ISO 13849 – 1 Analysis — Part 8: Fault Exclusion

This entry is part of 9 in the series How to do a 13849 – 1 ana­lys­is

Fault Consideration & Fault Exclusion

ISO 13849 – 1, Chapter 7 [1, 7] dis­cusses the need for fault con­sid­er­a­tion and fault exclu­sion. Fault con­sid­er­a­tion is the pro­cess of examin­ing the com­pon­ents and sub-​systems used in the safety-​related part of the con­trol sys­tem (SRP/​CS) and mak­ing a list of all the faults that could occur in each one. This a def­in­itely non-​trivial exer­cise!

Thinking back to some of the earli­er art­icles in this series where I men­tioned the dif­fer­ent types of faults, you may recall that there are detect­able and undetect­able faults, and there are safe and dan­ger­ous faults, lead­ing us to four kinds of fault:

  • Safe undetect­able faults
  • Dangerous undetect­able faults
  • Safe detect­able faults
  • Dangerous undetect­able faults

For sys­tems where no dia­gnostics are used, Category B and 1, faults need to be elim­in­ated using inher­ently safe design tech­niques. Care needs to be taken when clas­si­fy­ing com­pon­ents as “well-​tried” versus using a fault exclu­sion, as com­pon­ents that might nor­mally be con­sidered “well-​tried” might not meet those require­ments in every applic­a­tion.

For sys­tems where dia­gnostics are part of the design, i.e., Category 2, 3, and 4, the fault lists are used to eval­u­ate the dia­gnost­ic cov­er­age (DC) of the test sys­tems. Depending on the archi­tec­ture, cer­tain levels of DC are required to meet the rel­ev­ant PL, see [1, Fig. 5]. The fault lists are start­ing point for the determ­in­a­tion of DC, and are an input into the hard­ware and soft­ware designs. All of the dan­ger­ous detect­able faults must be covered by the dia­gnostics, and the DC must be high enough to meet the PLr. for the safety func­tion.

The fault lists and fault exclu­sions are used in the Validation por­tion of this pro­cess as well. At the start of the Validation pro­cess flow chart [2, Fig. 1], you can see how the fault lists and the cri­ter­ia used for fault exclu­sion are used as inputs to the val­id­a­tion plan.

The diagram shows the first few stages in the ISO 13849-2 Validation process. See ISO 13849-2, Figure 1.
Start of ISO 13849 – 2 Fig. 1

Faults that can be excluded do not need to val­id­ated, sav­ing time and effort dur­ing the sys­tem veri­fic­a­tion and val­id­a­tion (V & V). How is this done?

Fault Consideration

The first step is to devel­op a list of poten­tial faults that could occur, based on the com­pon­ents and sub­sys­tems included in SRP/​CS. ISO 13849 – 2 [2] includes lists of typ­ic­al faults for vari­ous tech­no­lo­gies. For example, [2, Table A.4] is the fault list for mech­an­ic­al com­pon­ents.

Mechanical fault list from ISO 13849-2
Table A.4 — Faults and fault exclu­sions — Mechanical devices, com­pon­ents and ele­ments
(e.g. cam, fol­low­er, chain, clutch, brake, shaft, screw, pin, guide, bear­ing)

[2] con­tains tables sim­il­ar to Table A.4 for:

  • Pressure-​coil springs
  • Directional con­trol valves
  • Stop (shut-​off) valves/​non-​return (check) valves/​quick-​action vent­ing valves/​shuttle valves, etc.
  • Flow valves
  • Pressure valves
  • Pipework
  • Hose assem­blies
  • Connectors
  • Pressure trans­mit­ters and pres­sure medi­um trans­ducers
  • Compressed air treat­ment — Filters
  • Compressed-​air treat­ment — Oilers
  • Compressed air treat­ment — Silencers
  • Accumulators and pres­sure ves­sels
  • Sensors
  • Fluidic Information pro­cessing — Logical ele­ments
  • etc.

As you can see, there are many dif­fer­ent types of faults that need to be con­sidered. Keep in mind that I did not give you all of the dif­fer­ent fault lists – this post would be a mile long if I did that! The point is that you need to devel­op a fault list for your sys­tem, and then con­sider the impact of each fault on the oper­a­tion of the sys­tem. If you have com­pon­ents or sub­sys­tems that are not lis­ted in the tables, then you need to devel­op your own fault lists for those items. Using Failure Modes and Effects Analysis (FMEA) tech­niques are usu­ally the best approach for these com­pon­ents [23], [24].

