html5-img
1 / 81

Essentials of Machine & Process Safety

Essentials of Machine & Process Safety. Standards in Perspective Derrin Drew. Agenda. Why Safety What is risk based design Legal Framework State regulations, national guidelines and standards Lifecycle Risk Management Process Risk Assessment. Agenda. Tolerable risk Safe Design

faunus
Télécharger la présentation

Essentials of Machine & Process Safety

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Essentials of Machine & Process Safety Standards in Perspective Derrin Drew

  2. Agenda • Why Safety • What is risk based design • Legal Framework • State regulations, national guidelines and standards • Lifecycle Risk Management Process • Risk Assessment

  3. Agenda • Tolerable risk • Safe Design • Definition of Reasonably Practicable • Integrity of a safety system • Approach to the design of safety systems

  4. Why Safety? • Studies indicate 51% of workplace fatalities resulted from injuries from fixed plant and machinery. • Failure to adequately guard the machine was a factor in 37% of these cases. 69% of cases studies occurred in the manufacturing industry. • WorkSafe Australia processes 47,000 workplace claims per year for injury from machinery involving 5 or more days off work.

  5. Safety st Research commissioned by the National OH&S Commission (replaced by the Australian Safety and Compensation Council in 2005), examined the contribution that the design of machinery and equipment has on the incidence of fatalities and injuries in Australia. The study indicated that: Of the 210 identified workplace fatalities, 77 (37%) definitely or probably had design-related issues involved. In another 29 (14%) who identified workplace fatalities, the circumstances were suggestive that design issues were involved. Design contributes to at least 30% of work-related serious non-fatal injuries. Design-related issues were most prominent in the ‘machinery and fixed plant’ group, and mobile plant and transport’ group. Similar design problems are involved in many fatal incidents. Design-related issues were definitely or probably involved in at least 50% of the incidents in the agriculture, trade and mining industries with between 40-50% of the incidents in construction, manufacturing and transport/storage industries. Solutions already exist for most of the identified design problems (such as seat belts, rollover protection and guarding)

  6. Protect People and Increase Productivity • Investing in machine safety • Health & safety for all personnel • Cutcosts associated with: • Physical injuries • Insurance premiums • Lost production, penalties • … • Increased productivity due to the prevention of accidents • Betterfailuredetection • Worker confident at work • Improving maintenance efficiency • …

  7. Machine Safety as Global Concept Design and production Installation and implementation • Safety must be taken into account: • already in the design phase • and must be kept in place throughoutall stages of a machine’s life cycle: • Transportation • Installation • Adjustment • Operation, Production • Maintenance • Dismantling • Safety is necessary to obtain CE mark Operation Maintenance

  8. Legal Framework

  9. Legal Framework • The General Duties • Resolution of Issues • Safety and Health Representatives • Safety and Health Committees • Enforcement of Act and Regulations Occupation Safety and Health Act supported by • Set minimum requirements for specific hazards and work practices • Reference to National Standards developed by NOSH • Australian Standards developed by Standards Australia • National Standard of Plant Occupation Safety and Health Regulations and • Codes of Practice • Advisory Standards • National Codes of Practice and National Standards developed by the NOHSC • Australian Standards developed by Standards Australia Guidance Material

  10. What are the national OHS laws? • Safe Work Australia is developing national model OHS laws. By December 2011, each jurisdiction will be required to enact their own jurisdictional laws that mirror the national model laws. • The national OHS laws consist of a model OHS Act and model regulations, which will be supported by model Codes of Practice. This package of documents is referred to as model legislation.

  11. National Standard of Plant Application The provisions of this national standard apply to designers, manufacturers, importers, suppliers, erectors, installers, employers, self employed persons, and employees with respect to all plant Duties & General Requirements Hazard Identification, Risk Assessment and the Control of Risk, and relates to all plant. Registration of Plant Design & Items of Plant Evidence of Registration Notification of Compliance

  12. Standardization Institutes IEC (electrical standards) ISO (other standards: mechanical parts...) CEN (mechanical standards) CENELEC (electrical standards) SIS GOST BS CSA DIN NF ANSI UNE CEI JIS UL OSHA SAA (PCB making machines) ISO: International Organization for Standardization IEC: International Electrotechnical Commission CEN: Comité Européen de Normalisation CENELEC: Comité Européen de Normalisation Electrotechnique

  13. Standardization Bodies • All countries use IEC and ISO standards or adapt them locally. • All the main institutes work jointly with other international organizations.

