Keeping pace with machinery functional safety innovation

Growing digitalisation and automation across all areas of life and industry not only increases the significance of functional safety, it also offers economic opportunities. Safe product design, early prevention of conformity-related problems, fewer product recalls, and shorter time to market are just some examples. 

Despite great technological advances, it is ultimately organisations and people that have the responsibility of realising functionally safe products and systems. Implementation of the many different requirements of functional safety thus requires a management framework, which regulates the processes and organisation of the activities to be performed. 

A holistic approach to functional safety is therefore required, which requires expertise in various application fields across all project phases, from design and development to manufacturing and installation, testing, certification, placing into service, and decommissioning. While there are software packages that help to guide users through the process, the growing complexities caused by ever greater technology innovations and integration means ensuring functional safety compliance is becoming a more complex and resource hungry task.

The changing face of functional safety 

The significance of functional safety has increased continuously and the focus of interest has always been the safety of operating and maintenance staff. The other goal has been to minimise the costs of operation and servicing or maintenance. Consequently, machine manufacturing and operation are subject to a host of regulations and requirements.

In the past, dangerous machinery movements could be reliably stopped by opening one of the monitored doors in the safety guarding. However, the increasing connectivity of systems and plants, plus the growing possibilities of remote control, has seen a paradigm shift away from the prevention of access and the reliable shutdown of machines to the reliable identification of people and continued operation, which minimises disruption to the production line. With such high levels of automated safety, the safety related parts of controls systems will become more complex. This will of course escalate with Industry 4.0 / smart manufacturing.

Due to this trend, both possible damage events and the safety-related parts of control systems have become more complex. One example is the introduction of collaborative operation with robots, where people and machines work more closely together and which offers enormous potential for improving efficiency. 

As digitalisation, automation and connectivity progress, so safety requirements for machines and machine systems have grown more comprehensive and complex. A safety related control function is one of the measures that makes a contribution to the overall reduction of risk with machinery. Consequently, electrical, electronic or programmable electronic systems (E/E/PES) are used increasingly in the field of safety applications. 

However, as state-of-the-art moves on at a dramatic pace, with innovations such as Industry 4.0’s smart factories, new components and systems frequently become available which are too technologically advanced for current standard requirements. 

Functional safety standards

Machinery manufacturers must show compliance with the European Machinery Directive 2006/42/EC or the UK Supply regulations. To demonstrate compliance with legislation, machine builders can choose to work to the harmonised/designated standards EN ISO 13849 (Safety of machinery - Safety-related parts of control systems - General principles for design) or EN IEC 62061 (Safety of machinery -Functional safety of safety-related control systems). These can be used to achieve compliance in the field of functional safety and as neither is technology specific, they can both be applied for safety systems using any technology.

Over the years, both ISO 13849-1 and IEC 62061 have seen revisions. EN IEC 62061 edition 2 was published in 2021 and its scope includes the design of ‘low complexity’ subsystems and the integration of other subsystems. The design of complex programmable electronic subsystems or subsystem elements is not within the scope of the standard, but in the scope of IEC 61508 or standards linked to it. 

EN ISO 13849-1 is in the later stages of being revised and will also have a scope statement that it “…does not give specific requirements for the design of products/components that are parts of SRP/CS. Specific requirements for the design of components of SPR/CS are covered by applicable ISO and IEC-standards”. The new version will however still include some information that is directly relevant to the design of electronic subsystems and measures for Safety Related Embedded Software (SRESW). So, there may be some confusion about which requirements apply to a particular situation - resulting in machine builders perhaps misinterpreting how they should apply the standard. 

Stepping up a gear

Increasing system connectivity requires even more suitable approaches to protect systems, such as automated operator identification and shutdown of machines. With such high levels of automated safety, the safety related parts of controls systems will become more complex. 

An analysis by the Health and Safety Executive (HSE) of incidents connected with safety related parts of control systems revealed that poor design and implementation, together with incorrect specification, accounted for 59 per cent of the primary causes identified. These are exactly the types of problem that a full validation process could have uncovered before the control systems went into service. 

The new version of EN ISO 13849-1 will include requirements for the verification and validation of Safety Related Parts of Control Systems that is currently in EN ISO 13849-2

EN ISO 13849-2 spells out the basic validation requirements very clearly in Section 4.1, Validation Principles. It states that: "The validation shall demonstrate that each safety-related part meets the requirements of ISO 13849-1, in particular (for example):

•  the specified safety characteristics of the safety functions provided by that part, as set out in the design rationale, and
• the requirements of the specified performance level (see ISO 13849-1:2006, 4.5)"

It also says that  "Validation should be carried out by persons who are independent of the design of the safety-related part(s)."

Carrying out the calculations required by EN ISO 13849-1 and EN IEC 62061 remains a complex task. While there are software packages that help to guide users through the compliance process, the growing complexities caused by ever greater technology innovations and integration means ensuring compliance with these standards is becoming a more complex and resource hungry task.

Innovative technologies have contributed significantly to greater efficiency and a higher degree of automation, improving operability and profitability. Alongside this, the importance of machinery functional safety has increased continuously, as the safety system contributes significantly to risk reduction and must therefore be aligned to these more versatile and complex applications.

To mitigate against systematic faults, the effectiveness of safety measures must also be fully verified. This will confirm the robustness of components, as well as the complete life cycle, and the development process must also be considered during such an assessment. A holistic approach to functional safety is therefore required, which requires expertise in various application fields across all project phases, from design and development to manufacturing and installation, testing, certification, placing into service, and decommissioning.

Stewart Robinson is principal engineer and functional safety expert at TÜV SÜD

For more information:

www.tuvsud.com

Tel: 01355 20593700