t06 - machine safety: achieving and maintaining regulatory ... · t06 - machine safety: achieving...
TRANSCRIPT
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.Rev 5058-CO900E
PUBLIC INFORMATION
T06 - Machine Safety: Achieving and Maintaining Regulatory Compliance
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Session Description
2
The trends for machine safety continue to grow as the world evolves and regulatory
compliance becomes more common. Rockwell Automation safety consultants have
been helping automation users like you help protect their workforce and operations
for many years. New global standards change how automation systems are
classified. Are you familiar with the new standards and do you know how to address
them? During this session, we will discuss the process that is used to identify and
migrate safety concerns.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 3
Agenda
Safety Functional Requirements Specification (SFRS)
Fundamental Assessment Process
What is Risk?
One Persons View of the“Journey of Safety Standards”
Safety Life Cycle
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ANSI publishes the list of recognized standards that can be followed!
ANSI publishes the list of standards that can be utilized to achieve the requirements of OSHA.
ANSI now references ISO13849 and IEC62061 as recognized safety standards that can be followed.
In recent years there has been a move towards globalizing safety standards. This has resulted in a re-write of many of the EN, ANSI and ISO standards. Many of the changes took place in December of 2011.
Many of these changes include harmonization, consolidation & simplification. This has resulted in Global adoption of the ISO standards in most parts of the globe.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Standards of Yesterday
Withdrawn
EN 954
CATEGORY
FAULT
TOLERANCE
DIAGNOSTICS
2005/6 2011
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
These new standards are called “Functional Safety Standards”
because they look at how well the safety system needs to function!
ISO 13849-1 IEC 62061
Safety Categories are no longer in effect since EN954-1 waswithdrawn in December of 2011. EN954-1 outlined the requirements for Categories.
ISO 13849-1 has replaced EN954-1 as the most commonly followed international machine safety standard.
ISO 13849-1 and IEC 62061 are functional safety standards that evaluate how well the safety system needs to function!.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Standards of Today
EN954 Withdrawn
2005/6 2011
FAULT TOLERANCE
DIAGNOSTICS SRS
RELIABILITY
SYSTEMATIC
FSMIEC/EN 62061 SIL
EN ISO 13849 PL
EN 954
CATEGORY
FAULT
TOLERANCE
DIAGNOSTICS
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION Copyri
ght ©
Transition from EN954-1 to ISO-13849-1
EN954-1 was initially published in 1996 and was withdrawn in December of 2011. It described the requirements for Categories/Structure. EN954-1 identified these categories as:
Cat B
Cat 1
Cat 2
Cat 3
Cat 4
In 2006 the European Union began a new approach to applying safety standards. The most utilized standard is ISO-13849. ISO-13849 uses Performance Levels as shown below:
PLa
PLb
PLc
PLd
PLe
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
The difference between Categories and Performance Levels is
added requirements to ensure enhanced performance!
A Category is a simple definition of circuit requirements that comes from
EN954. Categories were based on basic electro-mechanical devices,
not solid state devices that exist today!
A Performance Level is an improved definition of circuit performance
that comes from ISO13849. It includes guidance on design
requirements for all technologies!
Performance Levels use Categories and adds additional requirements to
ensure proper system performance. The added requirements are:
Diagnostic Coverage (Fault monitoring capability)
Component Reliability (MTTFd and B10d)
Common Cause Failure Fractions (Design considerations)
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION Copyri
ght ©
EN/ISO 13849-1 Explanation
EN/ISO 13849-1 is the result of improvements to the old EN-954
standard. It introduced many new design concepts that provide
guidance on the design and integration of safety components to meet
required performance levels (PLr).
Category Performance Level
A performance Level is an improved Category!
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Performance Level Components/Attributes
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Additional reasons for the change from EN 954 and ISO 13849!
EN 954 EN ISO 13849
Electrical Control Circuits Control circuits all technologies :
• Electrical
• Pneumatic
• Fluids
• Hydraulic
Safety Categories B, 1, 2, 3 & 4 Performance Levels PLa to PLe
Safety provided by the structure of
the control circuit
Safety provided by:
• The architecture/structure (categories)
• The reliability of the system (MTTFd, B10d)
• The diagnostic coverage of the system (DC)
• The preventive measures against common causes
of failure (CCF)
Draw a diagram (schematic) Draw a diagram and verification of PL
Does PL(achieved) = PLr (required) ?
Not just electrical anymore!
