advertisement
▼
Scroll to page 2
of 96
OPERATING INSTRUCTIONS Safe Linear Positioning Safety system Described product Safe Linear Positioning Manufacturer SICK AG Erwin-Sick-Str. 1 79183 Waldkirch Germany Legal information This work is protected by copyright. Any rights derived from the copyright shall be reserved for SICK AG. Reproduction of this document or parts of this document is only permissible within the limits of the legal determination of Copyright Law. Any modifica‐ tion, abridgment or translation of this document is prohibited without the express writ‐ ten permission of SICK AG. The trademarks stated in this document are the property of their respective owner. © SICK AG. All rights reserved. Original document This document is an original document of SICK AG. 2 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONTENTS Contents 1 2 3 About this document........................................................................ 7 1.1 1.2 1.3 1.4 1.5 Purpose of this document........................................................................ Scope......................................................................................................... Target groups and structure of these operating instructions................ Symbols and document conventions...................................................... Further information................................................................................... 7 7 7 8 8 Safety information............................................................................ 9 2.1 2.2 2.3 2.4 9 9 9 9 Product description........................................................................... 11 3.1 3.2 3.3 3.4 3.5 3.6 3.7 4 4.2 4.3 4.4 4.5 4.6 4.7 Manufacturer of the machine.................................................................. 4.1.1 Calculating the performance level.......................................... Operating entity of the machine.............................................................. Design........................................................................................................ Integrating the equipment into the electrical control............................. 4.4.1 Circuit diagram......................................................................... Testing plan............................................................................................... Extension and modification...................................................................... Notes on fault detection........................................................................... 4.7.1 Illegible bar codes.................................................................... 4.7.2 Bar code gaps.......................................................................... 17 17 18 18 18 18 18 19 20 20 20 Mounting the sensor unit......................................................................... Mounting the bar code tape.................................................................... Mounting Flexi Soft................................................................................... 21 22 23 Electrical installation........................................................................ 24 6.1 8020941/12O9/2019-08-05 | SICK Subject to change without notice 11 11 11 12 12 13 14 15 15 16 Mounting............................................................................................. 21 5.1 5.2 5.3 6 Product identification............................................................................... Application description............................................................................. Components of the safety system........................................................... Additional components required............................................................. 3.4.1 Requirements for additional components required.............. Structure and function............................................................................. Limits of the safety system...................................................................... Product characteristics............................................................................ 3.7.1 Safety functions....................................................................... 3.7.2 Safe state................................................................................. Project planning................................................................................ 17 4.1 5 General safety note.................................................................................. Intended use............................................................................................. Reasonably foreseeable misuse.............................................................. Requirements for the qualification of personnel.................................... General requirements.............................................................................. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 24 3 CONTENTS 6.2 6.3 6.4 7 24 24 26 28 28 29 30 30 31 31 31 Configuration..................................................................................... 32 7.1 7.2 7.3 7.4 7.5 7.6 7.7 4 Connection and wiring.............................................................................. 6.2.1 Wiring principle........................................................................ Safety controller pin assignment............................................................. Interfaces and signals.............................................................................. 6.4.1 Standard input interface: test signals.................................... 6.4.2 SSI interface............................................................................. 6.4.3 Signal for PDS (SR) - drive (safety-related)............................. 6.4.4 Signal for optional safe brake control.................................... 6.4.5 Safe SLS request signal.......................................................... 6.4.6 Signal for emergency stop pushbutton.................................. 6.4.7 Signal for restart interlock....................................................... Structure and application of the chapter on configuration.................... Requirements for software and firmware............................................... Configuration procedure.......................................................................... 7.3.1 Pre-configured project files..................................................... 7.3.2 Configuring the interface for BG100 motion sensor............. 7.3.3 Configuring speed limits.......................................................... 7.3.4 Configuring position ranges.................................................... 7.3.5 Assigning maximum speeds to the position ranges.............. 7.3.6 Configuring safe cam (SCA).................................................... 7.3.7 Configuring stop ramps........................................................... Expanding and modifying the safety system.......................................... 7.4.1 Configuring additional safety functions................................. 7.4.2 External and internal signal for activating the safely limited speed........................................................................................ 7.4.3 Configuring the override function........................................... 7.4.4 Controlling the safety outputs directly via PLC...................... 7.4.5 Use of internal status information.......................................... Contents of the CPU logic......................................................................... 7.5.1 Disclaimer page....................................................................... 7.5.2 Interface page.......................................................................... 7.5.3 Safe Outputs page................................................................... 7.5.4 Safe Position and Diagnostics page....................................... 7.5.5 Stop/start/reset page............................................................. Contents of the motion control logic....................................................... 7.6.1 Position_Cross_Check page.................................................... 7.6.2 Position_Monitor page............................................................. 7.6.3 Safe Stop page......................................................................... Notes on the Flexi Soft logic editor.......................................................... 7.7.1 Creating or deleting links......................................................... 7.7.2 Jump addresses....................................................................... 7.7.3 Verification of the logic............................................................ 7.7.4 Transfer configuration............................................................. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 32 32 32 33 35 37 40 41 42 45 49 49 51 52 53 53 54 54 55 55 57 61 64 64 66 69 71 71 72 72 72 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONTENTS 8 Commissioning.................................................................................. 73 8.1 8.2 Safety......................................................................................................... Thorough check........................................................................................ 9 Operating the components.............................................................. 74 10 Maintenance of the components.................................................... 75 11 Troubleshooting................................................................................. 76 11.1 Electromagnetic compatibility.................................................................. 11.2 Exchange and repairs............................................................................... 12 13 77 Technical data.................................................................................... 78 13.1 13.2 13.3 13.4 14 76 76 Decommissioning............................................................................. 77 12.1 Disassembly and disposal....................................................................... Data sheet................................................................................................. XTIO module inputs.................................................................................. Dimensional drawings.............................................................................. Response times........................................................................................ 13.4.1 Stopping time in the event of a drive fault............................. 13.4.2 Flexi Soft cycle time................................................................. 13.4.3 Maximum data reception interval........................................... 78 79 80 80 81 81 82 Ordering information........................................................................ 83 14.1 Safe Linear Positioning ordering information......................................... 83 15 Spare parts......................................................................................... 84 16 Accessories........................................................................................ 85 16.1 Connectivity............................................................................................... 17 85 Annex.................................................................................................. 86 17.1 Checklist for initial commissioning and commissioning........................ 17.1.1 Thorough check of the requirements specified in the oper‐ ating instructions for the safety system................................. 17.1.2 Thorough check of the hardware requirements.................... 17.1.3 Thorough check of the Flexi Soft configuration..................... 17.1.4 Thorough check of the Flexi Soft documentation.................. 17.1.5 Thorough check on the process channel (standstill)............ 17.1.6 Thorough check on the process channel (forward move‐ ment)........................................................................................ 17.1.7 Thorough check on the process channel (backward move‐ ment)........................................................................................ 17.1.8 Thorough check of the safety functions................................. 17.1.9 Thorough check of faults on the transmission path.............. 17.1.10 Thorough check for foreseeable misuse and manipulation. 8020941/12O9/2019-08-05 | SICK Subject to change without notice 73 73 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 86 86 87 88 89 90 90 91 92 92 93 5 CONTENTS 17.1.11 Thorough check of the response time of the safety system within the target application................................................... 17.1.12 Thorough check of the check intervals.................................. 6 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 95 95 8020941/12O9/2019-08-05 | SICK Subject to change without notice ABOUT THIS DOCUMENT 1 1 About this document 1.1 Purpose of this document These operating instructions contain the information required during the life cycle of the safety system. This document describes: • • • • • • • • 1.2 The individual components The project planning The mounting and electrical installation, insofar as special measures are neces‐ sary for the safety system The configuration The necessary thorough checks The commissioning The maintenance The troubleshooting Scope These operating instructions contain information regarding the Safe Linear Positioning safety system. NOTICE The operating instructions of the components also apply. In the event of contradictions between the operating instructions, the information specified in the operating instruc‐ tions for the safety system applies. The relevant information must be made available to the employees for all work per‐ formed on the safety system. The following documents contain information regarding the Safe Linear Positioning safety system: Table 1: Documents available for Safe Linear Positioning Document type Title Part number Operating instructions OLM100 Hi linear measure‐ ment sensor 8014310 Operating instructions Flexi Soft in the Flexi Soft Designer software 8012998 Operating instructions Flexi Soft modular safety con‐ troller hardware 8012999 This document is included with the following SICK part numbers (this document in all available language versions): 8020939 1.3 Target groups and structure of these operating instructions These operating instructions are intended for the following target groups: project devel‐ opers (planners, developers, designers), installers, electricians, operators, and mainte‐ nance personnel. These operating instructions are organized by the life phases of the safety system: project planning, mounting, electrical installation, commissioning, operation and main‐ tenance. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 7 1 ABOUT THIS DOCUMENT 1.4 Symbols and document conventions The following symbols and conventions are used in this document: Safety notes and other notes DANGER Indicates a situation presenting imminent danger, which will lead to death or serious injuries if not prevented. WARNING Indicates a situation presenting possible danger, which may lead to death or serious injuries if not prevented. CAUTION Indicates a situation presenting possible danger, which may lead to moderate or minor injuries if not prevented. NOTICE Indicates a situation presenting possible danger, which may lead to property damage if not prevented. NOTE Indicates useful tips and recommendations. Instructions to action 1.5 b The arrow denotes instructions to action. 1. 2. ✓ The sequence of instructions for action is numbered. Follow the order in which the numbered instructions are given. The check mark denotes the result of an instruction. Further information www.sick.com The following information is available via the Internet: ■ ■ ■ ■ ■ ■ ■ ■ 8 This document in other languages Operating instructions and installation instructions of SICK components suitable for the safety system The Flexi Soft Designer configuration software Pre-configured project file for Flexi Soft Designer for this safety system Export file of the pre-configured project file for use in various Flexi Soft CPU mod‐ ules Complete subsystems for SISTEMA for this safety system Circuit diagram for the safety system (ePLAN) Guide for Safe Machinery (“Six steps to a safe machine”) O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice SAFETY INFORMATION 2 2 Safety information 2.1 General safety note The information and tools will not fulfill the safety requirements for your application without further adjustments being made. The project planning provided by way of exam‐ ple is intended to serve as the basis to allow you to perform your own project planning and programming in line with your specific requirements. What this means is that the information and tools merely provide an example to demonstrate how a safety function can be taken care of. When it comes to your own project planning and programming, you will need to rely on qualified staff given that it is your responsibility to ensure that the following require‐ ments are complied with at the very least: b b b 2.2 Carrying out a risk assessment Taking into account applicable standards Verifying and validating the safety function Intended use The Safe Linear Positioning safety system is designed for applications in which the posi‐ tion of linear drive systems (e.g., on rail systems) must be reliably detected. Safe Linear Positioning is used to protect people. In terms of the Machinery Directive, Safe Linear Positioning is a safety component that guarantees a safety function. 2.3 Reasonably foreseeable misuse It may not be possible for the system to detect a potential mounting error that involves the distance between a sensor and bar code tape falling outside of the permissible range. For mounting instructions, see "Mounting the sensor unit", page 21. WARNING There is a risk of death or serious injury if the protective device is not working effec‐ tively. b Comply with the permitted speed. The maximum permitted speed for this safety system is 4,000 mm/s. The speed must not exceed this limit. If a lower maximum speed applies to the application in question, it must be configured as the maximum speed limit. 2.4 Requirements for the qualification of personnel The protective device must be configured, installed, connected, commissioned, and ser‐ viced by qualified safety personnel only. Project planning For project planning, a person is considered competent when he/she has expertise and experience in the selection and use of protective devices on machines and is familiar with the relevant technical rules and national work safety regulations. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 9 2 SAFETY INFORMATION Mechanical mounting, electrical installation, and commissioning For the task, a person is considered qualified when he/she has the expertise and expe‐ rience in the relevant field and is sufficiently familiar with the application of the protec‐ tive device on the machine to be able to assess whether it is in an operationally safe state. Configuration For configuration, a person is considered competent when he/she has the expertise and experience in the relevant field and is sufficiently familiar with the application of the protective device on the machine that he/she can assess its work safety aspects. Operation and maintenance For operation and maintenance, a person is considered competent when he/she has the expertise and experience in the relevant field and is sufficiently familiar with the application of the protective device on the machine and has been instructed by the machine operator in its operation. 