About the Book
This document describes the steps to integrate a Safety Logic Controller (SLC) with connected safety-related TM5/TM7 I/O devices into a Logic/Motion Controller environment in EcoStruxure Machine Expert and Machine Expert - Safety.
You will learn how to
osetup the bus architecture
oconfigure the devices involved
oconfigure the standard and safety-related parameters of the devices
osetup and create a safety-related project
ocommission, operate and maintain the application
operform system diagnostics
oexchange data between the Logic/Motion Controller and the Safety Logic Controller (SLC)
The document is to be understood as a general guideline which focuses on the integration of Embedded Safety into the Logic/Motion Controller application. For detailed information on device-specific characteristics and procedures, refer to the respective user guide(s).
This document has been updated with the release of EcoStruxure Machine Expert V1.2.
For product compliance and environmental information (RoHS, REACH, PEP, EOLI, etc.), go to www.schneider-electric.com/green-premium.
The technical characteristics of the devices described in the present document also appear online. To access the information online, go to the Schneider Electric homepage www.se.com.
The characteristics that are presented in the present document should be the same as those characteristics that appear online. In line with our policy of constant improvement, we may revise content over time to improve clarity and accuracy. If you see a difference between the document and online information, use the online information as your reference.
|
|
|
HAZARD OF ELECTRIC SHOCK, EXPLOSION OR ARC FLASH |
|
oDisconnect all power from all equipment including connected devices prior to removing any covers or doors, or installing or removing any accessories, hardware, cables, or wires except under the specific conditions specified in the appropriate hardware guide for this equipment. oAlways use a properly rated voltage sensing device to confirm the power is off where and when indicated. oReplace and secure all covers, accessories, hardware, cables, and wires and confirm that a proper ground connection exists before applying power to the unit. oUse only the specified voltage when operating this equipment and any associated products. |
|
Failure to follow these instructions will result in death or serious injury. |
For the Safety Logic Controllers:
|
|
|
POTENTIAL FOR EXPLOSION |
|
oOnly use this equipment in non-hazardous locations, or in locations that comply with Class I, Division 2, Groups A, B, C and D. oDo not substitute components which would impair compliance to Class I, Division 2. oDo not connect or disconnect equipment unless power has been removed or the location is known to be non-hazardous. oDo not use the USB port(s), if so equipped, unless the location is known to be non-hazardous. |
|
Failure to follow these instructions will result in death or serious injury. |
For the Logic/Motion Controllers:
This equipment has been designed to operate outside of any hazardous location. Only install this equipment in zones known to be free of a hazardous atmosphere.
|
|
|
POTENTIAL FOR EXPLOSION |
|
Install and use this equipment in non-hazardous locations only. |
|
Failure to follow these instructions will result in death or serious injury. |
|
|
|
LOSS OF CONTROL |
|
oThe designer of any control scheme must consider the potential failure modes of control paths and, for certain critical control functions, provide a means to achieve a safe state during and after a path failure. Examples of critical control functions are emergency stop and overtravel stop, power outage and restart. oSeparate or redundant control paths must be provided for critical control functions. oSystem control paths may include communication links. Consideration must be given to the implications of unanticipated transmission delays or failures of the link. oObserve all accident prevention regulations and local safety guidelines.1 oEach implementation of this equipment must be individually and thoroughly tested for proper operation before being placed into service. |
|
Failure to follow these instructions can result in death, serious injury, or equipment damage. |
1 For additional information, refer to NEMA ICS 1.1 (latest edition), "Safety Guidelines for the Application, Installation, and Maintenance of Solid State Control" and to NEMA ICS 7.1 (latest edition), "Safety Standards for Construction and Guide for Selection, Installation and Operation of Adjustable-Speed Drive Systems" or their equivalent governing your particular location.
Before you attempt to provide a solution (machine or process) for a specific application using the POUs found in the library, you must consider, conduct and complete best practices. These practices include, but are not limited to, risk analysis, functional safety, component compatibility, testing and system validation as they relate to this library.