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 13
Agenda
Safety Functional Requirements Specification (SFRS)
Fundamental Assessment Process
What is Risk?
One Persons View of the“Journey of Safety Standards”
Safety Life Cycle
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 14
Functional Safety Life Cycle
Safety Life Cycle
STEP 5MAINTAIN & IMPROVE
SAFETY SYSTEM
STEP 1TEAM BASED RISK
ASSESSMENT
STEP 4SAFETY SYSTEM INSTALLATION &
VALIDATION
STEP 2SAFETY SYSTEM
FUNCTIONALREQUIREMENTS
STEP 3SAFETY SYSTEM
DESIGN & VERIFICATION
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Why?
15
It is quite common for any group, whether it be a new equipment OEM or a
facility End-user, to have a multitude of questions and concerns when
starting at the beginning of the machine safety system lifecycle.
–What does the word safety really mean, and how is it achieved? –What is risk? How is it measured? –Do I need a PHD in mathematics to analyze probability and risk?–How safe do I need to make this machine?–How do I go about identifying hazards
The most valuable attribute of a risk assessment process is that it answers most of these questions for us
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 16
As Referenced in U.S. Standards
Risk assessment is often referenced throughout mainstream U.S. machinery safety standards:
ANSI Z244.1
Control of Hazardous Energies / LOTO
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 17
As Referenced in U.S. Standards
Risk assessment is often referenced throughout
mainstream U.S. machinery safety standards:
ANSI B11.19
Performance Requirements for Safeguarding
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 18
As Referenced in U.S. Standards
Risk assessment is often referenced throughout mainstream U.S. machinery safety standards:
ANSI / RIA R15.06
This standard provides a detailed risk assessment methodology
Industrial Robots and Robot Systems – Safety Requirements
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 19
As Referenced in U.S. Standards
Risk assessment is often referenced throughout
mainstream U.S. machinery safety standards:
NFPA 79
Electrical Standard for Industrial Machinery
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 20
In Europe
Risk assessment is a requirement for machinery directive compliance (2006/42/EC). Applies to those delivering CE compliant machinery to Europe.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 21
The Foundation:Begins with a Risk Assessment
Provides Safety Performance Level – Design Target
Creates the Foundation of the Safety System Functional
Requirements, System Design and Validation Protocol.
Shows “Due Diligence” and compliance to Global standards
S1
S2
F2
F1
PerformanceLevel, PLr
a
b
P1
P2
e
c
d
P1
P2
P1
P2
P1
P2
F2
F1
S = SeverityF = Frequency or Duration of ExposureP = Avoidance Probability
Task/Hazard
Contribution to Risk
Reduction
Low
High
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk CategoriesRIA 15.06
R1
As determined from the risk assessment
Risk Categories to Circuit Performance
R2A
R2B
R2B
R2C
R3A
R3B
R4 a
b
b
c
c
d
d
e
Performance Levels
ISO13849-1
Control Reliable (4.5.4)
Control Reliable (4.5.4)
Single CH with Monitoring (4.5.3)
Single CH with Monitoring (4.5.3)
Single CH (4.5.2)
Single CH (4.5.2)
Simple (4.5.1)
Simple (4.5.1)
Cat 3+
Cat 3+
Cat 2
Cat 2
Cat 1
Cat 1
Cat B
Cat B
CategoriesFrom
EN954
ANSIB11.19
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Categories Are Being Replaced
EN 954 (Categories) withdrawn December 31, 2011
SIL and PL assessment require more information and calculation than Categories It is
not a direct conversion!
Note: Intended to show approximate equivalency for guidance only; attaining the corresponding PL or SIL requires more information and calculation based on several additional factors
SIL 3PLeCategory 4
SIL 2PLdCategory 3
PLcCategory 2SIL 1
PLbCategory 1
-PLaCategory B
Safety Integrity LevelIEC 62061
Performance LevelISO 13849-1: 2008
CategoryEN 954
Per ANSI B11.19 Control Reliable is equivalent to PLd and Cat 3 23
Control Reliable (4.5.4)
Control Reliable (4.5.4)
Single CH with Monitoring (4.5.3)
Single CH (4.5.2)
Simple (4.5.1)
ANSI RequiredCircuit Performance
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
The Purpose of Risk Assessment
24
The process serves as an effective tool for properly identifying and assessing the real hazards involved in operating a particular machine.
Risk assessment provides a method for determining equivalent levels of protectionwhen designing safeguards and stating OSHA’s minor service exception.
