Safety Reference Manual Safe Speed Monitor Option Module for PowerFlex 750-Series AC Drives Catalog Numbers 20-750-S1 Original Instructions
Important User Information Solid-state equipment has operational characteristics differing from those of electromechanical equipment. Safety Guidelines for the Application, Installation and Maintenance of Solid State Controls (publication SGI-1.1 available from your local Rockwell Automation® sales office or online at http://www.rockwellautomation.com/literature/) describes some important differences between solid-state equipment and hard-wired electromechanical devices.
Summary of Changes The information below summarizes the changes to this manual since the last publication. Topic Page Drive Frames 1 and 10 added. Throughout PFD and PFH for 20-year Proof Test Interval table updated. 19 Environmental Specifications added. 162 Compliance clarified under CE in Certifications section.
Summary of Changes Notes: 4 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Table of Contents Preface About This Publication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Who Should Use This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Additional Resources . . . . . . . . . .
Table of Contents Chapter 4 Speed Monitoring I/O Signals Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Inputs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Stop Input (SS_In) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Limited Speed Input (SLS_In) . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 7 Safe Limited Speed (SLS) Modes Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Limited Speed (SLS) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Limited Speed Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Limited Speed Parameter List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 9 Safe Maximum Speed and Direction Monitoring Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Safe Maximum Speed (SMS) Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . Safe Maximum Acceleration (SMA) Monitoring. . . . . . . . . . . . . . . . . . . Safe Direction Monitoring (SDM). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Chapter 12 Troubleshooting the PowerFlex Safety Option Module Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nonrecoverable Faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Fault Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents 10 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Preface About This Publication This manual explains how PowerFlex 750-Series drives can be used in Safety Integrity Level (SIL) CL3, Performance Level [PL e], or Category (CAT) 4 applications. It describes the safety requirements, including PFD and PFH values and application verification information, and provides information on installing, configuring, and troubleshooting the PowerFlex Safe Speed Monitor Option module.
Preface This table defines abbreviations used in this manual.
Preface These documents contain additional information concerning related Rockwell Automation products. Additional Resources Resource Description PowerFlex 750-Series AC Drive Installation Instructions, publication 750-IN001 Provides information on installing the safety option module in your PowerFlex 750-Series drive. PowerFlex 750-Series AC Drives Programming Manual, publication 750-PM001 Provides information on mounting, installing, and configuring your PowerFlex 750-Series drive.
Preface Notes: 14 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 1 Safety Concept Introduction Safety Certification This chapter describes the safety performance level concept and how the PowerFlex 750-Series drives can meet the requirements for SIL CL3, CAT 4, or PL e applications.
Chapter 1 Safety Concept Important Safety Considerations The system user is responsible for: • the setup, safety rating, and validation of any sensors or actuators connected to the system. • completing a system-level risk assessment and reassessing the system any time a change is made. • certification of the system to the desired safety performance level. • project management and proof testing.
Safety Concept Chapter 1 Stop Category Definitions The selection of a stop category for each stop function must be determined by a risk assessment. • Stop Category 0 is achieved with immediate removal of power to the actuator, resulting in an uncontrolled coast to stop. Safe Torque Off accomplishes a Stop Category 0 stop. • Stop Category 1 is achieved with power available to the machine actuators to achieve the stop. Power is removed from the actuators when the stop is achieved.
Chapter 1 Safety Concept Performance Level and Safety Integrity Level (SIL) CL3 For safety-related control systems, Performance Level (PL), according to ISO 13849-1, and SIL levels, according to EN 61508 and EN 62061, include a rating of the system’s ability to perform its safety functions. All of the safety-related components of the control system must be included in both a risk assessment and the determination of the achieved levels.
Safety Concept PFD and PFH Data Chapter 1 These PFD and PFH calculations are based on the equations from Part 6 of EN 61508 and show worst-case values. This table provides data for a 20-year proof test interval and demonstrates the worst-case effect of various configuration changes on the data. Table 1 - PFD and PFH for 20-year Proof Test Interval Attribute Safe State Value Drive Frames 1…7 Drive Frame 8 Drive Frame 9 Drive Frame 10 PFD 2.35E-4 5.83E-4 4.67E-4 5.58E-4 PFH 2.67E-9 1/h 6.
Chapter 1 Safety Concept Safety Reaction Time The safety reaction time is the amount of time from a safety-related event as input to the system until the system is in the Safe State. The safety reaction time from an input signal condition that triggers a safe stop, to the initiation of the configured Stop Type, is 20 ms (maximum) for drive Frames 1…10.
Safety Concept Chapter 1 Output Pulse Test Considerations If the pulse testing of any safety output is disabled, the maximum safety rating will be up to and including SIL CL2, PL d, and CAT 3 for any safety chain incorporating any input or output of the safety option. IMPORTANT Setting any of the P72 [SS Out Mode], P73 [SLS Out Mode], or P74 [DC Out Mode] parameters to 1 = No Pulse Test disables internal diagnostics as well as external diagnostics required to achieve higher safety ratings.
Chapter 1 Safety Concept Understanding Commutation Permanent magnet (PM), brushless AC motors are a class of synchronous motor that depends on electronic brushless commutation for their operation. In PM brushless motors, an electromagnetic field is created by the permanent magnets on the rotor. A rotating magnetic field is created by a number of electromagnets commutated electronically with IGBT’s at the right speed, order, and times.
Chapter 2 About the PowerFlex Safe Speed Monitor Option Module Introduction Safety Functions This chapter describes the safety option features of the PowerFlex 750-Series drives. Topic Page Safety Functions 23 Hardware Features 26 Configuration 27 The PowerFlex 750-Series speed-monitoring safety option features five inputs, three sets of safety outputs, and one bipolar safety output. Each of the inputs support a specific safety function.
Chapter 2 About the PowerFlex Safe Speed Monitor Option Module Safety Modes Parameter 21 [Safety Mode] is used to configure the safety option to operate in one of 11 user-selectable safety modes, based on combinations of the safety functions listed on the previous page. P21 Option Mode – Description Page 0 Disabled – In this mode, all safety functions are disabled.
About the PowerFlex Safe Speed Monitor Option Module Chapter 2 Disabled Mode When P21 [Safety Mode] = 0 “Disabled” and P6 [Operating Mode] = 1 “Run” all safety functions are disabled. Input, output, or speed monitoring diagnostics do not take place and all outputs are in their safe state. Motion power is enabled for drive commissioning in this mode. IMPORTANT The safety option monitors motion for Safe Stop in every mode except Disabled.
Chapter 2 About the PowerFlex Safe Speed Monitor Option Module Hardware Features The safety option features five dual-channel inputs, two sets of sourcing safety outputs, and one bipolar safety output. You can configure dual-channel inputs to accept a following-contact configuration with two normally closed contacts, or one normally closed and one normally open contact. They can also be configured for single channel operation.
About the PowerFlex Safe Speed Monitor Option Module Configuration Chapter 2 Configure the PowerFlex 750-Series safety option by setting the configuration parameters with a HIM module, DriveExplorer, DriveExecutive, or RSLogix 5000 software. Drive DriveExplorer DriveExecutive RSLogix 5000 RSLogix 5000 with ADC Feature PowerFlex 753 Frames 1…7 Version 6.02 or later Version 5.03 or later Version 16 or later Not Available with Drives AOP v3.01 or later PowerFlex 755 Frames 1…7 Version 6.
Chapter 2 About the PowerFlex Safe Speed Monitor Option Module Notes: 28 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 3 Installation and Wiring Introduction This chapter provides details on connecting devices and wiring the PowerFlex safety option board.
Chapter 3 Installation and Wiring Set Safety Enable Circuitry The PowerFlex 750-Series drive ships with the safety-enable jumper (SAFETY) installed. The jumper, located on the main control board, must be removed when using the Safe Speed Monitor Option module. IMPORTANT Failure to remove the SAFETY jumper will cause the drive to fault when a start command is issued.
Installation and Wiring Install the PowerFlex Safety Option Module Chapter 3 There are multiple option module port positions in PowerFlex 750-Series drives. Restrictions and/or recommendations apply to selected option modules. IMPORTANT The PowerFlex safety option module must be installed in port 4, 5, or 6 and must be used with the 20-750-DENC-1 Dual Incremental Encoder module or the 20-750-UFB-1 Universal Feedback module.
