FIELD OF THE INVENTION The invention relates to a lockout and tagout sequence control system, for example, positive control to prevent accidental energising of machinery or systems while they are being repaired or serviced when a specified sequence of locking and tagging of equipment is a undertaken as prerequisite. BACKGROUND TO THE INVENTION

The main function of lockout and tagout (LOTO) is to establish a means of positive control to prevent accidental energising of machinery or systems while they are being repaired or serviced. The LOTO process follows a sequence of disconnection or the isolation of equipment from an energy source and then affixing a locking device secured with a pad lock followed by a tag as a warning and confirmation of the actions taken. Each padlock has a dedicated key which is housed in a “Key Control Box” after the placement of the padlock. On completion of the series of lock installations, the keys are retained in the “Key Control Box” which is locked with a master lock and key. A second master lock is placed on the “Key Control Box” by the Supervisor confirming that placement of the first master lock.

The master keys are held by the person responsible for implementing the specific Lockout and tagout process and the supervisor. In this way the resetting of the isolated points is controlled.

In a situation where locking devices and padlocks cannot be fitted after the energy source is isolated, only a “Tagout” is done by fixing a tag as a warning that the system status has changed. Lockout and tagout systems are also used as a means of controlling the safe transfer of hazardous substances from mobile or permanent vessels to an intended destination routed through a network of pipelines, valves and pumps. The process followed will be the same procedure as it would for hazardous energy isolation described above. Following a predetermined sequence of isolation and opening of valves, the equipment used to transfer is energised.

Policies and procedures are normally established where a designated individual is responsible for managing the process and ensuring the relevant documentation record is in place together with specific authorised personnel appointed for the implementation of the LOTO process.

In both scenarios, hazardous energy isolation and hazardous substances transfer there are limitations, constraints and a potential for human error in the current LOTO practices whereby:

1. The sequence criteria may not be followed exactly, however the complete process could be concluded though incorrectly and may not even be evident with documentation scrutiny.

2. In the event a sequence is compromised the is potential risk that residual energy may still be present and during maintenance and reinstatement of the system.

3. In the transfer process hazardous substances could end up in the incorrect destination. 4. A step in the sequence may be skipped unintentionally and lockout may have been omitted completely.

5. Unauthorised or un-trained personnel may have access to or use the system.

6. Accidental release of energy. In current manual lockout and tagout processes, the above errors have led to safety breaches and accidents. Existing lockout and tagout procedures and controls have attempted to ensure safety however, the demands for quick turnaround times required by maintenance and production personnel and their effect on the profitability of operations has increased the potential for human error and accidents. This has made the need for improved systems to mitigate the risks outlined above or at least provide alternatives to current practices has become necessary.

SUMMARY OF THE INVENTION

The inventor thus proposes the lockout and tagout sequence control system which has been developed as a result of an acknowledgement that current lockout and tagout practices can be improved with the implementation of additional hardware and electronic controls supported by authentication protocols the inherent limitations of current loto practices is addressed.

According to a first aspect of the invention, there is provided a lockout and tagout sequencing control system including an application system, a biometric recognition device, a master device sets, a control station, secondary device sets and notification tags, wherein the master device sets, the secondary device sets and notification tags are configured in a mutual relationship with the biometric station and application system where when a request is entered into the application system, acceptance and release is contingent upon an authentication protocol between the control station or the biometric recognition device and the application system.

The lockout and tagout sequencing control system wherein the master and secondary devices may include a lock assembly, key assembly and notification tag each with control modules in communication with the main control module located in in the control station, which in turn is in communication with the control and communication module of the biometric recognition device and the application system. The lock and tagout sequencing control system wherein the key and lock may be original hardware used by placing them in a housing assembly. The lockout and tagout sequencing control system in which the authentication protocol may require that biometric recognition device receives a request from the application system to release a key assembly.

The lockout and tagout sequencing control system wherein the key assembly and lock assembly of the master device may be coded as a unique matched set.

The lockout and tagout sequencing control system wherein each key assembly and lock assembly of the secondary device sets may be coded as a unique matched set together with a notification tag.