When con­sid­er­ing the faults to be included in the list there are a few things that should be con­sidered [1, 7.2]:

  • if after the first fault occurs oth­er faults devel­op due to the first fault, then you can group those faults togeth­er as a single fault
  • two or more single faults with a com­mon cause can be con­sidered as a single fault
  • mul­tiple faults with dif­fer­ent causes but occur­ring sim­ul­tan­eously is con­sidered improb­able and does not need to be con­sidered

Examples

A voltage reg­u­lat­or fails in a sys­tem power sup­ply so that the 24 Vdc out­put rises to an unreg­u­lated 36 Vdc (the intern­al power sup­ply bus voltage), and after some time has passed, two sensors fail, then all three fail­ures can be grouped and con­sidered as a single fault.

If a light­ning strike occurs on the power line and the res­ult­ing surge voltage on the 400 V mains causes an inter­pos­ing con­tact­or and the motor drive it con­trols to fail to danger, then these fail­ures may be grouped and con­sidered as one.

A pneu­mat­ic lub­ric­at­or runs out of lub­ric­ant and is not refilled, depriving down­stream pneu­mat­ic com­pon­ents of lub­ric­a­tion. The spool on the sys­tem dump valve sticks open because it is not cycled often enough. Neither of these fail­ures has the same cause, so there is no need to con­sider them as occur­ring sim­ul­tan­eously because the prob­ab­il­ity of both hap­pen­ing con­cur­rently is extremely small. One cau­tion: These two faults MAY have a com­mon cause – poor main­ten­ance. Even if this is true and you decide to con­sider them to be two faults with a com­mon cause, they could then be grouped as a single fault.

Fault Exclusion

Once you have your well-​considered fault lists togeth­er, the next ques­tion is “Can any of the lis­ted faults be excluded?” This is a tricky ques­tion! There are a few points to con­sider:

  • Does the sys­tem archi­tec­ture allow for fault exclu­sion?
  • Is the fault tech­nic­ally improb­able, even if it is pos­sible?
  • Does exper­i­ence show that the fault is unlikely to occur?*
  • Are there tech­nic­al require­ments related to the applic­a­tion and the haz­ard that might sup­port fault exclu­sion?

BE CAREFUL with this one!

Whenever faults are excluded, a detailed jus­ti­fic­a­tion for the exclu­sion needs to be included in the sys­tem design doc­u­ment­a­tion. Simply decid­ing that the fault can be excluded is NOT ENOUGH! Consider the risk a per­son will be exposed to in the event the fault occurs. If the sever­ity is very high, i.e., severe per­man­ent injury or death, you may not want to exclude the fault even if you think you could. Careful con­sid­er­a­tion of the res­ult­ing injury scen­ario is needed.

Basing a fault exclu­sion on per­son­al exper­i­ence is sel­dom con­sidered adequate, which is why I added the aster­isk (*) above. Look for good stat­ist­ic­al data to sup­port any decision to use a fault exclu­sion.

There is much more inform­a­tion avail­able in IEC 61508 – 2 on the sub­ject of fault exclu­sion, and there is good inform­a­tion in some of the books men­tioned below [0.2], [0.3], and [0.4]. If you know of addi­tion­al resources you would like to share, please post the inform­a­tion in the com­ments!

Definitions

3.1.3 fault
state of an item char­ac­ter­ized by the inab­il­ity to per­form a required func­tion, exclud­ing the inab­il­ity dur­ing pre­vent­ive main­ten­ance or oth­er planned actions, or due to lack of extern­al resources
Note 1 to entry: A fault is often the res­ult of a fail­ure of the item itself, but may exist without pri­or fail­ure.
Note 2 to entry: In this part of ISO 13849, “fault” means ran­dom fault. [SOURCE: IEC 60050?191:1990, 05 – 01.]

Book List

Here are some books that I think you may find help­ful on this jour­ney:

[0]     B. Main, Risk Assessment: Basics and Benchmarks, 1st ed. Ann Arbor, MI USA: DSE, 2004.

[0.1]  D. Smith and K. Simpson, Safety crit­ic­al sys­tems hand­book. Amsterdam: Elsevier/​Butterworth-​Heinemann, 2011.

[0.2]  Electromagnetic Compatibility for Functional Safety, 1st ed. Stevenage, UK: The Institution of Engineering and Technology, 2008.

