An often underestimated problem in machine safety is fault masking. This means that an error that occurs is overwritten or concealed by other, subsequent errors.
This phenomenon can lead to the actual cause remaining undetected. This in turn can lead to serious safety risks, increased downtime and high costs.
In this article, we explain what exactly happens during fault masking and how it can be avoided.
What is meant by the term "fault masking"?
Fault masking refers to the masking of one fault by another so that the original fault is no longer recognizable.
For example, a machine failure due to a defective sensor can mask an underlying mechanical fault. In such cases, the actual fault remains, which can lead to more serious problems in the long term.
In our video we have explained the topic in detail.
Fault masking using the example of a series connection
Protective devices on machines are often safeguarded with mechanical safety switches. Depending on the required safety level (performance level) of the safety function, these are typically connected in seriesin TWO CHANNELS. This two-channel series connection is then connected to a safety relay.
In production processes where machines or components are connected in series, the effects of fault masking can be particularly pronounced.
Imagine that a contact problem occurs on ONE channel, on ONE switch. To be more precise: A switching contact of the switch is defective and remains permanently closed. After opening the corresponding protective device or operating the switch, only one channel of the series connection is switched off.
BUT, this fault is detected by the safety evaluation system and the machine can be stopped safely. So far, so good.
However, if a FURTHER switch is then actuated, i.e. a second protective device is opened, this switch opensboth channels of the series connection again. From the point of view of the safety evaluation, everything seems to be in order again, the fault has been overwritten or masked by the second switch.
Now imagine that the second protective device is always opened first and only then the first. In this case, the fault in the first switch would ALWAYS be masked by the second switch.
This error masking means that a wiring fault on this switch is not detected, which can ultimately lead to a dangerous situation for the machine operator.
What consequences can undetected error masking have?
In the "functional safety of machines", single-fault safety often applies (depending on the performance level of the safety function).
This means that a fault that occurs does notleadto the failure of the safety function. However, if such a fault is not detected or is concealed, it cannot be rectified. It can therefore happen that a second error occurs.
In the case shown above, for example, the second switching contact of the first switch could also fail after a certain time and remain permanently closed. This would render this safety function completely inoperative and the machine could no longer be stopped by this function. This would represent a considerable safety risk for personnel.
If a error mask is not detected or rectified, this can have serious consequences. Possible consequences are e.g:
- Safety risks for staff
- Increased downtime
- Higher maintenance costs
How can fault masking be avoided in functional machine safety?
One option would be to generally dispense with series connection in the safety functions. However, this leads to increased material costs, longer installation times and therefore significantly higher costs.
However, the problem of error masking can also be solved without dispensing with series connection: With an intelligent electronic sensor.
In our case, this is the SRF safety sensor, an electronic safety sensor based on RFID. The decisive difference: it has self-monitoring electronic outputs.
The SRF sensors know at all times whether there isa fault in the safety channels or not. In the event of a fault, they switch off the system in a controlled manner. The decisive advantage: the system cannot be restarted in the event of a fault.
The risk of a second, dangerous failure is therefore averted.
This is why the SRF is called "smart". That's why it switches safely - even in series connection. With the Smart Safety Sensor from BERNSTEIN, the problem of fault masking is a thing of the past.
Conclusion: Why fault masking should not be underestimated
Undetected fault masking poses considerable risks in the long term, both for the safety and reliability of machines. It is therefore crucial to rely on systems that precisely detect and effectively prevent faults. Intelligent safety technology makes an indispensable contribution to minimizing failures and ensuring a safe working environment.