Monday, 04 April 2011 18:33

Safety Principles for CNC Machine Tools

Rate this item
(8 votes)

Whenever simple and conventional production equipment, such as machine tools, is automated, the result is complex technical systems as well as new hazards. This automation is achieved through the use of computer numeric control (CNC) systems on machine tools, called CNC machine tools (e.g., milling machines, machining centres, drills and grinders). In order to be able to identify the potential hazards inherent in automatic tools, the various operating modes of each system should be analysed. Previously conducted analyses indicate that a differentiation should be made between two types of operation: normal operation and special operation.

It is often impossible to prescribe the safety requirements for CNC machine tools in the shape of specific measures. This may be because there are too few regulations and standards specific to the equipment which provide concrete solutions. Safety requirements can be determined only if the possible hazards are identified systematically by conducting a hazard analysis, particularly if these complex technical systems are fitted with freely programmable control systems (as with CNC machine tools).

In the case of newly developed CNC machine tools, the manufacturer is obliged to carry out a hazard analysis on the equipment in order to identify whatever dangers may be present and to show by means of constructive solutions that all dangers to persons, in all of the different operating modes, are eliminated. All the hazards identified must be subjected to a risk assessment wherein each risk of an event is dependent on the scope of damage and the frequency with which it may occur. The hazard to be assessed is also given a risk category (minimized, normal, increased). Wherever the risk cannot be accepted on the basis of the risk assessment, solutions (safety measures) must be found. The purpose of these solutions is to reduce the frequency of occurrence and the scope of damage of an unplanned and potentially hazardous incident (an “event”).

The approaches to solutions for normal and increased risks are to be found in indirect and direct safety technology; for minimized risks, they are to be found in referral safety technology:

  • Direct safety technology. Care is taken at the design stage to eliminate any hazards (e.g., the elimination of shearing and trapping points).
  • Indirect safety technology. The hazard remains. However, the addition of technical arrangements prevents the hazard from turning into an event (e.g., such arrangements may include the prevention of access to dangerous moving parts by means of physical safety hoods, the provision of safety devices which turn power off, shielding from flying parts using safety guards, etc.).
  • Referral safety technology. This applies only to residual hazards and minimized risks—that is, hazards which can lead to an event as a result of human factors. The occurrence of such an event can be prevented by appropriate behaviour on the part of the person concerned (e.g., instructions on behaviour in the operating and maintenance manuals, personnel training, etc.).

 

International Safety Requirements

The EC Machinery Directive (89/392/EEC) of 1989 lays down the principal safety and health requirements for machines. (According to the Machinery Directive, a machine is considered to be the sum total of interlinked parts or devices, of which at least one can move and correspondingly has a function.) In addition, individual standards are created by international standardization bodies to illustrate possible solutions (e.g., by attending to fundamental safety aspects, or by examining electrical equipment fitted to industrial machinery). The aim of these standards is to specify protection goals. These international safety requirements give manufacturers the necessary legal basis to specify these requirements in the above-mentioned hazard analyses and risk assessments.

Operating Modes

When using machine tools, a differentiation is made between normal operation and special operation. Statistics and investigations indicate that the majority of incidents and accidents do not take place in normal operation (i.e., during the automatic fulfilment of the assignment concerned). With these types of machines and installations, there is an emphasis on special modes of operations such as commissioning, setting up, programming, test runs, checks, troubleshooting or maintenance. In these operating modes, persons are usually in a danger zone. The safety concept must protect personnel from harmful events in these types of situations.

Normal operation

The following applies to automatic machines when carrying out normal operation: (1) the machine fulfils the assignment for which it was designed and constructed without any further intervention by the operator, and (2) applied to a simple turning machine, this means that a workpiece is turned to the correct shape and chips are produced. If the workpiece is changed manually, changing the workpiece is a special mode of operation.

Special modes of operation

Special modes of operation are working processes which allow normal operation. Under this heading, for example, one would include workpiece or tool changes, rectifying a fault in a production process, rectifying a machine fault, setting up, programming, test runs, cleaning and maintenance. In normal operation, automatic systems fulfil their assignments independently. From the viewpoint of working safety, however, automatic normal operation becomes critical when the operator has to intervene working processes. Under no circumstances may the persons intervening in such processes be exposed to hazards.

Personnel

Consideration must be given to the persons working in the various modes of operation as well as to third parties when safeguarding machine tools. Third parties also include those indirectly concerned with the machine, such as supervisors, inspectors, assistants for transporting material and dismantling work, visitors and others.

