Emergency Stop Pushbutton Design

Join Date
Oct 2016
Location
Philadelphia, Pa
Posts
20
Does anyone know the criteria/standards that walk you through the process of determining if Emergency Stop buttons need to be hardwired, or if they can just be defined on the PLC HMI?

I have a customer that needs to be perform certain E-Stop actions for their particular process application (specialty chemical industry), but they don't currently know if the buttons need to be hardwired (or if they can just be 'soft' buttons on an HMI).

Any input that you can provide would be greatly appreciated. Thanks in advance!
 
Siemens has an instruction for the HMI interacting with the safety program (2 step process with confirmation), so hypothetically safety on the HMI isn't impossible.

That said, a button on the HMI is not a replacement for an E-Stop button, but if you're using a safety PLC it could potentially be incorporated as an additional measure.

In the US, NFPA 79 is the main safety code. Worldwide, you can take a look at a standard like IEC 61511.
 
Do both, have one hardwired and one controlled by software. E-stops are always hardwired cause the delay from software can cause safety issues.
 
Do both, have one hardwired and one controlled by software. E-stops are always hardwired cause the delay from software can cause safety issues.

I believe a lot of what is being stated in this thread needs to have an asterisk by it.

It would be incorrect to say that E-stops cannot be in software because safety PLC's do exist and I believe it would be OK to have E-stop software inside of them.

As far as having an E-stop PB on an HMI screen then PROBABLY the HMI would need to be a safety-rated device. I'm not sure they exist.
 
Does anyone know the criteria/standards that walk you through the process of determining if Emergency Stop buttons need to be hardwired, or if they can just be defined on the PLC HMI?

I have a customer that needs to be perform certain E-Stop actions for their particular process application (speciality chemical industry), but they don't currently know if the buttons need to be hardwired (or if they can just be 'soft' buttons on an HMI).

Any input that you can provide would be greatly appreciated. Thanks in advance!

I would first consider the application and the consequences of not being able to stop the equipment then I check electrical codes and last but not least personal and company liability.
 
Does anyone know the criteria/standards that walk you through the process of determining if Emergency Stop buttons need to be hardwired, or if they can just be defined on the PLC HMI?

I have a customer that needs to be perform certain E-Stop actions for their particular process application (specialty chemical industry), but they don't currently know if the buttons need to be hardwired (or if they can just be 'soft' buttons on an HMI).

Any input that you can provide would be greatly appreciated. Thanks in advance!

You don't really clarify, but if your goal is simply to execute an immediate stop of various pieces of equipment to prevent a process train wreck, rather than to address safety concerns, then it would be fine to do that with an HMI pushbutton, but I wouldn't label it an "E-Stop".
 
As far as having an E-stop PB on an HMI screen then PROBABLY the HMI would need to be a safety-rated device. I'm not sure they exist.

I have heard of HMIs with Estop pushbuttons built in. I've even heard of a SCADA system that billed itself as SIL2, although I have no idea what the application was. I haven't seen any machine HMIs rated to have a button on the screen act as an Estop.

HOWEVER, it seems reasonable to be able to have the safety system respond to a standard input IN ADDITION to the regular safety inputs/estops. Depending on your risk assessment, etc etc.
 
Bit_Bucket_07

In answer to your question, yes we need to execute an immediate stop of various pieces of equipment because these actions will prevent safety related events from occurring

So, based on this, does that mean the E-Stop button must be hardwired, or (as kalabdel and mk42 indicated) does the decision really depend on the outcome of the risk assessment (which looks at the consequences, severity and risk associated with the relevant process related events that could occur)???

Looking forward to hearing everyone's thoughts again
 
IMHO, if you call it a E-Stop it needs to be hardwired, or call it a STOP and do what you want, but it comes back to the risk assessment.
To many people call a stop an E-stop, without understanding the issue they cause themselves by adding the E at the start.
 
(as kalabdel and mk42 indicated) does the decision really depend on the outcome of the risk assessment (which looks at the consequences, severity and risk associated with the relevant process related events that could occur)???

The first thing you need to identify is what safety standard(s) you're trying to follow. From there you can start your risk assessment.

To be clear: I'm not aware of any situation in which a button on an HMI could replace (or even be called) an E-Stop button. However, it may be permissible for a button on an HMI to have a similar result (ie safely shut down a system).

E-stop is kind of a protected term, and a button usually needs to meet various requirements to qualify (I think someone linked a rockwell document somewhere in the thread that had some good details there). In addition, you really really shouldn't have any buttons that could conceivably confused as an Estop. If you have a red/yellow mushroom pushbutton as your start button, you're gonna have a bad time.
 
I believe a lot of what is being stated in this thread needs to have an asterisk by it.

It would be incorrect to say that E-stops cannot be in software because safety PLC's do exist and I believe it would be OK to have E-stop software inside of them.

As far as having an E-stop PB on an HMI screen then PROBABLY the HMI would need to be a safety-rated device. I'm not sure they exist.

He is not using a safety PLC, so definitely needs a hardwired e-stop to prevent his safety-related issues from occurring. Since I've never used a safety PLC, I cannot say how well they work.
 
You do not, ever, design an "Emergency Stop" pushbutton, unless you want to spend many thousands of pounds having it certified as an "Emergency Stop" device.

If "Emergency Stop" is what you want, you buy it in, from manufacturers that have gone through the expensive process of certification.

Of course you can, as others have suggested, design a "Stop" button, but you must never use a "Stop" button as an "Emergency Stop".

Be very, very, clear about the differences between the two, and the implications of using the wrong, inferior, or less safe, device or implementation in your applications.
 

Similar Topics

Hello, I have plc Schneider TM241CE40T with the hmi HMIS5T. Do you have idea how to disable a button after an emergency stop to vijeo designer ...
Replies
5
Views
1,378
Dear colleagues I am learning to program siemens plc. I have a problem with how to solve the problem with a power outage and emergency STOP...
Replies
3
Views
1,674
Hi, I would like some recommendations/advice on wiring of a dual channel Emergency Stop for a 240V AC motor (single phase), I have 3 options in...
Replies
47
Views
13,199
Hi, We have a machine that we wan't to restart after power on if the emergency stop is OK. But if the emergency stop is tripped with the button...
Replies
21
Views
6,346
I'm working on a project that has e-stop pull cords around the full length of a conveyor system which is about 750 feet long and it has 16 e-stop...
Replies
16
Views
7,885
Back
Top Bottom