Machine Safety 3

[itsmoked]

An automated saw.

Occasionally the blades must be manually hand replaced. It's being done while the machine is in standby. I suspect this isn't OSHA approved, as I understand it, "the energy source has to be removed", from the motion generating device.

At issue is the time required to power down and reboot a large machine tool including its loss of position etc., etc.

The classic method would be to put in a manual disconnect in the motor leads - probably lockable.

I'm wondering about alternatives. Is a contactor capable of providing the mechanical disconnection? If so, can something like a key switch in the control(coil) circuit of the contactor acceptable?

Keith Cress
kcress -

http://www.flaminsystems.com

 

[123MB]

Indeed the IEC standards would prescribe a risk assessment that takes into account how long it takes to do this activity, the severity of the hazard, possibility of avoidance, etc etc.. the result would be a safety integrity level which prescribes the equipment, structure and design principles to be applied to a safety system. I.e. the use of 2 contactors in series, overdimensioning, monitoring the system for faults like cross shorts and shorts to other voltages.

If it is 'impracticable' to isolate the machine, the highest safety category you could apply to an engineering control would be the Category 4, which would result in deenergisation of energy sources such that a single fault cannot lead to loss of the safety function, all faults in the system are detected before the next demand on the safety function, and an accumulation of faults can't lead to loss of the safety function. Depending on the complexity of any logic you need you can get standalone relays (i.e. by Pilz) that can implement a safety function like this. If there is any complex logic, then you might be looking at safety capable logic solvers i.e. AB Guardlogix or Pilz Multi.

If these are electrical energy sources this would look, in practice, like two contactors with their contacts monitored for welding; dual channel input devices (i.e. gate switches' with a suitable logic solver to detect faults with these devices that would cause a loss of safety, i.e. shorts to other voltages, cross shorts, etc.

See EN954, AS4024.1, BS EN 60204, 13849

And you shouldn't use shunt trips to implement safety functions as they are generally not fail safe (i.e. they are energise to trip)

 

[oldfieldguy]

Scotty-

Thank you!

We at the stage of crying real tears over the implementations of NFPA 70E-2015 in the USA, where compliance with the SAFETY standards introduces MORE reliability hazards.

My company and others are struggling to determine how to comply.

I liken it to a law that is begging to be broken at every turn.



old field guy

 

[waross]

Been there Scotty. Well said.
We had an issue that was solved by one safety coordinator. After he left, there was an issue with his solution and another, more expensive solution was implemented. Unfortunately the issue was caused by human error (A worker did not know how to properly connect a trailer ball hitch.) The solution did nothing to address the lack of knowledge and training and the probability of a similar accident AFTER the fix was exactly the same as the probability before the fix.
There is a distinction; Safety regulations versus safety implementation.
And then there was the stone aged supervisor who uses ridicule, belittlement and abuse as management tools. An often heard phrase around his workers was;
"Safety as a weapon!"

Bill
--------------------
"Why not the best?"
Jimmy Carter

 

[crshears]

Hi all,

I've heard that in Ontario, Canada it is no longer permissible for ESA approved electricians to work within energized electrical meter boxes; electrical isolation of the box is mandatory.

I was told by an electrician that this came about due to an incident im Brampton where a fully competent electrical engineer who was nevertheless NOT a competent and qualified electrician, attempted to perform some manner of work inside the meter box at his residence.

There was a flashover that resulted in burns to the man's face and permanent damage to his eyesight.

Reportedly the man brought suit against Brampton Hydro, and prevailed [I know no further details] - which led to the ruling that henceforth all such work could only be performed with the equipment in the isolated state, never mind that for many years electricians have used diligently applied cover-up to guard against any unplanned electical contact with exposed live parts.

Somehow human error appears to be undergoing either a metamorphosis or a disappearing act, I'm not sure which, the result being that everybody and his dog is being forced to attempt moving heaven and earth just so that calling an idiot an idiot can be avoided.

Maybe I'm out of step with the times, but if I'm being an idiot I'm hoping someone will have the common decency to tell me so.