|
|
|
IMPROPER USE OF PROGRAM ORGANIZATION UNITS |
|
oPerform a safety-related analysis for the application and the devices installed. oEnsure that the Program Organization Units (POUs) are compatible with the devices in the system and have no unintended effects on the proper functioning of the system. oUse appropriate parameters, especially limit values, and observe machine wear and stop behavior. oVerify that the sensors and actuators are compatible with the selected POUs. oThoroughly test all functions during verification and commissioning in all operation modes. oProvide independent methods for critical control functions (emergency stop, conditions for limit values being exceeded, etc.) according to a safety-related analysis, respective rules, and regulations. |
|
Failure to follow these instructions can result in death, serious injury, or equipment damage. |
|
|
|
UNINTENDED EQUIPMENT OPERATION |
|
oOnly use software approved by Schneider Electric for use with this equipment. oUpdate your application program every time you change the physical hardware configuration. |
|
Failure to follow these instructions can result in death, serious injury, or equipment damage. |
Care must be taken and provisions made for use of this library for machine control to avoid inadvertent consequences of commanded machine operation, state changes, or alteration of data memory or machine operating elements.
|
|
|
UNINTENDED EQUIPMENT OPERATION |
|
oPlace operator devices of the control system near the machine or in a place where you have full view of the machine. oProtect operator commands against unauthorized access. oIf remote control is a necessary design aspect of the application, ensure that there is a local, competent, and qualified observer present when operating from a remote location. oConfigure and install the Run/Stop input, if so equipped, or, other external means within the application, so that local control over the starting or stopping of the device can be maintained regardless of the remote commands sent to it. |
|
Failure to follow these instructions can result in death, serious injury, or equipment damage. |
|
Document title |
Reference |
|---|---|
|
Modicon M262 Logic/Motion Controller - Hardware Guide |
|
|
Safety Logic Controller 100/200 FS - Hardware Guide |
|
|
EcoStruxure Machine Expert Programming Guide |
|
|
M262 Logic/Motion Controller - Programming Guide |
|
|
TM5 Sercos III Interface - Hardware Guide |
|
|
EcoStruxure Machine Expert - Safety - User Guide |
|
|
Safety Modules - Reference Guide |
|
|
SafeLogger for EcoStruxure Machine Expert - Safety |
Terminology Derived from Standards
The technical terms, terminology, symbols and the corresponding descriptions in this manual, or that appear in or on the products themselves, are generally derived from the terms or definitions of international standards.
In the area of functional safety systems, drives and general automation, this may include, but is not limited to, terms such as safety, safety function, safe state, fault, fault reset, malfunction, failure, error, error message, dangerous, etc.
Among others, these standards include:
|
Standard |
Description |
|---|---|
|
IEC 61131-2:2007 |
Programmable controllers, part 2: Equipment requirements and tests. |
|
ISO 13849-1:2015 |
Safety of machinery: Safety related parts of control systems. General principles for design. |
|
EN 61496-1:2013 |
Safety of machinery: Electro-sensitive protective equipment. Part 1: General requirements and tests. |
|
ISO 12100:2010 |
Safety of machinery - General principles for design - Risk assessment and risk reduction |
|
EN 60204-1:2006 |
Safety of machinery - Electrical equipment of machines - Part 1: General requirements |
|
ISO 14119:2013 |
Safety of machinery - Interlocking devices associated with guards - Principles for design and selection |
|
ISO 13850:2015 |
Safety of machinery - Emergency stop - Principles for design |
|
IEC 62061:2015 |
Safety of machinery - Functional safety of safety-related electrical, electronic, and electronic programmable control systems |
|
IEC 61508-1:2010 |
Functional safety of electrical/electronic/programmable electronic safety-related systems: General requirements. |
|
IEC 61508-2:2010 |
Functional safety of electrical/electronic/programmable electronic safety-related systems: Requirements for electrical/electronic/programmable electronic safety-related systems. |
|
IEC 61508-3:2010 |
Functional safety of electrical/electronic/programmable electronic safety-related systems: Software requirements. |
|
IEC 61784-3:2016 |
Industrial communication networks - Profiles - Part 3: Functional safety fieldbuses - General rules and profile definitions. |
|
2006/42/EC |
Machinery Directive |
|
2014/30/EU |
Electromagnetic Compatibility Directive |
|
2014/35/EU |
Low Voltage Directive |
In addition, terms used in the present document may tangentially be used as they are derived from other standards such as:
|
Standard |
Description |
|---|---|
|
IEC 60034 series |
Rotating electrical machines |
|
IEC 61800 series |
Adjustable speed electrical power drive systems |
|
IEC 61158 series |
Digital data communications for measurement and control – Fieldbus for use in industrial control systems |
Finally, the term zone of operation may be used in conjunction with the description of specific hazards, and is defined as it is for a hazard zone or danger zone in the Machinery Directive (2006/42/EC) and ISO 12100:2010.
NOTE: The aforementioned standards may or may not apply to the specific products cited in the present documentation. For more information concerning the individual standards applicable to the products described herein, see the characteristics tables for those product references.