10 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice PRODUCT DESCRIPTION 3 3 Product description 3.1 Product identification The part number of the safety system is located on the packaging. Further topics • 3.2 "Ordering information", page 83 Application description The Safe Linear Positioning safety system is designed for applications in which the safe position monitoring of linear drive systems is required. Target applications are, for example: • • • • • Skillet conveyors Cranes Storage and retrieval systems (SRS) Gantry robots Applications in which movable devices need to be positioned in relation to a refer‐ ence The safety system fulfills the requirement of detecting the safe absolute position in the case of linear drive systems. This makes it possible, for example, to safely delimit posi‐ tion ranges within which the maximum permitted speed is safely reduced so as to pro‐ tect people and materials. The system can be used to determine the current movement status, including, e.g., the position, speed, and acceleration at any point in time. If movement statuses cannot be reliably detected or if there is a fault, the safety-related task of the safety system is to switch the relevant parameterized outputs of the safety controller to the safe state. If it is necessary to initiate and/or safely monitor a ramp or speed reduction at certain positions, the safety system provides the corresponding safe position data alongside the underlying safety functions for the machine. Additional safety functions can be added to the safety system. OLM100 Hi absolute displacement sensors (optical linear measurement sensors) from SICK are used to monitor linear movements. These are opto-electronic sensors that can measure product travel paths without moving parts. The sensors orientate themselves using a bar code tape attached along the product travel path, using a visible, red LED beam. By reading the bar code, the linear measurement sensors determine the absolute position and deliver this via an interface. The Flexi Soft safety controller from SICK, which also forms part of the safety system, uses appropriate diagnostics mea‐ sures to check whether the absolute positions of the OLM100 Hi sensors are plausible. 3.3 Components of the safety system Safe Linear Positioning components • 2 x OLM100 linear measurement sensor • Flexi Soft safety controller main module • Flexi Soft safety controller expansion module - I/O module (8 inputs, 4 outputs) • Flexi Soft safety controller expansion module - motion control module (Flexi Soft Drive Monitor) • Flexi Soft safety controller system plug • X-junction 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 11 3 PRODUCT DESCRIPTION Implementing all the safety functions for the application requires a complete system consisting of sensors, a controller, actuators, and control switches. This safety system comprises sensors and a controller only and is therefore only a subsystem. The require‐ ments for the additional components are defined in the system documentation. The user is responsible for the safe design of the complete system and all safety functions. The machine manufacturer must refer to the standard general guidelines for creating safety functions within their application (see "Limits of the safety system", page 14). 3.4 Additional components required The following components are also essential for using the safety system in an applica‐ tion: • Bar code tape NOTE All necessary components, such as the drive and safety brake, influence the parame‐ ters of the entire application that relate to safety technology. The components must therefore have an MTTFd value that is suitable for the entire application and satisfies the necessary performance level. The necessary performance level results from the risk assessment. For evaluating the performance level achieved, subsystems for SISTEMA are available under: www.sick.com 3.4.1 Requirements for additional components required All safety-related components must be checked to ensure that they are suitable for use with this safety system. This also applies to components that are not specified by this safety system. The safety values for the SLS request signal, the drive, the safe torque off (STO) function, and the optional brake must be selected such that they at least comply with the PL e general safety level. The structure must correspond to category 4. The following table shows examples of PFHD values that allow for PL e to be reached. Table 2: PFHD values when a brake is used (safe brake control) Component PFHD value Subsystem T130: SLS request signal PFHD ≤ 6 x 10-9 Subsystem R110 PDS (SR) - safe torque off (STO) function PFHD ≤ 2.2 x 10-8 Subsystem R120 brake (optional) PFHD ≤ 4 x 10-8 Table 3: PFHD values when a brake is not used (no safe brake control) Component PFHD value Subsystem T130: SLS request signal PFHD ≤ 6 x 10-9 Subsystem R110 PDS (SR) - safe torque off (STO) function PFHD ≤ 6.7 x 10-8 If a safety brake (R120) is not used, the SLS request signal (T130) and the safe torque off (STO) function of the drive (R110) may have even worse PFHD values when it comes to still reaching PL e. 12 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice PRODUCT DESCRIPTION 3 NOTE The user of this safety system must ensure that all components used comply with the requirements of category 4, PL e in accordance with EN ISO 13849-1 (or SILCL3 in accordance with EN 62061). 3.5 Structure and function On the sensor side, the safety system consists of two OLM100 Hi linear measurement sensors with a shared bar code tape. On the controller side, the system consists of the safe Flexi Soft controller, which is made up of the CPU main module, safe XTIO I/O mod‐ ule, and the FX3-MOC1 Drive Monitor module. The complete system is divided up into the sensor and controller main modules, which include submodules and general functional modules. Sensor Bar code tape measure OLM 1 Voltage supply SSI Voltage supply Test request SensorIDs SSI Voltage supply OLM 2 Splitter MOC 1 CPU CPU MOC 1 Assessment Safe Control Logistics Safe Control Logistics Assessment Input XTIO Output XTIO Assessment Assessment SSI Communication Control Safe outputs Control Test signal (from the process) Figure 1: System concept The rail system of the linear drive has a bar code tape, e.g., on the mounting rail. Bar codes are printed onto the bar code tape at fixed distances with linearly increasing dis‐ tance information. The two OLM100 Hi linear measurement sensors read the bar codes at each position independently. The motion control module of the safety controller uses the rate of change of the positions read to determine the vehicle’s speed and direction of travel. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 13 3 PRODUCT DESCRIPTION The test signals from the process controller are used to check the plausibility of the direction of movement and standstill (see "Interfaces and signals", page 28). OLM 1 is the leading sensor within this sensor system. Its position data is used within the Flexi Soft safety controller, e.g., to monitor a safely delimited position and to poten‐ tially also monitor the speed. It is connected to the ENC1 input of the FX3-MOC1 mod‐ ule, and its position data is used by the FX3-MOC1 and by the process controller via a splitter in the X-junction. This means that the user of the safety system has the option of configuring the ENC1 input of the FX3-MOC1 as an SSI master or SSI listener in line with the application in question. OLM 2 is connected only to the ENC2 input of the FX3-MOC1 module, meaning that the ENC2 interface is configured as an SSI master. The position data from OLM 2 is used for testing and diagnostic action. The linear measurement sensors are numbered when the X-junction is connected. The connector plug for the OLM 2 has a colored mark and must be connected to the linear measurement sensor for which the bar code tape displays a higher position value. The two linear measurement sensors (OLM 1 and 2) output a code via the sensor ID signals that can be used by the Flexi Soft safety controller to identify them. 3.6 Limits of the safety system The system represents the part of the safety chain (partial safety function) that com‐ bines the sensor and logic. This does not, however, rule out the possibility of expanding the chain with additional logic elements (e.g., a higher-level control). The output switch‐ ing elements of the Flexi Soft can also be used to control actuators. The block diagram illustrates the limits of the safety system. For the user, they end at the terminals of the Flexi Soft controller. 1 2 3 4 5 6 Figure 2: Block diagram for the safety chain 14 1 Sensor 2 Flexi Soft safety controller 3 Actuator O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice PRODUCT DESCRIPTION 3 4 Emergency stop 5 Reset/restart 6 External SLS request NOTICE The area outside of this system falls within the user’s area of responsibility. The actuator is not part of the safety system. These components must be introduced by the user of the safety system in order to implement the full safety function. They must be taken into account in the overall assessment. 3.7 Product characteristics 3.7.1 Safety functions The Safe Linear Positioning safety system offers the following functions: • Safe stop 1 ° This stop function corresponds to stop category 1 as per EN 60204. • Safe stop 2 ° This stop function corresponds to stop category 2 as per EN 60204. • Safe position monitoring ° The Safe Linear Positioning safety system enables reliable position monitor‐ ing through the SCA (safe cam) and SLS (safely limited speed) functions. • Safely limited speed ° The position ranges within which only limited speeds are permitted must be saved as parameters in the Flexi Soft safety controller program. The Safe Lin‐ ear Positioning safety system determines these position ranges automatically and monitors the speed. If the maximum permitted speed is exceeded, the Flexi Soft safety controller initiates a safe stop 2. ° The safely limited speed can also be activated by an internal signal in the controller or an external signal. This makes it possible for external processes to activate monitoring of the safely limited speed. WARNING There is a risk of death or serious injury as the protective device cannot be relied upon to monitor speeds that are too low. Select the correct components in line with the risk assessment. The lowest speed that can be monitored will depend on the sensor unit in use. It is either 75 mm/s (part number 1087575) or 9 mm/s (part number 1090629). • 8020941/12O9/2019-08-05 | SICK Subject to change without notice Emergency stop (shutting down in an emergency) ° The safety controller of the Safe Linear Positioning safety system provides a safe dual-channel input to allow for the machine to be shut down in an emer‐ gency. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 15 3 PRODUCT DESCRIPTION • Safe brake control (optional) ° With this safety system, there is the option of using the “safe brake control” (SBC as per EN 61800-5-2) safety function to control a brake when standstill has been detected following a completed stop request (SS1). The Safe Linear Positioning safety system has a dual-channel safety output for this purpose. The user will be presented with the requirement for a brake in the results of the risk assessment performed for the specific system. NOTE The user is responsible for the safety-focused hardware design of the brake. The requirements of category 4, PL e (EN ISO 13849-1) must be fulfilled. A fault in the brake must not lead to the loss of the safety function. Preparations are also made for the implementation of an override function. However, there is no logic available in this safety system for the activation of this function. If an override function is required, the user is responsible for safely implementing it. 3.7.2 Safe state In the safe state, the accordingly configured safe switching outputs are in the off state. The machine is and remains switched off. The safe state is initiated in the following cases: • • • • • • • • • If one of the safety functions provided by the FX3-MOC1 motion control module is triggered If one of the safety functions programed in the Flexi Soft CPU is triggered If there are connection problems with the signal cables between at least one OLM100 Hi and the FX3-MOC1 If the required voltage supply to at least one of the FX3-CPU, FX3-XTIO, FX3-MOC1 components and the OLM100 Hi fails If implausible or impermissible events are detected for at least one of the two OLM100 Hi sensors If the statuses of the test signals supplied by the process are implausible or imper‐ missible If there are faults with the OLM100 Hi sensor If there are internal faults with the FX3 modules If an impermissible OLM100 Hi sensor is used When the safety system initiates the safe state, the machine manufacturer and user must ensure that the hazard is rectified. Delivery state When delivered, Q1 and Q2 of module 1 are the parameterized safe switching outputs. 16 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice PROJECT PLANNING 4 4 Project planning 4.1 Manufacturer of the machine DANGER Hazard due to lack of effectiveness of the protective device In the case of non-compliance, it is possible that the dangerous state of the machine may not be stopped or not stopped in a timely manner. b b Use of the safety system requires a risk assessment. Check whether additional protective measures are required. Comply with the applicable national regulations derived from the application (e.g., work safety regulations, safety rules, or other relevant safety guidelines). The safety system was developed under consideration of typical application cases. A partial safety function can be implemented with the safety system in these application cases. The manufacturer must check whether the safety system is suitable for its spe‐ cific application case (risk assessment). If the thorough check shows that the safety system is not suitable for the specific appli‐ cation case, the safety system can be used as a basis for an individualized develop‐ ment. This case will not be considered further in this document. In any event, additional work is necessary for the safety system to be used, e.g., subse‐ quent configuration of the safety controller. The manufacturer has the following duties: b b b b b 4.1.1 Performing a risk assessment in accordance with ISO 12100 Verifying safety functions that are not part of this safety system Validating all safety functions Integrating the individual components in accordance with the appropriate stan‐ dards Please note that C standards have priority compared to statements about this safety system Calculating the performance level The file provided for SISTEMA can be used to calculate the performance level achieved. It is necessary to enter the values of the components actually used and to define the measures taken to protect against failures with the same cause. The manufacturer of the machine must decide which measures are to be taken against failures with the same cause in the case of subsystems they have developed. These measures must be selected in the SISTEMA project file for each user-defined subsys‐ tem. An overall result of 65 must be achieved at the very least. WARNING Certain indicators for the individual components were used as the basis for calculating the values for the subsystems. Accordingly, the subsystems are only valid if the selected components of the safety system meet all requirements, see "Additional components required", page 12. During the development of the safety system, certain measures against common-cause faults were implemented or defined. Some of these measures must be taken into account during implementation, see "General requirements", page 24. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 17 4 PROJECT PLANNING 4.2 Operating entity of the machine DANGER Hazard due to lack of effectiveness of the protective device In the case of non-compliance, it is possible that the dangerous state of the machine may not be stopped or not stopped in a timely manner. b b 4.3 Changes to the electrical integration of the safety system in the machine control and changes to the mechanical mounting of the safety system necessitate a new risk assessment. The results of this risk assessment may require the entity operat‐ ing the machine to meet the obligations of a manufacturer. Changes to the safety system’s configuration may impair the protective function. The effectiveness of the safety system must be checked after any change to the configuration. The person carrying out the change is also responsible for maintain‐ ing the protective function of the safety system. Design This chapter contains information about implementing the design of the safety system. Any design-related contents of the relevant operating instructions also apply. The follow‐ ing information is provided in the operating instructions for the linear measurement sensor: • • 4.4 Bar code tape variants Mounting of the bar code tape Integrating the equipment into the electrical control NOTE Several safety functions are generally necessary in order to ensure a safe design for the entire application. This requires additional components that are not part of the safety system, such as switches, fuses, and contactors. The circuit diagrams contain informa‐ tion on wiring the safety system with additional components within an application. 4.4.1 Circuit diagram A more detailed circuit diagram for Safe Linear Positioning is available online: www.sick.com/Safe_Linear_Positioning For the detailed pin assignment of the safety controller, see "Safety controller pin assignment", page 26. 4.5 Testing plan The safety system must be thoroughly checked by appropriately qualified safety person‐ nel during commissioning, after changes at regular intervals. The regular thorough checks serve to assess the effectiveness of the safety system and to identify defects as a result of changes or other influences (e.g., damage or manipula‐ tion). The manufacturer and user must define the type and frequency of the thorough checks on the basis of the application conditions and the risk assessment. Determination of the thorough checks must be documented in a traceable manner. 18 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice PROJECT PLANNING 4 • • • A thorough check must be carried out during commissioning and following modifi‐ cations. The regular thorough checks of the safety system must fulfill certain minimum requirements. The minimum requirements for the thorough check of the safety system comply at least with the sum of the minimum requirements for the thor‐ ough check of the components of the safety system (see operating instructions of the components). In many cases, depending on the application conditions, the risk assessment can determine that further thorough checks are required. Further chapters • • 4.6 Thorough check, see "Commissioning", page 73 Checklist for initial commissioning and commissioning, see "Annex", page 86 Extension and modification Expansion for additional safety functions Additional safety functions can be implemented to trigger a safe stop 1 or safe stop 2. The hardware of the safety system must not be changed when doing so. For information on configuring additional safety functions, see see "Configuring addi‐ tional safety functions", page 49 Modification Only the following modifications are permitted: • Activation of the safely limited speed function by an external or internal signal (see "External and internal signal for activating the safely limited speed", page 51) NOTE Internal and external trigger signals for activating the SLS function or for integrat‐ ing additional safety functions may only be introduced at the points in the soft‐ ware provided for the respective purpose. Trigger signals and additional safety functions must comply with the required safety level. It is the responsibility of the user to provide proof that this is the case. • • Activation of the override function (see "Configuring the override function", page 52) Relocation of input and output signals to inputs and outputs with the same func‐ tion on the same or a different module WARNING There is a risk of death or serious injury as diagnostics and shock resistance for the protective device are not reliable. b b 8020941/12O9/2019-08-05 | SICK Subject to change without notice Position inputs and outputs on different modules in such a way that they have the same properties in terms of safety technology as the inputs and out‐ puts of the original module. Adjust the current flow diagram accordingly (see "Safety controller pin assign‐ ment", page 26). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 19 4 PROJECT PLANNING • Omission of optional signals for controlling the “Reset required” light, the “Restart required” light, and the brake of a drive NOTE Optional signals do not need to be included if the risk analysis indicates that they are not required. The application must still comply with the required safety level, however. It is the responsibility of the user to provide proof that this is the case. The current flow diagram must be adjusted accordingly (see "Safety controller pin assignment", page 26 and see "Signal for optional safe brake control", page 30) 4.7 Notes on fault detection As a general rule, any fault occurring at the bar code brings about the safe state of the safety system. Owing to the system’s internal sensing behavior, a snapshot of the bar code is assessed as part of the cycle of the system’s internal processing time. This means that, depending on the drive speed, not every single point on the bar code is assessed. If a fault occurs at a point on the bar code and no snapshot has been generated for that point, the system will not detect this fault. This is not critical to safety if correct bar codes can be read again in good time. If read faults are present across a longer dis‐ tance, the system will switch to the safe state. Compliance with the response times (see "Response times", page 80) is ensured. 4.7.1 Illegible bar codes If bar codes are incorrect or if some bar codes have been affixed incorrectly by 180°, it will not be possible to detect them at a speed of more than 3,700 mm/s in the case of a length of up to five continuous bar codes (5 x 30 mm = 150 mm). If the length is more than 150 mm, the system will switch to the safe state. 4.7.2 Bar code gaps If the following values are exceeded, the system will switch to the safe state. 20 Speed of more than Gap not detected 1,000 m/s Up to the length of three bar codes (max. bar code gap = 90 mm) 2,500 m/s Up to the length of four bar codes (max. bar code gap = 120 mm) 3,200 m/s Up to the length of five bar codes (max. bar code gap = 150 mm) O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice MOUNTING 5 5 Mounting NOTE Information is included in the operating instructions for the components. 5.1 Mounting the sensor unit The sensor unit is always fully mounted when delivered. It consists of two OLM 100 Hi linear measurement sensors and a special mounting bracket. The sensors must not be removed from the mounting bracket. By using the mounting bracket and the safety screws for mounting, all of the mechani‐ cal requirements relevant to the system for the two sensors are taken care of in the design and implemented. This reduces the risk posed by foreseeable misuse on the part of the user and by manipulation. The OLM100 Hi sensors are parameterized in advance and special firmware blocks access so that parameters cannot be entered using the SOPAS ET software. Only the approved sensors may be used. The sensor system must be mounted such that the horizontal axis of the mounting plate runs parallel to the bar code tape. The gap required between the sensor (front screen) and the bar code tape must be between 80 mm and 120 mm. A distance of between 100 mm and 110 mm is recommended. WARNING There is a risk of death or serious injury in the event of improper mounting as diagnos‐ tic action cannot be performed reliably. b Comply with the mounting distance stipulated. The beams from the sensor lighting must be positioned centrally on the bar code tape. Figure 3: Distance between sensor and bar code tape If the bar code height is 30 mm, the distance between the lower edge of the mounting plate and the lower edge of the bar code tape must be 22 mm. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 21 5 MOUNTING β ≤ ± 3° 1 2 1 Height of bar code tape 2 Distance between lower edge of sensor unit and lower edge of bar code tape Table 4: Vertical distance dependent upon the bar code tape Height of bar code tape Distance Tolerance 25 mm 13 mm ±3.5 mm 30 mm 9 mm ±3.5 mm 40 mm 4 mm ±8.5 mm 60 mm -6 mm ±18.5 mm 100 mm -26 mm ±38.5 mm 100 ± 20 mm (3.94 ± 0.78) The mounting requirements set out in the operating instructions for the OLM100 Hi must also be followed. 5.2 Mounting the bar code tape WARNING There is a risk of death or serious injury as diagnostics for the protective device are not reliable. Value range monitoring is implemented in the safety system so that diagnostics can be performed. 0 is therefore not permitted as a minimum value and start value. 22 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice MOUNTING 5 The self-adhesive bar code tapes must be stuck so they are facing the same way around along the entire product travel path (either consistently 0° or 180° with respect to the sensor). Small expansion joints and minor points of unevenness can be stuck over. At disruptive points which would cause the bar code tape to be significantly distorted were it to be stuck over, it is possible to cut out an individual bar code at the corre‐ sponding cut marks and not use it. To ensure optimum linearity, the distance between the two cut marks at the resulting gap must be 30 mm. At least two contiguous bar codes must follow after a gap. Continuous output of position values by the sensor unit is only ensured if the width of the gap is not more than 30 mm and the bar codes were separated cleanly at the cut mark. It is recommended that self-adhesive, cut-to-length blank white labels should be stuck over the gap in order to allow it to be traversed without problems. A sequence of bar code tapes with discontinuous measuring ranges is not allowed, oth‐ erwise a continuous position cannot be indicated (position jumps). The safety system will switch to the safe state in the event of discontinuity. SmartPOS repair tape can be stuck over faulty bar code tape across a maximum length of 100 mm. The mounting requirements set out in the operating instructions for the OLM100 Hi must also be followed. 5.3 Mounting Flexi Soft The Flexi Soft safety controller must be mounted in an environment corresponding to enclosure rating IP54 (as per EN 60529), e.g., inside a control cabinet with enclosure rating IP54. Further mounting information can be found in the Flexi Soft hardware operating instruc‐ tions. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 23 6 ELECTRICAL INSTALLATION 6 Electrical installation NOTE Information is included in the operating instructions for the components. 6.1 General requirements Only qualified personnel are allowed to perform the electrical installation work (see "Requirements for the qualification of personnel", page 9). The following measures to prevent common-cause failures must be considered during electrical installation: • • • 6.2 Separation of the signal pathways for the safety system signals, e.g., by separated cable laying Protection against overvoltage, overcurrent, etc. as per the manufacturer instruc‐ tions for the individual components Measures for controlling the consequences of voltage failure, voltage fluctuations, overcurrent, and undercurrent in the voltage supply of the higher-level control Connection and wiring All of the electrical installation work must be performed in accordance with EN 60204-1 (IEC 60204-1). Pre-assembled wiring (X-junction) has been developed for the safety system. If longer cables are required for an application, the sensor cables should be extended using preassembled extension cables. The maximum lengths must not, however, be exceeded (see "Technical data", page 78). 6.2.1 Wiring principle The components must be wired as follows in line with the documentation for the com‐ ponents. 24 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ELECTRICAL INSTALLATION 6 DV +24V = SSI signals from OLM 1 to process control (open cable end) X connector Preassembled cable with SSI signal splitter Safe outputs Output: Test request at OLM 2 Inputs: Test signal Inputs: Sensor IDs “Forward/Reverse” OLM 2 OLM 1 Linear measurement sensor OLM100 Hi (with sign-of-life test) Linear measurement sensor OLM100 Hi Figure 4: Wiring principle From the connector plug on the FX3-MOC1 to the SSI signal splitter, the X-junction must be contained within an electrical installation area. OLM 1 and OLM 2 are numbered when the X-junction is connected. The connector plug for the OLM 2 has a colored mark and must be connected to the linear measurement sensor for which the bar code tape displays a higher position value. The connector plug for OLM 1 does not have a mark. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 25 6 ELECTRICAL INSTALLATION 6.3 Safety controller pin assignment Figure 5: Safety controller setup The connection controller shown corresponds to the delivery state of a complete Safe Linear Positioning system. Since the system can be extended on a modular basis, inputs and outputs can be positioned on the XTIO module or on other modules (XTIO, XTDI, XTDS). WARNING There is a risk of death or serious injury as diagnostics and shock resistance for the protective device are not reliable. b b 26 Position inputs and outputs on different modules in such a way that they have the same properties in terms of safety technology as the inputs and outputs of the original module. Adjust the current flow diagram accordingly (see "Safety controller pin assign‐ ment", page 26). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ELECTRICAL INSTALLATION 6 Table 5: Modules of the safety controller Module 0 Main module FX3-CPUx Module 1 I/O module FX3-XTIO Module 2 Motion control module FX3-MOC1 Module 3 I/O module FX3-XTIO Module 1: inputs Table 6: Function of the connections Connection Function l1 KF100.1 test signal 1 l2 KF100.2 test signal 2 l3 BG100.1.1 OLM sensor ID 1 l4 BG100.2.1 OLM sensor ID 2 l5 B130 SLS request signal l6 B130 SLS request signal l7 SF200 emergency stop pushbutton l8 SF200 emergency stop pushbutton Module 1: outputs Table 7: Function of the connections Connection Function Q1 QA110.1 safety output (STO) Q2 QA110.2 safety output (STO) Q3 BG100.2.2 sensor 2 test request Q4 KF130 stop request Module 2: inputs Table 8: Function of the connections Connection Function Enc1 BG100.1 OLM sensor 1 Enc2 BG100.2 OLM sensor 2 Module 3: inputs Table 9: Function of the connections 8020941/12O9/2019-08-05 | SICK Subject to change without notice Connection Function l1 SF210.1 reset button l2 SF210.2 start button l3 Vacant l4 Vacant l5 Vacant l6 Vacant l7 Vacant l8 Vacant O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 27 6 ELECTRICAL INSTALLATION Module 3: outputs Table 10: Function of the connections 6.4 Connection Function Q1 QA120.1 brake (optional) Q2 QA120.2 brake (optional) Q3 H210.1 “Reset required” light (optional) Q4 H210.2 “Restart required” light (optional) Interfaces and signals The safety system has both safety interfaces and standard interfaces. The Flexi Soft outputs that signal the safe state are considered to be safety interfaces, while those used for test signals and the position value are considered to be standard interfaces. 6.4.1 Standard input interface: test signals NOTE The signals must be compatible with the inputs of the Flexi Soft XTIO module (see "Technical data", page 78). The position values of the sensors are compared with test signals from the non-safe process controller to cover faults occurring at the same time in both channels of the redundant dual-channel sensor system (plausibility check). The direction signals from the drive system or process controller are used as test signals. In this case, the Flexi Soft safety controller always anticipates a notification of a change to the movement direction from the process in the form of the corresponding status of the test signals immediately before the change is made. The test signals must be generated independently of the position data of this safety system (OLM sensor 1). The test signals must be transmitted to the Flexi Soft safety controller via two separate signal cables. Definition of test signals • Test signal 1 active and test signal 2 active = standstill • Test signal 1 active and test signal 2 inactive = forward movement • Test signal 1 inactive and test signal 2 active = backward movement • Test signal 1 inactive and test signal 2 inactive = “safe state” request Table 11: Meaning of signals Signal Meaning Active 24 V are applied to the input of the Flexi Soft controller. Inactive 0 V are applied to the input of the Flexi Soft controller. Forward Movement is taking place in the direction of ascending position values. Backward Movement is taking place in the direction of descending position values. Both signal cables must not be inactive at the same time, so the safe state is initiated in this case. This allows for cable breaks and the like to be detected. 28 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ELECTRICAL INSTALLATION 6 WARNING There is a risk of death or serious injury as diagnostics for the protective device are not reliable. In the event that position data that is not plausible or other safety-critical faults are detected, the non-safe process controller must request the safe state by deactivating both test signals. Time requirements for test signals The difference in time between the test signals from the process controller and the movement status detected by the OLM 100 Hi sensors must not be more than 0.75 seconds. NOTE There may be availability issues if accelerations are less than 60 mm/s2. In this case, the test signals can be delayed by as much as 650 ms. Technical requirements Technical data on the inputs can be found in the operating instructions for the Flexi Soft controller. 6.4.2 SSI interface The position value of OLM 1 is provided to the process controller via the SSI interface. The process controller interface can either be an SSI master or an SSI listener. On that basis, the SSI interface must be configured accordingly on the MOC module. If the process controller is an SSI master, the MOC module must function as an SSI lis‐ tener. If the process controller is an SSI listener, the MOC module must function as an SSI master. Requirements for the process controller SSI interface The requirements for the SSI interface vary depending on the sensor unit in use. Table 12: Requirements for the sensor unit with part number 1087575 Parameter Requirement Protocol frame 24 position data bits +1 error bit Data decoding Binary Transmission rate (SSI master only) 100 kBaud ... 400 kBaud Table 13: Requirements for the sensor unit with part number 1090629 Parameter Requirement Protocol frame 31 position data bits +1 error bit Data decoding Binary Transmission rate (SSI master only) 100 kBaud ... 400 kBaud If the process controller operates its SSI interface as a master, data packets must be transmitted cyclically every 0 ms to 8 ms. In order to guarantee that diagnostics are reliable, the transmission rates of the two SSI interfaces must be set to different values. The interface for OLM 2 is set to 167 kBaud. The process controller SSI interface requires a 120 ohm terminator. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 29 6 ELECTRICAL INSTALLATION 6.4.3 Signal for PDS (SR) - drive (safety-related) This safety system provides output signals for the drive system of an application in order to perform the SS1 and SS2 safe stop functions. Output K100.1 / Q4 - KF130 stop request This non-safe signal is necessary for a safe stop function with a monitored stop ramp. The signal is active Low, meaning that 24 V DC are applied to the output when a stop has not been requested and 0 V are applied when a stop has been requested. The signal can be linked to a device that activates the stop ramp (e.g., process con‐ troller or drive). NOTE This signal does not necessarily have to be used. If the signal is not used, the machine stops immediately upon the Enable torque output signal by means of a safe torque off (STO) function without monitoring the stop ramp. Output K100.1 / Q1+Q2 - QA110.x safety output (STO - safe torque off) This safety signal includes a dual-channel output. The signal is active Low, meaning that 24 V DC are applied to the output when a stop has not been requested and 0 V are applied when the drive torque needs to be deactivated. The safety output signal must be linked to a safe STO input of the drive. This STO input forms part of the safety functions covered by this safety system and must comply with the corresponding requirements (category 4, PL e as per EN ISO 13849-1 or SILCL3 as per DIN EN 62061). The STO function must be wired as shown in the operating instructions for the drive sys‐ tem. The wiring must fulfill the requirements for category 4, PL e as per EN ISO 13849-1. NOTE The dual-channel outputs switch simultaneously. If the STO input of the drive system requires a complementary signal, an additional safety relay with “normally open” and “normally closed” contacts must be put in place. This case will not be considered with this safety system. If the STO input of the drive system only has a single channel, additional measures must be taken to ensure that the relevant safety requirements are complied with. This case will not be considered with this safety system. 6.4.4 Signal for optional safe brake control The manufacturer must use the risk assessment to determine whether a brake and in turn the safe brake control (SBC) safety function are required. This safety system only makes the brake control function possible. The machine manufacturer is responsible for the technical and safety-related configura‐ tion of the brake and the corresponding hardware design. If the risk assessment determines that a brake is needed, it must comply with the requirements of category 4, PL e (EN ISO 13849-1). A fault in the brake must not lead to the loss of the safety function. The respective specifications provided by the manu‐ facturer for the brake must be followed. This safety system comes with the option of a dual-channel output for connecting an external brake. The safe brake control (SBC) safety function can be implemented with this brake. 24 V DC are applied to the output when the brake is released and 0 V are applied when the brake function is activated. 30 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ELECTRICAL INSTALLATION 6 The brake’s safety values must guarantee that the safety level of the overall safety function is PL e. 6.4.5 Safe SLS request signal The safe signal source and the transmission path must comply with category 4, PL e. If an external signal is not used, the function must be deactivated in the logic. The dual-channel inputs for the SLS Request signal must always be set to High (24 V DC) if there is no request for the speed to be limited or if an external signal is not used. If safely limited speed has been requested, both inputs must be switched to Low (0 V). Both channels for the safe SLS Request signal must change their status at the same time, whereby the maximum permitted difference in time is 1 s. 6.4.6 Signal for emergency stop pushbutton The Flexi Soft safety controller provides a dual-channel input signal for an SF200 emer‐ gency stop pushbutton. Depending on the transport system being used within the application, a pushbutton can be mounted directly on the vehicle and near to the rails. The signal path must always correspond to category 4. NOTE The operating entity must press the emergency stop pushbutton at least every six months to test that it is working properly. The device used for shutting down in an emergency must meet the requirements of IEC 60947-5-5. 