CR

"As iron sharpens iron, so one person sharpens another." [Proverbs 27:17, NIV]

 

[LionelHutz]

I'm with 3DDave. Ridiculing safety is ridiculous. No matter how much you grump and complain about how it's always been this way without any incidents so there's no real reason to change besides regulations, a simple line contactor should never be used as the safety isolation means. As engineers, one of our jobs is to ensure a safe solution that protects the workers, regardless of it being legislated or not.

I bet the people who suffered through an arc flash event and now have permanent burns and hearing and/or eye damage wished they were wearing appropriate arc flash protection. It's amazing how many people still bitch about the use of arc flash protection seemingly because they have the attitude that "It will never happen to me." If you don't like the suits then do an arc flash study that proves a lower level of protection can be used. In some cases, you should also do a study to ensure the suit will provide enough protection. Both cases exist in the workplace, with the latter case having resulted in deaths.

 

[ScottyUK]

Lionel,

I wasn't ridiculing safety. I'm one of the loudest voices in our plant when it comes to safety. I'm firmly of the opinion that safety comes from understanding the hazard and understanding how to mitigate it. I am ridiculing those who impose ill-conceived blanket solutions when they don't have an adequate level of knowledge to either understand the risk fully or to identify appropriate mitigation. These make my job and the jobs of my workmates more difficult and more dangerous. I get frustrated when I see what may be a good solution in one set of circumstances blindly applied to other circumstances where it makes the task less safe.

Racking in a breaker? Wear an arc suit. Better still, rack it remotely if you can do so: spend the money on eliminating the risk instead of providing PPE to hide from it.

Have you ever tried undertaking complex fault-finding in an arc suit? You're dizzy from the stale air you've been breathing for 20 minutes, you can't see because a river of sweat is pouring down your brow, and you're peering through the steamed-up green visor of a hood which keeps dropping forward over your eyes while you fumble with test gear using gloved fingers the size of bananas. And as a result you're not concentrating fully on the task at hand because you are so distracted by the discomfort you're in. Outcome? You make a mistake, and you get to find out whether the suit really works or not.

My point is that by making the task 'safer' by using the arc suit, the likelihood of the arc flash event you're protecting against actually happening, dramatically increases.


And yes, I totally agree - a line contactor is absolutely not an acceptable isolation device.

 

[davidbeach]

I think that what Scotty is getting at is the difference between safety and safety theater (or safety theatre as he might put it) . One will ensure you go home in one piece at the end of the day; the other will make the regulators happy. There is some overlap but it is far from total.

 

[melspuds]

Beautifully said dave beach.
Dave

 

[crshears]

I ditto melspuds comment; well said, davidbeach.

I also like ScottyUK's approach of providing remote breaker racking facilities, since that way you won't be PROVING the bomb suit works; better to just not be where the arc flash can damage you. After all, if it works for the dental hygienist who can only activate the X-ray machine while standing behind a shielded wall...

I also agree with ScottyUK that if you're engaged in an activity where arc flash hazard is either extremely unlikely or has been properly mitigated, there is diminishing value in working in a bomb suit. In my view, provided proper procedures are diligently followed by competent and qualified personnel working with the right equipment for the job, meaning no corners are cut, EVER, accidents are preventable; by the same token, overkill "safety" precautions can acually increase the risk of error or injury.

CR

"As iron sharpens iron, so one person sharpens another." [Proverbs 27:17, NIV]

 

[LionelHutz]

Scotty, it's not just you. Almost right from the start, this thread has had the general attitude that the system in question needs to be improved just to meet regulations, and not because it is unsafe and should be upgraded to ensure the workers go home safe every day regardless of what any regulation says.

I completely understand the difference between really being safe and a "safety theater". But, wearing an arc flash suit when it is required is not just appearing to be safe. I can agree the scaffolding could be an example of just appearing to be safe.

