Maintenance Guides 18 min read

Guide to the Diagnosis and Resolution of Untimely Failures of Machine Safety Systems

Technical analysis: Troubleshooting nuisance safety system trips: safety relay diagnostics, sensor alignment, wiring int

1. Problem Description and Scope

This diagnostic guide focuses on identifying and resolving untimely and unwarranted failures (i.e., “false trips”) of safety systems integrated into machine tools. Such events, while not always indicating a real dangerous condition, cause unexpected machine downtime, reducing operational efficiency and generating frustration among production personnel. The problem manifests itself as the machine stopping without an apparent violation of the safety zones, with or without reporting a specific error code from the safety relay or controller.

Scope of Application: Machine tools (milling machines, lathes, grinding machines, presses) equipped with safety systems compliant with UNI EN ISO 13849-1 and CEI EN 60204-1 regulations, which use safety sensors (photoelectric barriers, laser scanners, limit switches, magnetic switches, pressure-sensitive mats, radar sensors), safety actuators (electromechanical locks, pneumatic or hydraulic safety valves) and safety relays. programmable safety/safety PLC.

Severity Rating:

  • Critical: Frequent disasters (multiple times per day), causing significant production losses or occurring close to critical operations, compromising confidence in the safety system. Requires immediate intervention.
  • Major: Sporadic failures (weekly/daily), which interrupt the production cycle in an unpredictable way. They indicate an underlying problem which, if not resolved, can develop into critical issues.
  • Minor: Rare (monthly), seemingly random misattacks. Often precursors to larger failures, they require proactive monitoring and investigation.

2. Safety Precautions

ATTENTION: Before undertaking any diagnostic or maintenance activity on the safety systems, it is ESSENTIAL scrupulously follow the lockout/tagout (LOTO) procedures to isolate the machine from all energy sources (electrical, pneumatic, hydraulic, mechanical). Failure to follow these procedures could result in serious personal injury or death. Check the absence of residual or stored energy (e.g. compressed springs, charged capacitors, residual hydraulic or pneumatic pressure) before starting work.

Personal Protective Equipment (PPE): Always wear the appropriate PPE: safety glasses, dielectric gloves (if working on live electrical circuits for specific diagnoses), safety shoes and protective work clothing. Always consult the machine specific risk assessment (DVR).

3. Necessary Diagnostic Tools

Effective diagnosis requires the use of specific instruments for accurate measurements and signal analysis.

Tool Specifications / Recommended Model Typical Measurement Range Diagnostic Purpose
Digital Multimeter (DMM) True RMS, CAT III 1000V / CAT IV 600V (e.g. Fluke 179) AC/DC voltage: 0-1000V; AC/DC Current: 0-10A; Resistance: 0-50MΩ; Continuity Check power supply voltages (24VDC, 230VAC), circuit integrity, contact resistance, voltage drops.
Insulation Tester (Megohmmeter) Test voltages 50V, 100V, 250V, 500V, 1000V (e.g. Fluke 1507) Insulation resistance: 0.1 MΩ to 2 GΩ Identification of faults in the insulation of cables and safety sensors (e.g. earth contact, short circuits between conductors). Minimum threshold UNI EN 60204-1: 1 MΩ.
Laser Calibrator / Digital Level Accuracy ±0.1mm/m (e.g. SICK AG-10, Bosch GLL 3-80 C) Distance/Alignment: up to 10m Check alignment of photoelectric barriers, laser scanners and optical sensors. Critical for maintaining Performance Level (PL).
Portable Oscilloscope 2 channels, 60-100 MHz band, 1GSa/s sampling (e.g. Tektronix TBS1000C) Voltage: 10mV/div - 100V/div; Time: 5ns/div - 100s/div Analysis of sensor signals (square wave, impulsive), ripple on power supplies, identification of disturbances (EMI/RFI), response times.
Network Analyzer (Power Quality Analyzer) Three-phase monitoring, Harmonics, Transients (e.g. Fluke 435 II) AC/DC Voltage, AC/DC Current, Power (W, VA, VAR), Power Factor, Harmonics Identification of voltage fluctuations, voltage dips, overvoltages, harmonics on the network that can disturb the safety relays.
Thermal imaging camera IR Resolution 240x180, Sensitivity < 0.05 °C (e.g. FLIR E6) Temperature: -20°C to +550°C Identification of anomalous overheating in terminal blocks, relay contacts, cables, motors (indicative of high resistances or overloads). Delta T > 10°C compared to the environment indicates an anomaly.
Safety Relay/PLC Diagnostic Software Manufacturer-specific (e.g. Siemens TIA Portal Safety, Pilz PSSuniversal Assistant) Ethernet/USB connection Reading of safety input/output status, internal fault diagnostics, event log, error status, programming verification.

