Views and assumptions do not mitigate risks or save lives...
Dsager01 said:
I need a dispute settled involving wiring a 1746-OB16 output card. Without giving any information concerning our “views”. How would you wire the card to isolate output power? Assume there is a safety relay controlling K1 and K2.
Safety cap on, so I can be quite stern...
A personal saying of mine - It is safe to assume that to assume is unsafe.
With respect to both parties involved in this "dispute", and any information, provided or not, on yere "views"; both are irrelevant, in my opinion. They are irrelevant in the context of asking "us", the General Forum, what should be done with respect to the wiring of an output module, Safety related or not, where we know nothing of it's usage, potential risks posed or hazards determined.
Asking us to assume that there is a Safety relay involved, and assuming by K1 and K2 you mean dual redundant Safety contactors, still tells us nothing about the output module and any risks or hazards it may have been determined potential of.
Also, and with respect, what anyone else advises that they did today, yesterday, last week or always, is also irrelevant. Safety mitigation comes in many sizes and one size does not fit all. There is no one answer to your question. What may turn out to be correct for your "view" in this case may turn out to be incorrect for the next Safety function you come across.
What is relevant, is something else I always say - Has a Risk Assessment or Risk Analysis been carried out, and if so, what risks or hazards were determined for all or any of this module's outputs? If any, then what mitigation measures have been decided necessary to implement and at what Safety level?
These criteria will better assist us in advising you, but not definitively, on what you may or may not do with regard mitigating any determined hazards as a result of the energy controlled by this module's outputs.
If ye are debating which way the output module's supply should or should not be wired, in relation to Safety, are ye first sure that doing so is the correct or required mitigation measure to achieve the necessary Safety level?
Auxiliary or complimentary isolation -
The isolation of an output module's power supply may be considered as an auxiliary or complimentary Safety measure to the main Safety function. The main Safety function being the tripping of the Safety relay and isolation of hazardous energy via the Safety contactors. Normal practice here is to isolate the module's power via the Safety relay's output contacts. In some applications a complete output module may be assigned to facilitate this module-wide isolation. The isolation of the output module's supply is not considered here to be a Safety function in itself.
Non auxiliary or complimentary isolation -
If separate risks or hazards are assesed as likely enough by any residual energy controlled by certain outputs, then simply isolating the output module's supply may not meet the required Safety level. The residual energy may need to be controlled or dissipated. Here, the main Safety function, or a separate Safety function may need to be implemented to mitigate these risks. The isolation of the output module's supply is not sufficient, but may still be considered as a complimentary Safety measure, atop the Safety function executed upon the output controlled energy.
Individual isolation -
Isolation of the supply for individual outputs is another possibility, as mentioned. Depending on the Safety level required, a separate Safety function could even be required for each assesed hazardous output and its controlled energy. Again, the isolation of the supply alone may not be adequate enough to meet the Safety level.
Maintaining supply -
The other end of the spectrum is where maintaining output supply is critical to the Safety function. Here, redundancy methods may be deployed to ensure the output controlled equipment is maintained operational.
Several options are available as I'm only brushing the surface here. That is as brief a synopsis as I can muster without getting too technical. A/the Risk Assessment is key in determining here what
is required for this output module with respect to its controlled equipment and potential hazards, and not what anyone thinks, has a viewpoint on, or an opinion about.
Stern, I'm sure. But, most sincerely well intentioned. Safety is a serious business and I do take it quite seriously. It should be approached objectively, but too often is rushed subjectively.
Regards,
George