Der intelligente Schachzug zur lückenlosen Sicherheitstechnik

4. Edition s

safetyINTEGRATED

Application Manual

The Safety System for Industry

The intelligent move forseamless safety technology

“The prevention of accidents

should not be considered a

question of legislation, but

instead, our responsibility to

fellow beings and economic

sense.“

Werner von Siemens,Berlin in the year of 1880

Foreword

Standards and Regulations 1

Fail-Safe Communications via Standard Fieldbuses 2

Safety-Related Low-Voltage Switching Devices and Sensors (SIGUARD) 3

Controllers: Fail-Safe Control Systems (SIMATIC) 4

Motion Control Systems -Safe, Innovative Motion Control 5

Applications 6

Circuit Examples 7

Appendix 8

4 Controllers: Fail-Safe Control Systems (SIMATIC)

4.1 Introduction 4/24.2 SIMATIC S7-400F/FH 4/44.2.1 Introduction 4/44.2.2 Hardware 4/44.2.3 Programming 4/54.2.4 Configuration 4/54.2.5 Technical Data 4/74.3 SIMATIC S7-300F 4/94.3.1 Introduction 4/94.3.2 Typical configurations 4/104.3.3 Fail-safe I/O 4/11

ET 200S / ET 200M4.3.4 Programming 4/124.3.5 ET 200S fail-safe motor starter 4/134.3.6 Technical Data 4/15

5 Motion Control Systems -Safe, Innovative Motion Control

5.1 SINUMERIK Safety Integrated 5/3 The Safety Package for Machine Tools

5.1.1 Brief description 5/45.1.2 Equipment components 5/55.1.3 System requirements 5/85.1.4 Safe stopping process 5/95.1.5 Monitoring speed and position 5/125.1.6 Logically combining safety-related 5/14

process signals5.1.7 Integrating sensors/actuators - basics 5/155.1.8 Sensor-actuator integration via separate 5/17

hardware I/O from the PLC and NC 5.1.9 Sensor/actuator integration through 5/23

the fail-safe ET 200S PROFIsafe modules 5.1.10Protection against vertical axes dropping 5/285.1.11Basic application principles 5/315.1.12Ordering data and documentation 5/335.2 Safely Operating Universal Drives 5/345.3 SIMOTION Safety Unit 5/35

The safety package for metal forming technology

5.4 Technical Support & Engineering for 5/37 Safety Integrated - Motion Control Systems

Content

1 Standards and Regulations

1.1 General information 1/21.2 Regulations and Standards 1/3

in the European Union (EU)1.2.1 Basic principles of European legislation 1/3 1.2.2 Health and safety at the workplace 1/3

in the EC1.2.3 Safety of Machinery in Europe 1/41.2.4 Process technology in Europe 1/171.2.5 Furnace systems in Europe 1/211.3 Legal requirements and Standards 1/22

regarding safety at work in the US1.3.1 Machine safety 1/231.3.2 Process industry 1/241.4 Safety requirements for machines in Japan 1/25

2 Fail-Safe Communications via Standard Fieldbuses

2.1 PROFIsafe 2/42.2 AS-Interface Safety at Work 2/82.2.1 Safety at Work Products 2/102.2.2 Connecting examples 2/122.2.3 Connection assignments 2/162.2.4 Technical Data 2/17

3 Safety-Related Low-Voltage Switching Devices and Sensors (SIGUARD)

3.1 SIGUARD Control and Signaling Devices 3/23.1.1 EMERGENCY STOP control devices 3/43.1.2 SIGUARD cable-operated switches 3/63.1.3 SIGUARD Two-hand operation consoles 3/9

and foot switches 3.1.4 SIGUARD position switches 3/123.1.5 SIGUARD magnetically operated position 3/23