6.4.7 Signal for restart interlock Manual reset When a protective device requests a stop command, the stop status must apply until a manual reset has been performed. A separate reset device (e.g., a pushbutton) must be relied upon to perform this manual reset and must be in a position that allows for the results of a restart to be overseen. It must be possible for a falling signal edge, triggered by the reset device, to be detected during processing. It should only be possible to reset when all safety functions and protective devices are fully functional and active. The reset device signal forms part of the safety functions. This means that it must have one of the following properties: • • Discrete wiring with the safety logic Transmission via a safety bus system Restarting must not bring about any movements or hazardous situations. The applica‐ tion is only permitted to accept a separate start command after a reset. Starting and restarting An automated restart must only be performed if there is no risk of a hazardous situa‐ tion. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 31 7 CONFIGURATION 7 Configuration 7.1 Structure and application of the chapter on configuration The following chapters provide you with a full overview of the functionality of the soft‐ ware and guide you through the necessary adjustments step-by-step. Some sections are optional for the user, depending on the intended purpose. Modular extension and modification If additional functions are to be added to the software, this is only possible outside of the certified part of the software. For this purpose, APIs can be found in the safety application software supplied by SICK. For further details on using these APIs for modu‐ lar extension and modification, see "Expanding and modifying the safety system", page 49. Functionality in detail For a detailed description of the application software, please refer to "Contents of the CPU logic", page 54 and "Contents of the motion control logic", page 64. 7.2 Requirements for software and firmware Configuration of the functional safety system requires at least the following versions of the software or firmware: Table 14: Minimum versions Minimum version 7.3 Flexi Soft Designer ≥ 1.9.0 Firmware FX3-CPUx ≥ V4.0 Firmware FX3-XTIO ≥ V3.0 Firmware FX3-MOC1 ≥ V2.0 Configuration procedure NOTE The configuration of the software is described on the basis of the English-language Flexi Soft Designer. Information about configuration with Flexi Soft Designer can be found in the Flexi Soft operating instructions in the Flexi Soft Designer configuration software. The application software is already fully programmed and pre-configured for the func‐ tional scope of the safety system. The following steps just need to be taken to complete the process: • • • • • • • 32 Select the correct project file (see "Pre-configured project files", page 33) Configure the SSI interface (see "Configuring the interface for BG100 motion sen‐ sor", page 35) Configure the speed limits (see "Configuring speed limits", page 37) Configure the position ranges (see "Configuring position ranges", page 40) Assign the speed limits to the position ranges (see "Assigning maximum speeds to the position ranges", page 41) Configure safe cam (SCA) (see "Configuring safe cam (SCA)", page 42) Optional: Configure stop ramps (see "Configuring stop ramps", page 45) O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 The additional information provided in this chapter just offers an overview of the soft‐ ware. 7.3.1 Pre-configured project files Pre-configured project files for the safety system are available under the following link: www.sick.com/Safe_Linear_Positioning Separate project files are available for both variants of the sensor and they have differ‐ ent sensor settings. In these project files, all configurable parameters are set to stan‐ dard values. Aside from the project files provided, export files are available on the internet. These correspond to the hardware configuration and logic of the project files, but can be imported into any Flexi Soft CPU module (from firmware version 4.xx). The checksums listed below result. After downloading or importing, it must be checked whether the checksum of the project corresponds to the respective checksum indicated here. The checksums change if modifications are made to the parameters or logic. 7.3.1.1 Project and export file for SSI protocol 24+1 bit (SAPPD3E-14AP003) FX3-CPU0 with Flexi Soft project file ID no. 9288608 Table 15: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 Not assigned MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0xA126F159 Table 16: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI listener 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0xD904FC86 Table 17: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0x771CA6AB FX3-CPU1 with Flexi Soft export file “SSI master” ID no. 9288609 Table 18: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0x05D4F6D0 FX3-CPU1 with Flexi Soft export file “SSI listener” ID no. 9290537 Table 19: Checksum with possible pin assignment on FX3-MOC1 module 8020941/12O9/2019-08-05 | SICK Subject to change without notice MOC input E1 BG100.1 OLM sensor 1 as SSI listener 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0xABCCACFD O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 33 7 CONFIGURATION FX3-CPU2 with Flexi Soft export file “SSI master” ID no. 9288609 Table 20: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0x05D4F6D0 FX3-CPU2 with Flexi Soft export file “SSI listener” ID no. 9290537 Table 21: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI listener 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0xABCCACFD FX3-CPU3 with Flexi Soft export file “SSI master” ID no. 9288609 Table 22: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0x081D56C6 FX3-CPU3 with Flexi Soft export file “SSI listener” ID no. 9290537 Table 23: Checksum with possible pin assignment on FX3-MOC1 module 7.3.1.2 MOC input E1 BG100.1 OLM sensor 1 as SSI listener 24+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 24+1 bit Checksum 0xA6050CEB Project and export file for SSI protocol 31+1 bit FX3-CPU0 with Flexi Soft project file ID no. 9290043 Table 24: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 Not assigned MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0xDEF61431 Table 25: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI listener 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0x06D9C02F Table 26: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0xA8C19A02 FX3-CPU1 with Flexi Soft export file “SSI master” ID no. 9290044 Table 27: Checksum with possible pin assignment on FX3-MOC1 module 34 MOC input E1 BG100.1 OLM sensor 1 as SSI master 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0x40B50E17 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 FX3-CPU1 with Flexi Soft export file “SSI listener” ID no. 9290539 Table 28: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI listener 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0xEEAD543A FX3-CPU2 with Flexi Soft export file “SSI master” ID no. 9290044 Table 29: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0x40B50E17 FX3-CPU2 with Flexi Soft export file “SSI listener” ID no. 9290539 Table 30: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI listener 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0xEEAD543A FX3-CPU3 with Flexi Soft export file “SSI master” ID no. 9290044 Table 31: Checksum with possible pin assignment on FX3-MOC1 module MOC input E1 BG100.1 OLM sensor 1 as SSI master 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0x4D7CAE01 FX3-CPU3 with Flexi Soft export file “SSI listener” ID no. 9290539 Table 32: Checksum with possible pin assignment on FX3-MOC1 module 7.3.1.3 MOC input E1 BG100.1 OLM sensor 1 as SSI listener 31+1 bit MOC input E2 BG100.2 OLM sensor 2 as SSI master 31+1 bit Checksum 0xE364F42C Opening project file 1. 2. 3. 4. 5. ✓ Start Flexi Soft Designer. Click on Project. Click on Open. Select the project file. Click on Open. The project file opens. The Hardware configuration view appears. In the Configuration area, the entire hardware configuration of the Flexi Soft safety con‐ troller and the connected devices is displayed graphically. 7.3.2 Configuring the interface for BG100 motion sensor The FX3-MOC1 Flexi Soft module provides the following inputs: • • 8020941/12O9/2019-08-05 | SICK Subject to change without notice Input ENC1 = OLM sensor 1 Input ENC2 = OLM sensor 2 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 35 7 CONFIGURATION BG100.1 OLM sensor 1 - SSI master This element must be used when the process controller has an interface for an SSI master. In this case, it is the MOC1 module that generates the clock rather than the process controller providing it. BG100.1 OLM Sensor 1 - SSI listener This element must be used when the process controller has an interface for an SSI master. In this case, the process controller provides the clock. WARNING There is a risk of death or serious injury as diagnostics for the protective device are not reliable. Different data transmission rates must be set for OLM sensor 1 and OLM sensor 2 for diagnostic purposes. The transmission rate for OLM sensor 2 is 167 kBaud. It is recom‐ mended that the lowest possible data transmission rate is selected for OLM sensor 1 (100 kBaud). b Select the lowest possible data transmission rate for OLM sensor 1 (100 kBaud). The ENC2 input is already set as SSI master and is used for internal plausibility checks. The correct element (SSI master or SSI listener) must be dragged from the parking area and dropped at the ENC1 input of the MOC1 module. Double-click on the SSI symbol to open up the element settings. 36 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 NOTE The user must not make any changes to the element settings. 7.3.3 Configuring speed limits 1. 2. 3. ✓ Move the mouse cursor to the Logic editor button. Click on K110-2 / MOC1 - Logic editor. Select the Position_Monitor logic page. The view opens. The Position_Monitor page appears. Figure 6: Position_Monitor page view Position ranges can be set and monitored on this page. The two sensors provide sepa‐ rate status signals. This page is protected with a password. Configurations must be set in the Position Moni‐ tor function block. 1. 2. ✓ Move the mouse cursor to the Position Monitor function block. Double-click on the function block. The view opens. The window containing the settings for the function block will appear. Figure 7: Settings window for Position Monitor function block 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 37 7 CONFIGURATION 1. 2. ✓ Move the mouse cursor to the Speed limits button. Click on the Speed limits button. The view opens. The Speed limits window appears. Figure 8: Speed limits settings window with sample values 7.3.3.1 Max. speed limit WARNING There is a risk of death or serious injury if the protective device is not working effec‐ tively. b Comply with the permitted speed. The maximum permitted speed for this safety system is 4000 mm/s. The speed must not exceed this limit. If a lower maximum speed applies to the application in question, it must be configured as the maximum speed limit. 7.3.3.2 Speed limits Within the application, there may be requirements for safely limited speeds (SLS) owing to the risk assessment (e.g., in areas where there are people or ahead of the end posi‐ tions of the rail system). The following speed ranges can be configured for the safely limited speed (SLS) safety function: • • Standstill speed (default values set at the factory) Speed limits 2-9 This means that up to 9 speed limits (including standstill speed) can be configured for up to 10 speed ranges. The lowest speed limit (speed limit 1) is always the standstill speed. 38 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 The Speed ID indicates which speed range the current speed at the Motion in input corre‐ sponds to. Further information on this can be found in the Flexi Soft Designer operating instructions. Table 33: Speed at Motion in input Speed at Motion in input Meaning Speed ID The speed is invalid or unreliable. Invalid 0 One of the standstill conditions is met: Standstill 1 No standstill and speed > standstill speed ≤ speed limit 2 Speed range 2 2 Speed > speed limit 2 Speed ≤ speed limit 3 Speed range 3 3 Speed > speed limit n-1 Speed ≤ speed limit n Speed range n n Speed > speed limit 8 Speed ≤ speed limit 9 Speed range 9 9 Speed > speed limit 9 Speed range 10 10 • • The speed remains lower than the standstill speed for at least as long as the accepted standstill speed. The standstill position tolerance has been determined and not exceeded. Special feature of speed ID 2 The lowest speed that can be monitored depends on which sensor variant is used. The two sensor variants have a different speed acquisition resolution. The minimum speed that is to be monitored within the application should be at least three times higher than the speed acquisition resolution. If this requirement is ignored, the result will be an availability issue rather than a safety problem. OLM linear measurement sensor (order no.: 1087575) • Speed acquisition resolution = 25 mm/s • Lowest speed that can be acquired = 25 mm/s • Lowest speed that can be monitored = 75 mm/s OLM linear measurement sensor (order no.: 1090629) • Speed acquisition resolution = 3 mm/s • Lowest speed that can be acquired = 3 mm/s • Lowest speed that can be monitored = 9 mm/s 7.3.3.3 Speed filter This function is used to enable the system to tolerate short-term increases or reduc‐ tions in speed. The Speed Filter parameter defines the extent to which any breach of the relevant speed limit will be tolerated (filtered). The maximum length of the route that the drive may continue to travel in spite of the fact that the applicable speed limit has been exceeded is 10 mm (this is a default setting). 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 39 7 CONFIGURATION WARNING There is a risk of death or serious injury if the stopping distance is calculated incor‐ rectly. b b The default setting for the Speed Filter parameter is 10 mm and this must be taken into account at the planning stage (see "Response times", page 80). This value must not be changed. As this is not a time-based filter, this function does not increase the response time. Instead, the stopping distance will increase if there is a fault. The stopping distance is increased accordingly with the default setting of 10 mm. This must be considered when calculating the stopping distance. 7.3.4 Configuring position ranges WARNING There is a risk of death or serious injury as diagnostics for the protective device are not reliable. Value range monitoring is implemented in the safety system so that diagnostics can be performed. For this reason, the minimum and maximum values of the bar code tape in use should be configured at the configuration stage. 0 is not permitted as a minimum value. 1. 2. ✓ In the settings for the Position Monitor function block, move the mouse cursor to the Position Ranges button. Click on the Position Ranges button. The view opens. The Position Ranges window appears. Figure 9: Position Ranges with sample values The full position range for the application needs to be configured. The following should be noted here: • • 40 Only the position range that is actually being used within the application should be configured. In the example shown, only one bar code tape should be used from the 100 mm position to 15,000 mm. Ranges requiring a safely limited speed to be monitored must be defined. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 WARNING There is a risk of death or serious injury because the protective device cannot per‐ form the diagnostics function. b • Always set a value greater than zero as the position ID because the position 0 mm is not permitted in this safety system for reasons relating to the diag‐ nostics. If there are position ranges within the application that are not actually permitted, these must also be defined. The maximum possible measuring range of the respective sensor unit must be taken into account too. Larger position values are not permitted. Table 34: Maximum position range depending on sensor unit Maximum position range 7.3.5 OLM100 Hi, part number 1087575 OLM100 Hi, part number 1090629 1,677 m 8,589 m Assigning maximum speeds to the position ranges 1. 2. ✓ In the settings for the Position Monitor function block, move the mouse cursor to the Speed-position-profile button. Click on the Speed-position-profile button. The view opens. The Speed-position-profile window appears. A maximum permitted speed (speed ID) can be set for each position range in order to implement a safely limited speed (SLS) function. To do this, use the mouse to click on the maximum permitted speed limit for each position range. Permissible speed ranges below the speed limit are shown in green. Example: Figure 10: Profile settings for speed/position In this example, the speed ID 1-4 speed limits are assigned to the position ID 1-6 posi‐ tion ranges. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 41 7 CONFIGURATION Position ID 1 is generally an impermissible/unavailable position range and its bar code tape cannot be used because the 0 mm position, which is not permitted in this safety system, is located within it. For this reason, speed ID 1 (standstill) has been assigned here. The same applies to position ID 6 since its position range is beyond the maximum bar code position that is actually being used. WARNING There is a risk of death or serious injury if the protective device is not working effec‐ tively. b 7.3.6 Assign speed ID 1 (standstill) to impermissible position ranges. Configuring safe cam (SCA) In the speed-position-profile, the value of the Position CAM output can be defined for each position range. This allows this output to be used to implement electronic cams. Activated position cams are displayed in green. Permitted position ranges must be configured as position cams. The position CAM out‐ put of the Position Monitor function block is set to logic High as long as the current posi‐ tion is within the permitted position range. If a position falls outside of this range, the position CAM output is set to logic Low. WARNING There is a risk of death or serious injury if the protective device is not working effec‐ tively. b Do not configure position ranges as position cams if they are not permitted. There are further configuration options with the safe cam function. For example, ranges can be defined at the end positions, within which movement is only possible in the direction of the permitted position range. This is shown in the following figure: Figure 11: Safe cam setting range 42 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 The position ID 2-5 position ranges are available within the application. However, the permitted range is limited to position ID 3 and 4 because they have been configured as safe cams. If the end position is overrun (i.e., the application is in position ID 2 or 5) owing to a fault, the application can only move at a reduced speed (speed ID 2) in the direction of position ID 3 or 4 (safe direction - SDI). Several profiles can be used and selected depending on the direction. Further informa‐ tion about the functional scope of safe cam can be found in the Flexi Soft Designer operating instructions. Storage and retrieval system application example Speed reduction is always safely monitored in two stages before the end positions. The position ID 2 and 8 position ranges function as a buffer in case it is not possible to slow down enough owing to a fault. As the speed cannot be very high in this instance owing to the fact that monitoring begins at position ID 4 and 6, the buffer zone does not have to be very large. Figure 12: Safe cam setting range for a storage and retrieval system 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 43 7 CONFIGURATION Figure 13: Speed/distance diagram for a storage and retrieval system: Application example with a range with safely limited speed (SLS) Within this application, the maximum speed is permitted in the position ID 2 and 4 position ranges. This area could, for example, be enclosed or somewhere it is generally not possible for people to be present. In the middle position range, position ID 3, only a safely limited speed (SLS) is permit‐ ted. This may be an assembly area where people work, for example. Figure 14: Safe cam setting range for a range with a safely limited speed (SLS) 44 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.3.7 Configuring stop ramps The Safe Stop function block of the MOC module is used to trigger and monitor the safe stop of a drive system. The drive has to be stopped in a controlled way. The braking torque of the drive can be used to stop the drive more quickly than would be possible in the case of an uncontrolled stop. The Safe Stop function block initiates the stop ramp and monitors to check that the speed reduction is within the permitted range. This corresponds to the SS1-r/SS2-r stop functions as per IEC 61800-5-2 and stop category 1/stop category 2 as per IEC 60204-1. Monitoring of stop ramps is not configured within the default settings for the Flexi Soft software project. This means that without any further configuration the safe torque off (STO) stop function as per IEC 61800-5-2 or stop category 0 as per IEC 60204-1 is per‐ formed in the event of a stop request. 1. 2. 3. ✓ Move the mouse cursor to the Logic editor button. Click on K110-2 / MOC1 - Logic editor. Select the Safe_Stop logic page. The view opens. The Safe_Stop page appears. Figure 15: Safe Stop page view Table 35: Inputs of the function block 8020941/12O9/2019-08-05 | SICK Subject to change without notice Input name Function Motion IN This input receives the Motion signal from the Position Cross Check function block. A fault is detected as soon as the position data from the sensor is no longer reliable. This signal will trigger a safe stop 2 (SS2) at the Safe Stop function block. Safe Stop 1a The SS1 request LowActive signal from the CPU logic is linked to this input. If the signal switches to Low, a safe stop 1 (SS1) is initiated. Safe Stop 2a The SS2 request LowActive signal from the CPU logic is linked to this input. If the signal switches to Low, a safe stop 2 (SS2) is initiated. Safe Stop 2b The PosMon Status signal (status of the Position Monitor function block) is linked to this input. If the current position is not permitted or if the speed exceeds the safe limit, this signal will be set to Low and a safe stop 2 (SS2) will be initiated. Reset The reset signal comes from the CPU logic. A reset signal is required following a safe stop 2 (SS2) or in order to reset the func‐ tion block after a fault has occurred.1 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 45 7 CONFIGURATION Input name Function Inhibit Motion bits reaction The signal comes from component SAPP-FB Safe Position. The signal prevents unintended switching off during the self-test of the safety system. 1 The Safe Stop function block triggers a fault while the override function or Sensor2 test is active. As this is a permitted status that is monitored, the stop request is not forwarded to the drive. In this case, the Safe Stop function block detects a ramp fault. This is automatically reset by the software following an override function or Sensor2 test once the function has been processed successfully. Table 36: Outputs of the function block 7.3.7.1 Output name Function Enable torque This safety signal deactivates the drive’s torque. The signal is transmitted to the CPU logic and has an impact on the safe out‐ puts (dual-channel output signal switching device). Enable brake This safety signal switches off the energy supply for the optional brake. The signal is transmitted to the CPU logic and has an impact on the safe outputs (dual-channel output signal switching device). Stop request This signal triggers the stop ramp of the drive. The signal is trans‐ mitted to the CPU logic and is forwarded either to the process con‐ troller or to the drive directly. Safe Stop - Stop Ramps function block 1. 2. ✓ Move the mouse cursor to the Safe Stop function block. Double-click on the function block. The view opens. The window containing the settings for the function block will appear. The Stop Ramps function block monitors the actual reduction in speed until the drive comes to a standstill. The ramp settings will depend on the application and the compo‐ nents in use (e.g., the drive). Refer to the Flexi Soft Designer operating instructions for further details on how to con‐ figure safe ramp monitoring. The screenshot below shows the standard configuration, with ramp monitoring deactivated. 46 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Figure 16: Stop Ramps function block 7.3.7.2 Safe Stop settings - Standstill Monitoring function block The Safe Stop function block includes a separate function block called Standstill Moni‐ toring. This Standstill Monitoring function block is only used for the Safe Stop function. It is used to determine when a ramp ends or to monitor the standstill position in the case of a Safe Stop 2 function. Figure 17: Standstill Monitoring function block 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 47 7 CONFIGURATION 7.3.7.3 Safe Stop Types function block Figure 18: Safe Stop Types function block Table 37: Types of Safe Stop Type Function Safe Stop Type 1 It is possible to define the number of inputs that can initiate a safe stop 1 (SS1). A delay time can also be set using Off-delay for Enable torque. The Enable torque output is deactivated with this delay time after a standstill has been detected. Safe Stop Type 2 It is possible to define the number of inputs that can initiate a safe stop 2 (SS2). Stop Reset This setting allows for an additional Reset input at the Safe Stop function block. NOTE The stop ramp configuration must be checked thoroughly to ensure that it is correct. The machine manufacturer is responsible for checking whether the application is in line with the risk analysis and risk reduction strategy, and whether it conforms to all applica‐ ble standards and directives. Otherwise, the operator of the machine will be put at risk. 48 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.4 Expanding and modifying the safety system 7.4.1 Configuring additional safety functions Overview Additional safety functions can be added to the safety system to trigger an SS1 or SS2. Important information DANGER Additional safety functions are not part of this safety system. The safety system may not function as intended after implementing additional safety functions. b b b Only implement additional safety functions at your own risk. Ensure that triggering of the safety function leads to appropriate behavior with regards to resetting and restarting. Ensure that the mechanisms are implemented correctly and that the safety func‐ tion is guaranteed. Approach 1. 2. 3. ✓ Move the mouse cursor to the Logic editor button. Click on Logic editor. Click on the Interface logic page. The view opens. The page appears. Figure 19: Request Safe Stop function block 4. 5. 6. Assign additional safety functions to the External_SS1 or External_SS2 jump addresses. Delete the link between static 1 and input 6 (for External_SS1) or input 7 (for Exter‐ nal_SS2). Link the External_SS1 jump address to input 6 or External_SS2 to input 7 of the Rout‐ ing N:N function block. Complementary information • 8020941/12O9/2019-08-05 | SICK Subject to change without notice Example: additional Safe Stop 1 requirement O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 49 7 CONFIGURATION Figure 20: Additional Safe Stop 1 requirement • Example: additional Safe Stop 2 requirement Figure 21: Additional Safe Stop 2 requirement Further topics • 50 "Extension and modification", page 19 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.4.2 External and internal signal for activating the safely limited speed 1. 2. 3. ✓ Move the mouse cursor to the Logic editor button. Click on Logic editor. Click on the Interface logic page. The view opens. The page appears. In addition to the safely limited speed (SLS) function in the Position Monitor function block in the MOC1 module, another such function can be activated in the CPU logic. While any speed ID is possible in the Position Monitor function block, speed ID 2 is used as the limit in this case. Figure 22: Function block view - request for safely limited speed (SLS) Table 38: Function of the inputs Input name Function Input 1 External safe B130 SLS request signal (Low active). If no external source is used for a safely limited speed (SLS) request, B130 SLS request must be removed from input 1 and linked to static 1 instead. Input 2 static 0 at input 2 prepares for a request from an internal source from the CPU logic (High active). If an internal source is used for a safely limited speed (SLS) request, static 0 must be removed and a High active signal used instead. Table 39: Function of the output 8020941/12O9/2019-08-05 | SICK Subject to change without notice Output name Function Output The output is linked to the Bool to UI8 function block in the MOC1 module. If the output is set to logic Low, speed ID 2 is active. If the output is set to logic High, speed ID 10 (maximum speed) is active. The lowest speed ID (either from the Speed/Position Profile function block or the Speed Enable ID input) always has priority. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 51 7 CONFIGURATION No use of the external signal If no external signal is used to activate the safely limited speed (SLS), the B130 SLS request input operand at input 1 of the AND block must be deleted and static 1 con‐ nected instead. The corresponding element at the I5 / I6 input of the K100.1 XTIO module can then be deleted too in the hardware configuration area. Use of an additional internal signal If the safely limited speed (SLS) is supposed to be activated via an internal logic signal, static 0 has to be deleted at input 2 of the AND block and the internal logic signal is to be connected instead. The signal must be logic active High. 7.4.3 Configuring the override function An override function may be required for some applications. This could be the case, for example, if safety is guaranteed by another safety function at a particular moment (e.g., by a safety laser scanner) or if a brief position detection fault can be knowingly accepted (e.g., if there is a code jump or relatively large expansion joint). The pre-configured project file for Flexi Soft Designer is prepared for an override func‐ tion, but does not feature the logic for activating the override function. The user must develop this for the specific application in question. NOTE The override function is not part of the safety system. The user is responsible for ensur‐ ing safe implementation. The requirements for the override function result from the risk assessment that has to be performed by the user. Proof must be provided that the override function meets these requirements (e.g., with SISTEMA). The user also needs to verify and validate the override function. 1. 2. 3. ✓ Move the mouse cursor to the Logic editor button. Click on Logic editor. Click on the Interface logic page. The view opens. The page appears. Figure 23: Function block view - override function requirement 4. 52 Replace Static 0 with a signal that has a logical High value when the override func‐ tion is requested. When the override function is requested, all position errors are ignored. If an override function is used, the Override request jump address must be used. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.4.4 Controlling the safety outputs directly via PLC Important information DANGER This safety system does not include the ability to control the safety outputs directly using process signals. Implementation of the adaptation described in this chapter makes you the manufac‐ turer of a safety system. 1. 2. Carry out the adaptation of the safety system described here only subject to own responsibility. Comply with all manufacturer obligations for development and implementation of a safety system. Approach This modification allows the PLC to switch the safety outputs in the safety system to a safe state at any time. This does not circumvent the safety functions. 1. 2. 3. ✓ 4. Move the mouse cursor to the Logic editor button. Click on Logic editor. Click on the Interface logic page. The view opens. The page appears. Replace Static 1 with signals intended to control the individual outputs. This involves the following assignment between the jump address and safety output: Table 40: Assignment of jump address and safety output Jump address Safety output Stop_request_PLC_ctl K100.1 Q4 stop request STO_PLC_ctl K100.1 Q1 Q2 STO Brake_PLC_ctl K100.3 Q1 Q2 Brake Figure 24: Function block view – Routing Complementary information Controlling the safety outputs directly can, for example, help to control the brake if this is also to be used as a retaining brake 7.4.5 Use of internal status information Overview Jump addresses provide internal status information that can be used in the application. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 53 7 CONFIGURATION Status information for external device monitoring (EDM) Jump addresses that illustrate the status of the safety outputs can be found on the Safe Outputs page. These can be used for retroactive implementation of external device mon‐ itoring. Table 41: Assignment of jump addresses to the safety outputs 7.5 Jump address Safety output Stop_Request K100.1 Q4 stop request STO_enable K100.1 Q1 STO K100.1 Q2 STO Brake_enable K100.3 Q1 Brake K100.3 Q2 Brake Contents of the CPU logic The logic editor contains the following pages: Table 42: Logic editor overview Page name Contents Disclaimer Disclaimer and safety notes Interface Configuration of safe stop request, safely limited speed (SLS) request, and override function request Safe Position and Diagnostics Diagnostics measures used to determine the safe posi‐ tion Stop/reset/restart Configuration of reset and restart Safe Outputs Configuration of safe stop The logic editor uses the following safety application function blocks (SAPP-FBs): • • • • • • Plausibility test SAPP-FB Sensor2 test SAPP-FB Sensor ID SAPP-FB Safe Position 1 SAPP-FB Safe Stop outputs SAPP-FB Safe Stop reset SAPP-FB The SAPP-FBs are protected with a password. The settings in the function blocks are not displayed and cannot be changed. 7.5.1 Disclaimer page This page contains the disclaimer, the version number, and a short description of the application. 54 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.5.2 Interface page Figure 25: Interface page view The following function blocks are available on this page: • • • 7.5.3 Safe stop request Safely limited speed (SLS) request Override function request Safe Outputs page Figure 26: Safe Outputs page view The following function blocks are available on this page: • • Safe Stop outputs SAPP-FB Safe Stop reset SAPP-FB NOTE This page is protected with a password and cannot be configured. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 55 7 CONFIGURATION 7.5.3.1 Safe Stop outputs SAPP-FB function block Figure 27: Function block view - Safe Stop outputs SAPP-FB Table 43: Function of the inputs Input name Function Sensor2_test _active Jump address Safe position Jump address, logic OR, linked to the optional Override signal (jump address) SS1 Request LowActive Jump address SS2 Request LowActive Jump address Override Request Jump address Stop request MOC1 input signal Enable torque MOC1 input signal Enable brake MOC1 input signal Table 44: Function of the outputs 7.5.3.2 Output name Function KF130 stop request Output/XTIO module A non-safe signal that triggers the stop ramp of the drive. QA110 Safety output Dual-channel output/XTIO module, Safety signal that deactivates the drive system’s torque. QA120 Brake - optional Dual-channel output/XTIO module Safety signal that switches off the energy supply for the mechani‐ cal brakes (optional). Override active Jump address Prepares the optional Override function. The logic required to acti‐ vate the Override function is not part of this safety system. If an Override function is required, the user is responsible for safely implementing it. Safe Stop reset SAPP-FB function block Figure 28: Function block view - Safe Stop reset SAPP-FB 56 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Table 45: Function of the inputs Input name Function SensTest reset SafeStop Jump address SS2 Request LowActive Jump address Override request Jump address Table 46: Function of the output 7.5.4 Output name Function Reset Signal to the Safe Stop function block in the MOC1 logic Safe Position and Diagnostics page Figure 29: Safe Position and Diagnostics page view This page contains diagnostics measures that are needed to determine the safe posi‐ tion. The following safety application function blocks (SAPP-FBs) are required here: • • • • Plausibility test SAPP-FB Sensor2 test SAPP-FB Sensor ID SAPP-FB Safe Position SAPP-FB This page is protected with a password and cannot be configured. A message generator function block is also used on this page to generate notifications relating to diagnostics for the specific application in question. 7.5.4.1 Plausibility test SAPP-FB function block Figure 30: Function block view - Plausibility test SAPP-FB 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 57 7 CONFIGURATION The application-specific Plausibility testSAPP-FB function block checks whether the posi‐ tion data from the sensor is plausible. The process control uses test signals to check whether the standstill and direction condi‐ tions read (from the SSI position data) are plausible. In addition, the sensors generate their own standstill signal, which they transmit to the Flexi Soft safety controller via the digital outputs (sensor ID signal). These standstill signals are also used for the plausibility check. Table 47: Function of the inputs Input name Function Test signal 1 KF100.1 test signal 1 from the process control Test signal 2 KF100.2 test signal 2 from the process control Sensor2 test active Sensor2_test active jump address from Plausibility test SAPP-FB Sensor ID Standstill Status Standstill from SensorID jump address from Sensor ID SAPP-FB Sensor 1 Direction Status Sensor 1 direction information from the MOC1 logic Sensor 2 Direction Status Sensor 2 direction information from the MOC1 logic Sensor 1 Standstill Status Sensor 1 standstill information from the MOC1 logic Sensor 2 Standstill Status Sensor 2 standstill information from the MOC1 logic Table 48: Function of the output 7.5.4.2 Output name Function Plausibility test error Result of the plausibility check Sensor2 test SAPP-FB function block The application-specific Sensor2 test SAPP-FB function block detects systematic faults that occur on both sensors at the same time. In the case of this kind of fault, the posi‐ tion data can freeze the two sensors and output a static position. This would be inter‐ preted as a standstill. Test procedure: After a relatively long inactive phase, Flexi Soft sends a query signal to sensor 2 as a test. The sensor then performs an internal test. Flexi Soft can use the data read at the SSI interface to check that the test has been performed successfully and that the test results coincide with the expectations. Figure 31: Function block view - Sensor2 test SAPP-FB Table 49: Function of the inputs 58 Input name Function Standstill Sensor 2 Sensor 2 standstill information from the MOC1 logic SS1 request LowActive SS1 request LowActive jump address from Sensor2 test SAPP-FB SS2 request LowActive SS2 request LowActive jump address from Sensor2 test SAPP-FB Sensor2 _test_active Sensor2_test_active jump address from Sensor2 test SAPP-FB output O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Table 50: Function of the outputs 7.5.4.3 Output name Function Sensor2_test_active Linked to Sensor2_test_active jump address. SensTest reset SafeStop Linked to SensTest reset SafeStop jump address. Sensor2 test error Linked to Sensor2 test error jump address, which is used for the Safe Position SAPP-FB and Message generator. Sensor spot light Linked to the BG100.2.2 Sensor2 test digital output. This activates the test on the sensor. Sensor ID SAPP-FB function block Both sensors supply defined signals (sensor ID 1 and ID 2 signals), which are evaluated by this function block. This ensures that it is only possible to use sensor types that are approved for this safety system. The signals from the two sensors are different so that only sensors with the correct signal behavior can be used together. The sensors generate further process information automatically. This information is transmitted to Flexi Soft and then evaluated. Figure 32: Function block view - Sensor ID SAPP-FB Table 51: Function of the inputs Input name Function Sensor ID 1 BG100.1.1 Sensor ID 1 input Sensor ID 2 BG100.2.1 Sensor ID 2 input These input signals are pulse width modulated. Table 52: Function of the outputs 7.5.4.4 Output name Function Sensor ID error Signal test result Sensor ID Standstill Condi‐ tion Standstill from Sensor ID jump address linked to the application-spe‐ cific Plausibility test SAPP-FB function block. Safe Position function block This function block collates requests for the evaluation of the safe position and gener‐ ates the Safe Position signal. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 59 7 CONFIGURATION Figure 33: Function block view - Safe Position Table 53: Inputs of the function block Input name Function Position Monitor Status Position Monitor Status input signal from the MOC1 logic Position Cross Check Sta‐ tus Position Cross Check Status input signal from the MOC1 logic AbsPosReliability AbsPosReliability input signal from the MOC1 logic Plausibility test error Plausibility test error jump address from Plausibility test SAPP-FB Sensor2 test error Sensor2_test_error jump address from Sensor2 test SAPP-FB SensorID error SensorID error jump address from SensorID error SAPP-FB Sensor2 test active Sensor2 test active jump address from Sensor2 test SAPP-FB Table 54: Outputs of the function block 7.5.4.5 Output name Function Safe Position Linked to Safe Position jump address. A stop is triggered by a logic Low. Inhibit Error Message Linked to Inhibit Error Message jump address. This signal is logic High when a permissible error occurs with the position data. The position date is invalid when sensor2 test is active. In this case, the Inhibit_Error_Message signal stops a false entry being made in the fault diagnostics history. Message Generator function block The Message Generator function block evaluates up to eight inputs. If a signal edge is detected at one of these inputs in accordance with the configuration, the function block sets the associated output to High for the duration of the logic execution and adds a (user-defined) text message to the diagnostics history. It can be read using the Flexi Soft Designer diagnostics function in online mode. NOTE If the voltage supply to the Flexi Soft safety controller is interrupted, this text message will be lost. 60 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Figure 34: Function block view - Message Generator Table 55: Assignment of messages to the inputs in use Inputs Logic active Effect 1 and 2 High The rising signal edge triggers the message. 3 and 4 Low The falling signal edge triggers the message. Figure 35: Configuration view - Message Generator 7.5.5 Stop/start/reset page Figure 36: Stop/start/reset page view This page is protected with a password and cannot be configured. The inputs of the reset/restart function for SS1 and SS2 are linked to the “Interface” page via jump addresses, i.e., the physical inputs are assigned on the “Interface” page. The outputs are also linked to other parts of the safety application software via jump addresses and internal signals. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 61 7 CONFIGURATION This page contains the following function blocks: • • • 7.5.5.1 Safe Stop 1: Reset and Restart Safe Stop 2: Reset and Restart User-defined function block used to control a light for two function blocks for reset‐ ting and restarting Reset for Safe Stop 1 function block Figure 37: Function block view - Reset for Safe Stop 1 With the Reset function block, the requirements of the safety application are fulfilled as set out by the EN ISO 13849-1 standard for detecting a manual safety stop with a sub‐ sequent request to restart the application. As soon as E_Stop is no longer set to High, Safe Stop 1 is initiated. If the E_Stop input is set to High, the release condition has been met. A reset signal (Reset_SS1) with a pulse duration of at least 100 ms sets the Enable output to High. This is a release condition for the Restart function block. The Enable and Reset required outputs are used in order to use the optional H210.1 Reset required light by means of the user-defined Lamp reset/restart required function block. 7.5.5.2 Restart for Safe Stop 1 function block The Restart function block allows for a graphical distinction to be made between the function blocks. As soon as the Release 1 input is no longer set to High, it initiates the Safe Stop 1 func‐ tion. A valid reset sequence at the Reset function block is required in order for a restart to be performed. If the Release input is set to High, the release condition has been met. The Enable output is set to High when a restart signal (Restart_SS1) lasts for a pulse duration of at least 100 ms. The Enable output is linked to the MOC1 logic via an AND function block in order to initi‐ ate the Safe Stop 1 function with the Safe Stop function block. The output is also linked to the SS1 Request LowActive jump address, which notifies other parts of the CPU logic that a Safe Stop 1 request has been issued. 7.5.5.3 Triggering a Safe Stop 1 with additional safety functions The Safe Stop 1 function can also be triggered by additional safety functions. The AND function block connects additional safety functions via the Input 1 input, which is linked to the External_SS1 jump address. Further topics • • 62 "Extension and modification", page 19 "Configuring additional safety functions", page 49 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.5.5.4 Reset for Safe Stop 2 function block Figure 38: Function block view - Reset for Safe Stop 2 With the Reset function block, the requirements of the safety application are fulfilled as set out by the EN ISO 13849-1 standard for detecting a manual safety stop with a sub‐ sequent request to restart the application. As soon as the Safe Position and Override active jump addresses are no longer set to High, the Safe Stop 2 function is initiated. If the Reset_SS2 input is set to High, the release condition has been met. A reset signal with a pulse duration of at least 100 ms sets the Enable output to High. The Enable and Reset required outputs are used in order to use the optional H210.1 Reset required light by means of the user-defined Lamp reset/restart required function block. 7.5.5.5 Restart for Safe Stop 2 function block The Restart function block allows for a graphical distinction to be made between the function blocks. As soon as the Release 1 input is no longer set to High, the Safe Stop 2 function is initi‐ ated. A valid reset sequence at the Reset function block is required in order for a restart to be triggered. If the Restart input is set to High, the release condition has been met. The Enable output is set to High when a restart signal (Restart_SS2) lasts for a pulse duration of at least 100 ms. The Enable output is linked to the MOC1 logic via an AND function block in order to initi‐ ate the Safe Stop 2 function with the Safe Stop function block. The output is also linked to the Safe Stop 2 jump address, which notifies other parts of the CPU logic that a Safe Stop 2 request has been issued. The Enable and Reset required outputs are used in order to use the optional H210.1 Reset required light by means of the user-defined Lamp reset/restart required function block. 7.5.5.6 Triggering a Safe Stop 2 with additional safety functions The Safe Stop 2 function can also be triggered by additional safety functions. The AND function block connects additional safety functions via the Input 2 input, which is linked to the External_SS2 jump address. Further topics • • 8020941/12O9/2019-08-05 | SICK Subject to change without notice "Extension and modification", page 19 "Configuring additional safety functions", page 49 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 63 7 CONFIGURATION 7.5.5.7 Function block for optional light The Reset required or Restart required output of the Reset or Restart function block provides a frequency of 1 Hz to indicate that the function block is anticipating a valid reset or restart pulse. As the light can be controlled using both the Safe Stop 1 function block and the Safe Stop 2 function block, the ratio between pulse and pause would be random if OR were used. Figure 39: View of function block for optional light 7.6 Contents of the motion control logic 1. 2. ✓ 7.6.1 Move the mouse cursor to the Logic editor button. Click on K110.1 - MOC0[1] - Logic editor. The view opens. The page appears. Position_Cross_Check page Figure 40: Position_Cross_Check page view This page is protected with a password and cannot be configured. The purpose of this function block is to cross-check the speed. 64 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.6.1.1 Position Cross Check function block Figure 41: Function block view - Position Cross Check SAPP-FB This function block compares position values from two different signal sources and checks that the difference between the position values falls within the tolerance zone. Table 56: Function of the inputs Input name Function Sensor 1 BG100.1 OLM sensor 1 (at MOC1 input ENC1) Sensor 2 BG100.2 OLM sensor 2 (at MOC1 input ENC2) Inhibit_Error_ Message This signal comes from the CPU logic and is set to High when a permissible error occurs with the position data. The position data is invalid when the sensor 2 test is active. The Inhibit_Error_Message signal stops an entry being made in the diagnostics file in this case. Table 57: Function of the outputs Output name Function Motion data cross checked The Motion data type adds additional diagnostics information to all information provided by the motion sensors. If the diagnostics (Motion data type): information relates to both motion sensors, the motion data becomes invalid as soon as there is a fault with one of the two sensors. 7.6.1.2 Status This output indicates whether or not the position cross-check was successful (0 = not successful / 1 = successful). The signal is for‐ warded to the CPU logic. AbsPosReliability This output indicates whether or not the data from both sensors is valid and reliable (0 = invalid / 1 = valid). The signal is forwarded to the CPU logic. Inhibiting the Diagnostics function block during internal tests Figure 42: Function block view - Inhibit_Error_Message signal 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 65 7 CONFIGURATION The Inhibit_Error_ Message signal comes from the CPU logic and is set to High when a permissible error occurs with the position data. The position data is invalid when the sensor 2 test is active. As the Inhibit_Error_ Message signal is linked to the Inhibit‐ Diag.BG100.x diagnostics inputs of both sensors, the signal stops an entry being made in the diagnostics file in this case. 7.6.2 Position_Monitor page Figure 43: Position_Monitor page view Position ranges can be set and monitored on this page. The two sensors provide sepa‐ rate status signals. The application-specific Auxiliary Position Monitor SAPP-FB function block is protected with a password. Configurations must only be set in the Position Monitor function block. 7.6.2.1 Function block for external safely limited speed requests (speed ID 2) Figure 44: Function block for external safely limited speed requests (speed ID 2) This function block converts a Boolean value (at input 1-4) to an integer (UINT8). Table 58: Function of the inputs 66 Input number Function 1 and 3 These inputs are linked to a Static 0 (Signal Low). 2 This input is linked to a Static 1 (Signal High). 4 This input is linked to a CPU logic signal. This means that the inte‐ ger at output 1 can have two values (depending on input 4). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Table 59: Function of the output Output number Function 1 Provides the decoded value as an integer. Table 60: Possible values Input 4 (23) Input 3 (22) Input 2 (21) Input 1 (20) Output 1 x 0 1 0 x +2 0 0 1 0 2 1 0 1 0 10 Output 1 is linked to the Speed Enable ID input of the Position Monitor function block. This means that the signal from the CPU (input 4) activates either speed ID 2 (minimum speed/speed ID 1 = 0) or speed ID 10 (maximum speed). 7.6.2.2 Auxiliary Position Monitor SAPP-FB function block (application-specific) Figure 45: Function block view - Auxiliary Position Monitor SAPP-FB The application-specific Auxiliary Position Monitor SAPP-FB function block generates status information from sensor 2. The function block also prepares the Motion signal for the Position Monitor function block, which must be configured by the user. Table 61: Function of the inputs Input name Function Sensor 1 BG100.1 OLM sensor 1 (at MOC1 input ENC1) Sensor 2 BG100.2 OLM sensor 2 (at MOC1 input ENC2) Static 1 Signal High for the function block Table 62: Function of the outputs Output name Function Motion out (Motion data type) The Motion data type adds additional diagnostics information to all information provided by sensor 1. In this case, the diagnostics information only relates to sensor 1. 8020941/12O9/2019-08-05 | SICK Subject to change without notice Sensor 2 Direction Status The status bit of sensor 2 is forwarded to the CPU logic. Sensor 2 Standstill Status The status bit of sensor 2 is forwarded to the CPU logic. Sensor 2 AbsPosValid The position data from sensor 2 is checked to ensure that it is valid (1 = valid/0 = invalid). The status bit is forwarded to the CPU logic. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 67 7 CONFIGURATION 7.6.2.3 Position Monitoring function block Figure 46: Function block view - Position Monitoring The Position Monitor function block is the central module for monitoring all positions and speeds within the application. It receives the Motion information from the leading sensor 1 via the Auxiliary Position Monitor SAPP-FB function block. Table 63: Function of the input Input name Function Motion In (Motion data type) The Motion data type adds additional diagnostics information to all information provided by sensor 1. In this case, the diagnostics information only relates to sensor 1. Speed Enable ID The maximum permitted speed range can be selected in the form of an external integer using the Speed Enable ID input. If the current speed at the Motion input is greater than the selected speed range, the Monitor Status output is set to logic Low. The value can be 2 (lowest speed) or 10 (highest speed) (see "Position_Monitor page", page 66). It is guaranteed that the lowest speed ID (either from Speed/Position Profile or Speed Enable ID) always has priority. Table 64: Function of the outputs Output name Function Monitor Status The Monitor Status output is set to High during fault-free operation. It switches to Low if an active monitoring function detects a fault. Within this application, this includes the combined status of the following monitoring cases: • • Position monitoring (safely limited position) Speed monitoring (safely limited speed and maximum speed) The Monitor Status is linked to the SCA - Safe CAM output. It is for‐ warded to the CPU logic and the PosMon Status jump address (for use of the MOC1 logic). 68 Direction Status The status bit of sensor 1 is forwarded to the CPU logic. Standstill Status The status bit of sensor 1 is forwarded to the CPU logic. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 7.6.3 Output name Function Position CAM This is the output for Safe CAM. It indicates a signal High when the position is within the permitted range. The signal is linked to Moni‐ tor Status and triggers a stop when the current position is not within the permitted range. The SCA - Safe CAM diagnostics output marked in blue feeds the signal from MOC1 to the CPU logic. This output should not be used for safety signals owing to the long transmission time. If the current position is not within the permitted range, an entry is made accordingly in the fault history through the Message Generator function block. Speed Monitor Status The Speed Monitor Status output is set to High during fault-free oper‐ ation. It switches to Low if the speed exceeds the permitted range. Within this application, an entry is made accordingly in the fault history through the Message Generator function block. This logic is not safety-relevant. The Monitor Status signal takes care of the safe switch-off process. The Speed Monitor Status diagnostics output feeds the signal from MOC1 to the CPU logic. This output should not be used for safety signals owing to the short transmission time. Safe Stop page The Safe Stop function block of the MOC module is used to trigger and monitor the safe stop of a drive system. The drive has to be stopped in a controlled way. The braking torque of the drive can be used to stop the drive more quickly than would be possible in the case of an uncontrolled stop. Figure 47: Safe Stop page view Inputs • Motion IN • Safe Stop 1a • Safe Stop 2a • Safe Stop 2b • Reset • Inhibit Motion bits reaction Outputs • Enable torque • Enable brake • Stop request 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 69 7 CONFIGURATION Table 65: Inputs of the function block Input name Function Motion IN This input receives the Motion signal from the Position Cross Check function block. A fault is detected as soon as the position data from the sensor is no longer reliable. This signal will trigger a safe stop 2 (SS2) at the Safe Stop function block. Safe Stop 1a The SS1 request LowActive signal from the CPU logic is linked to this input. If the signal switches to Low, a safe stop 1 (SS1) is initiated. Safe Stop 2a The SS2 request LowActive signal from the CPU logic is linked to this input. If the signal switches to Low, a safe stop 2 (SS2) is initiated. Safe Stop 2b The PosMon Status signal (status of the Position Monitor function block) is linked to this input. If the current position is not permitted or if the speed exceeds the safe limit, this signal will be set to Low and a safe stop 2 (SS2) will be initiated. Reset The reset signal comes from the CPU logic. A reset signal is required following a safe stop 2 (SS2) or in order to reset the func‐ tion block after a fault has occurred. The Safe Stop function block triggers a fault while the override function or Sensor2 test is active. As this is a permitted status that is monitored, the stop request is not forwarded to the drive. In this case, the Safe Stop function block detects a ramp fault. This must be reset following an over‐ ride function or Sensor2 test. Inhibit Motion bits reaction The signal comes from component SAPP-FB Safe Position. The signal prevents unintended switching off during the self-test of the safety system. Table 66: Outputs of the function block 7.6.3.1 Output name Function Enable torque This safety signal deactivates the drive’s torque. The signal is transmitted to the CPU logic and has an impact on the safe out‐ puts (dual-channel output signal switching device). Enable brake This safety signal switches off the energy supply for the optional brake. The signal is transmitted to the CPU logic and has an impact on the safe outputs (dual-channel output signal switching device). Stop request This signal triggers the stop ramp of the drive. The signal is trans‐ mitted to the CPU logic and is forwarded either to the process con‐ troller or to the drive directly. Stop Ramps function block The Stop Ramps function block monitors the actual reduction in speed until the drive comes to a standstill. The ramp settings will depend on the application and the compo‐ nents in use (e.g., the drive). Refer to the Flexi Soft Designer operating instructions for further details on how to con‐ figure safe ramp monitoring. The screenshot below shows the standard configuration, with ramp monitoring deacti‐ vated. 