The evolution of integrated safety logic

Two decades after its introduction, machine safety technology keeps getting more interesting. Safety in a machine-control context was born in 1996 with the EN 954-1 standard allowing only relay logic or simple electronics. Although process industries have widely used programable safety controllers since the 1980s, it wasn’t until 2002 that NFPA 79 finally allowed for programmable safety controllers in machines.

Today, integrated safety logic has found its way into a great variety of industrial devices, such as DIN-rail or machine-mounted safety I/Os and servo-drive systems. This proliferation of safety hardware and architectures means machine builders can introduce far more safety functionality in more places to better protect people, equipment and products.

Mike Bacidore is joined by Christopher Woller, safety product manager at Beckhoff Automation to talk about the evolution of integrated machine safety.

Transcript

Mike Bacidore: Assuming everyone agrees that integrated safety is here to stay, it may still take many different implementation forms. What are the different architectural possibilities?

Christopher Woller: There are really four different architectures with increasing capability and scalability.

The simplest is stand-alone control, which allows for safety applications without control system integration. One vendor’s programmable safety controller can exist alongside any control system or retrofit older equipment with no control system.

Then comes compact architecture. Much like stand-alone control, individual safety controllers operate independently of each other without coordination, but they are networked into a larger control system. Now higher-level systems can monitor individual safety hardware and functions.

Next, centralized control harkens back to the original integrated-safety-over-fieldbus concept of the early 2000s. A single controller governs the entire network of safety devices, enabling larger applications with increased complexity.

The most flexible option is distributed control. In these architectures, a network of safety devices like I/O or drives contain their own safety logic, and they manage local safety functions. This higher level of safety communication allows for passing around larger safety functions like E-stops or coordination among local devices.

Mike Bacidore: What implications do physical and software architectures have on the machine builder from a technical standpoint?

Christopher Woller, safety product manager, Beckhoff Automation

Christopher Woller: It’s really about choosing the best architecture for the job. Balancing the flexibility to choose while maintaining existing programming becomes really important. Take a press brake from the 1940s, for example. It will probably employ simple relay logic and basic hydraulic systems. A stand-alone safety controller could be easily added with only small alterations to the original design.

However, maybe the same press brake manufacturer produces a sectional machine line today. In that case, a distributed architecture could break down huge applications with high complexity into bite-size chunks. Those modules can then interact as required.

Every machine builder will end up with all these architectures. So implementing the simplest and most complex safety architectures on a universal platform offers serious engineering efficiency.

Mike Bacidore: How does that translate to commercial impacts?

Christopher Woller: There are huge commercial impacts—for machine builders and end users. It propagates. Very few machine builders build just one machine. They’ll leverage several architectures because it really isn’t a one-size-fits-all.

Streamlining really becomes the name of the game. If an OEM uses Manufacturer X for safety, then needs platforms A, B, C and D for the architectural flexibility requirements, that’s not efficient.

Even worse, say that same OEM needs three or four different safety manufacturers. That’s not efficient either. Multiple platforms get expensive with training, different hardware installation, software maintenance and multi-vendor sourcing.

4Distributed logic offers a unique selling proposition for OEMs building modular machines. Distributed logic results in considerably less downtime for the customer when adding modules.

And when it comes to that trickle effect, end users inevitably end up with every architecture mentioned. They need to stay running to make more money, and they can do this by minimizing their safety platforms and resolving issues faster.

Training on fewer platforms ultimately means stocking fewer replacement parts on the shelf. Getting all the flexibility and scalability you need on one platform, under one roof, ultimately means making more money.

Mike Bacidore: What resources can machine builders leverage to enhance their functional-safety design skills?

Christopher Woller: Technology vendors are a great resource for fundamental design information, but there’s always bias. A good place to start is with OSHA, the standards themselves, industry organizations and many of the testing labs.

In the U.S., OSHA 1910.212 is the generic regulatory standard that end users are going to be held accountable to regarding the general requirements for their machines. It’s not particularly complex, but you should be familiar with it.

The standards themselves—IEC 61508, ISO 12100, ISO 13849, IEC 62061—are generally considered the basis for machine safety. However, U.S. standards like the ANSI B11 series offer further contextual information.

Explanatory information leads to a deeper understanding much faster, and the ANSI B11 standards receive more frequent updates because they’re not subject to the EU’s Machinery Directive. New technology is explicitly addressed much faster.

One of my favorite organizations is Germany’s Institute for Occupational Safety and Health (IFA). They’ve published incredible resources for both machine builders and end users. Case in point: functional safety of machine controls (IFA Report 2/2017e) and safe drive controls with frequency inverters (IFA Report 4/2018e). These read like how-to books.

The testing labs are also fantastic resources. UL—along with TÜV SÜD, NORD and Rheinland—offers functional safety training. UL even combines functional safety and cybersecurity. Today, one can’t really exist without the other, especially in an industrial environment.

Mike Bacidore: What other considerations should OEMs make regarding integrated safety architectures in the equipment they’re building?

Christopher Woller: Ask lots of questions during the design phase. Consider the life cycles of the machine, line and plant. How do the machines interact with each other? How are the machines expected to interact with each other tomorrow? Can my machine architecture easily change — to become modular, for example — down the road?

The more questions you ask now, the more likely you are to choose an architecture and platform that will serve you well into the future.