switches3.1.6 SIGUARD safety switch strips 3/253.1.7 SIGUARD light curtains and light grids 3/273.1.8 SIGUARD light barriers 3/523.1.9 SIGUARD 3RG78 3 laser scanner 3/563.1.10SIGUARD signaling devices 3/643.2 SIGUARD 3TK28 Safety Combinations 3/663.2.1 Safety relays 3/663.2.2 Safety electronics 3/703.2.3 Safety electronics with integrated 3/71

contactors3.3 3RA7 Load Feeders with Integrated 3/76

Safety Technology 3.4 SIRIUS NET Motor Starter for AS-Interface 3/81

and PROFIBUS-DP 3.4.1 SIMATIC ET 200S SIGUARD 3/82

6 Applications

6.1 Fail-Safe Communications 6/2via Standard Fieldbuses

6.1.1 Two birds with one stone 6/26.2 Safety-Related Low-Voltage 6/4

Switching Devices and Sensors-6.2.1 SIGUARD light curtains - 6/4

used in the automobile industry - 6.2.2 SIMATIC ET 200S SIGUARD 6/6

in the Food Industry 6.2.3 SIMATIC ET 200S – 6/10

innovative electrical cabinet construction6.2.4 Cost effectiveness in crane construction 6/12

with Safety Integrated6.3 Controllers: Fail-Safe Controls 6/146.3.1 SIMATIC S7-400F – 6/14

application on an oil/gas platform6.4 Motion Control Systeme – 6/16

Safe Motion Control6.4.1 More safety in the automobile industry 6/166.4.2 New standard for machine tools 6/176.4.3 Safety technology tests safety technology 6/196.4.4 Safety and speed of operation 6/206.4.5 Safe standstill in the printing industry 6/22

7 Circuit Examples

7.1 Safety-Related Low-Voltage Switchgear 7/2and Sensors

7.1.1 Switch safely 7/27.1.2 SIGUARD 3TK28 Safety Combinations 7/57.1.3 Contactless Protective Devices 7/417.1.4 SIGUARD Switching Strips 7/477.1.5 Circuit examples, ET 200S SIGUARD 7/487.2 Controllers: Fail-safe controls 7/557.2.1 Circuit examples for S7-300F 7/557.2.2 Function block for the S7-300F 7/57

muting function7.3 Motion Control Systems: 7/59

Safe Motion Control7.3.1 Application examples for EMERGENCY STOP 7/59

stop Category 07.3.2 Application examples for EMERGENCY STOP 7/60

stop Category 17.3.3 Application examples for EMERGENCY 7/61

SWITCHING-OFF and EMERGENCY STOP stop Category 1

7.3.4 Application examples for EMERGENCY STOP 7/62 stop Category 1 for several drives

8 Appendix

8.1 Overview, Important Basic Safety, 8/2 Group and Specialist Standards under the Machinery Directive

8.2 Important Addresses 8/88.3 Terminology and Abbreviations 8/108.3.1 Terminology 8/108.3.2 Abbreviations 8/128.4 Contact – Internet & Hotlines 8/138.5 Seminars on Safety Technology, 8/13

Standards and Directives8.6 Type Test Certificates 8/188.6.1 Certificates for SIMATIC Safety Integrated 8/188.6.2 Certificates for SINUMERIK Safety Integrated 8/208.6.3 Certificate for SIMOVERT Masterdrive 8/238.6.4 Certificate for SIMODRIVE 611 U 8/248.7 List of contents 8/25

2 Safety Integrated Application Manual Siemens AG

Dear Readers,

Helmut GierseA&D Group Board

The founder of our company, Wernervon Siemens, recognized back in 1880that accident prevention should notjust be considered a question of legis-lation, but it is also our responsibility to fellow beings and makes economicsense.

Today, this is also the philosophy ofautomation technology from Siemens.In addition to increasing availability andcost-effectiveness, our focus is alwayson human beings and the benefits wecan provide.This philosophy is espe-cially important where human beingswork directly at machines which canrepresent potential hazards, or wherehuman beings can be indirectlyinvolved as a result of subsequentdamage, e.g. due to environmentalstressing.

