6.5 Breakdown response standard: safe isolation, restart verification
A sudden machine breakdown is a high-pressure event where adrenaline can easily override established, logical protocols. This is precisely when preventable accidents occur. The intense pressure to resume production can lead to dangerous shortcuts, such as bypassing safety guards, skipping Lockout/Tagout (LOTO), or ignoring vital First Article Inspection (FAI). This standard establishes a clear, mandatory sequence of operations: first, secure the scene; second, repair the true root cause; and third, rigorously validate the process before returning the asset to active production.
Safe isolation (LOTO) protocol
Section titled “Safe isolation (LOTO) protocol”Software interlocks or PLC routines should never be solely relied upon for life safety. Software can fail, but a physical, steel padlock provides a tangible barrier.
Physical lockout requirement
Section titled “Physical lockout requirement”- Danger Zone Entry: Whenever a technician must enter a danger zone containing moving parts or high voltage, they are required to apply Physical LOTO.
- The Single Key Rule: The technician performing the work must keep the only key to that lock with them at all times. Using “group locks” without strict, individual verification is not permitted.
Live diagnostic control (“hot work”)
Section titled “Live diagnostic control (“hot work”)”- Controlled Perimeter: If a complex machine requires active electrical power to perform live diagnostics, a Controlled Perimeter must be established.
- Exclusion Zone: Use highly visible red and white barrier tape to exclude all non-essential personnel from a 2-meter radius around the machine.
- The Two-Person Rule: A two-person rule must be enforced for any live diagnostics. The second person has one critical job: to remain at the Emergency Stop (E-Stop) button, ready to press it.
Breakdown diagnosis & repair strategy
Section titled “Breakdown diagnosis & repair strategy”Technicians should be guided to understand the underlying physical failure mode before replacing parts. The goal is to solve the root cause, not just clear an error code.
Inspecting upstream causes
Section titled “Inspecting upstream causes”- The Root Cause: If a physical component has failed, always inspect for the Upstream Cause that led to the failure.
- Actionable Example: If a conveyor drive motor has burned out, check the mechanical load—such as a jammed belt or a seized bearing—before installing a replacement motor. Installing a new motor without addressing the upstream mechanical issue will likely cause the new motor to fail immediately.
Parameter and firmware control
Section titled “Parameter and firmware control”- Strict Logging: If a firmware update or a significant parameter change is required during the repair, that specific digital change must be logged clearly and immediately in the Machine Passport.
- The Risk of Undocumented Changes: Ad-hoc parameter adjustments made under pressure often create subtle, hard-to-trace quality issues later on.
Restart verification (the “handshake”)
Section titled “Restart verification (the “handshake”)”A breakdown repair is not complete when the technician says the machine is fixed. It is only complete when the Quality team has objectively verified the output and confirmed it meets standards.
Step 1: physical guarding check
Section titled “Step 1: physical guarding check”- Action: The technician must systematically verify that all physical safety covers and panels are securely fastened and that all magnetic interlocks are active.
- The Interlock Test: Deliberately attempt to open the main safety guard while the machine is idling in a safe state. If the machine does not immediately trigger an audible alarm and halt all servo motion, do not run it. This indicates the safety circuit is compromised.
Step 2: the mechanical dry run
Section titled “Step 2: the mechanical dry run”- Action: Run a minimum of 5 full, continuous machine cycles without any product in the tunnel or placement area.
- Observation: The technician must check for any abnormal mechanical noise, scraping, or new vibrations.
Step 3: quality validation (first article)
Section titled “Step 3: quality validation (first article)”- Production Requirement: Carefully produce exactly 3 Verification Units using live product.
- Inspection Protocol: These 3 units must undergo immediate 100% inspection, including both Automated Optical Inspection (AOI) and X-Ray inspection.
- The Final Sign-Off: A Quality Engineer must review the inspection data and sign the “Return to Service” tag. Production must not resume without this signature.
Recap: 6.5 Breakdown Response Standard - Safe Isolation and Restart Verification
Section titled “Recap: 6.5 Breakdown Response Standard - Safe Isolation and Restart Verification”| Phase | Action | Requirement | Verification / Control | Document |
|---|---|---|---|---|
| Safe Isolation | Apply Physical LOTO | Mandatory for danger zone entry; technician keeps only key. | Perform “Test Before Touch”: attempt restart after lockout. | — |
| Live Diagnostics | Establish Controlled Perimeter | Enforce two-person rule; second person at E-Stop. | Exclude non-essential personnel within 2-meter radius. | — |
| Repair | Inspect Upstream Cause | Mandatory before replacing a failed component. | Verify mechanical load/root cause (e.g., jammed belt). | — |
| Repair | Log Digital Changes | Required for any firmware or parameter change. | Log change immediately. | Machine Passport |
| Restart | Perform Guarding Check | Verify all covers are secure and interlocks active. | Open main guard while idling; machine must alarm and halt. | — |
| Restart | Execute Dry Run | Run 5 full, continuous cycles without product. | Listen for abnormal noise, scraping, or vibration. | — |
| Restart | Validate First Article | Produce 3 verification units with live product. | 100% inspection (AOI & X-Ray); Quality Engineer sign-off. | Return to Service Tag |