FESTO HB Safety en

Safety engineering guidelines
Your partner in safety Table of contents

Page
At Festo, quality has many This brochure is intended as a Simple and helpful: In the Directives and standards 4
aspects – one of these is hand- guide. second part of the brochure, you
ling machines safely. This is the It covers the core questions can find sample circuit diagrams Time schedule for EC machinery directive and DIN EN ISO 13849-1
reason behind our safety-orien- relating to safety-orientated for the most common safety
tated automation technology. It pneumatics: functions related to pneumatic Definition and concept of risk
gives you the certainty that your drives and the associated prod-
workplace is as safe as possible. • Why use safety-orientated uct combinations from Festo. Risk assessment
pneumatics? These can be used to solve many
• How can I identify the risk safety functions. Directive-compliant procedure for safe design
posed by a system or machine (as per EN ISO 12100)
to the operator or user? If you have further requirements,
• Which standards and our specialists worldwide will be Control architectures (as per DIN EN ISO 13849-1)
directives apply? happy to help.
• What safety measures are 4 operation modes – 10 safety functions
derived from these?
• What are the most common
safety measures? Sample circuit diagrams 32
Festo products 46
Services 74
2 3
Reduce risk – think preventively Simple – but safe!
Machines have to be designed in The EC machinery directive spe- Safety-orientated pneumatics In general, the simpler the safety Festo provides solutions on the
a way that protects people, cifies a risk analysis and assess- from Festo provides you with engineering used in the appli- basis of risk analyses and
animals, property and the en- ment for machines. Protection solutions for cation, the more efficient it is. assessments for the most com-
vironment from harm. The goal goals are derived and defined • Commissioning The complexity of safety en- mon applications. This ensures
is to prevent physical damage from this directive. The protec- • Automatic/manual operation gineering is in the variety of that the electrical safety func-
of any type. Using safety- tion goals are achieved using • Setting operation state combinations and tran- tions for your pneumatic
orientated pneumatics from various safety functions. Safety- • Risk situations and emergency sitional states. system’s controllers are en-
Festo provides you with the orientated pneumatics from functions, such as safe stop- hanced with the appropriate
security of implementing safety Festo, in the form of ping, safe exhausting. As a result, it would seem al- safety concepts.
measures in compliance with the • Components • Restarting -> protection against most impossible to implement
EC machinery directive. You can • Circuits unexpected starting up standardised safety engineering
reliably prevent collisions or • Engineering • Servicing/maintenance concepts.
uncontrolled restarts after an make it easy to achieve your
emergency stop, for example. safety objectives. Safe operation In addition to this, if errors Due to their flexible application,
At the same time, using safety- of machines should be possible occur, they must not lead to pneumatic drive systems from
orientated pneumatics also min- in all modes and stages of their failure of the safety functions, Festo need to be included in the
imises the risk of liability claims. service life. depending on their hazard risk analysis and assessment for
potential. each machine, depending on the
application.
4 5
Basic safety requirements in the manufacturing industry Time schedule for EC machinery directive and DIN EN ISO 13849-1
The development of the single Machine safety requires safe

European market has led to control systems. Important 2006 2007 2008 2009 2010 2011
Free movement of goods in Europe
standardised guidelines for harmonised standards include
29th December 2009
mechanical engineering for the EN 954-1, which is going to be
manufacturing industry. Article 95 of the EU Treaty Article 137 of the EU Treaty superseded by EN ISO 13849-1.
Old machinery directive
(free movement of goods) (occupational health and safety) DIN EN 954-1 will be in force
until the end of 2009. May 2006
EN ratification
“Health and safety” outline directive
Incorporation into national law New machinery directive
e.g. machines 89/391/EEC
Europe
extended to
Low voltage directive Machinery directive “Use of work equipment” 29th December 2009
2006/95/EC 98/37/EC single directive 86/655/EEC
2006/42/EC EN 954-1
8th May 2007
Listing in the Official Journal of the European Communities
Harmonised European standards National statutory provisions
EN ISO 13849-1
Responsibility
February 2007
Withdrawn from DIN
Manufacturers Operators
DIN EN 954-1
Germany
2nd October February 2007
Directives are laws. The EC One option for complying with 2006 DIN ratification
machinery directive applies to the EC machinery directive is to EN
ratification DIN EN ISO 13849-1
mechanical engineering run on. apply harmonised standards.
The primary aim of the EC Harmonised standards are listed
machinery directive is to specify in the Official Journal of the EN 954-1 has presumption of conformity according machinery directive 98/37/EC
basic health and safety require- European Communities.
ments in relation to the design Applying these results in what is EN ISO 13849-1 has presumption of conformity according machinery directives 2006/42/EC and 98/37/EC
run on and construction of known as the “presumption of

machines. The CE mark identifies conformity”, which reinforces A new machinery directive will Manufacturers have to comply
a machine as compliant with the the legal security of operators apply to the trade in and con- with the laws of their country.
EC machinery directive. and manufacturers. struction of machines in
the EU from the end of 2009. Applying standards is an option.
EU member states urgently have Standards reflect the best
to incorporate this directive into available technology.
their national legislation be-
cause, at European level, directi-
ves are laws.
6 7
Fundamental standards for designing control functions Definition and elements of risk
Applying harmonised Risks are the result of hazards

standards provides legal Design and risk assessment of machinery Electrical safety aspects and relate to the gravity of
security in compliance with possible damage and the
EN ISO 12100 EN 60204-1
European law. Safety of machinery Safety of machinery probability of the damage
Basic concepts, general principles for design Electrical equipment of machines, occurring. Low risk High risk
part 1: General requirements
EN 1050 (EN ISO 14121-1)
Safety Adequately Danger/hazard
Safety of machinery The first step is to reduce risk by reduced
Risk assessment, part 1: Principles
implementing inherent safety. Residual risk Risk before pro-
tective measures
The second step is to reduce risk
Functional and safety-related requirements for by implementing safety meas- Necessary minimum risk reduction
safety-related control systems
ures. The final measure is to
reduce risk through instruction. Actual risk reduction
Designing and implementing safety-related control systems
EN 62061
Safety of machinery Safety = acceptable residual risk
Functional safety of safety-related electrical, electronic and
programmable control systems
Any architectures Risk Severity of harm Probability of

Safety integrity level (SIL)
SIL 1, SIL 2, SIL 3
in terms of the
considered hazard = that can result from
the considered + occurrance
of that harm
hazard
DIN EN ISO 13849-1
Safety of machinery Exposure of person(s) to
Safety-related parts of control systems, part 1: General principles for design that hazard
Successor standards to EN 954-1:1996, transition period until 2009
Designated architectures (categories)

Performance level (PL)
PL a, PL b, PL c, PL d, PL e The possibility of avoiding
or limiting the harm
The occurrance of a
Harmonised standards that hazardous event
relate to machine safety serve
to reduce safety risks to an
acceptable minimum, as per the
machinery directive.
8 9
Risk assessment
Directives and standards de- When estimating the risk and

Start
scribe the process of risk assess- identifying the required perfor-
ment. Every manufacturer is Specification of the machine mance level, the degree of risk
limits Design measures
obliged to carry out a risk Determination of the limits
• Use limits e.g. inherent safety reduction is established.
of the machinery
assessment. This is followed Whether or not the required
Source: EN ISO 12100, 3.14
• Space limits Source: EN 12100-2, Section 4

• Preliminary hazard analysis
Source: • Time limits
by a risk evaluation and, if EN 1050, Section 5 (PHA) risk reduction level has been
ISO 14121 Source: EN ISO 12100; 5.2 • WHAT-IF method
Risk analysis
necessary, suitable measures • Failure mode and effects achieved for technical safety
Determining/defining analysis, failure effects
for reducing risk have to be Hazard
states & transitional states analysis (FMEA)
measures depends on the follo-
identification Technical safety measures
implemented. • Failure simulation for con-
and supplementary safety measures
wing parameters:
Source: trol systems
EN 1050, Section 6
ISO 14121 • MOSAR procedure
• Fault tree analysis (FTA) – Identify the safety function to be performed
Focusing on risk reduction 1) Control architecture
Source: EN ISO 1050/14121
• Human interaction during

DELPHI-Technique
Risk estimation whole life cycle
This guide is primarily concerned • Possible states of the Source: EN 1050, Appendix B For each safety function specify the required
2) Mean Time To Failure (MTTFd)
Risk assessment
with the area of risk reduction in machine characteristics 3) Diagnostic coverage (DC)
Source: EN ISO 12100-1, 5.4

Source: • Unintended behaviour of
the form of technical safety EN 1050, Section 7 4) Common Cause Failure (CCF)
ISO 14121 the operator or reasonably Determining the required PLr
foreseeable misuse
Risk reduction
measures. We assume that all
For all safety functions

Source: EN ISO 12100; 5.3
possible design measures for Risk Design and technical implementation of the safety In all cases, the performance
evaluation of safety no function
Source: EN ISO 12100-1, 5.3
reducing risk have already been design measures – Is the level (PL) must be equivalent to
explored. machine Determining the PL at least the required PLr.
Risk evaluation
safe?
Category MTTFd DC CCF

yes
Risk
evaluation
of technical safety no
measures– yes
Is the machine PL ≤ PLr
safe?
no
yes
Source: DIN EN ISO 13849-1, 4.2 Figure 3
All possible no
User information on the machine and in the user
instructive
manual
measures
used
Source: EN 12100-2, Section 6
yes
End
Source: Directive 2006/42/EC, Appendix I, 1)
10 11
Evaluating technical safety measures – determination of the performance level Application 13849-1, step 1: Determining the required performance level
The figure shows the simplified The graph for determining the
Determination of the MTTFd = mean time to failure (dangerous)
procedure for determining the required performance level is
low risk
performance level (PL) of a safe- based on identifying the risk and P1
a
Determination of the SIL = Safety Integrity Level

1 3 F1
a 10–5 ≤ PFHd < 10–4
ty function. The PL is a function the resulting necessity for reduc- P2
Determination the PL = Performance Level
of categories B to 4, diagnostic ing this to an acceptable level. S1

P1 b
coverage “none to high”, various b 3 x 10–6 ≤ PFHd < 10–5 Low risk results in PL = a F2
MTTFd areas and the common (minimal measures for risk P2
1 c
cause failure. reduction). P1
c 10–6 ≤ PFHd < 3 x 10–6
F1
High risk results in PL = e
P2
The PL can be assigned to a spe- (comprehensive measures for S2
d
cific SIL level. However, it is not d 2 10–7 ≤ PFHd < 10–6 risk reduction). P1
F2
possible to infer the PL from the P2
e
SIL. Apart from the average pro- 10–8 ≤ PFHd < 10–7 high risk
e 3 Source: DIN EN ISO 13849-1, Appendix 1.2.3
bability of a dangerous failure Technically speaking, PLr
per hour, other measures are (required) is a “nominal value”,
DC < 60% DC < 60% 60% ≤ DC 90% ≤ DC 60% ≤ DC 90% ≤ DC 99% ≤ DC
needed to achieve a specific PL. 4
none none < 90% < 99% < 90% < 99% high which is the minimum that Statements from other standards
low medium low medium
should be achieved by the real DIN EN ISO 13849-1 EN 62061
2 Cat B Cat 1 Cat 2 Cat 3 Cat 4
structure. S Severity of injury Irreversible injury (4 points)
5 CCF not relevant CCF ≤ 65% (death, loss of eye or arm)
S1 Slight (normally reversible injury) Irreversible injury (3 points)
Statements from EN 62061 are (broken limb, loss of finger)
S2 Serious (normally irreversible injury, Reversible injury (2 points)
1 Risk graph: Which performance level is Evaluation MTTFd also quoted here for a better or death) (requires further medical attention from a doctor)
required? 3 years ≤ MTTFd < 10 years assessment of risks. The basic Reversible injury (1 point)
Low
PL a to e
Medium 10 years ≤ MTTFd < 30 years principle of risk is always Frequency (with a duration > 10 min)
F Frequency and/or exposure to hazard < 1 h (5 points)
2 Designated architectures: How is the High 30 years ≤ MTTFd ≤ 100 years evaluated in the same way: the > 1 h to < 1 day (5 points*)
control chain or safety function F1 Seldom to less often and/or exposed time is > 1 day to < 2 weeks (4 points*)
Source: DIN EN ISO 13849-1, Chapter 4.5.2 severity of the possible damage
structured? Cat B to 4 short > 2 weeks to < 1 year (3 points*)
and the probability that the > 1 year (2 points*)
3 Quality of components in the control F2 Frequent to continuous and/or exposed
damage will occur. time is long * if exposure lasts less than 10 min, this can be reduced one level
chain. Determining the MTTFd for the
entire process chain – from sensors to P Possibility of avoiding the hazard Impossible (5 points)
actuators
P1 Possible under specific conditions Rare (3 points)
4 Diagnostic coverage:
Which dangerous failures are identified? P2 Scarcely possible Probable (1 point)
5 Common cause failure (CCF): measures

to reduce CCF DIN EN ISO 13849-1
Chapter 4.5.4
12 13
Safety function
Exhausting
Implementation 13849-1, step 2: Determination of the designated architechture

for category B
Category Summary of requirements System behaviour Example
B • Safety-related parts of control systems must comply with the • Fault tolerance: zero. Entire control chain = cat. B
applicable standards The occurrence of a fault can
• Control system must be designed, built, selected, assembled and lead to the loss of the safety
combined to ensure that they withstand the expected influences function
• Mainly characterised by
selection of components
Cat. B*
Cat. 1
I i m
L i m
O
* Normal PLC control systems (not safety control systems) only achieve category B
14 15
Safety function
Exhausting
Control architecture of category 1
Category Summary of requirements System behaviour Example*