The fourth Edition of the successful“Safety Integrated” Manual presentsthe ongoing development of theSiemens “Automation and Drives”Group (A&D) and the safety productsand systems: SIGUARD, SIMATIC andSINUMERIK/SIMODRIVE. For yearsnow, these have been setting thestandard in safety technology in manyapplications.

Current examples include both theconsequential expansion of the fail-safe SIMATIC PLCs by DistributedSafety with the S7-300F and ET 200SPROFIsafe components with the focuson the production and the new elec-tronic 3TK28 safety combinations.

We as A&D are taking into account,with “Safety Integrated”, the tremen-dous pace of development in thesafety technology market - a marketwhich is enjoying above averagegrowth.The harmonization of thesafety Standards within the EC and the fact that these EC Standards arebeing applied worldwide are the maindrivers for this growth.

Using innovative, flexible solutions,“Safety Integrated” is increasing thesafety and availability of automationtasks, whilst also increasing the pro-ductivity. With “Safety Integrated,”users have access to a unified, inte-grated complete solution.This meansstandard, integrated control and fieldtechnology. A combined safety systemplatform will obtain new impetus asdrive and process technology continueto merge.

Innovation and success have paved the way to today's standard of safetytechnology: As early as the 1960's,Siemens supplied the first pre-wiredsafety combinations. At the beginningof the 1980's, Siemens presented thecompact SIGUARD 3TK combinationusing safety contactor technology.At the same time, the programmableSIMATIC safety logic controller wasintroduced - the SIMATIC S5-110F forpress controls.The SIMATIC S5-115F,launched back in 1988, represented amilestone in process technology.

Safety Integrated Application Manual Siemens AG 3

The modular SIMATIC S5-95F compactPLC, introduced in 1994, created aworldwide standard in productiontechnology, for press controls, inprocess technology and in personneltransportation systems. In 1996,SINUMERIK/SIMODRIVE continuedthis tradition with the world's firstsafety-related control system formachine tools.

This means that our customers cansimply and cost-effectively implementthe requirements laid down in the ECMachinery Directive which came intoforce in 1995.The basis for a unified,“Safety Integrated” system is createdas a result of the certification of thesafety-related communications via thestandard fieldbuses - PROFIBUS in2000 and AS-Interface in 2001.Using the high-availability safety-related SIMATIC S7-400F/HF, since2000, safety concepts have beendirectly integrated, in a unified fashion,into the “Totally Integrated Automation”(TIA) concept.In 2001, an optimized solution for theproduction industry was introduced inthe form of the S7-300F and ET200SPROFIsafe components.In parallel, the safety portfolio wasexpanded, in the sensor area, usingthe contactlessly operating SIGUARDlight curtains and laser scanners.

For automation tasks which are lesscomplex, in the area of evaluation, it isnow possible to use innovative wiringand communication solutions. Forinstance, 3TK28 electronic safety com-binations now optionally integrate thecontrol and main circuits in a completeunit.The standard actuator sensorinterface with the Safety Monitor aswell as safe input modules and directsensor connections can now be simplyexpanded by safety functions.

Safety Integrated allows user-friendlymachines to be created using simpleintelligent safety technology whichdoes not obstruct standard workingprocedures.

Sincerely,

Helmut Gierse

4 Safety Integrated Application Manual Siemens AG

Thomas LeißA&D Project Manager“Safety Integrated”Siemens AG, Erlangen

Whether for applications in the area ofmachine safety or process technology -state-of-the-art technology used in theautomation process demands the high-est degree of safety for man, machineand the environment.

The “Safety Integrated” ApplicationManual, which has now been updatedseveral times, clearly shows how haz-ards, caused by functional faults, canbe reduced or completely resolved

using electrical and electronic equip-ment and devices.

From sensor systems through evalua-tion units up to safe shutdown and inthe future to the actuators, for exampledrives – “Safety Integrated” now pro-vides maximum protection againstfunctional faults using the SIGUARD,SIMATIC and SINUMERIK/SIMODRIVEproduct groups.

