Risk Reduction processes follow a hierarchy of risk reduction measures to determine what risk reduction method(s) will be used. The hierarchy represents the different types of measures that may be available and lists them from most preferred to least preferred – ranging from Inherently Safe Design to Administrative Controls. It is important to realise that, even though the most preferred type of risk reduction measure is to design out the hazard, it may be difficult or impossible to use that method because of how the machine functions and/or, especially, if the machine has already been designed and built. Quite often, the most feasible options is to use a combination of the different types of risk reduction measures such as guards, control devices, procedures, and personal protective equipment (PPE).

Reference B11.0 Table 3 - The Hazard Control Hierarchy

Classification Risk Reduction Measures Examples Influence on Risk Factors
Inherently Safe by Design Design Out (Elimination or Substitution)
  • Eliminate pinch points (increase clearance)
  • Intrinsically safe (energy containment)
  • Automated material handling (robots, conveyors, etc.)
  • Redesign the process to eliminate or reduce human interaction
  • Reduce force, speed, etc. through selection of inherently safe components
  • Substitute less hazardous chemicals
  • Impact on overall risk (elimination) by affecting severity and probability of harm
  • May affect severity of harm, frequency of exposure to the hazard under consideration, and/or the possibility of avoiding or limiting harm depending on which method of substitution is applied
Engineering Controls Guards, Control Functions and Devices
  • Guards
  • Interlock devices
  • Presence sensing devices (light curtains, safety mats, area scanners, etc.)
  • Two-hand control and two-hand trip devices
  • Alternative methods to lockout to control hazardous energy
  • Greatest impact on the probability of harm (occurrence of hazardous events under certain circumstances)
  • Minimal if any impact on severity of harm
Administrative Controls Awareness Means
  • Lights, beacons, and strobes
  • Computer warnings
  • Signs and labels
  • Beepers, horns, and sirens
  • Potential impact on the probability of harm (avoidance)
  • No impact on severity of harm
Information for Use (Training and Procedures)
  • Safe work procedures
  • Training
  • Potential impact on the probability of harm (avoidance and/or exposure)
  • No impact on severity of harm
Administrative Safeguarding Methods
  • Safe-holding safeguarding method
  • Potential impact on the probability of harm (avoidance and/or occurrence)
  • No impact on severity of harm
Supervision
  • Supervisory control of configurable elements
Control of Hazardous Energy
  • Lockout / tagout
Tools
  • Workholding equipment
  • Hand tools
  • Potential impact on the probability of harm (avoidance and/or occurrence)
  • Potential impact on severity of harm
Personal Protective Equipment (PPE)
  • Safety glasses and face shields
  • Ear plugs
  • Gloves
  • Protective footwear
  • Respirators
  • Potential impact on the probability of harm (avoidance)
  • Potential impact on severity of harm

Inherently safe design measures include elimination or substitution. Elimination could include things like redesigning the machine, automating a portion of the machine to eliminate a dangerous task, or changing the sequence to completely do away with the potential hazard. Substitution could include implementing measures that reduce speed, pressure, force, and direction to reduce the hazard to an acceptable level, rendering it safe. Engineering controls (safety systems) reduce risk or eliminate the frequency of exposure to the hazard. This can be done with physical guarding and/or safety systems that control the electrical, pneumatic, hydraulic, and other energy sources in a way that meets the safety level determined by the risk assessment for that task/hazard pair.

Selecting the most appropriate risk reduction measures will be application-specific and may take multiple steps. ANSI B11.19 and many ISO Type B standards provide performance requirements. They include information on the use of fixed and moveable guards, control functions, and control devices, as well as administrative controls.

Below is an example list of recognised safety functions for electrical control systems from ISO 13849-1. See Tables M.1 & M.2 below for details.