[0.3]  Overview of tech­niques and meas­ures related to EMC for Functional Safety, 1st ed. Stevenage, UK: Overview of tech­niques and meas­ures related to EMC for Functional Safety, 2013.

References

Note: This ref­er­ence list starts in Part 1 of the series, so “miss­ing” ref­er­ences may show in oth­er parts of the series. Included in the last post of the series is the com­plete ref­er­ence list.

[1]     Safety of machinery — Safety-​related parts of con­trol sys­tems — Part 1: General prin­ciples for design. 3rd Edition. ISO Standard 13849 – 1. 2015.

[2]     Safety of machinery – Safety-​related parts of con­trol sys­tems – Part 2: Validation. 2nd Edition. ISO Standard 13849 – 2. 2012.

[3]      Safety of machinery – General prin­ciples for design – Risk assess­ment and risk reduc­tion. ISO Standard 12100. 2010.

[4]     Safeguarding of Machinery. 2nd Edition. CSA Standard Z432. 2004.

[5]     Risk Assessment and Risk Reduction- A Guideline to Estimate, Evaluate and Reduce Risks Associated with Machine Tools. ANSI Technical Report B11.TR3. 2000.

[6]    Safety of machinery – Emergency stop func­tion – Principles for design. ISO Standard 13850. 2015.

[7]     Functional safety of electrical/​electronic/​programmable elec­tron­ic safety-​related sys­tems. 7 parts. IEC Standard 61508. Edition 2. 2010.

[8]     S. Jocelyn, J. Baudoin, Y. Chinniah, and P. Charpentier, “Feasibility study and uncer­tain­ties in the val­id­a­tion of an exist­ing safety-​related con­trol cir­cuit with the ISO 13849 – 1:2006 design stand­ard,” Reliab. Eng. Syst. Saf., vol. 121, pp. 104 – 112, Jan. 2014.

[9]    Guidance on the applic­a­tion of ISO 13849 – 1 and IEC 62061 in the design of safety-​related con­trol sys­tems for machinery. IEC Technical Report TR 62061 – 1. 2010.

[10]     Safety of machinery – Functional safety of safety-​related elec­tric­al, elec­tron­ic and pro­gram­mable elec­tron­ic con­trol sys­tems. IEC Standard 62061. 2005.

[11]    Guidance on the applic­a­tion of ISO 13849 – 1 and IEC 62061 in the design of safety-​related con­trol sys­tems for machinery. IEC Technical Report 62061 – 1. 2010.

[12]    D. S. G. Nix, Y. Chinniah, F. Dosio, M. Fessler, F. Eng, and F. Schrever, “Linking Risk and Reliability — Mapping the out­put of risk assess­ment tools to func­tion­al safety require­ments for safety related con­trol sys­tems,” 2015.

[13]    Safety of machinery. Safety related parts of con­trol sys­tems. General prin­ciples for design. CEN Standard EN 954 – 1. 1996.

[14]   Functional safety of electrical/​electronic/​programmable elec­tron­ic safety-​related sys­tems – Part 2: Requirements for electrical/​electronic/​programmable elec­tron­ic safety-​related sys­tems. IEC Standard 61508 – 2. 2010.

[15]     Reliability Prediction of Electronic Equipment. Military Handbook MIL-​HDBK-​217F. 1991.

[16]     “IFA – Practical aids: Software-​Assistent SISTEMA: Safety Integrity – Software Tool for the Evaluation of Machine Applications”, Dguv​.de, 2017. [Online]. Available: http://​www​.dguv​.de/​i​f​a​/​p​r​a​x​i​s​h​i​l​f​e​n​/​p​r​a​c​t​i​c​a​l​-​s​o​l​u​t​i​o​n​s​-​m​a​c​h​i​n​e​-​s​a​f​e​t​y​/​s​o​f​t​w​a​r​e​-​s​i​s​t​e​m​a​/​i​n​d​e​x​.​jsp. [Accessed: 30- Jan- 2017].

[17]      “fail­ure mode”, 192−03−17, International Electrotechnical Vocabulary. IEC International Electrotechnical Commission, Geneva, 2015.

[18]      M. Gentile and A. E. Summers, “Common Cause Failure: How Do You Manage Them?,” Process Saf. Prog., vol. 25, no. 4, pp. 331 – 338, 2006.

[19]     Out of Control — Why con­trol sys­tems go wrong and how to pre­vent fail­ure, 2nd ed. Richmond, Surrey, UK: HSE Health and Safety Executive, 2003.

[20]     Safeguarding of Machinery. 3rd Edition. CSA Standard Z432. 2016.