These product groups have alreadyproven themselves for many years instandard automation solutions and thatworldwide.These components cannow also be combined in an overallsystem since safety-related communi-cations via PROFIBUS and via theActuator-Sensor interface were certi-fied in 2000 and 2001 respectively.

In addition to conventional hard-wiringbetween the individual components,as an alternative, it is also possible touse standard fieldbus systems for thesafety technology.This permits a uni-fied, integrated system and in turn,cost-effective engineering, reduces thehardware costs by using commoncomponents and simultaneouslyincreases the plant and system avail-ability thanks to improved diagnostics.

Open and integrated

An automation system mainly com-prises standard components such asPLCs, drives etc.The level of safetytechnology of a complete plant or sys-

tem can differ depending on the partic-ular application.However, irrespective of the particularapplication, the safety level alwayscomprises a series of sensors, safetyevaluation units and actuators for safeshutdown.Today, the two levels of a plant or sys-tem, standard and safety related tech-nology, are strictly separated. Gener-ally, different engineering techniquesand tools are used for these two lev-els.This not only results in higher costsassociated with personnel training, butalso in many cases, these two levelscan only be linked at considerablecost.

The requirement to achieve cost sav-ings can be fulfilled by selecting thecorrect installation technology. In stan-dard technology, the move to distrib-uted concepts and the use of modernfieldbuses has already resulted in sig-nificant cost savings. Further cost sav-ings in the future will be achieved bytransferring additional safety-relatedsignals along existing standard field-buses.“Safety Integrated” is the practicalimplementation of this concept. Usingthis concept, both standard and safetycomponents can be cost-effectivelycombined to form a completely unifiedand transparent system.Costly wiring for diagnostics and feed-back signals can be eliminated. Stan-dard engineering tools and methods aswell as visualization concepts guaran-tee cost saving in the planning phaseand also during installation and service.

Sincerely,

Thomas Leiß

S a f e t y

Protection against heat and fire

Protection againstelectric shock

Protection againstdangerous radiation

Protection against…

Protection against danger dueto functional faults anderrors

S a f e t y

Protection against heat and fire

Protection againstelectric shock

Protection againstdangerous radiation

Protection against…

Protection against danger dueto functional faults anderrors

Safety Integrated Application Manual Siemens AG 5

Controlling and Sensing Monitoring and Evaluation

Control and Stopping

6 Safety Integrated Application Manual Siemens AG

Dr. rer. nat.M. SchaeferHead of Division: Machinery Safety,Control Techniques in the Institute of Occupational Safety and Health,Germany

New technologies in the name of safety

If you compare the safety controlsfrom the eighties employing conven-tional devices, with contacts and thesophisticated products of today, theadvantages of intelligent safety tech-nology using computer-based systemsbecomes quite clear:

• New sampling-type sensors allow afinely graduated safety technologyoptimally adapted to the particularapplication

• Computer channels, operating withhigh clock frequencies, result inextremely short response times

• Intelligent software allows agingprocesses to be identified beforethey can have a dangerous influence

• Safety fieldbus systems significantlyreduce the amount of wiring andtherefore potential problems, espe-cially when troubleshooting.

However, new technologies can onlyhave a positive influence on safetytechnology if the development takesinto account measures, right from thevery start, for fault tolerance and avoid-ing faults (refer to DIN V VDE 0801 andIEC 61508). Measures such as thesenot only have a significant impact onthe complete development process,but generally enhance the availabilityabove and beyond the pure safetytechnology.The experience gainedfrom more than 150,000 customer sys-tems in the field indicates that hightechnology, applied in this fashion, isalso really safe.

