Safety engineering guidelines

Transcription

Safety engineering guidelines
your local FESTO authorised stockist
To find out more about how the new regulations will affect your business call 0115 9757571
or email [email protected]
Your partner in safety
Table of contents
Page
At Festo, quality has many
aspects – one of these is handling machines safely. This is the
reason behind our safety-orientated automation technology. It
gives you the certainty that your
workplace is as safe as possible.
2
This brochure is intended as a
guide.
It covers the core questions
relating to safety-orientated
pneumatics:
• Why use safety-orientated
pneumatics?
• How can I identify the risk
posed by a system or machine
to the operator or user?
• Which standards and
directives apply?
• What safety measures are
derived from these?
• What are the most common
safety measures?
Simple and helpful: In the
second part of the brochure, you
can find sample circuit diagrams
for the most common safety
functions related to pneumatic
drives and the associated product combinations from Festo.
These can be used to solve many
safety functions.
If you have further requirements,
our specialists worldwide will be
happy to help.
Directives and standards
4
Time schedule for EC machinery directive and DIN EN ISO 13849-1
Definition and concept of risk
Risk assessment
Directive-compliant procedure for safe design
(as per EN ISO 12100)
Control architectures (as per DIN EN ISO 13849-1)
4 operation modes – 10 safety functions
Sample circuit diagrams
32
Festo products
46
Services
74
3
Reduce risk – think preventively
Machines have to be designed in
a way that protects people,
animals, property and the environment from harm. The goal
is to prevent physical damage
of any type. Using safetyorientated pneumatics from
Festo provides you with the
security of implementing safety
measures in compliance with the
EC machinery directive. You can
reliably prevent collisions or
uncontrolled restarts after an
emergency stop, for example.
At the same time, using safetyorientated pneumatics also minimises the risk of liability claims.
4
Simple – but safe!
The EC machinery directive specifies a risk analysis and assessment for machines. Protection
goals are derived and defined
from this directive. The protection goals are achieved using
various safety functions. Safetyorientated pneumatics from
Festo, in the form of
• Components
• Circuits
• Engineering
make it easy to achieve your
safety objectives. Safe operation
of machines should be possible
in all modes and stages of their
service life.
Safety-orientated pneumatics
from Festo provides you with
solutions for
• Commissioning
• Automatic/manual operation
• Setting operation
• Risk situations and emergency
functions, such as safe stopping, safe exhausting.
• Restarting -> protection against
unexpected starting up
• Servicing/maintenance
In general, the simpler the safety
engineering used in the application, the more efficient it is.
The complexity of safety engineering is in the variety of
state combinations and transitional states.
In addition to this, if errors
occur, they must not lead to
failure of the safety functions,
depending on their hazard
potential.
Due to their flexible application,
pneumatic drive systems from
Festo need to be included in the
risk analysis and assessment for
each machine, depending on the
application.
As a result, it would seem almost impossible to implement
standardised safety engineering
concepts.
Festo provides solutions on the
basis of risk analyses and
assessments for the most common applications. This ensures
that the electrical safety functions for your pneumatic
system’s controllers are enhanced with the appropriate
safety concepts.
5
Basic safety requirements in the manufacturing industry
Time schedule for EC machinery directive and DIN EN ISO 13849-1
The development of the single
European market has led to
standardised guidelines for
mechanical engineering for the
manufacturing industry.
Machine safety requires safe
control systems. Important
harmonised standards include
EN 954-1, which is going to be
superseded by EN ISO 13849-1.
DIN EN 954-1 will be in force
until the end of 2009.
Article 95 of the EU Treaty
(free movement of goods)
“Health and safety” outline directive
89/391/EEC
e.g. machines
Low voltage directive
2006/95/EC
Article 137 of the EU Treaty
(occupational health and safety)
Machinery directive
98/37/EC
2006/42/EC
2006
2007
2008
2009
2010
2011
29th December 2009
Old machinery directive
May 2006
EN ratification
Europe
Free movement of goods in Europe
“Use of work equipment”
single directive 86/655/EEC
Incorporation into national law
New machinery directive
extended to
29th December 2009
EN 954-1
8th May 2007
Listing in the Official Journal of the European Communities
Harmonised European standards
National statutory provisions
EN ISO 13849-1
Responsibility
Directives are laws. The EC
machinery directive applies to
mechanical engineering run on.
The primary aim of the EC
machinery directive is to specify
basic health and safety requirements in relation to the design
run on and construction of
machines. The CE mark identifies
a machine as compliant with the
EC machinery directive.
6
February 2007
Withdrawn from DIN
Operators
One option for complying with
the EC machinery directive is to
apply harmonised standards.
Harmonised standards are listed
in the Official Journal of the
European Communities.
Applying these results in what is
known as the “presumption of
conformity”, which reinforces
the legal security of operators
and manufacturers.
Germany
Manufacturers
DIN EN 954-1
2nd October
2006
EN
ratification
February 2007
DIN ratification
DIN EN ISO 13849-1
EN 954-1 has presumption of conformity according machinery directive 98/37/EC
EN ISO 13849-1 has presumption of conformity according machinery directives 2006/42/EC and 98/37/EC
A new machinery directive will
apply to the trade in and construction of machines in
the EU from the end of 2009.
EU member states urgently have
to incorporate this directive into
their national legislation because, at European level, directives are laws.
Manufacturers have to comply
with the laws of their country.
Applying standards is an option.
Standards reflect the best
available technology.
7
Fundamental standards for designing control functions
Applying harmonised
standards provides legal
security in compliance with
European law.
Design and risk assessment of machinery
Definition and elements of risk
Electrical safety aspects
EN ISO 12100
EN 60204-1
Safety of machinery
Basic concepts, general principles for design
Safety of machinery
Electrical equipment of machines,
part 1: General requirements
Risks are the result of hazards
and relate to the gravity of
possible damage and the
probability of the damage
occurring.
EN 1050 (EN ISO 14121-1)
Safety of machinery
Risk assessment, part 1: Principles
Functional and safety-related requirements for
safety-related control systems
The first step is to reduce risk by
implementing inherent safety.
The second step is to reduce risk
by implementing safety measures. The final measure is to
reduce risk through instruction.
Low risk
High risk
Adequately
reduced
Safety
Danger/hazard
Risk before protective measures
Residual risk
Necessary minimum risk reduction
Actual risk reduction
Designing and implementing safety-related control systems
EN 62061
Safety of machinery
Functional safety of safety-related electrical, electronic and
programmable control systems
Any architectures
Safety integrity level (SIL)
SIL 1, SIL 2, SIL 3
Safety = acceptable residual risk
Risk
in terms of the
considered hazard
=
Severity of harm
that can result from
the considered
hazard
+
Probability of
occurrance
of that harm
DIN EN ISO 13849-1
Safety of machinery
Safety-related parts of control systems, part 1: General principles for design
Successor standards to EN 954-1:1996, transition period until 2009
Exposure of person(s) to
that hazard
Designated architectures (categories)
Performance level (PL)
PL a, PL b, PL c, PL d, PL e
Harmonised standards that
relate to machine safety serve
to reduce safety risks to an
acceptable minimum, as per the
machinery directive.
8
The possibility of avoiding
or limiting the harm
The occurrance of a
hazardous event
9
Risk assessment
Directives and standards describe the process of risk assessment. Every manufacturer is
obliged to carry out a risk
assessment. This is followed
by a risk evaluation and, if
necessary, suitable measures
for reducing risk have to be
implemented.
Source: EN ISO 12100; 5.2
Determining/defining
states & transitional states
Hazard
identification
Source:
EN 1050, Section 6
ISO 14121
Risk estimation
Risk
evaluation of safety
design measures – Is the
machine
safe?
Source: EN ISO 12100; 5.3
no
yes
Risk
evaluation
of technical safety
measures–
Is the machine
safe?
• Human interaction during
whole life cycle
• Possible states of the
machine
• Unintended behaviour of
the operator or reasonably
foreseeable misuse
Design measures
e.g. inherent safety
Source: EN 12100-2, Section 4
• Preliminary hazard analysis
(PHA)
• WHAT-IF method
• Failure mode and effects
analysis, failure effects
analysis (FMEA)
• Failure simulation for control systems
• MOSAR procedure
• Fault tree analysis (FTA) –
DELPHI-Technique
Technical safety measures
and supplementary safety measures
Identify the safety function to be performed
Source: EN 1050, Appendix B
For each safety function specify the required
characteristics
Determining the required PLr
Design and technical implementation of the safety
function
Determining the PL
Category
MTTFd
DC
CCF
Risk reduction
Source: EN ISO 12100-1, 5.4
Source:
EN 1050, Section 5
ISO 14121
Specification of the machine
limits
• Use limits
• Space limits
• Time limits
For all safety functions
Risk analysis
Source: EN ISO 12100, 3.14
Determination of the limits
of the machinery
Source:
EN 1050, Section 7
ISO 14121
Risk evaluation
Source: EN ISO 12100-1, 5.3
Risk assessment
Source: EN ISO 1050/14121
Focusing on risk reduction
This guide is primarily concerned
with the area of risk reduction in
the form of technical safety
measures. We assume that all
possible design measures for
reducing risk have already been
explored.
When estimating the risk and
identifying the required performance level, the degree of risk
reduction is established.
Whether or not the required
risk reduction level has been
achieved for technical safety
measures depends on the following parameters:
Start
1) Control architecture
2) Mean Time To Failure (MTTFd)
3) Diagnostic coverage (DC)
4) Common Cause Failure (CCF)
In all cases, the performance
level (PL) must be equivalent to
at least the required PLr.
no
yes
PL ≤ PLr
no
yes
Source: DIN EN ISO 13849-1, 4.2 Figure 3
All possible
instructive
measures
used
no
User information on the machine and in the user
manual
Source: EN 12100-2, Section 6
yes
End
Source: Directive 2006/42/EC, Appendix I, 1)
10
11
Evaluating technical safety measures – determination of the performance level
Application 13849-1, step 1: Determining the required performance level
The figure shows the simplified
procedure for determining the
performance level (PL) of a safety function. The PL is a function
of categories B to 4, diagnostic
coverage “none to high”, various
MTTFd areas and the common
cause failure.
