WORLD STANDARDS

SAFETY GUIDE
 Safety Guidebook

INDEX

P4 U.S. Standards

P8 Safety of Machinery in the U.S.

P10 Safety of Semiconductor Manufacturing Equipment

P11 Three Key Points for Protection Against Mechanical Hazards

P12 Hazard Identification

P13 Risk Assessment and Risk Reduction Process

P14 ISO/EN 13849-1 and Performance Level

P16 Functional Safety Standards (IEC/EN61508)

P19 Emergency Stop

P20 Concept of Basic Safety Circuits

P21 World Standards

P22 Safety of Machinery

P23 European Standard

P30 Safety Distance when Using a Safety Laser Scanner

P32 Safety Distance when Using a Light Curtain

2
3
 U.S. Standards
North America

The United States of America

Seattle KEYENCE
CANADA INC. Montreal
Portland
Canada
Rochester Boston
Detroit
Minneapolis Grand
Rapids New Jersey
Northern
California Chicago Cleveland KEYENCE
Indianapolis CORPORATION
Philadelphia OF AMERICA
Cincinnati
Denver Richmond
Kansas city St. Louis Louisville
Los Angeles Raleigh
Nashville Charlotte
Knoxville Greenville

Tijuana Atlanta
Birmingham
Ciudad Jurez Dallas

KEYENCE MEXICO Tampa

S.A. DE C.V.

1. UL Standards
Underwriters Laboratories Inc. is the non-profit testing organization founded in 1894 as a fire underwriter association. It is
currently the most famous NRTL (Nationally Recognized Testing Laboratory) and performs certification tests on several types
of electrical and electronic products. Even though UL certification is essentially voluntary, many electrical products made in
the USA acquire UL certification. The two main categories in the UL certification system are Listing and Recognition. Listing
generally means the certificate for the end-products, while Recognition means the certificate for the components intended to
be incorporated into end-products.
As the United States and Canada have completed an MRA (Mutual Recognition Agreement), certification can be mutually
recognized. If UL certifies a product according to Canadian standards (CSA Standards), the certification mark for the product
will show the conformity to the CSA Standards by C-UL mark, as seen below.
After obtaining UL certification, UL factory inspectors conduct an on-site factory inspection four times per year. The purpose

Listing Mark Recognition Mark

of this inspection is to verify that a product continues to be manufactured in compliance with UL standards. If the UL factory
inspector discovers that the product does not conform to UL standards, the product will not be allowed to ship with the UL
mark.

A code known as a CCN (Category Control Number) indicates the category of the UL certified product. CCN generally consists
of four letters and one number. Using Keyences PLC (with NRAQ as the basic CCN) as an example, the codes can be
explained in the following manner.

4
 CCN Certification type Applicable Standard Description

NRAQ Listing UL Standards Listing certification in U.S.A.

NRAQ2 Recognition UL Standards Recognition certification in U.S.A.

NRAQ7 Listing CSA Standards Listing certification in Canada

NRAQ8 Recognition CSA Standards Recognition certification in Canada

The purpose of UL standards is to reduce the risk of fire and electric shock in electrical and/or electronic products. Therefore,
when using a power source that has an output considered to be free from the risk of fire and electric shock (Class 2 power
source according to the National Electrical Code), the product connected to that power source does not necessarily need UL
certification.
See the appendix for a list of Keyences UL certified products.

To learn more about UL, visit the following web sites:

UL Homepage (English): http://www.ul.com/
UL Japan Homepage (Japanese) : http://www.vljapan.co.jp/

2. FDA (CDRH)
The FDA (Food and Drug Administration), a U.S. government agency, oversees many smaller organizations. One of those
organizations is known as the CDRH (Center for Devices and Radiological Health), which is responsible for radiological
electrical products and medical devices. Products using lasers are controlled by the CDRH.

21 CFR Part 1040.10 provides specific safety standards for laser products. Products that do not comply with these standards
cannot be sold in the U.S., nor can they be imported into the U.S. Therefore, manufacturers of laser products are required to
file a Product Report to the CDRH showing the conformity to Part 1040.10 before selling laser products in or importing laser
products to the United States.

To learn more about the FDA (CDRH), visit the following web site:
FDA (CDRH) Homepage: http://www.fda.gov/Radiation-EmittingProducts/default.htm

3. ANSI Standards
he ANSI (American National Standard Institution) is a non-profit organization founded in 1918 that acts as a standardization
body in the United States. ANSI does not generally create its own standards. It instead recognizes standards created by groups
such as experts in the field or associated committees, and adopts them as ANSI standards. Many of the UL Standards have
been adopted as ANSI/UL Standards.

To learn more about the ANSI Standards, visit the following web site:
ANSI Homepage: http://www.ansi.org/

5
 4. FCC
The Federal Communications Commission (FCC) is a U.S. government agency that controls radio and telecommunications. The
FCC is charged with regulating interstate and international communications by radio, television, satellite, wireless, and other
methods.

Specific regulations for generic electrical products are provided in 47 CFR Part 15. Among the FCC regulations, Part 15 Radio
Frequency Devices, Part 18 Industrial, Scientific and Medical (ISM) Equipment, or Part 68 Connection of Terminal Equipment
to the Telephone Network are the most well-known regulations for electrical products.

Intentional Radiators (i.e. wireless LAN equipment) cannot be sold in the United States without FCC certification. Products that
obtain FCC certification have an FCC ID on the product.

To learn more about the FCC, visit the following web site:
FCC Homepage: http://www.fcc.gov/

6
Canada

1. CSA Standards (Canadian Standards Association)

The CSA, a Notified Body, is charged by the SCC (Standards Council of Canada), a Federal Crown Corporation, to develop
Canadian standards. Even though the standards are voluntary, many CSA standards have been officially adopted as National
Standards of Canada and are quoted in laws by the Canadian government, provincial governments, and other local authorities.

*CSA standards, which have been adopted as the National Standards of Canada, are recognized with the prefix "CAN"
in the standard number (e.g. CAN/CSA-C22.1).