Chapter 3 Installation and Wiring Installation in Frame 8 and Larger Drives When installed in a Frame 8 or larger drive, an EMC Core Kit, catalog number 20-750-EMCSSM1-F8, is required. Terminal Connections Shielded cable is required. Prepare wires for termination on the safety option module with a 6 mm (0.25 in.) strip length. Tighten all terminal screws firmly and recheck them after all connections have been made. Recommended terminal screw torque is 0.2 N•m (1.8 lb•in).
Installation and Wiring Compatible Encoders These feedback devices, or equivalents, are supported. Cat. No. and Description Sin/Cos Encoders (1) Incremental Encoders Additional Resources Refer to the Bulletin 842HR Sin/Cosine Encoders product profile, publication 842HR-PP001, for more information on these encoders.
Chapter 3 Installation and Wiring Notes: 34 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 4 Speed Monitoring I/O Signals Introduction Inputs This chapter describes the input and output signals of the Safe Speed Monitor Option module. Topic Page Inputs 35 Outputs 41 The safety option has five inputs capable of safety-certified dual-channel support. Each dual-channel input supports a specific safety function of the drive: Safe Stop, Safe Limited Speed, Door Monitoring, Enabling Switch Monitoring, and Lock Monitoring.
Chapter 4 Speed Monitoring I/O Signals Figure 4 - Cycle Inputs Required Cycle Inputs Required Channel 0 Active Inactive Channel 1 Active Inactive Evaluated Status ON OFF If inputs are configured with the following dual channel settings, an Input fault occurs if the inputs are discrepant for longer than 3 seconds or if a ‘cycle inputs required’ condition exists for longer than 3 seconds.
Speed Monitoring I/O Signals Chapter 4 Figure 5 - Safety Input Wiring Examples 2NC or 2 NC 3s Safety Option 1NC+1NO or 1NC+1NO 3s Safety Option Test_Out_0 (S11) Test_Out_1 (S21) Test_Out_0 (S11) Test_Out_1 (S21) Dual-channel Complementary Safety Device Dual-channel Equivalent Safety Device Input 1 Input 0 1NC Single Channel Safety Device Input 1 Input 0 2 OSSD 3s Safety Option Safety Option Test_Out_0 (S11) Test_Out_1 (S21) N/C N/C Input 1 Input 0 IMPORTANT GND OSSD1 OSSD2 Solid State Safe
Chapter 4 Speed Monitoring I/O Signals Safe Stop Input (SS_In) The SS_In input is intended for connection to an E-Stop device. The SS_In input must be active to initiate Safe Stop monitoring. If the SS_In input is being monitored, a transition from ON to OFF (closed to open) is used to request the configured Safe Stop Type. In a cascaded configuration, the SS_In inputs of the middle and last drives are connected to the Safe Stop (SS_Out) output of an upstream safety option.
Speed Monitoring I/O Signals Chapter 4 Enabling Switch Monitor Input (ESM_In) The ESM_In input is intended to be connected to an enabling switch. A 440JN21TNPM enabling switch is recommended. The safety option uses the ESM_In input as a safety enable only, not for control. The ESM_In inputs function and monitoring is performed by the first unit in multi-axis systems.
Chapter 4 Speed Monitoring I/O Signals Reset Input (Reset_In) The Reset input is for reset and monitoring of the safety circuit. The reset input can be configured for automatic, manual, or manual monitored reset types. Wire the reset input terminal (TB2-S34) to the 24V DC input terminal, (TB2A1), depending on the configured reset type, as shown.
Speed Monitoring I/O Signals Outputs Chapter 4 The safety option has three safety control outputs. The outputs have various output current capabilities, depending on function. See the specifications in Appendix A to verify your power requirements. Safe Stop Output (SS_Out) The safe state for this signal is OFF. These outputs are typically used in multi-axis applications. In multi-axis applications, you can use these outputs to daisy-chain the master safety option to a slave.
Chapter 4 Speed Monitoring I/O Signals If the Safe Stop Type is initiated or if a Safe Stop is initiated due to a fault, the SS_Out output is turned OFF. If an error is detected on either channel of the dual-channel output, a fault occurs. I/O faults are Stop Category faults, which initiate the configured Safe Stop Type. The fault is latched until the safety option is successfully reset. For more information on faults, refer to Chapter 12.
Speed Monitoring I/O Signals Chapter 4 Figure 7 - SLS_Out to SLS_In Connections for Multi-axis Applications Safety Option (Master) SLS_OUT_CH0 SLS_OUT_CH1 TB2-68 TB2-78 TB2-S52 TB2-S62 SLS_IN_CH0 SLS_IN_CH1 Safety Option (Slave) For more information on multi-axis configurations, see Cascaded Configurations starting on page 97.
Chapter 4 Speed Monitoring I/O Signals Door Control Output (DC_Out) You can use this output for door control in single-axis and multi-axis systems. This output attempts to maintain last state when a fault occurs. The DC_Out output is updated based on door control logic status, the P57 [Door Out Type] parameter setting, and any Safe State faults that may be detected. This output is Unlocked only when motion is verified to be at Standstill Speed or Safe Limited Speed.
Speed Monitoring I/O Signals Chapter 4 Figure 9 - Door Control Cascading Outputs Safety Option (Master) DC_OUT_CH0 DC_OUT_CH1 TB2-51 TB2-52 TB2-S32 TB2-S42 DM_IN_CH0 DM_IN_CH1 Safety Option (Slave) Only these wiring configurations, shown below, are supported for the Door Control output.
Chapter 4 Speed Monitoring I/O Signals Notes: 46 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 5 General Device and Feedback Monitoring Configuration Introduction Cascaded Configuration This chapter describes the general and feedback configuration settings that must be configured to operate the safe speed monitor option module. Topic Page Cascaded Configuration 47 Safety Mode 48 Reset Type 48 Overspeed Response Time 49 General Parameter List 53 Feedback Monitoring 54 Feedback Parameter List 58 The safety option may be used in single-axis or multi-axis applications.
Chapter 5 General Device and Feedback Monitoring Configuration Safety Mode You can configure the safety option to operate in one of 11 user-selectable Safety modes, based on combinations of the safety functions the option supports. The modes, except for Disabled, are described in detail in subsequent chapters of this manual.
General Device and Feedback Monitoring Configuration Overspeed Response Time Chapter 5 The P24 [OverSpd Response] parameter setting determines the maximum reaction time from an overspeed event to the initiation of the configured P45 [Safe Stop Type]. The safety reaction time from an overspeed event that triggers a Safe Stop Type, to the actual initiation of that Safe Stop Type, is equal to the value of the P24 [OverSpd Response] parameter.
Chapter 5 General Device and Feedback Monitoring Configuration Speed Resolution Accuracy for Rotary Systems Table 5 - Encoder Resolution 16 lines/rev Overspeed Response Time, P24 (OverSpd Response) Setting Speed (RPM) 1 10 100 1000 10,000 100,000 42 156.253 156.283 156.583 159.583 189.583 489.583 48 78.127 78.142 78.292 79.792 94.792 244.792 60 39.063 39.071 39.146 39.896 47.396 122.396 84 19.532 19.535 19.573 19.948 23.698 61.198 132 9.766 9.768 9.786 9.974 11.
General Device and Feedback Monitoring Configuration Chapter 5 Table 8 - Encoder Resolution 1024 lines/rev Overspeed Response Time, P24 (OverSpd Response) Setting Speed (RPM) 1 10 100 1000 10,000 11,718.75 42 2.445 2.475 2.775 5.775 35.775 41.504 48 1.222 1.237 1.387 2.887 17.887 20.752 60 0.611 0.619 0.694 1.444 8.944 10.376 84 0.306 0.309 0.347 0.722 4.472 5.188 132 0.153 0.155 0.173 0.361 2.236 2.594 228 0.076 0.077 0.087 0.180 1.118 1.297 420 0.038 0.