4. Initial Assessment Checklist

Before proceeding with the in-depth diagnosis, it is essential to collect information on the context of the accident to narrow down the possible causes.

Question / Observation What to Check / Record Diagnostic Utility
Operating conditions at the time of decommissioning? Car moving/stopped? Operator in the area? Status of work cycles? Forward speed? Correlation with machine movement or operator presence may indicate dynamic sensor or timing problems.
Error codes or warning messages displayed? Record the exact code and message text from the operator panel or safety relay display. Provides immediate indications on the component or safety zone involved. Consult the machine manual.
Is the disattack reproducible? Does it always occur under specific conditions (e.g. a certain movement, operator in a specific area, machine start-up)? A reproducible disconnection simplifies the diagnosis, pointing towards a physical or configuration failure.
Have any recent maintenance or modifications been carried out? New installation, component replacement, realignment, software updates, wiring changes? Changes often introduce new problems or uncover pre-existing defects.
Anomalous environmental conditions? Presence of dust, high humidity, unusual vibrations, temperature changes, welding taking place nearby? Contamination or external interference can cause temporary sensor malfunctions.
Alarm history? Consult the PLC or safety relay event log. Identify recurring patterns or the evolution of a fault.
Security system supply voltage? Using DMM, measure the power supply voltage (e.g. 24VDC) of the relay and the sensors upstream and downstream of the disconnect. Voltage fluctuations or drops can cause outages. Acceptable: 24VDC ±10% (21.6V – 26.4V).

5. Systematic Diagnostic Flow Chart

This diagram guides the technician through a logical path to identify the root cause, starting from the general symptom to the specific test.

  1. Symptom: The safety system deactivates without an apparent violation, intermittently or randomly.
    1. Initial Verification:
      1. Check the alarm log on the operator panel or safety relay display.
      2. Visually inspect all safety sensors (barriers, limit switches, switches) and wiring for obvious damage (pinched wires, loose connectors, dirt).
    2. If the alarm log indicates a specific sensor (e.g. "S1 Barrier Alarm"):
      1. Sensor/Alignment Problem:
        1. Thoroughly clean the sensor (emitter and receiver for light curtains) and the reflective surfaces (if present).
        2. Use the laser calibrator or digital level to check alignment. For light curtains, the signal indicator (LED or software) must be stable and at the maximum level. Critical alignment: maximum deviation ±0.5° for distances > 5m.
        3. Check the operating distance specified by the manufacturer. If the sensor is too close or too far away, it can cause reflections or no signal.
        4. Test the functionality of the sensor by operating it manually (simulating the interruption). The status LED must switch reliably.
        5. With the oscilloscope, monitor the output signal from the sensor (whether analog or pulse) and compare it to the specifications. Look for disturbances (noise) or signal drops.
      2. Sensor Wiring Problem:
        1. With the machine in LOTO, disconnect the sensor and wiring from the safety relay.
        2. Use the DMM in ohm mode to check the continuity of each lead from the sensor to the relay. Resistance must be < 1Ω.
        3. Use the insulation tester to check the insulation between the conductors and between each conductor and earth (cable shield/machine ground). Values ​​< 1 MΩ (at 500V) indicate a fault.
        4. Inspect connectors for oxidation or loose wires.
        5. Check the correct connection of the cable shield (grounding on one side only to avoid ground loops).
    3. If the alarm log does not indicate a specific sensor, or the alarm is generic (e.g. "Safety Relay Alarm" or "Safety Loop Open"):
      1. Power Supply Problem:
        1. With the DMM, measure the supply voltage to the safety relay (e.g. 24VDC). Check that it is stable and within the specified range (24VDC ±10%).
        2. Use the power analyzer to monitor the quality of the machine's overall power supply. Look for voltage sags, surges or harmonics that could be affecting the relay.
      2. Safety Relay/Safety PLC Problem:
        1. Access the safety relay/PLC diagnostic software.
        2. Read the status of safety entrances: all "safe" entrances (e.g. closed barriers, locked doors) must show the "OK" or "Closed" status. Identify any inputs that switch erratically.
        3. Check the relay's internal event log to identify internal hardware faults or communication errors.
        4. Check the firmware version. Outdated firmware may have known bugs.
        5. Check safety relay programming for logic errors that could cause inadvertent tripping.
        6. Visually inspect the relay for signs of overheating (use thermal imaging) or physical damage.
      3. Electromagnetic Interference (EMI) / Radio Frequency (RFI) problem:
        1. Identify potential nearby sources of interference (motors, inverters, unshielded power cables, welding machines, wireless devices).
        2. Check that all safety cables are shielded and that the shielding is properly earthed (on one side only, ideally at the entrance to the electrical panel).
        3. Make sure that the safety cables are physically separated from the power cables (minimum distance 30 cm) or, if they must cross each other, do so at a right angle.
        4. Check the integrity of the machine's earthing system and the electrical panel.
        5. Use the oscilloscope to monitor the signals on the safety cables in the presence of the suspected noise source.
      4. Indirect Mechanical Problem:
        1. Excessive machine vibrations can cause the malfunction of inductive proximity sensors or loss of contact in mechanical limit switches. Use vibration analyzer to evaluate abnormal levels.
        2. Mechanical wear of actuators or doors that house the sensors, causing excessive play or incorrect positioning of the sensor.

