1. Life stages
The first common mistake is about life stages of products. It seems, that some manufacturer have not considered that their machine also needs to be repaired and maintained. In some cases there has not even been thought about how much space there is needed to be able to execute these tasks. Control boxes with decentralized periphery are difficult to access in safety areas, so that no maintenance engineer is able to connect a measuring device to terminals under production conditions in order to test the power supply if necessary.
Engines, cylinders, hoses, and other components are located in such inaccessible areas that half of the machine must be disassembled before one is able to reach the fittings of a defective hydraulic hose.
Looking at it from the outside, machines often give a solid impression and are perfectly secured for normal operation, which is also reflected in the risk assessment. However, the hazards to which people are exposed during cleaning, maintenance and servicing are often neglected: lack of access to higher-level system components, poorly accessible system components and missing control panels for adjustment work from the outside of the safety area.
Nevertheless, the staff is resourceful and still doing their job – sometimes with breakneck maneuvers over slippery steel parts. Because the manufacturer does not think too much about hazards during all life stages of a machine, there are often serious accidents outside the normal operation. Another problem is that, due to inaccessible machine parts, a repair is supposed to take much longer than it would have to and unnecessary production losses incur.
2. Estimation of risk
The level of risk must be determined before the choice of protective measures. According to standardization, a risk is a function out of the damage and the likelihood of occurrence. Therefore, often only these two criteria are considered for classification. The fact that the number of people at risk, the frequency of access and the qualification of the staff play a role in the choice of the likelihood of occurrence has usually not been considered. Hazard rating systems are not described in more detail by the standard, which is the reason for the existence of various self invented rating methods. In order to reach the required criteria by the harmonized standard, always try to use a proven system such as the HRN (Hazard Rating Numbers).
If a hazard has been identified and measures have been taken to minimize it, it must be determined at the end whether the risk has been minimized sufficiently. This requires a re-evaluation of the risk. If the residual risk is negligible, the risk assessment was successful. If not, further measures must be taken to ensure safe use.
3. Neglect of the three-step method
Basically, measures against existing hazards are determined according to the so-called three-step method. Unfortunately, the risk assessment has often started too late, so that no influence on the first level, the inherently safe construction, can be taken. But only at this stage it is possible to eliminate hazards. The complementary and other technical safeguarding measures will then be defined in the second stage, if necessary. These are things like covers, safety fences, light curtains and pressure sensitive equipment. Nevertheless, individuals must be protected and informed additionally. In which manner this has to be done is determined in the last of the three stages.
Indications such as “Do not reach into the running machine” indicate that the application of this three-step method has not been taken into account. It is not only existing in standardization, but also part of the Machinery Directive. In such cases conformity is out of question.
4. Functional Safety
As already mentioned, light curtains and all equipment that influence the machine control system belong to the second stage of the procedure described above. The expected quality of this safety function is indicated by the performance level (PL) and carried out during the risk assessment. Unfortunately, the PLr (r = required) to be determined using the
risk graph from the first part of the EN ISO 13849 standard, is sometimes not considered. The result is that the designer, who designs the control system, does not know whether it must switch off by single or two channel wiring when a protective function is triggered. The PL has even a direct influence on the design of safety functions.
At the end of the process, the PLr must be validated. This arithmetic test shows at the end whether the circuit actually meets the requirements of the risk assessment or whether it needs to be improved. Unfortunately, risk assessments are shown to us regularly, in which there is no trace of performance levels and thus it is not proven whether the required protection goal of a machine has actually been achieved.
5. Proper Warning
The last common mistake is part of the third level of a risk assessment, the user instructions to minimize risks: Operating instructions, which are covered with warning labels all over the pages try to reduce the probability of horror scenarios and consequences of death. For the reader an imposition and for the manufacturer in the case of an assessment a problem. The warnings and safety instructions on machines and in the user manual are based on the risk assessment. Too many warnings in the manual are supposed to have two causes: either the author of the user manual did not know the risk assessment or the risk assessment actually requires hundreds of these warnings. If the second is true, presumably the first and second stages of the risk assessment were not properly implemented and an unsafe machine was build. Warning and safety instructions on the product and in the manual should always be the last option of avoiding dangers and warn the staff only of existing residual hazards. In any other case the risk is supposed to be minimized by constructive measures or by of safety devices. Anyone who sticks to it will avoid being over-warned in the manual.