Implementation of safety requirements from applicable standards

Protecting the zone of operation (muting is not active):

If the safety-related function block does not detect an active muting operation at its inputs, a SAFEFALSE signal at the S_AOPD_In input (light grid) results in the defined safe state SAFEFALSE of the S_AOPD_Out enable output.

Activating the muting operation:

For a material flow direction from left to right: The muting operation is activated when the muting sensors located before the safety-related equipment switch from FALSE to TRUE one after the other (i.e., inputs MutingSwitch11 and MutingSwitch12).

For a material flow direction from right to left: The muting operation is activated when the muting sensors located before the safety-related equipment switch from FALSE to TRUE one after the other (i.e., inputs MutingSwitch22 and MutingSwitch21).

Active muting operation:

When the muting operation is active, a SAFEFALSE signal at input S_AOPD_In does not result in the defined safe state SAFEFALSE of the S_AOPD_Out output.

The activated muting operation must be completed within the time specified at MaxMutingTime. If it is not completed within this time, the S_AOPD_Out output is switched to the defined safe state SAFEFALSE.

Completing the muting operation:

For a material flow direction from left to right: The muting operation is deactivated when the first muting sensor located behind the safety-related equipment (at input MutingSwitch21) switches back from TRUE to FALSE, i.e., an object is no longer detected in the detection area. A SAFEFALSE signal at input S_AOPD_In then switches the S_AOPD_Out output to SAFEFALSE.

For a material flow direction from right to left: The muting operation is deactivated when the first muting sensor located behind the safety-related equipment (at input MutingSwitch12) switches back from TRUE to FALSE, i.e., an object is no longer detected in the detection area. A SAFEFALSE signal at input S_AOPD_In then switches the S_AOPD_Out output to SAFEFALSE.

Invalid muting sequences:

States at inputs MutingSwitch11, MutingSwitch12, MutingSwitch21 and MutingSwitch22 which are invalid for the muting operation will cause the S_AOPD_Out output to be switched to the defined safe state SAFEFALSE. Refer to chapter "Functional description", section "Invalid muting sequences" for more information.

Start-up inhibits:

Once the function block has been activated, it can execute a start-up inhibit as an option (depending on the setting at S_StartReset). After the function block has detected an invalid muting sequence or another error, that error must be removed and then confirmed by means of a manual reset. This procedure prevents an automatic restart from occurring following error removal.

Status of the muting operation:

The status of the muting operation is output at the S_MutingActive output of the function block.

The Reset input supports the function of a manual reset device.

You can select whether the function block will support automatic start-up of the function block or a start-up inhibit

• after the Safety Logic Controller has been started up and

• after the function block has been activated by applying a TRUE signal to the Activate input.

The function block provides a start-up inhibit

• after an invalid muting sequence,

• after an error message for the function block and

• when the safety-related function is no longer requested.

If the Activate input does not indicate the status of the safety-related devices, you must implement this function by other means.

You are responsible for planning and implementing the start-up behavior according to your risk analysis.

To prevent an unintended start-up, you may need to perform an additional function start once the safety-related function has been reset. This will depend on the results of the risk analysis, the signal path of the reset signal, and/or the setting at S_StartReset.

Single-channel or two-channel connection must be implemented depending on the category.