Demands and Safety Measures for Machine Accessories

Interventions for jobs in special operation modes mean that special accessories have to be used to assure work can be conducted safely. The first type of accessories include equipment and items used to intervene in the automatic process without the operator’s having to access a hazardous zone. This type of accessory includes (1) chip hooks and tongs which have been so designed that chips in the machining area can be removed or pulled away through the apertures provided in the safety guards, and (2) workpiece clamping devices with which the production material can be manually inserted into or removed from an automatic cycle

Various special modes of operation—for example, remedial work or maintenance work—make it necessary for personnel to intervene in a system. In these cases, too, there is a whole range of machine accessories designed to increase working safety—for example, devices to handle heavy grinding wheels when the latter are changed on grinders, as well as special crane slings for dismantling or erecting heavy components when machines are overhauled. These devices are the second type of machine accessory for increasing safety during work in special operations. Special operation control systems can also be considered to represent a second type of machine accessory. Particular activities can be carried out safely with such accessories—for example, a device can be set up in the machine axes when feed movements are necessary with the safety guards open.

These special operation control systems must satisfy particular safety requirements. For example, they must ensure that only the movement requested is carried out in the way requested and only for as long as requested. The special operation control system must therefore be designed in such a way as to prevent any faulty action from turning into hazardous movements or states.

Equipment which increases the degree of automation of an installation can be considered to be a third type of machine accessory for increasing working safety. Actions which were previously carried out manually are done automatically by the machine in normal operation, such as equipment including portal loaders, which change the workpieces on machine tools automatically. The safeguarding of automatic normal operation causes few problems because the intervention of an operator in the course of events is unnecessary and because possible interventions can be prevented by safety devices.

Requirements and Safety Measures for the Automation of Machine Tools

Unfortunately, automation has not led to the elimination of accidents in production plants. Investigations simply show a shift in the occurrence of accidents from normal to special operation, primarily due to the automation of normal operation so that interventions in the course of production are no longer necessary and personnel are thus no longer exposed to danger. On the other hand, highly automatic machines are complex systems which are difficult to assess when faults occur. Even the specialists employed to rectify faults are not always able to do so without incurring accidents. The amount of software needed to operate increasingly complex machines is growing in volume and complexity, with the result that an increasing number of electrical and commissioning engineers suffer accidents. There is no such thing as flawless software, and changes in software often lead to changes elsewhere which were neither expected nor wanted. In order to prevent safety from being affected, hazardous faulty behaviour caused by external influence and component failures must not be possible. This condition can be fulfilled only if the safety circuit is designed as simply as possible and is separate from the rest of the controls. The elements or sub-assemblies used in the safety circuit must also be fail-safe.

It is the task of the designer to develop designs that satisfy safety requirements. The designer cannot avoid having to consider the necessary working procedures, including the special modes of operation, with great care. Analyses must be made to determine which safe work procedures are necessary, and the operating personnel must become familiar with them. In the majority of cases, a control system for special operation will be necessary. The control system usually observes or regulates a movement, while at the same time, no other movement must be initiated (as no other movement is needed for this work, and thus none is expected by the operator). The control system does not necessarily have to carry out the same assignments in the various modes of special operation.

Requirements and Safety Measures in Normal and Special Modes of Operation

Normal operation

The specification of safety goals should not impede technical progress because adapted solutions can be selected. The use of CNC machine tools makes maximum demands on hazard analysis, risk assessment and safety concepts. The following describes several safety goals and possible solutions in greater detail.

Safety goal

  • Manual or physical access to hazardous areas during automatic movements must be prevented.

 

Possible solutions

  • Prevent manual or physical access into danger zones by means of mechanical barriers.
  • Provide safety devices that respond when approached (light barriers, safety mats) and switch off machinery safely during interventions or entry.
  • Allow manual or physical access to machinery (or its vicinity) only when the entire system is in a safe state (e.g., by using interlocking devices with closure mechanisms on the access doors).

 

Safety goal

  • The possibility of any persons being injured as a result of the release of energy (flying parts or beams of energy) should be eliminated.

 

Possible solution

  • Prevent the release of energy from the danger zone—for example, by a correspondingly dimensioned safety hood.

 

Special operation

The interfaces between normal operation and special operation (e.g., door interlocking devices, light barriers, safety mats) are necessary to enable the safety control system to recognize automatically the presence of personnel. The following describes certain special operation modes (e.g., setting up, programming) on CNC machine tools which require movements that must be assessed directly at the site of operation.

Safety goals

  • Movements must take place only in such a way that they cannot be a hazard for the persons concerned. Such movements must be executed only in the scheduled style and speed and continued only as long as instructed.
  • They are to be attempted only if it can be guaranteed that no parts of the human body are in the danger zone.

 

Possible solution

  • Install special operating control systems which permit only controllable and manageable movements using finger-tip control via “acknowledge-type” push buttons. The speed of movements is thus safely reduced (provided that energy has been reduced by means of an isolation transformer or similar monitoring equipment).

 

Demands on Safety Control Systems

One of the features of a safety control system must be that the safety function is guaranteed to work whenever any faults arise so as to direct processes from a hazardous state to a safe state.

Safety goals

  • A fault in the safety control system must not trigger off a dangerous state.
  • A fault in the safety control system must be identified (immediately or at intervals).

