Skip navigation
Machine safety

Basic Machine Safety for Fluid Power: Part 1 of 6

This is the first of a six-part series providing an overview of requirements, principles, applications, and technology for pneumatic and hydraulic safety control systems of machinery. The first topic introduces categories of safety-related components of control systems and their influence on fluid-power system design requirements.

Across Australia, state law stipulates that anyone who manufactures, supplies, designs, owns or modifies machinery must undertake both hazard identification and risk assessment to identify and minimize risk. Similar codes exist across North America. Unfortunately, these legal obligations often come as a shock to many in the aftermath of a preventable accident when companies and individuals realize they could be prosecuted.

Codes of practice for plant and machine safeguarding establish a priority order for the types of measures to control risks. In hierarchical order, these include:

  • Elimination;
  • Substitution with a lesser hazard;
  • Engineering controls;
  • Isolation;
  • Administrative controls; and

Personal protective equipment.

If a hazard that cannot be eliminated or substituted arises from exposure to a load controlled by fluid power, then appropriate engineering control methods must be employed as is practicable. If failure of the control system’s integrity could lead to accidental operation, it is not just exposure during normal operation that must be considered in assessing exposure to the load. Our experience at Fluidsentry indicates that probable effect to a failure to danger is often overlooked in assessments or not understood, leaving operators exposed to potential time bombs.

Technical Standard AS4024.1—Safeguarding of Machinery requires the “safety related parts of control systems” to be in accordance with the requirements of one or more of five categories. The categories state the required behavior of safety-related components of a control system with respect to its resistance to faults.

If a hazard identification and risk assessment of a machine identifies a hazard for which an engineering control method (such as an interlocked access guard) is to be installed, then the relative category for the safety control system integral to the control method should be derived. (Appendix F of AS4024.1 provides guidance on selection of categories).

The requirements and system behavior of the category are designed to provide a practical level of safety control resistance to faults with respect to the potential severity of injury, exposure to the hazard, and possibility of avoidance and can be found summarized in table 10.3 of AS4024.1.

If a hazard could cause a serious, normally irreversible injury (including death), then a preferred category of 2, 3, or 4 will be derived depending on the combination of exposure and possibility of avoidance (see chart). For these categories fault detection is called for in safety related parts of the control system. This includes the electrical, pneumatic, and hydraulic component. The intent is that if a fault is detected, further operation of the machinery can be prevented until the fault is diagnosed and safely resolved.

This chart summarizes assessment of risk and severity of results.

In addition, Categories 3 and 4 require that a single fault in the control does not lead to the loss of the safety function. Thus, if a component fails, a redundant or second device must still maintain the safety function.

Fluid power safety technology today includes a range of monitored fluid power components designed to provide fault detection as well as various mechanically interlocked access systems. These include monitored safety valve systems, safety pressure switches, monitored rod locks, and trapped key ball valve interlocks. These all help empower engineers to design systems to meet requirements.

Monitored fluid power systems have fast become standard safety practice of industry and form the interface between electrical and fluid power safety control. Cost is continuously improving and is relatively insignificant compared to the potential cost to companies and individuals if a preventable accident occurs. Thus, investigators are now looking at fluid power system accidents not just as an accident, but as failure to have undertaken or integrated a safe design.

This material was submitted by Murray Hodges, director of Fluidsentry Pty Ltd., Carrom Downs, Victoria, Australia. Fluidsentry is a fluid power design representative for the Safety & Environmental Risk Consultants of Australia and member of the SF-041 Technical Committee for AS4024.1—Safeguarding of Machinery. Subsequent instalments will be published in future issues.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.