Failure modes of control circuits and any potential for stored energy must be understood and identified before safety functions for hydraulic fluid power using a control or isolation process can be properly designed into a machine. Could faults, such as sticky valves, hose failure, stored energy, or blocked flow paths, lead to a failure or exposure to danger?

The answer often is yes, and the potential danger these create should not be overlooked in the hazard identification process required by law. Contamination, lack of lubrication, condensation, silting, cavitation, aeration, rupture, leakage, blockage, intensification, wear, mechanical failure, poor maintenance, or circuit design are just some of the potential causes for a failure to danger within a fluid power circuit.

For example, we can identify a hazard inherent to circuit design which has led to accidents if we analyze a typical pneumatic circuit where a cylinder is controlled by a 5-port, 2-position single-solenoid spring return valve, shown in the illustration. Consider that the valve’s solenoid is de-energized when the machine’s protective guard is open. With no electrical power to the solenoid, compressed air flows into the rod-end of the cylinder.

Just because the solenoid of a 5-port, 2-position valve is not energized, pressure most likely remains in one of the lines feeding the cylinder, posing a potentially unsafe condition.

If the potential crushing hazard could only cause minor bruising and was assessed as requiring a Category 1 solution, then using a double-solenoid 3-position valve instead would exhaust air to a de-energized state. If a serious or irreversible injury could occur, the required fault detection of Categories 2, 3, and 4 could be met by providing 3/2 monitored safety interlock valves upstream of the directional control valve. Doing so would safely block incoming compressed air and bleed residual pressure from the both air lines to the cylinder. This would be suitable for cylinders mounted horizontally, but gravity loads require additional analysis and measures.

What Goes Up Must Come Down
As we know, gravity dictates that vertical loads fall if there is nothing holding them up. Rupture of hoses or single component failures in control valves, check valves, or counterbalance valves typically used in fluid power gravity load applications could lead to a hazardous condition. While undertaking failure modes and effects analysis of systems, we often observe clients assessing their slow-moving gravity loads as Category 3.

This is because they have a risk of serious injury and a high frequency of exposure. Their justification for selecting Category 3 over Category 4 is that they believe a good possibility of avoidance exists due to the slow speed of operation under normal control. If a failure occurred, would the load move slowly?

Consider a press where a flexible line runs from the bottom (cap end) of the cylinder back to a counterbalance valve. If the hose ruptures, the tooling could descend rapidly. This is where monitored valves fitted directly to the cylinder port or monitored rod-locking devices might become part of the safety solution—in some cases, both. By interlocking these safety devices with electromechanical locked guarding, operator access can easily be prevented until safe valve or rod lock position has been confirmed.

Read more: Basic Machine Safety for Fluid Power