Chapter 5 General Device and Feedback Monitoring Configuration Speed Resolution Accuracy for Linear Systems Table 11 - Encoder Resolution 500 lines/mm Overspeed Response Time, P24 (OverSpd Response) Setting Speed (mm/s) 0.01 0.1 1 10 100 400 42 0.083 0.084 0.087 0.117 0.417 1.417 48 0.042 0.042 0.043 0.058 0.208 0.708 60 0.021 0.021 0.022 0.029 0.104 0.354 84 0.010 0.010 0.011 0.015 0.052 0.177 132 0.005 0.005 0.005 0.007 0.026 0.089 228 0.003 0.003 0.003 0.
General Device and Feedback Monitoring Configuration Read-Write Values 20 Cascaded Config Cascaded Configuration Defines whether the speed monitoring safety option is a single unit or if it occupies a first, middle, or last position in a multi-axis cascaded system.
Chapter 5 General Device and Feedback Monitoring Configuration Feedback Monitoring The P27 [Fbk Mode] parameter defines whether the feedback monitoring devices are configured as a single encoder or as dual encoders. When two encoders are used, the P27 [Fbk Mode] parameter also defines the type of discrepancy checking that is performed between the two encoders. IMPORTANT Feedback device 1 can be a Sin/Cos or incremental feedback device. Feedback device 2 can only be an incremental feedback device.
General Device and Feedback Monitoring Configuration Chapter 5 Dual Encoders If the P27 [Fbk Mode] parameter is set to 2 Encoders, each encoder input is processed by a single channel and cross-checked in a 1oo2 architecture. Discrepancy checking is performed between the two encoders. After the discrepancy checks have passed, the speed, direction, and stopped status are derived from encoder 1. IMPORTANT All monitoring functions are based on the speed of encoder 1.
Chapter 5 General Device and Feedback Monitoring Configuration Dual Feedback Position Discrepancy Tolerance The Dual Feedback Position Discrepancy Tolerance, P41[Fbk Pos Tol] parameter defines the cumulative position discrepancy that will be tolerated between encoder 1 and encoder 2. The position discrepancy is defined as position change relative to encoder 1. IMPORTANT The relative position discrepancy difference is reset to zero at each Safe Stop Reset.
General Device and Feedback Monitoring Configuration Chapter 5 Dual Feedback Speed Discrepancy Tolerance The Dual Feedback Speed Discrepancy Tolerance P40 [Fbk Speed Tol], defines the discrepancy that will be tolerated for a difference in speed between encoder 1 and encoder 2. This speed is relative to encoder 1. This discrepancy checking is performed only while the Feedback mode is equal to one of these values.
Chapter 5 General Device and Feedback Monitoring Configuration Feedback Fault The allowable frequency of feedback input signals is limited. The safety option monitors feedback signals whenever its configuration is valid and the Safety mode is not configured as Disabled. Encoder Type Maximum Frequency Sine/cosine ≤ 100 kHz Incremental ≤ 200 kHz If the feedback signals indicate greater than or equal to the maximum value, a Feedback_x fault (Safe State fault) occurs.
Values 32 Fbk 1 Volt Mon Feedback 1 Voltage Monitor Encoder 1 voltage to be monitored. Default: Options: 33 Fbk 1 Speed Feedback 1 Speed Displays the output speed of encoder 1. Units based on rotary or linear configuration defined by P29 [Fbk 1 Units]. Fbk 2 Units Feedback 2 Units Selects rotary or linear feedback for encoder 2. Fbk 2 Polarity Feedback 2 Polarity Defines the direction polarity for encoder 2. Fbk 2 Resolution Feedback 2 Resolution Counts/Revolution.
Chapter 5 General Device and Feedback Monitoring Configuration Notes: 60 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Introduction Safe Stop Mode This chapter describes the Safe Stop modes of safety operation and provides a list of configuration parameters as well as wiring examples for each Safe Stop mode.
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Safe Stop Types Use the P45 [Safe Stop Type] parameter to configure the type of stop that the system executes when a Safe Stop is initiated. A Safe Stop can be initiated by a transition of the SS_In input from ON to OFF or by the occurrence of a Stop Category fault. While the safety option executes the configured Safe Stop Type, it continues to monitor the system.
Safe Stop and Safe Stop with Door Monitoring Modes Chapter 6 Safe Stop 1 and Safe Stop 2 When Safe Stop 1 or 2 is initiated by a transition of the SS_In input from ON to OFF, the safety option does not initiate the configured Stop Delay P47 [Max Stop Time] until after the optional Stop Monitoring Delay P46 [Stop Mon Delay] expires, unless a Stop Category fault occurs during the Stop Monitoring Delay.
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Figure 13 - Timing Diagram for Safe Stop 2 Stop Request Stop Monitoring Delay: P46 Stop Delay: P47 Speed P51 [Stop Decel Tol] Standstill Position and Standstill Speed Monitoring (drive remains enabled) P48 [Standstill Speed] Time SS_In Input SS_Out Output Motion Power (1) Stop Command (1) DC_Out Output (2) (1) This signal is internal, between the safety option and drive. (2) DC_Out output shown configured as Power to Release.
Safe Stop and Safe Stop with Door Monitoring Modes Chapter 6 Standstill Speed and Position Tolerance For Safe Stop Types that include Standstill Checking, you set the Standstill Speed and Standstill Position Tolerance. IMPORTANT The P48 [Standstill Speed] and P49 [Standstill Pos] parameters are not used for Safe Torque Off without Standstill Checking configurations. Set these parameters to zero. Standstill Speed is used to declare motion as stopped.
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Figure 15 - Deceleration Monitoring Stop Request Speed Actual speed measured at the start of the Stop Delay: P47 [Max Stop Time]. Stop Delay P47 [Max Stop Time] (Δv) = Deceleration Tolerance % x Deceleration Reference Speed: P51 Standstill Speed TIP Time To account for system overshoot and drive delay, choose Δv and set P50 [Decel Ref Speed] to the highest normal operating speed to calculate the Deceleration Tolerance.
Safe Stop and Safe Stop with Door Monitoring Modes Chapter 6 Automatic If the SS Reset is configured as automatic, the safety option always attempts a reset if it is in the Safe State or has initiated a Safe Stop Type. The reset is attempted when the SS_In input transitions from OFF to ON or if SS_In is ON at powerup. Manual If the SS Reset is configured as manual, the reset is attempted when the SS_In input is ON and the Reset_In input is ON.
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Configuration You configure the type of door control for each Safe Speed Monitor Option module in the system. P57 [Door Out Type] Settings DC_Out Status and Lock State Single and Last Units First and Middle Units 0 = Power to Release Not valid ON = Door is unlocked. OFF = Door is locked. 1 = Power to Lock Not valid ON = Door is locked. OFF = Door is unlocked.
Safe Stop and Safe Stop with Door Monitoring Modes Chapter 6 Lock Monitoring If Lock Monitoring is enabled, the Lock Monitoring input (LM_In) must be in the ON state any time the Door Control output (DC_Out) is in the Lock state, except for the 5 seconds following the DC_Out output’s transition from the Unlocked state to the Locked state. If the LM_In input is not ON during this time, a Lock Monitoring fault occurs.
Display Name Full Name Description Values 49 Standstill Pos Standstill Position Defines the position limit window in encoder 1 degrees or mm that will be tolerated after a safe stop condition has been detected. Degrees (360° = 1 revolution) or mm based on rotary or linear configuration defined by P29 [Fbk 1 Units]. Not valid for Safe Torque Off without Standstill Checking. Decel Ref Speed Deceleration Reference Speed Determines deceleration rate to monitor for Safe Stop 1 or Safe Stop 2.
Safe Stop and Safe Stop with Door Monitoring Modes Safe Stop Wiring Example Chapter 6 This example illustrates safe stop wiring.
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Safe Stop with Door Monitoring Mode When properly configured for Safe Stop with Door Monitoring, the safety option monitors the Safe Stop input (SS_In) and initiates the configured Safe Stop Type upon deactivation of the input as described in Safe Stop Mode on page 61.
Safe Stop and Safe Stop with Door Monitoring Modes Display Name Full Name Description Values 21 Safety Mode Safety Mode Defines the primary operating mode of the speed monitoring safety functions. DM Input Door Monitor Input Configuration for the Door Monitor input (DM_In).