6. Fault-Cause Matrix

Symptom Probable Causes (ranked by probability) Diagnostic Test Expected Result if Cause Confirmed
Sudden disconnection, with specific sensor error code. 1. Sensor misalignment/clogging (optical) 2. Sensor contamination (dust, dirt) 3. Internal sensor failure 1. Visual check and with laser calibrator 2. Sensor cleaning, functional test 3. Sensor replacement, cross test 1. Weak/no signal LED, measurement misalignment > 0.5° 2. Signal restored after cleaning 3. Correct operation with new sensor
Intermittent disconnection, without specific error code or "Loop Open". 1. Damaged/loose wiring (intermittent) 2. EMI/RFI interference 3. Power voltage fluctuations 4. Worn/dirty auxiliary safety contact 1. Insulation tester, DMM on continuity, cable shaking 2. Oscilloscope on cables, cable separation 3. Network analyzer, DMM on relay power supply 4. Visual inspection and contact resistance test 1. Insulation resistance < 1MΩ, temporary interruption of continuity 2. Disturbances on the sensor signal, disconnection related to disturbance source activation 3. Voltage out of range (e.g. < 21.6V) during disconnection 4. Contact resistance > 1Ω, signs of electric arc
Random disconnection, with generic error code of the safety relay. 1. Internal fault of the safety relay 2. Programming error of the safety relay 3. Overheating of the safety relay 1. Exchange with working safety relay (if possible), software diagnostics 2. Review of the safety logic with the proprietary software 3. Thermal imaging camera, check panel ventilation 1. Correct operation with replaced relay, internal alarm from the relay 2. Logic error identification (e.g. incorrect timing, incorrect OR/AND logic) 3. Relay surface temperature > 60°C
Disconnection at startup or after a certain period of operation. 1. Hot failure of a component (sensor, relay) 2. Condensation/humidity problem that occurs with heating 3. Thermal dissipation problem 1. Thermal monitoring with thermal imaging camera, signal monitoring with oscilloscope 2. Internal inspection of sensors and electrical panels 3. Control of ventilation filters, fan operation 1. Component that increases the temperature abnormally before the failure 2. Traces of internal humidity or oxidation 3. Clogged filters, stopped fans

7. Root Cause Analysis for Each Failure

7.1 Incorrect Alignment or Obstruction of Safety Sensors

Why it happens: Often caused by machine vibrations that misalign mounting brackets, accidental impacts, accumulation of dirt, dust, oil or chips on optical sensor lenses (light curtains, laser scanners), or by inaccurate initial installation. Refraction of light or reflection from shiny surfaces can also disturb the signal.

How to confirm: Use a laser calibrator or digital level to check alignment. For optical sensors, the signal strength indicator (LED on the sensor or software diagnostics) will be weak or fluctuating. A DMM can be used to verify the output voltage, which may not reach the threshold value. The presence of even a partial obstacle or dirt on the lenses reduces the intensity of the detected beam.

Damage if not resolved: Continuous machine downtime, drastic reduction in efficiency. Risk of security system bypass by frustrated operators, severely compromising security and exposing the business to regulatory and legal risks.

7.2 Damaged Wiring or Faulty Connections

Why it happens: Mechanical wear (constant bending, rubbing against sharp edges), vibrations that loosen terminals, exposure to corrosive liquids or extreme temperatures, and rodent action can damage cable insulation or cause interruptions. Poorly tightened or oxidized connections introduce parasitic resistance or intermittent interruptions.