70 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice CONFIGURATION 7 Figure 48: Stop Ramps standard configuration 7.7 Notes on the Flexi Soft logic editor 7.7.1 Creating or deleting links The logics in the Flexi Soft Designer mainly consist of the following elements: • • • Safety controller inputs Safety controller outputs Function blocks with inputs and outputs Links connect these elements. Links are represented as lines. Every element contains blue anchor points which represent the inputs and outputs of the elements. A link can only be created between the anchor point on the right side of an element and the anchor point on the left side of another element. Creating link 1. 2. ✓ Click and hold the blue anchor point on the right side of an element. Move and release the mouse cursor on the blue anchor point on the left side of an element. A link is created between 2 elements. Deleting link 1. 2. 3. ✓ 8020941/12O9/2019-08-05 | SICK Subject to change without notice Click on the link between 2 elements. Press the Del pushbutton. In the Delete page dialog box, click on the Yes button. The link is deleted. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 71 7 CONFIGURATION 7.7.2 Jump addresses A jump address consists of a source jump address and a destination jump address. The destination jump address assumes the same value (High or Low) as the associated source jump address without any delay time whatsoever – unless it is a loopback. Infor‐ mation on loopbacks can be found in the “Flexi Soft in the Flexi Soft Designer” (8012998) operating instructions. Jump addresses are an elegant option for implementing complex logic relationships. Among other things, jump addresses are used to connect the various pages of logic with each other. 7.7.2.1 Finding source and destination jump addresses that belong together To find the corresponding destination jump address for a source jump address (or vice versa), proceed as follows: 1. 2. ✓ 3. ✓ 7.7.2.2 Adding a new source jump address 1. 2. 3. 7.7.2.3 Drag the Add source jump address symbol from the toolbar on the left of the logic cre‐ ation page into the working range. Enter a unique name in the Create jump mark dialog box. Click on OK. Adding a new destination jump address 1. 2. 3. 7.7.3 Right-click on the source or destination jump address. Click Used on page. A list of all pages containing elements of the jump address is displayed. Click on the desired page. The desired page is displayed. All elements of the jump address are highlighted in color. Drag the Add destination jump address symbol from the toolbar on the left of the logic creation page into the working range. Select the desired jump mark in the Select jump mark dialog box. Click on OK. Verification of the logic After the required parameters have been configured, the logic has to be certified before being transferred to the safety controller. The manufacturer of the machine is responsible for the output connections and for the logic verification. 7.7.4 Transfer configuration b 72 Transmit configuration to the Flexi Soft main module (see operating instructions 8012998). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice COMMISSIONING 8 8 Commissioning 8.1 Safety DANGER Hazard due to lack of effectiveness of the protective device b b Before commissioning the machine, make sure that the machine is first checked and released by qualified safety personnel. Only operate the machine with a perfectly functioning protective device. DANGER Dangerous state of the machine During commissioning, the machine or the protective device may not yet behave as you have planned. b Make sure that there is no-one in the hazardous area during commissioning. Before commissioning can be performed, project planning, mounting, electrical installa‐ tion and configuration must be completed in accordance with this document. 8.2 Thorough check Requirements for the thorough check during commissioning and in certain situations The safety system and its application must be thoroughly checked in the following situa‐ tions: • • • • Before commissioning After changes to the configuration or the safety function After changes to the mounting or the electrical connection After exceptional events, such as after a manipulation has been detected, after modification of the machine, or after replacing components The thorough check ensures the following: • • All relevant regulations are complied with and the safety system is effective in all of the machine’s operating modes The documentation corresponds to the state of the machine, including the protec‐ tive device The thorough checks must be carried out by qualified safety personnel or specially qual‐ ified and authorized personnel and must be documented in a traceable manner. 1. 2. 8020941/12O9/2019-08-05 | SICK Subject to change without notice Effectiveness of the protective device for all operating modes selectable on the machine in accordance with the checklist for initial commissioning and commis‐ sioning (see "Annex", page 86). Make sure that the operating personnel has been instructed in the function of the protective device before starting work on the machine. The instruction is the responsibility of the machine operator and must be carried out by qualified per‐ sonnel. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 73 9 OPERATING THE COMPONENTS 9 Operating the components NOTE Information is included in the operating instructions for the components. 74 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice MAINTENANCE OF THE COMPONENTS 10 10 Maintenance of the components NOTE Information is included in the operating instructions for the components. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 75 11 TROUBLESHOOTING 11 Troubleshooting NOTE Information is included in the operating instructions for the components. 11.1 Electromagnetic compatibility The system may switch to the safe state if EMC levels are relatively high. Safety takes priority over availability. If related problems arise, the user must take suitable mea‐ sures. 11.2 Exchange and repairs The sensor unit, which consists of two OLM sensors and a mounting bracket, may only be exchanged as a complete unit. Individual sensors may not be exchanged. The sensor unit may only ever be repaired by the SICK Service team. 76 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice DECOMMISSIONING 12 12 Decommissioning 12.1 Disassembly and disposal The applicable national disposal regulations must always be followed. Efforts should be made during the disposal process to recycle the constituent materials (particularly pre‐ cious metals). 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 77 13 TECHNICAL DATA 13 Technical data 13.1 Data sheet Table 67: Safe Linear Positioning data sheet Safe Linear Positioning SIL claim limit SILCL3 (EN 62061) Category Category 4 (EN ISO 13849) Performance level PL e (ISO 13849-1) PFHD PFHD = 3.08 x 10-8 MTTFd of the safety system High TM (mission time) 20 years (EN ISO 13849) Response time of the system Max. 47.5 ms Stopping distance extension 10 mm 1) Resolution of the OLM100-1301/1401 mea‐ surement system (part number: 1087575) 0.1 mm Resolution of the OLM100-1501/1601 mea‐ surement system (part number: 1090629) 0.01 mm 1,677 m Maximum measuring range with OLM100-1301/1401 (part number: 1087575) 8,589 m Maximum measuring range with OLM100-1501/1601 (part number: 1090629) Maximum speed of the measurement system 4 m/s Length of the SSI connection cable between OLM 2 and the FX3-MOC1 input (direct con‐ nection) Max. 50 m (transmission rate < 400 kBaud) Length of the SSI connection cable between OLM 1 and the external process controller (parallel infeed to FX3-MOC1) Max. 50 m (transmission rate < 400 kBaud) Length of the SSI connection cable between Max. 2 m the splitter (coupling point) and the FX3-MOC1 (transmission rate < 400 kBaud) input Supply voltage UV 24 V DC (16.8 V DC ... 28.8 V DC) (SELV) 2) Ambient operating temperature Flexi Soft: -20 … +55 °C OLM100 Hi: -30 … +55 °C Storage temperature –25 … +70 °C Air humidity 10…95%, non-condensing Permissible operating height Max. 2,000 m above sea level (80 kPa) Enclosure rating (EN 60529) Flexi Soft: IP54 OLM100 Hi: IP65 Safe state The safety-related semiconductor outputs are in the OFF state. Electromagnetic compatibility EN 61000-6-2, EN 61000-6-4 Vibration resistance EN 60068-2-6, EN 60068-2-64 Shock resistance EN 60086-2-27 1) 2) 78 The user must use the overall response time and other application-specific parameters to calculate the stopping distance. The user must then add another 10 mm on to the calculated stopping distance, which apply owing to internal filters. The external supply voltage must jumper a brief power failure of 20 ms as specified in IEC 60204-1. Suit‐ able power supply units are available as accessories from SICK. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice TECHNICAL DATA 13 13.2 XTIO module inputs XTIO module Input voltage HIGH 13 ... 30 V DC Input voltage LOW -5 ... +5 V DC Input current HIGH 2.4 ... 3.8 mA Input current LOW -2.5 ... +2.1 mA Input capacity Max. 10 nF +10% Switching current (when mechanical contacts are connected) 14.4 mA with 5 V 3 mA with 24 V Input reverse current in case of loss of ground connection Hardware version < V1.10.0 Max. 20 mA 1.5 kΩ effective reverse resistance to voltage supply Hardware version ≥ V1.10.0 Max. 2 mA Input pulse filter (pulses within these limits do not have any effect) Pulse width Max. 0.9 ms Pulse period Min. 4 ms Further technical data can be found in the “Flexi Soft Modular Safety Controller Hard‐ ware” operating instructions. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 79 13 TECHNICAL DATA 13.3 Dimensional drawings 66 ±0.2 88 ±1 50 ±0.2 6 ±1) 206 ±0.2 47 190 ±0.2 47 47 Figure 49: Dimensional drawing for the OLM100 Hi on a mounting plate 13.4 Response times Overrun for the entire system The overrun for the entire system is made up of at least two phases. T = t1 + t2 Table 68: Calculation of overrun for the entire system 80 Code Meaning T Overrun for the entire system t1 Maximum amount of time between the protective device being activated and the OFF state of the output being reached. t2 The maximum amount of stopping time required to end the dangerous sta‐ tus of the machine once the output signal from the protective device has been switched to the OFF state. The response time of the machine’s control system must be taken into consideration when calculating t2. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice TECHNICAL DATA 13 The default setting for the Speed Filter parameter is 10 mm and this must be taken into account at the planning stage (see "Configuring speed limits", page 37). WARNING There is a risk of death or serious injury if the stopping distance is calculated incor‐ rectly. b Do not change the Speed Filter parameter. Table 69: Explanation of calculation formula T t1 Overall stopping time 47.5 ms + TRampDelay + TPDS(RS) = t2 Sensor MOC input Max. data reception interval MOC logic Flexi Soft cycle time Output Drive 10 ms + 9 ms + 8 ms + TRampDelay + 16 ms + 4.5 ms + TPDS(SR) TRampDelay An additional TRampDelay delay time may be required depending on the drive system in use. This delay time, which can be adjusted in Flexi Soft, delays the start of ramp moni‐ toring. The delay time must correspond to the response time of the drive. TPDS(SR) TPDS(SR) is the amount of time required by the drive system for a stop ramp. If after t1 the acceleration is not great enough owing to a fault, the torque will be deactivated (safe torque off, STO - stop). If the optional safe brake control (SBC) (QA120) is linked to Flexi Soft, this will be activated too. NOTE If the stopping time with safe torque off (STO) and safe brake control (SBC) is greater than in the case of the standard stop ramp, the higher value must be used for TPDS(SR). 13.4.1 Stopping time in the event of a drive fault If the drive is faulty and the speed is not limited, the torque is deactivated and the optional safe brake control (SBC) is activated. T = t1 + t2 t1 = 47.5 ms + TRampDelay +47.5 ms t2 = Tbrake T = 95 s + TRampDelay + Tbrake Table 70: Definition of operands 13.4.2 Code Meaning Tbrake The amount of time the brake needs to stop movement. TRampDelay Additional delay time that may be necessary depending on the drive system in use. Flexi Soft cycle time The cycle time of the Flexi Soft safety controller is dependent on the scope of the logic. In this document, the stopping time is calculated on the basis of a standard cycle time of 8 ms. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 81 13 TECHNICAL DATA WARNING There is a risk of death or serious injury due to the stopping/run-down time being too long. b Double the cycle time (= 16 ms) to calculate the stopping/run-down time for the entire system. The CPU logic execution time may increase if additional safety functions are used. Once the logic has been configured, the final calculation for the cycle time must be used to calculate the stopping time. 13.4.3 Maximum data reception interval The maximum data reception interval is an adjustable timeout period within which valid position data must be received. This timeout period can be configured using the Flexi Soft Designer. For this safety sys‐ tem, the value for the maximum data reception interval is set at 8 ms. If this time is increased, the response time will be increased too accordingly. 82 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ORDERING INFORMATION 14 14 Ordering information 14.1 Safe Linear Positioning ordering information SAPPD3E-14AP003 (part number 1028308) Complete set with main module and all cables, 0.1 mm resolution, 25 bit SSI: • • • • • • 1 x FX3-CPU000000 main module (part number 1043783) 2 x FX3-XTIO84002 I/O module (part number 1044125) 1 x FX3-MOC100000 drive monitor (part number 1057833) 1 x FX3-MPL000001 system plug for FX3-CPU0 (part number 1043700) 1 x sensor unit, 0.1 mm resolution, 25 bit SSI (part number 1087575) 1 x X-junction (part number 2097764) SAPPD3E-14AP004 (part number 1028313) Complete set with main module and all cables, 0.01 mm resolution, 32 bit SSI: • • • • • • 1 x FX3-CPU000000 main module (part number 1043783) 2 x FX3-XTIO84002 I/O module (part number 1044125) 1 x FX3-MOC100000 drive monitor (part number 1057833) 1 x FX3-MPL000001 system plug for FX3-CPU0 (part number 1043700) 1 x sensor unit, 0.01 mm resolution, 32 bit SSI (part number 1090629) 1 x X-junction (part number 2097764) SAPPD3E-14AP009 (part number 1096692) Retrofitting set, but with all cables, 0.1 mm resolution, 25 bit SSI: • • • 1 x FX3-MOC100000 drive monitor (part number 1057833) 1 x sensor unit, 0.1 mm resolution, 25 bit SSI (part number 1087575) 1 x X-junction (part number 2097764) The main module and system plug must be ordered separately. SAPPD3E-14AP010 (part number 1096693) Retrofitting set, but with all cables, 0.01 mm resolution, 32 bit SSI: • • • 1 x FX3-MOC100000 drive monitor (part number 1057833) 1 x sensor unit, 0.01 mm resolution, 32 bit SSI (part number 1090629) 1 x X-junction (part number 2097764) The main module and system plug must be ordered separately. 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 83 15 SPARE PARTS 15 Spare parts Table 71: Spare parts Name Description Part number FX3-CPU000000 Main module 1043783 FX3-XTIO84002 I/O module 1044125 FX3-MOC100000 Drive monitor 1057833 FX3-MPL000001 System plug for FX3-CPU0 1043700 Table 72: Spare parts 84 Name Part number Sensor unit, resolution 0.1 mm, SSI 25 bit 1087575 Sensor unit, resolution 0.01 mm, SSI 32 bit 1090629 X-junction 2097764 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ACCESSORIES 16 16 Accessories 16.1 Connectivity Table 73: Ordering data for connection cables for OLM sensors, straight male connector/straight female connector Part Type code Part number Connection cable, 1 meter YF2A28-010UA6M2A28 2096108 Connection cable, 2 meters YF2A28-020UA6M2A28 2096105 Connection cable, 5 meters YF2A28-050UA6M2A28 2096106 Connection cable, 10 meters YF2A28-100UA6M2A28 2096109 Table 74: Ordering data for connection cables for OLM sensors, straight male connector/angled female connector 8020941/12O9/2019-08-05 | SICK Subject to change without notice Part Type code Part number Connection cable, 0.6 meters DSL-1208-B0M6ASCO 6048801 Connection cable, 5 meters DSL-1208-B05MASCO 6049328 Connection cable, 10 meters DSL-1208-B05MASCO 6049329 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 85 17 ANNEX 17 Annex 17.1 Checklist for initial commissioning and commissioning This checklist should be retained and kept with the machine documentation to serve as reference during recurring thorough checks. This checklist is not a substitute for initial commissioning or periodic thorough checks by qualified safety personnel. 17.1.1 Thorough check of the requirements specified in the operating instructions for the safety system Ambient conditions Table 75: Ambient conditions Check sequence Expected result 1. Yes ⃞ No ⃞ Compliance with the requirements specified in the operating instructions for the safety system is confirmed. The Flexi Soft system is in an environ‐ ment corresponding to enclosure rating IP54 (EN 60529) (e.g., inside a control cabinet). Check the ambient conditions. Result OK? Mounting Table 76: Mounting requirements Check sequence 1. 2. 3. Expected result Result OK? Compliance with the requirements Check that the sensor system specified in the operating instructions has been mounted correctly in terms of positioning and distance for the safety system is confirmed. from bar code tape. Check that the sensor system and bar code tape are parallel to one another. Check the mounting conditions of the Flexi Soft safety controller. Yes ⃞ No ⃞ Electrical installation Table 77: Requirements for the electrical wiring Check sequence Expected result Result OK? 1. Compliance with the requirements specified in the operating instructions for the safety system is confirmed. An X-junction must be used to connect the OLM sensors in all cases. Yes ⃞ No ⃞ 2. Check the electrical wiring, including the length of the cables. Check that the requirements for electrical protection and current limit have been met. Table 78: Electrical requirements for the plausibility signals from the process channel 86 Check sequence Expected result Result OK? 1. The electrical data for the plausibility signals confirms compatibility with the electrical data for the safe inputs that are outlined in the operating instruc‐ tions for the Flexi Soft hardware. Yes ⃞ No ⃞ Check that the plausibility signals from the process controller are electrically compatible with the safe inputs of the Flexi Soft safety controller (refer to the data sheet). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ANNEX 17 Table 79: Requirements for the SSI interface Check sequence 1. Expected result Check the baud rates of both Both SSI interfaces have different OLM sensors in the Flexi Soft pro‐ transmission rates ranging from gram and potentially also the 100 kBaud to 400 kBaud. process controller. Result OK? Yes ⃞ No ⃞ Baud rate of OLM sensor 1: Baud rate of OLM sensor 2 (standard value: 167 kBaud): Configuration Table 80: Definition of the permitted position values Check sequence 1. 