According to a second aspect of the invention, there is a provided a method of operating a lock out and tagout sequence control system as claimed in any one of the preceding claims, wherein release of the master devices, secondary devices and notification tags is activated upon request from the application system contingent upon authentication from the biometric recognition device which are configured for duplex communication with the devices.

The method may only release the next key assembly upon authentication from the biometric recognition device after receiving a request from the application system which is contingent upon completion and authentication of the previous sequence step. According to a further aspect of the invention, the system is retrofitted to current locks and keys in use without any changes to the hardware design, retaining its functionality but rendering it capable of duplex communication with the biometric recognition device and the application system.

In the sequencing system, the logic of the sequence control may be divided into 6 sequence stages with each stage defined by the actions that coincide with the main hardware element of the system. The main hardware elements may be one or more of the application system, the biometric recognition device, the master device sets (key assembly and lock assembly, secondary device sets (key assembly and lock assembly) and notification tags.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 to Figure 7 show process flow charts for the invention which flow charts representative of the sequence steps of operations in the Sequence Control between the Application System (100), Biometric Recognition Device (200), Master Device Sets (300), Secondary Device Sets (500) and Notification tag (600). Figure 8 shows a control station 400 and application system 100:

1. Control Station (400) enclosure housing the Biometric Recognition Device (200), Master Device Sets (300), Secondary Device Sets (500) and Notification Tags (600); and

2. A Tablet where the Application System (100) control program will be loaded.

Figure 9 shows a control station assembly (400) with its main cover removed allowing access to the master device sets (300) and the biometric recognition device (200). Figure 10 shows the control station (400) with its secondary device set enclosure open to access secondary device sets (500) and notification tags (600).

Figure 11 shows a control station rear view with the rear panel removed showing 1 . The space available to house the control module.

2. The position of the solenoid valves to release the key assemblies.

Figures 12 and 13 show Master Device Set 1 and Set 2 wherein:

1 . Key assemblies showing the placement of the original key in the key assembly housing and space available for the control module.

2. Lock Assembly showing placement of the original lock in the lock assembly housing and space available for the control module

Figure 14 shows secondary device sets with:

1 . Key Assemblies showing the placement of the original key in the key assembly housing and space available for the control module;

2. Lock Assembly showing the placement of the original lock in the Lock Assembly housing and space available for the control module; and

3. Each secondary device set is a matched set of a key assembly and lock assembly.

Figure 15 shows a notification tag 1 . A framed enclosure to house a standard/original notification tag

2. A housing to accommodate the control module to link the device a Key and lock assembly set. DESCRIPTION OF EMBODIMENTS OF THE INVENTION

The invention will now be described, by way of non-limiting examples only, with reference to and incorporating Figures 1 to 15. Overview

In an embodiment of the invention, a lockout and tagout sequencing control system comprising of an application system (100), biometric recognition device (200), master device set (300), control station (400), secondary device sets (500) and notification tags (600). the control station (400) and accompanying master device sets (300), secondary device sets and notification tags are configured in a mutual relationship with the biometric recognition device (200) and application system (100). The mutual relationship between the Control Station (400), Biometric Recognition Device (200) and the Application System (100) is such that when a request is entered into the Application System (100), acceptance and release is contingent upon an authentication protocol between the Control Station (400) or the Biometric Recognition Device (200) and the Application System (100).

Another aspect of the invention is its capability to be added to current systems in use without any changes to the hardware design, retaining its functionality but rendering it capable of duplex communication with the biometric recognition device (200) and the application system (100).

The logic of the sequence control is divided into 7 sequence stages. Each stage is defined with actions that coincide with the main hardware element of the system ie the application system (100), biometric recognition device (200), master device set (300), control station (400), secondary device sets (500) and notification tags (600). The process flow charts in Figure 1 to Figure 7 depicts the sequence of the process and the interrelationship between the stages, their steps and relevant hardware elements. The first four stages relate to processes pre field installation and the next three stages relate to processes in the field.

Sequence Stages

Stage 1 - Seguence Activation Figure 1 The starting point of the process commences at this stage by choosing one of two options. Either selecting an existing pre-programmed sequence or creating a new sequence. This is managed and controlled by the Application system (100) and biometric recognition device (200). Stage 2 - Master Device Set 1 - Key & Lock Assembly Release (301) Figure 2

In this stage the master key assembly (301.1) release is requested following the successful activation of the selected sequence program. A fingerprint scan on the biometric recognition device (200) confirms that the person initiating the step is authorised to do so and allows withdrawal of the master key assembly (301.1). This will allow the authorised person to release the master lock assembly (301.2). The key assembly is then lodged into its housing to conclude this stage.

