Page 1 Options for ABB drives User’s manual FSO-21 safety functions module...
Page 2: List Of Related Manuals And Guides
Drive firmware manuals ACS880 primary control program firmware manual 3AUA0000085967 Drive option manuals ACX-AP-x assistant control panels user’s manual 3AUA0000085685 FSO-21 safety functions module user's manual 3AXD50000015614 FSE-31 pulse encoder interface module user's manual 3AXD50000016597 FENA-01/-11/-21 Ethernet adapter module user’s manual 3AUA0000093568 Manuals and quick guides for I/O extension modules, fieldbus adapters, etc.
Page 5: Table Of Contents
Table of contents 5 Table of contents List of related manuals and guides ..........2 1.
Page 6 6 Table of contents FSO module and safety system components ....... . . 36 FSO module version handling .
Page 7 Configuring the ABB AC500-S Safety PLC ........
Page 8 8 Table of contents 7. Planning for installation Contents of this chapter ........... . 229 Requirements for designers and installers .
Page 9 Table of contents 9 Configuring STO ............264 How to configure STO .
Page 10 FSO-21 parameters ........
Page 11 Providing feedback on ABB Drives manuals ........
Page 12 12 Table of contents...
Page 13: Safety
Safety 13 Safety Contents of this chapter The chapter contains the warning symbols used in this manual and the safety instructions which you must obey when you install or connect an option module to a drive or inverter. If you ignore the safety instructions, injury, death or damage can occur.
Page 14: Safety In Installation And Maintenance
14 Safety Safety in installation and maintenance These instructions are for all who install or connect an option module to a drive or inverter and need to open its front cover or door to do the work. WARNING! Obey these instructions. If you ignore them, injury or death, or damage to the equipment can occur.
Page 15: Introduction To The Manual
The manufacturer of the machinery always remains ultimately responsible for the product safety and compliance with applicable laws. ABB does not accept any liability for direct or indirect injury or damage caused by the information contained in this document. ABB hereby disclaims all liabilities that may result from this document.
Page 16: Compatible Products
16 Introduction to the manual Compatible products Check the compatibility of the earlier versions with your local ABB representative. See also section FSO module version handling on page 37.  Drives and option modules • ACS880 series • ACS880 primary control program: version 2.21 or later •...
Page 17: Target Audience
Introduction to the manual 17 Additional safety functions (not specified in EN/IEC 61800-5-2): • Safe stop emergency (SSE), see page • Safe maximum speed (SMS), see page • Prevention of unexpected start-up (POUS), see page 145. Target audience The manual is intended for qualified persons who design the safety application, plan the installation as well as install and commission the safety application.
Page 18 PROFIsafe profile of PROFINET. It describes the FSO module states and transitions and the contents of the PROFIsafe messages. The chapter also includes installation instructions, configuration instructions for the ABB AC500-S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC as well as fault tracing tips.
Page 19: Recommended Reading
Introduction to the manual 19 Recommended reading This manual is based on the following standards. It is recommended that you are familiar with these standards before implementing safety-related systems. • EN/IEC 61800-5-2: Adjustable speed electrical power drive systems – Part 5-2: Safety requirements –...
Page 20 20 Introduction to the manual Term / Description Abbreviation Common cause Failure, which is the result of one or more events, causing coincident failure (CCF) failures of two or more separate channels in a multiple channel (redundant architecture) subsystem, leading to failure of a Safety related electronic control function (SRCF).
Page 21 Pulse encoder interface module which can be used in safety applications FSO-12 Safety functions module which does not support the use of encoders FSO-21 Safety functions module which supports which supports the FSE-31 module and the use of safety encoders Functional safety Functional safety is part of the overall safety that depends on a system or equipment operating correctly in response to its inputs.
Page 22 22 Introduction to the manual Term / Description Abbreviation MTTF Mean time to dangerous failure: (The total number of life units) / (the number of dangerous, undetected failures) during a particular measurement interval under stated conditions (EN ISO 13849-1) Not applicable Normally closed.
Page 23 Introduction to the manual 23 Term / Description Abbreviation Response time of The internal response time of the FSO, that is, the time in which the STO control output of the FSO reacts after receiving a request. (Usually this is not the same as the time from the request to the safe state of the machine application.) See also term Safety function response time (SFRT)
Page 24 24 Introduction to the manual Term / Description Abbreviation SELV Safety extra-low voltage Safe failure fraction (%) (IEC 61508) SFRT Safety function response time (see page 23) Safety integrity level (1-3) (IEC 61508) SILCL SIL claim limit. Maximum SIL that can be claimed for a safety function or subsystem (EN 62061) Safely-limited speed Safe maximum speed...
Page 25 Introduction to the manual 25 Term / Description Abbreviation Test pulse. Term diagnostic pulse is used in this manual. TWCDT Total worst case delay time Validation Confirmation by, for example, analysis that the safety system meets the functional safety requirements of the specific application. Verification Confirmation by, for example, testing that the safety system meets the requirements set by the specification.
Page 26 26 Introduction to the manual Certificates TÜV Nord certificate for the FSO-21 and ACS880 drive series is attached below. Check the validity of the certificate with a specific drive variant from the ABB library.
Page 27 Introduction to the manual 27 The PROFIsafe certificate for the FSO-21 module is attached below.
Page 28 28 Introduction to the manual...
Page 29: Safety Information And Considerations
Safety information and considerations 29 Safety information and considerations Contents of this chapter This chapter contains general safety considerations and information to be taken into account when applying the FSO safety functions. WARNING! The FSO safety functions module is delivered with the safety functions bypassed by jumper wires in connectors X:113 and X:114 to allow initial drive commissioning without the need to configure safety functions first.
Page 30: Responsibilities
Intentional misuse Use the FSO and FSE modules according to the instructions given in the user’s manuals. ABB is not responsible for any damage caused by the misuse of the modules. The FSO and FSE modules are not designed to protect a machine against intentional misuse or sabotage.
Page 31: I/O
Safety information and considerations 31 If an FSO I/O or a safety fieldbus failure occurs, the FSO module activates the SSE function (or the STO function, if an STO request is connected to the I/O). In other internal failure situations, the FSO module activates the STO function. Depending on parameter settings, the SSE function can be similar to the STO function (when configured as “Immediate STO”, for more information see section Configuring SSE...
Page 32: Acknowledgement
 Encoderless mode You can use the FSO-21 module either with or without an encoder (encoderless mode). In the encoderless mode, the FSO-21 module uses the drive output frequency measurement to estimate the motor speed instead of measuring the motor speed with an encoder.
Page 33: Speed Estimation
Safety information and considerations 33 Note: Observe restrictions for use. Perform at least the Standstill Identification run (preferably the Normal Identification run). In the encoderless mode, • the motor must decelerate when the power is switched off – for example, in a crane application, the hanging load would potentially cause an accelerating motion, thus the encoderless mode cannot be used for these types of applications.
Page 34: Proof Testing
34 Safety information and considerations  Proof testing Periodic proof testing of, for example, electromechanical parts of the safety system may be required in order to maintain the claimed SIL / PL level of the system. In this case proof testing must be taken into consideration in the safety calculations and it must be properly documented in the user documentation.
Page 35: Overview
Overview 35 Overview Contents of this chapter This chapter briefly describes the FSO module with safety system components as well as the FSO module layout, connections, type designation label and operational characteristics.
