Nfpa 79 9.2.3.2

I have been reading NFPA 79 where Section 9.2.3.2 states:

"Where a hazardous conditions results from mode selection, inadvertenet selection shall be prevented from occuring (e.g. key-operated switch, access code). Mode selection by itself shall not initiate machine operation. A seperate action by the operator shall be required."

My question is that does this only apply where a hazardous condition exists? Should pressing the auto/man button on the screen possibly start the machine, no other action required. Does adding another screen after the operator changes modes asking to operator to confirm the change of modes constitute another action?

To start a machine or conveyor system or a process, I almost exclusively make two actions occur, no matter what the hazard level may be. Two hand switches, press "Auto" then "Start" etc. It depends on what the conditions are per the equipment.

When clearing a conveyor jam, just clearing the eye MIGHT be enough to restart the conveyor but the circumstance will dictate that since the whole conveyor system may not be shut down. Process alarms, when cleared, may not need two actions. But starting something up--I usually want a second action.

This may not work for everyone but that's just my $.02

Stephen3776,

what is your specific application?

We have had (2) touchscreens that have had the pushbutton areas stick on the screen and would have caused an automatic start of the machine. We had programmed in fault logic to monitor against this which prevented the machine from starting.

Your company should have a risk assesment procedure to follow
as well as your safety departments standards.

I have a pet question that i like to ask a lot of times, "When is a machine the most dangerous to be around?" Maybe a silly one, but after nearly getting an arm broke one time, you get the point - really fast.
When its first turned on, when air / hydraulic power is first applied, recovering from power outages, and recovering from e-stops. Most of the time you don't know what will happen unless you programmed the machine and ask a lot of what if questions and go through those situations. If you can ask the question, you need to plan for that problem.

i cannot quote you the book, chapter and verse, No machine can
operate upon power up. maintenance could be doing a visual inspection of the area when power is applied and get hurt.

hope this helps,
james

James,

I using FT 6.0 with 4 workstations capable of placing the equipment in auto from within a control room. I am in a discussion with mgmt. at the moment to make it a two step process to place anything in auto from manual. The reverse of this (manual to auto) already requires two steps (place in manual then turn on).
Since this is a change effects every device I need some solid foundation to overcome "this is the way we have always done it" not just common sense.

Thanks

In order to proceed with what you want, this is what i "THINK" you will have to do.

1. station pull cords e-stops will have to be placed along the entire line for unexpected starts OR guard the line on both sides to prevent unauthorized access. there will also have to be keyed doors for maintenance - this lets you know not to start the system.
2. add buzzers for start up.

3. in depth risk assesments MUST be made.
4. corporate mgmt will now have to get involved with the legal department to discuss liability issues.
5. state, local osha will also be required.

this is just a part of the battle i am aware of for a net plant that went in in the south east US.

Safety has two parts - common sense and asking a lot of "what if this happens" questions. the common sense is easy, the what if questions are the ones that can hurt you. As a former
programmer for an OEM, it was my job to ask the what ifs and try to break the machine in our shop before the customer saw the machine operate.

regards,
james

This question also came up here recently. I had interpreted the part: "Mode selection by itself shall not initiate machine operation. A separate action by the operator shall be required." as always being required, but others had the viewpoint that it only applied when a hazardous condition resulted from mode selection. I did find that the British standard BS EN 60204-1:2006 has nearly identical wording, but the 2nd sentence is in its own paragraph, which would imply that at least in Britain, it’s always required:

9.2.3 Operating modes

Each machine can have one or more operating modes determined by the type of machine and its application. When a hazardous situation can result from a mode selection, unauthorised and/or inadvertent selection shall be prevented by suitable means (for example key operated switch, access code).

Mode selection by itself shall not initiate machine operation. A separate actuation of the startcontrol shall be required.

After re-reading the post from start to finish, here is what i think we are talking about.

In section 9.2.3.1 the machine can have more than 1 mode of operation, the example is auto, manual, normal, and bypass.

9.2.3.2 says that you cannot create a hazardous condition switching between machine states.

So what does that mean?
Simply put, you cannot go from automatic mode while the machine is in running and go to manual, bypass, or any other state. if you do, how will you recover from this? what will be the result? Will the machine stop in place, will parts go flying everywhere, can someone get hurt when they enter the machine area?

I am not allowed to talk specifics, but when a machine suddenly stops / quits / looses power, you must plan for a safe recovery of the machine. i saw a machine that cost well over 1 million dollars, reduce 250k in assembly fixtures to a pile of scrap metal. All because the power went out and the guy hit the home button when power was restored. the OEM didn't think out his process and people ran for cover. The machine tore the fixtures into hundereds of pieces and they became bullets. A 2 lb piece went through a solid wall.

For your panel view application, i would have an automatic mode screen with a cycle start pb, cycle stop pb, and return to main mode selection pb. A message display should also be there to alert the operator of any fault conditions.

While the machine is running in automatic mode, you cannot leave this screen, you must hit cycle stop first. then allow the machine to finish its cycle and goto the home position. Once home, enable the mode selection button.

Just my opinion on your application.

regards,
james