E-stop strategy?

kolyur

Lifetime Supporting Member + Moderator
K
Join Date
Oct 2004
Location
Wooster, Ohio
Posts
1,602
We have an integrated production line that consists of four machines in series, each feeding into the next. Each machine has its own electrical cabinet and PLC. There are a total of 13 E-stop buttons located at various places on the line, and depending on their location they are wired into different cabinets. The E-stops are individual to each machine, in other words if I kill one machine the rest will keep running.

My current project involves replacing one of the machines in the line with new equipmnt. A directive has come down from our safety administrator that when this new machine is installed, all of the E-stop buttons need to control the entire process. In other words, hitting any of the 13 buttons will cause all 4 machines to E-stop.

I discussed this with our electrician and we thought about connecting all the E-stop buttons in series (with redundancy) and having that loop connected to a safety relay that would be located in the cabinet of the new machine. Additional lines would then be run from this safety relay to the MCRs of the three other machines. This would still require each machine to be reset from its own panel if the E-stop is tripped, but that's OK.

One problem with this strategy is that if the new machine is down and locked out for maintenance, the other machines could not run because they wouldn't be receiving an E-stop signal. (Even though it's an integrated line, they occasionally run some machines individually.) Should the safety module be located in a separate enclosure for this reason?

Another wrinkle to this whole problem is that when a guard door is opened on any of the machines, we still want to enter an E-stop condition but only for that particular machine. This leads me to believe that we will need a safety relay on each machine, plus a separate unit to handle the E-stop buttons. (BTW, the safety module that I'm looking at is the Banner ES-TN-1H5.)

My main question is, what are some other ways to make this work? I am sure some of you deal with these kinds of issues every day... I would be interested in hearing your experiences and suggestions. Thanks!

-John
 
My current project involves replacing one of the machines in the line with new equipmnt. A directive has come down from our safety administrator that when this new machine is installed, all of the E-stop buttons need to control the entire process. In other words, hitting any of the 13 buttons will cause all 4 machines to E-stop.
Click to expand...

You will need to talk with your safety administrator, once that directive is implemented you will have ONE process, not 4 machines. That means that any device connected for saftety; estops, guards switches, etc, must stop the whole process.
 
Hello kolyur.

Yes you would need separate safety relays for E-stop and inspection door.

For the globally acting E-stops, I would have one E-stop relay collecting all the E-stop buttons. Then cascade from the common E-stop relay to the E-stop relay in each machine. The common E-stop relay would have to have a lot of contacts, possibly via an expansion relay.
 
rsdoran said:
... once that directive is implemented you will have ONE process, not 4 machines. That means that any device connected for saftety; estops, guards switches, etc, must stop the whole process.
Click to expand...
I dont know the regulations over on your side of the pond, but over here, when opening an inspection door on a machine does not require that neighbouring machines also stops.
 
You will need to talk with your safety administrator, once that directive is implemented you will have ONE process, not 4 machines. That means that any device connected for saftety; estops, guards switches, etc, must stop the whole process.
Click to expand...
rsdoran, thanks for your reply. I had not thought of it this way before. I can see that this setup could potentially create a false sense of security--Johnny sees Suzy get pulled into a machine further down the line and yanks a guard door open, thinking that will stop everything.

But from an operational perspective, it will be very inconvenient if opening any guard door E-stops the whole line, since the operators are frequently getting inside the machines to make adjustments. (I am certain that management would frown on that unless there was a specific regulation that required it.) Is there an OSHA standard that deals with the requirements for integrated lines?

It is no use asking our safety administrator, as he is not familiar with any OSHA requirements except for machine guarding.

Thanks,
John
 
this will become very complicated very quickly depending how far you want to take it.
Click to expand...

Yes I'm starting to realize that. I'm leaning towards Jesper's suggestion... having a "common" safety module that would handle the Estop PB's, plus a separate safety module in each machine cabinet to monitor the guard doors. The common module would only need to be a 4-pole unit, as we only have four machines in the line.
 
I'm not sure how someone decided to treat four machines as one process, all with a common e-stop.

I worked at a major automobile assembly plant and new machines were designed as "cells", especially if they had robots. Each cell had a standard lockout system where you could do certain things, for example make adjustments, but there was a standard, posted procedure in place to do these tasks. Only maintenance personnel had the appropriate keys.

Certainly the five hundred cars in progress on the assembly line didn't come to a grinding halt because someone hit an e-stop.

I think everyone involved in your project must evaluate their respective goals (management=output, personnel=safety, maintenance=ease of adjustment) and the machine design can only proceed based on this common understanding.
 
If these machines can run separately, you will be sorry very soon if you link them all together. The first time you have to do maintenance on one of the four, you will have the other 3 down.