 

Possible solutions

  • Put in place a redundant and diverse layout of electro-mechanical control systems, including test circuits.
  • Put in place a redundant and diverse set-up of microprocessor control systems developed by different teams. This approach is considered to be state of the art, for example, in the case of safety light barriers.

 

Conclusion

It is apparent that the increasing trend in accidents in normal and special modes of operation cannot be halted without a clear and unmistakable safety concept. This fact must be taken into account in the preparation of safety regulations and guidelines. New guidelines in the shape of safety goals are necessary in order to allow advanced solutions. This objective enables designers to choose the optimum solution for a specific case while at the same time demonstrating the safety features of their machines in a fairly simple way by describing a solution to each safety goal. This solution can then be compared with other existing and accepted solutions, and if it is better or at least of equal value, a new solution can then be chosen. In this way, progress is not hampered by narrowly formulated regulations.


Main Features of the EEC Machinery Directive

The Council Directive of 14 June 1989 on the approximation of the laws of the Member States relating machinery (89/392/EEC) applies to each individual state.

  • Each individual state must integrate the directive in its legislation.
  • Valid from 1 January 1993.
  • Requires that all manufacturers adhere to the state of the art.
  • The manufacturer must produce a technical construction file which contains full information on all fundamental aspects of safety and health care.
  • The manufacturer must issue the declaration of conformity and the CE marking of the machines.
  • Failure to place a complete technical documentation at the disposal of a state supervisory centre is considered to represent the non-fulfilment of the machine guidelines. A pan-EEC sales prohibition may be the consequence.

 

Safety Goals for the Construction and Use of CNC Machine Tools

1. Lathes

1.1            Normal mode of operation

1.1.1            The work area is to be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

1.1.2             The tool magazine is to be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

1.1.3             The workpiece magazine is to be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

1.1.4             Chip removal must not result in personal injury due to the chips or moving parts of the machine.

1.1.5             Personal injuries resulting from reaching into drive systems must be prevented.

1.1.6             The possibility of reaching into the danger zones of moving chip conveyors must be prevented.

1.1.7             No personal injury to operators or third persons must result from flying workpieces or parts thereof.

For example, this can occur

  • due to insufficient clamping
  • due to inadmissible cutting force
  • due to inadmissible rotation speed
  • due to collision with the tool or machine parts
  • due to workpiece breakage
  • due to defective clamping fixtures
  • due to power failure

 

1.1.8            No personal injury must result from flying workpiece clamping fixtures.

1.1.9             No personal injury must result from flying chips.

1.1.10             No personal injury must result from flying tools or parts thereof.

For example, this can occur

  • due to material defects
  • due to inadmissible cutting force
  • due to a collision with the workpiece or a machine part
  • due to inadequate clamping or tightening

 

1.2            Special modes of operation

1.2.1             Workpiece changing.

1.2.1.1             Workpiece clamping must be done in such a way that no parts of the body can become trapped between closing clamping fixtures and workpiece or between the advancing sleeve tip and workpiece.

1.2.1.2             The starting of a drive (spindles, axes, sleeves, turret heads or chip conveyors) as a consequence of a defective command or invalid command must be prevented.

1.2.1.3             It must be possible to manipulate the workpiece manually or with tools without danger.

1.2.2             Tool changing in tool holder or tool turret head.

1.2.2.1             Danger resulting from the defective behaviour of the system or due to entering an invalid command must be prevented.

1.2.3             Tool changing in the tool magazine.

1.2.3.1             Movements in the tool magazine resulting from a defective or invalid command must be prevented during tool changing.

1.2.3.2             It must not be possible to reach into other moving machine parts from the tool loading station.

1.2.3.3             It must not be possible to reach into danger zones on the further movement of the tool magazine or during the search. If taking place with the guards for normal operation mode removed, these movements may only be of the designated kind and only be carried out during the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

1.2.4             Measurement check.

1.2.4.1             Reaching into the work area must only be possible after all movements have been brought to a standstill.

1.2.4.2             The starting of a drive resulting from a defective command or invalid command input must be prevented.

1.2.5             Set-up.

1.2.5.1             If movements are executed during set-up with the guards for normal mode of operation removed, then the operator must be safeguarded by another means.

1.2.5.2             No dangerous movements or changes of movements must be initiated as a result of a defective command or invalid command input.

1.2.6             Programming.

1.2.6.1             No movements may be initiated during programming which endanger a person in the work area.

1.2.7             Production fault.

1.2.7.1             The starting of a drive resulting from a defective command on invalid command input setpoint must be prevented.

1.2.7.2             No dangerous movements or situations are to be initiated by the movement or removal of the workpiece or waste.

1.2.7.3             Where movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

1.2.8             Troubleshooting.

1.2.8.1             Reaching into the danger zones of automatic movements must be prevented.

1.2.8.2             The starting of a drive as a result of a defective command or invalid command input must be prevented.

