2 - Schneider Electric CZ, s.r.o.

More documents

Recommendations

Info

Presentation Machine safety Functional Safety of Machinery Introduction Standard EN ISO 13849-1 1 2 3 4 5 6 7 8 9 10 Event: limit switch Standards to be applied according to the design selected for the safetyrelated machine control system Guard contact Safety functions Logic Representation of the safety function L Contactor Inputs Processing Outputs Risk related to the potential hazard Risk analysis Severity . of the potential harm Action: motor stop Probability of occurrence: . - Frequency and duration of exposure - Possibility of avoiding or limiting the probability of the occurrence of an event that could cause the harm Introduction to Functional Safety of Machinery The functional safety standards are intended to encourage designers to focus more on the functions that are necessary to reduce each individual risk, and on the performance required for each function, rather than simply relying on particular components. These standards make it possible to achieve greater levels of safety throughout the machine’s life. > > Under the old standard, EN 954-1, categories (B, 1, 2, 3 and 4) dictated how a safety-related electrical control circuit must behave under fault conditions. Designers can follow either EN ISO 13849-1 or EN/IEC 62061 to demonstrate conformity with the Machinery Directive. These two new standards consider not only whether a fault will occur, but also how likely it is to occur. > > This means there is a quantifiable, probabilistic element in compliance: machine builders must be able to determine whether their safety circuit meets the required safety integrity level (SIL) or performance level (PL). Panel builders and designers should be aware that manufacturers of the components used in safety circuits (such as safety detection components, safety logic solvers and output devices like contactors) must provide detailed data on their products. Standard EN ISO 13849-1 Machinery safety - Safety-related parts of control systems Standard EN ISO 13849-1 is an evolution of standard EN 954-1. Field of application of the standard This standard gives safety requirements and advice relating to principles for the design and integration of safety-related parts of control systems (SRP/CS), including software design. For these parts, it specifies the characteristics, including the performance level, needed to achieve these safety functions. It applies to the SRP/CS of all types of machine, regardless of the technology and type of energy used (electric, hydraulic, pneumatic, mechanical, etc.). Process Risk assessment as defined in standard EN/ISO 12100 leads to decisions on risk reduction measures. If these measures depend on a control system, then EN/ISO 12100 can apply..It defines a 6-stage design process: 1 - Selection of the essential safety functions that SRP/CS must perform. For each safety function, specify the required characteristics 2 - Determine the required performance level (PLr) 3 - Design and technical creation of safety functions: identify the parts that perform the safety function 4 - Evaluate the performance level PL for each safety-related part 5 - Check that the performance level PL achieved is greater than or equal to the required level (PLr) 6 - Check that all requirements are satisfied We will now illustrate these stages, taking as an example a safety function where a severe injury can be caused by a trolley not stopping at the end of the Jib and thus causing the trolley to fall. A person can be exposed to this dangerous situation around the hoisting machine. Stage 1 - Selection of safety functions The diagram opposite shows a safety function which consists of several parts: > > The input actuated by opening of the guard (SRP/CSa) > > The control logic, limited in this example to opening or closing of a contactor coil (SRP/CSb) > > The power output that controls the motor (SRP/CSc) > > The connections (Iab, Ibc) Stage 2 - Estimation of required performance level (PLr) Considering our example of the person coming into area where the dangerous hoisting machine is operating we now estimate the risk using the risk graph. The parameters to be considered are: > > S Severity of the injury > > S1 Slight injury, normally reversible > > S2 Serious, normally irreversible, including death > > F Frequency and/or duration of exposure to the hazardous phenomenon > > F1 Rare to fairly frequent and/or short duration of exposure > > F2 Frequent to permanent and/or long duration of exposure > > P Possibility of avoiding the hazardous phenomena or limiting the harm > > P1 Possible under certain circumstances > > P2 Virtually impossible 7/6
