should occur. These assessments, combined with an analysis of the technical and human possibilities for avoiding possible harm, provide a basis for specifying safety requirements.
These requirements are generally categorized either by the Safety Integrity Level (SIL) system under IEC 61508 or the Performance Level (PL) system under ISO 13849. Machine engineers or their consultants determine the appropriate SIL or PL level required to reduce risk to acceptable levels for each safety function.
Machine builders that are new to this process sometimes default to the highest safety levels (SIL3 or PLe), but for most industrial machines this leads to unnecessary complexity and expense. That’s why an accurate risk assessment is important.
Once SILs or PLs have been identified for each safety function, these functions can be designed and validated to achieve their intended performance characteristics. In the EU, the complete system must be certified by an appropriate notified body, such as TÜV. Finally, functional safety audits should be conducted to ensure that appropriate safety lifecycle management techniques are applied consistently and thoroughly at each relevant stage throughout the product lifecycle.
SafeMotion™ Simplifies Functional Safety
Implementing functional safety doesn’t need to be overcomplicated. Kollmorgen’s next-generation AKD2G drives offer a full set of 100% drive-resident SafeStop, SafeSpeed and SafePosition options—16 functional safety features in all. With drive-resident functional safety, there’s no need for external solutions that depend on complex integration between the controller, safe PLC and drive.
To provide just two examples, the SLS–Safe Limited Speed function can be used to clean a food packaging machine more efficiently and thoroughly, without stopping the machine. The SDI–Safe Direction function can increase metal forming throughput by preventing dangerous movements when an operator breaks the light curtain, rather than forcing a shutdown of the press brake.
Watch our on-demand web session to learn about 10 commonly used SafeMotion™ functions.
In addition to simplifying machine design, drive-resident SafeMotion™ functions can also simplify safety testing. For example, in a machine that achieves a SIL2 or higher rating in part by using a brake motor to hold a vertical load, there needs to be a method for testing the electromechanical braking system to ensure that it prevents the load from falling when the machine is unenergized. The SafeMotion™ SBT–Safe Brake Test function incorporates this testing capability, so you don’t have to engineer an external process—including circuitry, components, error notification method and more—in order to perform the testing externally. Everything is already done for you, on the drive.
SafeMotion™ helps you achieve the component-level capabilities and ratings you need to achieve the SIL or PL level you have arrived at through your risk assessment process and that you are engineering into your machine. And, as always, you can rely on Kollmorgen co-engineering expertise to help meet all your motion performance goals, from your functional safety specifications to product quality and throughput, machine uptime, and more.
Ready to discover all your machine is capable of? Let’s talk.