To learn more about the CSA Standards, visit the following web site:
CSA Homepage: http://www.csa-international.org/

CSA Standards
CSA Electrical Safety Standards

y CAN/CSA C22.1 Canadian Electrical Code Part 1

This Code covers all electrical work and electrical equipment operating or intended to operate at all voltages in electrical
installations for buildings, structures, and premises, including factory-built relocatable and non-relocatable structures.

y CAN/CSA C22.2 Canadian Electrical Code Part 2

The Code specifies individual standards in terms of electrical machines, apparatus and their components and materials that
are connected to the power sources wired according to the above Code, Part I.

y CAN/CSA C22.2 No. 0 General Requirements

This standard shall form a part of, and be read in conjunction with, all individual standards to which the requirements of C22.2
Series may apply.

7
 Safety of Machinery in U.S.
Standards in the United States
The U.S. standardization body is the American National Standards Institute(ANSI).
ANSI does not generally create its own standards, but they adopt the standards created by the other organizations, as ANSI
standards. Below are representative examples of ANSI standards related to the safety of machinery in the U.S.

Standards for safety of machine tools

ANSI B11 series

Standard Number Title

ANSI B 11.1 Machine Tools - Mechanical Power Presses - Safety Requirements for Construction, Care, and Use
ANSI B 11.2 Hydraulic Power Presses - Safety Requirements for Construction, Care, and Use
ANSI B 11.3 Machine Tools - Safety Requirements for Power Press Brakes
ANSI B 11.4 Machine Tools - Safety Requirements for Shears
ANSI B 11.5 Machine Tools - Iron Workers - Safety Requirements for Construction, Care, and Use
ANSI B 11.6 Safety Requirements for Manual Turning Machines with or without Automatic Control
ANSI B 11.7 Cold Headers and Cold Formers - Safety Requirements for Construction, Care, and Use
ANSI B 11.8 Safety Requirements for Manual Milling, Drilling and Boring Machines with or without Automatic Control
ANSI B 11.9 Safety Requirements for the Construction, Care, and Use of Grinding Machines
ANSI B 11.10 Safety Requirements for Metal Sawing Machines
ANSI B 11.11 Safety Requirements for Gear and Spline Cutting Machines
ANSI B 11.12 Safety Requirements for Roll-forming and Roll-bending Machines
ANSI B 11.13 Machine Tools - Single- and Multiple-Spindle Automatic Bar and Chucking Machines - Safety Requirements for Construction, Care and Use
ANSI B 11.14 Machine Tools - Coil-Slitting Machines Safety Requirements for Construction, Care, and Use
ANSI B 11.15 Safety Requirements for Pipe, Tube, and Shape Bending Machines
ANSI B 11.16 Safety Requirements for Powder / Metal Compacting Presses
ANSI B 11.17 Safety Requirements for Horizontal Hydraulic Extrusion Presses
ANSI B 11.18 Machine Tools - Safety Requirements for Machines Processing or Slitting Coiled or Non-Coiled Metal
ANSI B 11.19 Performance Criteria for Safeguarding
ANSI B 11.20 Machine Tools - Safety Requirements For Integrated Manufacturing Systems

Standard for industrial Robots and Robot systems (ANSI/RIA R15.06)

Manufacture, remanufacture, and rebuild of robots Safeguarding of personnel

<Example of requirements> <Example of requirements>
y Measures for EMI, ESD and RFI y Responsibility
y Safety circuit performance y Risk assessment method...etc.
y Robot stopping circuits, especially emergency stop.
y Pendant and other teaching controls, including enabling device...etc. Maintenance of robots and robot systems
<Example of requirements>
Performance requirements of safeguarding devices y Maintenance program for continued safe operation.
<Example of requirements>
Testing and start-up of robots and robot systems
y Interlocking safeguarding devices
y Safety light curtain, <Example of requirements>
y Safety mat system y Initial start-up procedure...etc.
y Two-handed control equipment...etc.
Safety training of personnel
Installation of robots and robot systems <Example of requirements>
y Training requirements...etc.
<Example of requirements>
y Safety related software and firmware based controllers...etc.
8
Regulation on Occupational Safety and Health in the U.S.
Occupational Safety and Health in U.S are handled by OSHA (Occupational Safety and Health Administration), which was
created under the "Occupational Safety and Health Act" established in 1970.
29CFR Part 1910 covers the occupational safety and health issue, and Subpart O of that part covers the machinery and
machine guarding. Since this regulation sometimes refers to ANSI, NFPA, UL or other safety standards that are voluntary
standards, these standards are consequently treated as mandatory.

9
 Safety of Semiconductor Manufacturing Equipment
Safety under SEMI and SEMI Standards
SEMI (Semiconductor Equipment and Materials Institute) was established in 1970 as an organization for semiconductor
equipment and material manufacturers. SEMI establishes the SEMI standards for the semiconductor sector. SEMI S2
(Environmental, Health, and Safety Guideline for Semiconductor Manufacturing Equipment) deals with the safety aspects of
SEMI standards. Further, as related guideline to SEMI S2, SEMI S8 (Safety guidelines for Ergonomics Engineering), SEMI S10
(Safety Guidelines for Risk Assessment and Risk Evaluation Process), SEMI S21 (Safety Guideline for Worker Protection) and
SEMI S22 (Safety Guidelines for the Electrical Design) were established.

SEMI S1 ... Safety Guidelines for Equipment Safety Labels

SEMI S2 ... Safety Guidelines for Environmental, Health, and Safety Guidelines for Semiconductor Manufacturing Equipment

SEMI S3 ... Safety Guideline for Process Liquid Heating System

SEMI S4 ... Safety Guidelines for Separation of Chemical Cylinders Contained in Dispensing Cabinets

SEMI S5 ... Safety Guidelines for Sizing and Identifying Flow Limiting Devices for Gas Cylinder Valves

SEMI S6 ... EHS Guideline for Exhaust Ventilation of Semiconductor Manufacturing Equipment

SEMI S7 ... Safety Guidelines for Environmental, Safety, and Health (ESH) Evaluation of Semiconductor Manufacturing Equipment

SEMI S8 ... Safety Guidelines for Ergonomics Engineering of Semiconductor Manufacturing Equipment

SEMI S9 ... Guide to Electrical Design Verification Tests for Semiconductor Manufacturing Equipment

SEMI S10 ... Safety Guidelines for Risk Assessment and Risk Evaluation Process

SEMI S11 ... Environmental, Safety, and Health Guidelines for Semiconductor Manufacturing Equipment Minienvironments

SEMI S12 ... Guidelines for Equipment Decontamination

SEMI S13 ... Environmental, Health and Safety Guideline for Documents Provided to the Equipment User for Use With Semiconductor Manufacturing Equipment