Safety technology through dialoginstead of checking

Since the middle of the eighties, theBIA and several other testing bodieshave been developing testing methodsfor complex safety technology.Theinspection no longer occurs at the endof product production, it now accom-panies the development life cycle of aproduct from the initial concept throughto final production. Only by using suchsimultaneous development and testingprocedures is it possible to certifycomplex systems.The measures applied are checkedduring the safety life cycle at specificmilestones to an agreed standard,whilst error-avoiding techniques areapplied by the testing body itself aspart of the validation process. Usingtechniques and standards as definedabove, the testing body ensures thatthe development process of a productis perfect.This is the reason why com-plex safety technology should be con-sidered more as a process rather thanas a product.

Increasing the acceptance of safetytechnology

New technology allows safety func-tionality to be directly integrated into amachine or plant as a result of thefunctional control. In newly developedCNC control systems with integratedsafety technology, reduced velocityrequired during setting up and the safestop are guaranteed using additionalsoftware without any external monitor-ing devices.This means, for the user,that safety is incorporated in the con-trol and the likelihood of faults occur-ring is significantly reduced. In thesame way, using safety-related datacommunication concepts, standardhardware can be used to safely net-work various control systems or evencomplete production systems.Thiscompletely eliminates additional man-ual operations, for example, parameter-izing safety devices. Safety-relateddata can be centrally managed andreported.

This eliminates barriers for the use ofsafety technology and the level ofacceptance is increased.

Safety technology from a cost per-spective

Especially in the nineties, cost issuesbecame increasingly important insafety technology. Although the devel-opment processes for complex safetytechnology are extremely cost-inten-sive, integrated safety, as a result ofthe software, can have an extremelypositive impact on the overall productcost. Furthermore, downtimes arereduced as a result of a far more effi-cient diagnostics capability due to theuse of safety computer systems.

From our perspective as the Beruf-sgenossenschaften [German TradeAssociation], we also see that in thefuture, it will be important that wesupport and promote the developmentprocess discussed above. And ofcourse, this Manual demonstrates thatthis is a safe route to take - and whichis extremely promising.

For the German Trade Association,innovation and prevention are impor-tant issues in working together. Oursociety requires ongoing innovation.This secures the competitiveness andfacilitates a lifestyle and working meth-ods to help humans generally.The German Trade Associations there-fore promote such innovation whichplays a role in reducing all types ofrisks and hazards or which improvesworking techniques and procedures.

In order to present especially outstand-ing developments for enhanced healthand safety at work to a larger tradepublic, for the first time, at the HanoverFair 2003, the innovation prize of theGerman Trade Associations will beawarded.

(For more detailed information, refer towww.hvbg.de/d/pages/presse/aktuell/foerder.htm).

Safety Integrated Application Manual Siemens AG 7

Heinz GallHead of the business sectorAutomation, Software and InformationTechnology TÜV Anlagentechnik GmbH, Cologne Company Group TÜV Rheinland/Berlin-Brandenburg

Automation systems and componentsare responsible for safety-relevanttasks in many different applicationareas (machines and conveyor sys-tems, the process industry, buildingtechnology etc.).This means that thehealth and safety of personnel as wellas the protection of plant equipmentand the environment are dependent onthe correct functioning of these sys-tems and components.

Today, the correct functioning of sys-tems and components is handledunder the term of “Functional Safety”.This is documented in the IEC 61508Standard “Functional safety of electri-cal, electronic and programmable elec-tronic safety-related systems” whichwas passed in 2000.

This Standard is, in the meantime, alsorecognized as EN 61508 and will beincluded in the German Standards.It is considered as a basis Standard,independent of the application andaddresses developers of application-specific standards as well as the con-tents (description of measures for thesafety concept, fault-avoidance andfault-controlling measures for hardwareand software) essentially to themanufacturers of safety-relatedsystems and components.

This has already been accepted by theapplication-oriented Standards groups.The first examples include the Draftsof IEC 61511 for the process industry,EN 50156 for the electrical equipmentof furnace systems as well as IEC62061 for safety-relevant control sys-tems for machines. It goes withoutsaying that in the area of machinesafety, application-specific Standards,for example EN 954, must be applied.