Page 36: System Description
36 Overview System description  FSO module and safety system components Example figure of a safety system with the FSO-21 safety functions module, the ACS880-01 drive, a safety PLC, the FENA-21 module, the FSE module, switches and buttons. PROFIsafe over PROFINET...
Page 37: Fso Module Version Handling
Both the FSO module and the ACS880 drive firmware must support the used safety functions. You can always replace the FSO-21 module with a newer revision and use the same configuration file with the new revision. If you replace an FSO-12 module with an FSO-21 module, you have to re-configure the FSO module and safety functions.
Page 38: Layout
38 Overview  Layout No Description 24 V DC input connection Safe torque off (STO) connection Data connection Mounting for drives with ZCU-12 control unit shown. Two mounting points on each side. The screw fixed at 4b also grounds the enclosure of the FSO. Mounting points for drives with other control units may vary.
Page 39: Connections
Last digit of the manufacturing year: 4, 5, … for 2014, 2015, … Manufacturing week: 01, 02, … for week 1, week 2, … SSSS: Integer starting every week from 0001 3 ABB MRP code of the FSO module 4 Combined ABB MRP code, serial number and manufacturing location 5 RoHS mark...
Page 40: Operational Characteristics
40 Overview  Operational characteristics The FSO module monitors that the drive operates within the configured operating limits, and if the limits are exceeded, activates a safe stopping in the drive within the response time. The safe stopping function activates the drive STO function either immediately or after an emergency ramp.
Page 41: Overview Of Safety Functions
Overview 41 Overview of safety functions This section gives a short overview of the safety functions and gives references to the detailed descriptions. For a description of the dependencies between the safety functions, see section Dependencies between safety functions on page 158. ...
Page 42: Safe Brake Control (Sbc)
42 Overview  Safe brake control (SBC) This safety function provides a safe output for controlling external (mechanical) brakes. When you use the SBC function with other safety functions of the FSO module, it is always combined with the drive STO function. That is, the SBC function is activated before, at the same time with or after the drive STO function.
Page 43: Safely-Limited Speed (Sls)
Overview 43  Safely-limited speed (SLS) This safety function prevents the motor from exceeding user-defined speed limits. If the motor speed reaches the positive or negative SLS trip limit, the FSO module activates the SSE function and the motor stops. See section Safely-limited speed (SLS) on page 127.
Page 44: Measured And Estimated Motor Speed
44 Overview Measured and estimated motor speed You can use the FSO-21 module either with or without an encoder. When an encoder is used, the FSO module uses the exact value of the motor speed in the safety functions. Without an encoder, the FSO module uses an estimated value of the motor speed.
Page 45 Overview 45 FSE diagnostic failure reaction = No STO This selection gives the user the possibility to fix the cause of the failure before a safety function is activated. • Case 1: The FSO module goes into the Fail-safe mode and actives the FSO STO function.
Page 46 46 Overview...
Page 47: Safety Functions
Safety functions 47 Safety functions Contents of this chapter This chapter describes how the safety functions of the FSO module operate. The FSO-21 module supports these safety functions: Safety function Stop category Information Page Safe torque off (STO) Stop category 0 STO: standard drive feature...
Page 48: General
48 Safety functions General  Safety function request A safety function can be activated locally from FSO digital inputs, from a safety PLC, in FSO internal fault situations or by another safety function (see section Dependencies between safety functions on page 158). If you want to control a safety function with a push button, connect an activation button to an FSO digital input.
Page 49 Safety functions 49 You can connect only one acknowledgement button to the FSO module. The acknowledgement button must be of type “normally closed” (NC). The acknowledgement button is connected like a normal safety input. 24 V in the input is the standby (negative) state and 0 V is the positive (acknowledge) state.
Page 50 50 Safety functions Acknowledgement cannot be performed if • a safety function request is active • STO: delay defined by parameter STO.13 Restart delay after STO has not passed, Note: If an SSE or SS1 request is received while the STO function is active, the STO function must be completed before the acknowledgement is allowed.
Page 51: Ramp Monitoring
Safety functions 51  Ramp monitoring The ramp monitoring is configured with five parameters as described below. Ramp monitoring using the ramps Defining the ramp monitoring limits Speed Speed Motor speed Limit hit Ramp monitoring started Description Ramp minimum time from the Scaling speed to zero. Configured for each SARn ramp, n = 0…1 separately.
Page 52: Function Indications
52 Safety functions  Function indications The logic state of output indication signals can be configured to be active low or active high. STO, SS1, SSE, POUS States of the configured and connected functions are indicated with FSO digital outputs and fieldbus status signals when the function is started: •...
Page 53: Fso Modes
Safety functions 53 • SDI indication starts when the motor rotates in the correct direction. The FSO module switches off the indication when the function is acknowledged or the rotation direction changes to the forbidden direction (this also causes the SDI to trip, that is, the FSO module activates the SSE function).
Page 54: Transitions Between Fso Modes And States
54 Safety functions  Transitions between FSO modes and states The following diagram shows the possible transitions during normal operation of the FSO module. • Power down: STO active, power off (below 19 V) • Start-up: STO active, power on (above 19 V), start-up checks performed •...
Page 55: Cascade
Safety functions 55 At power-up, the FSO goes into the Start-up mode; it performs start-up checks and, according to the configuration, enters the Operational state either automatically or after an acknowledgement request from the FSO I/O or from a safety PLC. The Drive composer pro PC tool can request the Configuration mode, when the FSO is in the Start-up, Operational, Safe or Fail-safe mode and the drive is in the Torque off mode (not modulating).
Page 56 56 Safety functions This figure shows an example cascade configuration. Two different safety functions are cascaded in the same cascaded system. Acknowledgement Automatic acknowledgement Emergency stop X114:2 Follower Master Follower X113:1 X114:1 X113:7 Safety Safety Safety Safety Safety Safety function 1 function 1 function function...
Page 57: Safe Torque Off (Sto)
Safety functions 57 Safe torque off (STO) The STO function brings the machine safely into a no-torque state and/or prevents it from starting accidentally. The STO function in the FSO module activates the drive STO function, that is, opens the STO circuit in the drive. This prevents the drive from generating the torque required to rotate the motor.
Page 58: Sto Function
58 Safety functions  STO function The operation of the STO function when the SBC is not used is described in the time diagrams and tables below. For configuration, see section How to configure STO page 264. Without an encoder Motor speed STO.14 STO.13...
Page 59 Safety functions 59 With an encoder Motor speed STO.13 Time STO request Drive STO state & indication STO completed indication Zero speed with encoder (parameter FSOGEN.52): Speed limit at which the motor has stopped, the safety function is completed and the STO completed indication (parameter STO.22) goes on.
Page 60: Sbc After Sto
60 Safety functions  SBC after STO The operation of the SBC after the STO function (positive SBC delay) is described in the time diagrams and tables below. For configuration, see section How to configure SBC after STO on page 266. Without an encoder Motor speed SBC.12...
Page 61 Safety functions 61 Step Description The STO request is received (for example, from the I/O). The FSO activates the drive STO and starts counters for times A and C. After time C has elapsed, the acknowledgement becomes allowed as soon as the STO request has been removed (step 5).
Page 62 62 Safety functions Restart delay after STO (parameter STO.13): Time from the STO activation to the moment when the acknowledgment becomes allowed. With this parameter, you can allow a restart of the drive before the motor has stopped (fly-start). You can use this feature only in certain applications.