SEMI S14 ... Safety Guidelines for Fire Risk Assessment and Mitigation for Semiconductor Manufacturing Equipment

SEMI S15 ... Safety Guideline for the Evaluation of Toxic and Flammable Gas Detection Systems

SEMI S16 ... Guide for Semiconductor Manufacturing Equipment Design for Reduction of Environmental Impact at End of Life

SEMI S17 ... Safety Guidelines for Unmanned Transport Vehicle (UTV) System

SEMI S18 ... Environmental, Health, and Safety Guideline for Silane Family Gases Handling

SEMI S19 ... Safety Guidelines for Training of Semiconductor Manufacturing Equipment Installation, Maintenance and Service Personnel

SEMI S20 ... Safety Guidelines for Identification and Documentation of Energy Isolation Devices for Hazardous Energy Control

SEMI S21 ... Safety Guideline for Worker Protection

SEMI S22 ... Safety Guideline for the Electrical Design of Semiconductor Manufacturing Equipment

10
Three Key Points for Protection Against Mechanical Hazards
y Intrinsically Safe Design
First, it is necessary to design machinery so that the production will be free of risk sources. Simple examples are machines
designed to be free of sharp edges and isolation of users from risk sources. What is important here is risk assessment. By
carrying out risk assessment, mechanical hazards are eliminated one by one by considering the hazardous nature and
frequency of occurrence.

y Reduction of Risk by Safety Measures

If the design leaves the possibility of user access to a risk source, safety measures are necessary. A typical measure is to detect
when a user enters a dangerous part of a device with a safety light curtain and to turn off the power to the hazardous device in
order to prevent danger. Naturally, risk assessment is necessary for safety measures and limitations are imposed on the types of
countermeasures and equipment to be used depending on the hazardous nature and frequency of occurrence.

y Management of Safety and Health

Producing safe machines based solely on "intrinsically safe design" and "safety measures" is not sufficient. The safety of all
machines with safety features will deteriorate the longer they are used due to degradation of components or loosening of
assembly, etc.
Therefore, it is important to conduct regular inspections. It is necessary to devise management methods which can detect
serious defects which can cause deterioration of safety at an early stage by inspection and carry it out thoroughly. Also,
factory managers and other managers need to constantly enhance awareness towards safety and health and instruct machine
operators how to use machines correctly.
Although management of safety and health is often neglected, protection against mechanical hazards can be only realized
when safety and health is managed.

Intrinsically Safe Design

Management for
Safety measures
safety and health

11
 Hazard Identification
Machines have various hazards. First, it is necessary to identify these hazards.
Hazards can be largely classified into the following categories.

Mechanical Hazards*
Crushing Shearing

Cutting Entanglement

Drawing-in or trapping Stabbing or puncture

*Other hazards include impact, friction or abrasion etc.

Electrical Hazards
Contact of person with live parts, insulation failure, electrostatic phenomena, etc.
Hazards generated by Noise
Hearing loss, tinnitus, etc.
Hazards generated by Radiation
Ultra-violet light, X rays, laser radiation, electromagnetic fields, etc.
Hazards generated by negligence ergonomics principles
Mental overload or underload, or stress, etc.
Thermal hazards
Burns and scalds from contact with objects or materials with an extreme temperature, flames or explosions and radiation from heat sources, etc.
Hazards generated by Vibration
Disorder of the body parts, etc. caused by mechanical vibration.
Hazards generated by materials and substance
Hazardous substance, combustible material, etc.
12
Risk Assessment and Risk Reduction Process
The following chart shows the 3-step method for the risk reduction process established by ISO 12100.

Start

Determination of the limits of Risk assessment according to ISO 14121

the machine

This iterative risk reduction process shall be carried

Hazard identification
out separately for each hazard, hazardous situation,
under each condition of use.

Risk estimation

YES
Risk evaluation
NO Are other hazards
generated?

Has the risk been YES

adequately
End
reduced?
At each step of the interactive process:
risk estimation, risk evaluation, and, if
NO possible, risk comparison.

YES
Can the hazard be
removed? Step 1
Risk reduction by Is the YES
NO inherently safe intended risk reduction
design measures achieved?

Can the risk YES

be reduced by inherently safe NO
design measures?

NO
Step 2
Risk reduction by
Can the risk be YES safeguarding Is the YES
reduced by guards, protective Implementation of intended risk reduction
devices? complementary achieved?
protective measures
NO NO
Step 3

YES Can the limits be NO Risk reduction by Is the YES

intended risk reduction
specified information for use
again? achieved?

NO

Risk Assessment
The area within the dotted lines on the figure corresponds to risk assessment established by ISO 14121.
Risk assessment can be explained by the following items.

1 Determination of the Limits of the Machine 3 Risk Estimation

Determination of the limits of the machinery must be carried out. In other After hazard identification, the risk estimation must be carried out
words, the limits of machinery includes the intended use, the phases of for each hazard by determining the elements of risk.The elements
machinery life, and the full range of foreseeable uses of the machinery. of risk can be determined by combining the severity of harm and
probability of occurrence of that harm.

2 Hazard Identification 4 Risk Evaluation

All hazards, hazardous situations and hazardous events associated with the After risk estimation, risk evaluation must be carried out to
machinery must be identified. (Further information is in ISO12100-1.) determine if risk reduction is required or whether safety has been
achieved based on the risk estimation.

13
 ISO 13849-1 and Performance Level
Based on the result of risk assessment, risk reduction process must be done for ensuring safety. ISO12100 specifies 3-step
method for risk reduction, which consists of inherently safe deign measures, safeguarding and complementary protective measures
and information for use.
In case where the safety-related control system is established as the measure for risk reduction, an inherently safe design and
minimization of failure probability that causes the loss of safety function must be taken into account.
In that case, ISO13849-1: 2006 will be applied for this purpose.

Performance Level
In case where the safety-related control system is established to operate safety function, required performance level (PLr) must
be taken into account.
Required performance level can be determined according to the following graph. (This graph is shown in ISO13849-1, which is
titled as risk graph for determining required PL for safety function.)