In the future, it is hoped and alsoexpected that other user groups willuse the existing base standard for theirwork, to standardized the require-ments placed on safety-related sys-tems and components.This especiallymakes sense, because the principlesinvolved with risk evaluation, riskreduction and the safety-related func-tions can be applied to the widestrange of applications. From an applica-tion perspective, only a few aspectswould have to be considered, e.g. therequired response times or the safecondition for the process.

This means that manufacturers will beable to develop systems and compo-nents which will be able to be used forsafety tasks, with comparable degreesof risk, in various applications.To real-ize this, the following generally applica-ble data must be available for each par-ticular component:

• Maximum “Safety Integrity Level(SIL)” which can be achieved

• Hardware fault tolerance in conjunc-tion with the component of safetyfailures ( sum of the failures in thedirection of a safe condition plus thesum of the failures which are recog-nized and controlled as a result ofthe internal diagnostics) referred tothe sum of all of the failures

• Probability of failures where the sys-tem goes into a hazardous condition.

The above mentioned criteria will thenpermit safety-related functions to beviewed across the complete applica-tion, which generally comprises thesensor system, logic (e.g. PLC) andactuators as well as communicationsbetween these components.

Field devices, sensor systems andactuator systems are becomingincreasingly intelligent.This means thatcommunications between the compo-nents of a safety-related function willincreasingly be realized via bus sys-tems.

In the last two years, considerableprogress has been made in the area of standardized safety-related bus sys-tems.

This progress involves, on the onehand, the development of a basicphilosophy to “Test and certify bussystems for the transfer of safety-related data” and, on the other hand,the successful completion of concep-tual tests of such bus systems.

This means that in the foreseeablefuture it can be expected that devicesfrom various manufacturers will beable to be operated on standardizedsafety bus systems.

In this case, manufacturers mustaccept the challenge to develop safety-related devices which can use thecapability of safety-related communica-tions via bus systems.

The TÜV Rheinland/Berlin-Branden-burg, in conjunction with the Automa-tion, Software and Information Technol-ogy business field, is supportingmanufacturers, project engineers andusers worldwide (Europe, USA, Japan)in the implementation of the abovementioned safety-related tasks.

After a successful test, systems andcomponents will be certified and willreceive the FS test symbol “FunctionalSafety” of the TÜV Rheinland/Berlin-Brandenburg.This documents thatthey are in conformance with therequirements laid down in the relevantStandards.

Engineers and users will be supportedin achieving the functional safety forboth the application and the imple-mented safety functions.

8 Safety Integrated Application Manual Siemens AG

Prof. Dr.-Ing.G. ReinhartHead of the Institute for Machine Toolsand Industrial Management (iwb),Technische Universitaet Muenchen

The features and performance of state-of-the-art production systems areessentially determined by how themechanical system and control inter-act. Only a harmonized complete sys-tem will be able to fulfill the require-ments placed on the functionality,productivity and quality of today's pro-duction systems. A distributed installa-tion technology which offers diagnos-tics capability across the boardprovides the essential basis toincrease the availability of complexproduction systems. Beyond this, theintegration of safety-related functionsin control technology represents aninnovative way to adapt safety technol-ogy to the requirements of themachine operator - but still reducecosts.

Requirements placed on the safetytechnology of machine tools

The safety-related devices and equip-ment on machine tools are of specialsignificance within the control andinstallation systems of machine tools.On one hand, the legal and standardsrequirements which define, using haz-ard analysis, the scope and quality ofthe safety technology to avoid orreduce potential hazards. On the otherhand, the continually increasing perfor-mance parameters of today's produc-tion systems.These include, for exam-ple, maximum axis velocity,acceleration and availability which isreflected in the Overall Machine Effec-tiveness (OME). In order to guaranteethe effectiveness of safety technologyin today's protection systems, i.e. tofulfill the requirements for personnelprotection in line with that required inpractice, innovative concepts arerequired. In this case, innovative safetytechnology should be considered to bea technology which does not lagbehind the control and installationtechnology applied in the area of non-safety-relevant automation technology.For instance, features such as flexibil-ity, diagnostics capability and standard-ization.