Chapter 6 Safe Stop and Safe Stop with Door Monitoring Modes Safe Stop with Door Monitoring Wiring Example This example illustrates wiring for safe stop with door monitoring.
Chapter 7 Safe Limited Speed (SLS) Modes Introduction Safe Limited Speed (SLS) Mode This chapter describes the Safe Limited Speed (SLS) modes of safety operation and provides a list of configuration parameters along with wiring examples for each mode.
Chapter 7 Safe Limited Speed (SLS) Modes If the measured velocity exceeds the Safe Speed Limit, an SLS fault occurs and the configured P45 [Safe Stop Type] is initiated. An optional P53 [LimSpd Mon Delay] can be configured to delay the start of Safe Limited Speed monitoring. Safe Limited Speed monitoring is requested by a transition of the Safe Limited Speed input (SLS_In) from ON to OFF.
Safe Limited Speed (SLS) Modes Chapter 7 Safe Limited Speed Reset A Safe Limited Speed (SLS) Reset is a transition out of actively monitoring safe limited speed. It can also occur during a P53 [LimSpd Mon Delay], if one is configured. When an SLS Reset occurs, the safety option no longer monitors for safe limited speed and the door is locked. Speed is no longer restricted to the configured Safe Speed Limit. The SLS Reset function monitors the SLS_In input.
Safe Limited Speed (SLS) Modes No. Display Name Full Name Description Values 21 Safety Mode Safety Mode Defines the primary operating mode of the speed monitoring safety functions. Lim Speed Input Limited Speed Input Configuration for Safe Limited Speed input (SLS_In).
Safe Limited Speed (SLS) Modes Configuring the PowerFlex 750-Series Drive for SLS Operation Chapter 7 The safety option commands the drive to enter Manual Mode during Safe Limited Speed monitoring. IMPORTANT The drive parameters listed below must be configured for the drive to accept this command. P326 [Manual Cmd Mask] - Turn off the bit corresponding to the safety option’s port to allow modules installed in other ports to continue to control the drive when it is operating in Manual Mode.
Chapter 7 Safe Limited Speed (SLS) Modes Safe Limited Speed Wiring Example This example illustrates wiring for safe limited speed.
Safe Limited Speed (SLS) Modes Safe Limited Speed with Door Monitoring Mode Chapter 7 When properly configured for Safe Limited Speed with Door Monitoring, the safety option performs Safe Limited Speed (SLS) monitoring functions as described in Safe Limited Speed (SLS) Mode on page 75 in addition to the Safe Stop functions as described in Safe Stop Mode on page 61.
Chapter 7 Safe Limited Speed (SLS) Modes Safe Limited Speed Reset When properly configured for Safe Limited Speed with Door Monitoring, the safety option must be monitoring motion (SLS_In input is OFF) if the door is open (DM_In is OFF). Make sure the door is closed before requesting an SLS Reset. A Safe Limited Speed Reset results in a Door Monitoring fault if the door is open (DM_In is OFF) when the reset is requested by a transition of the SLS_In input from OFF to ON.
Safe Limited Speed (SLS) Modes Chapter 7 This example illustrates wiring for SLS with door monitoring.
Chapter 7 Safe Limited Speed (SLS) Modes Safe Stop Reset (SS Reset) and Safe Limited Speed Reset (SLS Reset) If an ESM Monitoring Fault occurs due to the ESM_In input turning OFF (enabling switch is released), the safety option can be reset without cycling the SS_In input. To perform an SLS Reset, first return the ESM_In input to ON (grip the enabling switch in the middle position). Then, press and release the reset button.
Safe Limited Speed (SLS) Modes SLS with Enabling Switch Monitoring Wiring Example Chapter 7 This example illustrates wiring for SLS with enabling switch monitoring.
Chapter 7 Safe Limited Speed (SLS) Modes Safe Limited Speed with Door Monitoring and Enabling Switch Monitoring Mode When properly configured for Safe Limited Speed with Door Monitoring and Enabling Switch Monitoring, the safety option performs Safe Limited Speed (SLS) monitoring functions as described on page 75, in addition to the Safe Stop functions as described in Safe Stop Mode on page 61.
Safe Limited Speed (SLS) Modes Chapter 7 Figure 23 - Timing Diagram for Safe Limited Speed (SLS) with Door Monitoring and Enabling Switch Monitoring Mode SLS Request Removed SLS Request SLS Monitoring Delay: P53 Safe Limited Speed Active Speed SLS Fault P55 [Safe Speed Limit] Acceptable Speed Range Time Door is unlocked if the enabling switch is in the middle position.
Chapter 7 Safe Limited Speed (SLS) Modes Behavior While SLS Monitoring is Inactive If Safe Limited Speed monitoring is inactive, the DM_In input must be ON (door closed) or a Door Monitoring fault occurs and the safety option initiates the configured P45 [Safe Stop Type]. The ESM_In input can be ON or OFF. Behavior During SLS Monitoring Delay The status of the ESM_In input does not affect the operation of the system during a P53 [LimSpd Mon Delay].
Safe Limited Speed (SLS) Modes Chapter 7 Safe Stop Reset (SS Reset) and Safe Limited Speed Reset (SLS Reset) The door must be closed when an SS Reset or SLS Reset is requested. An SS Reset results in a Door Monitoring fault if the door is open when the reset is requested by a transition of the SS_In input from OFF to ON. An SLS Reset also results in a Door Monitoring fault if the door is open when the reset is requested by a transition of the SLS_In input from OFF to ON.
Chapter 7 Safe Limited Speed (SLS) Modes SLS with Door Monitoring and Enabling Switch Monitoring Wiring Example This example illustrates wiring for SLS with door monitoring and enabling switch monitoring.
Safe Limited Speed (SLS) Modes Safe Limited Speed Status Only Mode Chapter 7 When properly configured for Safe Limited Speed Status Only, the safety option provides Safe Limited Speed status information in addition to the Safe Stop functions as described in Safe Stop Mode on page 61. When the Safe Limited Speed input (SLS_In) is OFF, the feedback velocity is monitored and compared against a configurable Safe Speed Limit. If the measured velocity exceeds the limit, no stopping action takes place.
Chapter 7 Safe Limited Speed (SLS) Modes Speed Hysteresis The P56 [Speed Hysteresis] parameter provides hysteresis for the SLS_Out output when the safety option is configured for SLS Status Only and Safe Limited Speed monitoring is active. The SLS_Out output is turned ON if the speed is less than the Low Threshold, which equals [(Speed Hysteresis/100) x Safe Speed Limit]. The SLS_Out output is turned OFF when the speed is greater than or equal to the configured P55 [Safe Speed Limit].
Safe Limited Speed (SLS) Modes Display Name Full Name Description Values 21 Safety Mode Safety Mode Defines the primary operating mode of the speed monitoring safety functions. Lim Speed Input Limited Speed Input Configuration for Safe Limited Speed input (SLS_In).
Chapter 7 Safe Limited Speed (SLS) Modes These examples illustrate wiring for SLS status only operation.