  14. Australia Standards AS / IEC 61511 Functional safety Safety instrumented systems for the process industry sector Process Standards AS 3814 / AG501 Industrial and Commercial Gas Fired Appliances IEC 60079 series of explosive atmosphere standards, FPA / NFPA Refer AS 3000 rather than NFPA 70 Machine Standards AS 1755 Conveyor safety, AS 1418 Cranes, AS 1219 Power presses, AS 2939 Robot Cells AS 3533 Amusement Rides AS / IEC 61508 Functional safety of Electrical, Electronic and Programmable Electronic safety-related systems AS / IEC 62061 Safety of machinery AS4024 Safety of Machinery ISO 13849 Safety of machinery AS/NZS ISO 31000:2009 AS/NZS 4360:2004 has been superseded by AS/NZS ISO 31000:2009, Type A Type B Type C

  15. Introduction to IEC-61508 • The following image summarizes the existing standards that define the requirements for functional safety

  16. 3 Feb. 2010, common sense prevails: Graeme Kirk (Farmer) vs WorkCover* • Mr Kirk succeeded in having the decision of the Court of Appeal overturned in the High Court. The offences with which Mr Kirk and the company were charged did not identify the acts or omissions which constituted the alleged offences. Thus no measures which could reasonably practicably have been taken to obviate the risks could be identified and the defendants were denied the opportunity to properly defend the charges. • In making his ruling, Justice John Heydon said ”…it is time for the WorkCover Authority of New South Wales to finish its sport with Mr Kirk. The applications in the Industrial Court should be dismissed." • “This spells the end of what some people have called the reverse onus approach – guilty until proven innocent approach – to the legislation. • “It also has potential to be applied to the interpretation of the new national OHS regime which is due to commence in 2012. *refer case history in notes below

  17. Reasonably Practicable How WorkSafe applies the law in relation to Reasonably Practicable WORKSAFE POSITION A GUIDELINE MADE UNDER SECTION 12 OF THE OCCUPATIONAL HEALTH AND SAFETY ACT 2004 (November 2007) In applying the concept of reasonably practicable, careful consideration must be given to each of the matters set out in section 20(2) of the Act. No one matter determines ‘what is (or was at a particular time) reasonably practicable in relation to ensuring health and safety’. The test involves a careful weighing up of each of the matters in the context of the circumstances and facts of the particular case with a clear presumption in favour of safety. Weighing up each of the matters in section 20(2) should be done in light of the following: Likelihood Degree of Harm What the person knows about the risk and ways of eliminating that risk Availability and suitability of ways to eliminate or reduce the risk Cost of eliminating or reducing the risk

  18. Risk assessment process

  19. Danger and Risk • Most people have a misunderstanding between danger / hazard and risk. A danger is ever present whereas risk is the possibility of that danger happening. Consider the following two statements: • A hungry tiger is dangerous • A hungry tiger is risky • A hungry tiger is dangerous, but it is only a risk if it is in your vicinity. • We can avoid or reduce risk by bounding danger (tiger is locked in the ZOO, so the risk to be attacked is very low) ZOO Risks are events or conditions that may occur, and whose occurrence, if the event does take place, has a harmful or negative effect

  20. Overall safety life cycle 1 Concept 2 Definition of theoverall scope 3 Hazard andrisk analysis 4 Overall safetyrequirements 5 Allocation ofsafety requirements Overall planning 9 Safety systems:E/E/PES 10 Safety systems::other technology 11 External risk reduction Overall safetyvalidationplanning Overall Installationand commissioning planning 6 Overall operation andmaintenance planning 7 8 Realisation Realisation Realisation 12 Overall installationand commissioning Back to the appropriate overall safety life cycle phase 13 Overall validationof safety 14 Overall operation, maintenance and repair 15 Overall modificationand retrofit 16 Decommissioning

  21. The Requirement

  22. Safety - Acceptable Risk Level • Risk 0 does not exist but risk must be reduced to an acceptable level • Safety is the absence of risks which could cause injury or damage the health of persons. • It’s one of the machine designer job to reduce all risks to a value lower than the acceptable risk.

