Ethics of modifying PLC programs on unsafe machines

[brstilson]

In the US, it is the end-user's legal responsibility to have safe machines. You could legally sell a robot with no guarding or safety of any kind to an end-user and have zero legal liability for it, because the end-user is responsible for knowing the safety requirements and abiding by them.

That said, we also live in a very litigious time and place where even if you aren't legally liable, you can still be sued. Even if you're in the right and can prove it, it still costs time and money to defend yourself.

Personally, I would politely decline the job, stating the unsafe design of the machine makes it too much of a liability for you. Even if the customer offers to sign a waiver, there's the fact that they aren't the only person who can sue you. If someone is killed or maimed due to the unsafe machine, the family of that person can sue me personally. Any waivers the customer signs don't apply to the families of their employees, so ultimately there's still a risk, there.

 

[joseph_e2]

My thought is that ethically/morally, I'm only responsible for the changes I make. I would also personally feel a responsibility to point out safety issues that I see, just like I do here at work. I'm definitely not a lawyer, but my understanding is also that the end user has ultimate legal responsibility for the machine's safety. But...their actual monetary liability can be limited by Workers' Comp law, which then leads injured parties (or their survivors) to sue anyone they can, which includes everyone who's name they can even remotely connect to the machinery. Even prevailing in a lawsuit like that is expensive, as other stories in this thread show.

I'll add another such story, leaving details deliberately vague. At a previous employer we brought in a contractor to do some work we were not qualified to perform ourselves. They made a mistake (or series of them...) that led to an explosion and fire that seriously injured 2 of their employees. At least 1 was transported to a burn unit (via helicopter, I think). The contractor's workers' comp insurance paid out and I think that shielded them to an extent from further liability so the injured employees ended up suing us since we were a much bigger company. It took several years to resolve it. Had we been a smaller company without a corporate team of attorneys, that would have been much harder to fight.

 

[robertmee]

Seems alot of pie in the sky comments in here in regards to the practicality of contract service work. 80% of the automation in operation in the US is likely built on single relay estops from pre 1990s. I guarantee each and everyone of you has worked on a machine where you didn't do a full safety audit. It wouldn't be practical. A customer asks you to expand a recipe template on an HMI/PLC to add one more parameter in a packaging system, and you guys are telling me you do a full safety audit of the entire packaging machine before doing this work, and if it doesnt have locking gates, Sil2 Pld safety curcuits and drive cobtrol, you don't do the work? I call BS.

 

[JesperMP]

80% of the automation in operation in the US is likely built on single relay estops from pre 1990s.

That would be this scenario:

2. Machine has safety functions made with safety relays, i.e. safety is not directly related to the PLC.
You can make modifications to the PLC program, but someone else has to verify that the program changes do not affect the safety.
Put in writing what you have done and that you take no responsibility for the safety of the machine.

It wouldn't be practical. A customer asks you to expand a recipe template on an HMI/PLC to add one more parameter in a packaging system, and you guys are telling me you do a full safety audit of the entire packaging machine before doing this work, and if it doesnt have locking gates, Sil2 Pld safety curcuits and drive cobtrol, you don't do the work? I call BS.

All I say is that you should cover yourself with some well placed paperwork. For example stating in the order confirmation that the you assume that change does not affect the safety of the machine, and you do not take responsibility of the machine in any way.

I think that in the US you are more at risk for being liable for merely having witnessed an unsafe machine, and not doing anything.
So if you do witness something obviously unsafe, you should not refuse the job, but put in writing your concern and post a report when the job is done.
You have to consider if a serious accident happens and the finger points at you because you were the last one working on the machine. If that happens, a paper trail can save your a**.

 

[Mandel314159]

There's a solid case here to get the engineer that left it in the state that it's in held liable from ethical committees that regulate that kind of state. I think the best reasoning for why the "touch it you own it" mentality is that it will be YOU held accountable for anything that goes wrong regardless of how complex a failure was that could have led to injury. If lawyers care, you should too, and from that, engineers have a moral duty to refuse work they know leads to more problems with safety concerns if the company who HIRED YOU for your authority refuses to acknowledge that authority under the pretense of saving money.
What's more expensive? shutting the line down for a week or two, staff costs, and physical assets? or a massive safety lawsuit?