Page 63: Sbc Before Sto
Safety functions 63  SBC before STO The operation of the SBC before the STO function (negative SBC delay) is described in the time diagrams and tables below. For configuration, see section How to configure SBC before STO on page 268. The reason to use a negative SBC delay is to have the mechanical brake closed just before the drive STO circuit is opened.
Page 64 64 Safety functions Step Description The STO request is received (for example, from the I/O). The FSO activates the SBC function (brake) and starts counters for times A and B. After time C has elapsed, the SBC starts to brake the motor. After time A has elapsed, the FSO activates the drive STO.
Page 65 Safety functions 65 With an encoder Motor speed SBC.12 Time STO request Drive STO state & indication SBC output STO completed indication Zero speed with encoder (parameter FSOGEN.52): Speed limit at which the motor has stopped, the safety function is completed and the STO completed indication (parameter STO.22) goes on.
Page 66: Sto With Speed Limit Activated Sbc
66 Safety functions  STO with speed limit activated SBC This safety function requires that you use an encoder in the safety application. The operation of the STO with speed limit activated SBC is described in the time diagram and table below. For configuration, see section How to configure STO with speed limit activated SBC on page 270.
Page 67 Safety functions 67 Step Description The STO request is received (for example, from the I/O). The FSO activates the drive STO function. After time C has elapsed, the acknowledgement becomes allowed as soon as the STO request has been removed (step 5). The motor speed goes below the SBC speed limit (A) and the FSO activates the SBC function (brake).
Page 68: Safe Stop 1 (Ss1)
68 Safety functions Safe stop 1 (SS1) The SS1 function stops the motor safely by ramping down the motor speed. The FSO activates the drive STO function below a user-defined zero speed limit. The FSO monitors the stop ramp either with the time or ramp monitoring method (SS1 function types SS1-t and SS1-r, respectively).
Page 69: Ss1 With Time Monitoring (Ss1-T)
Safety functions 69  SS1 with time monitoring (SS1-t) The operation of the SS1 with time monitoring (SS1-t) is described in the time diagrams and tables below. For configuration, see section How to configure SS1 with time monitoring (SS1-t) on page 273. Without an encoder Motor speed SS1.14...
Page 70 70 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time A. After time C has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 71 Safety functions 71 With an encoder Motor speed SS1.14 - -> Safe torque off (STO) Time SS1 request Drive STO state & indication SS1 state & indication SS1 completed indication SS1-t delay for STO (parameter SS1.14): Time after which the FSO activates the STO function regardless of the motor speed.
Page 72 72 Safety functions Step Description The SS1 request is received (for example from the I/O). The FSO starts a counter for time A. After time C has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 73: Ss1 With Ramp Monitoring (Ss1-R)
Safety functions 73  SS1 with ramp monitoring (SS1-r) The operation of the SS1 with ramp monitoring (SS1-r) is described in the time diagrams and tables below. For configuration, see section How to configure SS1 with ramp monitoring (SS1-r) on page 275. Without an encoder Motor speed - ->...
Page 74 74 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time B has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 75 Safety functions 75 With an encoder Motor speed - -> Safe torque off (STO) Time SS1 request Drive STO state & indication SS1 state & indication SS1 completed indication SAR1 monitoring Zero speed with encoder (parameter FSOGEN.52): Speed limit for activating the drive STO function.
Page 76 76 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time B has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 77: Ss1 With Speed Limit Activated Sbc
Safety functions 77  SS1 with speed limit activated SBC In these examples, the SBC and drive STO functions are activated at a user-defined speed limit. With time monitoring (SS1-t) The operation of the SS1-t function with speed limit activated SBC is described in the time diagrams and tables below.
Page 78 78 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time B. After time D has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 79 Safety functions 79 With an encoder Motor speed SS1.14 - -> Safe torque off (STO) Time SS1 request Drive STO state & indication SBC output SS1 state & indication SS1 completed indication SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake) and drive STO functions while ramping.
Page 80 80 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time C. After time D has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 81 Safety functions 81 With ramp monitoring (SS1-r) The operation of the SS1-r function with speed limit activated SBC is described in the time diagrams and tables below. For configuration, see section How to configure SS1 with speed limit activated SBC on page 276.
Page 82 82 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time C has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 83 Safety functions 83 With an encoder Motor speed - -> Safe torque off (STO) Time SS1 request Drive STO state & indication SBC output SS1 state & indication SS1 completed indication SAR1 monitoring SBC speed (parameter SBC.15): Speed limit below which FSO activates the SBC (brake) and drive STO functions while ramping.
Page 84 84 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time B has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 85: Ss1 With Speed Limit Activated Sbc, Sbc Before Sto
Safety functions 85  SS1 with speed limit activated SBC, SBC before STO In these examples, the SBC function is activated at a user-defined speed limit and drive STO function after a user-defined delay (negative SBC delay). The reason to use a negative SBC delay (parameter SBC.12) is to have the mechanical brake closed just before the drive STO circuit is opened.
Page 86 86 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time B. After time E has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 87 Safety functions 87 With an encoder Motor speed SS1.14 - -> Safe torque off (STO) SBC.12 Time SS1 request Drive STO state & indication SBC output SS1 state & indication SS1 completed indication SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake).
Page 88 88 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time C. After time E has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 89 Safety functions 89 With ramp monitoring (SS1-r) The operation of the SS1-r function with speed limit activated SBC, SBC before STO is described in the time diagrams and tables below. For configuration, see section How to configure SS1 with speed limit activated SBC, SBC before STO on page 280.
Page 90 90 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time D has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 91 Safety functions 91 With an encoder Motor speed - -> Safe torque off (STO) SBC.12 Time SS1 request Drive STO state & indication SBC output SS1 state & indication SS1 completed indication SAR1 monitoring SBC speed (parameter SBC.15): Speed limit below which FSO activates the SBC function (brake) while ramping.
Page 92 92 Safety functions Step Description The SS1 request is received (for example, from the I/O). After time D has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22).
Page 93: Safe Stop Emergency (Sse)
Safety functions 93 Safe stop emergency (SSE) The SSE function can be configured either with immediate STO or with emergency ramp. With immediate STO The behavior of the SSE with immediate STO is identical to the STO function (see section Safe torque off (STO) on page 57) except that parameter Restart delay after...
Page 94: Sse With Immediate Sto
94 Safety functions  SSE with immediate STO The operation of the SSE with immediate STO function is described in the time diagrams and tables below. For configuration, see section How to configure SSE with immediate STO on page 284. Without an encoder Motor speed STO.14...
Page 95 Safety functions 95 With an encoder Motor speed Time SSE request Drive STO state & indication SSE state & indication SSE completed indication Zero speed with encoder (parameter FSOGEN.52): Speed limit at which the motor has stopped, the safety function is completed and the SSE completed indication (parameter SSE.22) goes on.
Page 96: Sse With Immediate Sto, Sbc After Sto
96 Safety functions  SSE with immediate STO, SBC after STO The operation of the SSE with immediate STO, SBC after STO (positive SBC delay) is described in the time diagrams and tables below. For configuration, see section How to configure SSE with immediate STO, SBC after or before STO on page 286.
Page 97 Safety functions 97 Step Description The SSE request is received (for example, from the I/O). The FSO activates the drive STO function and starts a counter for time A. After time A has elapsed, the FSO activates the SBC and starts a counter for time B. After time B has elapsed, the FSO module defines the motor as stopped and the SSE completed indication goes on.