17.1.2 Expected result Check the position ranges The position ranges that are not per‐ entered in the Flexi Soft program. mitted (= not used) within the applica‐ tion have been determined and the FX3-MOC1 module has been config‐ ured accordingly with the Flexi Soft Designer software. Result OK? Yes ⃞ No ⃞ Thorough check of the hardware requirements Drive system Table 81: Drive system Check sequence 1. Expected result Check that the drive’s safe torque Compliance with the requirements for category 4, PL e (EN ISO 13849-1) is off (STO) function and electrical control comply with the require‐ confirmed. ments of category 4, PL e (EN ISO 13849-1). Result OK? Yes ⃞ No ⃞ Brake Table 82: Brake Check sequence Expected result Result OK? 1. Compliance with the requirements for category 4, PL e (EN ISO 13849-1) is confirmed or the risk assessment indi‐ cated that a brake is not required. Yes ⃞ No ⃞ Check that the brake and electri‐ cal control comply with the requirements of category 4, PL e (EN ISO 13849-1). External signal for requesting the safely limited speed (SLS) Table 83: External signal for requesting the safely limited speed (SLS) 8020941/12O9/2019-08-05 | SICK Subject to change without notice Check sequence Expected result Result OK? 1. Compliance with the requirements for category 4, PL e (EN ISO 13849-1) is confirmed or an external signal is not used to request the safely limited speed (SLS). Yes ⃞ No ⃞ Check that the signal source and electrical transmission path com‐ ply with the requirements of cate‐ gory 4, PL e (EN ISO 13849-1). O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 87 17 ANNEX Electrical installation Table 84: Electrical installation 17.1.3 Check sequence Expected result 1. The requirements of the standard have Yes ⃞ No ⃞ been met. Check that the electrical installa‐ tion work has been performed in accordance with EN 60204-1 (IEC 60204-1). Result OK? Thorough check of the Flexi Soft configuration Maximum speed Table 85: Maximum speed Check sequence 1. 2. Expected result Result OK? Check that the maximum speed The maximum speed has been for the safety system is 4 m/s. adjusted in line with the application. If a lower maximum speed is required, configure this using the MOC1 logic editor. Yes ⃞ No ⃞ Safely limited speeds (SLS) Table 86: Safely limited speeds (SLS) Check sequence Expected result 1. Safely limited speeds (SLS) have been Yes ⃞ No ⃞ configured and the corresponding posi‐ tion ranges assigned (speed/position matrix). 2. Check that a maximum permitted speed has been defined for each position range that has been con‐ figured. Set speed ID 1 (= standstill) for position ranges that are not per‐ mitted. Result OK? Stop ramp Table 87: Stop ramp Check sequence 1. Expected result Result OK? Check that the stop ramp has The stop ramp has been configured in been input in line with the spe‐ line with the specific application and cific application and has been taken into account accordingly. taken into account when calculat‐ ing the stopping distance. Yes ⃞ No ⃞ Increase to the response time through the “maximum data reception interval” para‐ meter Table 88: Increase to the response time through the “maximum data reception interval” parame‐ ter Check sequence 1. 88 Check that the maximum data reception interval parameter in the MOC1 logic editor has been taken into account when calculat‐ ing the overall response time. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning Expected result Result OK? The maximum data reception interval para‐ Yes ⃞ No ⃞ meter has been taken into account when calculating the overall response time. 8020941/12O9/2019-08-05 | SICK Subject to change without notice ANNEX 17 Increase to the response time through the “logic extension” parameter Table 89: Increase to the response time through the “logic extension” parameter 17.1.4 Check sequence Expected result Result OK? 1. The logic execution time has been checked and taken into account when calculating the overall response time with a value of more than 8 ms. Yes ⃞ No ⃞ Check that the logic execution time has been taken into account when calculating the overall response time. Thorough check of the Flexi Soft documentation Configuration of the safety controller Table 90: Configuration of the safety controller Check sequence Expected result 1. • Check the position ranges and speed/position profile (in the MOC1 logic editor). • • Result OK? The position ranges entered corre‐ Yes ⃞ No ⃞ spond to the target application. Only the position ranges in use have the CAM mark. Position ranges that are not in use and position 0 do not have the CAM mark. Thorough check of the response time Table 91: Thorough check of the response time Check sequence Expected result 1. • Check the Flexi Soft CPU cycle time with the Flexi Soft Designer software. • Result OK? If the cycle time is > 8 ms, the over‐ Yes ⃞ No ⃞ all response time for the Safe Lin‐ ear Positioning application must be recalculated. If the cycle time is 8 ms, the overall response time provided in this doc‐ ument applies. CPU cycle time value: Verification of the Flexi Soft configuration Table 92: Verification of the Flexi Soft configuration Check sequence Expected result Result OK? 1. • Yes ⃞ No ⃞ Check that the Flexi Soft configu‐ ration has been verified correctly. • The tested Flexi Soft configuration has been verified, which means that the verification report has been checked and approved. The CV LED on the CPU lights up continuously. Documentation of the CRC checksum Table 93: Documentation of the CRC checksum Check sequence Expected result 1. The checksum of the verified Flexi Soft Yes ⃞ No ⃞ program has been determined. Check the CRC checksum. Result OK? CRC: 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 89 17 ANNEX Documentation of the Flexi Soft project Table 94: Documentation of the Flexi Soft project Check sequence Expected result Result OK? 1. • Yes ⃞ No ⃞ Create Flexi Soft report. • 17.1.5 Archiving of the verified Flexi Soft program. Checking and archiving of the Flexi Soft report. Thorough check on the process channel (standstill) Evaluation of the test signals during standstill NOTE You must undo the manipulation on the safety system again after each individual test sequence. Then you must reset the safety system and carry out a restart. Table 95: Evaluation of the test signals during standstill Check sequence 1. Apply the test signal during standstill. Expected result • • • 1. 2. 3. 1. 2. 3. 1. 2. 3. 17.1.6 Result OK? Test signal 1 “forward” active (XTIO input I1) Test signal 2 “backward” active (XTIO input I2) No fault, system is in a functional state (XTIO output Q4 "KF130 stop request" is active) Yes ⃞ No ⃞ Apply the test signal during standstill. Set test signal 1 “forward” to inactive (XTIO input I1). Set test signal 2 “backward” to active (XTIO input I2). The safety system switches to the safe state (XTIO output Q4 "KF130 stop request" is deactivated) Yes ⃞ No ⃞ Apply the test signal during standstill. Set test signal 1 “forward” to active (XTIO input I1). Set test signal 2 “backward” to inactive (XTIO input I2). The safety system switches to the safe state (XTIO output Q4 "KF130 stop request" is deactivated) Yes ⃞ No ⃞ Apply the test signal during standstill. Set test signal 1 “forward” to inactive (XTIO input I1). Set test signal 2 “backward” to inactive (XTIO input I2). The safety system switches to the safe state (XTIO output Q4 "KF130 stop request" is deactivated) Yes ⃞ No ⃞ Thorough check on the process channel (forward movement) Evaluation of the test signals during forward movement NOTE You must undo the manipulation on the safety system again after each individual test sequence. Then you must reset the safety system and carry out a restart. 90 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ANNEX 17 Table 96: Evaluation of the test signals during forward movement Check sequence 1. Apply the test signal during for‐ ward movement. Expected result • • • 1. 2. 3. 1. 2. 3. 1. 2. 3. 17.1.7 Test signal 1 “forward” active (XTIO input I1) Test signal 2 “backward” inactive (XTIO input I2) No fault, system is in a functional state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are active) Result OK? Yes ⃞ No ⃞ Apply the test signal during for‐ ward movement. Set test signal 1 “forward” to active (XTIO input I1). Set test signal 2 “backward” to active (XTIO input I2). The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated) Yes ⃞ No ⃞ Apply the test signal during for‐ ward movement. Set test signal 1 “forward” to inactive (XTIO input I1). Set test signal 2 “backward” to active (XTIO input I2). The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated) Yes ⃞ No ⃞ Apply the test signal during for‐ ward movement. Set test signal 1 “forward” to inactive (XTIO input I1). Set test signal 2 “backward” to inactive (XTIO input I2). The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated) Yes ⃞ No ⃞ Thorough check on the process channel (backward movement) Evaluation of the test signals during backward movement NOTE You must undo the manipulation on the safety system again after each individual test sequence. Then you must reset the safety system and carry out a restart. Table 97: Evaluation of the test signals during backward movement Check sequence 1. Apply the test signal during back‐ ward movement. Expected result • • • 1. 2. 3. 8020941/12O9/2019-08-05 | SICK Subject to change without notice Apply the test signal during back‐ ward movement. Set test signal 1 “forward” to active (XTIO input I1). Set test signal 2 “backward” to active (XTIO input I2). Test signal 1 “forward” inactive (XTIO input I1) Test signal 2 “backward” active (XTIO input I2) No fault, system is in a functional state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are active) The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated). Result OK? Yes ⃞ No ⃞ Yes ⃞ No ⃞ O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 91 17 ANNEX Check sequence Expected result Result OK? 1. Apply the test signal during back‐ ward movement. Set test signal 1 “forward” to active (XTIO input I1). Set test signal 2 “backward” to inactive (XTIO input I2). The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated). Yes ⃞ No ⃞ Apply the test signal during back‐ ward movement. Set test signal 1 “forward” to inactive (XTIO input I1). Set test signal 2 “backward” to inactive (XTIO input I2). The safety system switches to the safe state (XTIO outputs Q1 "QA110.1 safety output (STO)" and Q2 "QA110.2 safety output (STO)" are deactivated). Yes ⃞ No ⃞ 2. 3. 1. 2. 3. 17.1.8 Thorough check of the safety functions External signal for requesting the safely limited speed (SLS) (if external signal used) NOTE You must undo the manipulation on the safety system again after each individual test sequence. Then you must reset the safety system and carry out a restart. Table 98: External signal for requesting the safely limited speed (SLS) Check sequence Expected result 1. A safe stop 2 (SS2) is initiated at a Yes ⃞ No ⃞ speed > speed ID 2. An automated restart is not performed. Check that the external signal source activates the SLS safety function (outputs of the signal source = 0 V). Result OK? Emergency stop Table 99: Emergency stop 17.1.9 Check sequence Expected result 1. The emergency stop pushbutton is eas‐ Yes ⃞ No ⃞ ily accessible. When actuated, a safe stop 1 (SS1) is initiated. If an optional brake is in use, the brake function will be activated once a stand‐ still has been reached. Resetting the emergency stop device does not trigger a restart. All emergency stop pushbuttons within the application have to be checked. Actuate the emergency stop pushbutton. Result OK? Thorough check of faults on the transmission path NOTE You must undo the manipulation on the safety system again after each individual test sequence. Then you must reset the safety system and carry out a restart. 92 O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 8020941/12O9/2019-08-05 | SICK Subject to change without notice ANNEX 17 Interruption of connection to OLM sensor 1 Table 100: Interruption of connection to OLM sensor 1 Check sequence 1. Expected result Remove the plug connection from Switches to status: OLM sensor 1. XTIO output Q4 "KF130 stop request" is deactivated. Result OK? Yes ⃞ No ⃞ Interruption of connection to OLM sensor 2 Table 101: Interruption of connection to OLM sensor 2 Check sequence 1. Expected result Remove the plug connection from Switches to status: OLM sensor 2. XTIO output Q4 "KF130 stop request" is deactivated. Result OK? Yes ⃞ No ⃞ Interruption of connection to MOC1 Table 102: Interruption of connection to MOC1 Check sequence 1. Expected result Remove the plug connection from Switches to status: the MOC1 module. XTIO output Q4 "KF130 stop request" is deactivated. Result OK? Yes ⃞ No ⃞ Interruption of connection for the “Sensor ID 1” signal Table 103: Interruption of connection for the “Sensor ID 1” signal Check sequence 1. Expected result Remove the plug connection from Switches to status: the Flexi Soft input. XTIO output Q4 "KF130 stop request" is deactivated. Result OK? Yes ⃞ No ⃞ Interruption of connection for the “Sensor ID 2” signal Table 104: Interruption of connection for the “Sensor ID 2” signal Check sequence 1. 17.1.10 Expected result Remove the plug connection from Switches to status: the Flexi Soft input. XTIO output Q4 "KF130 stop request" is deactivated. Result OK? Yes ⃞ No ⃞ Thorough check for foreseeable misuse and manipulation Mounting Table 105: Bar code Check sequence Expected result Result OK? 1. • Yes ⃞ No ⃞ Check that the bar code tape has been applied properly, without any tears or manipulation. • • • 8020941/12O9/2019-08-05 | SICK Subject to change without notice Only the approved bar code tape has been used. The tape has been applied in line with the requirements specified in the OLM operating instructions. There are no signs of the bar code having been manipulated (e.g., for test purposes). The bar code tape is not contami‐ nated in any way. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 93 17 ANNEX Table 106: Mounting Check sequence Expected result Result OK? 1. • Yes ⃞ No ⃞ Check the mounting of the safety system. • • The sensor system has been mounted in accordance with these operating instructions. The sensor system must be mounted within a permissible dis‐ tance of the bar code tape (80 mm-120 mm). There are no signs of manipulation as far as the mounting is con‐ cerned. Electrical installation Table 107: Cable laying Check sequence Expected result 1. • Check the cable laying. • • • • Result OK? Yes ⃞ No ⃞ The approved X-junction and, if required, the permitted connection cables from SICK are the only options that can be used for electri‐ cally connecting the OLM sensors. The X-junction is wired from the FX3-MOC1 connector plug to the SSI splitter within an electrical installation area. The maximum permitted lengths have not been exceeded for cables. The connector plugs for the OLM sensors are mechanically secured with tightened M12 threaded rings. The connector plug for the FX3MOC1 is mechanically secured with two screws (in the plug). Product description Table 108: Components Check sequence Expected result 1. • Check that only approved OLM sensors with the safety controller have been used. • • Result OK? Only the approved full OLM sensor Yes ⃞ No ⃞ system has been used. Individual sensors have not been exchanged. The sensor system may only be exchanged as one whole unit (i.e., a mounting bracket with sensors mounted on it). The sensor system is only operated with a Flexi Soft safety controller. Ambient conditions Table 109: Surrounding area 94 Check sequence Expected result 1. • Check the safety system for manipulations in the surrounding area. O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning Result OK? There are no signs of manipulation Yes ⃞ No ⃞ in the surrounding area, e.g., a bar code having been affixed in front of the sensors or dazzle from ambient light. 8020941/12O9/2019-08-05 | SICK Subject to change without notice ANNEX 17 17.1.11 Thorough check of the response time of the safety system within the target application Response time of the safety system within the target application Table 110: Response time of the safety system within the target application Check sequence Expected result 1. The response time of the safety system Yes ⃞ No ⃞ within the target application is appro‐ priate. Determine the response time of the safety system within the tar‐ get application (e.g., by measur‐ ing the stopping time). Result OK? Comment: 17.1.12 Thorough check of the check intervals Thorough check of the check intervals Table 111: Thorough check of the check intervals Check sequence Expected result Result OK? 1. The check interval and responsible party have been defined as follows: Yes ⃞ No ⃞ 2. Set a check interval for regular thorough checks and validation of the safety system on the basis of the risk assessment for the application. Specify a responsible party. Check interval: Responsible party: 8020941/12O9/2019-08-05 | SICK Subject to change without notice O P E R A T I N G I N S T R U C T I O N S | Safe Linear Positioning 95 8020941/12O9/2019-08-05/en Australia Phone +61 (3) 9457 0600 1800 33 48 02 – tollfree E-Mail [email protected] Hungary Phone +36 1 371 2680 E-Mail [email protected] Slovakia Phone +421 482 901 201 E-Mail [email protected] India Phone +91-22-6119 8900 E-Mail [email protected] Slovenia Phone +386 591 78849 E-Mail [email protected] Israel Phone +972 97110 11 E-Mail [email protected] South Africa Phone +27 10 060 0550 E-Mail [email protected] Italy Phone +39 02 27 43 41 E-Mail [email protected] South Korea Phone +82 2 786 6321/4 E-Mail [email protected] Japan Phone +81 3 5309 2112 E-Mail [email protected] Spain Phone +34 93 480 31 00 E-Mail [email protected] Malaysia Phone +603-8080 7425 E-Mail [email protected] Sweden Phone +46 10 110 10 00 E-Mail [email protected] Mexico Phone +52 (472) 748 9451 E-Mail [email protected] Switzerland Phone +41 41 619 29 39 E-Mail [email protected] Netherlands Phone +31 (0) 30 229 25 44 E-Mail [email protected] Taiwan Phone +886-2-2375-6288 E-Mail [email protected] Denmark Phone +45 45 82 64 00 E-Mail [email protected] New Zealand Phone +64 9 415 0459 0800 222 278 – tollfree E-Mail [email protected] Thailand Phone +66 2 645 0009 E-Mail [email protected] Finland Phone +358-9-25 15 800 E-Mail [email protected] Norway Phone +47 67 81 50 00 E-Mail [email protected] France Phone +33 1 64 62 35 00 E-Mail [email protected] Poland Phone +48 22 539 41 00 E-Mail [email protected] Germany Phone +49 (0) 2 11 53 010 E-Mail [email protected] Romania Phone +40 356-17 11 20 E-Mail [email protected] Greece Phone +30 210 6825100 E-Mail [email protected] Russia Phone +7 495 283 09 90 E-Mail [email protected] Hong Kong Phone +852 2153 6300 E-Mail [email protected] Singapore Phone +65 6744 3732 E-Mail [email protected] Austria Phone +43 (0) 2236 62288-0 E-Mail [email protected] Belgium/Luxembourg Phone +32 (0) 2 466 55 66 E-Mail [email protected] Brazil Phone +55 11 3215-4900 E-Mail [email protected] Canada Phone +1 905.771.1444 E-Mail [email protected] Czech Republic Phone +420 234 719 500 E-Mail [email protected] Chile Phone +56 (2) 2274 7430 E-Mail [email protected] China Phone +86 20 2882 3600 E-Mail [email protected] Detailed addresses and further locations at www.sick.com SICK AG | Waldkirch | Germany | www.sick.com Turkey Phone +90 (216) 528 50 00 E-Mail [email protected] United Arab Emirates Phone +971 (0) 4 88 65 878 E-Mail [email protected] United Kingdom Phone +44 (0)17278 31121 E-Mail [email protected] USA Phone +1 800.325.7425 E-Mail [email protected] Vietnam Phone +65 6744 3732 E-Mail [email protected]
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
Download PDF
advertisement