The graph for determining the
required performance level is
based on identifying the risk and
the resulting necessity for reducing this to an acceptable level.
Low risk results in PL = a
(minimal measures for risk
reduction).
High risk results in PL = e
(comprehensive measures for
risk reduction).
a
2
3
4
5
12
10–5 ≤ PFHd < 10–4
3 x 10–6 ≤ PFHd < 10–5
b
1
10–6 ≤ PFHd < 3 x 10–6
c
d
e
4
DC < 60%
none
2
Cat B
5
1
3
2
10–7 ≤ PFHd < 10–6
3
10–8 ≤ PFHd < 10–7
DC < 60% 60% ≤ DC 90% ≤ DC 60% ≤ DC 90% ≤ DC 99% ≤ DC
none
< 90%
< 99%
< 90%
< 99%
high
low
medium
low
medium
Cat 1
Cat 2
CCF not relevant
Risk graph: Which performance level is
required?
PL a to e
Designated architectures: How is the
control chain or safety function
structured? Cat B to 4
Cat 3
Cat 4
Evaluation
MTTFd
Low
3 years ≤ MTTFd < 10 years
Medium
High
30 years ≤ MTTFd ≤ 100 years
Source: DIN EN ISO 13849-1, Chapter 4.5.2
P1
a
P2
S1
b
P1
F2
P2
c
P1
F1
P2
S2
d
P1
F2
e
high risk
Technically speaking, PLr
(required) is a “nominal value”,
which is the minimum that
should be achieved by the real
structure.
Statements from EN 62061 are
also quoted here for a better
assessment of risks. The basic
principle of risk is always
evaluated in the same way: the
severity of the possible damage
and the probability that the
damage will occur.
Source: DIN EN ISO 13849-1, Appendix 1.2.3
Statements from other standards
DIN EN ISO 13849-1
EN 62061
S
Irreversible injury (4 points)
(death, loss of eye or arm)
Irreversible injury (3 points)
(broken limb, loss of finger)
Reversible injury (2 points)
(requires further medical attention from a doctor)
Reversible injury (1 point)
F
P
Diagnostic coverage:
Which dangerous failures are identified?
low risk
F1
P2
CCF ≤ 65%
Quality of components in the control
chain. Determining the MTTFd for the
entire process chain – from sensors to
actuators
Common cause failure (CCF): measures
to reduce CCF
Determination of the SIL = Safety Integrity Level
1
Determination the PL = Performance Level
The PL can be assigned to a specific SIL level. However, it is not
possible to infer the PL from the
SIL. Apart from the average probability of a dangerous failure
per hour, other measures are
needed to achieve a specific PL.
Determination of the MTTFd = mean time to failure (dangerous)
Severity of injury
S1
Slight (normally reversible injury)
S2
Serious (normally irreversible injury,
or death)
Frequency and/or exposure to hazard
F1
Seldom to less often and/or exposed time is
short
F2
Frequent to continuous and/or exposed
time is long
Frequency (with a duration > 10 min)
< 1 h (5 points)
> 1 h to < 1 day (5 points*)
> 1 day to < 2 weeks (4 points*)
> 2 weeks to < 1 year (3 points*)
> 1 year (2 points*)
* if exposure lasts less than 10 min, this can be reduced one level
Possibility of avoiding the hazard
Impossible (5 points)
P1
Possible under specific conditions
Rare (3 points)
P2
Scarcely possible
Probable (1 point)
DIN EN ISO 13849-1
Chapter 4.5.4
13
Safety function
Exhausting
Implementation 13849-1, step 2: Determination of the designated architechture
for category B
Category
Summary of requirements
System behaviour
B
• Safety-related parts of control systems must comply with the
applicable standards
• Fault tolerance: zero.
The occurrence of a fault can
lead to the loss of the safety
function
• Control system must be designed, built, selected, assembled and
combined to ensure that they withstand the expected influences
• Mainly characterised by
selection of components
Example
Entire control chain = cat. B
Cat. B*
Cat. 1
I
i
m
L
i
m
O
* Normal PLC control systems (not safety control systems) only achieve category B
14
15
Safety function
Exhausting
Control architecture of category 1
Category
System behaviour
1
• The requirements of B shall apply
• Fault tolerance: zero, but the
probability of occurance is
lower than for category B
I
i
m
EM
• The occurrence of a fault can
function
Hardware structure
Wiring
ERGEN
CY
• Well-tried components and well-tried safety principles
shall be used
Well-tried component:
a) Widely used in the past with successful results in similar
applications, or
b) Manufactured and verified using principles that
demonstrate its suitability and reliability for safety-related
applications
Example*
Entire control chain = cat. 1
S TOP
selection of components
L
i
m
O
*The example shows the schematic representation of a specific category. Depending
on the safety relay, the wiring may be different and the connections may have
different designations. A fault examination has to be carried out for each concrete
application.
16
17
Safety function
Exhausting
System behaviour
2
• Requirements of B and the well-tried safety principles shall apply
Example*
Hardware structure
Wiring
ERGEN
CY
• Fault tolerance: zero, but the
loss of the safety function is
• Safety-related parts of control systems must check safety functions
at suitable intervals by the machine control system: when the machi- detected by the check
ne starts up and before a hazardous situation arises, e.g. the start of • The occurrence of a fault can
a new cycle; at the start of other movements and/or periodically
during operation, if the risk assessment and the operation mode
function between the checks
show that this is necessary.
• Testing at suitable intervals
EM
Category
S TOP
(test frequency must fulfil one
hundred times the requirement
rate (safety function))
• Mainly characterised by structure
I
i
m
L
i
m
O
i
m
OTE
m
TE
on the safety relay, the wiring may be different and the connections may have
different designations. A fault examination has to be carried out for each concrete
application.
18
19
Safety function
Exhausting
System behaviour
3
• Requirements of B and the use of well-tried safety principles
• Fault tolerance: one
When a single fault occurs,
the safety function is always
performed
shall apply
• Whenever reasonably practicable, the single fault is detected
• Some but not all faults are
identified
Hardware structure
Wiring
ERGEN
CY
• Safety-related parts shall be designed so that
a single fault in any one of these parts does not lead to a loss of
the safety function, and
Example*
EM
Category
S TOP
• Accumulation of undetected
faults can lead to the loss of
the safety function
structure
I1
i
m
m
L1
i
m
O1
c
I2
i
m
m
L2
i
m
O2
on the safety relay, the wiring may different and the connections may have different
designations. A fault examination has to be carried out for each concrete
application.
Note: BGIA certification as a category 3 component as per DIN EN ISO 13849-1 has been
requested for MS6-SV.
20
21
Safety function
Exhausting
System behaviour
4
• Requirements of B and the use of well-tried safety principles
• Fault tolerance: one
When single fault occurs, the
safety function is always performed
shall apply
• Detection of accumulated
faults reduces the probability
of the loss of the safety function
Hardware structure
Wiring
ERGEN
CY
• Safety-related parts shall be designed so that
a single fault in any of these parts does not lead to a loss of
the safety function, and
• The single fault is detected at or before the next demand upon the
safety function, but that if this detection is not possible, an
accumulation of undetected faults shall not lead to the loss of the
safety function.
Example*
EM
Category
S TOP
• The faults will be detected in
time to prevent the loss of the
safety function
structure
I1
i
m
m
L1
i
m
O1
c
I2
i
m
m
L2
i
m
O2
on the safety relay, the wiring may be different and the connections may have different
designations. A fault examination has to be carried out for each concrete
application.
Note: BGIA certification as a category 3 component as per DIN EN ISO 13849-1 has been
requested for MS6-SV.
22
23
Implementation 13849-1, step 3: Determination of the Mean Time To Failure (MTTFd)
where:
Input
Input signal
Logic
Control signal
Outlet
Control signal
Formula for determining the
MTTFd value for a mechanical
element in a channel
MTTFd =
B10d
0.1 • nop
B10d [cycles] = mean number of cycles until 10% of components fail
dangerously
B10d = 2 x B10
Life time data based on the technical data sheet
B10
B10
Application data
MTTFd
MTTFd
MTTFd
N
1
1
______
= _______
MTTFd
i=1
MTTFd,i
MTTFd
Evaluation
MTTF
Low
Medium
10 years ≤ MTTFd <30 years
High
30 years ≤ MTTFd ≤ 100 years
Mean number of annual
actuations nop for the
mechanical element
d
Source: DIN EN ISO 13849-1, Chapter 4.5.2
Calculating the total MTTFd for
two different channels
nop =
dop • hop • 3600s/h
tcycle
MTTFd =
2
3
MTTFdC1 + MTTFdC2 –
hop [h/d]: mean operating hours/day
dop [d/anno]: mean operating days/year
tcycle [s]: mean cycle time
1
1
1
+
MTTFdC1
MTTFdC2
MTTFdC1 and MTTFdC2:
values for two different,
redundant channels. If the
MTTFd for a channel is more than
100 years, 100 years is used in
subsequent calculations.
The mean time to failure (MTTFd)
is initially determined for each
redundant channel. Next, a total
MTTFd value is determined for
both channels. This value is
given in years and is a qualitative statement of the safety function. In line with the applicable
standard, the technical safety
measure is assessed and given
one of three classifications: low,
medium or high.
24
25
Not relevant for this
component
Electrical power failure
Pressure failure
Pressure rise
Loosening of the piston/
piston rod connection
Failure of the end position
cushioning
Change of the detection or
output characteristics
Bending
Clogging (blockage)
Failure at the connector (e. g.
tearing off, leakage)
Unintended unscrewing of the
operating element of the setting
device
Change in the set value without
change to the setting device
Key
For proportional flow valves:
unintentional change in the
setting value
Spontaneous change in the setting
device
Change in the flow rate in the case
of non-adjustable, circular orifices
and nozzles
Change in flow rate without any
change in setting device
Bursting of the valve hosing/
moving component(s)/mounting/
housing screws
Change in the leakage flow rate
over a long period of use
Leakage
Products
Non-switching/
not switching back
Fault list
Change of switching times
This table shows a summary of
sources of fault related to pneumatics, taken from DIN EN ISO
13849-2. Under certain conditions, it is possible to exclude
faults.
The prerequisites for excluding a
fault are described in detail in
DIN EN ISO 13849-2.
Faults must be examined and
evaluated in the context of each
application to establish whether
the fault has a dangerous effect
on the safety function.
Depending on the construction
principle and the design of components, different results may
arise for different applications;
in other words, a specific product
may be suitable for one application but not for another.
The design engineer for the
installation is responsible for
checking this.
Spontaneous change of the initial
switching position (without an
input signal)
Implementation 13849-1, step 4: Determination of the diagnostic coverage (DC)
Freedom from defects
assured to some extent
for the component (see
DIN ISO 13849-2)
Directional control valves
Freedom from defects
not assured for this
component
Shut-off/non-return/quick
exhaust/shuttle valves
Flow control valves
DC average
Pressure limiting valves
DC2
DCN
DC1
+
+ ... +
MTTFd1 MTTFd2
MTTFdN
Pipework
DCavg =
1
1
1
+
+ ... +
MTTFdN
MTTFd1 MTTFd2
Tubing
Connecting pieces
