In modern manufacturing, Programmable Logic Controllers (PLCs) are the backbone of automation. They control machines, coordinate processes, and keep production moving efficiently. However, one of the most dangerous—and surprisingly common—misconceptions in industrial environments is the belief that a standard PLC can be used for safety.
It cannot.
This guide provides a clear, standards-based explanation of what a PLC is, what a Safety PLC is, and why a non-safety PLC must never be used to monitor or control a safety circuit. Whether you are an engineer, safety manager, maintenance leader, or plant manager, understanding this distinction is critical for protecting people, equipment, and your organization from serious risk.
What Is a Standard PLC?
A Programmable Logic Controller (PLC) is an industrial computer designed to automate processes such as:
- Controlling motors, conveyors, and actuators
- Sequencing machine operations
- Monitoring sensors for position, speed, or presence
- Communicating with HMIs, robots, and SCADA systems
Standard PLCs excel at operational control. They are fast, flexible, and programmable—but they are not designed to protect human life.
Core Characteristics of a Standard PLC
- Single-channel logic
- Non-redundant processors
- No internal fault detection for dangerous failures
- No guaranteed safe state on failure
- Program changes possible without safety validation.
In short, a PLC assumes that if it fails, production stops. In safety, failure can mean someone gets hurt or killed.
What Is a Safety PLC?
A Safety PLC is a specialized controller designed, certified, and validated specifically for functional safety applications.
Safety PLCs are used to monitor and control safety devices such as:
- Emergency stop circuits.
- Light curtains and safety scanners
- Safety interlock switches
- Two-hand controls
- Safety-rated door locks
Unlike standard PLCs, Safety PLCs are built to detect faults, tolerate failures, and force machines into a safe state when something goes wrong.
Core Characteristics of a Safety PLC
- Dual or redundant processors
- Continuous self-diagnostics
- Fault detection down to the I/O level
- Certified safety firmware
- Fail-safe outputs
- Validated logic execution
Safety PLCs are certified to functional safety standards such as ISO 13849-1 and IEC 62061, enabling them to achieve Performance Level d (PLd) or Performance Level e (PLe).
PLC vs Safety PLC: Side-by-Side Comparison
| Feature | Standard PLC | Safety PLC |
| Primary Purpose | Automation & productivity | Protection of people |
| Redundancy | No | Yes (processor, memory, I/O) |
| Fault Detection | Minimal | Continuous, self-monitoring |
| Safe Failure Behavior | Not guaranteed | Guaranteed safe state |
| Certified for Safety | No | Yes |
| Allowed for E-Stops & Guards | No | Yes |
| Compliance with ISO 13849 | No | Yes |
Why a PLC Is Not a Safety Device
1. No Control Reliability
Safety standards require control reliability, meaning the system must:
- Detect a single fault.
- Prevent loss of safety function
- Stop the machine safely.
A standard PLC cannot guarantee this. If a PLC output welds, a processor locks up, or memory corrupts, the PLC may continue sending unsafe commands.
2. No Certified Diagnostics
Safety PLCs continuously verify:
- Processor health
- Memory integrity
- I/O consistency
- Timing execution
A standard PLC does not. It can fail silently—exactly the opposite of what safety demands.
3. No Guaranteed Safe State
If a safety device fails, the machine must default to a safe condition (typically stop motion and remove power).
A standard PLC:
- May reboot unpredictably.
- May retain last output state.
- May resume operation without warning.
That behavior is unacceptable for safety circuits.
4. Software Changes Can Defeat Safety
Standard PLC programs can be modified easily—sometimes remotely—without validation, documentation, or safety checks.
Safety PLCs:
- Lock safety logic.
- Require password-protected access.
- Enforce validated programming environments.
- Track changes for compliance.
Common (and Dangerous) Misuses of Standard PLCs
Despite clear standards, these unsafe practices still appear in the field:
- Monitoring emergencies stop circuits with standard PLC inputs.
- Resetting safety faults using PLC logic
- Bypassing safety relays with PLC outputs
- Using PLCs to “check” guard door status instead of safety inputs
- Relying on PLC logic instead of safety-rated devices
These shortcuts often come from cost pressure or misunderstanding—but they create serious legal and moral liability.
What the Standards Say (In Plain Language)
Safety standards are unambiguous:
- Safety functions must use safety-rated components.
- Standard PLCs are not safety-rated.
- Safety functions must meet defined Performance Levels
- Monitoring safety circuits with non-safety devices is not permitted.
If a machine-related injury occurs and a standard PLC was used for safety monitoring, the system is almost guaranteed to be found non-compliant.
When Can a Standard PLC Be Used?
Standard PLCs are still essential—but only for non-safety functions, such as:
- Production sequencing
- Cycle timing
- Machine status monitoring
- Data collection and reporting
- HMI visualization of safety status (read-only)
A PLC can observe safety status, but it must never control or validate the safety function itself.
Safety PLCs vs Safety Relays
Not every machine needs a Safety PLC. In simpler applications, safety relays may be sufficient.
Use Safety Relays When:
- The safety function is simple.
- Few devices are involved.
- No complex logic is required.
Use Safety PLCs When:
- Multiple safety zones exist.
- Muting, blanking, or sequencing is required.
- Machines integrate robots or automation cells.
- Diagnostics and scalability are important.
Both options are safety devices. A standard PLC is not.
The Real-World Consequences of Getting This Wrong
Using a PLC as a safety device can lead to:
- Serious injury or fatality
- OSHA citations and fines
- Invalidated insurance claims
- Lawsuits and criminal liability
- Forced machine shutdowns.
- Costly retrofits after an incident
Most importantly, it puts people at unnecessary risk.
Best Practices for Compliant Machine Safety
To ensure compliance and protect your workforce:
- Perform a formal machine safety risk assessment.
- Identify required Performance Levels
- Use only safety-rated components for safety functions.
- Separate safety logic from standard control logic
- Document, validate, and maintain the safety system.
- Train maintenance and engineering teams properly
Final Takeaway: Automation ≠ Safety
A standard PLC is a powerful automation tool—but it was never designed to be a safety device.
A Safety PLC exists for one reason: protecting human life. It provides redundancy, diagnostics, fault tolerance, and certified performance that a standard PLC simply cannot.
If a circuit is responsible for:
- Stopping motion
- Preventing access
- Removing hazardous energy
…it must be safety-rated.
No exceptions. No shortcuts.