Presentation Machine safety Functional Safety of Machinery Standard EN ISO 13849-1 Starting point for the evaluation of the contribution to the risk reduction of a safety function Required performance level PLr: Estimation of required performance level S = Severity of injury S1 = Slight (normally reversible injury) S2 = Serious (normally irreversible) injury including death F = Frequency and/or exposure time to the hazard F1 = Seldom to less often and/or the exposure time is short F2 = Frequent to continuous and/or the exposure time is long P = Possibility of avoiding the hazard or limiting the harm P1 = Possible under specific conditions P2 = Scarcely possible L = Low contribution to risk reduction H = High contribution to risk reduction Estimation L H Standard EN ISO 13849-1 Machinery safety - Safety-related parts of control systems Process (continued) Stage 2 - Estimation of required performance level (PLr) (continued) For our example: a serious injury S1 can be caused by being exposed near the hoisting machine as if there is no safe guarding to ensure the trolley stops the load and trolley will fall..After considering the severity of the injury we investigate the frequency and/or duration of the possible entry to the dangerous area..Here we define the frequency of exposure to the hazard is low F1 (occasional presence) as there are restrictions to enter the area..The last step is based upon the possibility to avoid the hazard and limiting the harm..To evaluate this we take into consideration that it is possible to avoid the harm as the visibility around the dangerous machine is monitored by the operator and in this case there is a possibility to avoid the harm under certain conditions so we define it as P1. The result of the estimation gives a required performance level PLr = c. Stage 3 - Design and creation of the safety functions At this point, we need to describe the PL calculation method. For a SRP/CS (or a combination of SRP/CS), PL could be estimated with the figure shown on page 7/9, after estimation of several factors such as : > > Hardware and software system structure (categories) > > Mechanism of failures, diagnostic coverage (DC), > > Components reliability, Mean Time To dangerous Failure (MTTF d ) > > Common Cause Failure (CCF) > > Categories (Cat.) and designated architectures The table below summarises system behaviour in the event of a failure and the principles used to achieve the safety, for the 5 categories defined: Cat. System behaviour Designated architectures B A fault can lead to loss of the safety function 1 As for category B but the probability of this occurence is lower than for the category B 2 A fault can lead to loss of the safety function between two periodic inspections and loss of the safety function is detected by the control system at the next test. 3 For a single fault, the safety function is always ensured. Only some faults will be detected. The accumulation of undetected faults can lead to loss of the safety function. 4 When faults occur, the safety function is always ensured. Faults will be detected in time to prevent loss of the safety function I I i m i m m L L TE i m i m i m O O OTE m i I1 m L1 O1 c I2 i m L2 m i m O2 I1 i m L1 m i m O1 c m i m I2 L2 i m O2 Key: im: Interconnecting means m: Monitoring c: Cross monitoring O, O1, O2: Output device, e.g. main contactor I, I1, I2: Input device, e.g. sensor TE: Test equipment L, L1, L2: Logic OTE: Output of TE > > MTTF d (Mean Time To dangerous Failure) The value of the MTTF d of each channel is given in 3 levels (see table below) and shall be taken into account for each channel (e.g. single channel, each channel of a redundant system) individually. Reliability levels of components Index Range Low 3 years y MTTF d < 10 years Medium 10 years y MTTF d < 30 years High 30 years y MTTF d < 100 years A MTTF d of less than 3 years should never be found, because this would mean that after one year in operation, 30% of all those components in use would have failed to a dangerous state. The maximum value is limited to 100 years because devices dealing with a significant risk should not depend on the reliability of a single component. Additional measures such as redundancy and tests are required. 1 2 3 4 5 6 7 8 9 10 7/7
Page 1 and 2:
Hoisting Control Solutions Catalogu
Page 3:
U 3 The product data sheet displays
Page 6 and 7:
4 General contents
Page 8 and 9:
chapter 1 Hoisting Control Solution