1.2.8.3             A movement of the machine on manipulation of the defective part must be prevented.

1.2.8.4             Personal injury resulting from a machine part splintering off or dropping must be prevented.

1.2.8.5             If, during troubleshooting, movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

1.2.9             Machine malfunction and repair.

1.2.9.1             The machine must be prevented from starting.

1.2.9.2             Manipulation of the different parts of the machine must be possible either manually or with tools without any danger.

1.2.9.3             It must not be possible to touch live parts of the machine.

1.2.9.4             Personal injury must not result from the issue of fluid or gaseous media.

 

2. Milling machines

2.1            Normal mode of operation

2.1.1             The work area is to be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

2.1.2             Chip removal must not result in personal injury due to the chips or moving parts of the machine.

2.1.3             Personal injuries resulting from reaching into drive systems must be prevented.

No personal injury to operators or third persons must result from flying workpieces or parts thereof.

For example, this can occur

  • due to insufficient clamping
  • due to inadmissible cutting force
  • due to collision with the tool or machine parts
  • due to workpiece breakage
  • due to defective clamping fixtures
  • due to power failure

 

2.1.4             No personal injury must result from flying workpiece clamping fixtures.

2.1.5             No personal injury must result from flying chips.

2.1.6             No personal injury must result from flying tools or parts thereof.

For example, this can occur

  • due to material defects
  • due to inadmissible speed of rotation
  • due to inadmissible cutting force
  • due to collision with workpiece or machine part
  • due to inadequate clamping or tightening
  • due to power failure

 

Special modes of operation

2.2.1             Workpiece changing.

2.2.1.1             Where power-operated clamping fixtures are used, it must not be possible for parts of the body to become trapped between the closing parts of the clamping fixture and the workpiece.

2.2.1.2             The starting of a drive (spindle, axis) resulting from a defective command or invalid command input must be prevented.

2.2.1.3             The manipulation of the workpiece must be possible manually or with tools without any danger.

2.2.2             Tool changing.

2.2.2.1             The starting of a drive resulting from a defective command or invalid command input must be prevented.

2.2.2.2             It must not be possible for fingers to become trapped when putting in tools.

2.2.3             Measurement check.

2.2.3.1             Reaching into the work area must only be possible after all movements have been brought to a standstill.

2.2.3.2             The starting of a drive resulting from a defective command or invalid command input must be prevented.

2.2.4             Set-up.

2.2.4.1             If movements are executed during set-up with guards for normal mode of operation removed, the operator must be safeguarded by another means.

2.2.4.2             No dangerous movements or changes of movements must be initiated as a result of a defective command or invalid command input.

2.2.5             Programming.

2.2.5.1             No movements must be initiated during programming which endanger a person in the work area.

2.2.6             Production fault.

2.2.6.1             The starting of drive resulting from a defective command or invalid command input must be prevented.

2.2.6.2             No dangerous movements or situations must be initiated by the movement or removal of the workpiece or waste.

2.2.6.3             Where movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

2.2.7             Troubleshooting.

2.2.7.1             Reaching into the danger zones of automatic movements must be prevented.

2.2.7.2             The starting of a drive as a result of a defective command or invalid command input must be prevented.

2.2.7.3             Any movement of the machine on manipulation of the defective part must be prevented.

2.2.7.4             Personal injury resulting from a machine part splintering off or dropping must be prevented.

2.2.7.5             If, during troubleshooting, movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

2.2.8             Machine malfunction and repair.

2.2.8.1             Starting the machine must be prevented.

2.2.8.2             Manipulation of the different parts of the machine must be possible manually or with tools without any danger.

2.2.8.3             It must not be possible to touch live parts of the machine.

2.2.8.4             Personal injury must not result from the issue of fluid or gaseous media.

 

3. Machining centres

3.1            Normal mode of operation

3.1.1             The work area must be safeguarded so that is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

3.1.2             The tool magazine must be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements.

3.1.3             The workpiece magazine must be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements.

3.1.4             Chip removal must not result in personal injury due to the chips or moving parts of the machine.

3.1.5             Personal injuries resulting from reaching into drive systems must be prevented.

3.1.6             The possibility of reaching into danger zones of moving chip conveyors (screw conveyors, etc.) must be prevented.

3.1.7             No personal injury to operators or third persons must result from flying workpieces or parts thereof.

For example, this can occur

  • due to insufficient clamping
  • due to inadmissible cutting force
  • due to collision with the tool or machine parts
  • due to workpiece breakage
  • due to defective clamping fixtures
  • due to changing to the wrong workpiece
  • due to power failure

 

3.1.8             No personal injury must result from flying workpiece clamping fixtures.

3.1.9             No personal injury must result from flying chips.

3.1.10             No personal injury must result from flying tools or parts thereof.

For example, this can occur

  • due to material defects
  • due to inadmissible speed of rotation
  • due to inadmissible cutting force
  • due to collision with workpiece or machine part
  • due to inadequate clamping or tightening
  • due to the tool flying out of the tool changer
  • due to selecting the wrong tool
  • due to power failure

 

3.2            Special modes of operation

3.2.1             Workpiece changing.

3.2.1.1             Where power-operated clamping fixtures are used, it must not be possible for parts of the body to become trapped between the closing parts of the clamping fixture and the workpiece.