[21]     O. Reg. 851, INDUSTRIAL ESTABLISHMENTS. Ontario, Canada, 1990.

[22]     “Field-​programmable gate array”, En​.wiki​pe​dia​.org, 2017. [Online]. Available: https://​en​.wiki​pe​dia​.org/​w​i​k​i​/​F​i​e​l​d​-​p​r​o​g​r​a​m​m​a​b​l​e​_​g​a​t​e​_​a​r​ray. [Accessed: 16-​Jun-​2017].

[23]     Analysis tech­niques for sys­tem reli­ab­il­ity – Procedure for fail­ure mode and effects ana­lys­is (FMEA). 2nd Ed. IEC Standard 60812. 2006.

[24]     “Failure mode and effects ana­lys­is”, En​.wiki​pe​dia​.org, 2017. [Online]. Available: https://​en​.wiki​pe​dia​.org/​w​i​k​i​/​F​a​i​l​u​r​e​_​m​o​d​e​_​a​n​d​_​e​f​f​e​c​t​s​_​a​n​a​l​y​sis. [Accessed: 16-​Jun-​2017].

CSA Z432 Safeguarding of Machinery – 3rd Edition

If you build machinery for the Canadian mar­ket, or if you modi­fy equip­ment in Canadian work­places, you will be famil­i­ar with CSA Z432, Safeguarding of Machinery. This stand­ard has been around since 1992, with the last major revi­sion pub­lished in 2004. CSA has recon­vened the Technical Committee respons­ible for this import­ant stand­ard to revise the doc­u­ment to reflect the cur­rent prac­tices in the machinery mar­ket, and to bring in new ideas that are devel­op­ing inter­na­tion­ally that affect what Canadian machine build­ers are doing.

If you have interest in this stand­ard and would like to have your thoughts and con­cerns com­mu­nic­ated to the Technical Committee, please feel free to con­tact me with your sug­ges­tions. Work starts on 28-​Jan-​14. Your input is wel­comed!

Why YOU need a Certification Strategy

How compliance efforts go wrong

Clients call when they have prob­lems. They sent some product to a cer­ti­fic­a­tion body, some tests were done and the product failed. Now what? Usually the deliv­ery date for the cer­ti­fied product is approach­ing quickly, and no time is avail­able to react. Delivery is delayed and the cus­tom­er is upset. The busi­ness may even be lost.

This pro­cess goes wrong for a num­ber of reas­ons:

  1. The end goal for the cer­ti­fic­a­tion and the inter­me­di­ate require­ments were not con­sidered
  2. The cer­ti­fic­a­tion body chose the stand­ard, and the man­u­fac­turer had no idea what the stand­ard required
  3. The samples were not care­fully pre­pared for the cer­ti­fic­a­tion body
  4. Information was miss­ing or par­tially miss­ing

Certification Motivation

What motiv­ates a man­u­fac­turer to cer­ti­fy a product? The decision to cer­ti­fy comes about for a vari­ety of reas­ons, includ­ing:

  1. Legal require­ment for the mar­ket
  2. Customer request
  3. Liability lim­it­a­tion
  4. Marketing advant­age over competitor’s offer­ings

I’ve talked about the dif­fer­ences between CE Marking and tra­di­tion­al Certification pro­cesses in a num­ber of art­icles, includ­ing this one recently, so I won’t repeat myself here. In Canada, Federal [1, 125(m)(iii)] and Provincial law [2, 113] requires any­one selling an elec­tric­al product to ensure that it bears an elec­tric­al safety mark, and this is sup­por­ted in the Canadian Electrical Code [3, 2 – 024]. This require­ment is often over­looked in the indus­tri­al /​ com­mer­cial mar­ket where post-​installation equip­ment inspec­tion, called “Field Evaluation”, is com­mon.

In the US, each State has a slightly dif­fer­ent approach, so you will need to check out the require­ments in the states where your product is sold so that you can ensure com­pli­ance with the loc­al require­ments. From a work­place per­spect­ive, the US OSHA requires that all elec­tric­al products used in the work­place bear a mark from a Nationally Recognized Testing Laboratory (NRTL) [5].

Certifying your product provides some degree of liab­il­ity lim­it­a­tion, in that it shows that you met the min­im­um leg­al require­ments for your mar­ket­place. To really lim­it your liab­il­ity effect­ively, you will need to do more than just meet the min­im­um require­ments, and you will need doc­u­ment­a­tion of everything done to meet or exceed those require­ments.

