I recently had an event that I would like to ask the experts on this site how they view it and how they think the outcome should be.
A machine that was designed overseas has electrical and pneumatic controls. It is clearly labeled with all the safety warning. There is also a keylock to override some of the safety devices.
Issue: Mechanic working on machine. Has to make an adjustment to a set of shears. Opens the doors but has the key switch enabled. Pushed estop and proceeds to make adjustments. A wrench falls on a sensors activating it. The stored up residual pneumatic pressure caused the shears to active causing the mechanic to require 23 stitches in his hand. Lukily did not loose anything.
Manufacturer of machine noted that during the routine in question the outputs were not locked out on the PLC. All other times they were but not this time. They send in a revised program.
The safety committee put all the blame on the mechanic. Stating the following: Mechanic did not have machine properly locked out, mechanic had safety key system enabled, mechanic did not remove all stored energy.
While I do see the companies point I dont think it fair to place all the blame on the mechanic. I beleive the mfg should also have been mentioned in the report being as they did not have the outputs locked out during that step in the process.
So in a case like this where do you draw the lines of whose at fault and what to report?
Just curious. Thanks and have a great and prosperous new year.
Granted that we're all responsible for our own safety, and perhaps LO/TO and removing stored energy could have been done and the adjustments still made. The mechanic, unfortunately, will always bear the brunt of the responsibiltity for his/her own safety.
Having said that... as an automation engineer and PLC programmer, I am very distressed that:
- A machine that was E-Stopped did not, itself, dump its air system and pneumatic energy when the E-Stop was activated;
- A machine that was E-Stopped did not remove power from actuator control circuits (i.e., the pneumatic solenoids)
- A machine that was E-Stopped was executing logic -
A wrench falls on a sensors activating it ... caused the shears to active - rather than in a logical stopped or logical safe state waiting for the E-Stop to be removed and the safety relays to be reset.
True, under some circumstances not all of that can be done. But together, those three things make me think that the machine was very poorly designed and programmed from a controls standpoint.
The fact that the E-Stop doesn't function in any and all circumstances is remarkable, to say the least. Using a key switch to override guarding for machine setup, testing or maintenance is sometimes necessary. (The individuals with the key are supposed to be qualified and trained on that equipment for the work they're performing, but that's another area.) But the fact that the E-Stop failed to prevent machine operation, on so many levels, is frightening.
There's not much defense against this other than to write contracts requiring vendors to meet NFPA 70 and NFPA 79, and then performing a safety review of the machine at delivery regardless. If it was an "off the shelf" type machine rather than custom (I really hope it was not) then the safety review is even more essential.
So yeah, I would have tagged the mechanic and his/her training. However, from there I would have tagged whoever bought the equipment; whoever installed and commissioned the equipment; and the equipment vendor, who would certainly not be at the top of the list for future procurements.