The process takes away the guesswork when estimating risk and prescribing safety system performance.
Risk assessment is an active, documented process that can be filed and maintained for the entire life of the machine, and serves as documented proof of your “due diligence”.
Risk assessment establishes the foundation and early framework for the design and implementation of an effective machine safety program.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
What is “Safety” Exactly?
25
Before we can understand what exactly we achieve through risk assessment, it will be important to provide an answer for the first few questions.
What does the word safety really mean, and how is it achieved?
Safety, with respect to machinery operation is defined in IEC 62061:2005 as:
…Safety is freedom from unacceptable risk
This immediately gives us a definition for safety in terms of risk, so it now starts to become more clear how risk assessment plays a part in achieving safety?!?
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
What is Risk?
Now we must define risk? Under the same standard, risk can be defined as:
Risk is the combination of the Severity of harm, and the probability of occurrence of that harm (Frequency of exposure + Avoidability).
26
What severity of harm would come to the skydiver if his parachute did not open?
+What is the probability that the parachute(s) will not open and the skydiver will experience this harm?
Probability factors might be:How frequent does the person skydive?
+If the parachute(s) do not open, is the skydiver able to avoid
or limit the harm from the fall?
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Defined Risk Scale
27
• If we can then define risk in terms of parameters that can be easily selectedand summed together, then we will have a simple method for estimating risk relative to machine hazards.
• Risk assessment methodologies provided in machine standards provide this method through risk graphs and matrices, as we will see later.
Risk = Severity of Harm + Probability of Occurrence of Harm
Negligible
Low
Medium
High
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Acceptable Risk
28
• Acceptable risk may differ from organization to organization, and therefore this value is not purely defined in any standard or methodology. The important thing is that your organization (and the risk assessment team) determine this threshold prior to starting the risk assessment.
• Since safety is freedom from unacceptable risk, we will need to establish a value on our range that determines a threshold between acceptable, and unacceptable. Various standards will provide guidance on how to determine when acceptable risk has been achieved.
NegligibleLow
Medium
High
Acceptable Risk
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
29
The risk assessment analyzes each person’s
activities and identifies those activities that have risk!
Task / Hazard Identification
Step 1 Step 2 Step 3
Identify Affected
Personnel
Identify Hazards
Identify Tasks
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
30
Operators and helpers, maintenance personnel
Quality control, material handlers Engineers, technicians, sales personnel Trainees, supervisors, safety personnel Administrative personnel, passers-by
Considers ALL affected personnel
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
31
Packing, transportation, unloading, unpacking System installation, start up, commissioning Set up, try out, teach, operation (all modes) Tool change, planned and unplanned
maintenance Troubleshooting, house cleaning, accident
recovery And for CE, risk must be assessed entirely
through to de-commissioning and disposal of the machine!
Considers ALL tasks being performed on the machine
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
32
Mechanical hazards:
Crushing / Shearing / Cutting / Severing / Stabbing
Entanglement / Drawing in / Trapping / Impact / Abrasion
High pressure fluid injection / part ejection
As well as other hazards such as
Electrical, thermal, noise, vibration, radiation, dangerous substance handling, bad ergonomics, etc.
Considers ALL reasonably foreseeable hazard scenarios
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
33
Unexpected start-up
Over-run, over-speed, or variations in operating speed of to (or any similar malfunction)
Variations in the rotational speed of tools
Failure of power supplies and various control circuits
Systematic errors in software code / Specifications
Effects of EMC / EMI
Effects of the installed environment (Temp, moisture, etc.)
Operator “mode confusion”
Lack of proper procedures and/or training
Considers ALL reasonably foreseeable hazard scenarios
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Fundamental Process
Risk Evaluation
Hazard Identification
Risk Reduction
RiskReduction
Complete for particular hazard
OK
Unacceptable
Define all known machine characteristics and limits
Risk Estimation
Next hazard
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
35
Risk Evaluation
Hazard Identification
Risk Reduction
RiskReduction
Complete for particular hazard
OK
Unacceptable
Risk Estimation
Next hazard
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Hazard Identification
36
The first pass of hazard identification is performed on the machine while ignoring all current safeguards that may be in place.
All risks must be identified and estimated
It needs to be determined whether or not the existing safeguard and it’s performance are applicable and appropriate for the level of risk.
All tasks are broken down into individual steps
Allows each step to be assessed more thoroughly for exposure to hazards.
