Packaging automation professionals tend to be very aware of safety, knowing that safety failures can have both human and business costs. They are typically less aware, though, of the seeming avalanche of safety standards that are increasingly affecting both automation vendors and users, or of the changed assumptions that underlie those standards.
Certainly the fact that there are a number of relevant standards, each with their own code-like set of letters and numbers, can make the subject a bit confusing. Still, it’s important to have a basic understanding of the standards: In part because of the effect they are having on machine and system design and implementation, and in part because of the effect they can have on your bottom line.
That last statement may seem a bit cryptic, but as the inimitable Charlie Chan might have observed, “Have patience… all will become clear momentarily.” First it is necessary to sort out the standards themselves, and most observers agree that the place to start is IEC 61508.
As Stephan Stricker, product manager for automation supplier B&R Industrial Automation Corp. (www.br-automation.com), Roswell. Ga., points out, “IEC 61508 is a broad standard from which several newer, more targeted standards have been derived.” This generic standard marked a drastic shift in the approach to safety. Previous safety standards had always been prescriptive: You must do this; you must not do that. With IEC 61508 and the subsequent standards derived from it, the approach became more functional. Functional safety evaluates the safety of a system or piece of equipment in relation to a broad range of “real-world” inputs, including the operation of upstream and downstream systems, as well as likely operator errors and environmental disruptions.
Importantly, functional safety is a holistic, or end-to-end approach, one that employs the concept of safety lifecycles. This looks at a component or system over its complete lifespan, from the design stage all the way to final decommissioning. The goal is to improve the overall level of safety, with an added benefit of improving the functional operation of the machine or system as well.
The claim that safety standards can improve machine operation seems counterintuitive to many of us who often tend to think of safety strictly in terms of signs saying things like ”Keep hands away from moving parts.” However, Dave Kirklen, business developer for the packaging industry for automation vendor Siemens Industry Inc. (www.sea.siemens.com), Alpharetta, Ga., provides some insight into one of the ways that can happen.
“In the past, the machine builders would simply point guard everything; that is, put a barrier between the person and the machine.” That, says Kirklen, came with a cost in terms of productivity, as operators will need to interact with the machine at some point. If they need to shut the machine down to disable the barrier in order to get at the machine, it’s like a very expensive taxi ride with the cost rising every minute.
Improved access, greater uptime
What we’ve seen over the past few years, Kirklen says, “is that companies are coming up with ways to achieve the required levels of safety and not have to barrier guard the machine from the operator. The idea is to minimize the number of times the machine must be shut down, thus maintaining productivity while still safeguarding the operator.”
Going forward, he maintains, safety is going to be viewed as more of an enabler for production machines, as a factor in building “a net positive ROI, an aid in building better machines that increase reliability and availability.”
The main reason that today’s functional safety standards allow this type of nuanced response to nonstandard conditions, rather than the blunt on/off, go/no go response of former days, is that they embody risk assessment. Risk assessment uses specified models contained within the standard to permit risk levels to be determined for every component in a safety system. That is, you can quantify the possibility that any particular component in that system will fail to perform its function. Put all those numbers together and you’ve got a picture of the risk level of the system as a whole. Now comes the tricky part: How much risk are you willing to accept?
That’s not an invitation to skimp on safety; rather, it’s an acknowledgment that the levels and quality of risk vary. For instance, you could accept a greater level of risk from a component whose failure could lead, at worst, to a minor injury than you could from a component whose failure could lead to dismemberment or death.
As Mike Miller, global safety market development for Rockwell Automation Inc. (www.rockwell.com), Milwaukee, observes, “By defining the hazards of a machine and the associated risk levels of each hazard, the most suitable, functional and cost-effective mitigation techniques can be applied.” He says that when this work is done during the initial design phase, machine builders can avoid the costly—and common—process of having to add additional safety features after installation.
For machine builders there is also an image or public relations benefit: “It also helps the end user see the value the OEM is adding to the machine by mitigating the hazards associated with a machine. It is a win-win situation for both parties involved,” says Miller.