Pressure intensifier and pressure
medium converter
Filter
DC1 =
(identified
dangerous fault)
(total
dangerous fault)
Lubricator
Silencer
Energy storage device
and reservoir
Sensors
Logic elements (AND/OR)
Delay elements
Transformers (pressure switch,
position switch and amplifier)
Cylinder
26
27
Implementation 13849-1, step 5: Determining Common Cause Failures (CCF)
Combination or series connection of SRP/CS to achieve an overall performance level
Common cause failure
No.
Measures against CCF
1
Separation/ Segregation
Physical separation between signal paths, e.g. separation in wiring/piping, sufficient clearances
and creep age distances on printed-circuit boards
Safety functions can be implemented using multiple SRP/CS
connected in series. The performance of each SRP/CS is either
determined by the user or, ideally, specified by the manufacturer
of the component in the technical data for the certified components.
To determine the total performance level, the number of the
lowest performance level has
to be identified and the overall
PL is determined using the
standard.
2
3
3.1
3.2
4
5
6
6.1
6.2
Diversity
Different technologies/design or physical principles are used, for example: first channel programmable electronic and second channel hardwired, kind of initiation, pressure and temperature.
Measuring of distance and pressure, digital and analog. Components of different manufactures
Design/application/experience
Protection against overvoltage, over pressure, over-current etc.
Components used are well-tried
Assessment/analysis
Are the results of a failure mode and effect analysis taken into account to avoid commoncausefailures in design.
Competence/training
Have designers/ maintainers been trained to understand the causes and consequences of
common cause failures?
Environment
Electromagnetic compatibility (EMC)
The system was checked for EMC immunity
(e.g. as specified in the relevant product norms)
Other factors
Have the requirements for immunity to all relevant environmental influences such as temperature,
shock, vibration, humidity (e.g. as specified in relevant standards) be considered?
Total
Measures for avoiding CCF
Meets the requirements
Process failed; choose additional measures
Which common cause failures
can arise? The measures against
these failures should be recorded in a grid. Only the
complete number of points or no
Score S
15
20
15
5
5
User design
Using certified
components
User design
Using certified
components
Actuators
User design
Architecture
selection
Architecture
selection
MTTF
B10 value
MTTF
B10 value
MTTF
B10 value
Application
data n
Application
data n
Application
data n
Diagnostic
coverage
0 ... 99%
Diagnostic
coverage
0 ... 99%
Diagnostic
coverage
0 ... 99%
CCF value
common cause
failure
CCF value
common cause
failure
CCF value
common cause
failure
d
d
op
PL a, b, c, d or e
Using certified
components
d
op
op
PL a, b, c, d or e
PL a, b, c, d or e
PL a, b, c, d or e
PL a, b, c, d or e
5
25
Partial result
Sensors
Partial result
Logic
Partial result
Actuators
10
determined by the mechanical engineer
specified by the manufacturer
Simplified calculation of PL for
series allignment of Safeyrelated Part of control Systems
In a series connection, the
number of the lowest PL is determined. This result can be used
to determine the total PL from
the table.
Lowest PL
PLlow
a
b
c
d
e
28
Logic
Architecture
selection
PL a, b, c, d or e
[max. possible: 100]
Total S score
65% or better
less than 65%
points may be claimed for each
listed measure. If a measure is
only partially fulfilled, it receives
zero points.
Sensors
PL
Number of lowest PL
Nlow
,3
>ˆ3
,2
>≤2
,2
>≤2
,3
>≤3
,3
>≤3
Entire system
PL
not permitted
a
a
b
b
c
c
d
d
e
29
4 operation modes – 10 safety functions
Pressurising
Reducing pressure
and force
Maintaining
pressure
Exhausting
Initial position,
standstill
• Initial position/standstill
• Normal operation
• Set-up and service operation
• Emergency operation
Set-up and
service operation
Normal operation
Two-hand
operation
Emergency operation
Reducing speed
30
Free of forces
During the risk assessment, the
hazardous situation also has to
be determined and, subsequently, the risks have to be
evaluated. This applies to a
machine’s entire service life.
The following four operating
modes in particular are used for
operating a machine:
Stopping, holding and
blocking a movement
Specific safety functions can be
derived from these operation
modes:
• Pressurising of machines
• Maintaining pressure
• Reducing pressure and force
• Exhausting of machines
• Two-hand operation
• Tamper-proof
• Reducing speed
• Free of forces
• Stopping, holding and blocking
a movement
• Reversing a movement
You can find these safety functions both in the suggested circuits and in the products and
solutions. The information specified always refers to very specific safety functions.
This will enable you to quickly
decide whether the information
is relevant to your current task,
both in the sample circuits and
in the products.
Tamper-proof,
prevention of
unexpected
starting up
Reversing
a movement
31
Examples of safety-orientated pneumatics
The varying requirements and areas of application for installations mean that the results of risk
analyses are very variable – as are the solutions for them. Here we present some important examples.
32
Picking & Placing discrete
goods
Power-driven interlocking
guards
Safety for pressing, joining and
setting procedures
In progress: safety during
setting-up
Safety measures
1. Prevention of unexpected
start-up, as per EN 1037
2. Two-channel stop, as per
EN ISO 13849-1
3. Stop category “1” as per
EN 60204-1
Safety measures
2. Single-channel for safety function exhausting, as per
EN ISO 13849-1
3. Stop category “1” as per
EN 60204-1
Safety measures
2. Single-channel reversing,
as per EN ISO 13849-1
3. Unpowered state using
stop category “1” as per
EN 60204-1
Safety measures
2. Single-channel run at
reduced speed,
as per EN ISO 13849-1
33
Safety function
Two-hand operation
Safety function
Two-hand operation
Sample circuit diagram – two-hand control block
Sample circuit diagram – double two-hand control block
Description
The control block for two-hand
start ZSB 1/8 is a pneumatic
AND gate. If inputs 11 and 12
are pressurised within a
max. of 0.5 s of each other, the
assembly switches through and
there is an output signal at
port 2.
Control chain
Description
If pressure switch DR1 displays
the minimum operating pressure
and the two pushbuttons WV5
and WV6 are actuated, both
two-hand control blocks (WV3
and WV4) switch through. This
reverses the WV1 and WV2
power valves and the piston rod
extends.
one-way flow control valve screwed in cylinder
safety relevant
safety relevant
safety relevant
The system is controlled by two
external 3/2-way push-button
valves. If both push-button
valves are activated, outlet
port 2 is pressurised. If one or
both pushbuttons are released,
outlet port 2 is unpressurised.
The system exhausts from 2 to 3.
Part no.
3527
Identifier
WV1
Type
ZSB-1/8
6817
6817
9270
WV2
WV3
DR
SV-3-M5
SV-3-M5
VD-3-PK-3
Function
Control architecture
Number of channels
Diagnostic coverage
Performance level
CCF
34
Product designation
Control block for
two-hand start
Front panel valve
Front panel valve
Pressure sequence valve
Description (max. possible)
Cat. 2
1
Medium
d
> 65%
Safety function
Reversing
Note
All the information that relates
to standards is identified with
“max. possible”. Whether the
values are reached does not only
depend on the pneumatics.
It is only possible to assess
whether a specific function is
achieved or not by observing
the complete system. The design
of the electrical engineering,
mechanics, hydraulics and pneumatics all play a role.
If only one of the two power
valves reverses, the piston rod
remains retracted. If the piston
rod extends and one power valve
is reset by the integrated spring,
the piston rod retracts again.
The working lines to the bearing
1m
hose
Part no.
9270
161061
3527
184135
Identifier
DR1
KS1
SP1
Product designation
Pressure sequence valve
Any drive
One-way flow control
valve
SP2
One-way flow control
valve
WV1, WV2 VL-5/2-D-01-FR 5/2-way valve
WV3, WV4 ZSB-1/8
Control block for twohand start
WV5, WV6 SV/O-3-PK-3x2 Front panel valve
Function
Number of channels
Diagnostic coverage
Performance level
CCF
Type
VD-3-PK-3
cap side of the cylinder are
safety-related; in other words,
they play a decisive role in the
function and, by extension,
safety.
If one of these lines is kinked or
clogged, the cylinder does not
receive the pressure it requires
to travel to its retracted position.
This should be noted when
laying the working lines, for
example, in energy chains.
If one of the power valves fails,
there is an “acoustic” fault
alarm caused by venting at on
one of the silencers.
Note
values are reached does not
depend only on the pneumatics.
achieved or not by observing the
complete system. The design of
the electrical engineering,
Cat. 3
2
Medium
d
> 65%
35
Safety function
Exhausting
Safety function
blocking a movement
Sample circuit diagram – exhausting via non-return valves
Description
Directional control valves WV1
and WV2 are responsible for the
normal operating function. If
there is no current, they are in
their initial position and exhaust
the installation. To make it possible to retract and extend the
cylinder, WV3 has to exert pressure on both non-return valves
(SP1 and SP2).
In this case, the two non-return
valves do not affect normal
operation.
If both non-return valves (SP1
and SP2) are exhausted, cylinder
KS1 can also be exhausted via
the non-return valves.
Identifier
KS1
DS1
SP2, SP1
WV3, WV2, WV1
Type
e.g. HGL, H, HA, HB
e.g. CPE, MHE, MFH
Function
Number of channels
Diagnostic coverage
Performance level
CCF
36
Product designation
Any drive
Any pressure switch
Non-return valve
Solenoid valve
Cat. 3
2
Medium
d
> 65%
Sample circuit diagram – pneumatic holding using stop valves
Description
The cylinder can be held
pneumatically via two different
channels.
Channel 1 is created by stop
valve WV1. When not actuated
(mid-position), the valve is
closed; in other words, if the
electrical power is switched off,
WV1 switches to its spring
centred mid-position and the
cylinder is held pneumatically.
The second channel is created
by the two stop valves (WV3 and
WV4) and actuating valve WV2.
When not actuated, WV2 is
exhausted and switches the
two stop valves to the closed
position. The two stop valves
create the second channel for
pneumatic holding.
These make up the second
channel for exhausting the drive.
It is important to note that the
two non-return valves also need
a differential pressure in order to
exhaust. This differential is
application specific.
Note
Part no.
910445
Identifier
KS1
DS1
DR1, DR2
WV1, WV2
WV3, WV4
Function
Number of channels
Diagnostic coverage
Performance level
CCF
Type
Any drive
Any pressure switch
GR...
CPE..., MH...,MFH..., VSVA...
VL-2-1/4-SA3919
Cat. 3
2
Medium
d
> 65%
Note
37
Safety function
blocking a movement
Sample circuit diagram – mechanical and pneumatic holding
Description
The safety function “stopping a
movement” is implemented both
pneumatically and mechanically
(diversified) in this circuit.
Assuming that both the mechanical brake and the pneumatic
holding in the application are
sufficient to fulfil the “stopping a
movement” safety function, this
is a two-channel system.
Sample circuit diagram – servopneumatics
Description
For implementation of the
following safety measures:
• Protection of unexpected
(two-channel design)
-> possible: performance level
“d”, as per EN ISO 13849-1
• Single-channel “exhausting”
safety measure, as per
EN ISO 13849-1
“d”, as per EN ISO 13849-1*
• Stop category “0” as per
EN 60204-1
The second channel is controlled
via the mechanical brake by
WV2. When exhausted, the
brake is activated and it holds
the piston rod. It is important to
note that a brake is used here,
and not a retaining device.
Channel 1 is implemented via
WV1. In the mid-position (dead),
the valve is closed and the
cylinder stops.
Identifier
DS1
ST1, ST2
KS1
WV1, WV2
Type
Product designation
Any pressure switch
GR...
Flow control valve
DNCKE.., DNCKE..-S, KEC.., KEC..-S Cylinder
CPE.., MH.., VSVA.., MFH..
Directional control
valve
Function
Number of channels
Diagnostic coverage
Performance level
Max. possible CCF
Cat. 3
2
Medium
d
> 65%
Safety function
Tamper-proof, prevention of
unexpected starting up
Safety function
Exhausting
Note
achieved or not by observing
the complete system. The design
of the electrical engineering,
mechanics, hydraulics and
pneumatics all play a role.
Part no.
163380
9517
9517
11689
188510
188510
151694
Type
DNC-50-500-PPV-A
GRU-1/4-B
GRU-1/4-B
H-1/4-B
MFH-5/2-D-1-FR-S-C
MFH-5/2-D-1-FR-S-C
MPYE-5-1/4-010-B
542897
SDE5-D10-FP-Q6E-P-M8
Product designation
standard cylinder
flow control/silencer
non-return valve
solenoid valve
solenoid valve
proportional directional
control valve
pressure switch
*Requires appropriate diagnostics
(e.g. additional evaluation of the signal
change at the pressure switch)
38
The cylinder can move
depending on its position
during exhausting.
39
Safety function
Tamper-proof, prevention
of unexpected starting up
Safety function
Safety function
Exhausting
Description
• Prevention of unexpected
EN ISO 13849-1-> possible:
performance level “d”, as per
EN ISO 13849-1*
EN 60204-1
Description
> possible: performance level
EN ISO 13849-1
EN 60204-1
Part no.
163380
151694
Type
DNC-50-500-PPV-A
MPYE-5-1/4-010-B
542897
7802
161082
161082
9517
9517
11689
MFH-3-1/8
VL-5/2-D-02-FR
VL-5/2-D-02-FR
GRU-1/4-B
GRU-1/4-B
H-1/4-B
Product designation
standard cylinder
control valve
pressure switch
solenoid valve
pneumatic valve
pneumatic valve
non-return valve
40
Safety function
Stopping
a movement
The cylinder can move
depending on its position
during exhausting.
Part no.
163380
151694
Type
DNC-50-500-PPV-A
MPYE-5-1/4-010-B
542897
11689
188510
188510
H-1/4-B
MFH-5/2-D-1-FR-S-C
MFH-5/2-D-1-FR-S-C
Product designation
standard cylinder
control valve
pressure switch
non-return valve
solenoid valve
solenoid valve
Pneumatic residual energy in
the system.
41
Safety function
Stopping
a movement
Safety function
Safety function
Safety function
Reversing
Description
• Two-channel “stop” safety
measure, as per EN ISO
13849-11* -> possible:
performance level “d”, as per
EN ISO 13849-1
Part no.
163380
542897
151694
Type
DNC-50-500-PPV-A
MPYE-5-1/4-010-B
7802
161082
161082
11689
MFH-3-1/8
VL-5/2-D-02-FR
VL-5/2-D-02-FR
H-1/4-B
Description
• Single-channel “reversing”
EN ISO 13849-1
Product designation
standard cylinder
pressure switch
control valve
solenoid valve
pneumatic valve
pneumatic valve
non-return valve
42
Safety function
Reducing the speed
Pneumatic residual energy in
the system.
Part no.
163380
175042
11689
11689
188510
188510
151694
Type
DNC-50-500-PPV-A
GRLO-M3-QS-3
H-1/4-B
H-1/4-B
MFH-5/2-D-1-FR-S-C
MFH-5/2-D-1-FR-S-C
MPYE-5-1/4-010-B
542897
• Single-channel “reduced
speed” safety measure, as per
EN ISO 13849-1
-> possible: performance
level "d", as per
EN ISO 13849-1*
Product designation
standard cylinder
flow control valve
non-return valve
non-return valve
solenoid valve
solenoid valve
control valve
pressure switch
43
Safety function
Safety function
Reversing
Safety function
Reducing speed
Servopneumatics – key features at a glance
Description
“d”, as per EN ISO 13849-1 *
• Single-channel “reversing”
EN ISO 13849-1
Part no.
163380
175042
11689
11689
151016
151694
Type
DNC-50-500-PPV-A
GRLO-M3-QS-3
H-1/4-B
H-1/4-B
MFH-5/2-D-1-FR-C
MPYE-5-1/4-010-B
542897
161082
161082
VL-5/2-D-02-FR
VL-5/2-D-02-FR
Product designation
standard cylinder
flow control valve
non-return valve
non-return valve
solenoid valve
control valve
pressure switch
pneumatic valve
pneumatic valve
• Single-channel “reduced
speed” safety measure, as per
EN ISO 13849-1
• Stop category “1”, as per
EN 60204-1 (however, no sensing of speed “0”, instead the
reduced speed starts after a
set time)
Servopneumatics – a drive technology with its own areas of
application. Servopneumatics
differs from standard pneumatics in that it supports travel to
any desired position with maximum dynamic response and the
ability to cope with high forces
safely. It permits innovative and
cost-effective drive solutions.
Free positioning using servopneumatics is particularly useful
in scenarios that demand com-
pact and cost-effective solutions
where the loads to be moved
are typically in excess of 10 kg
and accuracy of a few tenths of
a millimetre is sufficient.
Rule of thumb: the overall costeffectiveness of a servopneumatic solution is higher the
heavier the load to be moved
(however there is a limit after
which the dynamic response will
be affected).
Electrical terminal CPX with
positioning module CMAX
Pneumatic linear drive unit with
integrated displacement encoder DGCI
Proportional valve VPWP
44
45
Safety function
blocking a movement
Products for safety engineering
Braking units DNCKE-S, KEC-S
Complete safety – products
Everything from a single source:
our aim – in the field of safety
technology as elsewhere – is to
provide and implement solutions
for every safety task in the form
of components or systems.
Technical data
On the following pages you will
find our range of products, together with brief descriptions of
their function and application
ranges. For additional information, consult the electronic
catalogue on CD-ROM or online
at www.festo.com/catalogue
NDiameter
40, 63, 100 mm
TStroke length
10 ... 2000 mm
OHolding force
NDiameter
of the round material to be
clamped
16 ... 25 mm
OHolding force
1300 ... 8000 N
Description
• Holding force of the clamp
is larger than the cylinder’s
max. permissible feed force
• For use in category 1 control
systems, as per DIN EN 954-1
(“reliable component”) If used
in higher categories, further
technical control measures
need to be taken
• Certified by the Institute
for Occupational. Safety and
Health (BGIA) for use in safetyoriented control systems
• CE mark as per EU machinery
directive
1300 ... 8000 N
If you have any further questions, please consult your Festo
sales engineer, who will be
happy to help.
Function
Order code
Part no.
526482
526483
526484
538239
538240
538241
527492
527493
527494
538242
538243
538244
46
Use
• As a holding device (static
application)
– Holding and clamping in the
event of power failure
– Protection against pressure
failure and pressure drop
– Holding the piston rod during
intermediate stops, for
operative procedures in a
process
• As braking device
(dynamic application)
– Braking or stopping movements
– Suspension of a movement
if a danger area is entered
Type
DNCKE-40--PPV-A
DNCKE-63--PPV-A
DNCKE-100--PPV-A
DNCKE-40--PPV-A-S
DNCKE-63--PPV-A-S
DNCKE-100--PPV-A-S
KEC-16
KEC-20
KEC-25
KEC-16-S
KEC-20-S
KEC-25-S
Certification
BGIA certified
BGIA certified
BGIA certified
BGIA certified
BGIA certified
BGIA certified
47
Safety function
blocking a movement
Safety function
blocking a movement
Clamping unit KP, KPE
Clamping unit for short-stroke cylinders
Selection
Clamping cartridge KP
Clamping unit KPE
DNC-...-KP
Technical data
N
Diameter of the round
material to be clamped
4 ... 32 mm
O Static holding force
80 ... 7500 N
N
4 ... 32 mm
80 ... 7500 N
N
4 ... 32 mm
80 ... 7500 N
Description
• For customer-built clamping
units
• Ready-to-install combination
of clamping cartridge KP and
housing
• Various mounting options
• Holding or clamping the piston
rod in any position
• Holding the piston rod for long
periods of time, even under
changing loads, fluctuations or
leakage
Description
• Holding or clamping the piston
rod in any position
• Holding the piston rod for long
periods of time, even under
changing loads, pressure
fluctuations or leakages
Technical data
Function
N Diameter
20 ... 100 mm
T Stroke length
10 ... 500 mm
Function
350 ... 5000 N
Order code
Order code
Part no.
178455
178456
178457
178458
178459
178460
178461
178452
178453
178454
48
Type
KP-10-350
KP-12-600
KP-16-1000
KP-20-1400
KP-20-2000
KP-25-5000
KP-32-7500
KP-4-80
KP-6-180
KP-8-350
Part no.
178465
178466
178467
178468
178469
178470
178462
178463
178464
Type
KPE-10
KPE-12
KPE-16
KPE-20
KPE-25
KPE-32
KPE-4
KPE-6
KPE-8
Part no.
163302
163334
163366
163398
163430
163462
163494
DNC-KP Stroke
[mm]
Ø32
10-2000
Ø40
10-2000
Ø50
10-2000
Ø63
10-2000
Ø80
10-2000
Ø100
10-2000
Ø125
10-2000
Part no.
548206
548207
548208
548209
548210
548211
548212
548213
Type
ADN-20-...-KP
ADN-25-...-KP
ADN-32-...-KP
ADN-40-...-KP
ADN-50-...-KP
ADN-63-...-KP
ADN-80-...-KP
ADN-100-...-KP
KP type
KP-10-350
KP-10-350
KP-12-1000
KP-16-1400
KP-20-1400
KP-20-2000
KP-25-5000
KP-25-5000
49
Safety function
blocking a movement
Safety function
blocking a movement
Mini slide DGSL unit with clamping unit or end position locking
Use
• Clamping unit
– Mechanical clamping
– For fixing the slide in any
position
– Frictional locking
– Clamps with frictional
locking at any position
– Clamping via spring force,
released via compressed air
Technical data
NDiameter
End position locking …-EL
• End position locking
– Mechanical locking when
the end position is reached
– For fixing the slide in the
unpressurised, retracted
state
– Positive locking
– Locks with positive locking
in the retracted end position
only
– Locking via spring, unlocked
via compressed air
Function
C clamping unit
E3 end position locking
DNC-...-A-...-EL
Technical data
N
N
T Stroke length
TStroke length
Diameter
32 ... 100 mm
10 ... 2000 mm
6 ... 25 mm
L Pressure
3 ... 8 bar
50
Diameter
20 ... 100 mm
10 ... 500 mm
Description
• Mechanical locking when the
end position is reached
• Locking is automatically
released only when pressure is
applied to the cylinder
• End position locking at one or
both ends
Order code
Part no.
163302
163334
163366
163398
163430
163462
Type
DNC-32-EL
DNC-40-EL
DNC-50-EL
DNC-63-EL
DNC-80-EL
DNC-100-EL
Stroke [mm]
10-2000
10-2000
10-2000
10-2000
10-2000
10-2000
Function
80 ... 600 N
Order code
Part no.
543903
543904
543905
543906
543907
543908
543909
ADN-...-EL
Type
DGSL-6
DGSL-8
DGSL-10
DGSL-12
DGSL-16
DGSL-20
DGSL-25
Part no.
548214
548215
548216
548217
548218
548219
548220
548221
Type
ADN-20-EL
ADN-25-EL
ADN-32-EL
ADN-40-EL
ADN-50-EL
ADN-63-EL
ADN-80-EL
ADN-100-EL
51
Safety function
Two-hand operation
Safety function
Two-hand operation
Two-hand control block ZSB
Technical data
SV/O front panel valve
Description
• Category 3 as per DIN EN ISO
13849-1 can be reached with a
suitable control architecture.
• Max. possible performance
level = d
As intended, the control block
for two-hand start enables
triggering of a control signal with
both hands simultaneously
(synchronous) over two separate
push-button valves.
This ensures that both of the