  23. Definition of Risk • The concept of safety is closely linked to that of risk which, in turn, not only depends on the probability of occurrence but also on the severity of the event. It is possible to accept a life threatening risk (maximum severity) if the probability of such an event is minimal. The level of risk is a function of both severity and probability of occurrence

  24. Risk Assessment for Machines

  25. Risk Assessment Flow Chart Analytical Stage Design Stage

  26. Design Process

  27. AS4024.2006 Safety of Machinery

  28. Severity Severity of injury S1 and S2 In estimating the risk arising from a failure of a safety function only slight injuries (normally reversible) and serious injuries (normally irreversible) and death are considered. To make a decision, the usual consequences of accidents and normal healing processes should be taken into account in determining S1 or S2. For example, bruising and/or lacerations without complications would be classified as S1, whereas amputation or death would be S2. S Taken from: ISO13849-1 Safety of Machinery

  29. F Frequency Frequency and/or exposure times to hazard, F2 and F2 A generally valid time period to be selected for parameter F1 or F2 cannot be specified. However, the following explanation could facilitate making the right decision where doubt exists. F2 should be selected if a person is frequently or continuously exposed to the hazard. It is irrelevant whether the same or different persons are exposed to the hazard on successive exposures, e.g. for the use of lifts. The frequency parameter should be chosen according to the frequency and duration of access to the hazard. Where the demand on the safety function is known by the designer, the frequency and duration of this demand can be chosen instead of the frequency and duration of access to the hazard. The period of exposure to the hazard should be evaluated on the basis of an average value which can be seen in relation to the total period of time over which the equipment is used. For example, if it is necessary to reach regularly between the tools of the machine during cyclic operation in order to feed and move work pieces, then F2 should be selected. If access is only required from time to time, then F1 should be selected. NOTE: In case of no other justification F2 should be chosen if the frequency is higher than once per hour. Taken from: ISO13849-1 Safety of Machinery

  30. P Avoidance • Possibility of avoiding the hazard P1 and P2 • It is important to know whether a hazardous situation can be recognized and avoided before leading to an accident. For example, an important consideration is whether the hazard can be directly identified by its physical characteristics, or recognized only by technical means, e.g. indicators. Other important aspects which influence the selection of parameter P include, for example: • operation with or without supervision; • operation by experts or non-professionals; • speed with which the hazard arises (e.g. quickly or slowly); • possibilities for hazard avoidance (e.g. by escaping); • practical safety experiences relating to the process. • When a hazardous situation occurs, P1 should only be selected if there is a realistic chance of avoiding an accident or of significantly reducing its effect; P2 should be selected if there is almost no chance of avoiding the hazard. Taken from: ISO13849-1 Safety of Machinery

  31. Risk Assessment Principles • Machines are sources of potential risk and the Machinery Directive requires a risk assessment to ensure that any potential risk is reduced to less than the acceptable risk • Risk assessment consists of a series of logic steps which make it possible to systematically analyse and evaluate machinery-related risks • Risk assessment steps: • Identification of the potential hazard • Risk estimation • Risk evaluation • EN/ISO 13849-1 => Performance Level (PL) • EN/IEC 62061 => Safety Integrity Level (SIL) • Risk reduction

  32. - d Risk Evaluation • On the basis of the risk assessment, the designer has to define the safety related control system. To achieve that, the designer will choose one of the two standards appropriate to the application: • either standard EN/ISO 13849-1, which defines performance levels (PL) • or standard EN/IEC 62061, which defines safety integrity levels (SIL) • The table below gives relations between these two definitions • To select the applicable standard, a common table in both standards gives indications: (1) For designated architectures only

  33. Standard EN/IEC 62061 • Specific to the machine sector within the framework of EN/IEC 61508: • gives rules for the integration of safety-related electrical, electronic and electronic programmable control systems(SRECS) • does not specify the operating requirements of non-electrical control components in machines (ex.: hydraulic, pneumatic) • The probability of failure associated with the required SIL (Safety Integrity Level) depends on the potential frequency of usage of the safety function to be performed Safety of Machinery application EN/IEC 62061

