This is explained by Fredrik Edholm, Product Manager for Pneumatics at SMC. He also notes that, as a supplier, they must ensure that their relevant products support the standard.
– At the core, an EU directive determines what has to be fulfilled from a safety perspective. Harmonised standards are then developed to describe how that can be done.
Step-by-step model for safety levels
The ISO 12100 standard helps define the steps that need to be considered in risk assessment and risk reduction for machines. The ISO 13849 and IEC 62061 standards then take over the assessment and verification of safety functions. The design of the safety-related parts of control systems is an iterative process involving several steps.
Step 1 – Define requirements for the safety functions
Step 2 – Determine the required Performance Level
Step 3 – Design and technical implementation of the safety functions
Step 4 – Determination of Performance Level and quantitative review
Step 5 – Verification
Step 6 – Validation
The standard includes a step-by-step model that determines which safety level is required for the system based on what the risk analysis shows.
– The risk assessment, which the customer performs, is carried out using a diagram in the standard. Among other things, it assesses how serious possible injuries may be, how often the risks occur and to what extent the risks can be avoided. The result of the assessment is the performance level needed for the individual safety functions that are to minimise the risks.
Different performance levels
The performance level is divided into five different levels, from a to e, where a represents the lowest risk and e the highest.
– If the level is PL a or PL b, one channel is sufficient. For PL d and PLe, two channels are needed. For PL c, one channel can often be enough. Two channels mean having two parallel control systems, so if one fails, the remaining one can still function.
The standard requires redundant systems for performance level d-e, which is why two channels are needed in the control system.
The trend is moving toward safety valves further out in the system
Once the customer has completed the risk analysis and established which risk level must be met, the next step is to choose the right safety function. In pneumatics, this has historically meant depressurising the system in the event of a risk of accident, which involves fitting a valve that vents the air, a “safe venting” function.
– A safety function for “safe stopping and closing” in order to quickly stop a cylinder movement that becomes dangerous if someone gets too close may be a much better alternative. This requires a combination of components such as directional valves, flow control valves and/or cylinder locks.
Validated by third-party bodies
SMC offers circuits that fulfil various safety functions according to the standard and that have been validated by the third party TÜV. They also have a support program called “pneusafe” that suggests which circuits are best suited for different safety functions and applications.
– The information we need from the customer in order to develop proposals includes a description of the machine function, identification of hazardous pneumatic movements, determination of the required safety function for the movement and establishment of the required performance level.
Once they have that information, they can propose a pneumatic circuit that matches the required safety function and PLr.
– The standard does not require systems to be validated by a third party, but we want to create additional confidence for everyone involved that the components and the chosen combination of components for different safety functions meet the requirements and are safe through a competent, independent and leading third-party body, Fredrik Edholm explains.
Approved products as well
The pneumatic circuits include a number of different products depending on the performance level selected.
– We have also validated the products individually to show that they fulfil different design requirements according to “well tried principles” and “basic principles”. One example of what we ensure with such validation is that a spring, for example, does not collapse completely if it breaks but instead maintains some function.
An important part of safety work is also to provide documentation showing that the product meets the requirements of the standard, since that is part of the machine manufacturer’s verification and validation.
– This concerns both design principles and service life data. The theoretical service life of the system must be determined in accordance with the requirements of the standard.
Increased requirements for cybersecurity
Another trend in industry is that new safety perspectives are being introduced in the new Machinery Regulation, which will replace the Machinery Directive in 2027.
– In the new regulation, the essential health and safety requirements have been updated. Most of them concern AI in combination with safety-related control systems, autonomous machines and cybersecurity. Requirements regarding how substantially modified machines are to be handled have also been clarified, Fredrik Edholm explains.
For SMC, the new Machinery Regulation will not significantly affect its offer, since the company is a component supplier providing parts that are included in the control systems.
– But you still have to stay on top of it, because the list is long and you need to make sure you apply it correctly. It will come into force from one day to the next. If you do not meet the new requirements on the day it takes effect, you may run into problems.
