Risk assessement and machinery security
Last update 05/07/2021
THE DOUBT: what behaviour should be considered when doing a risk assessment for a machinery?
CONSIDERATIONS: One of the sentences sometimes used when dealing with the risk assessment of a machinery is that the machine should be designed for a “dumb person”. That statement does not really help; the reason is that if a person enters an industrial furnace that contains a piece of metal at 800°C, we may say he is dumb but we should prevent that situation to happen, while doing the risk assessment of the Furnace.
According to the Machinery Directive, the manufacture has to analyse all expected behaviours that fall under 2 categories:
- Intended use. In a manually fed press, it is normal that the operator has to put his or her hands under the press, in order to place the metal piece to be worked.
- Reasonably foreseeable misuse. In case of an industrial furnace, whose external walls are at a temperature higher than 70°C, it is not correct that somebody touches the walls (meaning it is not an intended behaviour) but it may be possible, because, for example, the maintenance has to work near the wall to change a thermocouple. In a textile machine, the operator should not touch the spindle of a spinning machine (the spindle of textil machinery); however, he may do it in order to remove cotton that may damage the product quality and he does it with the machine running in order not to stop production. Both are incorrect but foreseeable behaviours.
Hereafter what the first general principle of risk assessment states:
[Machinery Directive 2006/42/EC] – ANNEX I - GENERAL PRINCIPLES
1. The manufacturer of machinery or his authorised representative must ensure that a risk assessment is carried out in order to determine the health and safety requirements which apply to the machinery. The machinery must then be designed and constructed taking into account the results of the risk assessment.
By the iterative process of risk assessment and risk reduction referred to above, the manufacturer or his authorised representative shall:
- determine the limits of the machinery, which include the intended use and any reasonably foreseeable misuse thereof, […]
That is not a principle that was decided by the team who wrote the Machinery directive. That is instead a general principle, common within all European Product Directives. Here the important language from the Blue Guide (2016 edition):
[Blue Guide 2016] 2. WHEN DOES UNION HARMONISATION LEGISLATION ON PRODUCTS APPLY?
2.7. INTENDED USE/MISUSE.
Manufacturers have to match a level of protection corresponding to the use they prescribe to the product under the conditions of use which can be reasonably foreseen.
As far as market surveillance activities are concerned, market surveillance authorities are required to check the conformity of a product:
- in accordance with its intended purpose (as defined by the manufacturer) and
- under the conditions of use which can be reasonably foreseen, that is when such use could result from lawful and readily predictable human behaviour.
The machine has to be safe when used according to what the manufacturer has foreseen as a correct behaviour. However incorrect behaviours, that can be due to a reasonably predictable reason, have to be safe and therefore to be considered in a risk assessment.That clarification is key in view of the growing importance of security in machinery.
In case the machine can be connected and somehow operated remotely, it is important to adopt precautions that prevent affecting the safety system and therefore creating a dangerous situation. But how far that precaution has to go? In 2021 we saw an increase of cyberattacks by what The Economist defined as Broadbandits. Shall the machinery manufacturer adopt security systems that will prevent cyberattacks? The answer is no. The reason is that those are unlawful behaviours.