janner_10
Lifetime Supporting Member
Can't the HMI trigger the PLC to toggle a relay on/off for the reset to the safety relay instead of the reset button being a physical button that toggles to the safety relay?
Yes it can.
Can't the HMI trigger the PLC to toggle a relay on/off for the reset to the safety relay instead of the reset button being a physical button that toggles to the safety relay?
I hesitant to disagree with James and Tom because of their experience but in this case I think it isn't cut and dried. First since the OP asked about use in the EU, we can throw NFPA 79 out (I don't think it directly addresses the situation in any case).I agree with Tom, you cannot reset safety relays remotely.
We may be talking about two different things, but any safety relay in a control system cannot be remotely reset! that's the whole point of a safety relay, human intervention required. Remotely resetting any safety device while someone is working on the equipment is asking for trouble. How do you know if someone is working on the machine?
See NFPA 79 - Electrical standard for industrial machinery for any issues you have, that's the standard to go by.
I agree with Tom, you cannot reset safety relays remotely.
We may be talking about two different things, but any safety relay in a control system cannot be remotely reset! that's the whole point of a safety relay, human intervention required. Remotely resetting any safety device while someone is working on the equipment is asking for trouble. How do you know if someone is working on the machine?
See NFPA 79 - Electrical standard for industrial machinery for any issues you have, that's the standard to go by.
james
I disagree. If an E-Stop is momentary then a machine can unexpectedly restart after a shutdown situation clears or a spin timer times out. A perfect example would be a high temperature switch closing after sufficient cool down time.
Latching E-Stops aren't 100%, but they are a step in the right direction. I can't think of a good reason to not use latching E-Stops. Even in the case of the original poster, unless he can completely guarantee that there is absolutely positively no one working on that machine when he hits reset, he stands a chance of tearing some poor *******'s arm off.
5.2.2 Manual reset function
The following applies in addition to the requirements of Table 8.
After a stop command has been initiated by a safeguard, the stop condition shall be maintained until safe conditions for restarting exist.
The re-establishment of the safety function by resetting of the safeguard cancels the stop command. If indicated by the risk assessment, this cancellation of the stop command shall be confirmed by a manual,
separate and deliberate action (manual reset).
The manual reset function shall
— be provided through a separate and manually operated device within the SRP/CS,
— only be achieved if all safet y functions and safeguards are operative,
— not initiate motion or a hazardous situation by itself,
— be by deliberate action,
— enable the control system for accepting a separate start command,
— only be accepted by disengaging the actuator from its energized (on) position.
The performance level of safety-related parts providing the manual reset function shall be selected so that the inclusion of the manual reset function does not diminish the safety required of the relevant safety function.
The reset actuator shall be situated outside the danger zone and in a safe position from which there is good visibility for checking that no person is within the danger zone.
Where the visibility of the danger zone is not complete, a special reset procedure is required.
5.2.2 Manual reset function
The following applies in addition to the requirements of Table 8.
After a stop command has been initiated by a safeguard, the stop condition shall be maintained until safe conditions for restarting exist.
The re-establishment of the safety function by resetting of the safeguard cancels the stop command. If indicated by the risk assessment, this cancellation of the stop command shall be confirmed by a manual,
separate and deliberate action (manual reset).
The manual reset function shall
— be provided through a separate and manually operated device within the SRP/CS,
— only be achieved if all safet y functions and safeguards are operative,
— not initiate motion or a hazardous situation by itself,
— be by deliberate action,
— enable the control system for accepting a separate start command,
— only be accepted by disengaging the actuator from its energized (on) position.
The performance level of safety-related parts providing the manual reset function shall be selected so that the inclusion of the manual reset function does not diminish the safety required of the relevant safety function.
The reset actuator shall be situated outside the danger zone and in a safe position from which there is good visibility for checking that no person is within the danger zone.
Where the visibility of the danger zone is not complete, a special reset procedure is required.
Straight from ISO 13849-1.
Take note of the bolded parts, the first being that it all comes down to a risk assessment of the specific safety function for the machine.
The second part to me indicates that if a manual reset is required, then resetting via a standard non-safety PLC or HMI would diminish the safety function.
Typically for us in Australia using AS:4024.1 which closely follows ISO 13849-1 this means that all safety reset functions must be hard-wired to a safety relay or safety controller.
for brown outs and lights flickering, I would use a constant voltage transformer.
in regards to the ups, what does your governing rules say about it?
also, you MUST buy a sine wave output ups, not a square wave type.
the plc and controls might burn up with a square wave. I know seimens has that issue.
regardless of what we post, what are your governing rules?
what does the risk assessment say?
the risk assessment involves safety, engineering, maintenance, and operators all agreeing on the same thing.
james.