The four most common machine safety violations
By Michael Joaquin, P.Eng and Todd Mason-Darnell, Ph.DGeneral Machine Building
Experts weigh in on the areas of noncompliance encountered most frequently during risk assessments.
Safety is a central concern of any manufacturing application. With heavy objects moving at high speeds and sharp edges ready to slice, industrial machinery creates a host of hazards that good training can’t fully protect against. For this reason, protection must be built into the system itself by means of guarding, control of hazardous energy sources, and other safety measures mandated by today’s standards.
When the lives of machine operators and maintenance personnel are at stake, it’s essential for manufacturers to have risk assessments conducted at regular intervals to provide a foundation for bringing all industrial equipment into compliance. Here, we’ll take a look at the typical areas in which risk assessment service providers find compliance lacking, as well as the reasons why some companies are tempted to cut corners.
1. No guarding or noncompliant guarding at point of operation (CSA Z432-16 c.10).
CSA Z432-16 is a wide-ranging safety standard that brings all the safeguarding-related requirements for the design, installation, operation and maintenance of industrial machinery under one umbrella. One of its most commonly referenced sections is that which describes Operator Interface/Point of Operation (PoO) guarding requirements. This is one of the most dangerous parts of the machine, since it’s where work is performed on a substrate.
Proper PoO guarding must accomplish two related goals: (1) preventing access to the machine when its motion could be hazardous; and (2) stopping the machine from moving when a person needs to access it (such as during maintenance). Violations of these requirements are unfortunately not uncommon, as poorly designed safeguarding is often removed when it starts to interfere with the task of operating the machine.
2. Inadequate functional safety performance (CSA Z432-16 c.8)
Another well-known (and commonly violated) portion of CSA Z432-16 discusses the requirements for functional safety performance, which refers to the performance level (PL) of the safety related parts of the control system (SRP/CS). Typically, the SRP/CS must “fail to safe” – in order for a high-risk machine to be compliant. Lack of a safety-rated monitoring device for the safety circuit is a quick indicator of non-compliance.
The degree of redundancy and monitoring for the controls must be appropriate for the level of risk being assessed. Risk assessment providers often find that manufacturers connect light curtains and interlock switches on high-risk machines back to a regular PLC or relay instead of a safety-rated PLC or a safety relay. Standard (not safety-rated) equipment is insufficient for this purpose because it lacks the proper redundancy level.
3. Noncompliant E-stop buttons (NFPA 79/CSA Z432-16 c.7.15)
E-Stop buttons provide a quick, surefire way to shut down a hazardous machine in an emergency. Due to their great importance, they must meet strict guidelines that ensure standard functionality in addition to a recognizable look and feel. E-Stops must be red-colored pushbuttons mounted above a yellow background in an easily accessible location, and there can’t be an automatic reset option (only manual reset is allowed).
Unfortunately, risk assessment providers find noncompliant E-stops somewhat frequently. This is typically due to a lack of knowledge about the requirements or a desire to prevent the E-stop from being pushed too frequently in non-emergency situations. Some manufacturers choose to use E-stops for routine machine shutdowns, which is also a standards violation because it wears out the button’s contacts.
4. Noncompliant or missing energy isolation components (CSA Z460)
Maintenance work typically requires direct contact with machinery in ways that would be extremely dangerous – or impossible – if the machine were to be running, so the equipment must be turned off. However, if there’s no way to lock out and dissipate hazardous energy during this time, it’s possible that another worker could accidentally press a button that gives power to the machine being worked on. This could result in a serious accident.
To prevent such occurrences, manufacturers must control the machine’s electrical, pneumatic or hydraulic power sources through a strategy known as lockout/tagout (LOTO). Unfortunately, many manufacturers find it difficult to isolate their hazardous energy sources in a way that complies with the requirements set down in CSA Z460, and the failure to do so may be responsible for almost 10 percent of the most serious accidents that occur on the plant floor.
To properly isolate hazardous energy sources, manufacturers typically use a number of retrofit devices. The device depends on the type of power involved. For pneumatics, there’s an energy isolation valve with a bleeder to dissipate the energy and let the air out. For electrical energy, there’s usually a panel with a big switch or a breaker. Both must be lockable in the OFF position only. In addition to this, manufacturers need official written policy and annual LOTO training.
A challenge that must not be ignored
Although it can be challenging to achieve complete machine safety and standards compliance, there’s no good reason to take the easy way out. By failing to provide a safe working environment, companies can be held responsible for serious accidents occurring on the plant floor. It is essential for manufacturers to pay attention to proper safeguarding, safety control system performance, E-stop button requirements and the complete isolation of hazardous energy sources.