I understand e-stops can't be fully trusted for loto, but it's common practice in many circumstances, at least where I'm at.
In fact Most e-stop buttons on machinery here are designed with a loop to accept a hasp and lock.
If I had to position myself in a potentially dangerous situation, I would certainly turn off the main disconnect or at least isolate power nearby. But honestly, for many simple tasks like adjusting a switch, it's often not feasible to shut off the main disconnect.
To recover some machines from a full power down can often take considerable time with the risk of damaging (as you mentioned) VFDs of other electronics.
Again, I get that emergency circuits can't always be trusted but I aways thought power supplying plc outputs should be removed provided it doesn't cause an additional hazard.
I guess that's not the case.
Let’s be clear here. Assuming this is US jurisdiction (others may be different) there are quite literally over a dozen “LOTO” regulations put out by OSHA. Most people are familiar with 1910.147 and a lot assume that this is THE LOTO regulation but it’s not. This section requires that you physically disconnect or discharge all energy sources. Disconnecting control power is not enough. The reason is for instance I could (stupidly) jumper out your lock. I have todo this sometimes for electrical testing and it’s far easier to disable controls than most people realize.
Sub chapter O for production really just requires risks assessments and a procedure. You could lock out controls and that’s what safe torque off is all about.
Sub chapter S is the most familiar “electrical” lockout. This is the only regulation that limits and restricts energized work. It requires 147 style lockout plus testing for absence of voltage and sometimes grounding.
1910.269 is for utilities and has 4 different LOTO rules. No restrictions on energized work. One of them only requires tags (no locks).
1926 (construction) only requires tags, no locks. It consists of just 2 sentences.
Don’t forget for instance batteries...you can’t turnoff power and substation (125 VDC) batteries don’t commonly have disconnects and there is no physical way to kill power.
So locking out control power or even the requirement for lockout even within the US depends on what you are working on and where you are and the type of work.
Aside from that keep in mind that OSHA ONLY requires E Stops for a type of metal forming press. There are rules for how to handle E Stops if you have them but no requirement for them. Here is the issue speaking from a safety engineering point of view. Tons of research has shown that under non emergency situations human error rates tend to be roughly 10%. Under emergency conditions this jumps to 40.%. Human error rates are so abysmal they are unreliable for much of anything so E Stops are all but a waste of time. Second issue is that they are abused by management. One use is a catch all...if anything we haven’t thought of happens, use the E Stop. Obviously that just says you didn’t do a proper risk assessment. Even worse is using the E Stop in lieu of ANY risk assessment...if anything goes wrong we just make the operator responsible. Remember...40% error rate. In my mind it’s better to take E Stops off the table and from a safety point of view I treat them as an afterthought. In 30 years of industrial engineering I’ve seen an E stop used as it is intended successfully exactly one time to stop a DC motor that took off as it went into over speed and almost took down a 300 foot long crane boom. That is hardly what I would consider a justification for the hundreds of others where they are used improperly or not at all.