How mechanical interlocks can comply with PLe
There are several advantages to using mechanical interlock systems over electromechanical safety switches. Benefits that are often mentioned are; the reduction of installation time, the additional costs for elements as wiring and programming a safety PLC and the reliability of electronic and electromechanical under harsh industrial conditions.
Category 3 and Category 4
Reach PLe and PLd
Most of the time, a dual-channel redundant system with monitoring between the safety circuits is required to achieve Performance Level (PL) D this is always required to achieve PLe.
Although a mechanical interlock or trapped key system does not have the same standard design architecture of a high PL electromechanical or electrical solution, it is possible and sometimes even easier to achieve PLd or PLe with a mechanical interlock system. This is possible by meeting Category 3 and 4 behaviour instead of circuit diagrams designed for electrical components.
Figure 5
Figure 5 from ISO 13849-1 2015 clearly shows the relationship between Category Architectures (Cat B-4), Diagnostic Coverage (DC none to high), Meantime to Dangerous Failure (MTTFd low to high) and the Performance Levels (PL).
Category 3 means that there are no faults that can occur which can lead to loss of the safety function. This is achieved by ensuring that all mistakes that could lead to danger are prevented. In practice, this means that components are designed much more robustly than required or specified (oversizing). There is also a Fail-Safe designed so that it switches to a safe mode in the event of failure.
In Category 4 systems, an accumulation of faults or defects does not lead to the loss of the safety function. Only a combination of 2 faults needs to be considered (unless 3 or more faults are foreseen). This is usually accomplished by ensuring that when an error occurs, the component becomes inoperable and cannot be accessed or restarted until the component has been replaced.
Fortress mechanical interlock systems guarantee this because the keys are provided with a breaking point. Exerting extreme force or a lock failure will cause the key to break. This causes a fail-to-safe condition, this makes operating the device impossible and makes sure that it cannot be bypassed.
When in Category 3 or 4 all the faults that can cause a dangerous failure are excluded. The use of Diagnostic Coverage (DC) is no longer required. This allows a fully mechanical system to comply with PLd or PLe without monitoring and therefore without any wiring or programming. Careful consideration of all possible faults is still necessary and that is why Fortress has obtained independent certification for the entire mGard product group of mechanical interlocks systems. This makes the system suitable to be used in a PLe system for reassurance that all possible failure modes have been well considered.
See ISO TS19837 for more information about mechanical interlock systems or contact us directly.