Entire control chain = cat. 1
1 • The requirements of B shall apply • Fault tolerance: zero, but the
• Well-tried components and well-tried safety principles probability of occurance is
Hardware structure Wiring
shall be used lower than for category B
ERGEN
Well-tried component: • The occurrence of a fault can
EM
CY
a) Widely used in the past with successful results in similar lead to the loss of the safety
S TOP
applications, or function
b) Manufactured and verified using principles that • Mainly characterised by
demonstrate its suitability and reliability for safety-related
selection of components
applications
I i m
L i m
O
*The example shows the schematic representation of a specific category. Depending

on the safety relay, the wiring may be different and the connections may have
different designations. A fault examination has to be carried out for each concrete
application.
16 17
Safety function
Exhausting
Category Summary of requirements System behaviour

Example*
2 • Requirements of B and the well-tried safety principles shall apply • Fault tolerance: zero, but the Entire control chain = cat. 2
• Safety-related parts of control systems must check safety functions loss of the safety function is
at suitable intervals by the machine control system: when the machi- detected by the check Hardware structure Wiring
ne starts up and before a hazardous situation arises, e.g. the start of • The occurrence of a fault can
ERGEN
EM
a new cycle; at the start of other movements and/or periodically lead to the loss of the safety
CY
during operation, if the risk assessment and the operation mode function between the checks S TOP
show that this is necessary. • Testing at suitable intervals
(test frequency must fulfil one
hundred times the requirement
rate (safety function))
• Mainly characterised by structure
I im
L i m
O
TE i m
OTE

on the safety relay, the wiring may be different and the connections may have
different designations. A fault examination has to be carried out for each concrete
application.
18 19
Safety function
Exhausting

3 • Requirements of B and the use of well-tried safety principles • Fault tolerance: one Entire control chain = cat. 3
shall apply When a single fault occurs,

the safety function is always Hardware structure Wiring
• Safety-related parts shall be designed so that
performed ERGEN
a single fault in any one of these parts does not lead to a loss of
EM
CY
the safety function, and • Some but not all faults are
S TOP
identified
• Whenever reasonably practicable, the single fault is detected
• Accumulation of undetected
faults can lead to the loss of
the safety function
structure
m
I1 i m
L1 O1
i m
m
I2 i m
L2 O2
i m

on the safety relay, the wiring may different and the connections may have different
designations. A fault examination has to be carried out for each concrete
application.
Note: BGIA certification as a category 3 component as per DIN EN ISO 13849-1 has been
requested for MS6-SV.
20 21
Safety function
Exhausting

4 • Requirements of B and the use of well-tried safety principles • Fault tolerance: one Entire control chain = cat. 4
shall apply When single fault occurs, the
safety function is always per- Hardware structure Wiring
• Safety-related parts shall be designed so that
formed
a single fault in any of these parts does not lead to a loss of ERGEN
• Detection of accumulated
EM
the safety function, and
CY
• The single fault is detected at or before the next demand upon the faults reduces the probability
S TOP
safety function, but that if this detection is not possible, an of the loss of the safety func-
tion
accumulation of undetected faults shall not lead to the loss of the
safety function. • The faults will be detected in
time to prevent the loss of the
safety function
structure
m
I1 i m
L1 O1
i m
m
I2 i m
L2 O2
i m

on the safety relay, the wiring may be different and the connections may have different
designations. A fault examination has to be carried out for each concrete
application.
Note: BGIA certification as a category 3 component as per DIN EN ISO 13849-1 has been
requested for MS6-SV.
22 23
Implementation 13849-1, step 3: Determination of the Mean Time To Failure (MTTFd)
where:
Input Input signal Logic Control signal Outlet Control signal Formula for determining the B10d B10d [cycles] = mean number of cycles until 10% of components fail
MTTFd value for a mechanical MTTFd = dangerously
0.1 • nop
element in a channel B10d = 2 x B10
Life time data based on the technical data sheet

B10 B10
dop • hop • 3600s/h hop [h/d]: mean operating hours/day
Application data Mean number of annual nop = dop [d/anno]: mean operating days/year
tcycle
actuations nop for the tcycle [s]: mean cycle time
MTTFd MTTFd MTTFd MTTFd mechanical element
MTTF
2 1 MTTFdC1 and MTTFdC2:
Evaluation d
MTTFd = MTTFdC1 + MTTFdC2 –
N Calculating the total MTTFd for 3 1 1 values for two different,
1
______ 1 3 years ≤ MTTFd < 10 years +
= _______
Low
Medium 10 years ≤ MTTFd <30 years two different channels MTTFdC1 MTTFdC2 redundant channels. If the
MTTFd i=1 MTTFd,i 30 years ≤ MTTFd ≤ 100 years
High MTTFd for a channel is more than
Source: DIN EN ISO 13849-1, Chapter 4.5.2
100 years, 100 years is used in
subsequent calculations.
The mean time to failure (MTTFd)
is initially determined for each
redundant channel. Next, a total
MTTFd value is determined for
both channels. This value is
given in years and is a qualita-
tive statement of the safety func-
tion. In line with the applicable
standard, the technical safety
measure is assessed and given
one of three classifications: low,
medium or high.
24 25
Implementation 13849-1, step 4: Determination of the diagnostic coverage (DC)
This table shows a summary of Key
Spontaneous change in the setting

of non-adjustable, circular orifices
Change in the flow rate in the case
Spontaneous change of the initial
moving component(s)/mounting/
Change in flow rate without any
Change in the set value without

Change in the leakage flow rate
operating element of the setting

sources of fault related to pneu-
switching position (without an
Unintended unscrewing of the
Failure at the connector (e. g.

Bursting of the valve hosing/
Fault list
For proportional flow valves:
change to the setting device

unintentional change in the
Change of the detection or

matics, taken from DIN EN ISO Not relevant for this
Change of switching times
Failure of the end position

over a long period of use
Loosening of the piston/

change in setting device
Electrical power failure

13849-2. Under certain condi- component
piston rod connection

output characteristics
tearing off, leakage)
Clogging (blockage)
not switching back
tions, it is possible to exclude
Pressure failure
housing screws
Non-switching/
faults. Freedom from defects
Pressure rise
setting value
input signal)
and nozzles
cushioning
The prerequisites for excluding a Products assured to some extent
Bending
Leakage
device
device
fault are described in detail in for the component (see
DIN EN ISO 13849-2. DIN ISO 13849-2)
Faults must be examined and Directional control valves
evaluated in the context of each Freedom from defects
application to establish whether Shut-off/non-return/quick
not assured for this
the fault has a dangerous effect exhaust/shuttle valves component
on the safety function.
Flow control valves
Depending on the construction
principle and the design of com-
ponents, different results may Pressure limiting valves DC average
arise for different applications;
DC1 DC2 DCN
in other words, a specific product + + ... +
Pipework MTTFd1 MTTFd2 MTTFdN
may be suitable for one appli- DCavg =
cation but not for another. 1 1 1
+ + ... +
Tubing MTTFd1 MTTFd2 MTTFdN
The design engineer for the
installation is responsible for
checking this. Connecting pieces
Pressure intensifier and pressure

medium converter
(identified
Filter DC1 = dangerous fault)
(total
dangerous fault)
Lubricator
Silencer
Energy storage device

and reservoir
Sensors
Logic elements (AND/OR)
Delay elements
Transformers (pressure switch,

position switch and amplifier)
Cylinder
26 27
Implementation 13849-1, step 5: Determining Common Cause Failures (CCF) Combination or series connection of SRP/CS to achieve an overall performance level
Common cause failure Safety functions can be imple-

Sensors Logic Actuators
No. Measures against CCF Score S mented using multiple SRP/CS
1 Separation/ Segregation connected in series. The perfor- User design Using certified User design Using certified User design Using certified
components components components
Physical separation between signal paths, e.g. separation in wiring/piping, sufficient clearances mance of each SRP/CS is either
and creep age distances on printed-circuit boards 15 determined by the user or, ideal-
ly, specified by the manufacturer Architecture Architecture Architecture
selection selection selection
2 Diversity of the component in the techni-
MTTF MTTF MTTF
Different technologies/design or physical principles are used, for example: first channel program- cal data for the certified com- d d d
B10 value B10 value B10 value

mable electronic and second channel hardwired, kind of initiation, pressure and temperature. ponents.
Measuring of distance and pressure, digital and analog. Components of different manufactures 20 To determine the total perform- Application Application Application
data n op data n op data n op
3 Design/application/experience ance level, the number of the

3.1 Protection against overvoltage, over pressure, over-current etc. 15 lowest performance level has Diagnostic Diagnostic Diagnostic
coverage coverage coverage
3.2 Components used are well-tried 5 to be identified and the overall 0 ... 99% 0 ... 99% 0 ... 99%
4 Assessment/analysis PL is determined using the CCF value CCF value CCF value
Are the results of a failure mode and effect analysis taken into account to avoid common- standard. common cause common cause common cause
failure failure failure
causefailures in design. 5
5 Competence/training
Have designers/ maintainers been trained to understand the causes and consequences of PL a, b, c, d or e PL a, b, c, d or e PL a, b, c, d or e PL a, b, c, d or e PL a, b, c, d or e PL a, b, c, d or e
common cause failures? 5

6 Environment
6.1 Electromagnetic compatibility (EMC) 25
The system was checked for EMC immunity Partial result Partial result Partial result
Sensors Logic Actuators
(e.g. as specified in the relevant product norms)
6.2 Other factors 10
Have the requirements for immunity to all relevant environmental influences such as temperature,
shock, vibration, humidity (e.g. as specified in relevant standards) be considered? determined by the mechanical engineer PL
specified by the manufacturer
Total [max. possible: 100]
Measures for avoiding CCF Total S score Simplified calculation of PL for Lowest PL Number of lowest PL Entire system
Meets the requirements 65% or better series allignment of Safey- PLlow Nlow PL
Process failed; choose additional measures less than 65% related Part of control Systems a ,3 not permitted
In a series connection, the >ˆ3 a
Which common cause failures points may be claimed for each number of the lowest PL is deter- b ,2 a
can arise? The measures against listed measure. If a measure is mined. This result can be used >≤2 b
these failures should be re- only partially fulfilled, it receives to determine the total PL from c ,2 b
corded in a grid. Only the zero points. the table. >≤2 c
complete number of points or no d ,3 c
>≤3 d
e ,3 d
>≤3 e
28 29
4 operation modes – 10 safety functions
During the risk assessment, the Specific safety functions can be You can find these safety func-
hazardous situation also has to derived from these operation tions both in the suggested cir-
be determined and, sub- modes: cuits and in the products and
sequently, the risks have to be solutions. The information spe-
evaluated. This applies to a • Pressurising of machines cified always refers to very spe-
machine’s entire service life. • Maintaining pressure cific safety functions.
The following four operating • Reducing pressure and force This will enable you to quickly
Pressurising Maintaining Reducing pressure Exhausting
pressure and force modes in particular are used for • Exhausting of machines decide whether the information
operating a machine: • Two-hand operation is relevant to your current task,
• Tamper-proof both in the sample circuits and
Initial position, • Initial position/standstill in the products.
standstill • Reducing speed
• Normal operation • Free of forces
• Set-up and service operation • Stopping, holding and blocking
• Emergency operation a movement
Set-up and • Reversing a movement
Normal operation
service operation
Two-hand Tamper-proof,
operation prevention of
Emergency operation unexpected
starting up
Reducing speed Free of forces Stopping, holding and Reversing

blocking a movement a movement
30 31
Examples of safety-orientated pneumatics
The varying requirements and areas of application for installations mean that the results of risk
analyses are very variable – as are the solutions for them. Here we present some important examples.
Picking & Placing discrete Power-driven interlocking Safety for pressing, joining and In progress: safety during
goods guards setting procedures setting-up
Safety measures Safety measures Safety measures Safety measures

1. Prevention of unexpected 1. Prevention of unexpected 1. Prevention of unexpected 1. Prevention of unexpected
start-up, as per EN 1037 start-up, as per EN 1037
2. Single-channel reversing, 2. Single-channel run at
2. Two-channel stop, as per 2. Single-channel for safety func- as per EN ISO 13849-1 reduced speed,
EN ISO 13849-1 tion exhausting, as per 3. Unpowered state using as per EN ISO 13849-1
3. Stop category “1” as per EN ISO 13849-1 stop category “1” as per
EN 60204-1 3. Stop category “1” as per EN 60204-1
EN 60204-1
32 33
Safety function Safety function Safety function
Two-hand operation Two-hand operation Reversing
Sample circuit diagram – two-hand control block Sample circuit diagram – double two-hand control block
Control chain Description Description cap side of the cylinder are