Some International Standards applicable to typical machine safety functions and certain of their characteristics
Safety function / characteristic Requirements For additional information, see:
This part of ISO 13849 ISO 12100:2010
Safety-related stop function initiated by a safeguard a 5.2.1 3.2.8.8, 6.2.11.3 IEC 60204-1:2005, 9.2.2, 9.2.5.3, 9.2.5.5;
ISO 14119;
ISO 13855
Manual reset function 5.2.2 - IEC 60204-1:2005, 9.2.5.3, 9.2.5.4
Start/restart function 5.2.3 6.2.11.3, 6.2.11.4 IEC 60204-1:2005, 9.2.1, 9.2.5.1, 9.2.5.2, 9.2.6
Local control function 5.2.4 6.2.11.8, 6.2.11.10 IEC 60204-1:2005, 10.1.5
Muting function 5.2.5 - IEC/TS 62046:2008, 5.5
Hold-to-run function - 6.2.11.8 b) IEC 60204-1:2005, 9.2.6.1
Enabling device function - - IEC 60204-1:2005, 9.2.6.3, 10.9
Prevention of unexpected start-up - 6.2.11.4 ISO 14118;
IEC 60204-1:2005, 5.4
Escape and rescue trapped persons - 6.3.5.3 -
Isolation and energy dissipation function - 6.3.5.4 ISO 14118;
IEC 60204-1:2005, 5.3, 6.3.1
Control modes and mode selection - 6.2.11.8, 6.2.11.10 IEC 60204-1:2005, 9.2.3, 9.2.4
Interaction between different safety-related parts of control systems - 6.2.11.1 (last sentence) IEC 60204-1:2005, 9.3.4
Monitoring of parameterisation of safety-related input values - - -
Emergency stop function b - 6.3.5.2 ISO 13850;
IEC 60204-1:2005, 9.2.5.4
Including interlocked guards and limiting devices (e.g., over-speed, over-temperature, over-pressure). Complementary protective measure, see ISO 12100:2010.
Some International Standards applicable to typical machine safety functions and certain of their characteristics
Safety function / characteristic Requirements For additional information, see:
This part of ISO 13849 ISO 12100:2010
Response time 5.2.6 - ISO 13855:2010, 3.2, A.3, A.4
Safety-related parameter such as speed, temperature or pressure 5.2.7 6.2.11.8 e) IEC 60204-1:2005, 7.1, 9.3.2, 9.3.4
Fluctuations, loss, and restoration of power sources 5.2.8 6.2.11.8 e) IEC 60204-1:2005, 4.3, 7.1, 7.5
Indications and alarms - 6.2.8 ISO 7731; ISO 11428;
ISO 11429;
IEC 61310-1;
IEC 60204-1:2005, 10.3, 10.4;
IEC 61131;
IEC 62061

Potential safety functions for pneumatics include:

Pneumatics
Safety Function Type Energy Isolation Safe Exhaust Safe Return Safe Return
"Dual Pressure"
Safe Control and Safe Load Holding Safe Pressure Select
PUS - Prevention of Unexpected Start-up (Lockout - Tagout)
B11.26 11.3.3.4
SDE - Safe Deenergisation (Safe Exhaust)
B11.26 11.3.3.10
SEZ - Safe Energisation (Safe Exhaust with Soft-Start)
B11.26 11.3.3.10
STO - Safe Torque Off (Safe Exhaust)
B11.26 11.3.3.10
SBC - Safe Brake Control
B11.26 11.3.3.10
B11.26 11.3.3.11
SDI - Safe Direction (Safe Return)
B11.26 11.3.11
SS1 - Safe Stop 1 (Controlled Stop) (Safe Stop with Holding)
B11.26 11.3.13
SS2 - Safe Stop with Blocking (Safe-Holding)
B11.26 11.3.13 & 11.3.14
SLP - Safe Limited Pressure (Torque)
B11.26 11.3.17

Potential safety functions for hydraulics include:

Hydraulics
Safety Function Type Energy Isolation Block & Bleed Block & Stop
SDE - Safe Deenergisation (Block & Bleed)
B11.26 11.4.3
SEZ - Safe Energisation (Block & Bleed)
B11.26 11.4.3
STO - Safe Torque Off (Block & Bleed)
B11.26 11.4.3
SBC - Safe Brake Control
B11.26 11.4.3
SS1 - Safe Stop 1 (Controlled Stop)
(Safe Stop with holding)
B11.26 11.4.3.7
SS1 - Safe Stop 1 (Controlled Stop)
(Safe Stop with holding)
B11.26 11.4.3.7

Contact ROSS Today With Your Fluid Power Machine Safety Needs

Prefered Method of Contact?