What is Machine Functional Safety?

As stated above, Safety is an ongoing process. Safety systems require diligence in the maintenance and verification of their operation. Through this process, improvements are often discovered or new technology is available, creating a need to update the system. 

A risk assessment is performed in order to determine the Safety Integrity Level that is requires for the particular machine or process under review.  

This assessment must be performed on each process or machine and separately for the entire facility or department. 

The weighted determinations are: 

How severe would the consequences of an event?

What is the likelihood of the event happening?

This is the scientific part. 

Risk Management policies are developed alongside the risk assessment so that plant policies are consistent with the safety 

The Risk Assessment will result in a Frequency number and a severity number - The above chart will tell you which SIL  you need. 

This entire process should be undertaken by a group including but not limited to - Safety consultant, Plant management, Plant Engineering/Maintenance, and a representative from the production department.

The reason for this is to insure that the resulting safety measures consider all aspects of the operation of the equipment as well as how it will be monitored and maintained going forward. 

SIS and SIF's are necessary when simply shutting down the system is not sufficient to ensure safety for the process or the personel.

An example of such a system would be a process tank that is continually being filled and emptied at varying rates. An SIS might be required to pump product from that tank to a safe area (another tank)in the event of an uncontrollable overfill situation. This system would shut everything down after the dangerous situation was mitigated. 

Guards on a robot cell are another example - in the emergency stop situation, Locked doors must remain locked until motion has stopped before de energizing the lock - so the Safety instrument would first shut down the robot, then start a timer counting down to when the guard can be safely opened. 

Safety PLCs are an elegant solution to the safety issue. The safety devices are connected to safety rated PLC IO. Special logic blocks in the PLC that have been vetted by the safety gods perform the safety functions. 

The connected devices can be:

Light curtains

Area Sensors

Gate Switches and latches

Emergency stop buttons

Network devices

wireless devices (safety over profinet)

Stand alone safety devices can achieve high SIL ratings, but can get very complicated  with respect to wiring and the quantity of components needed if your system is more than about 6 devices. However, there are situations where this is the best solution. 

A safety Relay is a relay with 2 or more force guided contacts. 

A safety controller is a Logic device with 1 or more safety inputs  and 1 or more monitoring input, as well as 2 or more safety outputs.