PLr
L

P1 a
F1
P2
S1
P1 b
F2
1 P2
c
P1
F1
P2
S2 d
P1
F2
P2
e
H

1: starting point for evaluation of safety functions contribution to risk reduction

L: low contribution to risk reduction
H: high contribution to risk reduction
PLr: required performance level
S: Severity of injury
S1: slight (normally reversible injury)
S2: serious (normally irreversible or death)
F: Frequency and/or exposure to hazard
F1: seldom-to-less-often and/or exposure time is short
F2: frequent-to-continuous and/or exposure time is long
P: Possibility of avoiding hazard or limiting harm
P1: possible under specific conditions
P2: scarcely

Performance Level (hereinafter, called as PL) is the discrete level used to specify the ability of safety-related parts of
control systems to perform a safety function under foreseeable conditions, which is represented with average probability of
dangerous failure per hour as shown in below table.
Once the required performance level is determined according to the risk graph above, a safety-related control system must
be designed with the measures whose average probability of dangerous failure per hour is lower than PLr.

14
Evaluation for performance level
Performance level for safety-related control system is determined based on the following aspects.
1) The quantifiable aspects (MTTFd value for single components, DC, CCF)
2) The non-quantifiable, qualitative aspects (behavior of the safety function under fault conditions, safety-related software,
systematic failure and environmental conditions)

Category
ISO13849-1: 1999 specified the safety category for the design of safety-related control systems which consists of 5 categories
from category B to category 4. (Safety category was based on the behavior of the safety function under fault conditions.) On the
other hand, ISO13849-1: 2006 specifies the safety category as just a one factor for the design of safety-related control system
in order to meet PLr.

Principle MTTFd of
Category Summary of System behavior DCavg CCF
used to each
requirements
achieve safety channel
SRP/CS and/or their The occurrence of a fault
protective equipment, as can lead to the loss of the
well as their components, safety function.

B
shall be designed, Mainly
constructed, selected, characterized by
assembled and combined in Low to Medium None Not relevant
selection of
accordance with relevant components
standards so that they can
withstand the expected
influence. Basic safety
principles shall be used.

Requirements of B shall The occurrence of a fault Mainly

1
apply. Well-tried can lead to the loss of the characterized by
components and well-tried safety function but the selection of High None Not relevant
safety principles shall be probability of occurrence is components
used. lower than for category B.

Requirements of B and the The occurrence of a fault

use of well-tried safety can lead to the loss of the

2
principles shall apply. safety function between the ISO13849-1
Mainly specifies the
Safety function shall be checks. characterized by Low to High Low to Medium
checked at suitable intervals The loss of safety function is requirements in
structure annex F
by the machine control detected by the check.
system.

Requirements of B and the When a single fault occurs,

use of well-tried safety the safety function is always
principles shall apply. performed.
Safety-related parts shall be Some, but not all, faults will

3
designed, so that be detected.
ISO13849-1
- a single fault in any of Accumulation of undetected Mainly specifies the
these parts does not lead to faults can lead to the loss of characterized by Low to High Low to Medium requirements in
the loss of the safety the safety function. structure annex F
function, and
- whenever reasonably
practicable, the single fault
is detected.

Requirements of B and the When a single fault occurs

use of well-tried safety
principles shall apply.
Safety-related parts shall be
designed, so that
- a single fault in any of
the safety function is always
performed.
Detection of accumulated
faults reduces the
probability of the loss of the

4
these parts does not lead to safety function (high DC). ISO13849-1
Mainly High including
a loss of the safety function, The faults will be detected in specifies the
characterized by High accumulation of
and time to prevent the loss of requirements in
structure faults
- the single fault is detected the safety function annex F
at or before the next
demand upon the safety
function, but that if this
detection is not possible, an
accumulation of undetected
faults shall not lead to the
loss of the safety function.

15
 Functional Safety Standards (IEC 61508)
Previously, safety-related control systems had to be established with the hard-wired circuits, especially safety relay or mechanical
protective devices.
However, as safety-related control systems have evolved in function and complexity, software has been required to establish the
safety-related control systems.
Since conventional international safety standards did not involve the requirements for such complicated systems (ex. Software), IEC
established the IEC61508 series, which are the requirements for functional safety of electrical/electronic/programmable electronic
(hereinafter, E/E/PE) safety-related systems, to expand the scope of standards for safety-related control system.

1. Functional safety
Functional safety means a part of the overall safety relating to the machinery and the machinery control system, which depends
on the correct functioning of the E/E/PE safety-related systems, other technology safety-related systems and external risk
reduction facilities.

failure, occurring at a random time, which results from one or more of the possible
Random hardware failure degradation mechanisms in the hardware

failure related in a deterministic way to a certain cause, which can only be eliminated by
Systematic failure a modification of the design or of the manufacturing process, operational procedures,
documentation or other relevant factors

The relative failure probability based on the above failure modes is defined as SIL (Safety Integrity Level).

16
2. Overall safety lifecycle
IEC61508 specifies the overall safety lifecycle for E/E/PE as shown below, which consists of 16 items.
(Concept to disposal)

1 Concept

Overall scope
2 definition

Hazard and risk

3 analysis

Overall safety
4 requirements

Safety requirements
5 allocation

*Follow 10 and 11 as required

Overall planning Safety-related External risk

Safety-related systems: other reduction
systems: E/E/PE technology facilities
Overall Overall 9 10 11
6 operation and
maintenance
7 Overall safety
validation 8 installation and
commissioning
Realization (see
E/E/PE safety Realization Realization
lifecycle)

Overall installation
12 and commissioning

Back to appropriate overall

safety lifecycle phase
13 Overall safety
validation

Overall operation,
14 maintenance and
repair
15 Overall modification
and retrofit

Decommissioning or
16 disposal

17
 3. Safety Integrity Level (SIL)
Safety Integrity Level is defined as the discrete level (one out of a possible four) for specifying the safety integrity requirements
of the safety functions to be allocated to the E/E/PE safety-related systems, where safety integrity level 4 has the highest level of
safety integrity and safety integrity level 1 has the lowest.
Furthermore, IEC61508 also specifies the two categories, which are low demand mode of operation and high demand or
continuous mode of operation, to determine the safety integrity level.

Low demand mode of operation:

where the frequency of demands for operation made on a safety-related system is no greater than one per year and no greater
than twice the proof-test frequency

High demand or continuous mode of operation:

where the frequency of demands for operation made on a safety-related system is greater than one per year or greater than
twice the proof-check frequency

SL-V Series is categories as high demand or continuous mode of operation and complies with SIL 3, which is the highest level
for safety of machinery.