Stage 3 - Master Device Set 2 - Key & Lock Assembly Release (302) Figure 3

In this stage the master key assembly (302.1) release is requested following the successful activation of the selected sequence program. A fingerprint scan on the biometric recognition device (200) confirms that the person initiating the step is the authorised supervisor allowing the withdrawal of the master key assembly (302.1). This will allow the authorised person to release the master lock assembly (302.2). The key assembly (302.1) is then lodged into its housing to conclude this stage. Stage 4- Control Station Activation (400) Figure 4

With the release of the master lock assembly 301.2 and 302.2 the control station (400) can be activated to gain access to the secondary device sets (500). The activation stage of the control station (400) includes the replacement of the master key assembly 301.1 and 302.1 , master lock assembly 301.2 and 302.2 in their respective slots and confirmed on the application system (100). This sequence needs to be fulfilled before access to the secondary device set (500) is granted. The fingerprint biometric recognition (200) again confirms that the person initiating this step is authorised and matches the fingerprint biometric recognition in Stage2.

Stage 5 - Secondary Device Set Release and Installation (500) Figure 5

This stage is the start of field operations. When requested The application system (100) allows the first secondary device set key assembly (501.1) sequence to be activated and released. The released secondary device key assembly (501.1) is used to open the secondary device lock assembly (501.2) which is installed to hold and secure the locking mechanism with the equipment in the designated controlled state. Stage 6 - Notification Tag Installation (600) Figure 6

On confirmation that the Secondary device lock assembly set (501.2) is installed and the secondary device key assembly (501.1 ) is returned to its slot in the control station (400) the application system (100) then will allow the matching notification tag (601) to be installed and close the loop for this secondary device set (501 the next secondary device set (502) can be released.

Stage 7 - Verification & End Seguence Figure 7 Confirmation of each secondary device installation is sent electronically to the check list in the application system (100) and signed off by the authorised supervisor with the matching fingerprint scan recorded in stage 3 when the sequence END is reached. Control Philosophy

The defining principles of the control philosophy for each step in the sequence are:

1. SELECTION

2. ACTIVATION

3. CONFIRMATION 4. EXECUTION

5. ACCEPTANCE

The detailed steps in executing a (lock out, tag out) LOTO sequence is described below and shown in process flow charts Figure 1 to Figure 7 Stage 1 - Sequence Activation Figure 1

1. Select Program from the Application System (100)

2. Confirm If Existing Sequence is selected

3. If Yes, Activate Sequence on the Application System (100)

4. If No, load a new Sequence 5. Update the Application System (100)

6. Match Sequence on the Biometric Recognition Device (200)

7. Initiate Supervisory Action to Confirm (100)

8. Activate Sequence on Application System (100)

9. Confirm Biometric Fingerprint Recognition (200) 10. If Confirmed, Accept to Proceed (100) 11. If Biometric Recognition (200) is not confirmed initiate Supervisory action (100)

12. Activate Sequence on Application System (100)

13. Confirm Biometric Fingerprint Recognition (200)

14. Accept to Proceed (100)

Stage 2 - Master Key Device Set 1 Release (301) Figure 2

1. Initiate Master Key Assembly (301.1 ) Release on Application System (100)

2. Activate Master Key Assembly (301.1 ) Release on Application system (100)

3. Confirm Biometric Recognition (200) 4. If Biometric Recognition (200) is not confirmed initiate Supervisory action

5. If Confirmed, Accept to Proceed (100)

6. Master Key Assembly (301.1 ) is Released

7. Accept to Proceed (100)

8. Withdraw Master Key Assembly (301.1 ) 9. Open Master Lock Assembly (301.2)

Stage 3 - Master Key Device Set 2 Release (301 ) Figure 3

1. Initiate Master Key Assembly (302.1 ) Release on Application System (100)

2. Activate Master Key Assembly (302.1 ) Release on Application system (100) 3. Confirm Biometric Recognition (200)

4. If Biometric Recognition (200) is not confirmed initiate Supervisory action

5. If Confirmed, Accept to Proceed (100)

6. Master Key Assembly (302.1 ) is Released

7. Accept to Proceed (100) 8. Withdraw Master Key Assembly (302.1 )

9. Open Master Lock Assembly (302.2)

Stage 4 - Control Station Activation (400) Figure 4 1. Activate access to Control Station (400) on Application System (100)