The control block for two-hand If pressure switch DR1 displays safety-related; in other words,
start ZSB 1/8 is a pneumatic one-way flow control valve screwed in cylinder the minimum operating pressure they play a decisive role in the
AND gate. If inputs 11 and 12 and the two pushbuttons WV5 function and, by extension,
safety relevant
are pressurised within a and WV6 are actuated, both safety.
max. of 0.5 s of each other, the two-hand control blocks (WV3
assembly switches through and and WV4) switch through. This If one of these lines is kinked or
there is an output signal at safety relevant reverses the WV1 and WV2 clogged, the cylinder does not
safety relevant
port 2. power valves and the piston rod receive the pressure it requires
extends. to travel to its retracted position.
The system is controlled by two This should be noted when
external 3/2-way push-button If only one of the two power laying the working lines, for
valves. If both push-button valves reverses, the piston rod example, in energy chains.
valves are activated, outlet remains retracted. If the piston
port 2 is pressurised. If one or rod extends and one power valve If one of the power valves fails,
both pushbuttons are released, is reset by the integrated spring, there is an “acoustic” fault
outlet port 2 is unpressurised. the piston rod retracts again. alarm caused by venting at on
The system exhausts from 2 to 3. The working lines to the bearing one of the silencers.
Note Note
1m
hose
Part no. Identifier Type Product designation All the information that relates All the information that relates
3527 WV1 ZSB-1/8 Control block for to standards is identified with Part no. Identifier Type Product designation to standards is identified with
two-hand start “max. possible”. Whether the 9270 DR1 VD-3-PK-3 Pressure sequence valve “max. possible”. Whether the
6817 WV2 SV-3-M5 Front panel valve values are reached does not only KS1 Any drive values are reached does not
6817 WV3 SV-3-M5 Front panel valve depend on the pneumatics. SP1 One-way flow control depend only on the pneumatics.
9270 DR VD-3-PK-3 Pressure sequence valve It is only possible to assess valve It is only possible to assess
whether a specific function is SP2 One-way flow control whether a specific function is
achieved or not by observing valve achieved or not by observing the
Function Description (max. possible) the complete system. The design 161061 WV1, WV2 VL-5/2-D-01-FR 5/2-way valve complete system. The design of
Control architecture Cat. 2 of the electrical engineering, 3527 WV3, WV4 ZSB-1/8 Control block for two- the electrical engineering,
Number of channels 1 mechanics, hydraulics and pneu- hand start mechanics, hydraulics and pneu-
Diagnostic coverage Medium matics all play a role. 184135 WV5, WV6 SV/O-3-PK-3x2 Front panel valve matics all play a role.
Performance level d
CCF > 65% Function Description (max. possible)
Control architecture Cat. 3
Number of channels 2
Diagnostic coverage Medium
Performance level d
CCF > 65%
34 35
Safety function Safety function
Exhausting Stopping, holding and
blocking a movement
Sample circuit diagram – exhausting via non-return valves Sample circuit diagram – pneumatic holding using stop valves
Description These make up the second Description

Directional control valves WV1 channel for exhausting the drive. The cylinder can be held
and WV2 are responsible for the pneumatically via two different
normal operating function. If It is important to note that the channels.
there is no current, they are in two non-return valves also need Channel 1 is created by stop
their initial position and exhaust a differential pressure in order to valve WV1. When not actuated
the installation. To make it pos- exhaust. This differential is (mid-position), the valve is
sible to retract and extend the application specific. closed; in other words, if the
cylinder, WV3 has to exert pres- electrical power is switched off,
sure on both non-return valves WV1 switches to its spring
(SP1 and SP2). Note centred mid-position and the
All the information that relates cylinder is held pneumatically.
In this case, the two non-return to standards is identified with The second channel is created
valves do not affect normal “max. possible”. Whether the by the two stop valves (WV3 and
operation. values are reached does not WV4) and actuating valve WV2.
depend only on the pneumatics. When not actuated, WV2 is
If both non-return valves (SP1 It is only possible to assess exhausted and switches the
and SP2) are exhausted, cylinder whether a specific function is two stop valves to the closed
KS1 can also be exhausted via achieved or not by observing the position. The two stop valves
the non-return valves. complete system. The design of create the second channel for
the electrical engineering, pneumatic holding.
mechanics, hydraulics and pneu-
Identifier Type Product designation matics all play a role.
KS1 Any drive Note
DS1 Any pressure switch All the information that relates
SP2, SP1 e.g. HGL, H, HA, HB Non-return valve Part no. Identifier Type to standards is identified with
WV3, WV2, WV1 e.g. CPE, MHE, MFH Solenoid valve KS1 Any drive “max. possible”. Whether the
DS1 Any pressure switch values are reached does not
DR1, DR2 GR... depend only on the pneumatics.
Function Description (max. possible) WV1, WV2 CPE..., MH...,MFH..., VSVA... It is only possible to assess
Control architecture Cat. 3 910445 WV3, WV4 VL-2-1/4-SA3919 whether a specific function is
Number of channels 2 achieved or not by observing the
Diagnostic coverage Medium complete system. The design of
Performance level d Function Description (max. possible) the electrical engineering,
CCF > 65% Control architecture Cat. 3 mechanics, hydraulics and pneu-
Number of channels 2 matics all play a role.
Performance level d
CCF > 65%
36 37
Safety function
Stopping, holding and Tamper-proof, prevention of
blocking a movement Exhausting unexpected starting up
Sample circuit diagram – mechanical and pneumatic holding Sample circuit diagram – servopneumatics
Description The second channel is controlled Description

The safety function “stopping a via the mechanical brake by For implementation of the
movement” is implemented both WV2. When exhausted, the following safety measures:
pneumatically and mechanically brake is activated and it holds • Protection of unexpected
(diversified) in this circuit. the piston rod. It is important to start-up, as per EN 1037
Assuming that both the mecha- note that a brake is used here, (two-channel design)
nical brake and the pneumatic and not a retaining device. -> possible: performance level
holding in the application are “d”, as per EN ISO 13849-1
sufficient to fulfil the “stopping a • Single-channel “exhausting”
movement” safety function, this safety measure, as per
is a two-channel system. EN ISO 13849-1
-> possible: performance level
Channel 1 is implemented via “d”, as per EN ISO 13849-1*
WV1. In the mid-position (dead), • Stop category “0” as per
the valve is closed and the EN 60204-1
cylinder stops.
Note
All the information that relates
to standards is identified with
Identifier Type Product designation “max. possible”. Whether the Part no. Type Product designation
DS1 Any pressure switch values are reached does not 163380 DNC-50-500-PPV-A standard cylinder
ST1, ST2 GR... Flow control valve depend only on the pneumatics. 9517 GRU-1/4-B flow control/silencer
KS1 DNCKE.., DNCKE..-S, KEC.., KEC..-S Cylinder It is only possible to assess 9517 GRU-1/4-B flow control/silencer
WV1, WV2 CPE.., MH.., VSVA.., MFH.. Directional control whether a specific function is 11689 H-1/4-B non-return valve
valve achieved or not by observing 188510 MFH-5/2-D-1-FR-S-C solenoid valve
the complete system. The design 188510 MFH-5/2-D-1-FR-S-C solenoid valve
Function Description (max. possible) of the electrical engineering, 151694 MPYE-5-1/4-010-B proportional directional
Control architecture Cat. 3 mechanics, hydraulics and control valve
Number of channels 2 pneumatics all play a role. 542897 SDE5-D10-FP-Q6E-P-M8 pressure switch
Performance level d
Max. possible CCF > 65%
The cylinder can move

*Requires appropriate diagnostics depending on its position
(e.g. additional evaluation of the signal
during exhausting.
change at the pressure switch)
38 39
Safety function Safety function Safety function
Safety function Tamper-proof, prevention Stopping
Tamper-proof, prevention
Exhausting of unexpected starting up a movement
of unexpected starting up
Sample circuit diagram – servopneumatics Sample circuit diagram – servopneumatics
Description Description
For implementation of the For implementation of the
following safety measures: following safety measures:
• Prevention of unexpected • Prevention of unexpected
(two-channel design) (two-channel design)
> possible: performance level -> possible: performance level
“d”, as per EN ISO 13849-1 “d”, as per EN ISO 13849-1
• Single-channel “exhausting” • Single-channel “exhausting”
safety measure, as per safety measure, as per
EN ISO 13849-1 EN ISO 13849-1-> possible:
-> possible: performance level performance level “d”, as per
“d”, as per EN ISO 13849-1* EN ISO 13849-1*
• Stop category “0” as per • Stop category “1” as per
EN 60204-1 EN 60204-1
Part no. Type Product designation Part no. Type Product designation
163380 DNC-50-500-PPV-A standard cylinder 163380 DNC-50-500-PPV-A standard cylinder
151694 MPYE-5-1/4-010-B proportional directional 151694 MPYE-5-1/4-010-B proportional directional
control valve control valve
542897 SDE5-D10-FP-Q6E-P-M8 pressure switch 542897 SDE5-D10-FP-Q6E-P-M8 pressure switch
7802 MFH-3-1/8 solenoid valve 11689 H-1/4-B non-return valve
161082 VL-5/2-D-02-FR pneumatic valve 188510 MFH-5/2-D-1-FR-S-C solenoid valve
9517 GRU-1/4-B flow control/silencer
9517 GRU-1/4-B flow control/silencer
11689 H-1/4-B non-return valve
The cylinder can move

*Requires appropriate diagnostics depending on its position *Requires appropriate diagnostics Pneumatic residual energy in
(e.g. additional evaluation of the signal (e.g. additional evaluation of the signal
during exhausting. the system.
change at the pressure switch) change at the pressure switch)
40 41
Safety function Safety function Safety function Safety function
Safety function
Tamper-proof, prevention Stopping Tamper-proof, prevention Reversing
Reducing the speed
of unexpected starting up a movement of unexpected starting up
Sample circuit diagram – servopneumatics Sample circuit diagram – servopneumatics
Description Description • Single-channel “reduced

For implementation of the For implementation of the speed” safety measure, as per
following safety measures: following safety measures: EN ISO 13849-1
• Prevention of unexpected • Prevention of unexpected -> possible: performance
start-up, as per EN 1037 start-up, as per EN 1037 level "d", as per
(two-channel design) (two-channel design) EN ISO 13849-1*
-> possible: performance level -> possible: performance level
“d”, as per EN ISO 13849-1 “d”, as per EN ISO 13849-1
• Two-channel “stop” safety • Single-channel “reversing”
measure, as per EN ISO safety measure, as per
13849-11* -> possible: EN ISO 13849-1
performance level “d”, as per -> possible: performance level
EN ISO 13849-1 “d”, as per EN ISO 13849-1*
Part no. Type Product designation Part no. Type Product designation
163380 DNC-50-500-PPV-A standard cylinder 163380 DNC-50-500-PPV-A standard cylinder
542897 SDE5-D10-FP-Q6E-P-M8 pressure switch 175042 GRLO-M3-QS-3 flow control valve
151694 MPYE-5-1/4-010-B proportional directional 11689 H-1/4-B non-return valve
control valve 11689 H-1/4-B non-return valve
7802 MFH-3-1/8 solenoid valve 188510 MFH-5/2-D-1-FR-S-C solenoid valve
161082 VL-5/2-D-02-FR pneumatic valve 151694 MPYE-5-1/4-010-B proportional directional
11689 H-1/4-B non-return valve control valve
542897 SDE5-D10-FP-Q6E-P-M8 pressure switch
*Requires appropriate diagnostics Pneumatic residual energy in *Requires appropriate diagnostics

(e.g. additional evaluation of the signal (e.g. additional evaluation of the signal
the system.
change at the pressure switch) change at the pressure switch)
42 43
Safety function
Tamper-proof, prevention Reversing
Reducing speed
of unexpected starting up
Sample circuit diagram – servopneumatics Servopneumatics – key features at a glance
Description • Single-channel “reduced Servopneumatics – a drive tech- pact and cost-effective solutions
For implementation of the speed” safety measure, as per nology with its own areas of where the loads to be moved
following safety measures: EN ISO 13849-1 application. Servopneumatics are typically in excess of 10 kg
• Prevention of unexpected -> possible: performance level differs from standard pneuma- and accuracy of a few tenths of
start-up, as per EN 1037 “d”, as per EN ISO 13849-1 tics in that it supports travel to a millimetre is sufficient.
(two-channel design) • Stop category “1”, as per any desired position with maxi-
-> possible: performance level EN 60204-1 (however, no sens- mum dynamic response and the Rule of thumb: the overall cost-
“d”, as per EN ISO 13849-1 * ing of speed “0”, instead the ability to cope with high forces effectiveness of a servopneu-
• Single-channel “reversing” reduced speed starts after a safely. It permits innovative and matic solution is higher the
safety measure, as per set time) cost-effective drive solutions. heavier the load to be moved
EN ISO 13849-1 (however there is a limit after
-> possible: performance level Free positioning using servop- which the dynamic response will
“d”, as per EN ISO 13849-1* neumatics is particularly useful be affected).
in scenarios that demand com-
Part no. Type Product designation Electrical terminal CPX with

positioning module CMAX
163380 DNC-50-500-PPV-A standard cylinder
175042 GRLO-M3-QS-3 flow control valve
151016 MFH-5/2-D-1-FR-C solenoid valve
151694 MPYE-5-1/4-010-B proportional directional
control valve
542897 SDE5-D10-FP-Q6E-P-M8 pressure switch
161082 VL-5/2-D-02-FR pneumatic valve
161082 VL-5/2-D-02-FR pneumatic valve
Pneumatic linear drive unit with Proportional valve VPWP

integrated displacement encoder DGCI
*Requires appropriate diagnostics

(e.g. additional evaluation of the signal
change at the pressure switch)
44 45
Safety function
Stopping, holding and
blocking a movement
Products for safety engineering Braking units DNCKE-S, KEC-S
Complete safety – products Description Use

