ABB Drives and Controls, 06.11.2014 Safer …file/Functional+safety_ABB.pdfmachinery standards Wide...

Safer machines and processesAdding value with drive-based functional safety

ABB Drives and Controls, 06.11.2014

© ABB Group November 14, 2014 | Slide 2

Leading the way inSafety

No room to compromise on safety

ABB is leading the global development of robust, reliable and efficient products for demanding environments

We adapt our products to conservative design because risk taking is not an option

Full compliance with all global and local hazardous location certifications


Ranked number one inReliability

Long term reliability is crucial for the industry

Exceeding requirements of standards and directives gives confidence in operations

Our equipment run for decades, securing production and total cost of ownership

Reliable processesTop quality raw materialsDurable, heavy duty insulation systems Technical competenceABB policy and tradition

A strong service organization throughout the life cycle

Complete palette of worldwide services and spare partsAccredited field service engineers and certified workshopsMaintenance procedures to ensure high availability

Adding value with drive-based functional safety

1. Users challenges regarding machine safety

2. Drive-based functional safety solutionsSafety functions, solutionsExpertise, support

3. Creating value during the overall safety process

4. Available information

5. Summary

Contents

© ABB Group

November 14, 2014 | Slide 4

Adding value with drive-based functional safetyChallenges regarding machine safety

Plant / machine owners want to ensure that their machines are:

ProductiveSafe and easy to useConform to laws and regulations

Movement in industrial processes present risks of accidents

Risks are always presentManagement is responsible for safety of personnel, property, company image

Functional safety systems have to complywith relevant standards and directives

Machinery Directive, safety standardsCorrect implementationSpecific information and competence

© ABB Group


Safety Integrity Level and Performance Level


Functional Safety Management – Fundamentals

1. Functional safety cultureManagement commitment – top level Management is ultimately responsible

Policies & procedures - from Management to all levels of the company

Defined responsibilities and structures - for all Safety related operations

Verifiable and auditable - safety procedures

2. Safety needs to be part of someone’s job descriptionClear responsibility

3. Lifecycle approach

4. Well defined documentation and record keeping Traceability & auditability for all safety management decisions

5. Proper methods & techniques for the level of safetySIL / PL compliant design skills


Functional Safety Management – Fundamentals (2)

6. Safety related Change Management process

7. Permanent competent safety resourcesDesign & Support personnel involved with safety – appropriate competency

Safety training and retraining is required – training records

8. Detection of deviationsFast & proactive reaction to issues

9. Statistical process control for manufacturing

10. Configuration managementDocumentation, source code, tools and environments, all safety related HW- and SW- components or modules

11. Supplier relations - managing the compliance

What is SIL?

It is a common misconception that Safety Integrity Level (SIL) is just a level of failure probability of the safety function

SIL covers systematic, common cause and random failure possibilities of the safety system

Another misconception is that SIL requirement is related to the whole machine

Actually it is related to a specific risk

Different SIL for different risks in same machine is possible


For what is SIL used?

1) To define the level of risk reduction (risk reduction factor RRF) of the safety function

2) To set limits for the random failure probability of devices

3) To define principles, techniques and measures to prevent systematic and common cause failures in

each lifecycle phase (e.g. Specification, validation)

Safety related design (e.g. power supply, diagnostics and design tools)


Safety Integrity Level & Performance Level

Safety Integrity Level

Discrete level (one out of a possible four), corresponding to a range of safety integrity values, where safety integrity level 4 has the highest level of safety integrity and safety integrity level 1 has the lowest

Safety Integrity

Probability of an E/E/PE safety-related system satisfactorily performing the specified safety functions under all the stated conditions within a stated period of time

Performance Level

Discrete level used to specify the ability of safety-related parts of control systems to perform a safety function under foreseeable conditions


Vendor’s drive-based functional safety keeps application movement safe in industry:

Pre-designed functions in/with our drivesFunctions meet the requirements of the Machinery Directive and relevant machinery standards

Wide range of vendora safety devices are available:

Drives, PLCs, relays, switches, buttons, contactors, ...

Expertise:Know-how on functional safety Functional safety design tool for functional safety design and verificationProfessional service offering

Adding value with drive-based functional safetyDrive-based functional safety solutions and support

© ABB Group


Safety functions integrated in the drive

Safety PLC controlling drives

Safety encoder for speed feedback (on the motor)

Contactor Reset button

Door safety limit-swich

Emergency stop -button

Safety relay

Adding value with drive-based functional safetyWhy integrate safety functions in drives?


Functions work seamlessly with the drive control Safety functions are naturally tied to motor control

Eliminate the need for motor contactors (safe torque off – STO)

Enable fast restarts after safe stops

Provide savings in cost and space, high reliability, maintenance free operation (no wear)

Enable encoderless safety functions

Simplify system implementationPre-designed functions to be commissioned

Certified components to simplify validation

?