3.2.1.2             The starting of a drive resulting from a defective command or invalid command input must be prevented.

3.2.1.3             It must be possible to manipulate the workpiece manually or with tools without any danger.

3.2.1.4             Where workpieces are changed in a clamping station, it must not be possible from this location to reach or step into automatic movement sequences of the machine or workpiece magazine. No movements must be initiated by the control while a person is present in the clamping zone. The automatic insertion of the clamped workpiece into the machine or workpiece magazine is only to take place when the clamping station is also safeguarded with a protective system corresponding to that for normal mode of operation.

3.2.2             Tool changing in the spindle.

3.2.2.1             The starting of a drive resulting from a defective command or invalid command input must be prevented.

3.2.2.2             It must not be possible for fingers to become trapped when putting in tools.

3.2.3             Tool changing in tool magazine.

3.2.3.1             Movements in the tool magazine resulting from defective commands or invalid command input must be prevented during tool changing.

3.2.3.2             It must not be possible to reach into other moving machine parts from the tool loading station.

3.2.3.3             It must not be possible to reach into danger zones on the further movement of the tool magazine or during the search. If taking place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

3.2.4             Measurement check.

3.2.4.1             Reaching into the work area must only be possible after all movements have been brought to a standstill.

3.2.4.2             The starting of a drive resulting from a defective command or invalid command input must be prevented.

3.2.5             Set-up.

3.2.5.1             If movements are executed during set-up with the guards for normal mode of operation removed, then the operator must be safeguarded by another means.

3.2.5.2             No dangerous movements or changes of movement must be initiated as a result of a defective command or invalid command input.

3.2.6             Programming.

3.2.6.1             No movements must be initiated during programming which endanger a person in the work area.

3.2.7             Production fault.

3.2.7.1             The starting of a drive resulting from a defective command or invalid command input must be prevented.

3.2.7.2             No dangerous movements or situations must be initiated by the movement or removal of the workpiece or waste.

3.2.7.3             Where movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

3.2.8             Troubleshooting.

3.2.8.1             Reaching into the danger zones of automatic movements must be prevented.

3.2.8.2             The starting of a drive as a result of a defective command or invalid command input must be prevented.

3.2.8.3             Any movement of the machine on manipulation of the defective part must be prevented.

3.2.8.4             Personal injury resulting from a machine part splintering off or dropping must be prevented.

3.2.8.5             If, during troubleshooting, movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

3.2.9             Machine malfunction and repair.

3.2.9.1             Starting the machine must be prevented.

3.2.9.2             Manipulation of the different parts of the machine must be possible manually or with tools without any danger.

3.2.9.3             It must not be possible to touch live parts of the machine.

3.2.9.4             Personal injury must not result from the issue of fluid or gaseous media.

 

4. Grinding machines

4.1            Normal mode of operation

4.1.1             The work area is to be safeguarded so that it is impossible to reach or step into the danger zones of automatic movements, either intentionally or unintentionally.

4.1.2             Personal injuries resulting from reaching into drive systems must be prevented.

4.1.3             No personal injury to operators or third persons must result from flying workpieces or parts thereof.

For example, this can occur

  • due to insufficient clamping
  • due to inadmissible cutting force
  • due to inadmissible rotation speed
  • due to collision with the tool or machine parts
  • due to workpiece breakage
  • due to defective clamping fixtures
  • due to power failure

 

4.1.4             No personal injury must result from flying workpiece clamping fixtures.

4.1.5             No personal injury or fires must result from sparking.

4.1.6             No personal injury must result from flying parts of grinding wheels.

For example, this can occur

  • due to inadmissible rotation speed
  • due to inadmissible cutting force
  • due to material defects
  • due to collision with workpiece or machine part
  • due to inadequate clamping (flanges)
  • due to using incorrect grinding wheel

 

Special modes of operation

4.2.1             Workpiece changing.

4.2.1.1             Where power-operated clamping fixtures are used, it must not be possible for parts of the body to become trapped between the closing parts of the clamping fixture and the workpiece.

4.2.1.2             The starting of a feed drive resulting from a defective command or invalid command input must be prevented.

4.2.1.3             Personal injury caused by the rotating grinding wheel must be prevented when manipulating the workpiece.

4.2.1.4             Personal injury resulting from a bursting grinding wheel must not be possible.

4.2.1.5             The manipulation of the workpiece must be possible manually or with tools without any danger.

4.2.2             Tool changing (grinding wheel changing)

4.2.2.1             The starting of a feed drive resulting from .a defective command or invalid command input must be prevented.

