Safety Validation Process

Presenter:Craig ImrieFS Engineer (TÜV Rheinland, Machinery)Member of Australian Standards Committee for Machine Safety (SF041)NHP Technology Specialist - Safety

Key Take-Away’s from thispresentation

Understand safety lifecycle has a methodology tofollow, it’s not just a box ticking exercise

Appreciation of how the standards work to helpyou design effective safety systems

Appreciation that Validation is critical tounderstanding safety systems

Evolving Machinery Safety Systems

3

1960 1970 2000 Future1980 1990 2010

Legacy• High Productivity

• Low Safety

• No Assessment

Historical Safety• Lower Productivity

• Medium to High Safety

• Hazard Assessment

Modern Safety• High Productivity

• High Safety

• Risk Assessment

You invest a safety system to protect people.You invest in advanced safety technology to

enhance machine performance.

4

Machinery Safety Lifecycle

SafetyLifecycle

5. Maintain& Improve

1. Hazard or RiskAssessment

4. Installation& Validation

2. FunctionalRequirements

3. Design & Verification

42% of SRP/CS accidentstraceable to design & spec stage

28% incidents traceableto undocumented

changes to the SRP/CS

The Three Key Steps to Functional Safety

Step 1 : Risk Assessment (From EN12100.1, EN14121.2,AS4024.1-2006)

Cover all phases of its life

Consider all personnel who will interface with the machine duringthis life span.

Take into account correct use and foreseeable misuse.

The Three Key Steps to Functional Safety

Step 2 : Selection of Risk Reduction Measure(From Legislation)

Hierarchy of Controls – Can be found in code of practice, or otherlegislation

Eliminate hazard

Substitute

Isolate

Engineering means

Administrative means

PPE

The Three Key Steps to Functional Safety

Step 3 : Validation (From ISO 13849.1/2, AS4024.1501/2-2006, AS62061)

Follow the process to ensure that we have Functional Safety.

What we have installed is what we assessed and have demonstrated

as being controlled.

Where do I find the Validation Process?

AS4024.1502 - 2006

ISO 13849.2

AS61508 /62061

From AS4024.1502-2006 cl 4 Validation Process

Determine that the safety system achieves the Functional Requirements

Determine if the system achieves the required Safety Category

Fault ConsiderationTaken from AS4024.1502-2006 Appendix A-D

Key Resources for Validation

Basic Safety Principles

Required for Category B – 4Reference: Appendix A-D of AS 4024.1502 Tables A1, B1, C1 & D1

De-energisationprinciple

Protection ofcontrol circuit

TransientSuppression

SequentialSwitching

Protection againstunexpected start-up

Well-tried Safety Principles

Required for Category 1 – 4Reference: Appendix A-D of AS 4024.1502 Tables A2, B2, C2 & D2

Positive modeActuation

Positivelyguidedauxiliaries

Over-DimensionedRecommended factor >2

Separate safetyfunction

What is a Well-Tried Safety ComponentRequired for Category 1Reference: Appendix A-D of AS 4024.1502 Tables A3, B3, C3 & D3

• Widely used in industry in similar applications• Made or verified using principles which are suitable

for machine safety• 3rd party certification – TÜV, etc• Reference AS 4024 tables

Validation Pan

• Validation tests must prove the Categoryrequirements are met

• If E-Stop stops the machine, is CAT 4 achieved

Not Necessarily

Who can perform a validation?

From AS4024.1502 cl 4.1.1

“Validation should be carried out by persons who are independent of the design ofthe safety-related part(s).”

NOTE:

“Independent person does necessarily mean a third party test is required. Howeverthe degree of independence should reflect the performance of the safety–relatedpart(s)”

BOOM!!From the Guardian Newspaper

“The West, Texas, explosion shows the deadly effect of profit before safety”

Poor regulation of the West Fertilizer plant likely contributed to 15 deaths – just as 13US workers die at their jobs every single day!

Who can perform a validation?Taken from AS61508-2011 pt 1

Minimum level ofIndependence

Safety integrity level

1 2 3 4

Independent person HR HR NR NR

Independent department - HR HR NR

Independent organisation - - HR HR

Principals of Validation(AS4024.1502 & EN ISO 13849-2)

Validation plan Validation principles

Analysis

Documentation – RiskAssessments &Technical Data

Error exclusionAS4024.1502

Appendix A-D)

Design toAS4024.1501

Error list

Is the analysissufficient ?

Test

Validation Report

yes

noIs the testcomplete ?

yes

no

Start

End

Validation:

• Completion of the safety-oriented design

• Validation report summarizes the results

Validation ReportAS4024.1502-2006, ISO 13849.2-2008

Validierungsplan(3.4)

Validierungsleitsätze(3.1)

Analyse(4)

Dokumente(3.5)

Fehlerausschluss(Anhänge A-D)

Gestaltung gem.EN954-1 (4)

Fehlerlisten(3.2, 3.3)

Ist die Analyseausreichend ?

Prüfung(5)

Validierungsbericht(3.6)

ja

neinIst die Prüfungvollständig ?

ja

nein

Start

Ende

Proof :

of performing the validation

of compliance with the legal responsibilities

A functional systematic approach to safety -Invest in what’s needed.Understanding AS4024.1-2006

1. WTC/WTP – existing devices and circuits may well be sufficient – don’t go changing things for

the sake of it.

2. Fault exclusions – lead us to design towards the expected influences on the components and

the circuits.

Could we exclude a fault in a cable that is not protected from mechanical damage?

Does the area where the switch/sensor is placed get hot or wet – do we need IP69K for

example?

3. Fault tolerance – of the circuits, will a single fault lose the safety function?

4. Have we avoided potential for common cause failure (CCF)

5. Have we got redundancy in our safety circuit if we need it?

Common Safety Myths

Safety is common sense!

If I design everything to Category 4 then there is no need for risk assessment!

Trained people know how to be safe on the machine!

The categories are gone and we can only use PL/SIL!

We only use SIL because we are a Process site! How many Process sites have

manufacturing machinery i.e. conveyors, robots and packaging machinery?

In conclusion a Functional Safety processwill….

reduce liability of all stakeholders.

develop and improve a safety culture.

allow owners to maximise investment in what is required to achieve compliance.

help mimimise costs to the bottom-line. Assets, People, Insurance & MRO Budgets

keep machinery safe from people!

The process is started by a commonsense Risk Assessment

Verification of the safety design will help to determine this has be done effectively.

Validation of the SRPCS will confirm that the design is correct.

The process is undone when commonsense is not used!

“Safety Engineering is only Functional Safety if it

keeps people safe whilst they are operating

dangerous machinery.”

This is how we protect Our Assets – Our People, Our

Environment and Our Machinery.