Modern safety legislation charges employers with duties that include making the workplace safe and free of risks to health, ensuring that plant and machinery are safe and that safe systems of work are established and followed. There is thus a need to assess the risks in the workplace.
This means looking for hazards, that is, anything that can cause harm, deciding who might be harmed and how, evaluating the risks that somebody will be harmed by a hazard and whether existing precautions are adequate or whether more needs to be done to reduce the chance of harm occurring, recording the findings, and reviewing and revising the assessment, if necessary.An important standard is IEC 61508: Functional Safety of Electrical/Electronic/ Programmable Electronic Safety-Related Systems.
The standard is in seven parts, as follows:
Part 1: General requirements;
Part 2: Requirements for E/E/PE safety-related systems;
Part 3: Software requirements;
Part 4: Definitions and abbreviations;
Part 5: Examples of methods for the determination of safety integrity levels;
Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3;
Part 7: Overview of techniques and measures.
To provide functional safety of a machine or plant, the safety-related protective or control system must function correctly, and when a failure occurs it must operate so that the plant or machine is brought into a safe shutdown state.
PLC Systems and Safety
Safety must be a priority in the design of a PLC system. Thus, emergency stop buttons and safety guard switches must be hardwired and not depend on the PLC software for implementation, so that, in a situation where there is a failure of the stop switch or PLC, the system is automatically safe. The system must be fail-safe. Thus if failure occurs, the outputs must revert to a fail-safe mode so that no harm can come to anyone. For example, the guards on a machine must not be open or be capable of being opened if the PLC fails.With a PLC system, a stop signal can be provided by a switch as shown in Figure.
This arrangement is unsafe as an emergency stop because if there is a fault and the switch cannot be operated, then no stop signal can be provided. Thus to start we momentarily close the push-button start switch and the motor control internal relay then latches this closure and the output remains on. To stop we have to momentarily open the stop switch; this unlatches the start switch. However, if the stop switch cannot be operated, we cannot stop the system. What we require is a system that will still stop if a failure occurs in the stop switch.
We can achieve this by the arrangement shown in Figure. The program has the stop switch as open contacts. However, because the hardwired stop switch has normally closed contacts, the program has the signal to close the program contacts. Pressing the stop switch opens the program contacts and stops the system.
For a safe emergency stop system, we need one that will provide a stop signal if there is a fault and the switch cannot be operated. Because there might be problems with a PLC, we also need the emergency stop to operate independently of the PLC. Putting the emergency stop in the input to the PLC gives an unsafe system (Figure).
Figure shows a safer system where the emergency stop switch is hardwired in the output. Pressing the emergency stop button switch stops, say, a running motor. When we release the stop button, the motor will not restart again, because the internal relay contacts have come unlatched.
Emergency Stop Relays
Emergency stop relays are widely used for emergency stop arrangements, such as the PNOZ p1p from Pilz GmbH & Co. This device has LEDs for indicating the status of input and output circuits, the reset circuit and power supply, and faults. However, the base unit can be connected via an interface module so that its status can be read by a PLC. This interface isolates the output from the emergency stop relay from the signal conditioning and input to the PLC by means of optoisolators. Thus, though the emergency stop operates independently of the PLC, it can provide signals that a PLC can use to, say, initiate safe closing-down procedures. Figure illustrates this idea.
A simple emergency stop relay in which operation of the emergency stop button breaks the control circuit to the relay, causing it to deenergize and switch off the power (Figure), has the problem that if the relay contacts weld together, the emergency Stop will not operate. This can be overcome using a dual-channel mode of operation in which there are two normally closed contacts in series and both are broken by the action of the relay deenergizing (Figure). Safety can be increased yet further if three contacts in series are used, one using normally closed contacts and the others normally open contacts. Then one set of contacts has to be deenergized and the other two energized.
In designing control systems, it is essential that personnel are prevented from coming into contact with machinery while it is active. This might involve:
Thus a safe-operating system for a work cell might use gated entry systems, such as guards on machines that activate stop relays if they are not in place, light curtains, and emergency stop relays.
Safety PLCs are specially designed to enable safety functions to be realized. In a safety PLC there can be two or three microprocessors that perform exactly the same logic, check against each other, and give outputs only if there is agreement. An example of such a PLC is the SIMATIC S5-95F. This is a two-channel system with two identical subsystems that communicate with each other via a fiber-optic cable link. The inputs from the sensors are fed simultaneously to both subsystems. During operation, data is passed between the two subsystems via the fiber-optic cable. They operate in synchronism with the same program and compare input and output signals, the results of logic operations, counters, and the like, and automatically go into a safe-stop condition if there are different outputs or internal faults or failures. For safety-related digital outputs, actuators are switched on or off from both subsystems. This means that one subsystem alone can shut down equipment.
Programmable Logic controllers Related Interview Questions
|Electrical Engineering Interview Questions||Instrumentational Engineering Interview Questions|
|BHEL Interview Questions||Variable Frequency Drive(VFD) Interview Questions|
|HMI Development Interview Questions||Electrician Assistant Interview Questions|
|Plc Scada Interview Questions||Control Valves Interview Questions|
|Electrical Power System Interview Questions|
Programmable Logic Controllers Tutorial
All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.