MARS petcare

Machine Safety Standard

Book 6
6.1 OVERVIEW

Version 1.0
Machine Safety Standard - Book 6.1

TABLE OF CONTENT

5.1. OVERVIEW .................................................................................................................................................................. 4

5.1.1. Scope ................................................................................................................................................................... 4
5.1.2. Attendance ........................................................................................................................................................... 4
5.1.3. Books Presentation .............................................................................................................................................. 4
o Book 6.1 Overview ................................................................................................................................................... 4
o Book 6.2 Risk Assessment....................................................................................................................................... 4
o Book 6.3 Machine Guarding Requirements.............................................................................................................. 5
o Book 6.4 Safety Functions ....................................................................................................................................... 5
o Book 6.5 Control of Hazardous Energy .................................................................................................................... 5
o Book 6.6 Validation .................................................................................................................................................. 6
o Book 6.7 Ce-Marking & Documentation ................................................................................................................... 6
5.1.4. Use of Books........................................................................................................................................................ 7
5.1.4.1. Existing Machines ....................................................................................................................................... 7
5.1.4.2. New Machines ............................................................................................................................................. 8
5.1.4.3. New Implementation by System Integrator.................................................................................................. 8
5.1.5. Additional Definitions/Requirements .................................................................................................................... 9
5.1.5.1. Machine Definition ....................................................................................................................................... 9
5.1.5.2. Need of Emergency Stop ............................................................................................................................ 9
5.1.5.3. OSHA and US Mars Facilities ..................................................................................................................... 9
5.1.5.4. Additional requirements for Mars Facilities in the US ................................................................................ 10
LIST OF REFERENCE STANDARDS (NOT EXHAUSTIVE) .........................................................................11
GLOSSARY ....................................................................................................................................................13
FLOW CHART ................................................................................................................................................14

NOTE:

This part is one of a series of documents belonging to the Mars Machinery Safety Standard which includes altogether the
following parts:

6.1 OVERVIEW
6.2 RISK ASSESSMENT
6.3 MACHINE GUARDING REQUIREMENTS
6.4 SAFETY FUNCTIONS
6.5 CONTROL OF HAZARDOUS ENERGY
6.6 VALIDATION
6.7 CE-MARKING & DOCUMENTATION

Page 2 of 19
Machine Safety Standard - Book 6.1

REVISIONS

Version Author Modification Released

V1.0 Rockwell Automation First Release 18/09/2017

PREVIOUS MARS STANDARD INTERCONNECTED REFERENCES

NONE

Page 3 of 19
Machine Safety Standard - Book 6.1

5.1. OVERVIEW

5.1.1. Scope

This section gives general information on the different chapters which compose this Mars machine safety standard.

5.1.2. Attendance

This section is intended for personnel involved in machine safety and needs a quick reference guide about matters treated in
detail in each book. In all the books mentioned below it is assumed that the safety designs are developed by competent, trained
personnel.

5.1.3. Books Presentation

o Book 6.1 Overview

The present book you are reading.

It is accompanied by the 6.1 Flow chart available as a size A0 poster or multiple size A3 pages. An A4 version
is attached in Appendix C.

o Book 6.2 Risk Assessment

This book gives guidance and a methodology to perform a risk assessment in accordance with EN ISO
12100:2010.

A risk assessment in an overall process. The goal of a risk assessment is to identify all hazard situations
associated to the use of a defined machine (or part of), then to estimate and evaluate the related risks in order
that the too high risks can be adequately reduced i.e. reduced according to the related standards.

All machinery (old or new) shall have its own documented risk assessment. Updating of this document is
necessary in case of any modification impacting operator safety and/or machine characteristics.

The best way to conduct a risk assessment is to form a team bringing different experiences and expertise and
knowledge about the use of the machine and the related required safety standards.

This book is intended for this team which usually consist of project engineers, maintenance engineers,
operations personal and SES/HSE personal. A team needs a minimum of 2 people, this team will have a
leader, usually, the Project manager.

Trainings on Safety of machinery standards are recommended, Functional Safety Certification as well but
cannot be imposed and are not compulsory.

From the outcome of a risk assessment, remediation project and safety requirements specification can be
developed in order to create a safer and compliant machine.

Page 4 of 19
Machine Safety Standard - Book 6.1

o Book 6.3 Machine Guarding Requirements

This chapter gives information, guidance and requirement about Guarding solutions.

After risk assessment has been performed and machine needs upgrading, safety measures shall be identified,
designed and implemented to reduce the risks in an adequate manner as defined in the related risk assessment
document.

On existing machine, if the possibly to design out the risks is almost impossible then the first safety measure is
provide Guarding. Guarding needs to comply with applicable standards to close the related gaps.

Special requirements for Full Body Access (operator) are given in this book in order to ensure that people
cannot be imprisoned inside the guarded area and the machine restarted.

The use of this book is mostly intended for Engineers in charge of (remediation) design (Electrical, Mechanical,
Pneumatic and Hydraulic).

Typically, works are executed by trained personnel from the Maintenance department or by a competent
external System Integrator under supervision of a Project manager.

o Book 6.4 Safety Functions

This chapter provides references and requirement regarding design of Safety Related Part of Control System
(SRP/CS) providing safety function(s) per EN ISO 13849-1:2015 about typical safety functions architectures.

After risk assessment has been performed and indicates that machine upgrading with safe operator access is
required, Safety functions need to be identified, designed and implemented in order to reduce the risks
according with ISO13849 to ensure safe interaction.

Several safety functions can be used and mixed. (Interlocking guard with or without guard locking, Light
Curtain, E-stop etc.).

The use of this book is mostly intended for Engineers in charge of (remediation) design (Electrical, Pneumatic
and Hydraulic).

Typically, works are executed by trained personnel from the Maintenance department or by a competent
external System Integrator under supervision of a Project manager.

o Book 6.5 Control of Hazardous Energy

This chapter gives basic information about means aimed at preventing unexpected machine start-up from
energy source to allow safe human interventions in danger zones.

The purpose of the control of hazardous energy is ensuring right procedure for full machine shut down and
avoid unexpected machine start-up, therefore all energy sources need to have Switch-off & Lock capabilities.

Page 5 of 19
Machine Safety Standard - Book 6.1

Special requirements for Full Body Access (operator) are given in this book in order to ensure that machine
cannot be restarted with people inside the guarded area.

The use of this book is mostly intended for Engineers in charge of (remediation) design (Electrical, Pneumatic
and Hydraulic).

Typically, works are executed by trained personnel from Maintenance department or by competent external
System Integrator under supervision of Project manager.

o Book 6.6 Validation

This book gives provisions about validation process of safety functions in accordance with EN ISO 13849-
2:2015

The purpose of the Validation process is ensuring machine changes and SRP/CS implementation meet the
requirements.

During that process, the Safety Functions are tested to ensure that they work properly.

The Safety Functions are tested in normal condition and under fault conditions according to standard
requirements.

The use of this book is mostly intended for Engineers in charge of (remediation) design (Electrical, Mechanical,
Pneumatic and Hydraulic).

The Validation checklist can be written by design engineers as the checklist came from the SRS. However,
checks and tests shall be executed by competent personnel not involved in design stage (e.g. Maintenance
Personnel)

o Book 6.7 Ce-Marking & Documentation

This book explains the main health and safety requirements for a machinery to be put into service in the EU
market.

All machines produced for EU market require CE marking and related documentation.

All machine changes need proof of correct changes updating the Technical File.

However, the manufacturer is not obliged to deliver elements from the related technical file to customer.

Therefore, in addition to the mandatory documentation required by CE marking rules, MARS Site Purchase
Office shall include in its Request For Quotation at least the delivery of the followings documents:

 Risk assessment report

 Safety requirement specifications related to the safety functions installed on the machinery
 Performance Level calculations of those safety functions.
 Validation checklist.

Page 6 of 19
Machine Safety Standard - Book 6.1

5.1.4. Use of Books

5.1.4.1. Existing Machines

Remark:

The outlined process here below shall be applied also to new machines from different OEMs put together by Mars
personnel and/or SI to create a production line.

In the case of this process has been already done and documentation is available for each single machines, it will be
necessary to apply again such process but only on the machine connection points. The same in the case of assembly
of existing machines or existing and new machines.

Otherwise, application of this process shall be done on each machine AND connection point in order to cover all the
line production.

On the risk assessment, the determination of limits of machinery part shall define exactly where each machine begins
and finishes.

Step 1: Risk assessment execution.

 Book 6.2 Risk Assessment

Step 2: Choice and Definition of Guarding measures to reduce adequately too high risks.
 Book 6.3 Machine Guarding requirements

For solutions including Functional Safety

 Book 6.4 Safety functions

Step 3a: Design and Verification of Guarding solutions.

 Book 6.3 Machine Guarding requirements
 Book 6.4 Safety functions

Step 3b: Design and verification of LOTO devices/procedures

 Book 6.5 Control of Hazardous Energy

Step 4: Implementation of remediation works

Step 5: Validation of implemented measures.

 Book 6.6 Validation

Page 7 of 19
Machine Safety Standard - Book 6.1

5.1.4.2. New Machines

5.1.4.2.1. Machine for MARS site located in EU

 Book 6.7 CE-Marking & Documentation

5.1.4.2.2. Machine from EU OEM for MARS site located outside EU

MARS Request For Quotation shall include following request:

- CE Marking (Declaration of conformity, CE mark, Use and Maintenance Manuals with schematics)
- OEM Technical File documentation:
 Risk assessment report
 Safety requirement specifications related to the safety functions installed on the machinery
 Performance Level calculations of those safety functions.
 Validation checklist.

Refer to Book 6.7 CE-Marking & Documentation for additional information

5.1.4.2.3. Machinery from no EU OEM for MARS plant out of EU

MARS Request For Quotation shall include following request:

 Statement of conformity to international standards and or local standards/rules
 Use and Maintenance Manuals with schematics (electrical, pneumatic, hydraulic…)
 Risk assessment report
 Safety requirement specifications related to the safety functions installed on the machinery
 Performance Level calculations of those safety functions.
 Validation checklist.

Refer to Book 6.7 CE-Marking & Documentation for additional info about documentation delivery concept.

5.1.4.3. New Implementation by System Integrator

Where applicable, depending on the nature of the intervention and SI involvement level, MARS Request For Quotation
shall include total or part of the following documents:
 Statement of conformity to international standards and or local standards/rules
 Updating of original Use and Maintenance Manuals and/or schematics (electrical, pneumatic…)
 Risk assessment report
 Safety requirement specifications related to the safety functions installed on the machinery
 Performance Level calculations of those safety functions.
 Validation checklist.

Page 8 of 19
Machine Safety Standard - Book 6.1

5.1.5. Additional Definitions/Requirements

5.1.5.1. Machine Definition

Machine/Machinery definition:

Assembly, fitted with or intended to be fitted with a drive system consisting of linked parts or components, at least one
of which moves, and which are joined together for a specific application.

The term “machinery” also covers an assembly of machines which, in order to achieve the same end, are arranged
and controlled so that they function as an integral whole.

Source: EN ISO 12100:2010

5.1.5.2. Need of Emergency Stop

The requirements for E-stop apply to all machines, with exception to:
• machines where an emergency stop would not reduce the risk;
• hand-held or hand-operated machines.

Emergency stop (E-stop)/ emergency stop function is intended to

• avert arising or reduce existing hazards to persons, damage to machinery or to work in
progress, and
• be initiated by a single human action

The emergency stop function shall be available and operational at all times. It shall override all other functions and
operations in all operating modes of the machine without impairing other protective functions.

In other words, except on rare cases, even if the E-stop function is a complementary protective measure, all
machinery shall have at least an emergency stop function.