Not only has the adoption of risk assessment permitted a more nuanced approach to safety, one that can potentially lead to a reduction in work stoppages and other bottom line benefits, but some believe it results in a heightened level of worker safety as well.
Identifying more hazards
The general approach to machinery and workplace safety “has changed due to the adoption of risk assessment by standards and the EU directive, and the fundamental process used to reach an acceptable level of risk,” stresses Fred Hayes, director of technical services for the Packaging Machinery Manufacturers Institute, (PMMI) (www.pmmi.org). “There is no such thing as ‘absolutely safe,’ but proper application of the risk assessment process, particularly using the task-based approach, will result in the identification of more hazards. The application of risk reduction measures to reduce these risks to an acceptable level provides better worker protection.”
Earlier we mentioned an array of standards but have spoken so far only of one, IEC 61508. Other standards bodies have developed standards more targeted at their specific constituencies but embodying the fundamental concepts of IEC 61508. These include ISO 13849 and—of particular import for the packaging industry—ANSI/PMMI B155.1.
“ISO13849 is used for lower complexity safety systems, including programmable electronic but also pneumatic and hydraulic,” explains B&R’s Stricker. “ANSI/PMMI B155.1 contains the safety requirements for packaging machinery and packaging-related converting machinery.”
“ANSI/PMMI B155.1, titled: ‘Safety Requirements for Packaging Machinery and Packaging Relayed Converting Machinery,’ is certainly one to start with,” says John Piccinic, regional manager for Pilz Automation Safety L.P. (www.pilz.us), Canton, Mich. That’s because it is a detailed risk assessment methodology and the associated documentation requirements are contained within it.
“Risk assessment should be the start of any sort of safety engineering effort and that is the essence of the B155.1 standard,” Piccinic stresses. In addition, he says that B155.1 references other important standards that are frequently helpful for designers.
These standards both reflect and guide the changed approach to safety, a change which Stricker sees as very positive: “Safety has become a part of the machine design rather than something that you have to add to your machine.” The reason for this change, he says, is that newer standards require you to think about safety upfront, identifying hazards and doing risk assessment and risk reduction during the design phase.
“Making safety a part of your machine concept design can help to avoid hazards at a point where changes are easier to implement. And sometimes you can even eliminate the hazard completely with a small design change,” says Stricker.
Global harmonization
PMMI’s Hayes notes that along with furthering the goals of fewer injuries and less downtime, today’s standards can have strategic business implications as well. “The requirements in the ANSI/PMMI B155.1 have been harmonized with the essential health and safety requirement of the EU machinery directive and the European and ISO standards that support the machinery directive. Therefore a packaging machinery supplier may build to a U.S. standard and meet the requirement of the EU machinery directive.” He says that the goal of harmonizing ANSI/PMMI B155.1 with the European standards is “one standard, one conformity assessment, ship anywhere.”
ANSI/PMMI B155.1, Hayes continues, is important for global consumer packaged goods (CPG) manufacturers because “most of the growth markets for CPG companies are outside of the U.S.” Therefore, he says, CPG companies want machinery that is compliant with the requirements of the U.S. standards and the EU machinery directive to serve their needs in the U.S. and the global markets.
Siemens Kirklen seconds that point this way: “The move to harmonize different national standards is a positive trend, despite all the politics that are sometimes involved.” He insists that for the user confronted by two relevant standards, it’s better to adopt the more stringent one. And, he stresses, this no longer needs to involve high cost. “By adopting the more stringent standard you’ll be sure you’re not locking yourself out of any potential markets, and probably building a better machine as well,” Kirklen says.
Rockwell’s Miller puts it this way: “A machine builder in Arkansas is just as likely to sell machinery to Brazil, India or France as he is to sell to New Jersey. To that end, it has become more important to design machines to global standards rather than to specific regional standards.”
