< News
One of the most overlooked features of machine safety and machine guarding is the safety reset. A safety reset is a manual step designed to stop machines from restarting unexpectedly after an emergency stop, a guard opening, a fault, or even a power failure. In simple terms, it ensures that equipment cannot just power back on without a deliberate human action.
This matters because unexpected start-ups are one of the leading causes of serious workplace injuries. Without a proper reset in place, operators may still be inside a hazardous zone when machinery restarts, creating a dangerous situation. That’s why international standards, from ISO 14118 to machine guarding Australian (and New Zealand) standards AS/NZS 4024, require that reset and start functions are separate and deliberate.
In this article TEG Risk Senior Safety Engineer, KC Senaratne, explains what a safety reset is (and what it isn’t), why it’s critical for preventing accidents and increasing safety in the manufacturing industry, where legislation requires it, hazard identification and risk assessments, and the most common reset design mistakes that can turn a safeguard into a hidden hazard.
What is a Safety Reset – and What It’s Not
A safety reset is intended to prevent unexpected start-up. Unexpected start-ups can happen following an initiation of a safety function, i.e. activation of an interlocked guard, emergency stop, or a presence-sensing device, as well as following a fault condition or a power restoration.
Reset must be a deliberate, manual action that is separate from the start command. Its role is to return the system to a state where a start is permitted, but not initiated. Reset does not equal to start (Reset ≠ Start).
Equally important is that reset is not a “fault-clear” function buried on a touchscreen. Nor should it be treated as a procedural step left to the operators. Its primary purpose is to ensure that the operators can effectively confirm that the hazard area is clear and no one is exposed before machinery resumes operation.
Why It Matters
One of the most common causes of serious incidents and near misses is machines restarting unexpectedly, often due to poorly designed safety resets or the reset function missing altogether.
A few real-world examples:
- Unexpected restart after power loss: A packaging line dropped out during a power dip and restarted automatically when supply was restored. An operator still inside the guarded area had no warning before motion resumed.
- Remote reset with no visibility: A reset was triggered from the far end of the line, with no view into the hazard zone. Another worker was still inside when the machine restarted.
- Reset doubling as start: A reset button was wired so that pressing it also initiated the start cycle. When clearing a guard fault, the first operator accidentally restarted the machine while a co-worker was still reaching inside.
- Reset inside the danger area: A machine had its reset pushbutton mounted inside the fenced enclosure. An operator triggered reset while still in the danger zone, assuming the machine would stay idle, only for it to resume movement immediately after.
- Guard logic not verified: On another site, multiple interlocks were fitted, but the system logic didn’t confirm that all were restored before reset was accepted. This allowed the machine to restart even though one access door remained open.
The consequences are often life-changing for operators and devastating for businesses, with extensive downtime, and potential prosecutions and reputational damage.
The reset function cannot be treated as an afterthought or left to operator procedures. Its function must be considered during risk assessments and designed as an integral part of the overall safety control system.
Reset in Legislation and Standards
The principle of restart-inhibit is embedded across legislation and international standards. For example, in New Zealand, the Health and Safety in Employment Regulations 1995 specifies that machinery must not restart automatically after a stoppage if this could endanger workers. In Europe, the Machinery Regulation (2023/1230) reinforces the same idea, requiring that machines may only restart by deliberate human action, with stop functions always taking priority.
Local and international standards then build on this foundation. AS/NZS 4024.1603 (ISO 14118) on the prevention of unexpected start-up establishes the core rule: no machine may restart automatically after a stop until a deliberate action is taken. AS/NZS 4024.1604 (ISO 13850) on emergency stops specifies that disengaging an E-stop cannot restart a machine where a separate start command is always required.
AS/NZS 4024.1503 (ISO 13849-1) is the key reference for reset requirements, setting out how reset must be integrated into safety-related parts of control systems. ISO 13849-1 2023 edition goes further, recognising that reset may itself be a safety function where it prevents unexpected start-up. Complementing this, IEC 62061 and IEC 62046 provide additional detail, including reset-specific provisions for timing, diagnostics, and the use of presence-sensing protective devices.
Common Reset Design Issues
Despite the clear requirements set out in legislation and standards, reset and restart functions are still a common source of design weaknesses in machinery. Typical issues include:
- Automatic restart after safety function clearance or power loss – prohibited under ISO 14118 (Prevention of unexpected start-up).
- Combined reset and start functions – ISO 13849-1:2023 requires reset to be independent.
- Reset devices inside hazard zones or within reach – contrary to ISO 13849-1 requirements.
- No line of sight from reset to hazard area – violating ISO 13849-1 and IEC 62046.
- Accidental or unintended actuation – e.g. touchscreens or momentary resets (e.g. brushed against) – ISO 13849-1 requires measures against inadvertent reset, and IEC 62061 outlines specific requirements.
- Foreseeable misuse (e.g. holding reset) – addressed in ISO 13849-1 and ISO 14118.
- Reset before diagnostics complete – systems where reset clears a fault before the safety system has confirmed all guards/interlocks are restored.
- Reset overridden by software – HMI/PLC logic bypassing reset without the hardware safety chain.
- Stored energies re-enabled on reset – ISO 14118 requires all energy sources considered.
- Reset not labelled or located too close to start – risking confusion and violating separation principles (ISO 13849-1). EN 60204-1 specifies reset identification including use of colours.
Each of these failures converts a safeguard into a latent hazard.
When Reset Becomes the Weakest Link
Even with robust safeguards in place, a poorly designed reset can undermine the effectiveness of the entire safety function. This risk is particularly acute at full-body access points such as guard doors, gates, or light curtains. In these cases, the reset is often the only control preventing an unexpected restart while a person is still inside the hazard zone.
ISO 13849-1:2023 specifies that when manual reset is required to perform a safety function, such as preventing unexpected start-up, a required Performance Level (PLr) must be determined. Because the overall Performance Level (PL) is determined by its weakest element, an inadequate reset design can reduce the safety rating of the entire system. In simple terms: the safety system is as strong as its weakest link.
Resets may appear minor, but they carry critical responsibility. Done properly, they work quietly to protect workers; done poorly, they can become the point where an otherwise robust system fails.
Concerned about machine safety in your workplace? Our TÜV-certified machine safety experts can help. Book a machine guarding risk assessment today and ensure your systems meet the latest reset and restart safety requirements. We’ll also guide you through other critical safeguards, including LOTO (lock out tag out procedures) and best practices for protecting operators from unexpected start-ups.