2. Confirm Biometric Fingerprint Recognition (200)

3. If Biometric Recognition (200) is not confirmed initiate Supervisory action

4. If Confirmed return Master Device Sets (Key and Lock Assembly) to their respective slots 5. Confirm Biometric Recognition (200)

6. If Biometric Recognition (200) is not confirmed initiate Supervisory action

7. If Confirmed Accept to proceed on Application System (100)

Stage 5 - Secondary Device Set Release and Installation (500) Figure 5 1. Initiate the first Secondary Device Key Assembly (501.1 release on Application

System (100).

2. Remove Secondary Device Key Assembly (501.1 ) from Control Station (400).

3. Accept to Proceed (100).

4. Remove Secondary Device Lock Assembly (501.2) and open lock 5. Accept to Proceed (100).

6. Execute Field Device Locking Mechanism Installation.

7. Activate Process Change to energise or de-energise the equipment/process.

8. Confirm status change on Application System (100).

9. Complete Secondary Device Lock (501.2) Installation. 10. Return Secondary Device Key Assembly to its respective slot in the Control Station (400).

10. Accept on Application System (100) to Proceed. Stage 6 - Notification Tag (600) Figure 6

1. Initiate the first Notification Tag (601 ) Release on Application System (100)

2. Remove Notification Tag (601) form the Control Station (400)

3. Capture details on Notification Tag (601)

4. Accept actions on Application System (100) to Proceed 5. Fix Notification Tag (601 ) to Lock Assembly (501.2)

6. Link Notification Tag (601) to Lock Assembly (501.2) on Application System (100)

7. “Lock” the linked Notification Tag (601) and Lock Assembly (501.2) on Application System (100). 8. Accept to Proceed (100)

Stage 7- Verification & End Sequence Figure 7

1. Initiate SOP Check List Verification on Application System (100)

2. Complete Checklist on Application System (100) 3. Confirm Equipment LOTO Status (501 and 601) on Application System (100)

4. Accept to Proceed to “Options to Proceed”

Options to Proceed The control philosophy allows flexibility in continuing or terminating at any time depending on the no of LOTO sequences that are required to complete the process.

The options are: A. Release the next secondary device set to continue the sequence.

1. Steps to follow for the next secondary device set (502) will be as detailed in

Stage 5 Secondary Device Set Release and Installation Figure 5

B. Select an additional control station when all the devices from the preceding control station have been installed and additional secondary devices are required to complete the program.

1. “Close” the current control station.

2. Activate a new control station and link to previous one on the application system (100) 3. Continue sequence steps from Stage 1 (sequence activation) Figure 1

C. “Sequence End”. Follow steps as detailed below.

End Sequence

1. Activate “Lock” control station (400) on the application system (100)

2. Return secondary device lock assemblies.

3. Close the secondary access enclosure in the control station (400).

4. Lock control station (400) with master lock assemblies (301.2 & 302.2) 5. Return master key assemblies (301.1 & 302.1 ) to their respective slots.

6. Confirm closure on application system (100) 7. Accept to proceed to completion of SOP checklist on application system (100)

8. Close and “Lock” sequence on application system (100)

9. Confirm biometric recognition (200) that the sequence is “Locked Out and Tagged Out” 10. Print completed sop checklist from application system (100)

11. Sign Off SOP

12. Confirm on application system (100) “END LOCKOUT TAGOUT SEQUENCE”

TECHNICAL OVERVIEW The components, their key design criteria, functionality and interface required to implement this program is described below. The system will be validated for operating conditions in accordance with the hardware and electronic limitations specified by the hardware manufacturers.

Referring to Figure 8 to Figure 15.

Application System (100)

The application system (100) will be central to the execution and control of the LOTO sequence.

1. The control program will be developed to interface with the biometric recognition (200) software, the coded master key (300), the coded secondary device keys and locks (500) and the notification tags (600).

2. The application system is a standard tablet device, ATEX rated with an android/windows operating system.

3. While the sequence control system described herein preferable uses a tablet device as the application system, implementation may also be via a laptop computer.

Control Station (400) The control station is a portable box and will house the following components:

1. Biometric recognition device (200)

2. Master device sets (301 & 302)

3. Secondary device set key assemblies (501.1 to 512.1) and lock assemblies (501.2 to 5.12.2).

4. Notification Tags (600)

The control module will be mounted on a retractable console and will be fitted with the control devices, electronics and solenoid switches to interface with the biometric recognition device (200), application system (100), secondary device keys and locks (501.1 to 512.1); (501.2 to 512.2).

Biometric Recognition Device (200)

An optical fingerprint scanner for wet and dry fingerprint recognition with the ability to detect fake fingerprints or manipulations. Operating system is windows/android.

This Device will be housed in the control station (400) and will:

1. Interface directly with the application system (100)

2. Verify selection and activation of the sequence

3. Allow access to the control station (400) 4. Control the release of the master key assemblies (301.1 & 302.1 )

5. Control the release of the master lock assembly (301.2 & 302.2)

Master Device Sets - Key Assembly (301.1 & 302.1)

The original master key without any modifications will be embedded into a purpose made housing fitted with a control module and will be the only means to open the secondary device enclosure to access the secondary device keys and locks (500) This will be achieved by:

1. Coding the master key assembly to a specific master lock assembly.

2. Interfacing with the application system (100)

3. Interfacing with the biometric recognition device (200).

Master Device Sets - Lock Assembly (301.2 & 302.2)

The original lock without any modifications will be fitted into a purpose made housing fitted with a control module and will be the only means to open the secondary device enclosure to access the secondary device keys and locks (500) This will be achieved by:

1. Coding the master lock assembly to a specific master lock assembly.

2. Interfacing with the application system (100)

3. Interfacing with the biometric recognition device (200). Secondary Device Set - Key Assembly 501.1 to 512.1

Each original key without any modifications will be embedded into a purpose made housing fitted with a control module. The secondary device key assembly (501.1 to 512.1 ) will be coded with a unique identifier and linked to the notification tag (600) and secondary lock assembly (501.2 to 512.2) 1. Each Secondary device key assembly release is controlled by a solenoid switch via the application system (100).

3. The secondary device set key assembly will interface with the application system (100) Secondary Device Set - Lock Assembly 501.2 to 512.2

Each original lock without any modifications will be fitted into a purpose made housing fitted with a control module 1. The secondary device lock assembly (501.2 to 512.2) be coded with a unique identifier and linked to the notification tag (600) and secondary key assembly (501.1 to 512.1)

2. The secondary device assembly will interface with the application system (100).

Notification Tag (600)

The notification tag (600) is a purpose made housing where the original notification tag is fitted. A control module will be housed in this device.

1. The notification tag (600) has a unique identifier and coded to a specific secondary device key and lock set (500)

2. The notification tag (600) will interface with the application system (100)

3. The notification tag (600) is filled in as a confirmation of preceding actions are complete

4. The sequence step can then be “Locked” to proceed to the verification stage and releasing the next secondary device key and lock set (500) or end the sequence.

Advantageous Effects of The Invention

1. Established LOTO protocols are complied with whilst avoiding errors in incorrect sequence activation and avoiding the accidental release of energy

2. Sequence steps cannot be bypassed or omitted accidentally.

3. Sequences cannot be started or complete without supervisory authentication.

4. Fingerprint biometric recognition ensures that only an authorised person can execute the system. 5. Energising or de-energising of systems can only be undertaken by managing the sequence by the authorised person.

6. The electronic record in the application system captures, secures and stores auditable data. 7. The lock assembly, key assembly and notification tag are uniquely coded as a matched lockout device set to secure an isolation point.

This invention thus arises from the recognition that current LOTO practices can be improved by implementing a control sequence using Master and Secondary Devices, Notification Tags fitted with appropriate electronics coupled with recognition and authentication protocols between a biometric recognition device and an application program on a tablet.