Estop Question

[mk42]

Where does the legal burden of responsibility lie?

In Europe, they have very well defined protections and liabilities based on their standards.

In the US, the standards are much more vague. The standards behind SIL&PL are not considered US standards, and have little weight. There are some specialized standards, calling out how to do risk assessments for robots or CNC's, but there is not a broad standard defining and requiring risk assessments in general machinery. In many cases, companies think that risk assessments actually add to liability, because it is a document that is available during discovery in a lawsuit.

In the US, the legal burden of responsibility lies in anyone the lawyers think they have a chance of suing: the OEM, an integrator that touched the machine, the plant using the machine, and maybe even the supervisor that instructed him to use it. It is almost always cheaper to settle than let it go to trial.

The above info is based on some conversations I've had with a PE who is a consultant on risk assessments and often an expert witness at trials, and not my own personal experience and expertise. I am thankful that I haven't had to deal with any legal liability ******** yet.

 

[iant]

Personally. If I see a machine that does not meet any safety requirement. And. I am going to do any wiring on this machine. I will bring it up in writing to the company.
If I am asked to do a modification on that machine. I will refuse to become involved.
As far as legality, it would be you, that will have that company saying. We had IAN change this wiring. He said it was OK.
This then becomes your burden of proof. Not theirs.

 

[iant]

The safety rule book here says from 2009 onwards. Any change to a control of an hydraulically powered machine. Requires by law to have the mechanical safety updated.
This could become thousands of dollars.

Did you mess with it??????
You poor beggar.

 

[James Mcquade]

the liability issue are as follows:

1. They are buying the equipment and it is up to their safety, engineering, and maintenance crew to evaluate it and approve it. by approving it, they assume the liability.

2. this is a lawsuit happy country and if someone gets hurt, osha gets involved. medical bills must be paid. if the right lawyer gets involved there will be 2 lawsuits his company and those who built it.

Why do you think i am asking Tim to get manuals and training?
lawsuits get messy and draw out for years.

Safety is NOT a now and then thing! its everyday, every machine, every project. no shortcuts, do it right or get someone else to do it for you.

one of my co-workers was nearley killed because someone failed to tag an air compressor as having the main pipe downstream blocked off with a deadplate.

my former company avoided a massive lawsuit because we had paperwork authorizing the plc code to be changed and a test be ommitewd. good thing i had the common since to get it signed off before making the change.

the resulting auto accident wasn't pretty. i cannot comment further.

i cannot stress enough to everyone how important safety is.

regards,
james

 

[iant]

Exactly James.

 

[mk42]

James said it well. Safety isn't a one time thing. It is a continuous process, and one you can never fail to consider.

Mods: sorry for being crass in the previous post. it wouldn't let me in to edit my post, once I saw the asterisks. I assume that's a feature to avoid letting people swear more creatively.

 

[kamenges]

Originally posted by James Mcquade:

1. They are buying the equipment and it is up to their safety, engineering, and maintenance crew to evaluate it and approve it. by approving it, they assume the liability.

As a practical matter, that seems unreasonable. I'm not sure what industry you are in but many of the customers my company deals with purchase equipment from us precisely BECAUSE they aren't experts in the field of machinery design and machinery safety implementation. Your statement would infer that these customers are expected to pay us for the machine and then hire an independent engineering team to evaluate the machine, effectively designing it a second time, before they can be feel confident they can accept liability. And then that still may not be enough. I agree with the statement you made about manuals and training. If the machine was installed according to the installation instructions and is being operated according to the operating instructions I think the end user is doing all they can be REASONABLY expected to do. Granted, in our overly litigious society reason very rarely factors into the decision. But I don't think it is an unreasonable expectation for an end user to rely on the engineering expertise of they vendors.

I do agree with the statement iant made about machinery modification and safety systems. The information I have would indicate that the courts look at things similarly in the US even though there is no explicit statement of this, generally without regard for technical merit. In effect, if you touch it you own it.

Keith

 

[FactoryTalktotheHand]

I have an OEM panel that has 1 estop on the main panel door and 1 remote estop. Most controls are 24 volt but there is one 120 volt output card.

They have 120 volts ac going through both estop buttons which are the key locking type that have to be reset with a key.

The estops drop out the coils on 2 AB safety relays /contactors and they break 120 volts feeding the ac output card and 24 volts feeding the dc output card.

They have no reset button as soon as you pull the estop out the safety relay / contactor has power again but when i't actuated it does give an input to the plc that estop was hit and outputs turn off in the plc and it drops out the start logic in the plc so the machine has to be restarted.

Looks like they are using the locking estop as their method of reset but things could restart when it's pulled back out if for some reason the plc did not get the input to drop out the start / hold logic in the plc.

Is this really safe? Just want opinions on the design. I think we may need to change it?

This is iffy. As you probably know, an E-Stop should reliably stop movement and not restore movement until it is pulled out and a separate action (a reset button) restores it. When you say "safety relay/contactor" do you mean just dumb coil contactors with contacts you cannot physically move by pushing it in, or an actual safety relay designed for safety circuits? I ask because the latter generally has a provision for a reset built in.