How to confirm it: The insulation tester will reveal insufficient resistance (< 1 MΩ) between conductor and ground or between conductors. The DMM in continuity/resistance mode will detect breaks or high resistances (>1Ω) at specific points in the cable. The oscilloscope will show voltage drops or signal noise when the cable is manipulated or subjected to vibration. Visual inspection may reveal signs of physical damage, oxidation, or looseness.

Damage if not resolved: Short circuits, earth faults, risk of electric shock. The safety system becomes unreliable, being unable to intervene in the event of real danger or causing continuous unjustified interruptions, leading to the same risks mentioned in 7.1.

7.3 Electromagnetic Interference (EMI) / Radio Frequency (RFI)

Why it happens: High frequency electromagnetic fields generated by inverters, electric motors, welding machines, induction furnaces, wireless devices or power cables that run too close to safety sensor signal cables. These disturbances can induce spurious voltages on the signal cables, which the safety relay misinterprets as a violation.

How to confirm it: The problem often occurs when a specific nearby equipment is activated. The oscilloscope, connected to the sensor signal cables, will show disturbances (spikes, noise) related to the activation of the EMI/RFI source. The network analyzer can detect disturbances on the power line.

Damage if not resolved: Erratic operation of the safety system, inexplicable and frequent machine stops, stress on the electronic components of the safety relay. Difficulty maintaining the required Performance Level (PL).

7.4 Internal Failure of the Safety Relay / Safety PLC

Why it happens: Aging of electronic components (e.g. capacitors, semiconductors), overheating due to insufficient dissipation, overvoltages on the power line, design errors (firmware bugs), or incorrect programming of the safety logic.

How to confirm it: The manufacturer's diagnostic software is the primary tool for reading internal error codes, firmware status and programming logic. If the fault persists after all external causes have been ruled out and a replacement safety relay functions correctly, the fault is probably internal. The thermal imaging camera can identify areas of abnormal overheating on the relay PCB.

Damage if not resolved: The safety relay may fail unpredictably, either in safety mode (opening the circuit) or, in the worst case, not recognizing a real dangerous condition, making the machine extremely dangerous. Complete loss of safety function.

8. Step-by-Step Resolution Procedures

8.1 Troubleshooting Sensor Alignment / Obstruction

  1. Energy Isolation: Perform the LOTO procedure on the machine.
  2. Cleaning: Carefully clean the optical sensor lenses with a soft, lint-free cloth and a specific non-abrasive detergent. Remove any physical obstructions in the sensing field.
  3. Precise Alignment: Use a laser calibrator or digital level to realign the sensor (emitter and receiver) according to the manufacturer's specifications. For light curtains, make sure the receiver's signal indicator is at its highest level. Tightening the fixing screws with a torque of 5 Nm (check OEM manual).
  4. Functional check: Remove LOTO, re-power the machine. Test the sensor by interrupting the beam with an opaque object of the smallest detectable size. The security system must deactivate immediately.

8.2 Restoring Wiring Integrity

  1. Energy Isolation: Perform the LOTO procedure on the machine.
  2. Inspection and Testing: Visually inspect the entire cable run. Use the insulation tester (500V) to locate the fault point. Measure the continuity resistance with the DMM.
  3. Repair / Replacement:
    • If the damage is localized and minimal, repair with CEI EN 60529 certified joints (min. IP67) and heat shrinkable.
    • For extensive or critical damage (e.g. PL-e sensor cables), replace the entire cable with one of the same characteristics (section, shielding, bending resistance, CE certification).
  4. Protection and Routing: Protect the cables with flexible sheaths or corrugated tubes in compliance with CEI EN 60204-1. Ensure correct routing, avoiding sharp corners and areas of friction or high temperatures. Maintain a minimum distance of 30 cm from the power cables.
  5. Functional check: Remove LOTO, re-power the machine. Perform a functional test of the affected safety system.

8.3 EMI/RFI Interference Mitigation

  1. Energy Isolation: Perform the LOTO procedure on the machine to work on the wiring.
  2. Source Identification: Use the oscilloscope to correlate disturbances on signal cables to the activation of specific equipment.
  3. Mitigation Techniques:
    • Shielding: Make sure that all safety cables are shielded and that the shielding is properly earthed (only at one end, at the electrical panel, to avoid ground loops).
    • Separation: Increase the distance between the power cables and the signal cables (min. 30 cm). If the crossing is unavoidable, do it at a right angle.
    • Filters: Install EMC filters (e.g. ferrites, line filters) on power cables of noise sources or on sensitive signal cables, if necessary.
    • Earthing: Check the integrity of the general earthing system of the machine and the electrical panel, according to the CEI EN 60204-1. The earth resistance must be < 4 Ohm.
  4. Functional check: Remove LOTO, re-power the machine. Test the machine by activating suspected disturbance sources and monitoring the behavior of the safety system.

