Uptime and the new age of safety control

Rockwell Automation Australia
By Gary Milburn*
Friday, 12 June, 2009


Unleashed by new safety standards that embrace the latest microprocessor technologies, modern safety control systems are now intricately tied to how the plant operates — not only optimising worker safety, but improving productivity and uptime.

Despite their importance, industrial safety systems can sometimes be regarded as little more than a necessary evil. Often tacked on as an afterthought to meet regulations, traditional designs generally provide immediate shutdown of all hazardous electrical or mechanical equipment upon demand of the safety system. While such action is certainly required in the case of potential worker injury, there are many occasions — such as jams and spills — where inappropriate E-stop activation to halt production causes more headaches than solutions. Invariably, it can take a great deal of time to get the plant back into full production, plus there is increased equipment wear and tear.

The good news is that modern industrial safety systems represent a completely ‘new age’ of safety, courtesy of modern thinking, advanced technology and new functional safety standards. These promote upfront safety system design as part of a holistic view of the plant, its processes and total life cycle. This is the essence of ‘functional safety’, which not only focuses on risk assessment and defining appropriate safety measures, but also assists safety system design for accommodation of these tasks. This change in design approach, coupled with intelligent electrical safety controls, will invariably reduce the risk that plant floor personnel bypass the safety system to effectively do their jobs.

Significantly, it is now easier to design safety systems to work with the plant production objectives, rather than against them, in order to minimise downtime due to the safety system coming into play. This means safe practices can be enforced with minimal impact to production.

In fact, by deploying a modern safety system — one that is fully integrated with the standard plant automation system — plants can often maintain production or get back online faster, leading to improved productivity. Once seen as a hindrance to production, and an afterthought, the safety system can now both protect and allow people to work more efficiently.

Philosophy shift

These new safety philosophies have been made possible by a fundamental shift in two essential and related areas. The first is significant developments in safeguarding and control technologies — most notably the advent of new microprocessor-based technologies in lieu of electromechanical or hardwired control. The second is the evolution of global safety standards to allow these new electronic technologies to be incorporated into industrial safety systems.

The result is an entirely new breed of safeguarding products and safety control platforms. Safety technology can now be integrated into standard automation products — such as programmable automation controllers, programmable safety relays, plus AC and servo drives. In addition, high-integrity safety communications networks, which incorporate message redundancy, cross-checking and stringent timing, have also been developed to allow safety and non-safety messages and devices to exist on common media.

Safety automation systems can now therefore be completely integrated with the standard plant automation system — yielding a single platform to perform defined safety functions, meet safety standards and efficiently operate the plant. In this scenario both facets of the automation system are designed to accommodate all machine life cycle tasks, including design, start-up, operation and maintenance. Moreover, this holistic approach can lead to opportunities for designing out hazards where possible, based on detailed risk assessments in the early stages of any project.

  

The synergy achieved by integrated safety and plant automation systems provides the much-needed tool to facilitate improvements in productivity. Three major areas in which modern safety technology can help minimise downtime are: troubleshooting and diagnostics (reducing time to identify an issue); getting machines back into production quickly; and reducing time tied to minor servicing by permitting some processes to continue operation.

Find the fault

Diagnosing a fault fast is an ongoing quest for all industrial plants, and becomes particularly critical when the fault is causing downtime and lost production.

Traditional hardwired safety systems based on electromechanical relays are inherently less reliable than solid-state technology, because hard contacts eventually wear out. They are also difficult to troubleshoot, due to minimal diagnostic indication. For example, in a scenario where multiple E-stop devices are daisy-chained together and hardwired into a safety relay, a wiring ‘short circuit’ will activate the safety relay and shut down equipment. However, the precise cause of the fault requires investigation. Because it is difficult to troubleshoot hardwired systems, monitoring circuits and inter-wiring with standard PLCs are required, further increasing complexity, design time and installation costs.

If, on the other hand, each E-stop is wired into a safety I/O module that is connected via a safety network to the integrated standard/safety programmable automation system, the diagnostic information is easily provided to the PLC and HMI, and corrective action easily defined. Monitoring of all E-stop events might also reveal that an operator on the third shift keeps hitting the E-stop instead of correctly cycling down the machine, which might explain any mechanical problems or reduced productivity of one machine over another. The cause of the event is diagnosed quickly, allowing the problem to be rectified and production back online quickly.

Ease out the E-stop

E-stop events can cause a deal more trouble than being difficult to diagnose. Frequently they occur when a machine is in full production, leading to machine alignment issues and product wastage. These factors add to the downtime and production losses, since the work-in-progress may need to be cleaned, removed, reset or scrapped, and then equipment re-homed or re-initialised.