operator’s hands are outside
the machine’s danger area. The
product is a safety component
in line with the EC machinery
directive. The ZSB 1/8 control
block for two-hand start corresponds to type IIIA, according to
DIN EN 574, and category 1,
according to DIN EN
ISO 13849-1.
Function
Sample circuit
2
MFlow rate
Control chain
3
up to 50 l/min
1
1
3 ... 8 bar
Technical data
Function
MFlow rate
Function
Key actuator Q with key
The key actuator can only be
operated with the key.
The key can be removed in both
switching positions.
LPressure
0 ... 8 bar
QTemperature range
QTemperature range
-10 ... 60 °C
52
Mushroom actuator PS
The actuator is unlocked by
turning the detent ring on the
mushroom head.
Mushroom pushbutton with
detent PRS
After pressing the pushbutton, it
can only be unlocked using a
key. The key can be removed in
both switching positions.
0 ... 70 l/min
LPressure
Order code
Part no.
3527
Description
• Use:
– two-channel directional
control valve for use in front
panels
– Suitable for higher category
control systems
– Can be combined with
various actuator attachments
-10 ... +60 °C
Type
ZSB-1/8
Certification
CE certified
Order code
Part no.
184135
Type
SV/O-3-PK-3x2
53
Safety function
blocking a movement
Safety function
Tamper-proof flow control valve GRLA-…-SA
Stop valve VL-2-1/4-SA
Description
• Setting a defined flow rate
• A spring pin protects against
unauthorised resetting of the
volumetric flow rate
• Impossible to change the flow
control valve’s setting with
standard tools – thanks to the
spring pin protection
• Six different sizes from M5
to 3/4"
Technical data
MFlow rate
Function
2
0 ... 2500 l/min
1
Function
L Pressure
-20 ... 80 °C
Order code
Part no.
25025
-10 ... +60 °C
54
Technical data
Q Temperature range
QTemperature range
Order code
Part no.
539717
539661
539662
539715
539716
539714
Surface for additional safety
label from the system’s
manufacturer or fitting company
0 ... 10 bar
L Pressure
0.2 ... 10 bar
Description
• Stop valve for blocking the
flow in a cylinder (supply/
exhaust air) in both directions.
A control signal opens the
closed ports
• Design: poppet valve controlled via a swivel connection
• Tube fitting (thread G1/4)
• Port G1/4
• Nominal diameter Ø 4 mm
Type
VL-2-1/4-SA3919
Type
GRLA-M5-B-SA218543
GRLA-1/8-B-SA218543
GRLA-1/4-B-SA218536
GRLA-3/8-B-SA18541
GRLA-1/2-B-SA218540
GRLA-3/4-B-SA218542
55
Safety function
Safety function
Shut-off valves: European version
Shut-off valve HE-LO: US standard
Description
• Shut-off valve for shutting off
and exhausting pneumatic
systems. Can be shut off a
max. of 6 times in the closed
(exhausted) state
• Padlocks prevent unauthorised
starts
• For systems that require pneumatic shut-off, e.g. during
maintenance or repair work.
The valve is integrated into the
air supply lines
• Any mounting position
Technical data
Function
M Flow rate
3100 ... 6000 l/min
Greater safety: lockable
When closed, the valve can be
locked using a padlock. This
makes it impossible to supply an
inoperative system (e.g. during
maintenance work) with air
without authorisation.
L Pressure
-10 ... +60 °C
O Max. actuating force
56
Function
Greater safety: lockable
When closed, the valve can be
locked using a padlock. This
makes it impossible to supply an
inoperative system (e.g. during
maintenance work) with air
without authorisation.
MFlow rate
5200 ... 12000 l/min
1 ... 10 bar
Note
The shut-off valve cannot be
used as an emergency-stop
valve.
QTemperature range
-10 ... +60 °C
OMax. actuating force
90 N
• PWIS-free
Technical data
Hazardous Energy” from the US
Department of Labor. Pressing
the actuating button closes the
passage from 1 to 2 and opens
the passage from 2 to 3.
The maximum exhaust flow is
achieved by holding the actuating button in its end position
until the downstream system is
completely exhausted.
L Operating pressure
0 ... 16 bar
Q Temperature range
Description
• Valve for shutting off the compressed air supply whilst
simultaneously exhausting
systems powered by compressed air
• Pneumatic shut-off during
maintenance or repair work
• Fulfils the US Department of
Labor’s requirements
The valve is installed in the air
supply lines and fulfils the requirements set out in
OSHA 29 CFR 147 “Control of
Use
Shutting off the compressed air
supply whilst simultaneously
exhausting systems powered
by compressed air. Pressing
the actuating button closes the
passage from 1 to 2 and opens
the passage from 2 to 3.
The maximum exhaust flow is
achieved by holding the actuating button in its end position
until the downstream system is
completely exhausted.
Note
The shut-off valve cannot be
used as an emergency-stop
valve.
90 N
Order code
Part no.
187026
187027
187028
186688
186689
Type
HE-3/8-D-MIDI-NOT-SA
HE-3/4-D-MAXI-SA
HE-1-D-MAXI-SA
Order code
Part no.
197136
197135
197134
197133
197132
197131
197130
197129
Type
HE-G1-LO
HE-G3/4-LO
HE-G1/2-LO
HE-G3/8-LO
HE-N1-LO
HE-N3/4-LO
HE-N1/2-LO
HE-N3/8-LO
57
Safety function
Pressurising
Safety function
Exhausting
On-off valve with piston position sensing
Safety function
Exhausting
Pressure build-up and exhaust valve, type MS 6-SV
Description
• Electric on-off valve for pressurising and exhausting pneumatic systems
• With solenoid coil, without
plug socket
• 3 voltage ranges can be
selected
• Direct position sensing for the
piston spool
• Can be used in circuits with a
higher diagnostic coverage
• Senses position, not pressure
• Single-channel
Sensors from Festo
Standard sensors with reed contacts for T-slots can be used: type
SME-8M, SMT-8M, SME-8, SMT-8
Technical data
Function
Description
• Exhaust reliably quickly in
safety-critical areas of the
system, e.g. during
an emergency stop
• Provides greatest possible
machine availability thanks to
reliable processes
• Institute for Occupational
Safety and Health (BGIA)
certification as per
DIN EN 13849-1, Category 4
• Quick exhaust for fast pressure
reduction
• Exhaust rate is one and a half
times the pressurising rate
• Switching output non-contacting or with reed contact
• Various mounting and connection options
• Heat resistant and corrosion
resistant designs
• Versions free of copper or PTFE
Please note: sensors are ordered
separately.
Technical data
Voltage
24 V DC
P
L
Pressure
2.5 ... 16 bar
12
PVoltage
2
1
24 V DC
3
Temperature range
L Pressure
3,5 ... 10 bar
• Continuous sensing of the
function for fast exhausting at
any time
• Switch-on and pressure buildup functions integrated into
the exhaust valve
start-up (two-channel
control)
• Compact design
• Internal evaluation of the
piston position sensing
Function
MFlow (exhaust)
up to 9000 l/min
QTemperature range
-10 ... +50 °C
12
2
1
3
MFlow (pressurise)
Q-10 ... +60 °C
up to 6000 l/min
Order code
Part no.
533537
548535
58
Type
HEE-D-MIDI-...-SA207255
HEE-D-MAXI-...-SA217173
Order code
Part no.
548713
548714
548715
548717
Type
MS6-SV-D
MS6N-SV-D
MS6-SV-D-1/2-10V24-AG
MS6-SV-D-1/2-10V24-SO-AG
59
Safety function
Exhausting
Safety function
Exhausting
Safety silencer, type UOS-1
Valve block for “reliable exhausting” of sub-systems
Description
• The UOS silencer combines
the advantages of a standard
silencer and those of an open
silencer: large flow with low
noise level and a compact
design
• For “reliable exhausting” as
per DIN EN ISO 13849-1
• Suitable for use with the
MS6-SV valve
• Design: open
• Port: 1”
• PWIS free
Technical data
Function
Description
• Pre-installed, operationally
integrated tested solution
• Number of channels: 2
• Diagnostic coverage
DC = medium (integrated fault
diagnostics)
• PLmax = e
• Air quality: 40 μm unlubricated
• Protected against unintentional start-up (two-channel).
If the two solenoid coils are
activated simultaneously, the
compressed air is switched on
Contamination in the system
can block standard cylinders.
The consequence: increased
back pressure, which leads to
increased exhaust times in the
system. This is prevented with
this silencer, due to its special
design.
Dangerous cylinder movements
can lead to injury to people and
machines.
Technical data
Function
PVoltage
L Pressure
0 ... 10 bar
12
24 V DC
LPressure
Q Temperature range
-10 ... +50 °C
2
1
• Ports ISO 1: QS8
• Ports ISO 3: QS12
• Optional extension of the permissible time window for electric actuation (approx. 10 ms)
by connecting additional
volumes (for each 0.5 l
-> approx. 0.5 sec.)
• Safe exhausting (two-channel)
of pneumatic port A when one
of the two coils is turned off
• Switching position sensing of
the directional control valves
in their initial position using
auxiliary pilot air for the other
directional control valve protects against an uncontrolled
restart and prevents a dangerous state
3
3 ... 8 bar
QTemperature range
0 ... +40 °C
Order code
Part no.
552252
MFlow rate ISO 1:
Type
UOS-1
500 Nl/min
MFlow rate for ISO 3:
1500 Nl/min
Order code
Part no.
549146
550521
60
Type
ISO 1 valves
ISO 3 valves
Flow rate
500 Nl/min
1500 Nl/min
submitted
61
ISO valves in accordance with 5599-1 with position sensing of the piston spool
Description
• The position of the piston
spool is sensed directly
• Senses position, not pressure
• Suitable for circuits with a
higher diagnostic coverage
• Suitable for higher category
circuits as per
DIN EN ISO 13849-1
ISO valves in accordance with 15407-2 with switching position sensing
Sensors from Festo
Standard sensors with reed
contacts for T-slots can be used:
type SME-8M, SMT-8M, SME-8,
SMT-8
• Switching output contactless
or via reed contacts
• Various mounting and connection options
• Heat resistant and corrosion
resistant designs
• Versions free of copper or PTFE
Description
• Solenoid valve as per
ISO 15407-1, plug form C, for
individual electrical connection
• Solenoid valve as per
ISO 15407-2, for use with
valve terminal VTSA
• Valve function: 5/2-way valve
• ISO size 01, other sizes on
request
• Width 26 mm
• The piston spool’s initial
position is monitored by a
proximity sensor
• For higher category control
architectures
• Proximity sensor with M8 port
Type
VSVA-B-M52-MZD-A1-1T1L-APC
Version
Size 01, 5/2RF, plug-in valve,
with PNP sensor and cable
with PNP sensor and M8 plug
Size 01, 5/2RF, CNOMO valve,
with PNP sensor and cable
with PNP sensor and M8 plug
with NPN sensor and cable
with NPN sensor and M8 plug
with NPN sensor and cable
with NPN sensor and M8 plug
Please note: sensors are ordered
separately.
Technical data
MFlow rate
1200 ... 4500 l/min
LPressure
Technical data
Function
14
4
5 1
Order code
Part no.
560723
PVoltage
2
24 V DC
3
L
3 ... 10 bar
Pressure
3 ... 10 bar
QTemperature range
QTemperature range
PVoltage
M
-10 ... +50 °C
Flow rate
1100 l/min
560725
VSVA-B-M52-MZH-A1-1C1-APC
560726
VSVA-B-M52-MZH-A1-1C1-APP
560742
VSVA-B-M52-MZD-A1-1T1L-ANC
560743
VSVA-B-M52-MZD-A1-1T1L-ANP
560744
VSVA-B-M52-MZ-A1-1C1-ANC
560745
VSVA-B-M52-MZ-A1-1C1-ANP
Function
Type
MDH-5/2-D1-FR-S-C-A-SA27102
14
4
5 1
62
VSVA-B-M52-MZD-A1-1T1L-APP
-5 ... +50 °C
24 V DC
Order code
Part no.
185994
188005
188006
560724
2
3
63
Safety function
Stopping, holding and blocking
a movement (mechanically)
Safety function
Safety function
Reversing
ISO terminal for controlling presses
Description
Valve terminal with multiple
connector plate/fieldbus connection as per ISO 15407-2
• Vertical stacking plus two
sensor valves
• Pressurising/exhausting via
linked standard VTSA valves
Valve terminal, consisting of