<Reference> Target failure measures for a safety function

Low demand mode for operation High demand or continuous mode of operation
SIL
(Average probability of failure to perform its design function on demand) (Probability of a dangerous failure per hour)

4 >10 5 to <10 4 >10 9 to < 10 8

3 >10 4 to < 10 3 >10 8 to < 10 7

2 >10 3 to < 10 2 >10 7 to < 10 6

1 >10 2 to < 10 1 >10 6 to < 10 5

18
Emergency Stop
1. Stop function
There are three categories of stop functions in IEC60204-1.
The emergency stop shall function either as a stop category 0 or as a stop category 1
Furthermore, the stop category has to be determined based on the risk assessment.

Stop category 0:
stopping by immediate removal of power to the machine actuators (uncontrolled stop)

Stop category 1:
a controlled stop with power available to the machine actuators to achieve the stop
and then removal of power when the stop is achieved

Stop category 2:
a controlled stop with power left available to the machine actuators

2. Emergency Stop function

ISO13850 specifies functional requirements and design principles for the emergency stop function on machinery,
independent of the type of energy used to control the function.
For the definition of emergency stop, explanation is as follows.

Operator recognizes the need for an emergency stop

Start emergency stop

Operation
Emergency stop reset

Mechanical restart possible

Stop
(Stopped state)
Time
Emergency stop function

3. Requirements for the emergency Stop function

Requirements from IEC60204-1

Emergency stop function shall override all other functions and operations in all modes
Power to the machine actuators that can cause a hazardous situation(s) shall be either removed immediately
(stop category 0) or shall be controlled in such a way to stop the hazardous motion as quickly as possible
(stop category 1) without creating other hazards
Reset shall not initiate a restart.

Additional requirements from ISO13850

The emergency stop function shall be available and operational at all times and override all other functions and
operations in all operating modes of the machine without impairing any facilities designed to release trapped persons.
It shall not be possible for any start command (intended, unintended or unexpected) to be effective on those operations
stopped by the initiation of the emergency stop function until the emergency stop function is manually reset.
The emergency stop function shall not be applied as a substitute for safeguarding measures and other safety
functions but should be designed for use as a complementary protective measure.
19
 Concept of Basic Safety Circuits
When designing a safety circuit, the following points need to be taken into consideration.

What happens if the circuit is disconnected ?

What happens if the circuit is disconnected and grounded ?
What happens if it short-circuits ?
* Depending on the circuit, there are some failure modes which need to be taken into consideration.

For example, below is a basic circuit which satisfies all three points above.

Correct Circuit

No fuse will cause danger because

a short circuit will occur when this part
is disconnected or a ground fault occurs.

Short
Circuit
F
Power
Supply Load
Power
Supply Load

If there is a switch here ...

Power
Supply Load

If this part is disconnected

and ground fault occurs,
power is supplied to the
load, causing danger to the user.

20
World Standards
1 International Standards
There are two types of international standards: IEC standards, which specialize in electrical and electronic technical fields, and
ISO standards, which cover non-electrical technical fields.

1. IEC standards
(IEC: International Electrotechnical Commission)
The IEC is a standardization body established in 1908 that specializes in electrical and electronic technical fields.
Headquarters are located in Geneva, Switzerland. The international system that evaluates electrical and electronic products
according to IEC standards, and gives certification for compliance with applicable IEC standards, is called the CB Scheme.
Using this scheme, the procedures to obtain certification in IEC member countries is be simplified.

To learn more about IEC standards, visit the following web site:
IEC Homepage: http://www.iec.ch/

2. ISO standards
(ISO: International Organization for Standardization)
The ISO is a standardization body established in 1947 that specializes in non-electrical technical fields. Headquarters are
located in Geneva, Switzerland. Some of the most notable ISO standards include ISO 9001: Quality management systems,
and ISO 14001: Environmental management systems.

To learn more about ISO standards, visit the following web site:
ISO Homepage: http://www.iso.org/iso/en/ISOOnline.frontpage/

21
 Safety of Machinery
International Standards for Safety of Machinery
The IEC and ISO jointly published the IEC/ISO Guide 51 as a guideline for establishing standards for safety of machinery. This
guide specifies the categorization and standardization system for international safety standards.

Type-A Standards: Basic Safety Standards

Standards that give basic concepts, principles for design, and general aspects that can be applied to all machinery.

Type-B Standards: Generic Safety Standards

Standards that deal with one safety aspect or one type of safeguard that can be used across a wide range of machinery.
Type B Standards can be classified further into Type B1 and Type B2

Type B1 Standards: Standards on a particular safety aspect. (e.g. Primarily safety distances, surface temperature, noise.)

Type B2 Standards: Standards on safeguards. (e.g. Primarily light curtains, two-hand controls, interlocking devices,
pressure sensitive devices, guards.).

Type-C Standards: Machine Safety Standards

Standards that deal with detailed safety requirements for a particular machine or group of machines.

When there is a Type C standard that is applicable to a specific machine, such machine shall be designed according to the
Type C standards. If there are no Type C standards, then the machine shall be designed according to Type A and Type B
standards.

Type A Standards (Basic Safety Standards)

ISO12100-1 Basic terminology, methodology

ISO12100-2 Technical principles
ISO14121 Risk assessment etc.

Type B Standards (Generic Safety Standards)

ISO14119 Interlocking devices Electrical equipment of machine IEC60204

ISO13849 Safety-related parts of control systems ESPE IEC61496
ISO13850 Emergency stop Functional safety of E/E/PE safety-related systems IEC61508
ISO13851 Two-hand controls Low-voltage switchgear and controlgear IEC60947
ISO13852 Safety distance (upper limbs) EMC IEC61000
ISO13853 Safety distance (lower limbs) etc
etc

Type C Standards (Machine Safety Standards)

Machine tool, Chemical plant, Semiconductor manufacturing equipment,
Woodworking machine, Industrial robot, Transport machine,
Press welding machine, Unmanned transport device, Forging machine,
Printing press, Casting machine, etc.

22
European Standard
1. EN (European Norm)

EC Directives and CE Marking

The member states of the European Union (EU), which was established in 1993, enacted common rules known as the Directive.
The purpose of the Directive is to remove the factors preventing free trade and distribution within the EU region, such as the
laws, regulations, and standards of each member state, to harmonize the legal system, and to stimulate the EU economy. With
respect to compliance with the Directives included in the New Approach Directive, the CE marking can be affixed to a product
only if it meets the requirements of all applicable Directives. The following Directives are considered principal among those that
comprise the New Approach Directives.