Everything from a single source: • Holding force of the clamp • As a holding device (static
our aim – in the field of safety is larger than the cylinder’s application)
technology as elsewhere – is to max. permissible feed force – Holding and clamping in the
provide and implement solutions • For use in category 1 control event of power failure
for every safety task in the form systems, as per DIN EN 954-1 – Protection against pressure
of components or systems. (“reliable component”) If used failure and pressure drop
Technical data in higher categories, further – Holding the piston rod during
On the following pages you will technical control measures intermediate stops, for
find our range of products, to- NDiameter NDiameter need to be taken operative procedures in a
gether with brief descriptions of 40, 63, 100 mm of the round material to be • Certified by the Institute process
their function and application clamped for Occupational. Safety and • As braking device
ranges. For additional infor- TStroke length 16 ... 25 mm Health (BGIA) for use in safety- (dynamic application)
mation, consult the electronic 10 ... 2000 mm oriented control systems – Braking or stopping move-
catalogue on CD-ROM or online OHolding force • CE mark as per EU machinery ments
at www.festo.com/catalogue OHolding force 1300 ... 8000 N directive – Suspension of a movement
1300 ... 8000 N if a danger area is entered
If you have any further ques-
tions, please consult your Festo
sales engineer, who will be Function
happy to help.
Order code
Part no. Type Certification
526482 DNCKE-40--PPV-A
526483 DNCKE-63--PPV-A
526484 DNCKE-100--PPV-A
538239 DNCKE-40--PPV-A-S BGIA certified
527492 KEC-16
527493 KEC-20
527494 KEC-25
538242 KEC-16-S BGIA certified
46 47
Stopping, holding and Stopping, holding and
blocking a movement blocking a movement
Clamping unit KP, KPE Clamping unit for short-stroke cylinders
Selection Description Description

• For customer-built clamping • Holding or clamping the piston
Clamping cartridge KP Clamping unit KPE DNC-...-KP units rod in any position
• Ready-to-install combination • Holding the piston rod for long
of clamping cartridge KP and periods of time, even under
housing changing loads, pressure
• Various mounting options fluctuations or leakages
• Holding or clamping the piston
rod in any position
• Holding the piston rod for long
Technical data periods of time, even under
changing loads, fluctuations or Technical data Function
N Diameter of the round N Diameter of the round N Diameter of the round leakage
material to be clamped material to be clamped material to be clamped N Diameter
4 ... 32 mm 4 ... 32 mm 4 ... 32 mm 20 ... 100 mm
O Static holding force O Static holding force O Static holding force T Stroke length
80 ... 7500 N 80 ... 7500 N 80 ... 7500 N 10 ... 500 mm
Function O Static holding force

350 ... 5000 N
Order code
Order code
Part no. Type Part no. Type Part no. DNC-KP Stroke Part no. Type KP type
178455 KP-10-350 178465 KPE-10 [mm] 548206 ADN-20-...-KP KP-10-350
178456 KP-12-600 178466 KPE-12 163302 Ø32 10-2000 548207 ADN-25-...-KP KP-10-350
178457 KP-16-1000 178467 KPE-16 163334 Ø40 10-2000 548208 ADN-32-...-KP KP-12-1000
178458 KP-20-1400 178468 KPE-20 163366 Ø50 10-2000 548209 ADN-40-...-KP KP-16-1400
178459 KP-20-2000 178469 KPE-25 163398 Ø63 10-2000 548210 ADN-50-...-KP KP-20-1400
178460 KP-25-5000 178470 KPE-32 163430 Ø80 10-2000 548211 ADN-63-...-KP KP-20-2000
178461 KP-32-7500 178462 KPE-4 163462 Ø100 10-2000 548212 ADN-80-...-KP KP-25-5000
178452 KP-4-80 178463 KPE-6 163494 Ø125 10-2000 548213 ADN-100-...-KP KP-25-5000
178453 KP-6-180 178464 KPE-8
178454 KP-8-350
48 49
Stopping, holding and Stopping, holding and
blocking a movement blocking a movement
Mini slide DGSL unit with clamping unit or end position locking End position locking …-EL
Use • End position locking DNC-...-A-...-EL ADN-...-EL Description

• Clamping unit – Mechanical locking when • Mechanical locking when the
– Mechanical clamping the end position is reached end position is reached
– For fixing the slide in any – For fixing the slide in the • Locking is automatically
position unpressurised, retracted released only when pressure is
– Frictional locking state applied to the cylinder
– Clamps with frictional – Positive locking • End position locking at one or
locking at any position – Locks with positive locking both ends
– Clamping via spring force, in the retracted end position
released via compressed air only Technical data Order code
– Locking via spring, unlocked Part no. Type Stroke [mm]
via compressed air N Diameter N Diameter 163302 DNC-32-EL 10-2000
32 ... 100 mm 20 ... 100 mm 163334 DNC-40-EL 10-2000
Technical data Function 163366 DNC-50-EL 10-2000
T Stroke length TStroke length 163398 DNC-63-EL 10-2000
NDiameter C clamping unit E3 end position locking 10 ... 2000 mm 10 ... 500 mm 163430 DNC-80-EL 10-2000
6 ... 25 mm 163462 DNC-100-EL 10-2000
O Static holding force Function

80 ... 600 N Part no. Type
548214 ADN-20-EL
L Pressure 548215 ADN-25-EL
3 ... 8 bar 548216 ADN-32-EL
548217 ADN-40-EL
548218 ADN-50-EL
Order code 548219 ADN-63-EL
Part no. Type 548220 ADN-80-EL
543903 DGSL-6 548221 ADN-100-EL
543904 DGSL-8
543905 DGSL-10
543906 DGSL-12
543907 DGSL-16
543908 DGSL-20
543909 DGSL-25
50 51
Two-hand operation Two-hand operation
Two-hand control block ZSB SV/O front panel valve
Description This ensures that both of the Description Mushroom pushbutton with
• Category 3 as per DIN EN ISO operator’s hands are outside • Use: detent PRS
13849-1 can be reached with a the machine’s danger area. The – two-channel directional After pressing the pushbutton, it
suitable control architecture. product is a safety component control valve for use in front can only be unlocked using a
• Max. possible performance in line with the EC machinery panels key. The key can be removed in
level = d directive. The ZSB 1/8 control – Suitable for higher category both switching positions.
As intended, the control block block for two-hand start corres- control systems
for two-hand start enables ponds to type IIIA, according to – Can be combined with Key actuator Q with key
triggering of a control signal with DIN EN 574, and category 1, various actuator attachments The key actuator can only be
both hands simultaneously according to DIN EN operated with the key.
(synchronous) over two separate ISO 13849-1. Mushroom actuator PS The key can be removed in both
push-button valves. The actuator is unlocked by switching positions.
turning the detent ring on the
mushroom head.
Technical data Function Sample circuit Technical data Function

2
Control chain
MFlow rate 3
MFlow rate Function
up to 50 l/min 0 ... 70 l/min
LPressure 1 1 LPressure
3 ... 8 bar 0 ... 8 bar
QTemperature range QTemperature range

-10 ... 60 °C -10 ... +60 °C
Order code Order code

Part no. Type Certification Part no. Type
3527 ZSB-1/8 CE certified 184135 SV/O-3-PK-3x2
52 53
Tamper-proof, prevention Stopping, holding and
of unexpected starting up blocking a movement
Tamper-proof flow control valve GRLA-…-SA Stop valve VL-2-1/4-SA
Description Description
• Setting a defined flow rate • Stop valve for blocking the
• A spring pin protects against flow in a cylinder (supply/
unauthorised resetting of the exhaust air) in both directions.
volumetric flow rate A control signal opens the
• Impossible to change the flow Surface for additional safety closed ports
control valve’s setting with label from the system’s • Design: poppet valve control-
standard tools – thanks to the manufacturer or fitting company led via a swivel connection
spring pin protection • Tube fitting (thread G1/4)
• Six different sizes from M5 • Port G1/4
to 3/4" • Nominal diameter Ø 4 mm
Technical data Function Technical data Function
MFlow rate 2 L Pressure

0 ... 2500 l/min 0 ... 10 bar
L Pressure Q Temperature range

0.2 ... 10 bar -20 ... 80 °C
1
QTemperature range
-10 ... +60 °C Order code
Part no. Type
25025 VL-2-1/4-SA3919
Order code
Part no. Type
539717 GRLA-M5-B-SA218543
539661 GRLA-1/8-B-SA218543
539662 GRLA-1/4-B-SA218536
539715 GRLA-3/8-B-SA18541
539716 GRLA-1/2-B-SA218540
539714 GRLA-3/4-B-SA218542
54 55
Tamper-proof, prevention Tamper-proof, prevention
of unexpected starting up of unexpected starting up
Shut-off valves: European version Shut-off valve HE-LO: US standard
Description Use Description Hazardous Energy” from the US

• Shut-off valve for shutting off Shutting off the compressed air • Valve for shutting off the com- Department of Labor. Pressing
and exhausting pneumatic supply whilst simultaneously pressed air supply whilst the actuating button closes the
systems. Can be shut off a exhausting systems powered simultaneously exhausting passage from 1 to 2 and opens
max. of 6 times in the closed by compressed air. Pressing systems powered by compres- the passage from 2 to 3.
(exhausted) state the actuating button closes the sed air The maximum exhaust flow is
• Padlocks prevent unauthorised passage from 1 to 2 and opens • Pneumatic shut-off during achieved by holding the actuat-
starts the passage from 2 to 3. maintenance or repair work ing button in its end position
• For systems that require pneu- The maximum exhaust flow is • Fulfils the US Department of until the downstream system is
matic shut-off, e.g. during achieved by holding the actuat- Labor’s requirements completely exhausted.
maintenance or repair work. ing button in its end position The valve is installed in the air
The valve is integrated into the until the downstream system is supply lines and fulfils the requi- Greater safety: lockable
air supply lines completely exhausted. rements set out in When closed, the valve can be
• Any mounting position OSHA 29 CFR 147 “Control of locked using a padlock. This
Greater safety: lockable makes it impossible to supply an
When closed, the valve can be inoperative system (e.g. during
locked using a padlock. This maintenance work) with air
Technical data Function makes it impossible to supply an Technical data Function without authorisation.
inoperative system (e.g. during
M Flow rate maintenance work) with air MFlow rate
3100 ... 6000 l/min without authorisation. 5200 ... 12000 l/min
L Pressure L Operating pressure

0 ... 16 bar 1 ... 10 bar
Note Note
Q Temperature range The shut-off valve cannot be QTemperature range The shut-off valve cannot be
-10 ... +60 °C used as an emergency-stop -10 ... +60 °C used as an emergency-stop
valve. valve.
O Max. actuating force OMax. actuating force
90 N 90 N
Order code Order code
• PWIS-free Part no. Type Part no. Type
187026 HE-3/8-D-MIDI-NOT-SA 197136 HE-G1-LO
187027 HE-1/2-D-MIDI-NOT-SA 197135 HE-G3/4-LO
187028 HE-3/4-D-MIDI-NOT-SA 197134 HE-G1/2-LO
186688 HE-3/4-D-MAXI-SA 197133 HE-G3/8-LO
186689 HE-1-D-MAXI-SA 197132 HE-N1-LO
197131 HE-N3/4-LO
197130 HE-N1/2-LO
197129 HE-N3/8-LO
56 57
Safety function
Pressurising
Exhausting Exhausting
On-off valve with piston position sensing Pressure build-up and exhaust valve, type MS 6-SV
Description Sensors from Festo Description • Continuous sensing of the

• Electric on-off valve for pres- Standard sensors with reed con- • Exhaust reliably quickly in function for fast exhausting at
surising and exhausting pneu- tacts for T-slots can be used: type safety-critical areas of the any time
matic systems SME-8M, SMT-8M, SME-8, SMT-8 system, e.g. during • Switch-on and pressure build-
• With solenoid coil, without an emergency stop up functions integrated into
plug socket • Switching output non-contac- • Provides greatest possible the exhaust valve
• 3 voltage ranges can be ting or with reed contact machine availability thanks to • Prevention of unexpected
selected • Various mounting and connec- reliable processes start-up (two-channel
• Direct position sensing for the tion options • Institute for Occupational control)
piston spool • Heat resistant and corrosion Safety and Health (BGIA) • Compact design
• Can be used in circuits with a resistant designs certification as per • Internal evaluation of the
higher diagnostic coverage • Versions free of copper or PTFE DIN EN 13849-1, Category 4 piston position sensing
• Senses position, not pressure • Quick exhaust for fast pressure
• Single-channel Please note: sensors are ordered reduction
separately. • Exhaust rate is one and a half
times the pressurising rate
Technical data Function
Voltage
P 24 V DC PVoltage MFlow (exhaust)
2 24 V DC up to 9000 l/min 2
Pressure 12 12
L 2.5 ... 16 bar
1 3
L Pressure QTemperature range 1 3
3,5 ... 10 bar -10 ... +50 °C
Temperature range
Q-10 ... +60 °C MFlow (pressurise)
up to 6000 l/min
Order code
Order code
Part no. Type Part no. Type
533537 HEE-D-MIDI-...-SA207255 548713 MS6-SV-D
548535 HEE-D-MAXI-...-SA217173 548714 MS6N-SV-D
548715 MS6-SV-D-1/2-10V24-AG
548717 MS6-SV-D-1/2-10V24-SO-AG
58 59
Safety function
Safety function
Exhausting
Exhausting
Safety silencer, type UOS-1 Valve block for “reliable exhausting” of sub-systems
Description Contamination in the system Description • Ports ISO 1: QS8