Safety technology integrated in dri-ves and control systems

It becomes even more necessary tohave flexible safety circuits, on and inmachine tools, which take into accounteveryday operator situations, if the cre-ative capabilities of the machine opera-tor are to be fully utilized in a produc-tion environment. From theperspective of personnel protection,the performance parameters of themachine required in automated pro-duction facilities must be reduced toa safe level when operators have tointervene.

When considering the performance oftoday's drives and production-relatedsecondary conditions, safety drivefunctions and safely monitored drivestatuses should be considered to bepart of the basic functionality of mod-ern variable-speed drives in productionsystems.

Furthermore, the ability to emulate allof the safety-relevant logic operationsin the software allows, on the onehand, a significantly stronger differenti-ation to be made regarding operatorcontrol, and on the other hand, coststo be significantly reduced over con-ventional solutions using devices withcontacts.The requirements placed onsafety and the ability to be integratedinto existing control structures are ful-filled by using existing control sub-systems which can communicate withone another and redundant shutdownpaths.

Distributed and standardized instal-lation technology in the machineenvironment

Ongoing developments in the area ofnon-safety-relevant installation technol-ogy clearly show the way how to maxi-mize cost-saving potential by using dis-tributed concepts and standardizedinterfaces for installation in themachine environment. By using plugconnections and pre-assembled cablesin the field area and by reducing thenumber of versions of manufacturer-specific field-bus components, themachine OEM, the machine operatoras well as the component manufactur-ers reap the benefits - from both acost and functionality perspective.Simultaneously transferring safety-rele-vant and non-safety-relevant data alongone bus system based on a standardfieldbus system significantly reducesthe configuring/engineering, compo-nents, installation and commissioningcosts

Safety Integrated Application Manual Siemens AG 9

Fig. 1 Distributed and standardized installation technology in the machine environment

Digitaldrives

FD MSD I/R

NC MMC

PLC

Non-safety-related Safety-related

I/O Fieldbusinterface

SafetyI/O

LinecontactorC

abin

etC

om

mu

nic

atio

ns

Fiel

d in

stal

lati

on

M x

M

Sp

ind

le

M3~

M3~

EMERGENCY OFF

Tumbler mechanism

Interlockingfunctions

Servo drives I/O Safety-relevant I/O

Cable colors Servo

Measuring system

Fieldbus

Actuator/sensor

Power

Component issafety-relevant

Additional terminal to safelyshutdown drives

The increasing number of DESINAcomponents (DESINA = DistributedStandardized Installation technology onmachine tools) in the market and thesignificant interest on the part of themachine OEMs and users confirmsthe efforts made by the VereinsDeutscher Werkzeugmaschinenfab-riken e.V (VDW) and the Institute forMachine Tools and Business Sciences(iwb) to incorporate safety componentsin the standardization process in com-pliance with DESINA.The structure

of a unified safety concept for machinetools, which encompasses the abovementioned issues relating to the inte-gration into the drive and control sys-tem, including DESINA, is illustrated inthe diagram.

Summary

Current research work at iwb indicatesthat, as a result of understanding thesafety-relevant behavior of movingmachine parts and their specific inter-action early on, in the near future, itwill be taken for granted that innova-tive safety systems will establishthemselves in machines tools.

Examples include bus-based datatransfer and data processing integratedin the control.The advantages of beingable to take into account the detailedoperator requirements of machinetools operators, the improved effec-tiveness of safety technology andongoing cost reduction will onlybecome reality when component man-ufacturers and development engineersare ready to accept new concepts andsolutions openly and without any pre-conceptions.

