VFD Emergency Stop Fail Safe requirements

[Nomadic]

Is there a requirement that all Emergency Stop's be integrated in logic in a fail safe (N.C.) manner?

I looked in NFPA 79 and couldnt find anything of the sort. I have a situation where local and remote E-Stops are incorporated N.O in parallel along with other "alarms" which generate a common VFD Fail alarm. The Fail in turn kills the VFD start circuit.

Thoughts?

 

[markstg]

Is there a requirement that all Emergency Stop's be integrated in logic in a fail safe (N.C.) manner?

I looked in NFPA 79 and couldnt find anything of the sort. I have a situation where local and remote E-Stops are incorporated N.O in parallel along with other "alarms" which generate a common VFD Fail alarm. The Fail in turn kills the VFD start circuit.

Thoughts?

I found a NFPA 79 Errata to the 2007 edition which adds an Annex H: which has a section titled "Minimizing the Probability of Control Function Failure", in which it states amogst other things:

1. Use Proven Circuit Techniques
2. Stopping by De-energizing

Note: it also says the Annex is not apart of the NFPA 79 standard, but is included for informational purposes.

Hope this helps.

PS: E-stops and just plain stops to VFD's at my facility are wired open to stop, and the output contact of the VFD to trip the control contactor are open to trip.

 

[pfalcon]

Disclaimer: NFPA79:2007 is a voluntary standard, not legal code.

There is nothing specific about VFDs in any standard. Rather they are covered under the general treatment of Estops. See Section 9.2, especially 9.2.5.3 on Stops.

Emergency stops in the United States are generally considered to be safety circuits. Before using logic to control Estops please read up on section 9.4.3.4 "Use in Safety-Related Functions."

As general statements to your original question::
It is required to implement all Emergency Stop functions in a fail-safe manner without exception.
It is required to implement all Emergency Stop functions using safety-listed hardware or software without exception.

 

[petersonra]

As general statements to your original question::
It is required to implement all Emergency Stop functions in a fail-safe manner without exception.

I am inclined to agree this is a good idea but i am not sure you actually mean fail safe so much as control safe.

It is required to implement all Emergency Stop functions using safety-listed hardware or software without exception.

I was not aware of this requirement? Where would one find this requirement?

 

[pfalcon]

As general statements to your original question::
It is required to implement all Emergency Stop functions in a fail-safe manner without exception.

I am inclined to agree this is a good idea but i am not sure you actually mean fail safe so much as control safe.

"Control Reliable" would be the failure of a single component not leading to a loss of the safety system. Such as using two proximity switches rather than one.
"Fail-Safe" would be the failure of a single component triggers the safety system to respond such as placing two in series or, as common with an Estop circuit, closed permits function while open/broken/shorted trips the circuit.

It is required to implement all Emergency Stop functions using safety-listed hardware or software without exception.

I was not aware of this requirement? Where would one find this requirement?

The statements were given as "General" statements because (1) they vary between applications and (2) they are not quite universal but on their way.
ex: (Robots) RIA15.06-1999:4.5.2 "should be safety-rated"; which doesn't require listing but how else would you know?
ex: (Industrial Machines) NFPA79:2007:9.4.3.4.1 "Software and firmware to be used in safety-related functions shall be listed for such use." and though I can't find the same statement for hardware I'm not silly enough to think OSHA would let me get away without applying it.

They HAVE added

Use of proven circuit techniques and components.

And since I'm not going to test all my individual components to prove them; I'm going listed.

I know we've discussed NFPA79 as voluntary and to my knowledge it's not yet required anywhere. The lead Robotic safety standard RIA15.06 lists it as a prime reference source requiring Estop to comply with NFPA79. The lead mechanical press standard ANSI B11.19 lists it as a prime reference source and recommends building to it. I'm not going to fight the trend. By my guidance my company has adopted NFPA79 as part of its core electrical specifications. And we will read the tea leaves of 9.4.1.1(3) and go with listed equipment. But that's just me and mine.

Sorry about rambling but; as you said - I'm not really working with a solid reference here. And that's why I stated it was "general".