  34. Standard EN/ISO 13849-1 • The Standard gives safety requirements for the design and integration of safety-related parts of control systems, including software design. • The Risk Graph helps to determine the required PL (Performance Level) of each safety function • S - Severity of injury • S1 Slight injury (reversible) • S2 Serious or permanent injury or death • F - Frequency and / or exposure to a hazard • F1 Seldom to less often and / or short time • F2 Frequent to continuous and / or long time • P - Possibility of avoiding the hazard or limiting the harm • P1 Possible under specific conditions • P2 Scarcely possible

  35. Relationship Between Different Criteria • Relationship between Categories, DCavg, MTTFd and PL *In several application the realisation of performance level c by category 1 may not be sufficient. In this case a higher category e.g. 2 or 3 should be chosen.

  36. Basic concepts According to the requirements of standard EN/ISO 12100-1, the machine designer’s job is to reduce all risks to a value lower than the acceptable risk It gives guidelines for the selection and installation of devices which can be used to protect persons and identifies those measures that are implemented by the machine designer and those dependent on its user • This standard recognises two sources of hazardous phenomena: • moving parts of machines • moving tools and/or workpieces

  37. Safe Design “It is the control of the design and design-associated activity that leads to a responsibility as an obligation bearer, not their classification as a manufacturer, supplier, etc.”National Occupational Health and Safety Commision - Safe Design Project Report 2000

  38. Principles of Safe Design Principles of Safe Design (of equal priority) The key elements that impact on achieving a safe design are: Principle 1: Persons with Control – persons who make decisions affecting the design of products, facilities or processes are able to promote health and safety at the source. Principle 2: Product Lifecycle – safe design applies to every stage in the lifecycle from conception through to disposal. It involves eliminating hazards or minimising risks as early in the lifecycle as possible. Principle 3: Systematic Risk Management – the application of hazard identification, risk assessment and risk control processes to achieve safe design. Principle 4: Safe Design Knowledge and Capability – should be either demonstrated or acquired by persons with control over design. Principle 5: Information Transfer – effective communication and documentation of design and risk control information between all persons involved in the phases of the lifecycle is essential for the safe design approach. www.safeworkaustralia.gov.au

  39. Making it safe Hierarchy of Control

  40. Reasonably Practicable How WorkSafe applies the law in relation to Reasonably Practicable WORKSAFE POSITION A GUIDELINE MADE UNDER SECTION 12 OF THE OCCUPATIONAL HEALTH AND SAFETY ACT 2004 (November 2007) In applying the concept of reasonably practicable, careful consideration must be given to each of the matters set out in section 20(2) of the Act. No one matter determines ‘what is (or was at a particular time) reasonably practicable in relation to ensuring health and safety’. The test involves a careful weighing up of each of the matters in the context of the circumstances and facts of the particular case with a clear presumption in favour of safety. Weighing up each of the matters in section 20(2) should be done in light of the following: Likelihood Degree of Harm What the person knows about the risk and ways of eliminating that risk Availability and suitability of ways to eliminate or reduce the risk Cost of eliminating or reducing the risk

  41. Functional Safety Process and Machine

  42. Advancements in Technology Communications Integrated Functions Complex architectures 2010 1968

  43. Change of Standards The qualitative approach of the EN 954-1 is no longer sufficient for modern controls based on new technologies (Electronic and Programmable Electronic systems): insufficient requirements for programmable products, The reliability of the components is not taken into account, too deterministic orientation (designated architectures). Standard EN ISO 13849-1 will totally replace the EN 954-1 on 31 December 2011, and will upgrade the qualitative approach by the new quantitative(probabilistic) approach, which is consistent with modern safety standards. At the moment both standards EN 954-1 and EN/ISO 13849-1 are valid For complex machines using programmable systems for safety-related control, the sector specific standard EN/IEC 62061 has to be considered EN/IEC 62061 based on EN/IEC 61508

  44. Redundancy and Self-monitoring Redundancy Self-monitoring Consists of compensating for the failure of one component by correct operation of another, based on the assumption that both will not fail simultaneously Consists of automatically checking the operation of each of the components which change state at each cycle Qualitative Approach

More Related