- Machinery Directive (2006/42/EC)

- EMC Directive (2004/108/EC)
- Low-Voltage Directive (2006/95/EC)
- R&TTE Directive (1999/5/EC)

Finland
Sweden

United
Kingdom Denmark
Ireland Netherlands Poland
Belgium Germany
Czech
Slovakia
Austria Hungary
France
Switzerland

Italy
Portugal Spain
Greece Turkey

In order to make these EC Directives a reality, the EN standards were created as a unified standard in the EU. As the EC
Directives do not necessarily specify technical criteria, a product that complies with the Harmonized Standard corresponding
to each Directive can affix a CE marking. These Harmonized Standards are published in the EU Official Journal. The
CENELEC (European Committee for Electrotechnical Standardization) is in charge of the implementation and revision of the EN
standards in the electrical and electronic fields, while the CEN (European Committee for Standardization) is in charge of the
implementation and revision of the EN standards in the other fields. Basically, the EN Standard harmonizes to either IEC or ISO
standards.

To learn more about the EN Standards, visit the following web site:
CEN: http://www.cenorm.be/cenorm/index.htm

23
 2. Machinery Directive (2006/42/EC)
The Machinery Directive deals with machinery and the safety components specified in Machinery Directive Annex V.
The Machinery Directive defines the following as machinery:

an assembly, fitted with or intended to be fitted with a drive system other than directly applied human or
animal effort, consisting of linked parts or components, at least one of which moves, and which are joined
together for a specific application,
an assembly referred to in the first indent, missing only the components to connect it on site or to sources
of energy and motion,
an assembly referred to in the first and second indents, ready to be installed and able to function as it stands
only if mounted on a means of transport, or installed in a building or a structure,
assemblies of machinery referred to in the first, second and third indents or partly completed machinery
referred to in point (g) which, in order to achieve the same end, are arranged and controlled so that they
function as an integral whole,
an assembly of linked parts or components, at least one of which moves and which are joined together,
intended for lifting loads and whose only power source is directly applied human effort;

According to the Machinery Directive, the seventeen types of machines and five types of safety components listed in Annex
V must be investigated by a Notified Body. Depending on the product, a machine may have to comply with not only the
Machinery Directive, but also other Directives, such as the EMC or Low-Voltage Directives.

To learn more about the Machinery Directive, visit the following web site:
http://ec.europa.eu/enterprise/newapproach/standardization/harmstds/reflist/machines.html

3. EMC Directive (2004/108/EC)

The scope of the EMC Directive covers almost all electrical and electronic equipment by focusing on equipment that may
generate electromagnetic disturbance or may malfunction due to such disturbance. The EMC Directive has required a CE
marking since 1996, having a major impact on companies exporting to the EU. EMC stands for Electromagnetic Compatibility,
and the EMC Directive requires that equipment not be affected by both emission (EMI: Electromagnetic Interference) and
immunity (EMS: Electromagnetic Susceptibility).

To learn more about the EMC Directive, visit the following web site:
http://ec.europa.eu/enterprise/newapproach/standardization/harmstds/reflist/emc.html

24
4. Low-Voltage Directive (2006/95/EC)
The scope of the Low-Voltage Directive covers the electrical equipment that is designed for use with an input/output voltage
rating of 50 to 1000 VAC or 75 to 1500 VDC. The Low-Voltage Directive has required a CE marking since 1997, and along with
the EMC Directive, has had a major impact on companies exporting to the EU.

To learn more about the Low-Voltage Directive, visit the following web site:
http://ec.europa.eu/enterprise/newapproach/standardization/harmstds/reflist/lvd.html

5. R&TTE Directive (1999/5/EC)

The R&TTE Directive came into effect in 1999, targeting radio and telecommunication terminal equipment. (R&TTE: Radio
equipment and Telecommunications Terminal Equipment). To be more specific, the scope of the R&TTE Directive covers
all radio equipment, and all telecommunication terminal equipment that is intended to be connected directly or indirectly to
interfaces of public telecommunications networks. For radio equipment using an unharmonized frequency in the EU, a Notified
Body must be involved to verify the conformity to the R&TTE Directive. The requirements of the EMC Directive and Low-Voltage
Directive are included in the R&TTE Directive.

To learn more about the R&TTE Directive, visit the following web site:
http://ec.europa.eu/enterprise/newapproach/standardization/harmstds/reflist/radiotte.html

6. Notified Body
The following organizations are examples of Notified Bodies who can judge the conformity to the EN standards.

TV SD (Germany) NEMKO (Norway)

TV Rheinland (Germany) SEMKO (Sweden)

DEMKO (Denmark) BSI (U.K.)

25
 Expansion of the European Union (EU)
The European Union currently consists of 27 countries.
The current member states are listed below:

Finland

Sweden

Estonia

Latvia

Denmark Lithuania
Ireland
United Kingdom
Netherlands Poland

Belgium Germany
Luxembourg Czech Rep.
Slovakia
Austria Hungary
France Romania
Slovenia

Bulgaria
Italy
Portugal
Spain
Greece

Malta Cyprus

New member states

Original member states

Romania and Bulgaria became member states of the European Union in 2007. Turkey is one of the official candidates to join the
Union, though its accession is still under discussion, and countries such as Croatia and Macedonia are also listed as potential
nations to join the Union.

26
2 China

1. CCC Certification System

Beijing

Dalian
Tianjin
China
Suzhou

Shanghai

Guangzhou Shenzhen

Hong Kong

The CCC Certification system is a compulsory certification system for product safety in China, which was established in August
2002. (CCC: China Compulsory Certification) Before the start of the CCC Certification system, there were two certification
systems in China, known as the CCIB and CCEE. After China became a member of the WTO, China unified the two systems
into the CCC Certification system. The CCC Certification system was enforced in August 2003 through a one year grace
period. The CCC certification system is under the management of the General Administration of Quality Supervision, Inspection
and Quarantine of the Peoples Republic of China (AQSIQ) and the Certification and Accreditation Administration of the
Peoples Republic of China (CNCA). After China became a member of the WTO, China has accelerated to adopt the IEC or
ISO international standards as the technical standards of the Peoples Republic of China (the GB Standards) for the basis of the
CCC Certification system.

