Sticking to the speed limit

The Machinery Directive is long and complex. However, the specifications to cover each aspect of the design and manufacture of machines are helped by agreeing Standards.  ‘Harmonised’ standards across the EU give purchasers the confidence that a machine meets the requisite safety levels and presumes conformance to the Directive.

A list of Standards for the Machinery Directive can be found in the Official Journal of the EU, and each standard is one of three types. 

A-Type Standard – Relates to basic safety containing basic terminology, principles of design and general aspects that can be applied to all machinery.

B-Type Standard – Addresses a safety aspect or protective device that can be used in a wide range of machinery for example:

• ISO 13849-1: Safety of machinery – Safety-related parts of control systems - Part 1: General principles for design.

• IEC 61496-1: Safety of machinery – Electro-sensitive protective equipment – Part 1: General requirements and test.

C-Type Standard – Contains all safety requirements for a specific machine or type of machine. If this standard exists, it has priority over the A-type or B-type standard, for example:

• IEC 415-7: Safety of packaging machines – Part 7: Group and secondary packaging machines.

The relevant directives and standards are usually added to the machine builder’s declaration of conformity which has to accompany any machinery as per the Machinery Directive.

Speed monitoring is covered by B and/or C Type standards, depending on the machine in question. There are various machine speed parameters that could influence the risk of harm on a machine against identified limits. If the machine exceeds those limits then suitable measures are initiated.  Thus, the monitoring of the speed becomes a safety function.  Of course, there are many different types of machine; if a C-Standard exists for your machine, then you may find the speeds that have been agreed, though not always. Below are some examples from C-Standards and also what the B-Standard says about speed:

BS EN 693 covers the safety of hydraulic presses. It states that the closing speed shall not exceed 10 mm/s when using a hold-to-run control device. 

ISO 10218 covers the safety requirements for industrial robots (Part 2: Robot systems and integration).  The standard states that the maximum speed of the Tool Centre Point (TCP) shall not exceed 250 mm/s in manual mode and shall be possible only with the added use of an enabling device. 

ISO 13849 is a B-Standard and covers the general principles for design of Safety-related Parts of Control Systems (SRP/CS).  This standard can be used, where no C-Standard exists. There are no speeds quoted but it does state that when safety-related parameters deviate from their limits then appropriate measures shall be initiated.

IEC 61800-5-2 is a B-type standard and defines the safety functions for drives. It specifies the requirements and makes recommendations for the design, development, integration and validation of adjustable-speed electrical power drive systems which are suitable for use in safety-related applications in terms of their functional safety.

The Performance Level of the speed monitoring circuit may be defined in the C-Standard.  If no C standard exists, then ISO 13849 or IEC 62061 can be used. If, for example, a safe speed is identified as a condition for locking or unlocking a gate, then this would form part of the safety function and should undergo the same functional safety design process as the interlocking function.

ISO 13849 and IEC 62061 both outline a method for determining the required safety performance level for a safety function.  Each method can be used to determine the required performance level (PL), or the required Safety Integrity Level (SIL) respectively:

Once the required safety performance level has been determined, the speed monitoring control system can be designed. 

Speed monitoring can be implemented are either externally, when the safety is implemented outside the drive and the speed controller requires feedback or, internally, where the safety feedback is inside the drive as an integral function.

Either way, it is common to use rotary encoders and, as a general rule, when used with appropriate and relevant associated speed monitoring equipment, a single encoder can give you PLc/SIL1 and two encoders can achieve up to PLe/SIL3. 

There are also encoders designed specifically for safety – such as SICK’s DFS60S Pro (a safety-rated Sin/Cos encoder).  If such a Sin/Cos encoder was used with a compatible safety controller, such as the SICK Flexi Soft, it would provide a SRP/CS that achieves PLd/SIL2.

In summary, speed in machinery is an important parameter with respect to safety and should always be considered as part of the risk assessment.  C-Type and B-Type standards can give guidance; however, risk assessment tools do not replace good engineering judgment but aid it.  Careful consideration should be given to the determination of the required safety performance level of a speed monitoring circuit and it should be designed accordingly.