Safe Limited Speed (SLS) Modes Chapter 7 Figure 27 - Master, Safe Limited Speed Status Only (First Unit) First Axis Safety Option Terminals Next Downstream Axis Safety Option Terminals TB1 S11 S11 S11 S21 S21 S21 Reset SS Request +24V DC TEST_OUT_1 Out 0 TB2 SLS Request GND TEST_OUT_0 TB1 S11 S11 S11 S21 S21 S21 S11 S11 S11 S21 S21 S21 S34 RESET_IN 52 DC_OUT_CHx 51 78 SLS_OUT_CHx 68 44 SS_OUT_CHx 34 X42 LM_IN_CHx X32 S42 DM_IN_CHx S32 S62 SLS_IN_CHx S52 S34 52 51 78 Out 1 68 44 34 X42 X32
Chapter 7 Safe Limited Speed (SLS) Modes This example assumes that a programmable safety controller is monitoring all safety option functions and controlling the safety option. The SS_In and SLS_In inputs are connected to the I/O module; however, standard safety component inputs could also be used.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Introduction Cascaded Configurations This chapter describes the slave modes of safety operation and wiring examples of cascaded multi-axis configurations.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Figure 29 - Cascaded Connections First Axis (Master) Middle Axis (Slave) Axis 1 Last Axis (Slave) Axis 2 Axis 3 S22 SS_In_1 S12 SS_In_0 SS_Out_1 44 SS_Out_0 34 S22 SS_In_1 S12 SS_In_0 SS_Out_1 44 SS_Out_0 34 S22 SS_In_1 S12 SS_In_0 SS_Out_1 44 SS_Out_0 34 Safe Limited Speed Input S62 SLS_In_1 S52 SLS_In_0 SLS_Out_1 78 SLS_Out_0 68 S62 SLS_In_1 S52 SLS_In_0 SLS_Out_1 78 SLS_Out_0 68 S62 SLS_In_1 S52 SLS_In_0 SLS_Out_1 78 SLS_Out_0 68
Slave Modes for Multi-axis Cascaded Systems 20 Cascaded Config Cascaded Configuration Defines whether the speed monitoring safety option is a single unit or if it occupies a first, middle, or last position in a multi-axis cascaded system. Safety Mode Safety Mode Defines the primary operating mode of the speed monitoring safety functions. Safe Stop Input Safe Stop Input Configuration for Safe Stop input (SS_In).
57 Door Out Type Default: Door Output Type Options: Defines the lock and unlock state for door control output (DC_Out). When Door Out Type equals power to release, DC_Out is OFF in the lock state and ON in the unlock state. When Door Out Type equals power to lock, DC_Out is ON in the lock state and OFF in the unlock state. The first and middle units of a multi-axis system must be configured as cascading (2). DM Input Options: Door Monitor Input Configuration for the Door Monitor input (DM_In).
Slave Modes for Multi-axis Cascaded Systems Chapter 8 These examples show two different Slave, Safe Stop configurations. Slave, Safe Stop Wiring Examples The first example shows the safety option configured as a cascaded middle unit via the P20 [Cascaded Config] parameter (Multi Mid). It has SS_In and DM_In input connections from the previous upstream safety option, as well as SS_Out and DC_Out output connections to the next downstream safety option.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems This example shows the last cascaded slave safety option in the system. It has SS_In and DM_In inputs from the previous upstream safety option, but its DC_Out output is connected to a guardlocking interlock switch. This unit is configured with automatic reset so it follows the function of the previous axis.
Slave Modes for Multi-axis Cascaded Systems Chapter 8 Figure 32 - First, Middle, and Last Safety Options in a Cascaded System with Door Control and Lock Monitoring Middle Axis Safety Option Terminals First Axis Safety Option Terminals TB1 TB1 S11 S11 S11 S21 S21 S21 Last Axis Safety Option Terminals S11 S11 S11 S21 S21 S21 S11 S11 S11 S21 S21 S21 TEST_OUT_0 TEST_OUT_1 TEST_OUT_0 TEST_OUT_1 TB1 S11 S11 S11 S21 S21 S21 TB2 TB2 68 44 34 X42 X32 S42 S32 S62 S52 S34 RESET_IN 52 DC_OUT_CHx 51 78
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Slave, Safe Limited Speed Mode When properly configured for Slave, Safe Limited Speed mode, the safety option performs the same functions as Safe Limited Speed mode as described on page 75. However, the safety option regards the Door Monitor input as a Door Control output from an upstream axis, and performs a logical AND with its internal Door Control signal to form the cascaded Door Control output.
Slave Modes for Multi-axis Cascaded Systems Chapter 8 These examples show two different Slave, Safe Limited Speed configurations. Slave, Safe Limited Speed Wiring Examples The first example is configured as a cascaded middle unit via the P20 [Cascaded Config] parameter (Multi Mid). It has SS_In, SLS_In, and DM_In input connections from the previous upstream safety option, as well as SS_Out, SLS_Out, and DC_Out output connections to the next downstream safety option.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems This second example is configured as a cascaded last unit via the P20 [Cascaded Config] parameter (Multi Last). It has SS_In, SLS_In, and DM_In input connections from the previous upstream safety option, but its DC_Out output is connected to a guardlocking interlock switch.
Slave Modes for Multi-axis Cascaded Systems Slave, Safe Limited Speed Status Only Mode Chapter 8 When properly configured for Slave, Safe Limited Speed Status Only mode, the Safe Speed Monitor Option module performs the same functions as Safe Limited Speed Status Only mode as described on page 91.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Slave, Safe Limited Speed Status Only Wiring Examples These examples show two different Slave, Safe Limited Speed Status Only configurations. The first example is configured as a cascaded middle unit via the P20 [Cascaded Config] parameter (Multi Mid). It has SS_In, SLS_In, and DM_In input connections from the previous upstream safety option, as well as SS_Out, SLS_Out, and DC_Out output connections to the next downstream safety option.
Slave Modes for Multi-axis Cascaded Systems Chapter 8 This second example is configured as a cascaded last unit via the P20 [Cascaded Config] parameter (Multi Last). It has SS_In, SLS_In, and DM_In input connections from the previous upstream safety option, but its SS_Out, SLS_Out, and DC_out outputs are connected to a Bulletin 1791DS module.
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Multi-axis Connections When configuring a multi-axis system, you need to consider the location of each safety option in the system. The type of cascaded connections that can be made are dependent upon the Safety mode configurations of the master and slave safety options and their positions in the system. Middle and last units in the cascaded chain may be configured for Automatic reset.
Slave Modes for Multi-axis Cascaded Systems Chapter 8 This table shows the supported Safety modes for slave safety options (n+1) cascaded from slaves (n).
Chapter 8 Slave Modes for Multi-axis Cascaded Systems Notes: 112 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Chapter 9 Safe Maximum Speed and Direction Monitoring Introduction Safe Maximum Speed (SMS) Monitoring This chapter describes Safe Maximum Speed (SMS), Safe Maximum Acceleration (SMA), and Safe Direction (SDM) monitoring modes of safety operation and provides a list of configuration parameters.
Chapter 9 Safe Maximum Speed and Direction Monitoring You define the Safe Stop Type initiated by the safety option in the event of an SMS Speed fault by using the P63 [Max Spd Stop Typ] parameter. P63 [Max Spd Stop Typ] Parameter Description 0 = Use Safe Torque Off with Check for Standstill (Torque Off) The safety option initiates Safe Torque Off with Check for Standstill any time an SMS Speed fault is detected while the safety option is monitoring motion.
Safe Maximum Speed and Direction Monitoring Chapter 9 Figure 39 - SMS Speed Fault When P63 [Max Spd Stop Typ] Set to ’Use Configured Stop Type (Safe Stp Typ)’ SMS Speed Fault Stop Request Speed P46 [Stop Mon Delay] Stop Delay P47 [Max Stop Time] P62 [Safe Max Speed] P51 [Stop Decel Tol] P48 [Standstill Speed] Time If an SMS Speed fault is detected during the Stop Delay P47 [Max Stop Time] and the P63 [Max Spd Stop Typ] parameter equals Use Safe Torque Off with Check for Standstill (Torque Off ), the
Chapter 9 Safe Maximum Speed and Direction Monitoring Safe Maximum Acceleration (SMA) Monitoring Configure Safe Maximum Acceleration monitoring by setting the P64 [Max Accel Enable] parameter to Enable. When configured, Safe Maximum Acceleration Monitoring is active any time the safety option configuration is valid and Safety mode is not set to Disabled.
Safe Maximum Speed and Direction Monitoring Chapter 9 You define the Safe Stop Type initiated by the safety option in the event of an Acceleration fault by using the P66 [Max Acc Stop Typ] parameter. P66 [Max Acc Stop Typ] Parameter Description 0 = Use Safe Torque Off with Check for Standstill (Torque Off) The safety option initiates Safe Torque Off with Check for Standstill any time an Acceleration fault is detected while the safety option is monitoring motion.
Chapter 9 Safe Maximum Speed and Direction Monitoring Figure 43 - Acceleration Fault When P66 [Max Acc Stop Typ] Set to ‘Use Safe Torque Off with Check for Standstill (Torque OFF)’ Stop Request Speed Acceleration Fault P66 [Max Acc Stop Typ] Stop Delay P47 [Max Stop Time] P48 [Standstill Speed] Time SS_In SS_Out Motion Power (1) DC_Out (1) This signal is internal, between the safety option and drive. For more information about faults, see Fault Reactions on page 155.
Safe Maximum Speed and Direction Monitoring Chapter 9 Figure 44 - Positive Safe Direction Monitoring Timing Diagram P42 [Direction Mon] = 1 “Pos Always” Speed Safe Direction 300 0 Time Safe Direction Fault Figure 45 - Negative Safe Direction Monitoring Timing Diagram P42 [Direction Mon] = 2 “Neg Always” Safe Direction Fault Time 0 -300 Safe Direction Speed If motion is detected in the incorrect direction while Safe Direction Monitoring is active, a Direction fault occurs.
Safe Maximum Speed and Direction Monitoring Values 30 Fbk 1 Polarity Feedback 1 Polarity Defines the direction polarity for encoder 1. Fbk 2 Polarity Feedback 2 Polarity Defines the direction polarity for encoder 2. Direction Mon Direction Monitoring Defines the allowable direction if Safe Direction Monitoring is enabled.
Chapter 10 Safety Configuration and Verification Introduction Safety Configuration This chapter provides guidelines for configuring your safe speed monitor option module. Topic Page Safety Configuration 121 Basics of Application Development and Testing 123 Commissioning the System 124 Editing the Configuration 130 When you configure a speed monitoring safety system, you must record and verify the configuration signature and set the safety-lock status of the system configuration.
Chapter 10 Safety Configuration and Verification Set and Change a Password You can protect the system configuration by using an optional password. If you set a password, edits to the configuration, as well as safety-locking and safety option reset operations require the password to be entered. You can set a password when the safety option is not safety-locked and the P6 [Operating Mode] parameter value equals 0 (Program). Follow these steps to set a new password. 1.
Safety Configuration and Verification Chapter 10 Resetting the Configuration When the safety option is unlocked and the P6 [Operating Mode] parameter equals 0 (Program), you can reset the safety option’s configuration parameters to their factory default settings, by setting the P7 [Reset Defaults] parameter to 1. The reset parameters are sent to the safety option when the P6 [Operating Mode] parameter is changed to 1 (Run).
Chapter 10 Safety Configuration and Verification Commissioning the System The flowchart shows the steps required for commissioning a Speed Monitoring safety system. The items in bold are explained in the following sections.
Safety Configuration and Verification Chapter 10 Specifying the Safety Configuration You must create a specification for the system configuration that addresses the safety requirements identified by a risk assessment of your application. Use the specification to verify that the configuration is selected correctly and that it fully addresses your application’s functional and safety control requirements.
Chapter 10 Safety Configuration and Verification Configure the Safe Speed Monitor Option Module You configure the safety option by using a HIM module, DriveExplorer, DriveExecutive, or RSLogix 5000 software. If you are using the Automatic Device Configuration (ADC) feature, refer to Configure ADC and the Safe Speed Monitor Option Module on page 128. Drive DriveExplorer DriveExecutive RSLogix 5000 RSLogix 5000 with ADC Feature PowerFlex 753 Frames 1…7 Version 6.02 or later Version 5.
Safety Configuration and Verification Chapter 10 Project Verification Test To check that the safety option’s configuration adheres to the application specification, you must generate a suitable set of test cases covering the application. The set of test cases must be filed and retained as the test specification. You must include a set of tests to prove the validity of the safety configuration parameters.
Chapter 10 Safety Configuration and Verification Configure ADC and the Safe Speed Monitor Option Module Automatic Device Configuration (ADC) is a Logix feature present in version 20 or later. ADC can be used to download a configuration stored in a controller into a device and uses an ADC Configuration Signature value to determine if the configuration of a device has changed since the controller last configured the device.
Safety Configuration and Verification Chapter 10 13. Enter the password into the P1 [Password] parameter. 14. Set the P5 [Lock State] parameter to 1 “Lock.” Refer to Appendix B for a complete list of parameters and settings for the safety option. After the system has been placed in service, if a controller determines that it needs to configure the safety option, several manual steps are required.
Chapter 10 Safety Configuration and Verification Editing the Configuration Only authorized, specially-trained personnel can make edits to the configuration. These personnel should use all supervisory methods available, for example, using the software password protections. When authorized, specially-trained personnel make edits, they assume the central safety responsibility while the changes are in progress. These personnel must also maintain safe application operation.
Chapter 11 Configuration Examples Introduction These examples guide you through the basic steps required to program an application that uses some of the safety option functions. The remaining chapters of this manual provide detailed information on the operation of each safety function.
Chapter 11 Configuration Examples Example 1: Initial Security Group Settings Figure 46 - Security Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Security Password Lock State Operating Mode ESC Follow these steps to put the safety option into Program mode for configuration. 1. From the Security group, choose the P5 [Lock State] parameter. The default value of the Lock State parameter is 0 or unlocked. 2.
Configuration Examples Chapter 11 Example 1: General Group Settings Figure 47 - General Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: General Cascaded Config Safety Mode Reset Type ESC Follow these steps to configure the general operation of the safety option. 1. From the General group, choose the P20 [Cascaded Config] parameter. 2.
Chapter 11 Configuration Examples Example 1: Feedback Group Settings Figure 48 - Feedback Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Feedback Fbk Mode Fbk 1 Type Fbk 1 Units ESC Follow these steps to configure the type of feedback used by the safety option. 1. From the Feedback group, choose the P27 [Fbk Mode] parameter. 2.
Configuration Examples Chapter 11 12. Enter 5, 9, or 12V to monitor voltage in accordance with the encoder’s specifications, or enter 0 (default) to disable encoder voltage monitoring. TIP The P33 [Fbk 1 Speed] parameter displays the output speed of the encoder as a value between -214,748,364.8…214,748,364.8 rpm based on the encoder’s configuration. You do not need to enter a setting or value for this parameter. 13. Choose the P42 [Direction Mon] parameter. 14.
Chapter 11 Configuration Examples 4. Set the P45 [Safe Stop Type] parameter value to 0 (default), which equals Safe Torque Off with Standstill Speed Checking (Torque Off ). Safe Torque Off with Standstill Speed Checking (Torque Off ) switches off motion power immediately after an E-Stop command and sets door control to Unlock when the Standstill Speed is detected. 5. Choose the P47 [Max Stop Time] parameter. The default value is 10 s, but you can enter a value from 0…6553.5 s. 6.
Configuration Examples Chapter 11 Example 1: Limited Speed Group Settings Figure 50 - Limited Speed Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Limited Speed Lim Speed Input LimSpd Mon Delay Enable SW Input ESC Follow these steps to configure the Safe Limited Speed operation. 1. From the Limited Speed group, choose the P52 [Lim Speed Input] parameter.
Chapter 11 Configuration Examples Example 1: Door Control Group Settings Figure 51 - Door Control Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Door Control Door Out Type DM Input Lock Mon Enable ESC Follow these steps to configure Door Control operation for the safety option. 1. From the Door Control group, choose the P57 [Door Out Type] parameter. 2.
Configuration Examples Chapter 11 8. Set the P60 [Lock Mon Input] parameter value to 1 for 2NC (dualchannel equivalent) operation. In this example application, the Lock Monitor Input (LM_In) monitors the TLS-3 GD2 switch, which has two normally-closed (2NC) interlock monitoring contacts. 9. Go to the next section to set the parameters that configure Safe Maximum Speed monitoring. Example 1: Max Speed Group Figure 52 - Max Speed Group Parameters HIM Screen Software Screen Not Enabled 0.
Chapter 11 Configuration Examples 6. Set the P63 [Max Spd Stop Typ] parameter value to 0 (default), which equals Use Safe Torque Off with Standstill Checking (Torque Off ). With this configuration, if speed exceeds the configured Safe Max Speed, the safety option initiates a Safe Torque Off with Standstill Checking type of Safe Stop, regardless of the configured Safe Stop Type. 7. Go on to the next section to put the safety option into Run mode and lock the configuration.
Configuration Examples Chapter 11 This example application shows how to change the default configuration settings to set up the safety option for an application with these basic parameters: • Safe Stop (SS) enabled with an E-stop button. • Safe Limited Speed (SLS) initiated with a 2NC contact switch. • A configured Safe Maximum Speed (SMS) limit. • Door Monitoring (DM) • Door Control (DC) to control a guardlocking switch (TLS-3 GD2, Power to Release style). • A Reset button with 1 NO contact.
Chapter 11 Configuration Examples 3. Choose the P1 [Password] parameter. 4. Type the password. 5. Choose the P6 [Operating Mode] parameter. The default value is 0, which equals Program. 6. If the safety option is in Run mode (Operating Mode parameter equals 1), set the P6 [Operating Mode] parameter to 0 to enable you to enter a new configuration. 7. If you want to configure a password or change the password, choose the P13 [New Password] parameter. The default value is 0.
Configuration Examples Chapter 11 4. Set the P21 [Safety Mode] parameter value to 6 for Master, Safe Limited Speed with Door Monitoring and Enabling Switch Monitoring mode (Lim Speed DM ES). In this mode, the door is locked when the machine speed is above a configured Safe Speed Limit. The door can be unlocked when a stop has been requested and the machine is at Standstill Speed.
Chapter 11 Configuration Examples Example 2: Feedback Group Settings Figure 55 - Feedback Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Feedback Fbk Mode Fbk 1 Type Fbk 1 Units ESC Follow these steps to configure the type of feedback used by the safety option. 1. From the Feedback group, choose the P27 [Fbk Mode] parameter. 2.
Configuration Examples Chapter 11 12. Enter 5, 9, or 12V to monitor voltage in accordance with the encoder’s specifications, or enter 0 (default) to disable encoder voltage monitoring. TIP The P33 [Fbk 1 Speed] parameter displays the output speed of the encoder as a value between -214,748,364.8…214,748,364.8 rpm based on the encoder’s configuration. You do not need to enter a setting or value for this parameter. 13. Choose the P42 [Direction Mon] parameter. 14.
Chapter 11 Configuration Examples In this example application, the Safe Stop input (SS_In) monitors an EStop button with two normally-closed (2NC) contacts. 3. Choose the P45 [Safe Stop Type] parameter. 4. Set the P45 [Safe Stop Type] parameter value to 1, which equals Safe Stop 1. Safe Stop 1 monitors deceleration profiles. When Standstill Speed is detected within the Stop Delay [Max Stop Time], the safety option switches off Motion Power and sets door control logic to Unlock. 5.
Configuration Examples Chapter 11 Example 2: Limited Speed Group Settings Figure 57 - Limited Speed Group Parameters HIM Screen Software Screen Not Enabled 0.000 Hz AUTO F Port 04: Param File-Group FILE: Parameter Groups GROUP: Limited Speed Lim Speed Input LimSpd Mon Delay Enable SW Input ESC Follow these steps to configure the Safe Limited Speed operation. 1. From the Limited Speed group, choose the P52 [Lim Speed Input] parameter.
Chapter 11 Configuration Examples switch is held in the middle position, the safety gate can be opened during Safe Limited Speed monitoring. 6. Choose the P55 [Safe Speed Limit] parameter. The default value is 0 rpm or mm/s. Enter a value from 0…6553.5. 7. Type the maximum allowable rpm value for safe (reduced) velocity. The speed is calculated in rpm, based on the P29 {Fbk 1 Units] parameter setting (0 = Rotary feedback) entered previously. 8.
Configuration Examples Chapter 11 5. Choose the P59 [Lock Mon Enable] parameter. The default value is 0 (Disabled) for applications without an interlock switch. 6. Set the P59 [Lock Mon Enable] parameter value to 1 (Enabled) because this application uses the TLS-3 GD2 interlock switch. 7. Choose the P60 [Lock Mon Input] parameter. The default value is 0 (Not Used) for applications that do not use an interlock switch. 8.
Chapter 11 Configuration Examples 3. Choose the P62 [Safe Max Speed] parameter. The default value is 0 rpm or mm/s. Enter a value from 0…6553.5. 4. Type the maximum allowable rpm value for velocity. The speed is calculated in rpm, based on the Fbk 1 Units parameter setting (0 = Rotary feedback) entered previously. 5. Choose the P63 [Max Spd Stop Typ] parameter. 6. Set the P63 [Max Spd Stop Typ] parameter value to 1, which equals Use Configured Safe Stop Type (Safe Stp Typ).
Chapter 12 Troubleshooting the PowerFlex Safety Option Module Introduction Status Indicators This chapter provides troubleshooting tables for diagnosing fault conditions associated with the PowerFlex safety option module. Topic Page Status Indicators 151 Nonrecoverable Faults 152 Fault Recovery 152 Fault Codes and Descriptions 152 Fault Reactions 155 Status Attributes 156 The safety option features two indicators to provide status information.
Chapter 12 Troubleshooting the PowerFlex Safety Option Module In addition to the recoverable faults described in this chapter, the safety option also generates nonrecoverable faults when an anomaly with the safety option hardware is detected. These faults are Safe State faults. If a Safe State fault occurs, all safety control outputs are set to their safe state. Nonrecoverable Faults To clear a nonrecoverable fault, cycle power.
Troubleshooting the PowerFlex Safety Option Module Chapter 12 These tables list the faults, fault codes, and display text for each fault. You can view these faults by accessing the P67 [Fault Status] parameter. Table 17 - Safe State Faults Code Display Text Description 0 Combined Flt A combined fault is indicated if any error has occurred. 1 Critical Flt A nonrecoverable microprocessor error has occurred.
Chapter 12 Troubleshooting the PowerFlex Safety Option Module Table 19 - Stop Category Faults Code Display Text Description 9 SS In Flt 10 SS Out Flt I/O Faults (1) 14 SLS In Flt An SLS_In fault occurs if an error is detected in the SLS_In dual-channel input. 15 SLS Out Flt An SLS_Out fault occurs if an error is detected in the SLS_Out dual-channel output. 20 DM In Flt A DM_In fault occurs if an error is detected in the DM_In dual-channel input.
Troubleshooting the PowerFlex Safety Option Module Fault Reactions Chapter 12 When a fault occurs, the type of fault and the status of the system determine the resulting state of the system. Safe State Faults If a Safe State fault occurs in any operational state including the Disabled state, the safety option goes to the Safe State. In the Safe State, all safety outputs are in their safe states.
Chapter 12 Troubleshooting the PowerFlex Safety Option Module If outputs are already in a faulted state due to a previous fault, and a subsequent Stop Category fault or Fault While Stopping fault occurs, outputs remain in a faulted state, door control logic can be set to Unlock if feedback signals indicate that Standstill Speed has been reached, and the safety option continues to monitor for faults.
Troubleshooting the PowerFlex Safety Option Module Chapter 12 Display Text Description 8 SS Out This bit is set to 1 if the dual-channel SS_Out output is being commanded to the ON state. This bit is the commanded value, not a readback value. This bit is set to 0 if the SS_Out output is being commanded to the OFF state. 9 SLS In This bit reflects the logical value evaluated for the dual-channel SLS_In input.
Chapter 12 Troubleshooting the PowerFlex Safety Option Module I/O Diagnostic Status Attributes These attributes are stored in the P69 [IO Diag Status] parameter. Each bit reflects the present state of I/O signal and is used for diagnostics: 0 = open; 1 = closed.
Troubleshooting the PowerFlex Safety Option Module Chapter 12 Use these fault codes, stored in the P70 [Config Flt Code] parameter, to identify the reason for an Invalid Configuration fault. Configuration Fault Codes Value Description Display 0 No fault. No Fault 1 Password Required. Password Req 2 P21 [Safety Mode] value not legal based on P20 [Cascaded Config] value. P21 (P20) 3 P57 [Door Out Type] value not legal based on P20 [Cascaded Config] value.
Chapter 12 Troubleshooting the PowerFlex Safety Option Module Notes: 160 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Appendix A Specifications Introduction General Specifications This appendix provides product specifications for the PowerFlex safety option module. Topic Page General Specifications 161 Environmental Specifications 162 Certifications 163 CE Conformity 163 Encoder Specifications 164 These specifications apply to the PowerFlex safety option module. Attribute Value Standards IEC/EN60204-1, ISO12100, IEC 61508, IEC 61800-5-2 Safety category Cat.
Appendix A Specifications Environmental Specifications Category Maximum Surrounding Air Temperature IP20, NEMA/UL Open Type: IP00, NEMA/UL Open Type: IP20, NEMA/UL Type 1 (w/Hood): IP20, NEMA/UL Type 1 (w/Label): IP20, NEMA/UL Type 1 (MCC Cabinet): Flange Mount – Front: IP20, NEMA/UL Open Type: IP00, NEMA/UL Open Type: Back/Heat Sink: IP66, NEMA/UL Type 4X Stand-alone/Wall Mount – IP54, NEMA/UL Type 12 Specification 0…50 °C (32…122 °F) 0…50 °C (32…122 °F) 0…40 °C (32…104 °F) 0…40 °C (32…104 °F) 0…40 °C
Specifications Certifications Appendix A See the Product Certification link at www.rockwellautomation.com/products/ certification/ for Declarations of Conformity, Certificates, and other certifications details. Certification (1) c-UL-us (2) Value UL Listed, certified for US and Canada.
Appendix A Specifications Use Belden 9728 cable with the following encoder specifications. Encoder Specifications Type Parameter Description Generic Incremental Incremental encoder support 5, 9, and 12V, differential A quad B Differential input voltage (AM and BM) 1.0…7.0V High threshold level, min 3.5V Low threshold level, max 0.
Appendix B Parameter Data This appendix provides a description of the safety parameters, organized into both a linear list by parameter number, and into device-specific files and groups. Parameters for the Safe Speed Monitor Option module appear in the groups Security, General, Feedback, Stop, Limited Speed, Door Control, Max Speed, and Faults. Parameter Groups Figure 60 - Safety Option Parameter Groups.
Parameter Data Values 1 Password Password Password for Lock and Unlock function. Lock State Lock State Command to lock or unlock the safety option configuration. Operating Mode Operating Mode Command to place the system in Program or Run mode.
Values 70 Config Flt Code Default: Configuration Fault Code. Options: 0 = No Fault 1 = Password Required (Password Req) 2 = P21 [Safety Mode] value not legal based on P20 [Cascaded Config] value. 3 = P57 [Door Out Type] value not legal based on P20 [Cascaded Config] value. 4 = P46 [Stop Mon Delay] value not legal based on P45 [Safe Stop Type] value. 5 = P50 [Decel Ref Speed] value not legal based on P31 [Fbk 1 Resolution] value.
General Safe Speed Monitor Read-Write Values 20 Cascaded Config Cascaded Configuration Defines whether the speed monitoring safety option is a single unit or if it occupies a first, middle, or last position in a multi-axis cascaded system.
Read-Write Values 27 Fbk Mode Feedback Mode Selects the number of feedback devices and the type of discrepancy checking. “Single Fbk” (0) - 1 Encoder “Dual S/P Chk” (1) - 2 Encoders with Speed and Position Discrepancy Checking “Dual Spd Chk” (2) - 2 Encoders with Speed Discrepancy Checking “Dual Pos Chk” (3) - 2 Encoders with Position Discrepancy Checking Fbk 1 Type Feedback 1 Type Selects the type of feedback for encoder 1.
37 Fbk 2 Volt Mon Feedback 2 Voltage Monitor Encoder 2 voltage to be monitored. Default: Options: 38 Fbk 2 Speed Feedback 2 Speed Displays the output speed of encoder 2. Units based on rotary or linear configuration defined by P34 [Fbk 2 Units]. Fbk Speed Ratio Feedback Speed Ratio Defines the ratio of the expected speed of encoder 2 divided by the expected speed of encoder 1. Ratio based on rotary or linear configuration defined by P29 [Fbk 1 Units].
44 Safe Stop Input Safe Stop Input Configuration for Safe Stop input (SS_In). “2NC” (1) – Dual-channel equivalent “2NC 3s” (2) – Dual-channel equivalent 3 s “1NC+1NO” (3) – Dual-channel complementary “1NC+1NO 3s” (4) – Dual-channel complementary 3 s “2 OSSD 3s” (5) – Dual-channel SS equivalent 3 s “1NC” (6) – Single channel equivalent Safe Stop Type Safe Stop Type Safe operating stop type selection.
Limited Speed Safe Speed Monitor Read-Write Values 52 Lim Speed Input Limited Speed Input Configuration for Safe Limited Speed input (SLS_In).
Door Control Read-Write Values 57 Door Out Type Door Output Type Defines the lock and unlock state for door control output (DC_Out). When Door Out Type equals power to release, DC_Out is OFF in the lock state and ON in the unlock state. When Door Out Type equals power to lock, DC_Out is ON in the lock state and OFF in the unlock state. The first and middle units of a multi-axis system must be configured as cascading (2). DM Input Door Monitor Input Configuration for the Door Monitor input (DM_In).
61 Max Speed Enable Maximum Speed Enable Enable Safe Maximum Speed Monitoring. Safe Max Speed Safe Maximum Speed Defines the maximum speed limit that will be tolerated if Safe Maximum Speed monitoring is enabled. Default: Options: Max Speed Safe Speed Monitor 63 64 65 66 Max Spd Stop Typ Maximum Speed Stop Type Defines the safe stop type that will be initiated in the event of a SMS Speed Fault.
Fault Status Fault Status Bit-encoded faults.
68 Guard Status Guard Status Indicates the state of the safety functions while in Run mode.
69 IO Diag Status I/O Diagnostics Status Indicates present state of I/O used for diagnostics. Important: When the safety option is not in the Run mode, this parameter is not updated.
Appendix B Parameter Data Notes: 178 Rockwell Automation Publication 750-RM001F-EN-P - February 2012
Index Numerics 2 Channel Sourcing 68 A access hazardous area 86 additional resources 13 automatic reset 48 SLS Reset 77 SS reset 67 C cascaded config 47, 97 cascaded connections 41, 43, 45 Cat 4 11, 15 performance definition 16 certification Cat 4 11, 15 ISO 13849-1 15 PL e 11, 15 SIL CL3 11, 15 certifications 163 commissioning the system 124-127 commutation 22 conductor requirements 161 configuration confirm 127 example 1 131 example 2 141 lock 121 lock bit 121, 127 signature. See Signature ID.
Index G Guard Status attributes 156 H HIM module 27 hold last state SLS_Out output 92 I I/O Diagnostic Status attributes 158 input faults 152 inputs 35 installing 31 ISO 13849-1 15, 16, 18, 163 J J2 jumper 30 L LED Indicators 151 LM_In input 39 Lock Monitoring 25, 69 Lock Monitoring wiring 44 lock state 121 M manual monitored reset 48 SLS Reset 77 SS Reset 67 manual reset 48 SLS Reset 77 SS Reset 67 Max Stop Time definition 61 multi-axis configurations 97-98 connections 110, 111 wiring 41, 43 P param
Index S Safe Accel Limit See Safe Maximum Acceleration Limit. Safe Direction Monitoring 118 negative 119 overview 25 positive 119 Safe Limited Speed mode 75 Safe Limited Speed Monitoring Delay 75, 76, 77, 84, 86, 91 Safe Limited Speed Monitoring Inactive 88 Safe Limited Speed Reset See SLS Reset.
Index V validation third-party 127 verify configuration 127 lock status 127 Signature ID 127 W wiring DC_Out output 44, 45 DM_In input 44 LM_In input 44 multi-axis connections 41, 43 safety input examples 37 wiring example Safe Limited Speed mode 80 Safe Limited Speed Status Only mode 94, 96 Safe Stop mode 71 Safe Stop with Door Monitoring mode 74 Slave, Safe Limited Speed 105-106 Slave, Safe Limited Speed Status Only mode 108-109 Slave, Safe Stop mode 101-103 SLS with Door Monitoring and Enabling Switch
Rockwell Automation Support Rockwell Automation provides technical information on the Web to assist you in using its products. At http://www.rockwellautomation.com/support/, you can find technical manuals, a knowledge base of FAQs, technical and application notes, sample code and links to software service packs, and a MySupport feature that you can customize to make the best use of these tools.