10 Safety Integrated Application Manual Siemens AG

D. SeibelHead of Electrical Engineering Depart-ment, Berufsgenossenschaft der Fein-mechanik und Elektrotechnik (The pro-fessional Association of PrecisionMechanics and Electrical Industries,Cologne)

International discussions relating tofault control/fault analysis were initi-ated using the main regulations fromSection 5.7 of EN 60204-1, “ElectricalEquipment of Industrial Machines”,status 1985.The safety considerations(protective goals), which are derivedfrom the contents of the Standard,especially in the application field “Elec-trical controls”, automatically leadinevitably and logically to different solu-tions.The goal of all of the basic solu-tions presented was, and still is, tocreate a unified, binding safety Stan-dard within the European Community.

Hazard potential

A general control design (Graphic 2)must be the global starting point forpractical safety philosophy. Dependingon the potential hazard and themachine-specific operating conditions,it is necessary to have a graded levelof safety for the switching logic (gen-eral control circuits).The risk evaluationis a mandatory prerequisite. Protectivemeasures must be implemented,adapted to the hazard potential andorientated to the particular process.

Personnel protection

Protective devices must be providedeverywhere, where plant and machin-ery can represent potential hazards.Moving protective devices, whichmechanically isolate machine parts, i.e.protective doors, are some of thepreferred ways of protecting personnelin the operating area of machines inindustrial production plants, from haz-ardous motion or other dangers.In order to guarantee the specifiedpersonnel-protective function, movingprotective devices must be imple-mented and electrically interlocked, sothat personnel cannot enter the haz-ardous area before the dangerous con-ditions have been removed (e.g. rota-tional movement of a machine tool).

Redundancy

Conventional safety circuits, in con-junction with the interlocking systems,almost completely fulfill the requiredpersonnel-protective functions.Thetypes of failures which can beexpected along with the associatedsafety risks are generally known andthe technical solution used to over-come these problems are available and accepted (e.g. redundancy).

The position switch is the core ofevery latching or interlocking function.This must at least include one posi-tively opening contact (positively open-ing/positively isolating). If the protec-tive device is opened, the NC contactin the position switch must safetyinterrupt the safety circuit.

Application examples

In order to make it easier to select andmount the different latching systemsand to ensure the required circuit inter-locking of the safety-relevant signalsensors with the downstream actua-tors (power contactors, relays), theGerman Trade Association [Beruf-sgenossenschaften] has drawn up andpresented numerous application exam-ples.

The individual solutions are shown asexample in the following documentsfrom the German Trade Association

BGI 575 “Pamphlet to select andmount electro-mechanicallatching-interlocking devicesfor safety functions”

and

BGI 670 “Pamphlet to select andmount proximity switches inlatching/interlocking devicesfor safety functions”

A positively driven relay must be usedif it is necessary to identify a fault (e.g.if a relay does not drop out).

Safety Integrated Application Manual Siemens AG 11

Fig. 2 General configuration of a machine control system (DIN VDE 0113/11.98)

N = nrated

K1

M

N = nrated

K1

M

S1

S2 K1 S1

S2

Control voltage ON/OFF

Control circuits with safety functions

EnableLatching systems with and without tumbler mechanism

Control circuits with operating functions

Load circuit with possible hazard Load circuit without hazardMain control

Standards

The circuit versions which are pre-sented and the associated necessarysafety aspects (e.g. fault exclusionlists) have started to be included inEuropean Standards. In this case, it isnecessary to describe the two groupStandards (type B Standards))

EN 1088 Safety of Machinery“Latching systems

in conjunction with isolating-protective devices”

Guidelines for layoutand selection

and

EN 954-1 Safety of Machinery“Safety-related parts

of controls”Part 1: Generallayout guidelines

which specify a uniform evaluationStandard, independent of the applica-tion, based on the rules and regula-tions of the German Trade Association.

This means that these evaluationStandards can also be transferred tothe downstream safety and monitoringcircuits.This takes into account thenow available European Standard EN 60204-1 (Status 11.1998).

Typical applications include so-called“relay safety combinations”, which areused to transfer signals from safetytrips (e.g. protective door monitoringfunctions, switching strips, two-handcontrol devices, actions under emer-gency situations, light barriers etc.),maintaining the required control cate-gory in compliance with EN 954-1.