Safely moved, precisely controlled

The machine life­cycle is much more than the sum of its tech­nical phases – it is a com­plex cycle, which places new demands on safety, effi­ciency and com­pli­ance in each phase. A machine’s life­cycle extends from plan­ning and design to com­mis­sioning and oper­a­tion, including retro­fits, through to decom­mis­sioning.  

Aim: CE marking 

The plan­ning and design involve a def­i­n­i­tion of the require­ments and the pur­pose of the machine. The rel­e­vant direc­tives and reg­u­la­tions can then be iden­ti­fied. This is fol­lowed by the imple­men­ta­tion of the risk assess­ment and the devel­op­ment of a safety con­cept. Imple­men­ta­tion then con­sists of the inte­gra­tion of safety-related func­tions, the selec­tion of suit­able com­po­nents and val­i­da­tion. The designer or machine builder is respon­sible for this. If every­thing is done in accor­dance with the applic­able laws and direc­tives, then at the end of this phase the machine builder can issue an EU dec­la­ra­tion of con­for­mity and affix a CE mark. 

Things get dynamic during the operational phase 

The oper­a­tional phase covers actual oper­a­tion, including inte­gra­tion and com­mis­sioning, the var­ious oper­ating modes such as main­te­nance, but also adjust­ments and retro­fits. Com­pared to the design phase, the oper­a­tional phase is much more dynamic in terms of safety. During oper­a­tion, safety must be guar­an­teed at all times. It would there­fore be wrong for the oper­ator to assume that CE marking would resolve all their safety issues.   

It is the oper­a­tor’s own respon­si­bility to assess the safety of the machine in the envi­ron­ment in which it is oper­ated – on an ongoing basis. The frame­work direc­tive on Safety and Health at Work applies in Europe to ensure that this hap­pens. This has been imple­mented in Ger­many with the Ordi­nance on Indus­trial Safety and Health (Betr­SichV), for example. The Ordi­nance on Indus­trial Safety and Health gov­erns health and safety pro­tec­tion when using work equip­ment and instal­la­tions sub­ject to mon­i­toring. The ordi­nance stip­u­lates reg­ular inspec­tions of work equip­ment and instal­la­tions to ensure that they con­tinue to meet the require­ments and can be oper­ated safely.  

Retrofit – or the question about substantial modification 

It is not uncommon for the oper­a­tional phase to last sev­eral decades. Over the years, the state-of-the-art changes and machines are reju­ve­nated with a retrofit to ensure con­tinued pro­duc­tivity and safety. If the changes com­pro­mise the safety of the machine by cre­ating a new hazard or increasing an existing risk, this is called a sub­stan­tial mod­i­fi­ca­tion. In this case, the oper­ator becomes the man­u­fac­turer – with all the asso­ci­ated oblig­a­tions. This means that they them­selves must then carry out a con­for­mity assess­ment pro­ce­dure. 

Regard­less of whether or not a new dec­la­ra­tion of con­for­mity is needed: ulti­mately, work equip­ment must always be safe in line with the Ordi­nance on Indus­trial Safety and Health (Betr­SichV), if nec­es­sary with a fresh CE mark. 

Liability protection: “Write it down, stay in the game” 

In the event of an inci­dent, this means that the oper­ator must prove that they have car­ried out reg­ular hazard assess­ments, for example; it means they must pro­duce test reports or doc­u­ment training and per­mis­sions for employees. In prac­tice, these doc­u­ments are often incom­plete and are stored in dif­ferent loca­tions and for­mats, either as hard copies or dig­i­tally.  

In machine oper­a­tion, it is not enough to imple­ment safety mea­sures as a one-off – they must be con­tin­u­ously reviewed, doc­u­mented and kept up to date. Oper­a­tors are liable and there­fore have a duty to be able to prove at any time that their machines comply with the applic­able legal require­ments. This applies not only to tech­nical safety func­tions, but also to organ­i­sa­tional mea­sures, IT pro­tec­tion and data pro­tec­tion. 

Why an overview of documentation is crucial 

A fully doc­u­mented safety process is the basis for legal pro­tec­tion. Oper­a­tors bear full respon­si­bility for the safety of their machinery – and must be able to prove that all mea­sures were imple­mented cor­rectly in the event of an inci­dent. 

A full, struc­tured overview of all safety-related doc­u­ments is essen­tial – for sev­eral rea­sons: 

• Legal cer­tainty: Only those who keep com­plete doc­u­men­ta­tion can prove that all oblig­a­tions have been met in the event of an inci­dent. 
• Legal com­pli­ance: New reg­u­la­tions require oper­a­tors to know at all times whether their machines comply with cur­rent require­ments – and to be able to prove it.  
• Respon­sive­ness: In the event of safety inci­dents or audits, it must quickly be apparent which mea­sures have been taken and which pro­tec­tive mech­a­nisms are in place. 
• Effi­ciency: Well-struc­tured doc­u­men­ta­tion makes main­te­nance, training and emer­gency man­age­ment easier – and helps to min­imise down­times.  

The chal­lenge lies not only in cre­ating this doc­u­men­ta­tion, but in main­taining it on an ongoing basis. Mod­i­fi­ca­tions to the machine, new soft­ware ver­sions or amended legal require­ments must be recorded promptly and doc­u­mented so as to be trace­able. This is the only way for oper­a­tors to main­tain con­trol – and fulfil their respon­si­bil­i­ties towards employees, author­i­ties and their own organ­i­sa­tion. 

Security creates new requirements 

Machine net­working is increasing, which brings with it new risks. For the first time, the EU Machinery Reg­u­la­tion requires manda­tory cyber­se­cu­rity mea­sures. Machines must be designed in such a way that external access does not present a hazard. The Cyber Resilience Act extends these require­ments to all net­worked prod­ucts. Oper­a­tors must doc­u­ment how they deal with vul­ner­a­bil­i­ties, pro­vide secu­rity updates and respond to inci­dents. The NIS 2 Direc­tive obliges oper­a­tors of crit­ical infra­struc­tures (which also includes com­pa­nies in the engi­neering and auto­mo­tive sec­tors with more than 50 employees or an annual turnover of more than €10 mil­lion) to imple­ment com­pre­hen­sive organ­i­sa­tional and tech­nical mea­sures for IT secu­rity – including risk analyses, emer­gency plans and reporting oblig­a­tions in the event of secu­rity inci­dents. The imple­men­ta­tion must also be doc­u­mented and reg­u­larly reviewed. 

This means that secu­rity require­ments are increasing for both machine builders and oper­a­tors. In addi­tion to the actual safety of the machine, it is now nec­es­sary to ensure that nobody can cor­rupt the machine. And this applies not only in the case a hacker attack, but also to internal manip­u­la­tion by employees – whether inten­tional or oth­er­wise. This is what oper­a­tors will demand from machine builders in future. Oper­a­tors need a system that can be used to clearly assign and con­trol per­mis­sions for safety func­tions. 

These days, the machine life­cycle is inex­tri­cably linked to com­pre­hen­sive safety, secu­rity, doc­u­men­ta­tion and IT pro­tec­tion oblig­a­tions. Oper­a­tors must not only ensure the pro­tec­tion of human and machine, but must also guar­antee the integrity of dig­ital sys­tems and com­pli­ance with legal require­ments. The key here is full, struc­tured doc­u­men­ta­tion that’s avail­able at all times – both for legal cer­tainty and for smooth, pro­duc­tive oper­a­tion.