Source: EN ISO 13850:2015

5.1.5.3. OSHA and US Mars Facilities

• OHSA is a federal regulation for all Mars facilities in the US and possessions – enforced by law.
• “The employer shall furnish to each of his employees employment and a place of employment which are free from
recognized hazards that are causing or are likely to cause death or serious physical harm to his employees.”
• “Each employee shall comply with occupational safety and health standards and all rules, regulations, and orders
issued pursuant to the ACT which are applicable to his own actions and conduct.”
• OHSA is not a how to standard. “How to” is addressed by other standards such as ANSI, NFPA, Mars
specification documents, etc.
• Use ANSI standards as reference. They are not a legal requirement except as listed in OSHA as “Incorporated by
Reference” and those adopted into law by local or state governments.
• Refer to US standards listed in Appendix A.

Page 9 of 19
Machine Safety Standard - Book 6.1

5.1.5.4. Additional requirements for Mars Facilities in the US

• Refer to the local site electrical requirements
• The CE mark is not necessarily recognized in the US. For machines coming from Europe at a minimum all
components shall be UL listed and labeled or approved by a NTRL and listed or supplied with a letter of
conformity.
• Optionally, a request may be made for a machine from Europe, CE marked or not, to have a NRTL inspect the
machine at the vender prior to delivery to the Mars facility in the US. This option should be included in the request
for quotation (RFQ) before purchasing a machine.

Page 10 of 19
Machine Safety Standard - Book 6.1
List of reference standards (not exhaustive)
Type A and B International Standards
REFERENCE
EN ISO 12100:2010
ANSI/ISO 12100:2015
EN 60204-1:2006+A1:2009
IEC 60204-1+A1:2008
EN ISO 13849-1:2015
EN ISO 13849-2:2012
EN ISO 13850:2015
EN ISO 13855:2010
EN ISO 13857:2008
EN ISO 14120:2015
EN ISO 14119:2013
EN ISO 4413:2010
EN ISO 4414:2010
EN 1037:1995+A1:2008
ISO 14118:2000
ANSI/ASSE Z244.1-2016
EN 62061:2005+A2:2015
IEC 62061:2005+A2:2015
EN 349:1993+A1:2008
EN 547-1:1996+A1:2008
EN 547-2:1996+A1:2008
EN 574:1996+A1:2008
ISO 13851:2002
EN ISO 13856-1:2013
EN ISO 13856-2:2013
EN ISO 13856-3:2013
EN 61496-1:2004+A1:2008
EN 619:2011
EN 620:2002+A1:2010
EN 61496-1:2013
IEC 61496-1:2012
STANDARDS TITLE
Safety of machinery - General principles for design - Risk assessment and risk reduction
Safety of machinery - Electrical equipment of machines - Part 1: General requirements (IEC
60204-1:2009-02)
Safety of machinery-Safety-related parts of control systems. General principles for design
Safety of machinery- Safety-related parts of control systems. Validation
Safety of machinery-Emergency stop-Principles for design
Safety of machinery- Positioning of safeguards with respect to the approach speeds of parts
of the human body
Safety of machinery - Safety distances to prevent danger zones being reached by the upper
and lower limbs.
Safety of machinery - Guards - General requirements for the design and construction of fixed
and movable guards
Safety of machinery -Interlocking devices associated with guards - Principles for design and
selection
Hydraulic fluid power - General rules and safety requirements for systems and their
components
Pneumatic fluid power - General rules and safety requirements for systems and their
components
Safety of machinery-Prevention of unexpected start-up
Control of Hazardous Energy
Lockout/Tagout and Alternative Methods
Safety of machinery-Functional safety of safety-related electrical, electronic and
programmable electronic control systems
Safety of machinery - Minimum gaps to avoid crushing of parts of the human body
Safety of machinery - Human body measurement - Part 1 principles for determining the
dimensions required for access openings
Safety of machinery - Human body measurement - Part 2 principles for determining the
dimensions required for access openings
Safety of machinery - Two-hand control devices - Functional aspects - Principals for design
Safety of machinery - Pressure-sensitive protective devices Part 1: General principles for
design and testing of pressure-sensitive mats and pressure-sensitive floors
Safety of machinery - Pressure-sensitive protective devices Part 2: General principles for
design and testing of pressure-sensitive edges and pressure-sensitive bars
Safety of machinery - Pressure-sensitive protective devices Part 3: General principles for
design and testing of pressure-sensitive bumpers, plates, wires and similar devices
Safety of machinery- Electro-sensitive protective equipment Part 1: General requirements and
tests
Continuous handling equipment and systems-Safety and EMC requirements for equipment
for mechanical handling of unit loads
Continuous handling equipment and systems-Safety and EMC requirements for fixed belt
conveyors for bulk materials
Safety of machinery - Electro-sensitive protective equipment Part 1: General requirements
and tests
Page 11 of 19
Machine Safety Standard - Book 6.1