24 V DC multi-pin plug connector
with cable, a series manifold,
right-hand end block, double
vertical stacking and 2 VSVA
plug-in valves, width 26 mm,
with piston position sensing by
inductive PNP proximity sensor,
size M8, and plain cable end and
covered manual override. The
valves are pneumatically interlinked via the vertical stacking
plate using two channels (port 2
is connected in parallel, port 4
inline).
Technical data
PVoltage
24 V DC
L Pressure
3 ... 10 bar
ISO valve for lifting and semi-rotary cylinders
QTemperature range
-5 ... +50 °C
MFlow rate
Valve manifold with individual
electrical connection as per
ISO 15407-1
• Double connecting plate plus
two sensor valves with C shape
plug pattern
Valve block comprising a double
sub-base and two VSVA valves,
width 26 mm, with piston position sensing via inductive PNP
proximity sensor, size M8, and
plain cable end.
24 V DC pilot valve with electrical interface, C shape, and
covered manual override. The
valves are pneumatically interlinked via two channels in the
connecting plate (port 2 is connected in parallel, port 4 inline).
Technical data
Description
• For lifting and semi-rotary
cylinders in the automotive
industry
PVoltage
24 V DC
L Pressure
Use
• Self-holding and subsequent
pressure supply in both end
positions
• During the stroke, the cylinder
needs to be held under pressure in the event of an emergency (e.g. if someone steps
on a safety shut-off mat)
3 ... 10 bar
range
QTemperature
-5 ... +50 °C
MFlow rate
1000 l/min
Order code
Part no.
560728
Function
Type
VSVA-B-P53AD-H-A1-1T1L
Function
• Valve function: 5/2-way valve
• ISO size 01
• Position sensor with M8 port
• Valve width 26 mm
Function
Normal operation
Retract clamping
device
The clamping device is retracted via
the 5/2 WV
Extend clamping
device
The clamping device is extended via
the 5/2 WV
Clamping device in
end position
The end positions remain
pressurised
Order code
569820
Code letter
Code letter
submitted
64
Type
VOFA-L26-T52-M-G14-1C1-APP
14
5
3
12
Expected to be available from mid 2008
1100 l/min
Part no.
569819
Size 01, 5/3 mid-position 3
1 port pressurised and 1 port exhausted,
switching position 14 detenting
Version
Complete 2x5/2-control block, individual
electrical connector, PNP sensor
VOFA-L26-T52-M-G14-1C1-ANP Complete 2x5/2-control block, individual
electrical connector, NPN sensor
„SP“ in order code
Complete 2x5/2-control block, integration on
valve terminal VTSA, PNP sensor
„SN“ in order code
Complete 2x5/2-control block, integration on
valve terminal VTSA, NPN sensor
After an emergency stop
(electrical power switched off )
The clamping device remains pressurised in both chambers
5/3 WV 14 initial position
5/2 WV 12 switched
The clamping device remains
pressurised in both chambers
5/3 WV 14 initial position
5/2 WV 14 switched
The pressure is sustained in the end
positions
5/3 WV 12 automatic locking
5/2 WV 14 or 12 switched
Control
5/3 WV 12 switched
(no automatic locking)
5/2 WV 12 switched
5/3 WV 12 switched
(no automatic locking)
5/2 WV 14 switched
5/3 WV switched to 12 (automatic
locking)
5/2 WV switched to 14 or 12
65
Safety function (3 stages)
Free of forces
Safety function
Pressurising
ISO valve for pneumatic manual clamping device
Description
Pneumatic manual clamping
device for facilities in car body
construction work (insert locations)
HEL soft-start valve
Function
14
5
3
Description
• Gradual pressure build-up
• The drives travel slowly into
their initial positions
• Sudden and unpredictable
movements are avoided
• Main seat opens at approx.
50% of the supply pressure
• Adjustable time delay for
pressure response
• To be used with HE and HEE
on-off valves
12
Technical data
PVoltage
24 V DC
L Pressure
3 ... 10 bar
QTemperature range
-5 ... +50 °C
MFlow rate
Order code
Part no.
560727
1000 l/min
Type
VSVA-B-P53ED-H-A1-1T1L
Technical data
MFlow rate
Function
2
1000 ... 6500 l/min
L Pressure
Size 01, 5/3 mid-position exhausted, switching position 14
detenting
3 ... 16 bar
QTemperature range
Expected to be available from mid 2008
1
-10 ... +60 °C
Function
Normal operation
Clamping device is closed
Unpressurised
Clamping device is in the end
position (panel is clamped)
Force supported by air pressure
Clamping device opens
automatically
Pneumatically operated
66
After an emergency stop
(electrical power switched off )
Unpressurised
Control
Force supported by air pressure
(self-locking)
Valve remains in position 12
Valve returns to the mid-position
Coil 12 is switched
Valve is in the mid-position
Coil 14 is switched
Order code
Part no.
170690
170691
170692
165076
165077
165078
186521
165079
165080
165081
186522
165082
165083
Type
HEL-D-MINI
HEL-D-MIDI
HEL-D-MAXI
HEL-1/8-D-MINI
HEL-1/4-D-MINI
HEL-3/8-D-MINI
HEL-1/4-D-MIDI
HEL-3/8-D-MIDI
HEL-1/2-D-MIDI
HEL-3/4-D-MIDI
HEL-1/2-D-MAXI
HEL-3/4-D-MAXI
HEL-1-D-MAXI
67
Safety function
Pressurising
Safety function
Reducing pressure and force
Dual-pressure regulator
Soft-start/quick exhaust valve for ISO valve terminal type VTSA
Description
Diaphragm pressure regulating
valve with secondary venting for
setting two different initial pressures in one device. The lower
value of p2 (p21) can be set
mechanically (SW10 on the adjusting screw). The higher value
of p2 (p22) can be set with the
rotary knob. Switching from the
lower to the higher value occurs
electronically.
Technical data
Function
Pressure
Key
MFlow rate
Once the initial pressure reaches
the adjustable switch-over pressure, the valve switches to full
flow.
Use
• Adjustable switch-over pressure (2, 3, 4, 5 bar)
• Adjustable filling time
• 24 V DC or 110 V AC solenoid
• G1/2 or NPT 1/2 ports
• Built-in piston position sensing
• Flow rate (QNn):
pressurising 3000 l/min
exhausting 3400 l/min
Function
Switch-over pressure
up to 1300 l/min
Q
Description
Solenoid actuated on-off and
exhaust valve for gradual pressure build-up in pneumatic
systems. This protects start-up
of pneumatic systems.
A small quantity of air flows into
the system through an adjustable flow control valve. The
initial pressure is built up
gradually. Downstream cylinders
and devices gradually reach
their initial position.
1
2
Temperature range
-10 ... +60 °C
Technical data
p2 regulator pressure regulation
range
p1 supply pressure 1
Hymax max. pressure hysteresis
p1max
P2max
PWIS-free
Corrosion resistance class
Ports
Filling time
Working
pressure
Examples
Fast filling time, switch-over
pressure at 6 bar
0.5 <= 7 bar
1.5 bar <= 12 bar
0.5 bar
p1max: 12bar
p2max: 7bar
CRC2
G1/4
Slow filling time, switchover pressure at 4 bar
Order code
Part no.
557377
Type
VABF-S6-1-P5A4-G12-4S-1R3P
Order code
Part no.
550588
567841
68
Type
LR-D-MINI-ZD-V24-SA234223A
LR-D-MINI-ZD-V24-UK-SA236138A
submitted
69
Pressure zones for valve terminal type 44 VTSA
Zone 1
Zone 2
P1
The illustration shows an
example of how three pressure
zones are built up and connected with channel separation –
with internal pilot air supply.
70
P2
Creating pressure zones and
separating exhaust air
• With the VTSA, pressure zones
can be introduced in many
ways for different working
pressures
• Pressure zones can be created
by separating the internal
supply ducts between the
series sub-bases with a corresponding channel separator
• Pressure supply and
exhausting via supply plate
• Free positioning of the supply
plates and separating seals in
VTSA
• Channel separator integrated
ex works as per the order,
differences can be indicated
via the coding system for
assembling valve terminals
Zone 3
P3
VTSA with CPX terminal
connection
• Up to 16 pressure zones possible with VTSA (if only size 1,
ISO 5599-2, is used, up to 32
pressure zones are possible)
Pressure zones for valve terminal type 32 MPA
Further examples of pressure
supply and pilot air supply via
an end plate
• Internal pilot air supply, ducted
exhaust air/silencer
• External pilot air supply,
silencer/ducted exhaust air
Reliable exhausting of valves or
pressure zones
If used together with the
MS6-SV valve, specific areas can
be exhausted safely whilst the
pressure is retained for specific
valves or pressure zones. This
is a common requirement for
protective circuits.
Zone 1
P1
The illustration shows an
example of how three pressure
zones are built up and connected with separating seals – with
external pilot air supply.
Zone 2
P2
Zone 3
P3
Creating pressure zones and
separating exhaust air
• With the MPA pressure zones
can be introduced in many
ways for different working
pressures
• A pressure zone can be created
by separating the internal
supply ducts between the subbases, with a corresponding
separating seal or via a separator integrated into the subbase (code I)
• Pressure supply and
exhausting via supply plate
• Free positioning of the supply
plates and separating seals in
MPA with CPX and MPM
(multiple connector plate)
• Separating seals integrated
ex works as per the order,
differences can be indicated
via the coding system for
assembling valve terminals
Further examples of pressure
supply and pilot air supply
• External pilot air supply, flat
plate silencer
• Internal pilot air supply, ducted
exhaust air
• External pilot air supply,
ducted exhaust air
Reliable exhausting of valves or
pressure zones
If used together with the
MS6-SV valve, specific areas can
be exhausted safely whilst the
pressure is retained for specific
valves or pressure zones. This
is a common requirement for
protective circuits.
MPA with CPX terminal
connection
Example of pressure zones
• Up to 8 pressure zones possible with MPA and CPX
71
CPX terminal – power supply concept
72
Description
The use of decentralised devices
on the fieldbus – particularly
those with a high protection
class for direct machine assembly – requires a flexible power
supply concept.
Together with all the supply
lines, interlinking blocks make
up the backbone of the CPX terminal. They provide the power
supply for the modules mounted
on them, as well as their bus
connection.
A valve terminal with CPX can
generally be supplied via a
socket for all voltages.
Here, we distinguish between
supplying the
• Electronics plus sensors
• Valves plus actuators. The
following connecting threads
are possible
- M18
- 7/8”
Many applications require the
CPX terminal to be separated
into voltage zones.
This is particularly true for
switching off the solenoid coils
and the ports separately. The
interlinking blocks can either be
designed as a centralised power
supply for the entire CPX terminal (which saves on installation work), or they can be
designed as galvanically
separated, all-pin disconnectable potential groups/voltage
segments.
73
Knowledge provides greater safety
Safety is always more than just
the hardware and the corresponding circuit diagrams. Safety
starts at the concept stage, for
example by identifying necessary
performance levels.
For comprehensive qualification
on the subject of safety, Festo
Didactic provides numerous
seminars on various topics.
More than 40 years of experience in training and consulting
and 30,000 participants at more
than 2,900 events each year
speak for themselves: our
instructors provide you with their
own experience and give you
the best possible preparation for
your own specific safety tasks.
When it comes to self-structured
and flexible modular learning,
our web-based training course
“Safety engineering” is ideal.
74
“New machinery directive 2006/42/EC — new standard EN ISO 13 849-1
