Bypassing a light curtain

[Mark_001]

Hello everyone,

I am not new to this forum but this is my first post.

At work we are working with a simatic safety PLC. Altough this has great advantages over safety relays, but it has a huge downside to. The customer thinks that everything you program in a safety PLC is safe. But i don't think so.

So he came with the following assignment:

There is an hazardous area surounded by fences. In the hazardous area is riding an ATV wich tranfers pallets from one conveyor to another. In the middle of track there is a light curtain and the hazardous area can be entered from two places trough a door (one on each side of the light curtain).

In normal operation when the doors are closed, the ATV can ride throught the light curtain for delivering the pallets. But when we open a door the conveyors between the door and the light curtain stop working and the light curtain is activated. If then the atv or a person goes trough the light curtain the conveyors on the other side and the atv stop working.

Now my question is:

Can you "mute" a light curtain based on the status of the door.
Is it legally approved or is it safe?

 

[dcp325]

Hi,

You can mute a light curtain based on the status of a door, in this case you would also need to determine the position of the ATV relative to the light curtain to make sure you aren't entering the dangerous zone.
Place some safety switches (fe Pilz PSEN) to detect the ATV is docked at the conveyor (one on either side of the curtain). Upon opening the door, check to position switches and if they're not detecting the ATV shut down the ATV and both conveyors. If it detects just shut down the other side.

 

[Mark_001]

@dcp325

Thanks for the advice. Is there some book or reference which tells you how far you can go with the safety logic with the legislation in mind?

Because a lot of safety manuals only give simple examples like if we cross a light curtain the machine stops. Not if the door has opened the light curtain becomes active. If we then cross the light curtain the machine stops.

 

[kamenges]

You need to take this analysis back to "first principles". It doesn't matter what components you use to implement the safety system (within reason and respecting SIL*). The important thing is that the design concept behind the safety system is correct.

Said another way, you need to mitigate the hazards defined by your hazard analysis. Whether you use a plc or hard components to accomplish this doesn't matter. What matters is that the hazard you have identified is properly litigated. So figure out first what the system needs to be able to do and how you are going to physically make it safe. Then apply the components that will make it safe.

Keith

*Some programmable safety devices may not be capable of Category 4 protection.

 

[James Mcquade]

in my opinion, several issues need to be resolved.

you say there are two light curtains and two doors.
Why do you need to go through the light curtain when there are access doors? This is very important.
I am not familiar with your rules and so I am asking the question. The answer holds the key to your answer.

During operations, you need to hit a cycle stop pb.
When you get the cycle stopped signal, use the safety key to allow the door(s) to be opened and LOCK out all other operations in the area. Remove the key and take it with you!!
That prevents someone else from starting the machinery with someone inside the area.
If the light curtains are broken, its an extra safety to LOCK out the system movement. Perform any necessary operations, clear the area and inspect for tools and other items.
Close the door(s), reset the light curtain(s) interlock, reset the safety key to the run position. The key CANNOT be removed in the run position. Return to the normal operations position.
Press the safety reset pb, and wait for a system ready indicator. Press the start pb.

This is how we did it at my former job and you will need to change it accordingly.

You must first do a risk assessment and meet the requirements.
Modify this procedure to meet your safety rules.
Remember, if you can ask the question what if and do not have an answer, plan for it. Safety First!!
hope this helps,
james

 

[ASF]

You must first do a risk assessment and meet the requirements.
Modify this procedure to meet your safety rules.
Remember, if you can ask the question what if and do not have an answer, plan for it. Safety First!!

Nail on the head. The safety category or PL or SIL level has absolutely nothing to do with what switches off when, or where your light curtains, guard switches or e/stops are; only the architecture that connects it all together. I can create a Cat 4, SIL 3, PLe system, and if I leave the most dangerous part of the machine completely unguarded, it doesn't change the fact that my existing safety circuit is Cat 4, SIL 3, PLe.

You MUST perform a risk assessment. For EVERY risk you identify, evaluate the level of protection required for it. Then design a safety system that covers each hazard with a safety category equal to or higher than the identified requirement. If you allow a light curtain to be bypassed, no problem in and of itself; but you must then ask yourself, if this light curtain is bypassed, what risks are now present? Any new risks introduced by the bypassing of this light curtain must then be mitigated by a suitably rated safety system.

A good example is a two handed jog. You may have, say, a chain elevator. Obviously you identify a significant hazard with the chain and sprockets, say you assess it as requiring Cat 3 protection. So you fabricate guarding and install guard switches along it's length in a Cat 3 architecture to ensure the guard remains closed. You have protected against this risk to Cat 3 level. But then, to perform maintenance on the elevator, your maintenance staff need to jog the chain with the guards open. So you allow them to bypass the guard switches. By doing this you have introduced another hazard; so now you need to assess the risk associated with that hazard and decide to what level it needs to be protected. As the hazard is basically the same as before, you will almost certainly assess it as requireing Cat 3 again. So you introduce a Cat 3 two-hand jog station, to mitigate the risk in a different way. But! A two hand jog station only protects the person doing the jogging, not his friend who has wandered over and stuck his head inside to see how it works! So, perhaps you need to implement further safeguards, in the form of procedures, barriers, training, PPE...do you see where this is headed? It's all about the risk assessment.

You have implemented a light curtain. OK. Hopefully before you just threw a light curtain in there, you performed a risk assessment and determined that it provided an acceptable level of cover, taking into account things like the rundown time of the machinery inside, the distance from the light curtain to the hazard, the level of risk presented by the hazard inside the protected area, etc etc. Now you're proposing to bypass the light curtain. OK, so assess your risks again. What could happen if this light curtain is bypassed? Are there any risks to persons or plant? How can you control these risks? Is the light curtain being bypassed in a "safe" manner, or could the bypass mechanism be easily overridden or defeated?

There are a lot of questions to be asked, and nobody can categorically answer them for you from outside. One more time, do a detailed risk assessment, starting with the assumption that if someone CAN do something wrong, they will. And document EVERYTHING. Remember who's livelihood it is on the line if something ever goes wrong and you have to defend your safety system.

 

[Mark_001]

Hey,

Thanks for all the good and interesting replies. If I understand it correctly, I should start with a detailed risk assessment which will determine if this set-up is safe.

 

[James Mcquade]

IMO, Thats the first step.

you then should get with safety, engineering, maintenance, and then the operators.

i do this to get everyone's input.
you cover more possible conditions, even some you never thought of.

regards,
james

 

[kamenges]

Originally posted by James Mcquade:

i do this to get everyone's input.
you cover more possible conditions, even some you never thought of.

This is extremely important, especially if you were personally involved in the design or specification of the equipment. People will suggest and/or do things that make you wonder "What are you thinking? Why would you do that??". But in the greater scheme of things it doesn't matter why. What matters is someone will do it, it needs to be evaluated and protected against if necessary and, because of your normal thought process, you wouldn't have thought of it. The more types of people you can reasonably involve in a risk assessment the more complete the assessment will be.

Keith

 

[ASF]

Hey,

Thanks for all the good and interesting replies. If I understand it correctly, I should start with a detailed risk assessment which will determine if this set-up is safe.

 

[da_mule]

Go to the PILZ website & download pdf 'Safety Compendium' (...Expertise --> Safety Tools) - a lot of useful information.

 

[Mark_001]

Go to the PILZ website & download pdf 'Safety Compendium' (...Expertise --> Safety Tools) - a lot of useful information.

Thank you very much this is indeed useful