Provides a flow and outline for the risk assessment process
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Estimation
37
Risk Evaluation
Hazard Identification
Risk Reduction
RiskReduction
Complete for particular hazard
OK
Unacceptable
Risk Estimation
Next hazard
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Evaluation
38
Risk Evaluation
Risk Reduction
RiskReduction
Complete for particular hazard
OK
Unacceptable
The process of risk reduction may have to be implemented several times before the risk is mitigated to an acceptable value
Risk Estimation
Once the risk is acceptable, we can then move on to the next hazard.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Evaluation
39
Risk Evaluation
Hazard Identification
Risk Reduction
RiskReduction
Complete for particular hazard
OK
Unacceptable
Risk Estimation
Next hazard
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Graphs/Matrix/Chart
40
For example purposes, we will utilize the ISO 13849-1:2006 Risk Graph
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Graphs/Matrix/Chart
41
But depending on our objectives, we could use various other methods. We should consider that one objective is to define our safety performance, and that our risk graph should provide a method for doing so…..
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Typical Worksheet
42
A typical risk assessment worksheet will look similar to the one below, with a column provided for each item of data that will be collected and/or determined.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Typical Worksheet
43
With a task and hazard identified, we enter this data into our worksheet
Task
Step
Hazard:
a. Details of potential hazard
b. Event leading to hazard or failure mode
c. Hazardous Energy Source(s)
d. Reference to a supporting photo or drawing.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
RIA R15.06 Risk Estimation
Task: Loading part to fixture Frequency: 30 times per hour
AffectedPersonnel
Area Hazard Potential
Incidents /
Accidents
Operators /
Supervisors /
Technicians /
Engineers
“A” –
Load
Station #1
Impact /
pinch
points
Struck by
moving
Robot
Hazard Potential
Incidents /
Accidents
Severity Exposure Avoidance Initial
Rating
Impact Struck by
moving
robot
Example
A
Load Station
#1
C
Robot
Load
Fixture
S2 E2 P2
On the first pass, assume no safeguards are in place
Estimate the Risk Level
PLe
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Reduction
Accident Potential Risk Reduction techniques
Struck by Robot Redesign: Automate loading
Interlocked Hard Guarding (manual or
automatic safety gate)
Light Curtain
Floor mat / Area Scanner
Assuming risk reduction is in place, repeat the assessment process: Identify hazards / Estimate Risks / Evaluate Risks until an acceptable level of risk has been achieved.
A
Load Station
#1
C
Robot
Load
Fixture
Manual Loading Station to Robotic Processing CellExample
Task: Loading part to fixture
Frequency: 30 times per hour A
Load Station
#1
C
Robot
Load
Fixture
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Assessment Work Sheet
• The Rating Columns are filled in and the Risk Reduction Category is filled in
• Risk Estimation
Risk Assessment Worksheet Sheet #: Date:______
Machine: Panel Assembly Cell
Prior to Safeguards With SafeguardsTask
Potential Incidents
/AccidentsSeverity of Injury
Exposure
Avoid ance
Risk Reduction Category
Potential Safeguards
Recommend-ations Expos
ureAvoid ance
Sev erity
Residual Risk
Impact / Pinch points due to Robot motion
S2 E2 A2 PLeLoading 3 lb. Part into Fixture, 30 times per hour
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
47
Risk Parameters:
• Severity
• Frequency and/or Exposure
• Probability of avoiding hazard or limiting harm
Safety Function Performance Level(Determined from graph)
We now enter the risk estimation parameter selections into our worksheet
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Risk Assessment Work Sheet
• The Potential Safeguard and Recommendation Columns are filled in • Risk Reduction
Risk Assessment Worksheet Sheet #: Date:______
Machine:Panel Assembly Cell
Prior to Safeguards With SafeguardsTask
Potential Incidents
/AccidentsSeverity of Injury
Exposure
Avoid ance
Risk Reduction Category
Potential Safeguards
Recommen--dations Expos
ureAvoid ance
Sev erity
Residual Risk
Impact / Pinch points due to Robot motion
S2 E2 A2 Ple Redesign:Automate Part Loading
Guarding:Light Curtains, Floor Mat, Interlocked Gate, Automated Gate
Short Term:Add Light Curtain
Guarding solution.