Integrating safety
Safety data isn’t static. Most of it moves from the point where it is generated to a point or points up the information and control ladder. In the past, this has generally taken place over a dedicated safety network and employed a dedicated safety controller.
That picture is changing. A growing number of companies and safety professionals maintain that modern high-speed networks can carry safety as well as machine control data without risk of compromising the safety data, and that today’s powerful controllers can accommodate safety and machine control with no loss of integrity to either.
This battle between dedicated and integrated control is far from over, but the integrated approach is definitely winning. It is winning because of its many advantages, including dramatically less wiring, as well as dramatically less wiring time and the cost savings related to that, along with easier programming and faster commissioning.
In addition, troubleshooting is easier with an integrated system because all relevant information can be read via the Internet connection and the control system’s HMI (human-machine interface). This is a powerful argument in favor of greater integration. As Brian Whitt, senior packaging market manager for sensor and safety device manaufacturer Sick Inc. (www.sick.com), Minneapolis, observes, “Most companies want easy diagnostic capabilities and the ability to troubleshoot a machine remotely over the Internet via whatever protocol they design in.”
Nestlé and openSAFETY
Large international companies like Nestlé are well aware of the value of integration, and are actively seeking to speed
the pace of that integration. Nestlé's most important automation suppliers include Siemens, Rockwell Automation, Schneider Electric (www.schneider-electric.com) and B&R, and they use Profinet, EtherNet/IP, Sercos III and Powerlink for their respective controllers. Currently, a Nestlé engineering team in Switzerland is preparing a pilot implementation of a packaging line in cooperation with these suppliers to develop manufacturer-independent standards for the integration of different control systems. The team is focusing on the use of open communication technologies.
The Nestlé integration project has two key goals: First, create a specification for packaging machines in accordance with the packaging machine language PackML. Second, introduce an openSAFETY-based safety standard that is independent of the controller and bus system, and will facilitate the unrestricted exchange of safety-related information between machines and control systems from various manufacturers.
openSAFETY is a safety protocol, which has been certified for use in systems with a SIL 3 safety integrity level by the German testing authorities TÜV Rheinland and TÜV Süd, has been used in a series of production applications since 2008. Importantly, it is independent of the bus system and interoperable with all transport protocols thanks to “the black channel principle.” This means that any transport protocol can be used to transfer the safety-oriented data, which is packed in a special frame format.
Bryan Griffen, global head of electrical and automation engineering at Nestlé Corporate Engineering, notes that “Nestlé uses automation and safety components from various manufacturers. An integrated standard for safety communication allows for a reliable transfer of safety data within the complete plant, irrespective of the manufacturer of its components. Additionally, the standard also facilitates engineering with regard to system design, commissioning, and maintenance and diagnosis of the safety systems.”
Though crystal balls are notoriously faulty, it seems safe to predict that the Nestlé project, along with international standards, point to the route that industrial safety will travel in the future. In addition, Rockwell’s Mike Miller points to another future safety development that has as yet been little talked about: safety and cyber security.
“Security is rapidly becoming very important. A safe machine on an open network must be secure to prevent someone from modifying the safety code in that machine either intentionally or accidentall,.” Miller says. He adds that “IT professionals can bring significant insight into this aspect of a machine design.”
B&R Industrial Automation Corp. (www.br-automation.com)
Packaging Machinery Manufacturers Institute, (PMMI) (www.pmmi.org)
Pilz Automation Safety L.P. (www.pilz.us),
Schneider Electric (www.schneider-electric.com)
Sick Inc. (www.sick.com)
Siemens Industry Inc. (www.sea.siemens.com)
>> ON THE WEB: Machine Safety Advances. The most recent Packaging Automation Forum delivered safety insight on machine automation and plant processes. Visit bit.ly/related_017
>> Related Feature: September, 2011, More Sausages Plus More Safety
To read the feature article, visit www.automationworld.com/feature-9332
Greg Farnum is a contributing editor to Automation World.
Companies in this Article
Leaders relevant to this article: