User manual
Publication 1756-RM093F-EN-P - January 2010 75
Monitor Status and Handle Faults Chapter 7
Nonrecoverable Controller Faults
A nonrecoverable controller fault occurs if the controller’s internal
diagnostics fail. Partnership is lost when a nonrecoverable controller
fault occurs in either the primary controller or the safety partner,
causing the other to generate a nonrecoverable watchdog timeout
fault. Standard task and safety task execution stops, and Safety I/O
transitions to the safe state.
Recovery from a nonrecoverable controller fault requires a download
of the application program.
Nonrecoverable Safety Faults
In the event of a non-recoverable safety fault, the controller logs the
fault to the controller-scoped fault handler and shuts down the safety
task, including Safety I/O and safety logic.
To recover from a nonrecoverable safety fault, safety memory is
reinitialized either from the safety task signature (happens
automatically when you clear the fault) or, if no safety task signature
exists, via an explicit download of the safety project.
You can override the safety fault by clearing the fault log entry
through the controller-scoped safety fault handler. This allows
standard tasks to keep running.
ATTENTION
Overriding the safety fault does not clear it. If you override the
safety fault, it is your responsibility to prove that doing so
maintains SIL 3.