I can appreciate the logic behind the keyed E-Stop to replace the reset (it may qualify as a separate action), but I don't like it because you are relying on the most unreliable control system on earth (human beings) to maintain the discipline to not just keep the key in the E-Stop all the time. I guarantee you in any plant if you have a few guys with E-Stop keys having to run around and reset machines, they will get tired of it REAL fast and will most likely just leave the keys in there.

This may be okay depending on what the safety requirements for the machine are. I wouldn't design a system that way, though.

 

[Timbert]

I have an OEM panel that has 1 estop on the main panel door and 1 remote estop. Most controls are 24 volt but there is one 120 volt output card.

They have 120 volts ac going through both estop buttons which are the key locking type that have to be reset with a key.

The estops drop out the coils on 2 AB safety relays /contactors and they break 120 volts feeding the ac output card and 24 volts feeding the dc output card.

They have no reset button as soon as you pull the estop out the safety relay / contactor has power again but when i't actuated it does give an input to the plc that estop was hit and outputs turn off in the plc and it drops out the start logic in the plc so the machine has to be restarted.

Looks like they are using the locking estop as their method of reset but things could restart when it's pulled back out if for some reason the plc did not get the input to drop out the start / hold logic in the plc.

Is this really safe? Just want opinions on the design. I think we may need to change it?

There is some great information in many of the posts already about risk assessment, legal issues, etc. (all real good) so I will just give my opinion on the original.

Based on what I've read, it sounds like this would meet the minimum requirements of NFPA 79. As e-stop seems to fulfil the requirements of overriding all other functions, removing power to the actuators, and reset does not restart the machine but only permits restarting (via the PLC). Nothing in NFPA 79 prohibits the use of programmable logic for this function.

As Scotty once said, "The more they overthink the plumbing, the easier it is to stop up the drain." It would be real easy to imagine a fault with the PLC (or programming) that could cause an unexpected restart.

It is also real easy to modify the design to add a separate manual reset button to latch the contactors. My approach to request to be allowed to change this would be based on the safety integrity of the various components. Those switches and contactors usually have a low probability of failure. The PLC not so much (when compared to the electro-mechanical bits anyway).

 

[James Mcquade]

kamenges,

I would agree with you, but my previous company's legal department said otherwise.

I won't go into any further details due to ongoing issues.

Times are rapidly changing as far as legal issues and I just want to let you know that the liability is no longer just on the OEM, but also on the company that buys the equipment, so says my last employer.

they may be telling a big one, but to error on the side of caution with safety is always a good thing in my opinion.

where I am at now, each person can shut down a line for an unsafe act, process, or danger to the equipment. they actually do what they say, not just make the statement.
regards,
james

 

[iant]

@James.
When this process was started here in late 1987.
The idea then was for the OEM to do a Risk assessment.
Then the person (company) owner/installer
And finally the OHSA company comitee.

It has taken many years to educate the huge numbers this involves.
This is, even now, still in its infancy.

@Tim this is the reason for stating the needs of risk assessment.

Training is crucial.

 

[kamenges]

Originally posted by James Mcquade:

Times are rapidly changing as far as legal issues and I just want to let you know that the liability is no longer just on the OEM, but also on the company that buys the equipment, so says my last employer.

Ouch. That does seem to be a change in the currents. Well, from a completely selfish standpoint, maybe that will reverse the trend of US companies eliminating their engineering departments. Or at least the systems integrators will get more business. The end users will have to have some way to intelligently decide if a machine is actually safe regardless of what the OEM says.

iant, the US is just starting to get going with risk assessments as a normal way of doing business. As an OEM we are seeing more and more customers requiring documented copies of this from us. The good thing is we in the US have a decent pattern to follow from other counties around the world. So with any luck it won't take us as long to get up to speed. But inertia being what it is...

Keith

 

[James Mcquade]

Iant,

I agree with what you are saying.
that's the way I have always done it.

the oem designs it.
we review it and have an initial meeting.
we discuss things and make corrections.
then review again.
approve the design.

all I know is, my former employer made it a point for us (engineering, project managers, maintenance management, and purchasing) that we had to evaluate it thoroughly, once the equipment hit our door and installed, it was ours and we had to fix what ever was wrong unless the oem agreed to fix it at our facility.

they may have been telling us a bunch of lies, but that was the rules we were told and had to go by.

in my projects, I did my research and it paid off.
one contractor was half the price of the others. turns out he was going to use the 20+ year old conduit and wiring on a job when he was told not to. contractor disqualified from bid.
he did the same thing on another quote. permanently removed from bid list.

when 4 contractors are all told the same thing at the same time, you would think everyone was on the same pag.

regards,
james

 

[iant]

This post is good for those who ask about safety. I can say anything.
But
At the end of the day it comes down to the documentation.
And
to any one who takes shortcuts, good luck.

 

[iant]

I might add
I was our companies direct liaison with the OHSA a the time (1987)
the people i worked with were setting these standards
so effectively I do know the system better than most.