• The UOS silencer combines can block standard cylinders. • Pre-installed, operationally • Ports ISO 3: QS12
the advantages of a standard The consequence: increased integrated tested solution • Optional extension of the per-
silencer and those of an open back pressure, which leads to • Number of channels: 2 missible time window for elec-
silencer: large flow with low increased exhaust times in the • Diagnostic coverage tric actuation (approx. 10 ms)
noise level and a compact system. This is prevented with DC = medium (integrated fault by connecting additional
design this silencer, due to its special diagnostics) volumes (for each 0.5 l
• For “reliable exhausting” as design. • PLmax = e -> approx. 0.5 sec.)
per DIN EN ISO 13849-1 • Air quality: 40 μm unlubricated • Safe exhausting (two-channel)
• Suitable for use with the Dangerous cylinder movements • Protected against uninten- of pneumatic port A when one
MS6-SV valve can lead to injury to people and tional start-up (two-channel). of the two coils is turned off
• Design: open machines. If the two solenoid coils are • Switching position sensing of
• Port: 1” activated simultaneously, the the directional control valves
• PWIS free compressed air is switched on in their initial position using
auxiliary pilot air for the other
directional control valve pro-
Technical data Function Technical data Function tects against an uncontrolled
restart and prevents a dange-
L Pressure PVoltage 2 rous state
0 ... 10 bar 24 V DC 12
Q Temperature range LPressure 1 3

-10 ... +50 °C 3 ... 8 bar
QTemperature range
0 ... +40 °C
Order code
MFlow rate ISO 1:
500 Nl/min
Part no. Type
552252 UOS-1
MFlow rate for ISO 3:
1500 Nl/min
Order code
Part no. Type Flow rate
549146 ISO 1 valves 500 Nl/min
550521 ISO 3 valves 1500 Nl/min
submitted
60 61
ISO valves in accordance with 5599-1 with position sensing of the piston spool ISO valves in accordance with 15407-2 with switching position sensing
Description Sensors from Festo Description • The piston spool’s initial

• The position of the piston Standard sensors with reed • Solenoid valve as per position is monitored by a
spool is sensed directly contacts for T-slots can be used: ISO 15407-1, plug form C, for proximity sensor
• Senses position, not pressure type SME-8M, SMT-8M, SME-8, individual electrical connection • For higher category control
• Suitable for circuits with a SMT-8 • Solenoid valve as per architectures
higher diagnostic coverage ISO 15407-2, for use with • Proximity sensor with M8 port
• Suitable for higher category • Switching output contactless valve terminal VTSA
circuits as per or via reed contacts • Valve function: 5/2-way valve
DIN EN ISO 13849-1 • Various mounting and connec- • ISO size 01, other sizes on
tion options request
• Heat resistant and corrosion • Width 26 mm
resistant designs
• Versions free of copper or PTFE
Please note: sensors are ordered

separately.
Technical data Function Technical data Order code

Part no. Type Version
MFlow rate 4 2
PVoltage 560723 VSVA-B-M52-MZD-A1-1T1L-APC Size 01, 5/2RF, plug-in valve,
1200 ... 4500 l/min 14 24 V DC with PNP sensor and cable
560724 VSVA-B-M52-MZD-A1-1T1L-APP Size 01, 5/2RF, plug-in valve,
LPressure 5 1 3 L Pressure with PNP sensor and M8 plug
3 ... 10 bar 3 ... 10 bar 560725 VSVA-B-M52-MZH-A1-1C1-APC Size 01, 5/2RF, CNOMO valve,
with PNP sensor and cable
QTemperature range QTemperature range 560726 VSVA-B-M52-MZH-A1-1C1-APP Size 01, 5/2RF, CNOMO valve,
-10 ... +50 °C -5 ... +50 °C with PNP sensor and M8 plug
560742 VSVA-B-M52-MZD-A1-1T1L-ANC Size 01, 5/2RF, plug-in valve,
PVoltage M Flow rate with NPN sensor and cable
24 V DC 1100 l/min 560743 VSVA-B-M52-MZD-A1-1T1L-ANP Size 01, 5/2RF, plug-in valve,
with NPN sensor and M8 plug
560744 VSVA-B-M52-MZ-A1-1C1-ANC Size 01, 5/2RF, CNOMO valve,
Order code Function with NPN sensor and cable
Part no. Type 560745 VSVA-B-M52-MZ-A1-1C1-ANP Size 01, 5/2RF, CNOMO valve,
185994 MDH-5/2-D1-FR-S-C-A-SA27102 with NPN sensor and M8 plug
4 2
188005 MDH-5/2-D2-FR-S-C-A-SA23711 14
188006 MDH-5/2-D3-FR-S-C-A-SA23712
5 1 3
62 63
Safety function
Tamper-proof, prevention Stopping, holding and blocking
Reversing
of unexpected starting up a movement (mechanically)
ISO terminal for controlling presses ISO valve for lifting and semi-rotary cylinders
Description Valve manifold with individual Technical data Description

Valve terminal with multiple electrical connection as per • For lifting and semi-rotary
connector plate/fieldbus con- ISO 15407-1 PVoltage cylinders in the automotive
nection as per ISO 15407-2 • Double connecting plate plus 24 V DC industry
• Vertical stacking plus two two sensor valves with C shape
sensor valves plug pattern L Pressure Use
• Pressurising/exhausting via Valve block comprising a double 3 ... 10 bar • Self-holding and subsequent
linked standard VTSA valves sub-base and two VSVA valves, pressure supply in both end
Valve terminal, consisting of
24 V DC multi-pin plug connector
width 26 mm, with piston posi-
tion sensing via inductive PNP
QTemperature
-5 ... +50 °C
range positions
• During the stroke, the cylinder
with cable, a series manifold, proximity sensor, size M8, and needs to be held under pres-
right-hand end block, double plain cable end. MFlow rate sure in the event of an emer-
vertical stacking and 2 VSVA 24 V DC pilot valve with elec- 1000 l/min gency (e.g. if someone steps
plug-in valves, width 26 mm, trical interface, C shape, and on a safety shut-off mat)
with piston position sensing by covered manual override. The
inductive PNP proximity sensor, valves are pneumatically inter- Order code Function
size M8, and plain cable end and linked via two channels in the Part no. Type
covered manual override. The connecting plate (port 2 is con- 560728 VSVA-B-P53AD-H-A1-1T1L Size 01, 5/3 mid-position 3
valves are pneumatically inter- nected in parallel, port 4 inline). 1 port pressurised and 1 port exhausted, 14 5 3 12
linked via the vertical stacking switching position 14 detenting
plate using two channels (port 2 Expected to be available from mid 2008
is connected in parallel, port 4
Technical data inline). Function Function Normal operation After an emergency stop Control
(electrical power switched off )
PVoltage QTemperature range • Valve function: 5/2-way valve Retract clamping The clamping device is retracted via The clamping device remains pres- 5/3 WV 12 switched
24 V DC -5 ... +50 °C • ISO size 01 device the 5/2 WV surised in both chambers (no automatic locking)
• Position sensor with M8 port 5/3 WV 14 initial position 5/2 WV 12 switched
L Pressure MFlow rate • Valve width 26 mm 5/2 WV 12 switched
3 ... 10 bar 1100 l/min Extend clamping The clamping device is extended via The clamping device remains 5/3 WV 12 switched
device the 5/2 WV pressurised in both chambers (no automatic locking)
Order code 5/3 WV 14 initial position 5/2 WV 14 switched
5/2 WV 14 switched
Part no. Type Version
Clamping device in The end positions remain The pressure is sustained in the end 5/3 WV switched to 12 (automatic
569819 VOFA-L26-T52-M-G14-1C1-APP Complete 2x5/2-control block, individual
end position pressurised positions locking)
electrical connector, PNP sensor
5/3 WV 12 automatic locking 5/2 WV switched to 14 or 12
569820 VOFA-L26-T52-M-G14-1C1-ANP Complete 2x5/2-control block, individual
electrical connector, NPN sensor 5/2 WV 14 or 12 switched
Code letter „SP“ in order code Complete 2x5/2-control block, integration on
valve terminal VTSA, PNP sensor
Code letter „SN“ in order code Complete 2x5/2-control block, integration on
valve terminal VTSA, NPN sensor
submitted
64 65
Safety function (3 stages) Safety function
Free of forces Pressurising
ISO valve for pneumatic manual clamping device HEL soft-start valve
Description Function Description

Pneumatic manual clamping • Gradual pressure build-up
device for facilities in car body • The drives travel slowly into
construction work (insert loca- 14 5 3 12
their initial positions
tions) • Sudden and unpredictable
movements are avoided
Technical data • Main seat opens at approx.
50% of the supply pressure
PVoltage • Adjustable time delay for
24 V DC pressure response
• To be used with HE and HEE
L Pressure on-off valves
3 ... 10 bar
QTemperature range
-5 ... +50 °C Technical data Function
2
MFlow rate MFlow rate

Order code 1000 l/min 1000 ... 6500 l/min
Part no. Type
560727 VSVA-B-P53ED-H-A1-1T1L Size 01, 5/3 mid-position ex- L Pressure
hausted, switching position 14 3 ... 16 bar
detenting 1
Expected to be available from mid 2008 QTemperature range

-10 ... +60 °C
Order code
Part no. Type
Function Normal operation After an emergency stop Control 170690 HEL-D-MINI
(electrical power switched off ) 170691 HEL-D-MIDI
Clamping device is closed Unpressurised Unpressurised Valve is in the mid-position 170692 HEL-D-MAXI
165076 HEL-1/8-D-MINI
Clamping device is in the end Force supported by air pressure Force supported by air pressure Coil 12 is switched 165077 HEL-1/4-D-MINI
position (panel is clamped) (self-locking) 165078 HEL-3/8-D-MINI
Valve remains in position 12 186521 HEL-1/4-D-MIDI
Clamping device opens Pneumatically operated Valve returns to the mid-position Coil 14 is switched 165079 HEL-3/8-D-MIDI
automatically 165080 HEL-1/2-D-MIDI
165081 HEL-3/4-D-MIDI
186522 HEL-1/2-D-MAXI
165082 HEL-3/4-D-MAXI
165083 HEL-1-D-MAXI
66 67
Reducing pressure and force Pressurising
Dual-pressure regulator Soft-start/quick exhaust valve for ISO valve terminal type VTSA
Description Description Once the initial pressure reaches

Diaphragm pressure regulating Solenoid actuated on-off and the adjustable switch-over pres-
valve with secondary venting for exhaust valve for gradual pressure, the valve switches to full
setting two different initial pressure build-up in pneumatic flow.
sures in one device. The lower systems. This protects start-up
value of p2 (p21) can be set of pneumatic systems. Use
mechanically (SW10 on the ad- A small quantity of air flows into • Adjustable switch-over pres-
justing screw). The higher value the system through an adjust- sure (2, 3, 4, 5 bar)
of p2 (p22) can be set with the able flow control valve. The • Adjustable filling time
rotary knob. Switching from the initial pressure is built up • 24 V DC or 110 V AC solenoid
lower to the higher value occurs gradually. Downstream cylinders • G1/2 or NPT 1/2 ports
electronically. and devices gradually reach • Built-in piston position sensing
their initial position. • Flow rate (QNn):
pressurising 3000 l/min
exhausting 3400 l/min

Pressure
Key Function
MFlow rate Switch-over pressure
Working
up to 1300 l/min
1 2 pressure
Filling time
Q Temperature range
-10 ... +60 °C Examples
Fast filling time, switch-over
Technical data pressure at 6 bar
p2 regulator pressure regulation
range 0.5 <= 7 bar Slow filling time, switch-
p1 supply pressure 1 1.5 bar <= 12 bar over pressure at 4 bar
Hymax max. pressure hysteresis 0.5 bar
p1max p1max: 12bar
P2max p2max: 7bar Order code
PWIS-free Part no. Type
Corrosion resistance class CRC2 557377 VABF-S6-1-P5A4-G12-4S-1R3P
Ports G1/4
Order code
Part no. Type submitted
550588 LR-D-MINI-ZD-V24-SA234223A
567841 LR-D-MINI-ZD-V24-UK-SA236138A
68 69
Pressure zones for valve terminal type 44 VTSA Pressure zones for valve terminal type 32 MPA
Creating pressure zones and Further examples of pressure Creating pressure zones and Further examples of pressure
separating exhaust air supply and pilot air supply via separating exhaust air supply and pilot air supply
• With the VTSA, pressure zones an end plate • With the MPA pressure zones • External pilot air supply, flat
can be introduced in many • Internal pilot air supply, ducted can be introduced in many plate silencer
ways for different working exhaust air/silencer ways for different working • Internal pilot air supply, ducted
pressures • External pilot air supply, pressures exhaust air
• Pressure zones can be created silencer/ducted exhaust air • A pressure zone can be created • External pilot air supply,
by separating the internal by separating the internal ducted exhaust air
supply ducts between the Reliable exhausting of valves or supply ducts between the sub-
series sub-bases with a corres- pressure zones bases, with a corresponding Reliable exhausting of valves or
ponding channel separator If used together with the separating seal or via a separa- pressure zones
• Pressure supply and MS6-SV valve, specific areas can tor integrated into the sub- If used together with the
exhausting via supply plate be exhausted safely whilst the base (code I) MS6-SV valve, specific areas can
Zone 1 Zone 2 Zone 3 Zone 1 Zone 2 Zone 3
• Free positioning of the supply pressure is retained for specific • Pressure supply and be exhausted safely whilst the
plates and separating seals in valves or pressure zones. This exhausting via supply plate pressure is retained for specific
VTSA is a common requirement for • Free positioning of the supply valves or pressure zones. This
• Channel separator integrated protective circuits. plates and separating seals in is a common requirement for
ex works as per the order, MPA with CPX and MPM protective circuits.
differences can be indicated (multiple connector plate)
via the coding system for • Separating seals integrated
assembling valve terminals ex works as per the order,
differences can be indicated
P1 P2 P3
P1 P2 P3
VTSA with CPX terminal via the coding system for
connection assembling valve terminals
• Up to 16 pressure zones pos-
The illustration shows an sible with VTSA (if only size 1, MPA with CPX terminal
example of how three pressure ISO 5599-2, is used, up to 32 connection
zones are built up and con- pressure zones are possible) The illustration shows an Example of pressure zones
nected with channel separation – example of how three pressure • Up to 8 pressure zones pos-
with internal pilot air supply. zones are built up and connec- sible with MPA and CPX
ted with separating seals – with
external pilot air supply.
70 71
CPX terminal – power supply concept
Description Together with all the supply