for pneumatics/electro-pneumatics (FOKUS)”
Are you a plant operator or
engineer? If the answer is ‘Yes’,
then the new machinery directive applies to you.
Are you prepared for the changeover in safety engineering? Are
you familiar with the performance level of the safety functions?
The new machinery directive
2006/42/EC will come into force
on December 29, 2009.
The standard DIN EN 954-1
“Safety-related parts of control
systems – General principles for
design” has already been withdrawn. The successor standard
DIN EN ISO 13 849-1 is now
valid.
In future it will be necessary to
define a performance level and
degree of diagnostic coverage.
Be informed with the aid of this
compact and intensive 1-day
course.
Content
• New machinery directive
2006/42/EC
• Changes compared with the
old machinery directive
98/37/EC
• Risk assessment to EN ISO 13
849-1
• Differences compared with DIN
EN 954-1
• EN ISO 13 849-1 concepts:
Performance Level PL
- Degree of diagnostic
coverage DC
- Common cause failure CCF
- Mean time to failure MTTF
• Determining the individual
values using selected pneumatic and electro-pneumatic
circuits
Course participants will receive
• A USB stick containing the
course documents, design
software for the performance
level and additional information
• A “Safety engineering guidelines” manual
• A certificate confirming course
participation
• An option to purchase the
web-based training “Safety
engineering” at a 50%
discount.
Target group
Design engineers from
mechanical, electrical and
control engineering.
Duration
1 day
For further information, see the
www.festo-tac.com
75
“Safety in pneumatics and electro-pneumatics for design
engineers (SAFETY2)”
The European machinery directive is law and requires that
design engineers incorporate
safety functions into machinery
and system designs. This is
certified with the CE mark. The
previous standard for risk
assessment DIN EN 954-1 has
already been withdrawn and
replaced by the new standard EN
ISO 13 849-1. Design engineers
will have to conduct their risk
assessments in accordance with
the new standards. Specific
pneumatic and electro-pneumatic circuits for the “Safety
measures for safety-related
pneumatic components” will be
presented. These sample circuits
will be examined with respect to
their failure behaviour.
This course aims to enable
design engineers to design
safety-related circuits up to controller category 4, to understand
the interaction between pneumatic and electrical components
and to assess the behaviour of
pneumatic cylinders. The course
will teach design engineers what
needs to be taken into account
when developing these circuits.
The seminar focuses on circuit
technology.
76
Content
• Design and function of safetyrelated circuits to EN ISO
13 849-1
• Identification of safety categories of circuits
• Selection of spare parts
• Power failure and recovery
• Safe pressurisation and
exhausting
• Safe opening of brakes and
clamps
• Basic and proven safety
principles of pneumatics to
EN ISO 13 849-2
• Selected safety measures for
safety-related pneumatic
components
- Unexpected restart
- Blocking, braking and rever
sing of movements
- Force isolation and freedom
of movement
- Reduced force and reduced
speed
- Two-hand operation
• Error analysis and error elimination to EN ISO 13 849-2
• Performance testing of safetyrelevant components
• Influence of tube length,
diameter and fittings on the
speed of cylinders
• Preventing manipulation of
protective devices
• Information on operating
instructions and maintenance
“Reliable design of machinery and systems (SEP-PILZ)”
Target group
mechanical, electrical and
control engineering.
Duration
2 days
For further information, see
the Festo Didactic homepage:
www.festo-tac.com
The European directives and
standards describe the safety
requirements for machines and
systems. These frequently include the use of both electrical and
pneumatic drives and/or control
systems. In this seminar, you will
learn about both aspects and
will be in a position to design
them for optimal interaction in
the future.
Take advantage of the combined
expert knowledge of specialists
from Pilz GmbH & Co. KG and
Festo Didactic GmbH & Co. KG
in one seminar. Demonstrations
take place using an actual
machine model.
After the seminar, you will know
what requirements and options
are available for safe and reliable electrical engineering and
pneumatics. You will be familiar
with and able to use DIN
EN 954-1/DIN EN ISO 13849-1
“Safety-related parts of control
systems – General principles for
design” and associated norms.
Contents
• Introduction, machine
directives and standards: laws,
machinery directives and their
implementation, safe control
technology in accordance with
DIN EN 954-1, perspective on
the new DIN EN ISO 13849-1
• Safety-orientated electrical engineering, safety engineering
design of control systems,
reliable locking; attaching light
grids; scanners and safety
shut-off mats and their test
cycles; emergency-stop classifications; stop categories and
operating modes; safe
drives; frequency converters;
speed monitoring; axis area
monitoring; discussion on
sample applications and circuits
• Safety-orientated pneumatics,
selected safety measures in
safety-oriented pneumatics,
characteristics of pneumatic
drives and controlling them,
power failure, power recovery
and restarting, two-hand circuits, sample circuits
Target group
Design engineers from mechanical, electrical and control engineering and control engineers
Duration
2 days
For more information, see the
Festo Didactic homepage:
www.festo-tac.de
77
“Safe machines in operation (SMB)” in cooperation with
the Pilz company and TÜV Austria
The aim of this event is to make
participants more familiar with
the legal requirements throughout a machine’s life cycle, from
acquisition up to modification
and inter-connection. Particular
attention is paid here to modifying and inter-connection
machines, and the resulting
documentation required by law.
From the content
• Definitions and basic principles:
New and old machines,
legal requirements, modifying
and inter-connecting machines
• Inventory-taking and retrofitting using a model: required
properties, assessment based
on a risk analysis or hazard
analysis, emergency-off,
emergency-stop and stop
categories, common faults
from practical experience
• Implementation and design:
Requirements for modifying
and inter-connecting (Austrian
employee protection law,
§ 35), developing new
machines in Austria and
Germany, basic principles of
safe pneumatics and solution
variants, electro-technical
solutions and variants
• Documentation:
Requirements (Austrian
employee protection law,
§ 35), descriptions and operating instructions, technical
documents, testing and validation
WBT – Safety engineering web-based training
Target group
mechanical, electrical and control engineering and control
engineers.
Duration
1 day
For further information, see the
Festo Didactic homepage:
www.festo.at
This training program provides
an introduction to the complex
issue of safety engineering in
industrial machinery and
systems.
The aim is to make participants
more aware of the problems in
the design aspects of safety
engineering and help them
understand safety engineering
equipment and hazard analysis
methods.
The training program is based
on the revised form of machinery directive 2006/42/EC.
This will come into force on
December 29, 2009. Directive
98/37/EC will apply until this
date. There will be no transition
period.
How will the overall performance level of a technical safety
measure be determined?
Concepts such as mean time to
failure MTTF, degree of diagnostic coverage DC, common
cause failure (CCF), redundancy
and diversity will be explained
in the learning program. The
components of safety devices
will also be explained in detail.
How will the overall performance level of a technical safety
measure be determined?
Concepts such as mean time to
failure MTTF, degree of diagnostic coverage DC, common
cause failure (CCF), redundancy
and diversity will be explained
in the learning program. The
components of safety devices
will also be explained in detail.
From the content
• Introduction to machine safety
• The issue of liability
(Who is liable in the event of
accidents?)
• European directives
• Relationship between
directives and standards
• The new EU machinery
directive 2006/42/EC
• The hierarchy of European
standards for machine safety
• Machine safety in the USA
• The procedure for risk assessment to EN ISO 14121 and
EN ISO 12100
• Definitions
• Risk assessment: determining
the required performance level
• Measures for risk reduction:
design measures, technical
safety measures, instructive
measures
• Selection of safety function
• Definition of controller
category
Further information
Available as a CD-ROM version
or alternatively WBT version for
installation on networks and
learning management systems,
with as many licenses as you
need.
Duration
approx. 4 hours
For further information, see
the Festo Didactic homepage:
www.festo-didactic.com
78
79
List of abbreviations
Abbreviation
a, b, c, d, e
AB
AC/DC
AE
ALARP
ANSI
AOPD/AOPDDR
AS-Interface
B, 1, 2, 3, 4
B10
B10d
BPCS
BPCS
BSL
BTB/RTO
BWP
BWS
Cat.
CC
ccd
CCF
CEN
CENELEC
CMF
CRC
DC
DC
DCavg[%]
DPV0
DPV1
DR
DS
DV
E
E/A
E/E/EP
E/E/PE
E/E/PES
EDM
EDS
80
German name
Bezeichnung für die Performance Level
Anzeige-Bediengeräte
Wechsel-/Gleichstrom
Anfahr- und Entlüftungsventile
So niedrig wie vernünftigerweise möglich
US-amerikanische Normungsorganisation
Aktive optoelektronische Schutzeinrichtung
Aktuator Sensor Interface
Bezeichnung für die Kategorien
Anzahl von Zyklen, bis 10 % der Komponenten ausgefallen sind (u.a. für pneumatische und elektromechanische Komponenten)
Anzahl von Zyklen, bis 10 % der Komponenten gefährlich ausgefallen sind
(u.a. für pneumatische und elektromechanische Komponenten)
Betriebs- und Überwachungseinrichtungen
Betriebs- und Überwachungseinrichtungen
als ein System
Bootstraploader
Betriebsbereit
Berührungslos wirkende Positionsschalter
Berührungslos wirkende Schutzeinrichtung
Kategorie
Stromrichter
Kommando-Code, Teil einer SDO-Nachricht
Ausfall in Folge gemeinsamer Ursache
English name
Denotation of performance levels
Display and operating units
Alternating current/direct units
Start-up and exhaust valves
As low as reasonable practicable
American National Standards Institute
Active optoelectronic protection device
responsive to diffuse reflection
Aktuator Sensor Interface
Denotation of categories
Number of cycles until 10 % of the
components fail (for pneumatic
and electromechanical compnents)
Number of cycles until 10 % of the components fail dangerously (for pneumatic
and electomechanical components)
Europäisches Komitee für Normung
Europäisches Komitee für elektrotechnische Normung
Ausfall in Folge gemeinsamer Ausfallart
Prüfsumme in einem Daten-Telegramm,
Signatur durch zyklische Redundanzprüfung
Diagnosedeckungsgrad
European Commttee for Standardization
European Commttee for Electrotechnical
Standardization
Common mode failure
EN 61511-1:2004
Cyclic Redundancy Check
Gleichstrom
Diagnosedeckungsgrad (von Tests)
Direct current
Diagnostic Coverage, average
Funktionsversionen von PROFIBUS
Druckventile
Druckschalter
Druckverstärker
Externe Einrichtung zur Risikominderung
Eingabe/Ausgabe