If you offer cer­ti­fied products in a mar­ket where this is uncom­mon, you have a mar­ket­ing advant­age as long as your cus­tom­ers under­stand the advant­ages cer­ti­fied product brings. If cer­ti­fic­a­tion is rare in your mar­kets, you may need to under­take some edu­ca­tion­al mar­ket­ing to help cus­tom­ers “get it”.

Another key point needs to be con­sidered: Product volume. Certification costs money and takes time. If you are selling less than 200 units per year of a giv­en product in your line, cer­ti­fic­a­tion for that product is unlikely to be feas­ible. For product volumes from one to 200 units per year, Field Evaluation provides a much more time and cost effect­ive way to get your product marked.

The dia­gram shows the gen­er­al pro­cess flow for this activ­ity. If you are choos­ing to use Field Evaluation instead of Certification, sub­sti­tute “Field Evaluation” wherever you see “Certification” in the dia­gram.

Flow chart showing certification process flow.
Certification Process Flow

Selecting standards

Selecting the “right” stand­ard for your product can be a chal­lenge, espe­cially in the indus­tri­al mar­ket where products are often highly spe­cial­ized, “one-​off” products. In many of these cases, no stand­ard that spe­cific­ally cov­ers the product may exist. For rel­at­ively simple products, or for products that are very com­mon, like TV’s, com­puters, and audio-​video equip­ment, there are “Product Family” stand­ards that spe­cific­ally cov­er these types products.

Not every stand­ard is a cer­ti­fic­a­tion stand­ard. Most of the cer­ti­fic­a­tion stand­ards are focused on elec­tric­al and fire safety. The con­cerns are the pre­ven­tion of elec­tric­al shock, arc flash, and fire. Certification stand­ards will typ­ic­ally include spe­cif­ic tests that must be passed to show com­pli­ance with the require­ments. Design stand­ards, on the oth­er hand, will provide gen­er­al per­form­ance require­ments and some­times pre­script­ive fea­ture require­ments, but no test require­ments. This is typ­ic­al in the indus­tri­al machinery sec­tor where stand­ards like CSA Z432 [6] and the ANSI B11 fam­ily [7] of stand­ards apply. In these cases, you may be able to have the product cer­ti­fied for elec­tric­al safety, but not for machinery safety. This does not elim­in­ate cor­por­ate liab­il­ity for the machinery haz­ards, requir­ing man­u­fac­tur­ers to be know­ledge­able and dili­gent in apply­ing design stand­ards.

Developing a Certification Strategy

To devel­op a sound strategy, I recom­mend a “bottom-​up” approach. To apply this idea, start with the bill of mater­i­als for the product. Look first at the pur­chased products: How many of these items are either already cer­ti­fied by their man­u­fac­turer? All of the cer­ti­fied items can be elim­in­ated from fur­ther con­sid­er­a­tion for the moment. Next, con­sider the pur­chased but un-​certified products. Contact all of your sup­pli­ers to determ­ine which of these products can be pur­chased cer­ti­fied, and adjust the bill of mater­i­als to reflect the part num­bers for the cer­ti­fied ver­sions.

Now, the harder part. All of the remain­ing items on the bill of mater­i­als need to be looked at for cer­ti­fic­a­tion. Anything that can­not or need not be cer­ti­fied, e.g., nuts and bolts, oth­er mech­an­ic­al parts that are not pres­sure bear­ing, can be excluded from con­sid­er­a­tion. You now have a short list of uncer­ti­fied com­pon­ents that require cer­ti­fic­a­tion.

For each item on the short list, research the stand­ards avail­able. The Scope of the stand­ards will help guide you regard­ing their applic­ab­il­ity. Once you have a matched list of com­pon­ents and stand­ards, you can extend that research to include the top level product.

Now you have the begin­ning of a com­pli­ance strategy. The next piece of the puzzle involves the intern­al eval­u­ation of each com­pon­ent against the stand­ards chosen. This give you the abil­ity to revise your think­ing, either of the stand­ard you chose or of the design and con­struc­tion of the com­pon­ent. Making good choices at this stage to either cor­rect issues found in the design or con­struc­tion of the com­pon­ent, or in the selec­tion of the stand­ard, can save you huge amounts of time and effort once the cer­ti­fic­a­tion body gets involved.