4.2.2.2             Personal injury caused by the rotating grinding wheel must not be possible during measuring procedures.

4.2.2.3             Personal injury resulting from a bursting grinding wheel must not be possible.

4.2.3             Measurement check.

4.2.3.1             The starting of a feed drive resulting from a defective command or invalid command input must be prevented.

4.2.3.2             Personal injury caused by the rotating grinding wheel must not be possible during measuring procedures.

4.2.3.3             Personal injury resulting from a bursting grinding wheel must not be possible.

4.2.4.             Set-up.

4.2.4.1             If movements are executed during set-up with the guards for normal mode of operation removed, then the operator must be safeguarded by another means.

4.2.4.2             No dangerous movements or changes of movement must be initiated as a result of a defective command or invalid command input.

4.2.5             Programming.

4.2.5.1             No movements must be initiated during programming which endanger a person in the work area.

4.2.6             Production fault.

4.2.6.1             The starting of a feed drive resulting from a defective command or invalid command input must be prevented.

4.2.6.2             No dangerous movements or situations must be initiated by the movement or removal of the workpiece or waste.

4.2.6.3             Where movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

4.2.6.4             Personal injury caused by the rotating grinding wheel must be prevented.

4.2.6.5             Personal injury resulting from a bursting grinding wheel must not be possible.

4.2.7             Troubleshooting.

4.2.7.1             Reaching into the danger zones of automatic movements must be prevented.

4.2.7.2             The starting of a drive as a result of a defective command or invalid command input must be prevented.

4.2.7.3             Any movement of the machine on manipulation of the defective part must be prevented.

4.2.7.4             Personal injury resulting from a machine part splintering off or dropping must be prevented.

4.2.7.5             Personal injury caused the operator’s contacting or by the bursting of the rotating grinding wheel must be prevented.

4.2.7.6             If, during troubleshooting, movements have to take place with the guards for the normal mode of operation removed, these movements may only be of the kind designated and only executed for the period of time ordered and only when it can be ensured that no parts of the body are in these danger zones.

4.2.8             Machine malfunction and repair.

4.2.8.1             Starting the machine must be prevented.

4.2.8.2             Manipulation of the different parts of the machine must be possible manually or with tools without any danger.

4.2.8.3             It must not be possible to touch live parts of the machine.

4.2.8.4             Personal injury must not result from the issue of fluid or gaseous media.

 

Back

Read 18877 times Last modified on Monday, 27 June 2011 13:16

" DISCLAIMER: The ILO does not take responsibility for content presented on this web portal that is presented in any language other than English, which is the language used for the initial production and peer-review of original content. Certain statistics have not been updated since the production of the 4th edition of the Encyclopaedia (1998)."

Contents

Safety Applications References

Arteau, J, A Lan, and J-F Corveil. 1994. Use of Horizontal Lifelines in Structural Steel Erection. Proceedings of the International Fall Protection Symposium, San Diego, California (October 27–28, 1994). Toronto: International Society for Fall Protection.

Backström, T. 1996. Accident risk and safety protection in automated production. Doctoral thesis. Arbete och Hälsa 1996:7. Solna: National Institute for Working Life.

Backström, T and L Harms-Ringdahl. 1984. A statistical study of control systems and accidents at work. J Occup Acc. 6:201–210.

Backström, T and M Döös. 1994. Technical defects behind accidents in automated production. In Advances in Agile Manufacturing, edited by PT Kidd and W Karwowski. Amsterdam: IOS Press.

—. 1995. A comparison of occupational accidents in industries with of advanced manufacturing technology. Int J Hum Factors Manufac. 5(3). 267–282.

—. In press. The technical genesis of machine failures leading to occupational accidents. Int J Ind Ergonomics.

—. Accepted for publication. Absolute and relative frequencies of automation accidents at different kinds of equipment and for different occupational groups. J Saf Res.

Bainbridge, L. 1983. Ironies of automation. Automatica 19:775–779.

Bell, R and D Reinert. 1992. Risk and system integrity concepts for safety related control systems. Saf Sci 15:283–308.

Bouchard, P. 1991. Échafaudages. Guide série 4. Montreal: CSST.

Bureau of National Affairs. 1975. Occupational Safety and Health Standards. Roll-over Protective Structures for Material Handling Equipment and Tractors, Sections 1926, 1928. Washington, DC: Bureau of National Affairs.

Corbett, JM. 1988. Ergonomics in the development of human-centred AMT. Applied Ergonomics 19:35–39.

Culver, C and C Connolly. 1994. Prevent fatal falls in construction. Saf Health September 1994:72–75.

Deutsche Industrie Normen (DIN). 1990. Grundsätze für Rechner in Systemen mit Sicherheitsauffgaben. DIN V VDE 0801. Berlin: Beuth Verlag.

—. 1994. Grundsätze für Rechner in Systemen mit Sicherheitsauffgaben Änderung A 1. DIN V VDE 0801/A1. Berlin: Beuth Verlag.

