ABB Drives and Controls, 06.11.2014 Safer …file/Functional+safety_ABB.pdfmachinery standards Wide...
Transcript of ABB Drives and Controls, 06.11.2014 Safer …file/Functional+safety_ABB.pdfmachinery standards Wide...
Safer machines and processesAdding value with drive-based functional safety
ABB Drives and Controls, 06.11.2014
© ABB Group November 14, 2014 | Slide 2
Leading the way inSafety
No room to compromise on safety
ABB is leading the global development of robust, reliable and efficient products for demanding environments
We adapt our products to conservative design because risk taking is not an option
Full compliance with all global and local hazardous location certifications
© ABB Group November 14, 2014 | Slide 3
Ranked number one inReliability
Long term reliability is crucial for the industry
Exceeding requirements of standards and directives gives confidence in operations
Our equipment run for decades, securing production and total cost of ownership
Reliable processesTop quality raw materialsDurable, heavy duty insulation systems Technical competenceABB policy and tradition
A strong service organization throughout the life cycle
Complete palette of worldwide services and spare partsAccredited field service engineers and certified workshopsMaintenance procedures to ensure high availability
Adding value with drive-based functional safety
1. Users challenges regarding machine safety
2. Drive-based functional safety solutionsSafety functions, solutionsExpertise, support
3. Creating value during the overall safety process
4. Available information
5. Summary
Contents
© ABB Group
November 14, 2014 | Slide 4
Adding value with drive-based functional safetyChallenges regarding machine safety
Plant / machine owners want to ensure that their machines are:
ProductiveSafe and easy to useConform to laws and regulations
Movement in industrial processes present risks of accidents
Risks are always presentManagement is responsible for safety of personnel, property, company image
Functional safety systems have to complywith relevant standards and directives
Machinery Directive, safety standardsCorrect implementationSpecific information and competence
© ABB Group
November 14, 2014 | Slide 5
Safety Integrity Level and Performance Level
© ABB Group November 14, 2014 | Slide 7
Functional Safety Management – Fundamentals
1. Functional safety cultureManagement commitment – top level Management is ultimately responsible
Policies & procedures - from Management to all levels of the company
Defined responsibilities and structures - for all Safety related operations
Verifiable and auditable - safety procedures
2. Safety needs to be part of someone’s job descriptionClear responsibility
3. Lifecycle approach
4. Well defined documentation and record keeping Traceability & auditability for all safety management decisions
5. Proper methods & techniques for the level of safetySIL / PL compliant design skills
© ABB Group November 14, 2014 | Slide 8
Functional Safety Management – Fundamentals (2)
6. Safety related Change Management process
7. Permanent competent safety resourcesDesign & Support personnel involved with safety – appropriate competency
Safety training and retraining is required – training records
8. Detection of deviationsFast & proactive reaction to issues
9. Statistical process control for manufacturing
10. Configuration managementDocumentation, source code, tools and environments, all safety related HW- and SW- components or modules
11. Supplier relations - managing the compliance
What is SIL?
It is a common misconception that Safety Integrity Level (SIL) is just a level of failure probability of the safety function
SIL covers systematic, common cause and random failure possibilities of the safety system
Another misconception is that SIL requirement is related to the whole machine
Actually it is related to a specific risk
Different SIL for different risks in same machine is possible
© ABB Group November 14, 2014 | Slide 9
For what is SIL used?
