Chapter 3.1
Risk estimation and reducing risk
Risk estimation assesses hazards before and after safety measures. However, standards focus on meeting the safety requirements directly, without repeated assessments.
Risk estimation: Beyond (EN) ISO 13849-1
Many engineers when talking about risk assessment primarily think of the so called “risk estimation”, determining the seriousness of a hazard situation. They wish to estimate the risk first without protective measures and then a second time after implementing them.
But is that really necessary? The simple answer is no.
Applicable standards do not require such risk-in/risk-out analysis. Particularly, where the main purpose of risk estimation is to find the so called Performance Level (PL) or Safety Integrity Level (SIL) for control functions, a risk-out assessment does not make sense.
Imagine a beam balance. On one side, put the result of the risk estimation, the PLr or SILcl. PLr defines the required reliability of the control circuit. On the other side of the balance, put a control system function that is sufficiently reliable, reaching the required PL/SIL. The beam balance is now balanced and the requirements are met. Thus, there is no need for an additional risk estimate.
Risk-in/risk-out estimation
But what if you still want to do risk comparisons (risk-in/risk-out estimation) or if your end customer requires them?
The method portrayed in (EN) ISO 13849-1 is not really suitable for this purpose. The reason is that it has only two levels for each risk element. To compare risk before and after implementation of measures you will need a method with a higher resolution.
The chart below shows the criteria presented in (EN) IEC 62061. It is the best documented risk estimation method with the finest resolution and therefore recommended by Axelent.
This method has four severity levels, five frequency and five probability levels as well as three avoidance levels. Thus one can clearly see
differences between risk-in and risk-out.
But be careful to reduce the correct risk element in the risk-out estimate. In most applications, protective measures will not change the severity of possible injury. That would only be possible by reducing the drive energy. In most cases, the only change is in the probability of the hazard occurring.
Reducing risk
Regulations and standards clearly outline three steps and require that they are always followed.
- Safety should be inherent in products.
- If that is not possible, it should be part of the design of the product.
- Finally, the lowest level of safety is achieved when it depends on the will and actions of people. This is achieved by adding warnings and should be the exception rather than the rule.
Criteria for selection of safeguards
A guard is a physical barrier preventing access of people to a hazard source.
An Axelent guard fence is a typical example. You can also look at the problem from the other side of the fence: The guard shall keep the hazard from reaching people.
However, guards are often in the way when people want to set the machine, resolve errors or do maintenance work.
This helps understand the two primary selection criteria for safeguards:
- The type of hazard – crushing, shearing and/or ejection of parts, burst out of liquids etc.
- The frequency of access needed –
No access needed
Rare: Less than once per week
Often: Daily or even several times per hour