Safety and reliability in pneumatics.

June 22 2011

EN ISO 13849-1 and ISO 19973

The new machine directive (2006/42/CE) has been effective since December 29th 2009 This directive ensures that in order to be able to apply the CE certification seal and consequently commercialize all machines and apparatuses used in production processes within EU, they must be engineered and designed to follow the essential safety requirements (ESR).

The directive obliges the machine manufacturers to design the machines in a way which protects people, animals, property and the surrounding environment from any harm or damage. In order to certify the machines, the manufacturers must follow certain procedures, such as:

∙ Determination of the limits of the machine
∙ Identification of hazards associated to the various operating modes of the machine
∙ Risk assessment (followed by an evaluation of the gravity and probability of hazards occurring).

* Risk Reduction in the form of technical safety measures.
The Risk Reduction is the most crucial part of the whole procedure and is performed by conducting technical safety measures directly on the control circuit of the machine (intrinsic safety) or through specific safety functions (protection circuits- or devices).

Having reinforced the safety aspect of the machines, the new Directive has added an important update of the "harmonized standards"1.

One significant example is the passage from the old EN954-1 to the new EN ISO 13849-12. Both standards supply a method of engineering/designing including classification of the safety control systems of the machine. The EN954-1 will be officially substituted by EN ISO 13849-1 the 31st of December 2011. This change is generating concern amongst machine builders, as they often are uncertain as to whether the technical solutions realized in conformity with EN 954-1 are able to satisfy the new requirements of EN ISO 13849-1.

The objective of this article is not to instruct machine manufacturers how to apply the EN ISO13849-1, but to provide some ideas as to how Camozzi can support them during the complex phase of conformity verification. For instance, one concept to clarify is, that in order to create "Safety Functions" in conformity with EN ISO 13849-1, it is not necessary to use “Safety Components”3.

Here it is possible to use circuits realized with “Standard Components”. This is also the official standpoint of CETOP4 in its Position Paper regarding the Machine Directive… “Components that fall within the scope of EN ISO 13849-1 do not necessarily have to be placed on the market as safety components in accordance with the Machinery Directive”.

The EN ISO 13849-1 is based on the calculation of the probability that a dangerous error occurs in the circuit within one hour of operation. This probability indicator is called PL (Performance Level) and is expressed in 5 different safety levels, (from PLa which is the lowest level of safety to PLe which is the highest).

For a correct calculation of the Performance Level, the designer of the safety function (SRCF5) must take a number of factors into account, these are; Control Architecture (category of safety), Diagnostic coverage (DC) Common cause failure (CCF) and Mean Time to Dangerous Failure (MTTFd6).

Whilst the first three almost exclusively depend on the design of the circuit, the Mean Time To dangerous Failure depends on the reliability7 of each single component only. The MTTFd of a safety circuit is expressed in years and it is calculated using the safety parameter B10d of each single component. The parameter B10d indicates the number of cycles of which 90 percent of the population (of test units) is still functioning in a component life time test. This parameter is used in pneumatics as well as for all mechanical and electro-mechanical components in general (such as solenoids) in order to express the life time (in terms of reliability) of a single component. The parameter is expressed in number of cycles performed and when expressed in years it is only as a function of the frequency used when testing the component.

For a long time, Camozzi has been collecting the results from the life time tests of each product and storing them in a central database. This database is continuously updated when new products are launched as it is standard procedure in Camozzi to conduct a series of validation and life time tests during the development phase for each new product released. In 2007 the ISO International Standard Organisation) published a new set of standards, ISO 19973 entirely dedicated to Assessment of component reliability by testing for pneumatic components. These standards are still under the phase of further evolution and by actively participating in this international ISO working group (ISO/TC131/WG4), Camozzi is able to obtain the latest updates on the test procedures at an early stage for the highest precision of the test data supplied for each product. Being aware of the fact that the information regarding product reliability is of essential nature for the evaluation of the safety of our clients’ machines, Camozzi has committed itself to being able to provide the clients with this service in the most correct and rapid way possible. Evidence of the above is the continuous improvement of the laboratory and technical support.

Ing. Fabio Bottarelli
Product Certification Manager