"Significant changes" in the area of safety

Until now, the Machinery Directive (2006/42/EC) regulated the standardization of European safety requirements for machines and systems. After the new Machinery Directive was published on June 29, 2023, machine manufacturers and operators have 42 months to meet the new requirements. The deadline is January 20, 2027.

Numerous innovations

Compared to its predecessor, the new Machinery Directive contains a number of major and minor innovations. For example, under Annex I, Part A, it lists six categories of machinery under "potentially high risk machinery", for which machine manufacturers can no longer declare conformity themselves in conjunction with a harmonized standard, as was previously the case. In future, a notified body must be consulted for this. The term "self-changing machinery" is also new. This is nothing more than a paraphrase for artificial intelligence. On the one hand, this topic has an influence on the question of whether a notified body needs to be involved. On the other hand, the topic should always be included in a risk assessment, as modified software could entail new or higher risks. In extreme cases, it must be considered whether self-learning software could possibly result in a new machine. The first step here is to create a basis for assessment.

Machines must also be "secure" in future

The new EU Machinery Regulation now addresses the topic of "Security". Article 20 refers to the EU Regulation (EU) 2019/881. This regulation is one possible way of fulfilling the requirements of the EU Machinery Regulation. It can be assumed that there will also be suitable harmonized standards for this requirement in the future.

Within the essential health and safety requirements for the design and construction of machinery or associated products in Annex III, protection against software corruption is required, in particular when connecting "devices" (connections to other data sources, such as programming devices or network interfaces) to the machinery. In the style of a basic health and safety requirement, the connection of devices is regarded as a potential risk with regard to the modification of machine-integrated software.

This results in the requirement that the safety functions of the machine must not be impaired. In future, manufacturers must name conformity-relevant parts of their software and protect them against both accidental and intentional changes. Furthermore, in future, every machine must collect evidence of legal or illegal intervention in the software.

Not completely new - but now addressed in clearer terms - is the topic of safety-related software. If such software is brought onto the market solely as a product, it is considered a safety component and is therefore subject to the rules of the Machinery Ordinance.

Long awaited, it is now finally possible to offer the operating instructions for machines in digital form. Printed operating instructions must still be handed out on request. Incomplete machines may also be supplied with digital assembly instructions and a digital declaration of incorporation. In addition, a digital EU Declaration of Conformity will also be permitted in future.

What falls under significant changes?

Of particular importance for operators are the changes to the handling of significant modifications. The new Machinery Directive has been expanded to include definitions of what constitutes a significant change to machinery. A new conformity assessment procedure is always required for the safety of machinery if a machine undergoes major technical modifications, for example in the case of a retrofit. This clarifies that the person who significantly modifies a machine must fulfill all manufacturer obligations.

Machines often undergo their first changes shortly after commissioning. The crucial question is always whether the changes give rise to new or higher risks and whether these could then be safeguarded by the existing or new, simple protective devices. Depending on the answer, the responsibility then lies with the machine operator or the manufacturer. But beware: A significant change can also occur without physical changes to the machine, for example through changes to the software. Programmers should therefore also familiarize themselves with the topic.

Despite mandatory application from 2027, it is already important to plan processes and long-term projects accordingly so that the design of machines takes future requirements into account. Cybersecurity is a new protection goal. For some manufacturers, this means revising their existing safety concepts.