We have a machine that can stack upstairs or downstairs. Until now, if an estop was pulled, the whole machine was down. It is now being modified to allow lockout and estop of the downstairs unit for maintenance, while still allowing production to run upstairs. I'll be curious how this comes out for you.
 
kolyur said:
A directive has come down from our safety administrator that when this new machine is installed, all of the E-stop buttons need to control the entire process. In other words, hitting any of the 13 buttons will cause all 4 machines to E-stop.
Click to expand...
Just goes to show you, there's no "TEAM" in "safety administrator" (unless you take the "T", "E", and "A" from "safety" and the "M" from "administrator" but that gets complicated.)

Seriously, you should run all ramifications of the directive from your safety administrator past EVERYONE involved for their feedback. Management might not be too happy with the potential of lost production and a new safety directive might need to be implemented.
 
JesperMP said:
I dont know the regulations over on your side of the pond, but over here, when opening an inspection door on a machine does not require that neighbouring machines also stops.
Click to expand...

Jesper, others have made replies similar to some of what I may have said but I will attempt to offer more thought on the subject.

E-Stop ckts, although they can use safety relays etc, is still independent of the machine process. The estop ckt should be a continuous closed system.

Therefore once he implements an estop ckt that includes the 4 machines it will become one system (one machine), you can not have means to bypass the ESTOP ckt. This will mean, regardless of reason, if one machine is emergency stopped they must all stop.

As Jimmie mentioned it may be better to have them as "cells" or separate machines in a process where you can work estop circuits per machine.

It can get complicated very easy. The bad part is it can be hard to know you have done something that could be construed as wrong until something bad happens.

After thinking about it I guess it could be done if you implemented a completly separate E-Stop panel that fed all 4 machines their control power but did not incorporate permissives to run i.e. #2 has to be ON/running before #3 could come on. This may allow you to use separte safety relays etc for machine guarding and disconnect power to any machine in the system for maintenance. You would still have energized wiring at the machine panel but proper instruction and labeling should make that irrelevant.

I am not sure if I explained that very well but it means an estop would stop all machines but any of the 4 machines could be turned off or guard removed and isolate or stop just that machine.

The only issue, that I can see, is whether you can technically have the machine guarding separte from the estop ckt. This will also mean using multiple safety relays for each machine.

That and the confusion mentioned about opening a guard door attempting to stop the whole system.
 
Might think of stringing a pull-cable e-stop around the cell that would act as a global e-stop, while still maintining the station level e-stop circuits.
 
Our system

Your opportunity is a common one for processes that are broken down into duty specific machines, all which run in conjunction with one another. On our lines here, we handle this situation in the following manner:

Each separate entity(cell, machine, etc.) has was is called a Group Stop. This is a safety circuit which is tripped when conditions are such that this needs to happen. (guard door opens). All of our processes also have zero speed relays, which are commonly available. If a guard door is open while any of these relays detect motion, the E-stop is lost. The estop is a continuous chain running the entire process.

The group stop is basically a local estop for a certain section of the process. For example, if operators lock out a section of a machine, and the zero speed relays with that associated piece detect no motion, all is well, and the Line Master Estop is fine.
However, if motion is detected, or a guard door is left open and the lockout disconnect is energized, then Line Master Estop is lost. This is a far simplified version of what we actually have installed, but I think it will give you and idea of how we treat this condition.

Again, I'd like to stress that the Group Stop circuit is an Estop circuit that is local. However, this safety relay output is installed in a process spanning estop chain, simply with other things which can allow it to drop out without killing the entire Estop chain. All local machines are equipped with both Group Stop PB's and Estop Pb's.

This is the only method I have seen here, but it serves us quite well.

Russ
 
First question I would ask is where is the risk assesment that has determined that the existing machines need to be integrated in this manner and what standards were used to determine this.
 

Similar Topics

A
Simatic ET200SP DI module triggering line stop even though no body press this line stop button
We are facing intermittent issue with emergency stop and line stop. Line stop triggering with alarm of line stop push button activated at one...
Replies
11
Views
306
RVaughan
RVaughan
D
Stop AC motor at specific positions
Hope you are doing well. Currently, I am involed in a revamping project. It requires to stop a mixer at specific postion. For the detail, this...
Replies
9
Views
317
parky
P
J
Emergency Stop reset Siemens
Hi need help why this “failure 5 emergency stop “ appears at every startup in the morning ? Have to shut off main switch at least 10 times on...
2
Replies
19
Views
410
John Lee
J
T
Mitsubishi A172SHCPUN Run/Stop keys
I'm looking to get some spare keys for this PLC. Does anyone know a source or have a part number? My searches are turning up nothing at the moment.
Replies
1
Views
103
goghie
G
T
Powerflex 525 has a frequency of 2-2.50Hz when being told to stop
Hey all, I am currently working on a depalletizer for a customer and we are doing a hoist upgrade. This is a SLC500 processor and the drives are...
Replies
6
Views
344
Tbone1465
T
Back
Top Bottom