Page 98 98 Safety functions With an encoder Motor speed SBC.12 Time SSE request Drive STO state & indication SSE state & indication SBC output SSE completed indication Zero speed with encoder (parameter FSOGEN.52): Speed limit at which the motor has stopped, the SSE completed indication (parameter SSE.22) goes on and the acknowledgment becomes allowed.
Page 99: Sse With Immediate Sto, Sbc Before Sto
Safety functions 99  SSE with immediate STO, SBC before STO The operation of the SSE with immediate STO, SBC before the STO (negative SBC delay) is described in the time diagrams and tables below. For configuration, see section How to configure SSE with immediate STO, SBC after or before STO page 286.
Page 100 100 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO activates the SBC function (brake) and starts counters for times A and B. After time C has elapsed, the SBC starts to brake the motor. After time A has elapsed, the FSO activates the drive STO function.
Page 101 Safety functions 101 With an encoder Motor speed SBC.12 Time SSE request Drive STO state & indication SSE state & indication SBC output SSE completed indication Zero speed with encoder (parameter FSOGEN.52): Speed limit at which the motor has stopped, the safety function is completed and the SSE completed indication (parameter SSE.22) goes on.
Page 102: Sse With Immediate Sto, With Speed Limit Activated Sbc
102 Safety functions  SSE with immediate STO, with speed limit activated SBC This safety function requires that you use an encoder in the safety application. The operation of the SSE with immediate STO with speed limit activated SBC is described in the time diagram and table below.
Page 103: Sse With Time Monitoring
Safety functions 103  SSE with time monitoring The operation of the SSE with time monitoring is described in the time diagrams and tables below. For configuration, see section How to configure SSE with time monitoring on page 287. Without an encoder Motor speed SSE.15 - ->...
Page 104 104 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time A. After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 105 Safety functions 105 With an encoder Motor speed SSE.15 - -> Safe torque off (STO) Time SSE request Drive STO state & indication SSE state & indication SSE completed indication SSE delay for STO (parameter SSE.15): Time after which the FSO activates the STO function regardless of the motor speed.
Page 106 106 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time A. After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 107: Sse With Ramp Monitoring
Safety functions 107  SSE with ramp monitoring The operation of the SSE with ramp monitoring is described in the time diagrams and tables below. For configuration, see section How to configure SSE with ramp monitoring on page 288. Without an encoder Motor speed - ->...
Page 108 108 Safety functions Step Description The SSE request is received (for example, from the I/O). After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 109 Safety functions 109 With an encoder Motor speed - -> Safe torque off (STO) Time SSE request Drive STO state & indication SSE state & indication SSE completed indication SAR0 monitoring Zero speed with encoder (parameter FSOGEN.52): Speed limit for activating the drive STO function.
Page 110 110 Safety functions Step Description The SSE request is received (for example, from the I/O). After time B has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 111: Sse With Speed Limit Activated Sbc
Safety functions 111  SSE with speed limit activated SBC In these examples, the SBC and drive STO functions are activated at a user-defined speed limit. With time monitoring The operation of the SSE with speed limit activated SBC and time monitoring is described in the time diagrams and tables below.
Page 112 112 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time B. After time D has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 113 Safety functions 113 With an encoder Motor speed SSE.15 - -> Safe torque off (STO) Time SSE request Drive STO state & indication SBC output SSE state & indication SSE completed indication SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake) and drive STO functions while ramping.
Page 114 114 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time C. After time D has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 115 Safety functions 115 With ramp monitoring The operation of the SSE with speed limit activated SBC and ramp monitoring is described in the time diagrams and tables below. For configuration, see section to configure SSE with speed limit activated SBC on page 289.
Page 116 116 Safety functions Step Description The SSE request is received (for example, from the I/O). After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 117 Safety functions 117 With an encoder Motor speed - -> Safe torque off (STO) Time SSE request Drive STO state & indication SBC output SSE state & indication SSE completed indication SAR0 monitoring SBC speed (parameter SBC.15): Speed limit below which FSO activates the SBC (brake) and drive STO functions while ramping and stops the ramp monitoring.
Page 118 118 Safety functions Step Description The SSE request is received (for example, from the I/O). After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 119: Sse With Speed Limit Activated Sbc, Sbc Before Sto
Safety functions 119  SSE with speed limit activated SBC, SBC before STO In these examples, the SBC function is activated at a user-defined speed limit and drive STO function after a user-defined delay (negative SBC delay). The reason to use a negative SBC delay (parameter SBC.12) is to have the mechanical brake closed just before the drive STO circuit is opened.
Page 120 120 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time B. After time E has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 121 Safety functions 121 With an encoder Motor speed SSE.15 - -> Safe torque off (STO) SBC.12 Time SSE request Drive STO state & indication SBC output SSE state & indication SSE completed indication SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC function (brake).
Page 122 122 Safety functions Step Description The SSE request is received (for example, from the I/O). The FSO starts a counter for time C. After time E has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp.
Page 123 Safety functions 123 With ramp monitoring The operation of the SSE with speed limit activated SBC, SBC before STO and ramp monitoring is described in the time diagrams and tables below. For configuration, see section How to configure SSE with speed limit activated SBC, SBC before STO page 293.
Page 124 124 Safety functions Step Description The SSE request is received (for example, from the I/O). After time D has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 125 Safety functions 125 With an encoder Motor speed - -> Safe torque off (STO) SBC.12 Time SSE request Drive STO state & indication SBC output SSE state & indication SSE completed indication SAR0 monitoring SBC speed (parameter SBC.15): Speed limit below which FSO activates the SBC function (brake) while ramping.
Page 126 126 Safety functions Step Description The SSE request is received (for example, from the I/O). After time D has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The FSO starts the SAR0 ramp monitoring (parameters SARx.11 and SARx.12).
Page 127: Safely-Limited Speed (Sls)
Safety functions 127 Safely-limited speed (SLS) The SLS prevents the motor from exceeding user-defined speed limits. The drive limits the motor speed so that it stays between the SLS speed limits. If the motor speed is above/below the user-defined SLS limit positive/negative when the SLS function is activated, the motor speed is first decelerated to the required speed.
Page 128: Sls With Speed Below Monitored Speed
128 Safety functions  SLS with speed below monitored speed This applies to both time and ramp monitoring. Motor speed - -> Safe stop emergency (SSE) Time SLS request SLS state & indication SLS trip limit positive (parameter SLSx.14, SLSx.23, SLSx.33 or SLSx.43) SLS limit positive (parameter 200.23, 200.33,...
Page 129: Sls With Time Monitoring And Speed Above Monitored Speed
Safety functions 129  SLS with time monitoring and speed above monitored speed The operation of the SLS function with time monitoring is described in the time diagram and table below. For configuration, see section How to configure SLSn with time monitoring on page 295.
Page 130 130 Safety functions Step Description The SLS request is received. The motor speed is above the SLS limit positive (C). The FSO starts to monitor the SLS time delay (B). After time D has elapsed, the drive starts to ramp down the motor speed. The drive (parameter 23.13 or 23.15) defines the deceleration ramp until the speed reaches the SLS limit positive (C).
Page 131: Sls With Ramp Monitoring And Speed Above Monitored Speed
Safety functions 131  SLS with ramp monitoring and speed above monitored speed The operation of the SLS function with ramp monitoring is described in the time diagram and table below. For configuration, see section How to configure SLSn with ramp monitoring on page 297.
Page 132 132 Safety functions Step Description The SLS request is received. The motor speed is above the SLS limit positive (B). After time C has elapsed, the drive starts to ramp down the motor speed. The SAR1 parameter 200.112 defines the deceleration ramp until the speed reaches the SLS limit positive (B).
