One big claim and you're dead
Tom Shelley reports on legal matters which designers need to pay particular attention to and why
The single biggest issue that designers have to take into account when designing new machines is to ensure that they conform to all the latest legal requirements for safety.
Failure to address these issues will not merely guarantee trouble for their customers, it is likely to ruin them, and the supplying company as well.
The maximum penalty in the UK for the supply of machinery not conforming to the extensive requirements of the Machinery Directive is only three months imprisonment and/or a £5,000 fine. However, the regulations also give the authorities the power to force manufacturers to recall or replace faulty product, and leave the suppliers of the machinery and its owners wide open to civil legal action.
Talking to local solicitors in North Kent, we learned that there are still far too many accidents where workers end up losing a hand or some other bodily part in a machine. Protective guards are usually in place, but at some crucial moment, fail to function, often because somebody has tampered with them.
Robert Harvey of the Medway company, Stephens and Son told Eureka that according to the Judicial Studies Board Guidelines, loss of a hand will lead to a claim for £50,000, which "will probably be more like £60,000", plus legal costs. The employer and/or the supplier of the machinery is liable if it can be shown that either the machinery was "defective" or that a proper risk assessment was not carried out.
We have been told that not too long ago, an accident elsewhere was quickly attended to not only by the arrival of an ambulance, but also by representatives of the Health and Safety Executive and the police. The former, who arrived first, immediately turned off the power to the part of the factory where the accident had occurred, and it remained shut down until they had completed their investigation. Before they had finished, not only had production been lost, but employees had left, because they needed to find paid employment elsewhere while production was shut down and also because they were disgusted with the employer.
Shorter and Company, an insurance broker we consulted in Chatham said that employee liability insurance can be as low as £100 per year per employee. But just like car insurance, having to make a major payout is likely to result in a very large increase, if the insurance firm is willing to continue to provide cover at all. He said it was becoming increasingly difficult to find companies willing to provide this kind of cover, since sizes of successful claims are becoming larger, and insurance companies are increasingly having to close their books to new business. As a result of the 1969 and subsequent Employers Liability Acts, employers are legally required to have such insurance. In the event of not being covered by insurance, Shorter said that the result of an industrial injury claim would mean that, "The company being sued would just fold."
We happen to know of one really hard minded local employer (not in manufacturing as it happens) who boasted that the solution to his particular problem was to employ illegal immigrant labour on the basis that they were cheap and would not complain if anything went wrong. Without going into the details, we can reveal that his employees were not only cheap, but also not very good at their job, with the result that his business ended up being closed down anyway, leaving him with an increased debt burden.
So manufacturing firms who wish to remain in business must pay maximum attention to safety, and designers and suppliers of machinery have a vital interest in ensuring that their equipment is as safe as possible to use and that it conforms to all the latest European harmonised standards.
According to the official list published on the web, there are currently 408 of these, with the caveat that the list, "may not be complete."
In the light of this, a statement to Eureka by John Popham, managing director of Pilz UK that, "There is a marked lack of understanding in the market," is something of an understatement. One consequence, he said, is that "We are now going to start charging for the advice on safety we have up to now been giving for free. You can't find all you need to know on the Internet and there are not too many people with the necessary in-depth knowledge."
Pilz not only designs and produces products to enable customers to conform to safety standards, it uses a new and all-encompassing safety standard itself. This is IEC 61508, now also BS EN 61508, entitled, "Functional safety of electrical/electronic/programmable electronic (E/E/PE) safety-related systems." (The IEC is the International Electrotechnical Commission, based in Geneva). 61508 started out as a generic safety standard in the 1960s, and according to Pilz, "Is very heavily supported by the UK's Health and Safety Executive (HSE)". The standard is also favoured by CASS, (Conformity Assessment of Safety Standards) and body set up in 1996, originally funded by the DTI. The IEC's basic guide states that the standard, "Can be used to develop any E/E/PE system that has critical functions, such as the protection of equipment or products." It specifies four levels of safety performance for a safety function, called Safety Integrity Levels (SILs). SIL1 is the lowest level and SIL4 the highest.
CASS has set down the framework for accreditation to 61508 through a Functional Safety Capability Assessment or FSCA. Pilz was the sixth company to be accredited to SIL 3. The standard has now spawned other standards on specific subjects. 62061 is being developed for machinery, 60511 for process industries, 60513 for nuclear and 61800-5-2 for variable speed drives. These are likely to be followed by others. Popham said, "We are now seeing a lot of attention being paid to the maintenance of safety. A small but important section of the standard concerns the assurance that maintenance staff are 'competent'."
Getting together
In another development, Rockwell Automation, Omron and Sick are collaborating on the development of an open protocol for safety communications. CIP Safety is based on the Control and Information Protocol used in DeviceNet, ControlNet and Ethernet/IP. All three companies are members of the Open DeviceNet Vendor Association, ODVA. CIP Safety will allow both standard and safety devices to operate on the same network and allow safety devices to communicate across the other CIP based standard networks.
The first implementation will be over DeviceNet and will provide fail-safe communications between nodes such as safety input/output blocks, safety interlock switches, safety light curtains and safety PLCs. As an open standard, CIP Safety is designed for use in safety applications up to SIL3. Newly defined safety protocol extensions have received concept approval by TÜV Rheinland.
Pilz already has a safety bus up and running called SafetyBUS p. In the UK, this is under the care of a separate SafetyBUS Club, based in the Pilz UK office, but chaired by Dr Richard Piggin, formerly of Warwick University. Unlike CIP Safety, SafetyBUS p is a CANbus but with various additional mechanisms to protect against and detect errors. CANbus was chosen as a basis because of its "robust architecture." SafetyBUS p enables the connection of up to 64 devices on a single network with a maximum length of 35km. Devices and complete networks can be configured remotely, with intelligence embedded in devices to provide machine and plant diagnostics. Interfaces allow a full suite of device functions to be monitored, such as safety drives and diagnostic interfaces. Traditional hard-wired safety circuits cannot provide the specific diagnostics or flexibility available from programmable systems. Currently, the club has 50 members with 45,000 nodes in over 1,000 installations. Users include BMW at its Body in White line in Dingolfing, Germany, A Safety BUS p interface us now being incorporated within Kuka's KR C2 8-axis robot controllers, allowing a robot, complete with its peripheral safety monitoring devices to be treated as a single node.
Using more conventional technology, E-T-A circuit breakers offers a range of ultra reliable devices to cope with various problems. The E-1072 Solid State Remote Power Controller meets the requirements of EN 60204 that ensure that machinery cannot be started inadvertently due to ground faults. The device provides two pole switching and two pole monitoring of actuators such as solenoids, magnetic brakes and clutches operating on 24VDC up to 3A. The integral solid state relay protects against short circuit and large inrush currents by limiting current to a maximum of 12A, while safety, in the event of overload, is ensured by providing a trip-time dependent on the size of the over current.
Conformance: The Machinery Directive
Pilz
Pilz UK
Rockwell Automation
Omron
Sick
SafetyBUS p Club
Erwin Sick Ltd
E-T-A Circuit Breakers
Pointers
* Maximum safety is vital when designing machinery
* Increasing liability claims and insurance costs mean that companies using or making unsafe machinery are unlikely to stay in business.
* Safety is best assured by adherence to standards. There are more than 400 of these but only a few apply to any particular product or range of products
* A new set of capabilities is being provided by standards based on IEC 61508 and new safety buses