1) To define the level of risk reduction (risk reduction factor RRF) of the safety function
2) To set limits for the random failure probability of devices
3) To define principles, techniques and measures to prevent systematic and common cause failures in
each lifecycle phase (e.g. Specification, validation)
Safety related design (e.g. power supply, diagnostics and design tools)
© ABB Group November 14, 2014 | Slide 10
Safety Integrity Level & Performance Level
Safety Integrity Level
Discrete level (one out of a possible four), corresponding to a range of safety integrity values, where safety integrity level 4 has the highest level of safety integrity and safety integrity level 1 has the lowest
Safety Integrity
Probability of an E/E/PE safety-related system satisfactorily performing the specified safety functions under all the stated conditions within a stated period of time
Performance Level
Discrete level used to specify the ability of safety-related parts of control systems to perform a safety function under foreseeable conditions
© ABB Group November 14, 2014 | Slide 11
Vendor’s drive-based functional safety keeps application movement safe in industry:
Pre-designed functions in/with our drivesFunctions meet the requirements of the Machinery Directive and relevant machinery standards
Wide range of vendora safety devices are available:
Drives, PLCs, relays, switches, buttons, contactors, ...
Expertise:Know-how on functional safety Functional safety design tool for functional safety design and verificationProfessional service offering
Adding value with drive-based functional safetyDrive-based functional safety solutions and support
© ABB Group
November 14, 2014 | Slide 12
Safety functions integrated in the drive
Safety PLC controlling drives
Safety encoder for speed feedback (on the motor)
Contactor Reset button
Door safety limit-swich
Emergency stop -button
Safety relay
Adding value with drive-based functional safetyWhy integrate safety functions in drives?
© ABB Group November 14, 2014 | Slide 13
Functions work seamlessly with the drive control Safety functions are naturally tied to motor control
Eliminate the need for motor contactors (safe torque off – STO)
Enable fast restarts after safe stops
Provide savings in cost and space, high reliability, maintenance free operation (no wear)
Enable encoderless safety functions
Simplify system implementationPre-designed functions to be commissioned
Certified components to simplify validation
?
Adding value with drive-based functional safetyCreating value during the safety process
Safety solutions, tool, support
Functional safety needs
Information on solutions
Information on safety process
Service request / contract
Sales and Support
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
4-5. Commissioning, validation
6. Support and service
VendorMachine builder process
Service offering
b) Design and implementation
c) Verification
Need for information, understanding
© ABB Group
November 14, 2014 | Slide 14
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
b) Design, implementation
c) Verification
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 1: Safety planning
What is required of the machine builder:
Plan machine safety as part of the occupational safety
Activities
Responsibilities
Documentation
Vendor can offer expertise and information on:
Requirements according to the Machinery Directive and the machinery standards
Safety process and the required activities
Functional safety design and implementation specifics
© ABB Group
November 14, 2014 | Slide 15
Machine builder
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 2: Risk assessement
What is required of the machine builder:
Assess (identify, analyze and evaluate) machine risks
Document the risk assessment results
If risks are higher than acceptable, reduce the risks (with eg safety functions)
Vendor can offer information on:
Risk assessment and evaluation principles according to the machinery standards
Risk reduction possibilities (functional safety)
How to produce a functional safety specification based on risk assessment
© ABB Group
November 14, 2014 | Slide 16
Machine builder
1. Safety planning
2. Risk assessment
4-5. Commissioning and validation
6. Support and service
Adding value with drive-based functional safetyPhase 3a: Specifying the suitable safety function
What is required of the machine builder:
Specify the safety function: 1. Functionality (eg. Emergency stop)2. Safety performance (SIL/PL)3. Timing (time to safe state)
Vendor can offer information on:Examples of drive-based functional safety solutions
Integrated safety functionsOrder-based (engineered) safety solutions for cabinet-built drives External safety components utilized for designing safety functions
Safety functions can be implemented with any different drive model or size
© ABB Group
November 14, 2014 | Slide 17
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
Machine builder
Adding value with drive-based functional safetyDrive-based functional safety alternatives
© ABB Group
E-stop button
Safety relay
Contactors