—. 1995a. Sicherheit von Maschinen—Druckempfindliche Schutzeinrichtungen [Machine safety—Pressure-sensitive protective equipment]. DIN prEN 1760. Berlin: Beuth Verlag.

—. 1995b. Rangier-Warneinrichtungen—Anforderungen und Prüfung [Commercial vehicles—obstacle detection during reversing—requirements and tests]. DIN-Norm 75031. February 1995.

Döös, M and T Backström. 1993. Description of accidents in automated materials handling. In Ergonomics of Materials Handling and Information Processing at Work, edited by WS Marras, W Karwowski, JL Smith, and L Pacholski. Warsaw: Taylor and Francis.

—. 1994. Production disturbances as an accident risk. In Advances in Agile Manufacturing, edited by PT Kidd and W Karwowski. Amsterdam: IOS Press.

European Economic Community (EEC). 1974, 1977, 1979, 1982, 1987. Council Directives on Rollover Protection Structures of Wheeled Agricultural and Forestry Tractors. Brussels: EEC.

—. 1991. Council Directive on the Approximation of the Laws of the Member States relating to Machinery. (91/368/EEC) Luxembourg: EEC.

Etherton, JR and ML Myers. 1990. Machine safety research at NIOSH and future directions. Int J Ind Erg 6:163–174.

Freund, E, F Dierks and J Roßmann. 1993. Unterschungen zum Arbeitsschutz bei Mobilen Rototern und Mehrrobotersystemen [Occupational safety tests of mobile robots and multiple robot systems]. Dortmund: Schriftenreihe der Bundesanstalt für Arbeitsschutz.

Goble, W. 1992. Evaluating Control System Reliability. New York: Instrument Society of America.

Goodstein, LP, HB Anderson and SE Olsen (eds.). 1988. Tasks, Errors and Mental Models. London: Taylor and Francis.

Gryfe, CI. 1988. Causes and prevention of falling. In International Fall Protection Symposium. Orlando: International Society for Fall Protection.

Health and Safety Executive. 1989. Health and safety statistics 1986–87. Employ Gaz 97(2).

Heinrich, HW, D Peterson and N Roos. 1980. Industrial Accident Prevention. 5th edn. New York: McGraw-Hill.

Hollnagel, E, and D Woods. 1983. Cognitive systems engineering: New wine in new bottles. Int J Man Machine Stud 18:583–600.

Hölscher, H and J Rader. 1984. Mikrocomputer in der Sicherheitstechnik. Rheinland: Verlag TgV-Reinland.

Hörte, S-Å and P Lindberg. 1989. Diffusion and Implementation of Advanced Manufacturing Technologies in Sweden. Working paper No. 198:16. Institute of Innovation and Technology.

International Electrotechnical Commission (IEC). 1992. 122 Draft Standard: Software for Computers in the Application of Industrial Safety-related Systems. IEC 65 (Sec). Geneva: IEC.

—. 1993. 123 Draft Standard: Functional Safety of Electrical/Electronic/Programmable Electronic Systems; Generic Aspects. Part 1, General requirements Geneva: IEC.

International Labour Organization (ILO). 1965. Safety & Health in Agricultural Work. Geneva: ILO.

—. 1969. Safety and Health in Forestry Work. Geneva: ILO.

—. 1976. Safe Construction and Operation of Tractors. An ILO Code of Practice. Geneva: ILO.

International Organization for Standardization (ISO). 1981. Agricultural and Forestry Wheeled Tractors. Protective Structures. Static Test Method and Acceptance Conditions. ISO 5700. Geneva: ISO.

—. 1990. Quality Management and Quality Assurance Standards: Guidelines for the Application of ISO 9001 to the Development, Supply and Maintenance of Software. ISO 9000-3. Geneva: ISO.

—. 1991. Industrial Automation Systems—Safety of Integrated Manufacturing Systems—Basic Requirements (CD 11161). TC 184/WG 4. Geneva: ISO.

—. 1994. Commercial Vehicles—Obstacle Detection Device during Reversing—Requirements and Tests. Technical Report TR 12155. Geneva: ISO.

Johnson, B. 1989. Design and Analysis of Fault Tolerant Digital Systems. New York: Addison Wesley.

Kidd, P. 1994. Skill-based automated manufacturing. In Organization and Management of Advanced Manufacturing Systems, edited by W Karwowski and G Salvendy. New York: Wiley.

Knowlton, RE. 1986. An Introduction to Hazard and Operability Studies: The Guide Word Approach. Vancouver, BC: Chemetics.

Kuivanen, R. 1990. The impact on safety of disturbances in flexible manufacturing systems. In Ergonomics of Hybrid Automated Systems II, edited by W Karwowski and M Rahimi. Amsterdam: Elsevier.

Laeser, RP, WI McLaughlin and DM Wolff. 1987. Fernsteurerung und Fehlerkontrolle von Voyager 2. Spektrum der Wissenshaft (1):S. 60–70.