 

[brstilson]

There's a solid case here to get the engineer that left it in the state that it's in held liable from ethical committees that regulate that kind of state. I think the best reasoning for why the "touch it you own it" mentality is that it will be YOU held accountable for anything that goes wrong regardless of how complex a failure was that could have led to injury. If lawyers care, you should too, and from that, engineers have a moral duty to refuse work they know leads to more problems with safety concerns if the company who HIRED YOU for your authority refuses to acknowledge that authority under the pretense of saving money.
What's more expensive? shutting the line down for a week or two, staff costs, and physical assets? or a massive safety lawsuit?

In the US, you have no legal liability at all. It is solely the end user's responsibility to ensure their machines are safe. It is the owner of the machine and only the owner of the machine who is legally responsible for having safety audits done.

If I were running an OEM, I could be selling robot cells without any safety guarding and no E-Stops and not be legally responsible for anything, even if it kills someone. My customer is the one who'd be fined. It was THEIR job to specify a safety standard to me. Now, in the interest of overseas sales, customer relations, not getting sued, and not being the kind of OEM who sells dangerous equipment, most OEMs include safety devices at the appropriate level because at the end of the day, people not getting hurt or killed at work is the ideal scenario for everyone. But if a customer specifically asked me to remove safety features from the design to save costs, even after my stern recommendations against it, I would technically be free to do so. In the US. Whether I would or not would be an ethical/civil litigation concern, but not a legal one. If the machine were going to Europe, it would be because the rules are different there.

 

[Mandel314159]

In the US, you have no legal liability at all. It is solely the end user's responsibility to ensure their machines are safe. It is the owner of the machine and only the owner of the machine who is legally responsible for having safety audits done.

If I were running an OEM, I could be selling robot cells without any safety guarding and no E-Stops and not be legally responsible for anything, even if it kills someone. My customer is the one who'd be fined. It was THEIR job to specify a safety standard to me. Now, in the interest of overseas sales, customer relations, not getting sued, and not being the kind of OEM who sells dangerous equipment, most OEMs include safety devices at the appropriate level because at the end of the day, people not getting hurt or killed at work is the ideal scenario for everyone. But if a customer specifically asked me to remove safety features from the design to save costs, even after my stern recommendations against it, I would technically be free to do so. In the US. Whether I would or not would be an ethical/civil litigation concern, but not a legal one. If the machine were going to Europe, it would be because the rules are different there.

This is really interesting, I'm new into the industry, so most of what I was communicating was based off an ethics class that I went through, but I didn't know that's how machines end up going into customer hands. I think this is more of a result of expressively using liability law against the customer from the perspective of the working engineer, but I don't know if that's true or not. pretty interesting

 

[geniusintraining]

1st I have not read everyone's reply but one thing FORSURE, I would send emails to the higher ups telling them that there is an issue and print the email along with their response and bring them home.... just incase.

2nd I would also tell them how to bring it up to code or at least making it safe, sometimes code is not realistic, if its an older machine they will not want to spend the money but you can still make it a safer machine

3rd When writing them this email, DONT just say you have a machine that is going to kill someone and expect them to want to fix it, word it in a way that they will not be insulted

4th I wouldn't touch it with a 3.05m pole.

Here in the USA we say 3.048 meters

By the way.... I have been there a couple times and have made the machine safer every time, but I did have a position that no one really new what I was working on anyway so if I was doing something no questions were asked

Good luck!

 

[James Mcquade]

brstilson,​

It is no fun being on the other side of things. once there is an accident, the injured person(s) lawyers will find everyone who touched the machine and they are out to get you. Been there once. i had the paperwork requesting the change and the engineers signature. My oem company was cleared of all wrong doing.
My customer was not so lucky. it cost him $$$$$$$$$
james

 

[Steve Bailey]

In the US, you have no legal liability at all. It is solely the end user's responsibility to ensure their machines are safe. It is the owner of the machine and only the owner of the machine who is legally responsible for having safety audits done.

Tell that to the process server who delivers the notice that you're being sued. Tell that to the injured party's lawyer. Tell that to the mediator that runs between the insurance carriers of everybody named in the lawsuit. Tell that to your insurance carrier when they refuse to cover you following the judgement against you.
You see, in the US, once the injured party accepts the worker's compensation settlement, they give up the right to sue the employer, but its open season on anybody else involved with the equipment that caused the injury.