So, what do you propose to do with the suits? Get rid or the suit to lower the chance of causing an arc flash but accept being seriously injured or dying if an arc flash event does happens? Sorry, but trading the risk of causing an arc flash with the risk or injury or death is not an acceptable trade-off no matter how you try to argue it. You've posted 2 times now that doing this testing/troubleshooting while wearing the suit could cause an arc flash so you don't seem to be arguing a case of wearing the suit due to some wrongly perceived arc flash danger. I did post that you should do an arc flash study to determine what protection is required, which eliminates cases of wearing the suit when it's not required.

Once again - as engineers, one of our jobs is to ensure a safe solution that protects the workers, regardless of it being legislated or not. This means come up with something that provides actual real safety to the best of our ability, not just some crap to make it appear you're being safe.

 

[ScottyUK]

Hi Lionel,

What do I propose? I'm saying that the use of PPE shouldn't be the immediate go-to option. Under British safety legislation PPE is the last resort: from memory the regulator's opinion is in this order: eliminate the risk at source; substitute with lower risk alternative; engineered controls (i.e. control the risk by design); procedural controls; PPE. In the electrical world the first two options are rarely an option, so most days my list starts with engineered controls. Before you arrive at a PPE-based solution you have to exhaust all the other options to the point where you could justify - possibly in a courtroom - your choice not to deploy them, either on grounds of technical difficulty or disproportionate cost.

Have you seen this style of risk ranking matrix before? I think they're fairly commonplace, at least over here. Many use a 5 x 5 numerical system to 'score' the risk, but this example has a few words of explanation around it.

What it essentially says is that an activity which has a relatively high probability of occurring but has a moderately severe outcome has a similar risk rank to one which is very remote but has a catastrophic outcome. I'm applying that reasoning to my argument above regarding the use of arc suits.


If OSHA was really serious about reducing arc-flash injuries they would prohibit locally-operated non-arc-rated equipment from being installed. Without legislation, industry won't generally pay the premium for arc-rated equipment, even though designing out the hazard is a better solution than trying to control it with PPE. The PPE manufacturers and the consultants who undertake arc hazard studies have played on a genuine concern and generated a self-sustaining industry to 'manage' the hazard, but the PPE itself introduces other risks which are not always properly considered by people who haven't used it and don't appreciate the difficulties.


davidbeach - "safety theatre"? I will remember that phrase!

 

[waross]

Safety???
In part of the petroleum industry, Lock-out tag out now does not include a positive verification that the correct circuit has been locked out.
Test Before Touch is the mantra. Yes a very good idea but this does not replace a positive verification.
On many sites, workers lock out based on the prints and labeling. A final verification by point to point testing or other methods when point to point is not suitable is not allowed.
Management accepts this and to challenge this is to put a career in jeopardy.
Prints may be wrong and labels may be wrong.
Back in the day when positive verification was part of the lockout procedure it was not uncommon for a circuit to pass a Test Before Touch test and then fail the positive verification. The prints were inaccurate, or the labeling was wrong, or the electrician made a mistake but was able to correct his mistake before he put himself at risk.
Despite this safety departments persist in making engineering decisions for which they are not qualified by training and/or experience.
The word "SAFETY" is often used interchangeably to describe, on the one hand, an environment free of hazards, and,on the other hand, the regulations and departments responsible to provide a hazard free environment.
When I started working on construction, accidents death and dismemberment were common. Today there may be more action such as safety stand-downs and investigations then there used to be in the event of a workplace death.
That's a good thing.
As for the regulations and departments responsible to provide a hazard free environment, ???????

Bill
--------------------
"Why not the best?"
Jimmy Carter

 

[LionelHutz]

The suits will lower the risk level in a risk matrix. The suit moves you 5 columns from the right side to the left side while only moving up 1 or 2 rows. The typical matrix I have seen only uses a consequence of 5 for a death and the whole left column is also typically classified as not an acceptable risk. But, lets use your chart. You see the risk as moving from 4-4 or 5-5 or 6-6. I see the risk as moving from a 6 to 3. This difference of opinion points out one of the problems with using a risk matrix.