Once the com­pon­ents have suc­cess­fully passed the intern­al “pre-​compliance” eval­u­ation, you can get the cer­ti­fic­a­tion body involved, and start the form­al com­pli­ance pro­cess for each com­pon­ent. As this part of the pro­cess pro­gresses, the cer­ti­fic­a­tion body may have addi­tion­al ques­tions or requests for inform­a­tion. To reduce these in-​process ques­tions, make sure that each com­pon­ent is clearly iden­ti­fied, that you have unique part num­bers for each part, and that you have provided inform­a­tion on the mater­i­als used in the con­struc­tion of the com­pon­ent, as well as detailed engin­eer­ing draw­ings.

As the com­pon­ent cer­ti­fic­a­tion work pro­gresses, you can start on the top level product cer­ti­fic­a­tion work. The top level product needs to go through the same sort of intern­al pre-​compliance pro­cess as the com­pon­ents so that you can be as cer­tain as pos­sible that the product will meet the require­ments when it gets to the cer­ti­fic­a­tion lab.

Preparation of the data pack­age and the sample(s) of the top-​level product that will be sub­mit­ted must be done care­fully. Construction of the samples must match the man­u­fac­tur­ing draw­ings and instruc­tions as closely as pos­sible. Once everything is ready, the samples can be sub­mit­ted for eval­u­ation.

Working with your Certifier

Dealing with a Certification Body can be very chal­len­ging. Much of the exper­i­ence will be based on the pro­ject engin­eer that is respons­ible for your product’s eval­u­ation. It’s import­ant to set up a good rela­tion­ship with this per­son at the begin­ning, because once prob­lems start to crop up in the lab you will need to be able to talk to this per­son. Making sure that you have the “right” stand­ards selec­ted for your product is really import­ant, and the pro­ject engin­eer must agree with you. They can refuse to cer­ti­fy a product if they feel that the stand­ard chosen is incor­rect, and since they have the final word, there is no arguing with them. An open dis­cus­sion at the begin­ning of the pro­ject to dis­cuss the stand­ards selec­ted is a good place to start. If your ideas and theirs devi­ate in a big way, you may have to com­prom­ise on their selec­tion, or worse, stop the pro­ject and review the prob­lems encountered.

Once the product is cer­ti­fied, the Certification Body will con­duct reg­u­lar audits on the man­u­fac­tur­ing facility(ies) to make sure that the pro­duc­tion test­ing is being done, pro­duc­tion records are kept, and that the QA pro­grams are ensur­ing that only good product leaves the plant.

An import­ant part of the QA pro­cess is the Customer Complaints Program. Manufacturers must have a pro­gram in place to record cus­tom­er com­plaints, and to respond to those com­plaints. A decision tree that helps cus­tom­er ser­vice rep­res­ent­at­ives dif­fer­en­ti­ate between safety-​related and non-​safety related com­plaints should be developed. Safety related com­plaints should res­ult in engin­eer­ing review of the prob­lems and determ­in­a­tions about the cause of the prob­lems. If these are related to man­u­fac­tur­ing or design issues, and espe­cially if these are related to com­pli­ance with the require­ments of the cer­ti­fic­a­tion stand­ard, a recall of the product may be needed. If this is the case, get the Certifier involved as soon as pos­sible. Failure to act, and fail­ure to inform the cer­ti­fi­er can res­ult in the cer­ti­fic­a­tion being revoked.

References

[1]     Canada Labour Code, [online]. Available: http://​can​lii​.ca/​t​/​5​2​2fd. Accessed: 2014-​01-​27.

[2]     Ontario Electricity Act – Marking require­ments Avaialble:Ontario Electricity Act. Accessed: 2014-​01-​27.

[3]     Canadian Electrical Code, CSA C22.1. 2012.

[4]     National Electrical Code, NFPA 70. 2014.

[5]     Occupational Safety and Health Standards, 1910 Subpart S, Electrical, Installatin and Use. 29 CFR 1910.303(b)(2), [online]. Available: https://​www​.osha​.gov/​p​l​s​/​o​s​h​a​w​e​b​/​o​w​a​d​i​s​p​.​s​h​o​w​_​d​o​c​u​m​e​n​t​?​p​_​t​a​b​l​e​=​S​T​A​N​D​A​R​D​S​&​a​m​p​;​p​_​i​d​=​9​880. Accessed: 2014-​01-​27.

[6]     Safeguarding of Machinery. CSA Z432. 2004.

[7]     Safety of Machines. B11​.org, [online]. Available: http://​b11stand​ards​.org/​s​t​a​n​d​a​r​ds/. Accessed: 2014-​01-​27.