This is where ensuring that the safety system is designed to accommodate the required tasks can be hugely beneficial. Instead of unnecessarily activating the E-stop to halt the machine for access, a more elegant alternative would be to deploy a locking guard switch tied to an ‘end-of-cycle stop’ function that only allows access when invoked correctly. When this end-of-cycle stop is activated, the machine completes critical processes and is brought to a graceful halt. Work-in-progress is cycled out of the work cell, and any motion axes or robotics are returned to a home position, safe for operator or maintenance entry and ready for restart.

If all hazardous moving equipment is controlled by the safety system, further productivity benefits can be realised. Instead of a full system shutdown and removal of all power on a machine or production process, tasks can be carried out with power removed from only the potentially hazardous elements. Implementing this type of zone control, where only the affected area of the machine is impacted during an E-stop event, is becoming standard practice to minimise production losses. By not powering down the whole machine, the safety system ensures that plant operations can restart immediately after the safety system is reset.

The opportunity to simplify access to equipment is one of the most significant productivity benefits of improved safety design and automation of safety systems. It is an industry fact that employees need access to guarded equipment to carry out various minor servicing operations — such as cleaning, corrective action or parts handling. Consequently, providing safe routine access to the machine to accommodate these work processes, without undergoing total machine lockout or tag out, can deliver important time savings.

Simplify access

Take a robotic palletising cell as an example. In Figure 1, a robot loads pallets one by one onto an exit conveyor. Onto each pallet it deposits cartons of ‘end product’ transferred from an entry conveyor, until the pallet is full and it must retrieve another. Using traditional safety practices, the cell is fully safeguarded behind a physical barrier to prevent access to employees without full lockout/tagout.


Figure 1: In a robotic palletising cell, the control system requires time-consuming lockout/tagout to reload pallets, resulting in unavoidable downtime and lost production.

The problem is that access is required by employees on a regular basis, whether to reload the stock of pallets using a forklift (hourly) or perform tasks such as cleaning spills when the robot drops a carton. For each of these routine tasks, the downtime of the cell is between 12 and 20 minutes — or longer, depending on how quickly lockout/tagout can be achieved. At least nine of those minutes are required for the robot to re-home and restart.

Insightful safety design practices and full control of all moving equipment by the safety system can eliminate much of this downtime. For the case where the pallets need to be reloaded, the safety system is now put into ‘load pallet’ mode, which restricts the robot’s movement via limit switches (Figure 2). This allows the robot to continue transferring cartons to the pallets, but prevents it from accessing the pile of new pallets as they are restocked. The addition of a fence around the pallet stack area prevents access into the full loading cell. The result is zero downtime, saving at least 12 minutes of production time every hour.


Figure 2: Deployment of a safety control system and inclusion of physical guarding in a palletising cell allows the robot to continue restricted operations during ‘load pallet’ mode.

When full access to the loading cell is required, the safety control system is put into ‘access mode’. Once again, this ideally involves an ‘end-of-cycle’ operation, where the robot stops in a controlled sequence to save re-homing time. With the robot halted and safety monitored, the safety system permits access to the cell without total electrical shutdown (such as lockout/tagout), and the time required to get the machine back online is minimised. In some cases, it might even be possible to have a robot continue to perform unrelated functions if it is deemed safe. One example is where a robot bridges two work areas to retrieve or pass parts downstream. A sophisticated safety control system could prevent the robot from entering whichever cell or work area was put in ‘access mode’, but would not prevent the robot’s other work activities surrounding the work cell.

New tools for a new age

In view of these examples, it is not difficult to see how production improvements provided by well-designed safety systems can justify their implementation. Moreover, as functional safety standards evolve to accommodate technology developments, industry can take advantage of new tools such as integrated safety systems to do things differently. A holistic view ensures that the task of servicing — and operating — the machine becomes intricately tied into how safety is controlled.

No longer is the safety system its own individual entity — it is now a critical component of the entire plant automation and production system. In this new age of safety, neither should be considered in isolation.

*Gary Milburn is Rockwell Automation Area Manager, Safety.

Rockwell Automation
www.rockwellautomation.com.au
www.rockwellautomation.co.nz

 

Related Articles

Integrating standard signals into functional safety

Non‑binary signals such as analog inputs and encoder readings are very common and should be...

Light curtain or safety laser scanner?

Safety light curtains and safety laser scanners are the two most common machine protection...

SIS logic solvers: more choices are needed

Most safety applications can be handled by safety PLCs; however, they are frequently overkill...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd