Human Machine Interface
A dynamic approach to safety in smart manufacturing
By Darren Hugheston-Roberts, head of machinery safety at TÜV SÜD, a global product testing and certification organisation
W
hile Industry 4.0 (I4.0) sees reduced risk in several areas, the range and flexibility of connected interfaces
introduce a new set of risk issues. As production facilities become more complex, operators must manage a rapidly evolving system that incorporates multiple interdependencies, while minimising downtime. It is therefore vital to consider the shifting landscape of risk, which is why I4.0 requires a new risk management approach that is customised to each individual actual use case.
As the increased flexibility created by I4.0 systems introduces new complexities and challenges, there is a shift from static risk assessment to one of dynamic risk assessment. Analysing and assessing the underlying physical and cyber risks to humans, property, and the environment is therefore a challenging task. Tackling safety issues by using a conventional static risk assessment approach would require time- consuming reiterations for every changing condition, which could potentially result in operational downtime.
Machinery safety standards define a set of general physical hazards that are used during type certification. However, current standards, such as ISO 12100 - Safety of machinery - General principles for design - Risk assessment and risk reduction, have not been designed around the concept of machine connectivity and interoperability. While hazards depend on the intended use and other limits of the machine in the physical world, conventional safety concepts do not consider the sources and effects of cyber threats that could create new hazards. Another limit related to hazards is that safety measures are designed to protect only human health using a “worst-case” approach. In practice, when a machine operates in
22 May 2024
an application-specific context, its limits and applicable hazardous situations may differ significantly from those considered under worst-case and stand-alone scenarios. Additional hazardous situations may also arise from machine-to-machine interaction. They can be related to human health, property and environment, as well as to undesired operational downtime or bottlenecks.
To give an example, an automated guided vehicle (AGV) navigating towards a machine in an operating area with a human presence represents a “collision risk”. This risk may be mitigated by using three safety measures incorporated in AGV design (according to ISO 3691-4 - Industrial trucks — Safety requirements and verification — Part 4: Driverless industrial trucks and their systems): 1. Personnel detection system 2. Speed control system 3. Braking system control
In current practice, speed limitations due to a human presence are therefore applied even if there are no humans in the actual AGV operating area.
Likewise, in a confined area, with no human presence allowed, an AGV making its
Components in Electronics
final approach to a machine for docking may pose a collision risk between two industrial assets. This unsafe docking event risk may be mitigated by using two safety measures incorporated in AGV design: 1. Speed control system 2. Parking braking system control Although there is no risk for humans in a confined area, the measures are necessary to protect industrial assets from expensive damage. The use of a context-sensitive safety approach could achieve the goal of property protection combined with higher system efficiency.
These scenarios demonstrate the need for adaptive production systems capable of monitoring and recognising hazardous situations during runtime, to ensure that residual risks are handled within current practices. To meet the new needs of I4.0, a new event-triggered, dynamic risk assessment and automated validation of safety measures approach is therefore required. This would assist system designers and operators to navigate complex risk landscapes, in both virtual simulations and real-world applications. This requires a continuous and holistic risk assessment to ensure stable operations,
increased productivity and reduce downtime in a smart manufacturing environment, which necessitates a digital representation of the physical manufacturing system, using digital twins and asset administration shells. When faced with the challenge of navigating a complex new risk landscape, effective safety and security are key challenges as this can build trust with asset owners and operators. However, it is becoming increasingly impossible to apply existing risk assessment criteria to a dynamic I4.0 operating environment that is characterised by multiple interactions and data flows. In today’s I4.0 domain, digital twins operate in parallel to the real-world factory, where thousands of sensors constantly collect and process data, either locally or on a larger scale.
It is therefore vital that the digital twins have customised safety and security profiles. A safety profile should be modelled to describe asset safety from a general and an application-specific perspective. These profiles should then be processed by an inference engine against actual application constraints to define limits and risk-mitigation capabilities in a real-world application, thereby providing automated risk evaluations at runtime.
Industry 4.0 (I4.0) is a major paradigm shift as the convergence of enterprise IT and operational technology enables systems and devices to exchange and interpret shared data on a global scale. By combining the strengths of the physical and virtual worlds, cyber-physical systems have the potential to significantly enhance industry performance, facilitate new products and spark innovative business models. However, machinery manufacturers and end users face a major shift in work methodology, which requires a new risk management approach.
www.tuvsud.com/en-gb/industries/ manufacturing
www.cieonline.co.uk.uk
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64