REFERENCE STANDARDS TITLE

EN 61496-2:2013 Safety of machinery - Electro-sensitive protective equipment. Particular requirements for
IEC 61496-2:2013 equipment using active opto-electronic protective devices (AOPDs)
EN 61496-3:2001 Safety of machinery - Electro-sensitive protective equipment - Part 3: Particular requirements
IEC 61496-3:2008 for Active Opto-electronic Protective Devices responsive to Diffuse Reflection (AOPDDR)

Type C Standard (EN Harmonized standard only)

REFERENCE STANDARDS TITLE

EN 415-1:2014 Safety of packaging machines - Part 1: Terminology and classification of packaging machines and
associated equipment
EN 415-3:1999+A1:2009 Safety of packaging machines - Part 3: Form, fill and seal machines
EN 415-4:1998 Safety of packaging machines - Part 4: Palletizers and depalletizers
EN 415-5:2006+A1:2009 Safety of packaging machines - Part 5: Wrapping machines
EN 415-6:2013 Safety of packaging machines - Part 6: Pallet wrapping machines
EN 415-7:2006+A1:2009 Safety of packaging machines - Part 7: Group and secondary packaging machines
EN 415-8:2008 Safety of packaging machines - Part 8: Strapping machines
EN 415-10:2014 Safety of packaging machines - Part 10: General Requirements

EN 12267:2003+A1:2010 Food processing machinery - Circular saw machines - Safety and hygiene requirements
EN 12268:2014 Food processing machinery - Band saw machines - Safety and hygiene requirements
EN 12331:2015 Food processing machinery - Mincing machines - Safety and hygiene requirements
EN 12463:2014 Food processing machinery - Filling machines and auxiliary machines - Safety and hygiene
requirements
EN 12505:2000+A1:2009 Food processing machinery - Centrifugal machines for processing edible oils and fats - Safety and
hygiene requirements
EN 12852:2001+A1:2010 Food processing machinery - Food processors and blenders - Safety and hygiene requirements
EN 12854:2003+A1:2010 Food processing machinery - Beam mixers - Safety and hygiene requirements
EN 12855:2003+A1:2010 Food processing machinery - Rotating bowl cutters - Safety and hygiene requirements
EN 13570:2005+A1:2010 Food processing machinery - Mixing machines - Safety and hygiene requirements
EN 13870:2015 Food processing machinery - Portion cutting machines - Safety and hygiene requirements
EN 13871:2014 Food processing machinery - Cubes cutting machinery - Safety and hygiene requirements
EN 13885:2005+A1:2010 Food processing machinery - Clipping machines - Safety and hygiene requirements
EN 13954:2005+A1:2010 Food processing machinery - Bread slicers - Safety and hygiene requirements
EN 692:2005+A1:2009 Machine tools - Mechanical presses - Safety
EN 693:2001+A2:2011 Machine tools - Safety - Hydraulic presses
EN 13736:2003+A1:2009 Safety of machine tools - Pneumatic presses

US Standards only

REFERENCE STANDARDS TITLE

OSHA 1910.147 Control of Hazardous Energy (LOTO)
OSHA 1910.212 Machine Guarding Requirements (General requirements for all machines)
OSHA 1910.219 Mechanical Power Transmission Apparatus