Page 10 and 11:
Presentation Hoisting Control Solut
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
chapter 2 SoMachine software & Appl
Page 24 and 25:
Presentation SoMachine software & A
Page 26 and 27:
Characteristics SoMachine software
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
chapter 3 Controllers All technical
Page 44 and 45:
Selection guide Controllers ATV IMC
Page 46 and 47:
Presentation description Controller
Page 48 and 49:
Functions Controllers Drive control
Page 50 and 51:
Description Controllers Drive contr
Page 52 and 53:
Selection guide Controllers Modicon
Page 54 and 55:
Presentation Controllers Modicon M2
Page 56 and 57:
Description Controllers Modicon M23
Page 58 and 59:
References (continued) Controllers
Page 60 and 61:
Selection guide Controllers Modicon
Page 62 and 63:
Page 64 and 65:
Page 66 and 67:
Page 68 and 69:
References Controllers Modicon M258
Page 70 and 71:
Selection guide Controllers Control
Page 72 and 73:
Selection guide Controllers Control
Page 74 and 75:
chapter 4 Communication All technic
Page 76 and 77:
Presentation Communication CANopen
Page 78 and 79:
Architecture, Presentation Communic
Page 80 and 81:
Architecture, references Communicat
Page 82 and 83:
Connections, references Communicati
Page 84 and 85:
Connections, references Communicati
Page 86 and 87:
Presentation, description Communica
Page 88 and 89:
chapter 5 Motor control All technic
Page 90 and 91:
Presentation Motor control TeSys fo
Page 92 and 93:
Presentation Motor control TeSys fo
Page 94 and 95:
TeSys U Motor control Starter-contr
Page 96 and 97:
TeSys LUTM TeSys GV3L Circuit-break
Page 98 and 99: TeSys K Motor control Contactors 0.
Page 100 and 101: TeSys D Motor control Contactors 0.
Page 102 and 103: TeSys D Motor control Contactors Au
Page 104 and 105: TeSys F Motor control Contactors 90
Page 106 and 107: TeSys GV2-ME, GV2-P Motor control T
Page 108 and 109: TeSys GV3-P/GV3-L Motor control Cir
Page 110 and 111: TeSys GV7-R Motor control Thermal-m
Page 112 and 113: TeSys GV3-ME Motor control Thermal-
Page 114 and 115: TeSys K Motor control Thermal overl
Page 116 and 117: TeSys LR9 Motor control Electronic
Page 118 and 119: chapter 6 Variable speed drives All
Page 120 and 121: Presentation Variable speed drives
Page 128 and 129: Altivar 312 0.18…15 kW Variable s
Page 132 and 133: Altivar 71Q 90…630 kW Variable sp
Page 138 and 139: 1 2 Altivar 71 Altivar 312 Altivar
Page 140 and 141: VW3 A7 Variable speed drives Comple
Page 142 and 143: chapter 7 Machine safety All techni
Page 144 and 145: Presentation Machine safety Safety
Page 146 and 147: Presentation Machine safety Risk as
Page 150 and 151: Presentation Machine safety Functio
Page 156 and 157: Presentation Machine safety Hoistin
Page 158 and 159: Presentation Machine safety Specifi
Page 160 and 161: Presentation Machine safety Specifi
Page 166 and 167: Presentation Machine safety Safety
Page 168 and 169: Presentation Machine safety Variabl
Page 170 and 171: Preventa Automation Machine safety
Page 172 and 173: Vario Motor control Machine safety
Page 174 and 175: chapter 8 Operator dialog All techn
Page 176 and 177: Presentation Operator dialog Genera
Page 178 and 179: Harmony XAC Operator dialog Pendant
Page 180 and 181: Harmony XD Operator dialog Controll
Page 182 and 183: Harmony XJ Operator dialog Controll
Page 184 and 185: Harmony XB4 Operator dialog Pushbut
Page 190 and 191: Harmony XB5R Operator dialog Wirele
Page 194 and 195: Harmony 9001K/SK Operator dialog Pu
Page 196 and 197: Harmony 9001K/SK Operator dialog Pu
Page 198 and 199:
Harmony K series Operator dialog Ca
Page 200 and 201:
Harmony XVB Operator dialog Modular
Page 202 and 203:
Magelis Operator dialog Advanced Pa
Page 204 and 205:
chapter 9 Detection All technical i
Page 206 and 207:
Presentation Detection General pres
Page 208 and 209:
Presentation Detection General pres
Page 210 and 211:
chapter 10 Associated offers All te
Page 212 and 213:
Associated offers Incoming protecti
Page 214 and 215:
Phaseo Associated offers Power supp
Page 216 and 217:
Phaseo Associated offers Phaseo Pow
Page 218 and 219:
Phaseo Associated offers Phaseo Pow
Page 220 and 221:
Zelio Relay Associated offers Elect
Page 222 and 223:
Zelio Relay Associated offers Elect
Page 224 and 225:
Spacial Spacial Steel Associated of
Page 226 and 227:
Index Product reference index 1 2 3
Page 228 and 229:
Index Product reference index 1 2 3
Page 230:
Schneider Electric Industries SAS H
show all

2 - Schneider Electric CZ, s.r.o.

Create successful ePaper yourself

Delete template?

Save as template?