Loading 3 lb. Part into Fixture, 30 times per hour
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
49
1. We evaluate the initial risk
Risk Evaluation
3. We then adjust risk parameters affected by the existing and installed safeguards
2. If risk is unacceptable, we must then evaluate the application of our existing and newly recommended safeguards and mitigation measures
4. Then evaluate the residual risk to determine if it is acceptable
We now enter the risk estimation parameter selections into our worksheet
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
50
Each step of a task will result in a completed worksheet (example below)
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
51
Step 1: Select
Severity of the hazard.
S1: Slight (normally reversible injury)
S2: Serious
(normally irreversible injury or death)
* Note: Annex A will provide more detailed guidance on the selection of this parameter.
S1
S2
F2
F1
PerformanceLevel, PLr
a
b
P1
P2
e
c
d
P1
P2
P1
P2
P1
P2
F2
F1
13849-1/Annex A, Figure A.1
Step 1
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
52
Step 2: Select Frequency and/or exposure to hazard.
F1: Seldom to less often and/or exposure time is short
F2: Frequent to continuous and/or exposure time is long
* Note: Annex A will provide more detailed guidance on the selection of this parameter.
S1
S2
F2
F1
PerformanceLevel, PLr
a
b
P1
P2
e
c
d
P1
P2
P1
P2
P1
P2
F2
F1
13849-1/Annex A, Figure A.1
Step 2
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
ISO 13849 Risk Estimation
53
Step 3: Select
Possibility of avoiding the hazard or limiting harm.
P1: Possible under specific conditions
P2: Scarcely possible
* Note: Annex A will provide more detailed guidance on the selection of this parameter.
S1
S2
F2
F1
PerformanceLevel, PLr
a
b
P1
P2
e
c
d
P1
P2
P1
P2
P1
P2
F2
F1
13849-1/Annex A, Figure A.1
Step 3
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Design it out
Fixed enclosing guard
Interlocked guard and safety devices
Awareness Means
Training & supervision
Personal protectiveequipment
Hierarchy of Risk Reduction Measures
54
More Details in Future SafeDesign Webinars
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 55
Functional Safety Life Cycle
Safety Life Cycle
STEP 5MAINTAIN & IMPROVE
SAFETY SYSTEM
STEP 1TEAM BASED RISK
ASSESSMENT
STEP 4SAFETY SYSTEM INSTALLATION &
VALIDATION
STEP 2SAFETY SYSTEM
FUNCTIONALREQUIREMENTS
STEP 3SAFETY SYSTEM
DESIGN & VERIFICATION
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Functional Requirements Specification (SFRS)
56
Rockwell’s Typical Scope of Work (SOW)
Review the initial mitigation functionality recommendations from the
risk assessment
Discussions with the Customer Safety, Engineering, Operations and
Management to “double check” and verify that the plans will not
impede production and maintenance, and where possible, enhance
daily tasks while achieving safety goals.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Functional Requirements Specification (SFRS)
57
Rockwell Automation Delivers the SFRS via a 3 Step Process
Step 1 - On-site review of the recommended mitigation options as defined within the completed Risk Assessment by others or Rockwell Automation. The effort will include discussions and additional on-site checks, panel inspections, cable routing plans, and measurements. The primary purpose is to document what and how the safety function is to be performed. The process ensures any changes are agreeable to all Customer name parties. The on-site review is estimated to take XX days, with the remainder of the documentation generation being performed off-site.
Step 2 - Documentation of the agreed functionality. The functionality will be documented in tabular form, as shown on next slide. The Safety Function will be defined, and corresponding E-Stop, Electrical, Guarding, Pneumatic and Hydraulic safety category and related functions will be documented. The integration details of the required new and existing components (Safety and Standard) will be determined and documented. Additional, primary circuit components and system controls will be defined, along with guard dimensions and types. When complete, Customer name will be asked to formally approve the SFRS (sign-off). (Refer to the example tables below).
Step 3 - Review of the initial mitigation design to determine if any changes are required based on the approved SFRS.
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Safety Functional Requirements Specification (SFRS)
58
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION
Scalable Assessment Slide
59
Copyright © 2014 Rockwell Automation, Inc. All Rights Reserved.PUBLIC INFORMATION 60
Functional Safety Life Cycle
Safety Life Cycle
STEP 5MAINTAIN & IMPROVE
SAFETY SYSTEM
STEP 1TEAM BASED RISK
ASSESSMENT
STEP 4SAFETY SYSTEM INSTALLATION &
VALIDATION
STEP 2SAFETY SYSTEM
FUNCTIONALREQUIREMENTS
STEP 3SAFETY SYSTEM
DESIGN & VERIFICATION