Drives without integrated safe torque off (STO)
ACS880 solution with multiple integrated functions + safety PLC
© ABB Group
November 14, 2014 | Slide 18
Drives with integrated STO
Safety relayE-stop button
AC500-S Safety PLC
E-stop button
Lockable switch
Adding value with drive-based functional safety
When activated, STO immediately switches off the drive output to the motor. Motor speed then coasts to a stop
Examples of standardized drive safety functions
STOmotor speed
motor speed
motor speed
|n|
0
Continuous function
motor speed
SS1
SBC
SLS
SMS
When activated, SS1 will ramp motor speed down to a standstill and activate the STO function (which removes motor torque)
When activated, SBC provides a safe control signal to operate the mechanical brake (usually used together with STO)
When activated, SLS will monitor that motor speed does not exceed a defined limit. If the speed limit is exceeded, SLS will activate STO to stop the drive
When used in an application, SMS ensures that the set speed limit is not exceeded (SMS is a continuous SLS)
Safe torque off
Safe stop 1
Safe brake control
Safely-limited speed
Safe maximum speed
Safe outputs
© ABB Group
November 14, 2014 | Slide 19
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 3b: Designing, implementing the safety function
What is required of the machine builder:
Design and implement the safety function(s) to fulfil the specification
Vendor can offer:Certified safety devicesThe Functional safety design tool to aid in safety design, verification (SIL/PL)
Safety component libraries, safety dataExpertise and support for the use of the safety functions
© ABB Group
November 14, 2014 | Slide 20
Machine builder
Adding value with drive-based functional safetyPhase 3c: Verifying the safety circuit
What is required of the machine builder:
Verify that the designed safety function fulfils the required functionality and SIL/PL level
Vendor can offer:The Functional safety design tool (FSDT-01) to aid in SIL/PL calculations and reportingInformation on how safety functions have to be functionally verified
© ABB Group
November 14, 2014 | Slide 21
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
4-5. Commissioning and validation
6. Support and service
Machine builder
1. Safety planning
2. Risk assessment
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 4: Commissioning the machine safety
What is required of the machine builder:
Commission the system including safety functions
Initial commissioning has to be done with care since safety functions have not been validated
Vendor can offer:Commissioning support
© ABB Group
November 14, 2014 | Slide 22
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
Machine builder
1. Safety planning
2. Risk assessment
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 5: Validation of the machine safety function
What is required of the machine builder:
Validate that the risk reduction has been achieved (that safety function actually reduces the risk)
To assess that safety is achieved and documentation is available
(EU: Declaration of conformity for the complete machine)
Vendor can offer information on:Requirements for validation
Validation has to be done by a competent personValidation has to be documented with the risk assessment
How to validate drive-based safety functions© ABB Group
November 14, 2014 | Slide 23
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
Machine builder
1. Safety planning
2. Risk assessment
3. Risk reduction a) Functional safety specification
b) Design and implementation
c) Verification
4-5. Commissioning, validation
6. Support and service
Adding value with drive-based functional safetyPhase 6: Support and service
What is required of the machine builder:Maintain and service drives and safety circuits with service partsProfessional service to keep the machines running safely
Vendor can offer:
Service parts and replacement units
Vendor certified service engineers to service the safety circuits
Proper service and re-verification and -validation procedures
Proper service and test reports
Parts traceability in vendor databases
© ABB Group
November 14, 2014 | Slide 24
Machine builder
Adding value with drive-based functional safetySummary
Added value with drive-based functional safety
Vendors can offer:
A wide range of certified safety products
Expertise and know-how on:
Requirements from standards and directives and how to fulfil these requirements
How to implement, verify and validate drive-based functional safety solutions
© ABB Group
November 14, 2014 | Slide 25
© ABB Group November 14, 2014 | Slide 26
Essential vs. non-essential
Essential equipment is related to navigation, propulsion, safety of the ship and passenger, cargo and crew. Loosing of the drive must not disturb ship operation ever.
Essential drive needs to be certified !< 100 kW drive ** : Manufacturer statement is enough (works certificate)> 100 kW: type approved or case by case approved at factory ( product certificate)
Non-essential equipment is that whose temporary disconnection does not impact to propulsion, steering, safety of crew, cargo, ship and machinery.