Adding value with drive-based functional safetyCreating value during the safety process

Safety solutions, tool, support

Functional safety needs

Information on solutions

Information on safety process

Service request / contract

Sales and Support

1. Safety planning

2. Risk assessment

3. Risk reduction a) Functional safety specification

4-5. Commissioning, validation

6. Support and service

VendorMachine builder process

Service offering

b) Design and implementation

c) Verification

Need for information, understanding

© ABB Group


1. Safety planning

2. Risk assessment


b) Design, implementation

c) Verification



Adding value with drive-based functional safetyPhase 1: Safety planning

What is required of the machine builder:

Plan machine safety as part of the occupational safety

Activities

Responsibilities

Documentation

Vendor can offer expertise and information on:

Requirements according to the Machinery Directive and the machinery standards

Safety process and the required activities

Functional safety design and implementation specifics

© ABB Group


Machine builder

1. Safety planning

2. Risk assessment



c) Verification



Adding value with drive-based functional safetyPhase 2: Risk assessement


Assess (identify, analyze and evaluate) machine risks

Document the risk assessment results

If risks are higher than acceptable, reduce the risks (with eg safety functions)

Vendor can offer information on:

Risk assessment and evaluation principles according to the machinery standards

Risk reduction possibilities (functional safety)

How to produce a functional safety specification based on risk assessment

© ABB Group


Machine builder

1. Safety planning

2. Risk assessment

4-5. Commissioning and validation


Adding value with drive-based functional safetyPhase 3a: Specifying the suitable safety function


Specify the safety function: 1. Functionality (eg. Emergency stop)2. Safety performance (SIL/PL)3. Timing (time to safe state)

Vendor can offer information on:Examples of drive-based functional safety solutions

Integrated safety functionsOrder-based (engineered) safety solutions for cabinet-built drives External safety components utilized for designing safety functions

Safety functions can be implemented with any different drive model or size

© ABB Group




c) Verification

Machine builder

Adding value with drive-based functional safetyDrive-based functional safety alternatives

© ABB Group

E-stop button

Safety relay

Contactors

Drives without integrated safe torque off (STO)

ACS880 solution with multiple integrated functions + safety PLC

© ABB Group


Drives with integrated STO

Safety relayE-stop button

AC500-S Safety PLC

E-stop button

Lockable switch

Adding value with drive-based functional safety

When activated, STO immediately switches off the drive output to the motor. Motor speed then coasts to a stop

Examples of standardized drive safety functions

STOmotor speed

motor speed

motor speed

|n|

0

Continuous function

motor speed

SS1

SBC

SLS

SMS

When activated, SS1 will ramp motor speed down to a standstill and activate the STO function (which removes motor torque)

When activated, SBC provides a safe control signal to operate the mechanical brake (usually used together with STO)

When activated, SLS will monitor that motor speed does not exceed a defined limit. If the speed limit is exceeded, SLS will activate STO to stop the drive

When used in an application, SMS ensures that the set speed limit is not exceeded (SMS is a continuous SLS)

Safe torque off

Safe stop 1

Safe brake control

Safely-limited speed

Safe maximum speed

Safe outputs

© ABB Group


1. Safety planning

2. Risk assessment



c) Verification



Adding value with drive-based functional safetyPhase 3b: Designing, implementing the safety function


Design and implement the safety function(s) to fulfil the specification

Vendor can offer:Certified safety devicesThe Functional safety design tool to aid in safety design, verification (SIL/PL)

Safety component libraries, safety dataExpertise and support for the use of the safety functions

© ABB Group


Machine builder

Adding value with drive-based functional safetyPhase 3c: Verifying the safety circuit


Verify that the designed safety function fulfils the required functionality and SIL/PL level

Vendor can offer:The Functional safety design tool (FSDT-01) to aid in SIL/PL calculations and reportingInformation on how safety functions have to be functionally verified

© ABB Group


1. Safety planning

2. Risk assessment



c) Verification

4-5. Commissioning and validation


Machine builder

1. Safety planning

2. Risk assessment



Adding value with drive-based functional safetyPhase 4: Commissioning the machine safety


Commission the system including safety functions

Initial commissioning has to be done with care since safety functions have not been validated

Vendor can offer:Commissioning support

© ABB Group




c) Verification

Machine builder

1. Safety planning

2. Risk assessment



Adding value with drive-based functional safetyPhase 5: Validation of the machine safety function


Validate that the risk reduction has been achieved (that safety function actually reduces the risk)

To assess that safety is achieved and documentation is available

(EU: Declaration of conformity for the complete machine)

Vendor can offer information on:Requirements for validation

Validation has to be done by a competent personValidation has to be documented with the risk assessment

How to validate drive-based safety functions© ABB Group




c) Verification

Machine builder

1. Safety planning

2. Risk assessment



c) Verification



Adding value with drive-based functional safetyPhase 6: Support and service

What is required of the machine builder:Maintain and service drives and safety circuits with service partsProfessional service to keep the machines running safely

Vendor can offer:

Service parts and replacement units

Vendor certified service engineers to service the safety circuits

Proper service and re-verification and -validation procedures

Proper service and test reports

Parts traceability in vendor databases

© ABB Group


Machine builder

Adding value with drive-based functional safetySummary

Added value with drive-based functional safety

Vendors can offer:

A wide range of certified safety products

Expertise and know-how on:

Requirements from standards and directives and how to fulfil these requirements

How to implement, verify and validate drive-based functional safety solutions

© ABB Group



Essential vs. non-essential

Essential equipment is related to navigation, propulsion, safety of the ship and passenger, cargo and crew. Loosing of the drive must not disturb ship operation ever.