The first catalog of products subject to the CCC compulsory certification included 132 products in 19 categories.
(For more specific information, see 2002s Announcement 60, First Catalog of Products Subject to Compulsory Certification
(URL: http://www.cnca.gov.cn/cnca/zwxx/ggxx/3935.shtml Chinese only available.) jointly published by the AQSIQ and CNCA
on July 1, 2002.)

To learn more about the CCC Certification system, visit the following web sites:
CNCA: http://www.cnca.gov.cn/
AQSIQ: http://www.aqsiq.gov.cn/

The following products fall under the
umbrella of products that require CCC
Certification. However, KEYENCE will not
acquire CCC Certification at this time.
Multi-voltage Power Supply Photoelectric Sensors PW Series
Separate Amplifier Proximity Sensors/Amplifier ES-11AC, ES-12AC, ES-21AC
AC 2-wire Proximity Sensors EV-12M, EV-18M, EV-30M
Separate Amplifier Photoelectric Sensors/Amplifier PS-26
Metal Passage Confirmation Sensors/Amplifier TA-340
High-accuracy Positioning Sensor/Amplifier EG-540, EG-545, EG-547
Shock Sensors/Amplifier GA-245
Stroke-end Detectors/Amplifier PL-465, PL-465H
Double-fed Metal Plate Detectors/Amplifier DD Series
Vision System Peripherals CV-M10, CV-R10, CV-F10
Digital Photo Printers VH-P40, DP-500

27
 3 Japan

1. Electrical Appliance and Material Safety Law (PSE Mark)

The Electrical Appliance and Material Safety
Law (DENAN) is a mandatory national law, and
was enforced on April 1, 2001 in Japan as an
amendment of the Electrical Appliance and
Material Control Law (DENTORI). According to
the DENAN, the certification process is carried
out by testing laboratories known as Conformity
Assessment Bodies. The electrical/electronic
products regulated by the DENAN are divided
into two categories, Specified Products 112
items, and Non-Specified Products 340
items. The Conformity Assessment Body must
examine specified products for compatibility.
In order to distribute the DENAN Products
Japan
(Specified Products and Non-Specified
Products) in Japan, suppliers have to establish
organizations (called Reporting Suppliers) who
are registered in Japan and are responsible for
the safety of the electrical/electronic products.
The following PSE marks are affixed on
Specified Products and Non-Specified
Products to show conformity.

PS PS
E E
Specified Non-Specified
Products Products

To learn more about the Electrical Appliance and Material Safety Law, visit the following web site:
Ministry of Economy, Trade and Industry Electrical Appliance and Material Safety Law Homepage:
http://www.meti.go.jp/policy/consumer/seian/denan/index.htm
A list of Specified Products and Non-Specified Products also appears on the web site.

28
MEMO

29
 Safety Distances when Using a Safety Laser Scanner
The protection zone must be configured so as to ensure the minimum safety distance, which has been calculated according to the
laws, regulations, and standards of the country and region in which the SZ is installed, as well as the specifications discussed in
this user's manual.

To p vi ew o f t h e m ac h i n e Si d e vi ew o f t h e m ac h i n e

Machine A Hazar-
dous
zone
S
Machine

P2 B
Hazar- Detection plane
dous W1
zone
H

W2
Floor, etc.
P3

Hazar-
S dous When there is cover above the SZ
zone
A
Machine
P1
D
B B
A
S Detection plane

Protection zone
Floor, etc.

S = K x T + C + A < According to ISO13855 (2005) and IEC61496-3 (2008) >

S : Safety distance
K : Approach speed of the body or parts of the body in millimeters per second
T : Overall Response time in second (t1 + t2)
t1 : SZ response time in seconds
t2 : Max. time in seconds required to stop the machine after receiving the OSSD signal from SZ
C : 1200 - 0.4 x H (850 mm or higher)
H : Height of detection plane (protection zone) above the reference plane in millimeters,
for example the floor. 1000 mm H 15 x (d-50)
d : SZ minimum detectable object size in millimeters
A : Supplementary necessary distance for SZ in millimeters
P1, P2, P3 : Protection distances to be configured as the protection zones
W1, W2 : Width of the hazardous area
B : Distance between the edge of the hazardous area and protection zone origin on the SZ
D: Unprotected space

30
 Danger The unprotected space (D) between the protection zone and the protective structure must
be less than the minimum detectable object size when the SZ is installed, in order to
prevent the machine operators from approaching into the hazardous zone through this
space (D). Additional countermeasures for protection must be provided if there is an space
(D) between the protection zone and the protective structure such that the minimum detectable
object is not detected by the SZ.
There is a risk of inadvertent undetected access beneath the detection plane (protection
zone), if the height "H" of the detection plane (protection zone) is greater than 300 mm (200 mm
for non-industrial applications, for example in the presence of children). The responsible
personnel must perform a risk assessment taking into account this factor. If necessary,
additional countermeasure must be taken by the responsible personnel.
If you select the minimum detectable object size of 150 mm, "H" (Height of detection
plane) exceeds 1,000 mm.
You must select the minimum detectable object size of 70 mm or less if you want to
configure area protection (direction of approach parallel to the protection zone.).

Example of safety distance calculation

K = 1600 mm/s Approach speed of the body or parts of the body (Constant)
T = t1+t2 = 0.59 s Overall response time
t1 = 0.09 seconds SZ response time (Changeable)
t2 = 0.5 seconds Max. time required to stop the machine after receiving the OSSD signal from SZ
C = 1200-0.4 x H = 1080 mm
H = 300 mm Lowest allowable height of detection plane (protection zone). This must be calculated
using the following formula: H 15 (d 50 mm)
d = 70 mm Minimum detectable object size (Changeable)
A = 100 mm Supplementary necessary distance for SZ
B = 59 mm Distance between the edge of the hazardous area and protection zone origin on
the SZ
W1 = W2 = 1000 mm Width of the hazardous area

Safety Distances
S=KxT+C+A
= 1600 x 0.59 + 1080 + 100 = 2124 mm

Protection distances to be configured as the protection zones

P1 = S - B = 2065 mm
P2 = S + W1 = 3124 mm
P3 = S + W2 = 3124 mm
If there is a high reflective background within 1.5 m from the boundary of the protection zone, another
200 mm must be added as supplementary necessary distance to the P1, P2 and P3 respectively.
We recommend applying a marking on the floor to indicate the specified protection zone.

