Roger Lim is the principal consulting engineer at Plant Safety Solutions. He has postgraduate qualifications in robotics and 40 years’ experience in the OH&S industry. Roger will share his thoughts about risk assessment in machine safety standards at a REBOK lunchtime webinar on Tuesday 9 March 2021. Register here.
What sort of risk assessments are involved in machinery safety standards and why are they important?
AS/NZS 4024.1-2019 gives overall guidance in safety design for machines. It includes assessments of the safety related parts of control systems – including emergency stop controls, interlock guards and presence sensing systems. Safety systems might also include non-physical barriers such as light curtains (presence sensing systems) and safety scanners. If someone actuates the emergency stop or opens the interlock gate into a machine cell and the interlock switch fails, the machine may not stop.
Applying the standard and risk assessments can prevent system failure, and avoid machines causing injuries or deaths. The risk assessment method requires designers to include any reasonably foreseeable abnormal condition which might lead the operator to misuse the system. The safety system should be efficient and capable of a quick recovery after a safety stop. A cumbersome system might be an incentive for the operator to take shortcuts or defeat the safety system.
Can you give me an example of how changing technology and manufacturing techniques are affecting risk assessments for machine safety?
Collaborative robots are a good example. Unlike traditional industrial robots, which are physically segregated from operators, collaborative robots work in close proximity to people. Robots can do a lot of processing functions efficiently, but when they interact with humans they must be restricted. In terms of safety requirements, it becomes a major consideration and a safety assessment is required.
Can you tell me more about how standards are used to assess the machinery safety risks of collaborative robots compared to industrial robots?
AS 4024 provides a risk matrix which includes three elements of risk – severity, frequency (and/or duration of exposure) and possibility of avoiding the hazard. From those elements, the matrix recommends an appropriate category of control system.
For collaborative robots, the severity of injury may be reversible (for example, minor cuts and bruises). For industrial robots, the severity of injury will normally be irreversible (for example, crushing or death). That changes the category of the control system all together.
The categories of control system range from 1 to 4, based on a low to high risk requirement.
For example, in Category 1 single safety functions might fail due to a single element failure, and should only be used for well-tried, low-risk machinery. A Category 4 control system will still perform even if it experiences cumulative faults and should be used for higher risk machinery. Industrial robots are generally Category 3.
Do standards include any other methods for assessing risk for machinery safety?
While the categories of control systems in AS 4024 are based on failure modes, a more recently adopted method performs a similar assessment based on performance level. Performance level is the average probability or dangerous failure per hour.
For example, a Category 3 recommendation for an industrial robot would correspond to Performance Level d, with a probability of failure between 0.0000001 to 0.000001 per hour. This is a very safe system. For more advanced technology and complex electronics such as Safety PLCs, risk can be assessed using safety integrity levels (SIL). (There are other similar applications, for example, automotive safety integrity levels as defined in ISO 26262-9:2018 for road vehicles).
Who do you think would benefit from your webinar?
My webinar will be applicable to all safety personnel, design engineers, installers and system integrators. I will show the risk assessment matrix from AS 4024 and give examples on how to select the severity, frequency and possibility of avoidance for machinery safety. This will include the assessment of categories and assessment of application performance levels. When using the standard, design engineers will choose the appropriate category, and system integrators will validate the performance level. The risk assessment method may be quite simple, but the validation of complex electronic systems will require more technical involvement by the system integrators.