OSHA REFERENCED STANDARDS TITLE

STANDARDS
ANSI Z244.1 Control of Hazardous Energy: Lockout/Tagout & Alternate Methods
ANSI B11.19 Performance Requirements for Guarding
ANSI/RIA R15.06 Industrial Robots and Robot Systems
NFPA 79 Electrical Standard for Industrial Machines (NEC)

Page 12 of 19
Machine Safety Standard - Book 6.1

Glossary

ACRONYM Meaning
ANSI American National Standards
AOPD Active Optoelectronic Protecting Device
AOPDDR Active Optoelectronic Protecting Device responsive to Diffuse Refection
CCF Common Cause Failure
CE European Conformity, CE Marking
CEN European Committee for Standardization
DC (AVG) Diagnostic Coverage (Average)
EEA European Economic Area
EN European Standard (harmonised)
ESPE Electro-Sensitive Protective Equipment
EU European Union
FSM Functional Safety Management
FT Fault Tolerance
HRN Hazard Rating Number
LO Likelihood of Occurrence of coming into contact with the hazard
FE Frequency of Exposure
DPH Degree of Possible harm
NP Number of Persons exposed at the risk
ISO International Organization for Standardization
LOTO Lockout-Tagout
MTTFD Mean time to dangerous failure
NFPA National Fire Protection Association
NRTL Nationally Recognized Testing Laboratory
OEM Original Equipment Manufacturer
OSHA Occupational Safety and Health Administration
PFHD Average probability of a dangerous failure per hour
PIPDS Passive Infra-red Protecting Device
PL Performance Level
PLR required Performance Level
PSE Pressure Sensitive Edge
SI Systems Integrator
SIL Safety Integrity Level
SRECS Safety-related electrical control system
SRP/CS Safety Related Part of a Control System
SRS Safety Requirements Specification
STO Safe Torque Off
UL Underwriters Laboratories

Page 13 of 19
Machine Safety Standard - Book 6.1

Flow Chart
Please note that the flow chart is available as a detailed size A0 poster and also in a simplified A3 (split over multiple pages).
The simplified version is included here as a quick reference.

The outlined process here below shall be applied also to new machines from different OEMs put together by Mars personnel and/or SI to create a production
line. In the case of this process has been already done and documentation is available for each single machines, it will be necessary to apply again such
process but only on the machine connection points. The same in the case of assembly of existing machines or existing and new machines.

Otherwise, application of this process shall be done on each machine AND connection point in order to cover all the line production.

On the risk assessment, the determination of limits of machinery part shall define exactly where each machine begins and finishes.

2 From Failed Validation 2

START

No
NO: To Safety Design
Project (internal or contracted) to
implement the safety designs

Safety Design Validation

Existing Are all the risks Remediation Validation
Risk Assesment (Repeat for all Yes Successful
Machines adequately reduced
identified Risks)

HRN Risk Assesment Risk reduction

with score corrective measures YES
Validation Checklist
NO: Purchasing Guarding

END

NO Safety Safety Designs

Functions
Will the Vendor
Is the Factory in supply the risk
NO
the EU assesment
documentation?
LOTO

YES YES NO

Ensure VENDOR
Follow the Q&A as
supplies
per 6.7 CE Documented Minor
documentation &
MARKING LOTO Procedure Intervention
validate (similar
per 6.7 CE Procedure
MARKING)

YES Satisfied?
Training Department

END

Page 14 of 19
Machine Safety Standard - Book 6.1

Risk Assesment

Determine the
limits of the Reference Guide:
machinery
BOOK 6.2 RISK
ASSESSMENT

Hazard
Identification

HRN Risk Assesment

Initial risk estimate with score

Risk reduction
Risk Reduction corrective measures

Design
Priority for Risk
Reduction Guard

Inform for use

Role Responsibility
The team shall have a team leader. The team leader is fully responsible for
ensuring that all the task involved in planning performing and documenting
Team Leader
the risk assessment are carried out and that the results/recommendation
(1)
are reported to the appropriate person(s)

The team includes those people who:

a. Can answer technical questions about design and functions of the
machinery,
b. Have actual experience of how the machine is operated, set-up,
Team Members
maintained, serviced, etc.,
(At least 1 not
c. Have knowledge of the accident history if this type of machinery,
including the Team
d. Have a good understanding of the relevant regulation, standards and in
Leader)
particular ISO 12100 and any specific safety issues associated with the
machinery, and
e. Understand human factors.