Page 133: Sls Trip Limit Hits
Safety functions 133  SLS trip limit hits If the motor speed goes above/below an SLS trip limit, the FSO activates the SSE function. The operation of SLS and SSE indications in SLS trip limit hit situations are described in the diagrams and tables below. For more information on the SSE function, see section Safe stop emergency (SSE) on page 93.
Page 134 134 Safety functions Step Description The SLS request is received, the motor speed is below the SLS limit positive (B) and the FSO starts the SLS monitoring. The SLS indication (parameter SLSx.15, SLSx.24, SLSx.34 or SLSx.44) goes on. The motor speed goes above the SLS limit positive (B). The motor speed reaches the SLS trip limit positive (A).
Page 135 Safety functions 135 SSE with immediate STO, with an encoder This applies when the SSE function has been configured as “Immediate STO” and an encoder is used. Motor speed - -> Safe stop emergency (SSE) Time SLS request SLS indication SSE state &...
Page 136 136 Safety functions SSE with emergency ramp This applies when the SSE function has been configured as “Emergency ramp” (with ramp monitoring or time monitoring). Motor speed - -> Safe stop emergency (SSE) Time SLS request SLS indication SSE state & indication SSE completed indication...
Page 137: Variable Safely-Limited Speed (Sls)
Safety functions 137 Variable Safely-limited speed (SLS) This safety function requires that a safety PLC is connected to the FSO module via the PROFIsafe communication bus. For more information, see chapter PROFIsafe. The SLS function prevents the motor from exceeding user-defined speed limits. With the Variable SLS function, the speed limits can be changed on the fly.
Page 138: Variable Sls With Time Monitoring
138 Safety functions  Variable SLS with time monitoring In Variable SLS with time monitoring, the ramp according to which the drive decelerates the motor to different speeds is monitored using the time monitoring method. Drive parameters define the deceleration ramp. If the motor speed is accelerated, drive parameters define the acceleration ramp and it is not monitored.
Page 139 Safety functions 139 Step Description The Variable SLS request is received again from the safety PLC (for example, 50%). The FSO sends a request to the drive to ramp down the motor speed to the new speed limit. The FSO starts a counter for the SLS time delay (B). Note: The FSO continues to monitor the existing Variable SLS limits until the new speed limit has been reached.
Page 140: Variable Sls With Ramp Monitoring
140 Safety functions  Variable SLS with ramp monitoring In Variable SLS with ramp monitoring, the ramp according to which the drive decelerates the motor to different speeds is monitored using the ramp monitoring method (SAR1 parameters of the FSO module). Drive or SAR1 parameters define the deceleration ramp.
Page 141 Safety functions 141 Step Description The Variable SLS request is received again from the safety PLC (for example, 50%). The FSO sends a request to the drive to ramp down the motor speed to the new speed limit. After time B has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 142: Safe Maximum Speed (Sms)
142 Safety functions Safe maximum speed (SMS) The SMS function is used to protect the machine from too high speeds/frequencies. You can configure it to be permanently on or off. There are two different versions of the SMS function: 1. Version 1: If the motor speed reaches the minimum or the maximum SMS trip limit, the FSO module activates the SSE function.
Page 143: Sms Function, Version 1
Safety functions 143  SMS function, version 1 The operation of the SMS function, version 1 is described in the time diagram and table below. For configuration, see section How to configure SMS, version 1 page 306. Motor speed - -> Safe stop emergency (SSE) Time Drive STO state...
Page 144 144 Safety functions  SMS function, version 2 The operation of the SMS function, version 2 is described in the time diagram and table below. For configuration, see section How to configure SMS, version 2 page 307. Motor speed Time SMS trip limit positive (parameter SMS.14) SMS trip limit negative (parameter SMS.13) SMS limit positive (parameter 200.73)
Page 145: Prevention Of Unexpected Start-Up (Pous)
Safety functions 145 Prevention of unexpected start-up (POUS) The POUS function prevents the machine from starting unexpectedly. The POUS function activates the Safe torque off (STO) function in the drive. WARNING! The situations in which you can use the POUS function must always be based on a risk assessment (see IEC 60204-1:2016).
Page 146 146 Safety functions Step Description The user stops the motor. The user activates the POUS function. The FSO activates the drive STO function and starts a counter for time A. The POUS active indication (parameter POUS.21) and the STO output indication (parameter STO.21) become active. Note: If the user activates the POUS function when the motor is running, the FSO activates the drive STO function, generates a fault (7A97) and the motor coasts to a stop.
Page 147: Safe Speed Monitor (Ssm)
Safety functions 147 Safe speed monitor (SSM) The SSM function provides a safe output signal to indicate whether the motor speed is between user-defined limits. There are four separate SSM functions (SSM1...SSM4) with separate monitoring limits and indications. Several SSM functions can be active at the same time.
Page 148 148 Safety functions Step Description The SSM1 request is received (for example, from the I/O) and the FSO starts the SSM1 monitoring. The motor speed is between the SSM1 limit positive (A) and SSM1 limit positive (B). The SSM1 indication goes on. The motor speed goes above the SSM1 limit positive (A), the SSM1 indication goes off.
Page 149: Ssm Without An Encoder
Safety functions 149  SSM without an encoder This section describes situations when an encoder is not used and the drive stops modulating when the SSM monitoring is on. Case A: This applies when the drive stops modulating after the SSM monitoring limit has been reached.
Page 150 150 Safety functions Case B: This applies when the drive stops modulating before the SSM monitoring limit has been reached. Motor speed STO.14 Time SSM1 request SSM1 state & indication (3a) SSM1 state & indication (3b) SSM1 limit positive (parameter SSMx.13) SSM1 limit negative (parameter SSMx.12) Time to zero speed (parameter STO.14): When the drive stops modulating, the state of the SSM1 indication becomes valid after this delay.
Page 151: Safe Direction (Sdi)
Safety functions 151 Safe direction (SDI) This safety function requires that you use an encoder in the safety application. The SDI function monitors that the motor rotates into the correct direction. There are separate functions to monitor the positive and negative directions. You can activate them separately.
Page 152 152 Safety functions Step Description The SDI positive request is received (for example, from the I/O) and the FSO starts the SDI monitoring. The SDI indication goes on. The motor rotates to the correct direction (in this case, positive). The motor stops. The motor starts to rotate again (into the positive direction).
Page 153: Sdi With Time Monitoring
Safety functions 153  SDI with time monitoring This applies when the motor rotates into the forbidden direction when the SDI function is activated and the time monitoring method is used. The SDI positive function is used as an example. Motor speed SDI.12 - ->...
Page 154 154 Safety functions Step Description The SDI positive request is received (for example, from the I/O). The motor rotates into the forbidden direction (in this case, negative). The drive starts to ramp down the motor speed to zero speed. The drive (parameter 23.13 or 23.15) defines the deceleration ramp.
Page 155: Sdi With Ramp Monitoring
Safety functions 155  SDI with ramp monitoring This applies when the motor rotates into the forbidden direction when the SDI is activated and the ramp monitoring method is used. The SDI positive function is used as an example. Motor speed Time - ->...
Page 156 156 Safety functions Step Description The SDI positive request is received (for example, from the I/O). The motor rotates into the forbidden direction (in this case, negative). The drive starts to ramp down the motor speed to zero speed. SAR1 parameter 200.112 defines the deceleration ramp.
