Features Health and Safety Maintenance Sawmilling
CSIDs: Simplifying sawmill lockout with energy isolation

Scott Atchison, project manager at EACOM Timber Corporation, says that weekend maintenance teams at any of their nine operations are exposed to as many as 80 lockout scenarios per weekend, per site. “Our lockout, bump test and visual verification process can take anywhere from five to 30 minutes at each instance,” he says.

When a sawmill, like those operated by EACOM, is looking to perform maintenance on its planers, conveyors, stackers, log lines, and other equipment, worker safety must be protected by individually isolating all energy sources through the lockout/tagout process. The de facto standard for sawmills has been to individually lock-out and test all energy sources for each process, which can collectively take upwards of several hours. In addition to the lost productivity associated with this time-consuming process, there is also a risk of making mistakes, with a single missed disconnect leaving the possibility of a catastrophic accident.

A new technology class called control system isolation devices (CSIDs) is now disrupting the status quo.

With CSIDs, non-electrical technicians can quickly and safely lock-out entire circuits from a central master unit, with continuous validation of energy isolation from self-monitoring “smart” disconnects.

This technology offers to enhance the safety of maintenance technicians, while also giving hundreds of productive hours that are currently being lost to administering lockout/tagout back to an operation.

CSIDs differ from stop-button, selector switches, or PLCs with control circuits in that they are not intended to merely stop energy, but rather disconnect the main power of equipment or processes with safety-rated electromechanical devices. They are composed of a central lockout device and energy isolating devices for electrical, hydraulic, and pneumatic circuits located throughout a plant, allowing for simultaneous isolation and monitoring of an entire system of equipment.

Many Canadian regulators have already given the nod to these technologies, and, in the United States, the Occupational Safety and Health Administration is exploring this practice with an open call for feedback from operators and product manufacturers. However, regulations for what constitutes an effective CSID are strict. In WorkSafeBC’s 2019 report “Controlling Hazardous Energy: De-Energization and Lockout,” it is mandated for systems to comply with performance levels for safety as described in ISO 13849-1: Safety-related parts of control systems, and CSA Z460-13: Control of Hazardous Energy. Other bodies also require adherence to standards such as IEC 62061 and 60204 regarding safety of machinery for electronics and design of electrical equipment, amongst other locally relevant standards.

To meet these standards, systems must have components that are control-reliable and safety-rated, utilize hardware rated for millions of cycles without failure, and they must fail-safe in the event of a fault.

Daryl Dominique, CMSE (certified machinery safety expert) and product manager at SafeBox Systems, a vendor of CSIDs, says, “Over the past decade, functional safety standards, regulations, and technology have advanced to the point that CSIDs are now a viable option to improve lockout/tagout. However, while they are a fit for many plants, not all facilities are candidates, and there are many factors that should be considered before taking the plunge.”

Some terms you may come across as you investigate this technology include:

PLe: From ISO 13849-1. Robust safety measures are required for hazards that have severe consequences, occur frequently, and have a high probability of injury should protocols not be followed. For engineered solutions, PLe dictates the highest level of a safety system.

CAT IV Safety: Also from ISO 13849-1, CAT IV system architecture is required for PLe applications. Meeting this level requires continued performance of the safety function in the presence of a fault, detection of faults in time to prevent the loss of the safety function, and that potential accumulation of undetected faults is considered. A system must have independent, self-monitoring safety outputs that operate independently should one fail to avoid any unsafe state. In the event of any discrepancy, the unit will not be able to re-energize before the fault is corrected.

SIL3: IEC 61508’s Safety Integrity Level 3 or SIL3 standard is defined as “freedom from unacceptable risk of harm.” It encompasses the engineered system, in addition to each individual component to validate that a system does not fail to a dangerous state. For a CSID implementation, a SIL3 rating is a necessary condition.

For plants looking to implement and benefit from this technology, there are often pre-start health reviews, internal policies and procedures, employee training changes to be considered, and regulatory approval requirements. As such, it is recommended that a qualified professional be consulted before designing and implementing a system.

Thanks to advances in energy isolation standards and the emergence of CSIDs, plant owners can now enhance the safety of their maintenance teams while reducing downtime of their critical assets.

Marcus Thomson is a business development manager at SafeBox Systems. Reach him at Marcus.Thomson@safeboxsystems.com.