Non-essential drive does not need any certificationDesign, construction and installation shall be such as ensure faultless operation
** Note: power limit varies by societiesDNV, ABS, Lloyds: 100 kWGL: 50 kW
© ABB Group November 14, 2014 | Slide 27
Essential vs. non-essential
Essential services are those necessary for the propulsion and safety of the ship, such as the following:
air compressors for oil enginesair pumpsballast pumpsbilge pumpscirculating and cooling water pumpscondenser circulating pumpselectric propulsion equipmentelectric starting systems for oil enginesextraction pumpsfans for forced draught to boilers
windlasses
feed water pumps
fire detection and alarm systems
fuel valve cooling pumps
hydraulic pumps for controllable pitch propellers and those serving essential services here listed that would otherwise be directly electrically-driven
lubricating oil pumps
oil fuel pumps and oil fuel burning units
oil separators
pumps for fire-extinguishing systems
steering gear
thrusters for dynamic positioning
ventilating fans for engine and boiler rooms
etc.
© ABB Group November 14, 2014 | Slide 28
Technical requirements in marine
In addition to the essential and non-essential use, there are some technical aspects to be noticed:
Environmental conditions
Air temperature higher than in other industries
Cooling water temperatures high
Humidity and salt
Inclination, both static and dynamic
Acceleration and vibration
Electrical network conditions (more material is available for self-learning)
Network is powered by generators and non-grounded (IT-network) or grounded with high resistance
Short circuit capacity is typically low
EMC and harmonic content is typically high
© ABB Group November 14, 2014 | Slide 29
Technical requirements in marine
Primary technical considerations for selecting the drive for use in different applications:
Enclosure requirementIP21 in dry spaces, IP22 above floorIP44 below floor, IP56 on deck
Ambient temperature rating+ 45 °C, general application+ 55 °C , installed in consoles and housings, where is an additional heat source in same enclosure
Vibration requirement 3 - 13,2 Hz: +-1 mm displacement13,2 - 100 Hz: 0,7 g accelerationmaximum amplification factor 10
© ABB Group November 14, 2014 | Slide 30
Technical requirements in marine
Primary technical considerations for selecting the drive for use in different applications:
Voltage and frequency variationsContinuous: frequency ±5%, voltage ±10%
Transient: frequency ±10%, voltage ±20%
EMCEMC requirement depends on location on board:
Special power distribution zone, general power distribution zone
Deck and bridge zone, accommodation zone
HarmonicsNetwork voltage total harmonic distortion (UTDH) < 5%
The effects of the harmonics to be taken into consideration in the system level
© ABB Group November 14, 2014 | Slide 31
LV drives – what to offer?
Duty Non-essential Essential
Application Simple, non-critical Necessary, high safety
Certification No certification needed Certification needed
Applicable Product range All LV AC drives products
If you don´t know, use allways certified drives for both non-essential and essential use.
Type certified products:
- ACS800-01 (R2-R6)
- ACS800-04 (R2-R6)
- ACS800-07 LC
Case by case certified products:
- ACS800-04/-x04/-x07
- ACS800-11/-31
- ACS800-07/-17/-37/-md
Options available to meet marine requirements
None + C132 Type approved design
+ C131 Vibration dampers
+ C121 marine construction
+ N698 winch control
+ Factory Acceptance Test (FAT)
© ABB Group November 14, 2014 | Slide 32
Options for certified products
+C121 Marine construction (ACS800–07/-07LC/-17/-37 & -md)
Top fixingFloor fixingDoor handles (plastic)Mechanical heavy duty properties90 deg door holdersA1 wiring marking
+C131 Vibration damper set (ACS800–01/-11/-31)
For direct wall mounting in vessels, not in cabinet installationNot needed for R2-R3 frames of ACS800-01Not needed for IP54 of ACS800-01
+C132 marine type certified design (ACS800–01 & -04, frames R2-R6)
Certificate documents ABS, DNV, Lloyd´s, BV, GL , BV , NK for –01 (R2-R6)ABS, DNV, Lloyd´s, NK for –04 (R2-R6)
+P901 Coated boards