Page 157: Sdi Trip Limit Hits
Safety functions 157  SDI trip limit hits This applies to SDI trip limit hit situations, that is, when the motor rotates too much to the forbidden direction while the SDI monitoring is on. The SDI positive function is used as an example. Note: This diagram shows the position of the motor axle (not the motor speed).
Page 158: Priorities Between Safety Functions
158 Safety functions Priorities between safety functions When several safety functions are active at the same time, these priorities apply: 1. the STO function overrides the SSE and SS1 functions 2. the SSE function overrides the SS1 function. The POUS function is independent of other safety functions. If you activate the POUS function when another safety function is active (for example, during a deceleration ramp), it can disturb the performance of the other safety function.
Page 159 Safety functions 159...
Page 160 160 Safety functions...
Page 161: Profisafe
PROFINET. It describes the FSO module states and transitions and the contents of the PROFIsafe messages. The chapter also includes installation instructions, configuration instructions for the ABB AC500-S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC and fault tracing tips.
Page 162: System Description
Tools • Drive composer pro: version 1.7 or later • For ABB PLCs: Automation builder: 1.0 or later (includes PS501 Control Builder Plus version 2.3.0), safety license PS501-S • For Siemens PLCs: SIMATIC Step 7 V5.5 + S7 Distributed Safety V5.4 and SIMATIC Step 7 V 11 (TIA Portal) + Step 7 Safety Advanced V 13 ...
Page 163 PROFIsafe 163 The FSO-21 safety functions module and the FENA-21 Ethernet adapter module are installed on the ACS880 drive. The safety PLC is connected to the FENA module, which communicates with the FSO module. The safety PLC activates safety functions via the PROFIsafe communication bus.
Page 164: Remote I/O Control
164 PROFIsafe Remote I/O control You can control the FSO module outputs and read input information also from the safety PLC. A request to activate or deactivate an output is sent from the safety PLC (PROFIsafe controller) to the FSO module in a PROFIsafe message. See section FSO PROFIsafe profiles on page 166.
Page 165: Profisafe Description
PROFIsafe 165 PROFIsafe description  PROFIsafe message format The FSO module supports only the PROFIsafe short frame format. The short frame supports a maximum of 12 octets of user data. The frame also includes a CRC (3 octets) and one Status/Control Byte octet. Therefore, the maximum frame size of the message is 16 octets.
Page 166: Fso Profisafe Profiles
FSO PROFIsafe profiles The content of the F-Input and F-Output user data is configured with FSO specific PROFIsafe profiles. The FSO-21 module supports the ABB_PS1 and ABB_PS2 profiles. The ABB_PS1 profile provides the functionality to control and monitor the safety functions, the SLS limits, the safe speed value and the states of the FSO I/O.
Page 167 PROFIsafe 167 ABB_PS1 profile F-Output user data This table shows the bit order of the F-Output data, which is included in the PROFIsafe message sent to the FSO module from the safety PLC. For all the bits in the F-Output data, one (1) means active and zero (0) non-active. Octet Bit Name Description SLS2_request...
Page 168 168 PROFIsafe Octet Bit Name Description Safe_output_X114 State of the safe output X114:9 (see section Remote I/O _9_ctrl control on page 164). 1 = 24 V, 0 = 0 V. Safe_output_X114 State of the safe output X114:8 (see section Remote I/O _8_ctrl control on page 164).
Page 169 “0”. In these cases, you can read the FSO state from: • Siemens PLC: bits QBAD and PASS_OUT in the PROFIsafe data block • ABB PLC: bit Device_Fault in the PROFIsafe data structure. See also section FSO module modes and states on page 177.
Page 170 170 PROFIsafe Octet Bit Name Description Speed_feedback_ty Active speed feedback 0=Estimate is active 1=Encoder is active SMS_active SMS (Safe maximum speed) function is active. SSM4_active SSM4 (Safe speed monitor) function is active and the motor speed is within the SSM4 limits. SSM3_active SSM3 (Safe speed monitor) function is active and the motor speed is within the SSM3 limits.
Page 171 PROFIsafe 171 Octet Bit Name Description SF_end_ack_req Safety function ending acknowledgement requested = 1, no acknowledgement requested = 0. Acknowledgement can be done via PROFIsafe. SF_end_ack_req_lo Local safety function ending acknowledgement requested = 1, no acknowledgement requested = 0. Acknowledgement can only be done locally via the FSO I/O if SF_end_ack_req is 0.
Page 172 172 PROFIsafe ABB_PS2 profile F-Output user data This table shows the bit order of the F-Output data, which is included in the PROFIsafe message sent to the FSO module from the safety PLC. For all the bits in the F-Output data, one (1) means active and zero (0) non-active. Octet Bit Name Description SLS2_request...
Page 173 PROFIsafe 173 Octet Bit Name Description Safe_output_X114 State of the safe output X114:9 (see section Remote I/O _9_ctrl control on page 164). 1 = 24 V, 0 = 0 V. Safe_output_X114 State of the safe output X114:8 (see section Remote I/O _8_ctrl control on page 164).
Page 174 “0”. In these cases, you can read the FSO state from: • Siemens PLC: bits QBAD and PASS_OUT in the PROFIsafe data block • ABB PLC: bit Device_Fault in the PROFIsafe data structure. See also section FSO module modes and states on page 177.
Page 175 PROFIsafe 175 Octet Bit Name Description Speed_feedback_ty Active speed feedback 0=Estimate is active 1=Encoder is active SMS_active SMS (Safe maximum speed) function is active. SSM4_active SSM4 (Safe speed monitor) function is active and the motor speed is within the SSM4 limits. SSM3_active SSM3 (Safe speed monitor) function is active and the motor speed is within the SSM3 limits.
Page 176 176 PROFIsafe Octet Bit Name Description SF_end_ack_req Safety function ending acknowledgement requested = 1, no acknowledgement requested = 0. Acknowledgement can be done via PROFIsafe. SF_end_ack_req_lo Local safety function ending acknowledgement requested = 1, no acknowledgement requested = 0. Acknowledgement can only be done locally via the FSO I/O if SF_end_ack_req is 0.
Page 177: Fso Module Modes And States
PROFIsafe 177  FSO module modes and states When the FSO module is connected to a safety PLC via the PROFIsafe communications bus, the FSO module can be in the following modes and states: • Start-up mode • Configuration mode •...
Page 178 178 PROFIsafe State diagrams Overview of states and transitions in the FSO module during normal operation. Drive composer pro Internal fault Power down Start-up Fail-safe Configuration Safe Safe (User (Module acknowledgement passivation) request) Operational Safe (Module passivation with a command) Safe (Module passivation &...
Page 179 PROFIsafe 179 Overview of states and transitions in the FSO module when fatal errors in the FSO module occur or when cycling power of the FSO module. Configuration Start-up Fail-safe Safe Safe (User (Module acknowledgement passivation) request) Operational Safe Safe (Module (Module passivation passivation with...
Page 180 180 PROFIsafe Description of states This table describes the FSO module states and how the states are shown in the PROFIsafe messages. The Status Byte and the profiles are described in detail in sections Status Byte and CRC2 bit order on page FSO PROFIsafe profiles on page 166.
Page 181 PROFIsafe 181 State Description Operational PROFIsafe communication is up and running. The safety application is running without any detected errors. PROFIsafe Status Byte bits in the F-Host for the FSO module: • OA_Req_S = 0 • FV_activated_S = 0 • Device_Fault = 0 ABB_PS1 or ABB_PS2 profile bits in the F-Host for the FSO module: •...