The use of decentralised devices lines, interlinking blocks make
on the fieldbus – particularly up the backbone of the CPX ter-
those with a high protection minal. They provide the power
class for direct machine assem- supply for the modules mounted
bly – requires a flexible power on them, as well as their bus
supply concept. connection.
A valve terminal with CPX can Many applications require the

generally be supplied via a CPX terminal to be separated
socket for all voltages. into voltage zones.
Here, we distinguish between This is particularly true for
supplying the switching off the solenoid coils
• Electronics plus sensors and the ports separately. The
• Valves plus actuators. The interlinking blocks can either be
following connecting threads designed as a centralised power
are possible supply for the entire CPX ter-
- M18 minal (which saves on instal-
- 7/8” lation work), or they can be
designed as galvanically
separated, all-pin disconnec-
table potential groups/voltage
segments.
72 73
Knowledge provides greater safety “New machinery directive 2006/42/EC — new standard EN ISO 13 849-1
for pneumatics/electro-pneumatics (FOKUS)”
Safety is always more than just Are you a plant operator or Content Course participants will receive
the hardware and the corres- engineer? If the answer is ‘Yes’, • New machinery directive • A USB stick containing the
ponding circuit diagrams. Safety then the new machinery direc- 2006/42/EC course documents, design
starts at the concept stage, for tive applies to you. • Changes compared with the software for the performance
example by identifying necessary old machinery directive level and additional informa-
performance levels. Are you prepared for the change- 98/37/EC tion
over in safety engineering? Are • Risk assessment to EN ISO 13 • A “Safety engineering guide-
For comprehensive qualification you familiar with the performan- 849-1 lines” manual
on the subject of safety, Festo ce level of the safety functions? • Differences compared with DIN • A certificate confirming course
Didactic provides numerous The new machinery directive EN 954-1 participation
seminars on various topics. 2006/42/EC will come into force • EN ISO 13 849-1 concepts: • An option to purchase the
on December 29, 2009. Performance Level PL web-based training “Safety
More than 40 years of expe- The standard DIN EN 954-1 - Degree of diagnostic engineering” at a 50%
rience in training and consulting “Safety-related parts of control coverage DC discount.
and 30,000 participants at more systems – General principles for - Common cause failure CCF
than 2,900 events each year design” has already been with- - Mean time to failure MTTF Target group
speak for themselves: our drawn. The successor standard • Determining the individual Design engineers from
instructors provide you with their DIN EN ISO 13 849-1 is now values using selected pneu- mechanical, electrical and
own experience and give you valid. matic and electro-pneumatic control engineering.
the best possible preparation for In future it will be necessary to circuits
your own specific safety tasks. define a performance level and Duration
degree of diagnostic coverage. 1 day
When it comes to self-structured For further information, see the
and flexible modular learning, Be informed with the aid of this www.festo-tac.com
our web-based training course compact and intensive 1-day
“Safety engineering” is ideal. course.
74 75
“Safety in pneumatics and electro-pneumatics for design “Reliable design of machinery and systems (SEP-PILZ)”
engineers (SAFETY2)”
The European machinery direc- Content Target group The European directives and Contents Target group
tive is law and requires that • Design and function of safety- Design engineers from standards describe the safety • Introduction, machine Design engineers from mecha-
design engineers incorporate related circuits to EN ISO mechanical, electrical and requirements for machines and directives and standards: laws, nical, electrical and control en-
safety functions into machinery 13 849-1 control engineering. systems. These frequently inclu- machinery directives and their gineering and control engineers
and system designs. This is • Identification of safety cate- de the use of both electrical and implementation, safe control
certified with the CE mark. The gories of circuits Duration pneumatic drives and/or control technology in accordance with Duration
previous standard for risk • Selection of spare parts 2 days systems. In this seminar, you will DIN EN 954-1, perspective on 2 days
assessment DIN EN 954-1 has • Power failure and recovery For further information, see learn about both aspects and the new DIN EN ISO 13849-1
already been withdrawn and • Safe pressurisation and the Festo Didactic homepage: will be in a position to design • Safety-orientated electrical en- For more information, see the
replaced by the new standard EN exhausting www.festo-tac.com them for optimal interaction in gineering, safety engineering Festo Didactic homepage:
ISO 13 849-1. Design engineers • Safe opening of brakes and the future. design of control systems, www.festo-tac.de
will have to conduct their risk clamps reliable locking; attaching light
assessments in accordance with • Basic and proven safety Take advantage of the combined grids; scanners and safety
the new standards. Specific principles of pneumatics to expert knowledge of specialists shut-off mats and their test
pneumatic and electro-pneu- EN ISO 13 849-2 from Pilz GmbH & Co. KG and cycles; emergency-stop classi-
matic circuits for the “Safety • Selected safety measures for Festo Didactic GmbH & Co. KG fications; stop categories and
measures for safety-related safety-related pneumatic in one seminar. Demonstrations operating modes; safe
pneumatic components” will be components take place using an actual drives; frequency converters;
presented. These sample circuits - Unexpected restart machine model. speed monitoring; axis area
will be examined with respect to - Blocking, braking and rever monitoring; discussion on
their failure behaviour. sing of movements After the seminar, you will know sample applications and cir-
- Force isolation and freedom what requirements and options cuits
This course aims to enable of movement are available for safe and re- • Safety-orientated pneumatics,
design engineers to design - Reduced force and reduced liable electrical engineering and selected safety measures in
safety-related circuits up to con- speed pneumatics. You will be familiar safety-oriented pneumatics,
troller category 4, to understand - Two-hand operation with and able to use DIN characteristics of pneumatic
the interaction between pneu- • Error analysis and error elimi- EN 954-1/DIN EN ISO 13849-1 drives and controlling them,
matic and electrical components nation to EN ISO 13 849-2 “Safety-related parts of control power failure, power recovery
and to assess the behaviour of • Performance testing of safety- systems – General principles for and restarting, two-hand cir-
pneumatic cylinders. The course relevant components design” and associated norms. cuits, sample circuits
will teach design engineers what • Influence of tube length,
needs to be taken into account diameter and fittings on the
when developing these circuits. speed of cylinders
The seminar focuses on circuit • Preventing manipulation of
technology. protective devices
• Information on operating
instructions and maintenance
76 77
“Safe machines in operation (SMB)” in cooperation with WBT – Safety engineering web-based training
the Pilz company and TÜV Austria
The aim of this event is to make From the content Target group The training program is based From the content
participants more familiar with • Definitions and basic prin- Design engineers from on the revised form of ma- • Introduction to machine safety
the legal requirements through- ciples: mechanical, electrical and con- chinery directive 2006/42/EC. • The issue of liability
out a machine’s life cycle, from New and old machines, trol engineering and control This will come into force on (Who is liable in the event of
acquisition up to modification legal requirements, modifying engineers. December 29, 2009. Directive accidents?)
and inter-connection. Particular and inter-connecting machines 98/37/EC will apply until this • European directives
attention is paid here to modi- • Inventory-taking and retrofit- Duration date. There will be no transition • Relationship between
fying and inter-connection ting using a model: required 1 day period. directives and standards
machines, and the resulting properties, assessment based How will the overall perform- • The new EU machinery
documentation required by law. on a risk analysis or hazard For further information, see the ance level of a technical safety directive 2006/42/EC
analysis, emergency-off, Festo Didactic homepage: measure be determined? • The hierarchy of European
emergency-stop and stop www.festo.at Concepts such as mean time to standards for machine safety
categories, common faults failure MTTF, degree of diag- • Machine safety in the USA
from practical experience nostic coverage DC, common • The procedure for risk assess-
• Implementation and design: cause failure (CCF), redundancy ment to EN ISO 14121 and
Requirements for modifying This training program provides and diversity will be explained EN ISO 12100
and inter-connecting (Austrian an introduction to the complex in the learning program. The • Definitions
employee protection law, issue of safety engineering in components of safety devices • Risk assessment: determining
§ 35), developing new industrial machinery and will also be explained in detail. the required performance level
machines in Austria and systems. How will the overall perfor- • Measures for risk reduction:
Germany, basic principles of mance level of a technical safety design measures, technical
safe pneumatics and solution The aim is to make participants measure be determined? safety measures, instructive
variants, electro-technical more aware of the problems in Concepts such as mean time to measures
solutions and variants the design aspects of safety failure MTTF, degree of diag- • Selection of safety function
• Documentation: engineering and help them nostic coverage DC, common • Definition of controller
Requirements (Austrian understand safety engineering cause failure (CCF), redundancy category
employee protection law, equipment and hazard analysis and diversity will be explained
§ 35), descriptions and opera- methods. in the learning program. The Further information
ting instructions, technical components of safety devices Available as a CD-ROM version
documents, testing and valida- will also be explained in detail. or alternatively WBT version for
tion installation on networks and
learning management systems,
with as many licenses as you
need.
Duration
approx. 4 hours
For further information, see
the Festo Didactic homepage:
www.festo-didactic.com
78 79
List of abbreviations
Abbreviation German name English name Source Abbreviation German name English name Source
a, b, c, d, e Bezeichnung für die Performance Level Denotation of performance levels DIN EN ISO 13849-1 F, F1, F2 Häufigkeit und/oder Dauer der Gefähr- Frequency and/or time of exposure to DIN EN ISO 13849-1
AB Anzeige-Bediengeräte Display and operating units Festo dungsexposition the hazard
AC/DC Wechsel-/Gleichstrom Alternating current/direct units IEC 61511 FB Funktionsblock Function block DIN EN ISO 13849-1
AE Anfahr- und Entlüftungsventile Start-up and exhaust valves Festo FMEA Ausfallarten und Effekt-Analyse Failure modes and effects analysis EN 1050, DIN EN ISO 13849-1
ALARP So niedrig wie vernünftigerweise möglich As low as reasonable practicable IEC 61511 FO Funktionsorientierte Antriebe Function-oriented drives Festo
ANSI US-amerikanische Normungsorganisation American National Standards Institute IEC 61511 FR Filterregler Filter-regulator unit Festo
AOPD/AOPDDR Aktive optoelektronische Schutzein- Active optoelectronic protection device ISO 12100-1, FTA Fehlerbaumanalyse/Fehlerzustandsbaum- Fault Tree Analysis EN 1050
richtung responsive to diffuse reflection DIN EN ISO 13849-1 analyse
AS-Interface Aktuator Sensor Interface Aktuator Sensor Interface Gefährdung Potenzielle Quellen von Verletzungen oder Potential source of injury or damage to Maschinenrichtlinie
B, 1, 2, 3, 4 Bezeichnung für die Kategorien Denotation of categories DIN EN ISO 13849-1 Gesundheitsschäden health 2006/42/EG, EN 1050 (ISO
B10 Anzahl von Zyklen, bis 10 % der Kompo- Number of cycles until 10 % of the DIN EN ISO 13849-1 Gefährdungs- Jeder Bereich in einer Maschine und/oder Any zone within and/or around EN ISO 12100-1,
nenten ausgefallen sind (u.a. für pneumati- components fail (for pneumatic bereich um eine Maschine herum, in dem eine Per- machinery in which a person is subject DIN EN 1050
sche und elektromechanische Komponenten) and electromechanical compnents) son einer Gefährdung ausgesetzt sein kann to a risk to his health or safety
B10d Anzahl von Zyklen, bis 10 % der Kompo- Number of cycles until 10 % of the com- DIN EN ISO 13849-1 H & RA Gefährdungs- und Risikobeurteilung Hazard and risk assessment IEC 61511
nenten gefährlich ausgefallen sind ponents fail dangerously (for pneumatic H/W Hardware Hardware IEC 61511
(u.a. für pneumatische und elektrome- and electomechanical components) HFT Hardware-Fehlertoleranz Hardware fault tolerance IEC 61511
chanische Komponenten) HMI Mensch-Maschine-Schnittstelle Human machine interface IEC 61511
BPCS Betriebs- und Überwachungseinrichtungen Basic process control system IEC 61511 HRA Analyse menschlicher Zuverlässigkeit Human reliability analysis IEC 61511
BPCS Betriebs- und Überwachungseinrichtungen Basic process control system IEC 61511 I, I1, I2 Eingabegerät, z.B. Sensor Input device, e.g. sensor DIN EN ISO 13849-1
als ein System i, j Index für Zählung Index for counting DIN EN ISO 13849-1
BSL Bootstraploader Bootstraploader I/O Eingänge/Ausgänge Inputs/Outputs DIN EN ISO 13849-1
BTB/RTO Betriebsbereit Ready-to-operate iab, ibc Verbindungsmittel Interconnecting means DIN EN ISO 13849-1
BWP Berührungslos wirkende Positionsschalter Electro-sensitive positionswitch Inhärente Schutzmaßnahme, die entweder Gefähr- Inherently safe design measure EN ISO 12100-1
BWS Berührungslos wirkende Schutzeinrichtung Electro-snsitive protective equipment EN 61496 sichere dungen beseitigt oder die mit den Gefähr-
Cat. Kategorie Category DIN EN ISO 13849-1 Konstruktion dungen verbundenen Risiken vermindert,
CC Stromrichter Current converter DIN EN ISO 13849-1 indem ohne Anwendung von trennenden
ccd Kommando-Code, Teil einer SDO-Nachricht Command-code oder nicht trennenden Schutzeinrichtungen
CCF Ausfall in Folge gemeinsamer Ursache Common cause failure IEC 61508, IEC 62061, die Konstruktions-Betriebseigenschaften
prEN ISO 12849-1EN 61511-1:2004, der Maschine verändert werden
DIN EN ISO 13849-1 KL Kolbenstangenloser Zylinder Rodless cylinders Festo
CEN Europäisches Komitee für Normung European Commttee for Standardization Konformitäts- Verfahren, bei dem der Hersteller oder sein Declaration of conformity Maschinenrichtlinie
CENELEC Europäisches Komitee für elektro- European Commttee for Electrotechnical erklärung in der Gemeinschaft niedergelassener 2006/42/EG
technische Normung Standardization Bevollmächtigter erklärt, dass die in den
CMF Ausfall in Folge gemeinsamer Ausfallart Common mode failure EN 61511-1:2004 Verkehr gebrachten Maschine allen ein-
CRC Prüfsumme in einem Daten-Telegramm, Cyclic Redundancy Check schlägigen grundlegenden Sicherheits- und
Signatur durch zyklische Redundanzprüfung Gesundheitsanforderungen entspricht
DC Diagnosedeckungsgrad Diagnostic Coverage DIN EN ISO 13849-1, KS Kolbenstangenzylinder Cylinders with position rod Festo
IEC 62061(IEC 61508-2:2000 L, L1, L2 Logik Logic DIN EN ISO 13849-1
DC Gleichstrom Direct current Lambda Ausfallrate bei ungefährlichen und Gefahr Rate to failure IEC 62061
DCavg[%] Diagnosedeckungsgrad (von Tests) Diagnostic Coverage, average DIN EN ISO 13849-1 bringenden Fehlern
DPV0 MTBF Mittlere Ausfallzeit eines Gerätes Mean time between failure DIN EN ISO 13849-1
DPV1 Funktionsversionen von PROFIBUS MTTF/MTTFd Zeit bis zu einem Ausfall bzw. gefährlichen Mean time to failure/ DIN EN ISO 13849-1
DR Druckventile Pressure control valves Festo Ausfall Mean time to dangeous failure
DS Druckschalter Pressure switch Festo MTTR Mittlere Reparaturzeit eines Gerätes Mean time to repair DIN EN ISO 13849-1
DV Druckverstärker Pressure amplifier Festo NMT Service-Dienste des CAN-Application Layers Network Management
E Externe Einrichtung zur Risikominderung External risk reduction facilities EN 61511-1:2004 Nniedrig Anzahl von SRP/CS mit PLniedrig in einer Number of SRP/CS with PLlow in a DIN EN ISO 13849-1
E/A Eingabe/Ausgabe Input/Output Kombination von SRP/CS combination of SRP/CS
E/E/EP Elektrisch/elektronisch/programmierbar Electrical/Electronical/programmable IEC 61511, IEC 61508 NOT-AUS Ausschalten im Notfall Emergency switching off EN 418 (ISO 13850) EN 60204-1
elektronisch electronic Anhang D
E/E/PE Elektrisch/elektronisch/programmierbar Electrical/Electronical/programmable IEC 61511, IEC 61508 NOT-HALT Stillsetzen im Notfall Emergency stop ISO 13850 EN 60204-1
elektronisch electronic Anhang D
E/E/PES Elektrisches/elektronisches/programmier- Electrical/Electronical/programmable IEC 61511 NP Nicht programmierbares System Non-programmable system EN 61511-1:2004
bares elektronisches System electronic system
EDM Schützkontrolle, Rückführkreis External Device Monitoring
EDS Elektronisches Datenblatt Electronic Data Sheet
80 81
Abbreviation German name English name Source Abbreviation German name English name Source
O, O1, O2, OTE Ausgabegerät, z.B. Antriebselement Output device, e.g. actuator DIN EN ISO 13849-1 SIL Sicherheits-Integritätslevel Safety integrity level IEC 61511, DIN EN ISO 13849-1
OE Öler Lubricator Festo SIS Sicherheitstechnisches System Safety instrumented system EN 61511-1:2004
OSHA SP Sperrventile Shut-off valves Festo
OSI Referenzmodell zur Datenkommunikation, Open System Interconnection SPE Sensitive Schutzeinrichtung mechanisch Sensitive Protection Equipment ISO 12100-1
Darstellung als Schichtenmodell mit ver- behaftetes Betriebsmittel
teilten Aufgaben für jede Schicht SRASW Sicherheitsbezogene Anwendungssoftware Safety-Related Application Software DIN EN ISO 13849-1
OSSD Ausgangsschaltelement, Output Signal Switching Device EN 61496-1 SRECS Sicherheitsbezogenes elektrisches Safety-Related Electrical Control System IEC 62061
Sicherheits-Schaltausgang Steuerungssystem
P, P1, P2 Möglichkeit zur Vermeidung der Gefährdung Possibility of avoiding the hazard DIN EN ISO 13849-1 SRESW Sicherheitsbezogene Embedded-Software Safety-Related Embedded Software DIN EN ISO 13849-1
Pdf Wahrscheinlichkeit gefahrbringender Probability of dangerous failure IEC 61508, IEC 62061 SRP Sicherheitsbezogenes Teil Safety-Related Part DIN EN ISO 13849-1
Ausfälle SRP/CS Sicherheitsbezogenes Teil von Steuerungen Safety-Related Part of Control Systems DIN EN ISO 13849-1
PE Programmierbare Elektronik Programmable electronics EN 61511-1:2004 SRS Spezifikation der Sicherheitsanforderungen Safety Requirements Specification IEC 61511
PES Programmierbares elektronisches System Programmale electronic system EN 61511-1:2004, DIN EN ST Stromventile Flow control valves Festo
PFD Ausfallwahrscheinlichkeit bei Auslösen/ Probability of failure on demad IEC 61508, IEC 62061 SW1A, SW1B, Positionsschalter Position switces DIN EN ISO 13849-1
Anfrage der Sicherheitsfunktion SW2
PFH Ausfallwahrscheinlichkeit pro Stunde Probability of failure per hour IEC 62061 SYNC Objekt zur Synchronisierung von Synchronisation objects
PFHd Wahrscheinlichkeit gefahrbringender Probability of dangerous failure per hour IEC 62061 Teilnehmern im Netzwerk
Ausfälle pro Stunde TE Testeinrichtung Test equipment DIN EN ISO 13849-1
PHA Vorläufige Untersuchung von Gefährdungen Preliminary hazard analysis EN 1050 01/97 Anhang B.2 Techn. Schutz- Schutzmaßnahmen, bei denen Schutzein- Protective measure using safeguards to EN 1050, EN ISO 12100-1
PL/Perfor- Diskreter Level, der die Fähigkeit von Discrete level used to specify the ability DIN EN ISO 13849-1 maßnahmen richtungen zur Anwendung kommen, um protect persons from the hazard which
mance Level sicherheitsbezogenen Teilen einer Steue- of safety-related parts of control systems Personen vor Gefährdungen zu schützen, cannot reasonably be eliminated or from
rung spezifiert, eine Sicherheitsfunktion to perform a safety function under fore- die durch inhärent sichere Konstruktion the risks which cannot be sufficiently
unter vorhersehbaren Bedingungen auszu- seeabl condtions nicht in angemessener Weise beseitigt reduced by inherently safe design
führen werden können, oder vor Risiken zu measures
PLr Angewandter Performance Level(PL), Performance level (PL) applied in order DIN EN ISO 13849-1 schützen, die dadurch nicht ausreichend
um die erforderliche Risikominderung für to achieve the required risk reduction vermindert werden können
jede Sicherheitsfunktion zu erreichen for each safety function TM Gebrauchsdauer Mission time DIN EN ISO 13849-1
PLC Speicherprogrammierbare Steuerung (SPS) Programmable logic contoller IEC 61511, DIN EN ISO 13849-1 TR Trockner Air dryers Festo
PLniedrig Niedrigster Performance Level einer SRP/CS Lowest performance level of a SPR/CS DIN EN ISO 13849-1 WE Wartungseinheiten Service units Festo
in einer Kombination von SRP/CS in a combination with SPR/CS WV Wegeventile Directional control valves Festo
PR Proportionalventile Proportional valves Festo ZS Zylinderschalter Proximity sensors Festo
RE Regler Regulator Festo
Restrisiko Risiko, das nach Ausführung der Schutz- Risk remaining after safety measures EN 1050
maßnahme verbleibt have been taken
Risiko Kombination der Wahrscheinlichkeit Combination of the Probability EN ISO 12100-1
Risikoanalyse Kombination aus Festlegung der Grenzen Combination of the specification of the EN ISO 12100-1, DIN EN 1050
einer Maschine, Identifizierung einer limits of the machine, hazard identifi-
Gefährdung und Risikoeinschätzung cation and risk estimation
Risiko- Gesamtheit des Verfahrens, das eine Overall process comprising a risk EN ISO 12100-1, DIN EN 1050
beurteilung Risikoanalyse und Risikobewertung analysis and a risk evaluation
umfasst
Risiko- Auf der Risikoanalyse beruhende Beur- Judgement, on the basis of risk analysis, EN ISO 12100-1, DIN EN 1050 Legal notice
bewertung teilung, ob die Ziele zur Risikominderung of wheather the risk reduction objectives The examples specified here are intended purely as suggestions that must be checked for suitability in
erreicht wurden have been achieved the context of each separate application, paying attention to the applicable standards. This might involve
Risiko- Bestimmung des wahrscheinlichen Aus- Defining likely severity of harm and EN ISO 12100-1, DIN EN 1050 applying standards DIN EN ISO 13849-1 and 2, for example.
einschätzung maßes eines Schadens und der Wahr- probability of its occurrence
scheinlichkeit seines Eintritts Depending on the application, the examples specified may only partially satisfy the actual requirements
S, S1, S2 Schwere der Verletzung Severity of injury DIN EN ISO 13849-1 (for all safety functions), and must therefore be adjusted using suitable measures and modifications.
SA Schwenkantriebe Semi-rotary drives Festo
SAT Vor-Ort-Abnahme Site acceptance test IEC 61511 To do this, it is necessary to examine the entire system (entire control loop system), which might consist
Schaden Physische Verletzung und/oder Schädigung Physical injuy or damage to health EN 1050, EN 61511-1:2004 of multiple technologies (e.g. pneumatics, hydraulics, electrical engineering, mechanics ...) and therefore
von Gesundheit oder Sachen multiple applicable standards.
Schutzmaß- Maßnahme zur Beseitigung einer Gefähr- Means that eliminates a hazard or EN 1050, EN ISO 12100-1,
nahme dung oder zur Minderung eines Risikos reduces a risk EN 61511-1:2004 The sample circuits given here are not suitable as a complete validation report in the legal sense due to
SIF Sicherheitstechnische Funktion Safety instrumental function EN 61511-1:2004 the lack of any reference to an actual system (real application).
82 83
Festo worldwide
Argentina Finland Latvia Slovenia