Lan, A, J Arteau and J-F Corbeil. 1994. Protection Against Falls from Above-ground Billboards. International Fall Protection Symposium, San Diego, California, October 27–28, 1994. Proceedings International Society for Fall Protection.

Langer, HJ and W Kurfürst. 1985. Einsatz von Sensoren zur Absicherung des Rückraumes von Großfahrzeugen [Using sensors to secure the area behind large vehicles]. FB 605. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Levenson, NG. 1986. Software safety: Why, what, and how. ACM Computer Surveys (2):S. 129–163.

McManus, TN. N.d. Confined Spaces. Manuscript.

Microsonic GmbH. 1996. Company communication. Dortmund, Germany: Microsonic.

Mester, U, T Herwig, G Dönges, B Brodbeck, HD Bredow, M Behrens and U Ahrens. 1980. Gefahrenschutz durch passive Infrarot-Sensoren (II) [Protection against hazards by infrared sensors]. FB 243. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Mohan, D and R Patel. 1992. Design of safer agricultural equipment: Application of ergonomics and epidemiology. Int J Ind Erg 10:301–310.

National Fire Protection Association (NFPA). 1993. NFPA 306: Control of Gas Hazards on Vessels. Quincy, MA: NFPA.

National Institute for Occupational Safety and Health (NIOSH). 1994. Worker Deaths in Confined Spaces. Cincinnati, OH, US: DHHS/PHS/CDCP/NIOSH Pub. No. 94-103. NIOSH.

Neumann, PG. 1987. The N best (or worst) computer-related risk cases. IEEE T Syst Man Cyb. New York: S.11–13.

—. 1994. Illustrative risks to the public in the use of computer systems and related technologies. Software Engin Notes SIGSOFT 19, No. 1:16–29.

Occupational Safety and Health Administration (OSHA). 1988. Selected Occupational Fatalities Related to Welding and Cutting as Found in Reports of OSHA Fatality/Catastrophe Investigations. Washington, DC: OSHA.

Organization for Economic Cooperation and Development (OECD). 1987. Standard Codes for the Official Testing of Agricultural Tractors. Paris: OECD.

Organisme professionel de prévention du bâtiment et des travaux publics (OPPBTP). 1984. Les équipements individuels de protection contre les chutes de hauteur. Boulogne-Bilancourt, France: OPPBTP.

Rasmussen, J. 1983. Skills, rules and knowledge: Agenda, signs and symbols, and other distinctions in human performance models. IEEE Transactions on Systems, Man and Cybernetics. SMC13(3): 257–266.

Reason, J. 1990. Human Error. New York: Cambridge University Press.

Reese, CD and GR Mills. 1986. Trauma epidemiology of confined space fatalities and its application to intervention/prevention now. In The Changing Nature of Work and Workforce. Cincinnati, OH: NIOSH.

Reinert, D and G Reuss. 1991. Sicherheitstechnische Beurteilung und Prüfung mikroprozessorgesteuerter
Sicherheitseinrichtungen. In BIA-Handbuch. Sicherheitstechnisches Informations-und Arbeitsblatt 310222. Bielefeld: Erich Schmidt Verlag.

Society of Automotive Engineers (SAE). 1974. Operator Protection for Industrial Equipment. SAE Standard j1042. Warrendale, USA: SAE.

—. 1975. Performance Criteria for Rollover Protection. SAE Recommended Practice. SAE standard j1040a. Warrendale, USA: SAE.

Schreiber, P. 1990. Entwicklungsstand bei Rückraumwarneinrichtungen [State of developments for rear area warning devices]. Technische Überwachung, Nr. 4, April, S. 161.

Schreiber, P and K Kuhn. 1995. Informationstechnologie in der Fertigungstechnik [Information technology in production technique, series of the Federal Institute for Occupational Safety and Health]. FB 717. Dortmund: Schriftenreihe der bundesanstalt für Arbeitsschutz.

Sheridan, T. 1987. Supervisory control. In Handbook of Human Factors, edited by G. Salvendy. New York: Wiley.

Springfeldt, B. 1993. Effects of Occupational Safety Rules and Measures with Special Regard to Injuries. Advantages of Automatically Working Solutions. Stockholm: The Royal Institute of Technology, Department of Work Science.

Sugimoto, N. 1987. Subjects and problems of robot safety technology. In Occupational Safety and Health in Automation and Robotics, edited by K Noto. London: Taylor & Francis. 175.

Sulowski, AC (ed.). 1991. Fundamentals of Fall Protection. Toronto, Canada: International Society for Fall Protection.

Wehner, T. 1992. Sicherheit als Fehlerfreundlichkeit. Opladen: Westdeutscher Verlag.

Zimolong, B, and L Duda. 1992. Human error reduction strategies in advanced manufacturing systems. In Human-robot Interaction, edited by M Rahimi and W Karwowski. London: Taylor & Francis.