Page 182 182 PROFIsafe State Description Safe PROFIsafe communication is up and running. The FSO application is (Module running with detected errors. passivation & At least one of the active safety functions has encountered an error. For reintegration) example, the SLS1 function is active and its speed limits are violated. The drive is stopped using the configured method.
Page 183 PROFIsafe 183 State Description Safe (Module The FSO application is running and there has been an error in the passivation) PROFIsafe communication. The FSO module and, as a result, all its I/O channels are passivated. Possible reasons for module passivation are: 1.
Page 184 184 PROFIsafe State Description Safe (Module PROFIsafe communication is up and running. The FSO application is passivation with a running without any detected errors. command) The FSO module and all its I/O channels are passivated because the safety application on the safety PLC requested a module passivation (activate_FV_C = 1 was set).
Page 185 PROFIsafe 185 State Description Fail-safe The FSO application keeps the system in the Fail-safe mode. PROFIsafe communication is up and running. This state is reached if a fatal error (for example, CPU test, RAM test, I/O channel test etc. failed) takes place. The drive is stopped using the configured method.
Page 186 186 PROFIsafe Transitions between states This table describes the transitions between the FSO module states. The numbering of the transitions refer to the transitions shown in the state diagrams on page 178. From Description Start-up Safe (Module The FSO module goes to this state directly after passivation Start-up during a normal start-up.
Page 187 PROFIsafe 187 From Description Safe (Module Fail-safe Fatal error(s) (CPU test, RAM test, etc. failed) passivation & detected. reintegration) Safe (Module Fail-safe Fatal error(s) (CPU test, RAM test, etc. failed) passivation) detected. Safe (Module Start-up The FSO module goes to this state by cycling passivation &...
Page 188 188 PROFIsafe From Description Safe (Module Safe (User Command “activate_FV_C = 0” has been passivation with a acknowledgem received and “OA_Req_S = 1”. command) ent request) Safe (Module Fail-safe Fatal error(s) (CPU test, RAM test, etc. failed) passivation with a detected.
Page 189: Profisafe Response Time
PROFIsafe 189  PROFIsafe response time The safety function response time (SFRT) is the time within which the safety system must react after an error has occurred in the system. SFRT is also the maximum time within which the safety system must respond to a change in the input signals.
Page 190 Instead of WCDT values, the calculation uses watchdog times. See AC500-S Safety User Manual (3ADR025091M0202 [English]) for details. For example, when using the ABB AI581-S as the input device, the SM560-S safety PLC and the FSO module as the output device, SFRT can be calculated as follows: SFRT = Device_WD1 + 0.5 x F_WD_Time1 + F_Host_WD + 0.5 x F_WD_Time2...
Page 191: Profisafe Watchdog Time
PROFIsafe frame using the currently available process values. 2. Bus time is the time it takes when the PROFIsafe frame is transmitted from the F-Device (FSO module) to the F-Host (such as the ABB SM560-S safety controller station) through the "black channel".
Page 192 192 PROFIsafe Calculating the watchdog time It is not always easy to calculate the worst case delay time of “black channel” components. See AC500-S Safety User Manual (3ADR025091M0202 [English]) for a proposed method of tracing the actual PROFIsafe cycle times in a real system. You must then set F_WD_Time about 30% higher than the worst case value in variable tResponseTimeMS (in the AC500-S safety program) for the given safety device.
Page 193: Installation
PROFIsafe 193 Installation Installation procedure: 1. Install the FSO safety functions module to the drive, see chapters Planning for installation Installation and the drive hardware manual. 2. Install the FENA-21 Ethernet adapter module to the drive. See FENA-01/-11/-21 Ethernet adapter module user’s manual (3AUA0000093568 [English]).
Page 194: Configuration
Shows the type of the connected fieldbus adapter Ethernet module A/B. This parameter is read-only. 51/54.02 FBA A/B PAR2 Selects one of the PNIO profiles. (PROTOCOL/ PROFILE) PNIO ABB Pro Profile PNIO ABB Pro is selected 51/54.03 FBA A/B PAR2 Sets the Ethernet communication rate. (COMMRATE)
Page 195: Configuring The Fso Module
Configuring the safety PLC After the drive has initialized the FENA adapter module, you must prepare the safety PLC for communication with the adapter module. Examples of ABB AC500-S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC are given below. The examples include the minimum required steps for starting the PROFINET and PROFIsafe communication with the FENA and FSO modules.
Page 196: Downloading The Gsd File
For detailed information on the passwords and access permissions in Control Builder Plus, see the AC500-S Safety PLC user manual. You can find the complete documentation of ABB PLCs and the PS501 Control Builder Plus application in www.abb.com/PLC.
Page 197 PROFIsafe 197 1. Start the ABB Control Builder application. 2. On the Tools menu, select Device Repository. 3. In the window that opens, click Install... and browse for the GSD file. 4. Open or create the PLC project that is used to control the drive.
Page 198 198 PROFIsafe 5. Add the necessary controller devices to the PLC project. In the project below, these controller stations have been added: • controller station AC500 PM583-ETH, • safety controller station AC500 SM560-S and • PROFINET controller CM579-PNIO. Controller station Safety controller station PROFINET controller Note: Make sure that the “Enable debug”...
Page 199 PROFIsafe 199 7. Add the desired I/O module, for example, “PPO Type 4” to the first slot of the FENA module to define cyclic communication between the module and the PLC. 8. Add the PROFIsafe module “PROFIsafe ABB_PS1” to the second slot of the FENA module to define cyclic communication between the module and the PLC.
Page 200 200 PROFIsafe 10. Define the PROFINET controller (CM579-PNIO) properties, such as the IP address and IP address settings for devices: • Select CM579_Master. • On the PROFINET Master tab, define the necessary IP addresses. 11. Define the FENA properties: • Select FENA_21.
Page 201 PROFIsafe 201 12. Return to the PROFINET controller (CM579-PNIO) properties. On the Assign I/O Device Name tab: • Click Connect to PLC (Login) and select the communication link used between Control Builder and the PLC. • Click Scan to find all PROFINET devices connected to the network. •...
Page 202 202 PROFIsafe 13. Define the I/O module properties: • Select the I/O module PPO_Type_4. • On the PNIO parameters tab, configure the Stop Mode Action and Control- zero mode functions, and define Fail safe values for the PLC output process data (PZDs).
Page 203 PROFIsafe 203 14. Define the PROFIsafe module properties: • Select the PROFIsafe module PROFIsafe_ABB_PS1. • On the F-Parameter tab, modify the PROFIsafe safety parameters. Three of the listed parameters can be modified for FENA: • F_Source_Add is the address of the safety controller station (in this example, AC500 SM560-S).
Page 204 204 PROFIsafe 15. Create the configuration data for the controller station: • Right-click on the AC500 and select Create Configuration Data. 16. Create the safety configuration data for the controller station: • Right-click on the AC500_S and select Create Safety Configuration Data. 17.
Page 205 PROFIsafe 205 WARNING! Do not use this safety program in real safety applications. This safety program is shown only as an example and can only be used for trial purposes. Note: This example program also keeps the SLS3 function active all the time.
Page 206 206 PROFIsafe 19. For the “non-safety” program: • In the Project menu, select Build. • In the Online menu, select Login. Note: If there are communication problems at this point, select Communication parameters... from the Online menu. Note: To make sure that the program is downloaded to the PLC (even when no changes have been made), select Clean all from the Project menu.