HRN Risk Assesment

Outputs with score

Risk reduction
corrective measures

Page 15 of 19
Machine Safety Standard - Book 6.1

Guarding

Reference Guide:
BOOK 6.3 GUARDING
Analysis of the
Hazards and Risk REQUIREMENTS
Reduction Plan
SEE Risk Assesment

Hazards generated by moving

Hazards generated
parts contributing to the work
by moving
(directly involved in the process
transmission parts
eg tools)

Fixed Guards
Can these elements be 6.3.3.1
Fixed Guards made completely NO
6.3.3.1 inaccessible while working? OR
Interlocking
OR movable Guards
Interlocking 6.3.3.2
movable Guards
6.3.3.2

Protective Devices
6.3.4
YES

OR
Fixed Guards
6.3.3.1

OR
Interlocking
movable Guards
6.3.3.2

Guard Design

Role Responsibility

Engineer
Engineer in charge of remediation of the specific hazard
(1 or more)

Outputs Guard Design

Page 16 of 19
Machine Safety Standard - Book 6.1

Safety
Functions

When risk reduction requires a protective measure depending on a control system, a

Safety Related Part of Control System (SRP/CS) shall be designed following a specific
process
Reference Guide:
BOOK 6.4 SAFETY
Identify the safety function to FUNCTIONS
be performed by SRP / CS See
RISK ASSESMENT

Specify the required

characteristics

Determine the
required PL

Design & technical realisation

of the safety function:
Identify the safety related
parts which carry out the
safety function

Evaluate the performance

level considering:
- Category
- MTTF
- DC
- CCF
- Systematic failure
- if existing: software of the
abovesafety related parts

Verification of PL
Is PL > PL(required)

Validation:
Are all
requirements
met?

Safety Function
Designs

Role Responsibility

Engineer
Engineer in charge of remediation of the specific hazard
(1 or more)

Safety Function
Outputs Designs

Page 17 of 19
Machine Safety Standard - Book 6.1

LOTO

Keeping a machine in a stopped condition while persons are present in danger zones is
one of the most important conditions of the safe use of machinery and hence one of the
major aims of the machine designer and machine user. Reference Guide:
The risk assessment relating to the presence of persons in a danger zone of a stopped BOOK 6.5 CONTROL OF
machine needs to take into account the probability of an unexpected start-up of the HAZARDOUS ENERGY
hazard-generating elements.

Access to the hazard

Select a Guard
zone required during NO
See GUARDING
normal operation

YES

Where access to the hazard zone is required for machine setting,

teaching, process, changeover, fault-finding, cleaning or maintenance:

According to Mars LOTO Standard, LOTO or "Exception to LOTO

permit" is required for these.

activities that are routine,

repetitive, and integral to
Documented Minor
production and performed
Minor Intervention Intervention
during production operations Yes
6.5.3.3 Procedure
(clearing routine jams, cleaning,
jogging, etc.) but are not part of
actual production. No

Measures for
isolation & energy LOTO Procedure
dissipation
6.5.3.4

LOTO Design

Role Responsibility

Engineer
Engineer in charge of remediation of the specific hazard
(1 or more)

LOTO Design
Outputs

LOTO Procedure
Training Department

Documented Minor
Intervention
Procedure

Page 18 of 19
Machine Safety Standard - Book 6.1

Validation

The purpose of the validation process is to confirm that the design of each Safety Function
supports the overall safety requirements specification for the machinery

Inputs EN ISO 13849-2:2012 Outputs

SRS Specification Validation Checklist

Drawings &
Specifications

Functional
description of circuit
diagram

Time sequence
diagram

Component Lists

Analysis of all
relevant faults

Role Responsibility

Reference Guide:
Engineer Person(s) responsible for carrying out the validation of safety functions BOOK 6.6 VALIDATION
(1 or more) once implemented

Page 19 of 19