Festo S.A. Festo OY Festo SIA Festo d.o.o. Ljubljana
Edison 2392 Mäkituvantie 9, P.O. Box 86 Deglava 60 IC Trzin, Blatnica 8
(B1640 HRV) Martinez 01511 Vantaa 1035 Riga 1236 Trzin
Prov. Buenos Aires Tel. ++358 (09)/87 06 51, Fax 87 06 52 00 Tel. ++371 67/57 78 64, Fax 57 79 46 Tel. ++386 (0)1/530 21 00, Fax 530 21 25
Tel. ++54 (0)11/47 17 82 00, Fax 47 17 82 82 E-mail: info_fi@festo.com E-mail: info_lv@festo.com
E-mail: info@ar.festo.com E-mail: info_si@festo.com
France Lithuania
Australia Festo Eurl South Africa
Festo UAB
Festo Pty. Ltd. Numéro Indigo Tel. 0820/204640, Fax 204641 Festo (Pty) Ltd.
Karaliaus Mindago pr. 22
Head Office (Melbourne) ZA des Maisons Rouges 22-26 Electron Avenue, P.O. Box 255
3000 Kaunas
179-187 Browns Road, P.O. Box 261 8 rue du Clos Sainte Catherine Isando 1600
Tel. ++370 (8)7/32 13 14, Fax 32 13 15
Noble Park Vic. 3174 94367 Bry-sur-Marne cedex Tel. ++27 (0)11/971 55 00, Fax 974 21 57
Call Toll Free 1300 88 96 96 E-mail: info_lt@festo.com
Tel. ++33 (0)1/48 82 64 00, Fax 48 82 64 01 E-mail: info_za@festo.com
Fax Toll Free 1300 88 95 95 E-mail: info_fr@festo.com
Tel. ++ 61(0)3/97 95 95 55, Fax 97 95 97 87 Malaysia
E-mail: info_au@festo.com.au Festo Sdn.Berhad Spain
Germany 10 Persiaran Industri Festo Pneumatic, S.A.
Festo AG & Co. KG Bandar Sri Damansara, Wilayah Persekutuan
Austria Tel. 901243660 Fax 902243660
Postfach 52200 Kuala Lumpur
Festo Gesellschaft m.b.H. Avenida Granvia, 159
73726 Esslingen Tel. ++60 (0)3/62 86 80 00, Fax 62 75 64 11
Linzer Straße 227 Distrito económico Granvia L'H
Ruiter Straße 82 E-mail: info_my@festo.com
1140 Wien ES-08908 Hospitalet de Llobregat, Barcelona
Tel. ++43 (0)1/9 10 75-0, Fax 9 10 75-250 73734 Esslingen
Tel. ++49 (0)711/34 70, Fax 347 21 44 Tel. ++ 3493/261 64 00, Fax 261 64 20
E-mail: automation@festo.at Mexico
E-mail: info_de@festo.com E-mail: info_es@festo.com
Festo Pneumatic, S.A.
Belarus Av. Ceylán 3
IP Festo Greece Sweden
Col. Tequesquinahuac
Minsk, 220035 Festo Ltd. Festo AB
54020 Tlalnepantla, Edo. de México
Mascherov Prospekt, 78 40 Hamosternas Ave. Stillmansgatan 1, P.O. Box 21038
Tel. ++52 (01)55/53 21 66 00, Fax 53 21 66 55
Belarus 11853 Athens 20021 Malmö
E-mail: festo.mexico@mx.festo.com
Tel. ++375 (0)17/204 85 58, Fax 204 85 59 Tel. ++30 210/341 29 00, Fax 341 29 05
Tel. ++46 (0)40/38 38 40, Fax 38 38 10
E-mail: info_by@festo.com E-mail: info_gr@festo.com
Netherlands E-mail: info_se@festo.com
Hong Kong Festo B.V.
Belgium
Festo Ltd. Schieweg 62 Switzerland
Festo Belgium sa/nv
Rue Colonel Bourg 101 6/F New Timely Factory Building, 2627 AN Delft Festo AG
1030 Bruxelles/Brussel 497 Castle Peak Road, Tel. ++31 (0)15/251 88 99, Fax 261 10 20 Moosmattstrasse 24
Tel. ++32 (0)2/702 32 11, Fax 702 32 09 Kowloon, Hong Kong E-mail: info@festo.nl 8953 Dietikon ZH
E-mail: info_be@festo.com Tel. ++ 852/27 43 83 79, Fax 27 86 21 73 Tel. ++41 (0)44/744 55 44, Fax 744 55 00
E-mail: info_hk@festo.com New Zealand
E-mail: info_ch@festo.com
Brazil Festo Limited
Festo Automação Ltda. Hungary MT. Wellington
Auckland NZ Taiwan
Rua Guiseppe Crespi, 76 Festo Kft.
KM 12,5 - Via Anchieta Tel. ++64 (0)9/574 10 94, Fax 574 10 99 Festo Co., Ltd.
Csillaghegyi út 32-34.
04183-080 São Paulo SP-Brazíl 1037 Budapest E-mail: info_nz@festo.com Head Office
Tel. ++55 (0)11/50 13 16 00, Fax 50 13 18 68 Tel. ++36 1/436 51 11, Fax 436 51 01 24450, No. 9, Kung 8th Road
E-mail: info_br@festo.com E-mail: info_hu@festo.com Nigeria Linkou 2nd Industrial Zone
Festo Automation Ltd. Linkou Hsiang, Taipei Hsien, Taiwan, R.O.C.
Bulgaria India Motorways Centre, First Floor, Block C Tel. ++886 (0)2 26 01 92 81,
Festo EOOD Festo Controls Private Ltd. Alausa, Ikeja, Fax ++886 (0)2 26 01 92 86-7
1592 Sofia 237B, Lagos, NIGERIA E-mail: festotw@festo.com
9, Christophor Kolumb Blvd. Bommasandra Industrial Area, Tel. ++234 (0)1/794 78 20, Fax 555 78 94
Tel. ++359 (0)2/960 07 12, Fax 960 07 13 Bangalore Hosur Highway, E-mail: info@ng-festo.com
E-mail: info_bg@festo.com Thailand
Bangalore 560 099 Festo Ltd.
Tel. ++91 (0)80/22 89 41 00, Fax 783 20 58 Norway
67/1 Moo 6 Phaholyothin Road
E-mail: info_in@festo.com Festo AS
Canada Klong 1, Klong Luang,
Festo Inc. Ole Deviks vei 2
Indonesia 0666 Oslo, Norway Pathumthani 12120
5300 Explorer Drive Tel. ++66 29 01 88 00, Fax ++66 29 01 88 33
Mississauga, Ontario L4W 5G4 PT. Festo Tel. ++47 22 72 89 50, Fax ++47 22 72 89 51
JL. Sultan Iskandar Muda No.68 E-mail: info_no@festo.com E-mail: info_th@festo.com
Tel. ++1 (0)905/624 90 00, Fax 624 90 01
E-mail: info_ca@festo.com Arteri Pondok Indah
Jakarta 12240 Peru Turkey
Chile Tel. ++62 (0)21/27 50 79 00, Fax 27 50 79 98 Festo S.R.L. Festo San. ve Tic. A.S.
Festo S.A. E-mail: info_id@festo.com Calle Amador Merino Reyna #480, San Isidro Tuzla Mermerciler Organize
Mapocho 1901 Lima, Perú Sanayi Bölgesi, 6/18 TR
6500151 Santiago de Chile Iran Tel. ++51 (0)1/222 15 84, Fax 222 15 95 34956 Tuzla - Istanbul/TR
Tel. ++56 (0)2/690 28 00, Fax 695 75 90 Festo Pneumatic S.K.
Tel. ++90 (0)216/585 00 85, Fax 585 00 50
E-mail: info.chile@cl.festo.com # 2, 6th street, 16th avenue, Philippines E-mail: info_tr@festo.com
Tehran 1581975411 Festo Inc.
China Km 8, Special Karaj Road, P.O.Box 15815-1485 KM 18, West Service Road
Festo (China) Ltd. Tehran 1389793761 Ukraine
South Superhighway
1156 Yunqiao Road Tel. ++98 (0)21 44 52 24 09, Festo Ukraina
1700 Paranaque City, Metro Manila
Jinqiao Export Processing Zone, Pudong, Fax ++98 (0)21 44 52 24 08 Borisoglebskaja 11
Tel. ++63 (0)2/776 68 88, Fax 823 42 19
201206 Shanghai, PRC E-mail: Mailroom@festo.ir E-mail: info_ph@festo.com Kiev 04070
Tel. ++86 (0)21/58 54 90 01, Fax 58 54 03 00 Tel. ++380 (0)44/239 24 33, Fax 463 70 96
E-mail: info_cn@festo.com Ireland E-mail: info_ua@festo.com
Poland
Festo Limited Festo Sp. z o.o.
Colombia Unit 5 Sandyford Park
Janki k/Warszawy, ul. Mszczonowska 7 United Kingdom
Festo Ltda. Sandyford Industrial Estate
Avenida El Dorado No. 98-43 05090 Raszyn Festo Limited
Dublin 18
Bogotá Tel. ++48 (0)22/711 41 00, Fax 711 41 02 Applied Automation Centre, Caswell Road
Tel. ++ 353(0)1/295 49 55, Fax 295 56 80
Tel. ++57 (0)1/404 80 88, Fax 404 81 01 E-mail: info_pl@festo.com Brackmills Trading Estate
E-mail: info_ie@festo.com
E-mail: festo@festo.com.co Northampton NN4 7PY
Romania Tel. ++44 (0)1604/66 70 00, Fax 66 70 01
Israel
Croatia Festo S.R.L. E-mail: info_gb@festo.com
Festo Pneumatic Israel Ltd.
Festo d.o.o. P.O. Box 1076, Ha'atzma'ut Road 48 St. Constantin 17
Nova Cesta 181 Yehud 56100 010217 Bucuresti
United States
10000 Zagreb Tel. ++972 (0)3/632 22 66, Fax 632 22 77 Tel. ++40 (0)21/310 29 83, Fax 310 24 09
Tel. ++385 (0)1/619 19 69, Fax 619 18 18 Festo Corporation (New York)
E-mail: info_il@festo.com E-mail: info_ro@festo.com
E-mail: info_hr@festo.com Call Toll-free 800/993 3786
Russia Fax Toll-free 800/963 3786
Italy
Czech Republic Festo-RF OOO 395 Moreland Road, P.O.Box 18023
Festo S.p.A
Festo, s.r.o. Michurinskiy prosp., 49 Hauppauge, N.Y. 11788
Via Enrico Fermi 36/38
Modranská 543/76 119607 Moskow Tel. ++ 1(0)314/770 01 12, Fax 770 16 84
147 00 Praha 4 20090 Assago (MI)
Tel. ++39 02/45 78 81, Fax 488 06 20 Tel. ++7 495/737 34 00, Fax 737 34 01 E-mail: info_us@festo.com
Tel. ++420 261 09 96 11, Fax 241 77 33 84 E-mail: info_ru@festo.com
E-mail: info_cz@festo.com E-mail: info_it@festo.com
Venezuela
Japan Singapore Festo C.A.
Denmark
Festo K.K. Festo Pte. Ltd. Av. 23, Esquina calle 71, No. 22-62
Festo A/S
Islevdalvej 180 1-26-10 Hayabuchi, Tsuzuki-ku 6 Kian Teck Way Maracaibo, Edo. Zulia
2610 Rødovre Yokohama 224-0025 Singapore 628754 Tel. ++58 (0)261/759 09 44, Fax 759 04 55
Tel. ++45 70 21 10 90, Fax ++45 44 88 81 10 Tel. ++81 (0)45/593 56 10, Fax 593 56 78 Tel. ++65/62 64 01 52, Fax 62 61 10 26
E-mail: festo@festo.com.ve
E-mail: info_dk@festo.com E-mail: info_jp@festo.com E-mail: info_sg@festo.com
53087 en 06/2009
Slovakia Viet Nam