Elektrisch/elektronisch/programmierbar
elektronisch
Elektrisch/elektronisch/programmierbar
elektronisch
Elektrisches/elektronisches/programmierbares elektronisches System
Schützkontrolle, Rückführkreis
Elektronisches Datenblatt
Basic process control system
Basic process control system
Bootstraploader
Ready-to-operate
Electro-sensitive positionswitch
Electro-snsitive protective equipment
Category
Current converter
Command-code
Common cause failure
Diagnostic Coverage
Source
DIN EN ISO 13849-1
Festo
IEC 61511
Festo
IEC 61511
IEC 61511
ISO 12100-1,
DIN EN ISO 13849-1
Abbreviation
F, F1, F2
Festo
Festo
Festo
EN 61511-1:2004
MTTR
NMT
Nniedrig
IEC 61511, IEC 61508
NOT-AUS
German name
English name
Häufigkeit und/oder Dauer der GefährFrequency and/or time of exposure to
dungsexposition
the hazard
Funktionsblock
Function block
Ausfallarten und Effekt-Analyse
Failure modes and effects analysis
Funktionsorientierte Antriebe
Function-oriented drives
Filterregler
Filter-regulator unit
Fehlerbaumanalyse/Fehlerzustandsbaum- Fault Tree Analysis
analyse
Potenzielle Quellen von Verletzungen oder Potential source of injury or damage to
Gesundheitsschäden
health
Jeder Bereich in einer Maschine und/oder Any zone within and/or around
um eine Maschine herum, in dem eine Per- machinery in which a person is subject
son einer Gefährdung ausgesetzt sein kann to a risk to his health or safety
Gefährdungs- und Risikobeurteilung
Hazard and risk assessment
Hardware
Hardware
Hardware-Fehlertoleranz
Hardware fault tolerance
Mensch-Maschine-Schnittstelle
Human machine interface
Analyse menschlicher Zuverlässigkeit
Human reliability analysis
Eingabegerät, z.B. Sensor
Input device, e.g. sensor
Index für Zählung
Index for counting
Eingänge/Ausgänge
Inputs/Outputs
Verbindungsmittel
Interconnecting means
Schutzmaßnahme, die entweder GefährInherently safe design measure
dungen beseitigt oder die mit den Gefährdungen verbundenen Risiken vermindert,
indem ohne Anwendung von trennenden
oder nicht trennenden Schutzeinrichtungen
die Konstruktions-Betriebseigenschaften
der Maschine verändert werden
Kolbenstangenloser Zylinder
Rodless cylinders
Verfahren, bei dem der Hersteller oder sein Declaration of conformity
in der Gemeinschaft niedergelassener
Bevollmächtigter erklärt, dass die in den
Verkehr gebrachten Maschine allen einschlägigen grundlegenden Sicherheits- und
Gesundheitsanforderungen entspricht
Kolbenstangenzylinder
Cylinders with position rod
Logik
Logic
Ausfallrate bei ungefährlichen und Gefahr Rate to failure
bringenden Fehlern
Mittlere Ausfallzeit eines Gerätes
Mean time between failure
Zeit bis zu einem Ausfall bzw. gefährlichen Mean time to failure/
Ausfall
Mean time to dangeous failure
Mittlere Reparaturzeit eines Gerätes
Mean time to repair
Service-Dienste des CAN-Application Layers Network Management
Anzahl von SRP/CS mit PLniedrig in einer Number of SRP/CS with PLlow in a
Kombination von SRP/CS
combination of SRP/CS
Ausschalten im Notfall
Emergency switching off
IEC 61511, IEC 61508
NOT-HALT
Stillsetzen im Notfall
Emergency stop
IEC 61511
NP
Nicht programmierbares System
Non-programmable system
FB
FMEA
FO
FR
FTA
Gefährdung
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
IEC 61511
IEC 61511
EN 61496
DIN EN ISO 13849-1
DIN EN ISO 13849-1
IEC 61508, IEC 62061,
prEN ISO 12849-1EN 61511-1:2004,
DIN EN ISO 13849-1
DIN EN ISO 13849-1,
IEC 62061(IEC 61508-2:2000
Gefährdungsbereich
H & RA
H/W
HFT
HMI
HRA
I, I1, I2
i, j
I/O
iab, ibc
Inhärente
sichere
Konstruktion
KL
Konformitätserklärung
KS
L, L1, L2
Lambda
DIN EN ISO 13849-1
MTBF
MTTF/MTTFd
Pressure control valves
Pressure switch
Pressure amplifier
External risk reduction facilities
Input/Output
Electrical/Electronical/programmable
electronic
electronic
electronic system
External Device Monitoring
Electronic Data Sheet
Source
DIN EN ISO 13849-1
DIN EN ISO 13849-1
EN 1050, DIN EN ISO 13849-1
Festo
Festo
EN 1050
Maschinenrichtlinie
2006/42/EG, EN 1050 (ISO
EN ISO 12100-1,
DIN EN 1050
IEC 61511
IEC 61511
IEC 61511
IEC 61511
IEC 61511
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
EN ISO 12100-1
Festo
Maschinenrichtlinie
2006/42/EG
Festo
DIN EN ISO 13849-1
IEC 62061
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
EN 418 (ISO 13850) EN 60204-1
Anhang D
ISO 13850 EN 60204-1
Anhang D
EN 61511-1:2004
81
Abbreviation
O, O1, O2, OTE
OE
OSHA
OSI
OSSD
P, P1, P2
Pdf
PE
PES
PFD
PFH
PFHd
PHA
PL/Performance Level
PLr
PLC
PLniedrig
PR
RE
Restrisiko
Risiko
Risikoanalyse
Risikobeurteilung
Risikobewertung
Risikoeinschätzung
S, S1, S2
SA
SAT
Schaden
Schutzmaßnahme
SIF
82
German name
Ausgabegerät, z.B. Antriebselement
Öler
English name
Output device, e.g. actuator
Lubricator
Referenzmodell zur Datenkommunikation, Open System Interconnection
Darstellung als Schichtenmodell mit verteilten Aufgaben für jede Schicht
Ausgangsschaltelement,
Output Signal Switching Device
Sicherheits-Schaltausgang
Möglichkeit zur Vermeidung der Gefährdung Possibility of avoiding the hazard
Wahrscheinlichkeit gefahrbringender
Probability of dangerous failure
Ausfälle
Programmierbare Elektronik
Programmable electronics
Programmierbares elektronisches System Programmale electronic system
Ausfallwahrscheinlichkeit bei Auslösen/
Probability of failure on demad
Anfrage der Sicherheitsfunktion
Ausfallwahrscheinlichkeit pro Stunde
Probability of failure per hour
Wahrscheinlichkeit gefahrbringender
Probability of dangerous failure per hour
Ausfälle pro Stunde
Vorläufige Untersuchung von Gefährdungen Preliminary hazard analysis
Diskreter Level, der die Fähigkeit von
Discrete level used to specify the ability
sicherheitsbezogenen Teilen einer Steue- of safety-related parts of control systems
rung spezifiert, eine Sicherheitsfunktion
to perform a safety function under foreunter vorhersehbaren Bedingungen auszu- seeabl condtions
führen
Angewandter Performance Level(PL),
Performance level (PL) applied in order
um die erforderliche Risikominderung für to achieve the required risk reduction
jede Sicherheitsfunktion zu erreichen
for each safety function
Speicherprogrammierbare Steuerung (SPS) Programmable logic contoller
Niedrigster Performance Level einer SRP/CS Lowest performance level of a SPR/CS
in einer Kombination von SRP/CS
in a combination with SPR/CS
Proportionalventile
Proportional valves
Regler
Regulator
Risiko, das nach Ausführung der SchutzRisk remaining after safety measures
maßnahme verbleibt
have been taken
Kombination der Wahrscheinlichkeit
Combination of the Probability
Kombination aus Festlegung der Grenzen Combination of the specification of the
einer Maschine, Identifizierung einer
limits of the machine, hazard identifiGefährdung und Risikoeinschätzung
cation and risk estimation
Gesamtheit des Verfahrens, das eine
Overall process comprising a risk
Risikoanalyse und Risikobewertung
analysis and a risk evaluation
umfasst
Auf der Risikoanalyse beruhende BeurJudgement, on the basis of risk analysis,
teilung, ob die Ziele zur Risikominderung of wheather the risk reduction objectives
erreicht wurden
have been achieved
Bestimmung des wahrscheinlichen AusDefining likely severity of harm and
maßes eines Schadens und der Wahrprobability of its occurrence
scheinlichkeit seines Eintritts
Schwere der Verletzung
Severity of injury
Schwenkantriebe
Semi-rotary drives
Vor-Ort-Abnahme
Site acceptance test
Physische Verletzung und/oder Schädigung Physical injuy or damage to health
von Gesundheit oder Sachen
Maßnahme zur Beseitigung einer Gefähr- Means that eliminates a hazard or
dung oder zur Minderung eines Risikos
reduces a risk
Sicherheitstechnische Funktion
Safety instrumental function
Source
DIN EN ISO 13849-1
Festo
EN 61496-1
DIN EN ISO 13849-1
IEC 61508, IEC 62061
EN 61511-1:2004
EN 61511-1:2004, DIN EN
IEC 61508, IEC 62061
IEC 62061
IEC 62061
EN 1050 01/97 Anhang B.2
DIN EN ISO 13849-1
DIN EN ISO 13849-1
IEC 61511, DIN EN ISO 13849-1
DIN EN ISO 13849-1
Festo
Festo
EN 1050
Abbreviation
SIL
SIS
SP
SPE
SRASW
SRECS
SRESW
SRP
SRP/CS
SRS
ST
SW1A, SW1B,
SW2
SYNC
German name
Sicherheits-Integritätslevel
Sicherheitstechnisches System
Sperrventile
Sensitive Schutzeinrichtung mechanisch
behaftetes Betriebsmittel
Sicherheitsbezogene Anwendungssoftware
Sicherheitsbezogenes elektrisches
Steuerungssystem
Sicherheitsbezogene Embedded-Software
Sicherheitsbezogenes Teil
Sicherheitsbezogenes Teil von Steuerungen
Spezifikation der Sicherheitsanforderungen
Stromventile
Positionsschalter
Objekt zur Synchronisierung von
Teilnehmern im Netzwerk
TE
Testeinrichtung
Techn. Schutz- Schutzmaßnahmen, bei denen Schutzeinmaßnahmen
richtungen zur Anwendung kommen, um
Personen vor Gefährdungen zu schützen,
die durch inhärent sichere Konstruktion
nicht in angemessener Weise beseitigt
werden können, oder vor Risiken zu
schützen, die dadurch nicht ausreichend
vermindert werden können
TM
Gebrauchsdauer
TR
Trockner
WE
Wartungseinheiten
WV
Wegeventile
ZS
Zylinderschalter
English name
Safety integrity level
Safety instrumented system
Shut-off valves
Sensitive Protection Equipment
Source
IEC 61511, DIN EN ISO 13849-1
EN 61511-1:2004
Festo
ISO 12100-1
Safety-Related Application Software
DIN EN ISO 13849-1
Safety-Related Electrical Control System IEC 62061
Safety-Related Embedded Software
Safety-Related Part
Safety-Related Part of Control Systems
Safety Requirements Specification
Flow control valves
Position switces
DIN EN ISO 13849-1
DIN EN ISO 13849-1
DIN EN ISO 13849-1
IEC 61511
Festo
DIN EN ISO 13849-1
Synchronisation objects
Test equipment
DIN EN ISO 13849-1
Protective measure using safeguards to EN 1050, EN ISO 12100-1
protect persons from the hazard which
cannot reasonably be eliminated or from
the risks which cannot be sufficiently
reduced by inherently safe design
measures
Mission time
Air dryers
Service units
Directional control valves
Proximity sensors
DIN EN ISO 13849-1
Festo
Festo
Festo
Festo
EN ISO 12100-1
EN ISO 12100-1, DIN EN 1050
EN ISO 12100-1, DIN EN 1050
EN ISO 12100-1, DIN EN 1050
EN ISO 12100-1, DIN EN 1050
DIN EN ISO 13849-1
Festo
IEC 61511
EN 1050, EN 61511-1:2004
EN 1050, EN ISO 12100-1,
EN 61511-1:2004
EN 61511-1:2004
Legal notice
The examples specified here are intended purely as suggestions that must be checked for suitability in
the context of each separate application, paying attention to the applicable standards. This might involve
applying standards DIN EN ISO 13849-1 and 2, for example.
Depending on the application, the examples specified may only partially satisfy the actual requirements
(for all safety functions), and must therefore be adjusted using suitable measures and modifications.
To do this, it is necessary to examine the entire system (entire control loop system), which might consist
of multiple technologies (e.g. pneumatics, hydraulics, electrical engineering, mechanics ...) and therefore
multiple applicable standards.
The sample circuits given here are not suitable as a complete validation report in the legal sense due to
the lack of any reference to an actual system (real application).
83

Safety engineering guidelines

Transcription

Similar documents

COMPANIES - DOCUMENT Strategy Media

pampas madras - COTTA Collection AG

View Dr van Niekerk`s presentation

PDF-File

euro nature V2 | Technical characteristics

Expanding Gate Valve Brochure

isotip brochure

Structure Of August Srew Air Compressor

TWO-PIECE VALVE COVERS

PV0003 Data Sheet