8.4 Safety Relay Replacement / Firmware Update / Programming Correction

  1. Energy Isolation: Perform the LOTO procedure on the machine.
  2. Diagnostic Software: Connect the PC to the safety relay using the diagnostic software. Download the current configuration for backup.
  3. Intervention:
    • Hardware failure: Replace the safety relay with an identical or equivalent model, with the same safety certifications (PL/SIL). Reload the saved configuration.
    • Firmware: If analysis indicates a known bug, update the relay firmware to the latest and most stable version provided by the manufacturer.
    • Programming: If you identify a logic error, modify the programming and reload it onto the relay.
  4. Functional check: Remove LOTO, re-power the machine. Perform a complete test of all safety functions involved, simulating all dangerous conditions and checking response times (e.g. drive stopping time).

9. Preventive Measures

Root Cause Prevention Strategy Monitoring Method Recommended Interval
Incorrect alignment/obstruction of sensors Regular cleaning of sensors, visual inspection of brackets, use of protective covers Visual inspection, alignment check with laser calibrator Weekly (cleaning), Monthly (inspection), Quarterly (alignment check)
Damaged wiring/faulty connections Check cable integrity, clamp tightening, protection from mechanical wear, optimal routing Visual inspection, insulation resistance test (Megger), continuity test with DMM, thermal imaging camera on terminal blocks Semi-annual (inspection), Annual (insulation test)
EMI/RFI interference Correct installation and earthing of shields, separation of power/signal cables, EMC filters Monitoring with an oscilloscope during the start-up phase of new equipment or after layout changes Punctual verification (on request or after infrastructural changes)
Internal safety relay/PLC fault Maintain adequate panel ventilation, monitor internal panel temperature, update firmware (if recommended) Temperature monitoring with thermal imaging camera, relay event log control, panel fan control Monthly (temperature/ventilation), Yearly (log control, firmware update check)
Power supply voltage fluctuations Installation of voltage stabilizers, surge protection, power quality control Monitoring with network analyzer Every six months or in case of network problems

10. Spare Parts and Essential Components

Having critical spare parts in stock significantly reduces machine downtime in the event of a breakdown. Consult the E-catalog UNITEC for specific product details.

Part Description Key Specifications When to Replace UNITEC category
Safety Relay PL/SIL, Safety category, Supply voltage, Number of safety contacts, Functions (e.g. stop monitoring) In the event of an internal non-repairable fault or after a high number of activation/deactivation cycles (refer to the manufacturer's MTBF). Industrial Automation / Safety Components
Safety Photoelectric Barriers Type (Type 2/Type 4), Protected height, Resolution, Operating distance, Connection In the event of a catastrophic failure (emitter/receiver), physical damage, or inability to maintain alignment. Industrial Sensors / Machine Safety
Safety Limit Switches Actuator type (roller, lever, rod), Contacts (NC, NO), Body material, IP protection rating Mechanical wear of the actuator, contact failure (resistance check), physical damage to the body. Electromechanical Components / Safety Switches
Shielded Security Cables Section, Number of conductors, Shielding (braid/foil), Insulating material, Flexural strength, Color Damage to insulation, interruption of conductors, deterioration of shielding, degradation due to external agents. Cables and Connections / Signal Cables
M12/M8 Safety Connectors Number of pins, Coding (A, B, D), IP protection rating, Body material Physical damage (breakage, deformation), contact oxidation, deteriorated seals. Cables and Connections / Industrial Connectors

For availability and ordering, please visit our UNITEC E-catalog.

11. References

  • UNI EN ISO 13849-1: Safety of machinery – Safety-related parts of control systems – Part 1: General principles for design.
  • CEI EN 60204-1: Machinery safety – Electrical equipment of machines – Part 1: General requirements.
  • EN ISO 12100: Machinery safety – General design principles – Risk assessment and risk reduction.
  • OEM Operation and Maintenance Manuals: Always consult the specific documentation of the manufacturer of the machine and of the safety components installed.
  • Related UNITEC Maintenance Guides: Further diagnostic guides available at www.unitecd.com/maintenance-guides/.

Related Articles