31
 Safety Distance when Using a Light Curtain
The IEC and ISO jointly published the IEC/ISO Guide 51 as a guideline for establishing standards for safety of machinery.
This guide specifies the categorization and standardization system for international safety standards.

Example 1: EN999 (ISO18855)

Safety distance calculation according to EN999-1999 (ISO13855-2002) (for normal approach into detection zone)

Formula: S = K x T + C..... (A)

S: Safety distance (mm)
K: Approaching speed of the body or the parts of body into detection zone (mm/s)
T: Overall response time (s) (T= t1 + t2)
t1: SL-V Series maximum response time
t2: Maximum time required by the machine to stop after receiving the signal from
protective equipment (SL-V)
C: Additional distance (mm) calculated from the SL-V detection capability.

[Calculation example for a detection capability of 40 mm 1.57" or less]

The safety distance is calculated using Formula (A) and the parameters established in EN999 (ISO13855) with K = 2,000 mm/
s and C = 8 (d - 14 mm). C is a value determined from the d: SL-V Series detection capability diameter (mm) and must be equal
or greater than 0. This is the example when the SL-V is used.

S= 2,000 mm/s x (t1 + t2) + 8 (d - 14 mm)..... (B)

When t1 = 15 ms, t2 = 50 ms, d = 25 mm:
S= 2,000 mm/s x (0.015 s + 0.05 s) + 8 (25 mm - 14 mm) = 218 mm
*The safety distance calculated using Formula (B) above must be 100 mm or more and 500 mm or less.
When the calculated safety distance is less than 100 mm, use a safety distance of S = 100 mm.
Accordingly, the safety distance acquired from Formula (B) above is S = 218 mm.
(From EN999 Clause 6.1.1 and ISO13855 Clause 6.1.1)
If on the other hand, the safety distance calculated using Formula (B) above exceeds 500 mm,
set K = 1,600 mm/s and calculate the safety distance again using Formula (A).
S= 1,600 mm/s x (t1 + t2) + 8 (d - 14 mm)..... (C)
When t1 = 15 ms, t2 = 300 ms, d = 25 mm:
S= 1,600 mm/s x (0.015 s + 0.3 s) + 8 (25 mm - 14 mm) = 592 mm
*The safety distance calculated using Formula C above must be 500 mm or more. When the calculated safety
distance is less than 500 mm, use a safety distance of S = 500 mm. Accordingly, the safety distance acquired
from Formula (C) above is S = 592 mm. (From EN999 Clause 6.1.1 and ISO13855 Clause 6.1.1)
*When the SL-V is being used in a non-industrial application, the minimum safety distance is calculated by
adding 75 mm to the result from Formula (B).Formula (C) cannot be used in this situation. Accordingly, when
the SL-V is used in a non-industrial application, a safety distance of
S = 218 mm + 75 mm = 293 mm is required.

32
Example 2: ANSI B11.19-2003
Safety distance calculation according to ANSI B11.19-2003 (for normal approach into detection zone)
Equation: Ds = K x T + Dpf
Ds : Safety Distance (inch)
K : The maximum speed that an individual can approach the hazard
T : The total time that it takes for the hazardous motion to stop, or for the hazardous portion of the
machine cycle to be completed. This value includes portions of time that vary by machine type and by the safeguarding device applied.
Dpf : The distance (depth) penetration factor. This value varies depending on the SL-V detection capability.
Dpf = 3.4(S-7)mm. See the below figure.

Penetration factor, Dpf, for presence-sensing devices used in a vertical application with object sensitivity less than 64 mm 2.5"
64 (2.5") *One of the accepted values for K is the hand speed constant (It
is usually considered as the horizontal motion of the hand and
Minimum Object Sensitivity

arm while seated). Its common value is 1.6 m/s (63 inch/s)
51 (2.0")
although other values (typically greater) are also used. The hand
speed constant does not include other body movements, which
Os, mm (inch)

38 (1.5") can affect the actual approach speed. Consideration of the above
factors should be included when determining the speed constant
for a given application. OSHA 1910.217(c) provides K = 63 inch/s
25 (1.0")
(= 1,600 mm/s) as a recommended value.

13 (0.5")

0.0
0.0 25 50 76 102 127 152 178
(1.0") (2.0") (3.0") (4.0") (5.0") (6.0") (7.0")
Dpf = 3.4 (S - 7) mm Dpf = 3.4 (S - 0.275) inch

Example 3: ANSI/RIA R15.06-1999

Safety distance calculation according to ANSI/RIA R15.06-1999 (for normal approach into detection zone)

Formula: S = [K x (Ts + Tc + Tr)] + Dpf

S : Safety distance (mm)
K : Approaching speed of the body or the part of body into detection zone(= 1,600mm/s)
Ts : Final stop time required when stop control is issued to machine (s)
Tc : Maximum response time of machines control system (s)
Tr : Maximum response time of the SL-V and its interface (s)
Dpf : Additional distance (mm) from the approach factor as illustrated below.
This value varies depending on the SL-V detection capability.

Penetration factor, Dpf, for presence-sensing devices used in a vertical applications with object sensitivity less than 64 mm 2.5"

64 (2.5")
*ANSI/RIA R15.06-1999 establishes K = 63 inch/s
Minimum Object Sensitivity

and greater
51 (2.0")
(= 1,600 mm/s) as a minimum speed.
Os, mm (inch)

38 (1.5")

25 (1.0")

13 (0.5")

0.0 25 51 76 102 127 152 178 203

(1.0") (2.0") (3.0") (4.0") (5.0") (6.0") (7.0") (8.0")
Additional distance Dpf mm (inch)
ANSI/RIA R15.06-1999 Fig. B.2

Calculate the safety distance accurately and be sure to position the SL-V so that it is separated from the
machines hazardous area by at least the minimum safety distance. Installation of the SL-V closer to the hazard
DANGER or hazardous zone than the minimum safety distance may result in significant harm to the machine operator,
including death.

33
 MEMO

34
MEMO

35
 www.keyence.com

E-mail: keyencecanada@keyence.com E-mail: keyencemexico@keyence.com

Copyright (c) 2009 KEYENCE CORPORATION. All rights reserved. SLSafetyGuide2-KA-TG-E 1110-2 E 611304