Essential drive needs to be certified !< 100 kW drive ** : Manufacturer statement is enough (works certificate)> 100 kW: type approved or case by case approved at factory ( product certificate)

Non-essential equipment is that whose temporary disconnection does not impact to propulsion, steering, safety of crew, cargo, ship and machinery.

Non-essential drive does not need any certificationDesign, construction and installation shall be such as ensure faultless operation

** Note: power limit varies by societiesDNV, ABS, Lloyds: 100 kWGL: 50 kW


Essential vs. non-essential

Essential services are those necessary for the propulsion and safety of the ship, such as the following:

air compressors for oil enginesair pumpsballast pumpsbilge pumpscirculating and cooling water pumpscondenser circulating pumpselectric propulsion equipmentelectric starting systems for oil enginesextraction pumpsfans for forced draught to boilers

windlasses

feed water pumps

fire detection and alarm systems

fuel valve cooling pumps

hydraulic pumps for controllable pitch propellers and those serving essential services here listed that would otherwise be directly electrically-driven

lubricating oil pumps

oil fuel pumps and oil fuel burning units

oil separators

pumps for fire-extinguishing systems

steering gear

thrusters for dynamic positioning

ventilating fans for engine and boiler rooms

etc.


Technical requirements in marine

In addition to the essential and non-essential use, there are some technical aspects to be noticed:

Environmental conditions

Air temperature higher than in other industries

Cooling water temperatures high

Humidity and salt

Inclination, both static and dynamic

Acceleration and vibration

Electrical network conditions (more material is available for self-learning)

Network is powered by generators and non-grounded (IT-network) or grounded with high resistance

Short circuit capacity is typically low

EMC and harmonic content is typically high



Primary technical considerations for selecting the drive for use in different applications:

Enclosure requirementIP21 in dry spaces, IP22 above floorIP44 below floor, IP56 on deck

Ambient temperature rating+ 45 °C, general application+ 55 °C , installed in consoles and housings, where is an additional heat source in same enclosure

Vibration requirement 3 - 13,2 Hz: +-1 mm displacement13,2 - 100 Hz: 0,7 g accelerationmaximum amplification factor 10



Primary technical considerations for selecting the drive for use in different applications:

Voltage and frequency variationsContinuous: frequency ±5%, voltage ±10%

Transient: frequency ±10%, voltage ±20%

EMCEMC requirement depends on location on board:

Special power distribution zone, general power distribution zone

Deck and bridge zone, accommodation zone

HarmonicsNetwork voltage total harmonic distortion (UTDH) < 5%

The effects of the harmonics to be taken into consideration in the system level


LV drives – what to offer?

Duty Non-essential Essential

Application Simple, non-critical Necessary, high safety

Certification No certification needed Certification needed

Applicable Product range All LV AC drives products

If you don´t know, use allways certified drives for both non-essential and essential use.

Type certified products:

- ACS800-01 (R2-R6)

- ACS800-04 (R2-R6)

- ACS800-07 LC

Case by case certified products:

- ACS800-04/-x04/-x07

- ACS800-11/-31

- ACS800-07/-17/-37/-md

Options available to meet marine requirements

None + C132 Type approved design

+ C131 Vibration dampers

+ C121 marine construction

+ N698 winch control

+ Factory Acceptance Test (FAT)


Options for certified products

+C121 Marine construction (ACS800–07/-07LC/-17/-37 & -md)

Top fixingFloor fixingDoor handles (plastic)Mechanical heavy duty properties90 deg door holdersA1 wiring marking

+C131 Vibration damper set (ACS800–01/-11/-31)

For direct wall mounting in vessels, not in cabinet installationNot needed for R2-R3 frames of ACS800-01Not needed for IP54 of ACS800-01

+C132 marine type certified design (ACS800–01 & -04, frames R2-R6)

Certificate documents ABS, DNV, Lloyd´s, BV, GL , BV , NK for –01 (R2-R6)ABS, DNV, Lloyd´s, NK for –04 (R2-R6)

+P901 Coated boards

ABB Drives and Controls, 06.11.2014 Safer …file/Functional+safety_ABB.pdfmachinery standards Wide...

Documents

Transcript of ABB Drives and Controls, 06.11.2014 Safer …file/Functional+safety_ABB.pdfmachinery standards Wide...