Estonia Korea South
Festo Korea Co., Ltd. Festo spol. s r.o. Festo Co., Ltd (Cong Ty Tnhh Festo)
Festo OY AB Eesti Filiaal
Laki 11B 470-1 Gasan-dong, Geumcheon-gu Gavlovicová ul. 1 No. 206 Tran Nao Street
12915 Tallinn Seoul #153-803 83103 Bratislava 3 Ward Binh An , District 2
Tel. ++372 666 15 60, Fax ++372 666 15 61 Tel. ++82 (0)2/850 71 14, Fax 864 70 40 Tel. ++421 (0)2/49 10 49 10, Fax 49 10 49 11 Ho Chi Minh City, Vietnam
E-mail: info_ee@festo.com E-mail: info_kr@festo.com E-mail: info_sk@festo.com Tel. ++84 (0)8/740 69 09, Fax 740 69 10

FESTO HB Safety en

Uploaded by

Copyright:

Available Formats

FESTO HB Safety en

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FESTO HB Safety en

Uploaded by

Copyright:

Available Formats

Safety engineering guidelines

Your partner in safety Table of contents

The development of the single Machine safety requires safe

run on and construction of known as the “presumption of

Applying harmonised Risks are the result of hazards

Any architectures Risk Severity of harm Probability of

Designated architectures (categories)

Directives and standards de- When estimating the risk and

• Space limits Source: EN 12100-2, Section 4

• Human interaction during

Source: EN ISO 12100-1, 5.4

For all safety functions

Category MTTFd DC CCF

Source: Directive 2006/42/EC, Appendix I, 1)

Determination of the SIL = Safety Integrity Level

of categories B to 4, diagnostic ing this to an acceptable level. S1

5 Common cause failure (CCF): measures

Implementation 13849-1, step 2: Determination of the designated architechture

Control architecture of category 1

Category Summary of requirements System behaviour Example*

*The example shows the schematic representation of a specific category. Depending

Control architecture of category 2

Category Summary of requirements System behaviour

*The example shows the schematic representation of a specific category. Depending

Control architecture of category 3

Category Summary of requirements System behaviour Example*

shall apply When a single fault occurs,

*The example shows the schematic representation of a specific category. Depending

Control architecture of category 4

Category Summary of requirements System behaviour Example*

*The example shows the schematic representation of a specific category. Depending

Life time data based on the technical data sheet

This table shows a summary of Key

Spontaneous change in the setting

Change in flow rate without any

Change in the set value without

operating element of the setting

switching position (without an

Unintended unscrewing of the

Failure at the connector (e. g.

For proportional flow valves:

change to the setting device

Change of the detection or

Change of switching times

Failure of the end position

Loosening of the piston/

Electrical power failure

piston rod connection

Pressure intensifier and pressure

Energy storage device

Logic elements (AND/OR)

Transformers (pressure switch,

Common cause failure Safety functions can be imple-

B10 value B10 value B10 value

3 Design/application/experience ance level, the number of the

common cause failures? 5

Reducing speed Free of forces Stopping, holding and Reversing

Safety measures Safety measures Safety measures Safety measures

Control chain Description Description cap side of the cylinder are

Requires appropriate diagnostics Pneumatic residual energy in Requires appropriate diagnostics