[:en][vc_row][vc_column][vc_column_text]I, like many others, was stunned to hear that there was a major power outage covering the Outer Banks. Being an engineer, my instincts were to immediately investigate what happened and what steps occurred to lead to that point. Even before I did research, my mind was already asking “Why wasn’t there a back-up system in place for such an occurrence especially when the results effected so many?”
In functional safety, we would think of redundancy, for example, a 1oo2 or 2oo3 system. When more details came out yesterday, I saw that they did have a back-up system, they did have redundancy. North Carolina had three major underground transmission cables connecting the island’s power supply. The accident that occurred completely sheared one of the cables, while damaging the other two.
Redundant architectures seemed to be the perfect solution to get better reliability while keeping a high availability. However, field reliability studies done primarily in the nuclear industries showed that the redundant systems did not meet calculated predictions. In some cases, common stress failed both sets of equipment in a redundant system. The stress is the same thing that causes all failures; combinations of temperature, humidity, corrosion, vibration, shock, electrical surge, radio frequency interference and more. In this case, it was a steel casing that was driven through the cables.
Common cause failures can manifest itself in a host of ways in addition to stress as indicated above. These include but are not limited to the design, installation, operation, maintenance/repair activities, management of change, etc.
But don’t worry, there are ways to help prevent the effects of common cause failures and reduce the calculated failure rate (beta model).
The easiest ways are:
Of course, there are pros and cons in both of those options and each SIF and application are different.
When you are thinking of redundancy, don’t be like Outer Banks and forget about these other two factors or you will be left in the dark!
Download the White Paper[/vc_column_text][/vc_column][/vc_row][:zh][vc_row][vc_column][vc_column_text]No! They are not Inherently Safe!
A collaborative robot is intended to work “collaboratively” with a person. i.e. share a common workspace. It is force and speed limited by design to minimize any potential hazard. Collaborative robots fit the application where the task cannot be easily or cost effectively automated. They are easy to deploy, program and repurpose. Collaborative robots are new to everyone including the standards agencies.
A hazard and risk assessment is required that assesses the robot and the environment that it is deployed in. Just as any other robot, things such as collisions, speed, type of end effector and worksite need to be evaluated. Collaborative robots have their own sorts of collisions and hazards. They may not be as severe, but they still exist.
This all comes down to risk and the amount of risk that you are willing to accept! The diagram below shows the high-level steps for doing a Hazard and Risk Assessment. When following the steps, if you assess the risk and find it to be acceptable (your companies acceptable risk norms) then you are done. No need to add any risk reduction.
The next best approach is to determine if protective measures other than a Safety Function can reduce the risk to an acceptable level. If not, then you must assign a SIL and implement a safety function that will provide the required risk reduction.
exida can effectively train your team to perform machine hazard and risk assessments to identify all possible hazards and estimate the risk for each hazard. Specifically, exida coaches you through the process of evaluating the risk, developing and implementing risk reduction options. exida can also educate your team in multiple approaches to SIL target selection. These are just some of the things exida does to ensure you are on the right path![/vc_column_text][/vc_column][/vc_row] [:]