You seem to think OSHA is just pushing using a suit as the go-to protection. Lock-out and tag-out & remote operation are both given as better options. OSHA doesn't run around telling everyone "Just throw on an arc flash suit." One of the biggest safety movements is forcing management to take safety more seriously. Bill C45 is partly responsible for this in Canada. The downside is that management get overly zealous in their attempt at implementing safety.

ARC rated equipment is only arc rated when the doors are bolted closed. It's not a better blanket solution than the an arc suit. There are also many applications where the risk can be kept minimal without using arc suits or arc rated gear.

 

[ScottyUK]

"The suits will lower the risk level in a risk matrix." They will reduce the consequence of an arcing event, hopefully from possible fatality to survivable burns or better. Whether that reduces the risk or not also depends upon the effect of the suit on the probability of the event. In my opinion an arc suit gives you a higher probability of surviving an event which is at least a couple of orders of magnitude more likely to occur. Is that a move in the right direction? You think yes, I'd argue that in some circumstances the answer is no. Risk analysis is at best an imprecise science based on judgement and opinion, so I'm happy to politely disagree on this.

It's been an interesting discussion, it's good to hear others viewpoints from those who work under different safety regulations.

Have you ever encountered the 'ALARP' principle? ALARP, or "As Low As Reasonably Practicable" is a phrase which occurs often in UK safety legislation. It is less onerous than "physically possible"; instead ALARP allows a reasoned evaluation of risk, cost, benefit, number of persons affected, value of plant affected, etc. in order to reach a decision. It's a good system because it doesn't try - and inevitably fail - to legislate for all possible risks, but it puts the responsibility squarely on the risk holder to show good judgement because what is or is not 'reasonable' only gets determined afterwards, at an inquest or public inquiry.

http://www.hse.gov.uk/risk/theory/alarpglance.htm

 

[controlsdude]

Worked on something similar. The disconnect was local with an aux contact to pull the enable on the vfd drive by either hardware method or thru the PLC, the encoder was changed to absolute encoder to reduce homing cycle. Of course PLC power was never turn off.

 

[berkshire]

In part of the petroleum industry, Lock-out tag out now does not include a positive verification that the correct circuit has been locked out..
When did this get changed?
I am now retired, but part of " Tag out lock out zero energy state. ", was to ensure that all forms of power were off by multi meter, spit gauge, or pressure gauge reading before touching the part in question.
B.E.


You are judged not by what you know, but by what you can do.

 

[waross]

You miss the point. Zero energy state is a no-brainer. The purpose of lock-out is to ensure that the circuit stays at zero energy state. A lock on the wrong circuit does nothing to protect against unexpected energization.
Part of the lock-out procedure used to be a final check of some sort such as a point to point check that the lock was, in fact, applied to the correct circuit. This was a final check that the lock was on the correct circuit and there were no issues with inaccurate prints, (seen that) wrong labels, (seen that) mistakes by the person directing the lock-out (lock-out authority, seen that) or by the worker applying the lock (seen that also).
The mantra of the safety cretins is "Test Before Touch". Yes, that is a really good idea, but it in no way proves that there is a lock on the circuit.
If "Test Before Touch" proves that the circuit is safe, why bother to put on a lock? Well that would be to ensure that the circuit stays safe.
Does "Test Before Touch" prove that there is a lock on the circuit? The logic of sets, good engineering practice and experience says no. Safety cretins and middle management says yes.
Bottom line;
WORK IT LIKE IT"S HOT!!!

Bill
--------------------
"Why not the best?"
Jimmy Carter

 

[Compositepro]

Waross, excellent points.

 

[Parchie]

Or: "Never work on a thing that's live" to be sure.

 

[berkshire]

waross,
WORK IT LIKE IT"S HOT!!!
My father who was an electrical engineer used that creed, it stood him in good stead. He was working on a circuit in a school one day where a breaker had only been installed on the hot leg of a circuit. When he checked the circuit, with the breaker off, he found an energy path between the neutral leg and the ground/earth sufficient to blow a 30 amp fuse. Needless to say that got corrected quite quickly.
B.E.

You are judged not by what you know, but by what you can do.