Page 207 PROFIsafe 207 Monitoring the PROFIsafe message It is possible to monitor the contents of the PROFIsafe message. For example: 1. Check the variable values in the Current Value column on the PNIO Module I/O Mapping tab.
Page 208: Configuring The Siemens Simatic Fail-Safe S7 Plc
(S7 Distributed Safety - configuring and programming, Programming and Operating Manual, 07/2013, A5E00109537-05). Before you start, make sure that you have downloaded the FENA GSD file from the ABB Document library. See section Downloading the GSD file on page 196.
Page 209 5. When you install the controller station to the rail, select Industrial Ethernet as the subnet for the controller station. 6. Install the FENA GSD file: • In the Options menu, select Install GSD Files. • Browse for the GSD file that you downloaded from the ABB Document library. • Click Install.
Page 210 210 PROFIsafe Note: In some versions of the SIMATIC environment, you have to close the whole SIMATIC program and open it again to make the new GSD file visible in the object catalogue. 7. Click and drag the FENA object from the device catalog to the Ethernet (1): PROFINET-IO-System.
Page 211 PROFIsafe 211 8. Click and drag the desired I/O object, for example PPO Type 4, to the first slot of the FENA module to define cyclic standard communication between the module and the PLC. 9. Click and drag the PROFIsafe object PROFIsafe ABB_PS1 to the second slot of the FENA module to define cyclic safety communication between the module and the PLC.
Page 212 212 PROFIsafe 11. On the General tab, type the Device name for the adapter module (in this example, drive1). This is the IP address that will be assigned to the FENA adapter module. To modify the IP address, click the Ethernet button. The IO controller assigns the IP address.
Page 213 PROFIsafe 213 14. Type a name for the I/O object (in this example, PROFIsafe ABB_PS1). 15. On the Parameters tab, configure the Stop mode and Control-zero mode functions, and define Fail safe values for the PLC output process data (PZDs).
Page 214 214 PROFIsafe 16. Assign the device name (defined in step 11) to the adapter module: • In the hardware configuration, click FENA. • In the PLC menu, select Ethernet, and select Assign Device Name. • Click the Update button. • Click the available device with the correct MAC address to which the device name will be assigned.
Page 215 PROFIsafe 215 17. Check F-Parameters for the controller: • In the hardware configuration, double-click the controller station (for example, CPU 319F-3). • Select the F Parameters tab. • When prompted, give the password for the Safety Program. See the documentation of the SIMATIC system for details. •...
Page 216 216 PROFIsafe 18. Set F-Parameters of the FENA module: • In the hardware configuration, double-click PROFIsafe ABB_PS1 to open the Properties window. • On the PROFIsafe tab, modify the F_Dest_Add and F_WD_Time values as needed. • F_Source_Add is the address of the safety controller station. You can modify this in the host F Parameters tab.
Page 217 PROFIsafe 217 19. If necessary, you can give proper symbol names to the cyclic data: • Right-click the I/O object (PPO Type 4) in Slot 1 and select Edit Symbols… • Add names for the symbols. • Repeat the same for the PROFIsafe object (PROFIsafe ABB_PS1) in Slot 2. Note: In PROFINET communication, the bits of each octet are sent the most significant bit first.
Page 218 218 PROFIsafe 20. Check the protection of the controller station: • In the hardware configuration, double-click the controller station (for example, CPU 319F-3). • Select Protection tab. • Select 1: Access protect. for F CPU. • Check Can be bypassed with password. •...
Page 219 PROFIsafe 219 Configuring the communication when there is no safety program If there is no safety program in the project, these instructions can help you to get the communication working. WARNING! Do not use this safety program in real safety applications. This safety program is only an example which you can use only for trial purposes to get the system up and running.
Page 220 220 PROFIsafe 4. Set DB1 as the I-DB for the F-program block and FB1 as the F-program block. 5. Click OK and close the dialog windows. 6. In SIMATIC manager, double-click on OB35. 7. Add call to FC1 by dragging the FC1 block from the FC blocks folder. 8.
Page 221 PROFIsafe 221 11. Save the block and close the editor. Note: This example program also keeps the SLS3 function active all the time. 12. In SIMATIC Manager, select Edit safety program from the Options menu. 13. Select Compile. 14. Select Download. If prompted, accept the inclusion of standard blocks. 15.
Page 222 222 PROFIsafe Monitoring the PROFIsafe message It is possible to monitor the contents of the PROFIsafe message. For example: 1. In HW Configuration, select Monitor/Modify for the PROFIsafe telegram in Slot 2 of the FENA module.
Page 223: Fault Tracing
51.21 is set to Enabled (see the drive firmware manual). ABB AC500-S In the ABB AC500-S system, you can read PROFINET diagnostics messages from Control Builder Plus or with a separate PNIO_DEV_DIAG function block in the “non- safety” PLC program.
Page 224 224 PROFIsafe SIMATIC Manager To read diagnostics messages: 1. In the PLC menu, select Diagnostic/Setting. 2. Select Hardware diagnostics. 3. In the window that opens, select the FENA module of your system. 4. Click the Module Information button.
Page 225 PROFIsafe 225 5. To read the diagnostic messages, select the I/O Device Diagnostics tab.
Page 226: Diagnostic Messages Related To F-Parameters
226 PROFIsafe 6. To check the Device number of the FENA module, select the General tab.  Diagnostic messages related to F-Parameters The diagnostics messages in this table are caused by problems in the F-Parameter processing that takes place only when the controller station sends the F-Parameters to FENA.
Page 227: Typical Communication Errors
PROFIsafe 227 Value Description Notes (hex) Parameter "F_SIL" exceeds SIL from F_SIL defined for this device at F-Host is specific device application. not correct. This device supports only (0x0044) F_SIL = 3. Parameter "F_CRC_Length" does not F-Parameter checksum length different match the generated values.
Page 228 228 PROFIsafe Fault Cause What to do You cannot start The drive safety parameters are In the ACS880 drives, check the the PROFIsafe not set correctly. values of parameters 200.222 Safety communication. bus type 200.223 Safety fieldbus adapter slot. See section How to configure the safety communication with PROFIsafe...
Page 229: Planning For Installation
Planning for installation 229 Planning for installation Contents of this chapter This chapter gives instructions and references to instructions in other manuals for planning the safety system installation, as well as the requirements for installation in the applicable safety standards. Requirements for designers and installers •...
Page 230: Electrical Installation
230 Planning for installation WARNING! If you operate the drive system with a safety module in environmental conditions that are outside of the specified ranges for the safety module, this can cause that a safety function is lost. Electrical installation ...
Page 231: Power Supply Connection/Cables
Note: You can use calculation software to assist in selecting the appropriate architecture that will meet the safety integrity requirements for a particular application. Use, for example, ABB’s Functional safety design tool, see Functional safety design tool user’s manual (3AXD10000102417 [English]).
Page 232: Routing The Cables
232 Planning for installation  Routing the cables See chapter Planning the electrical installation in the drive hardware manual. Obey especially these rules: • When using redundant signaling, take care to avoid common cause failures in the cables. This can be done by routing the two channels through two well-apart routes, or by protecting the cabling appropriately, for example by using double- shielded cables.
Page 233 Planning for installation 233 Relay / contactor output with feedback Examples: • Brake control • Door/gate unlock X114 X113 Diagnostic pulses...
Page 234 234 Planning for installation Safe brake control (SBC) In this figure normal and safe brake controls are connected in series. Both are independent and redundant 2-channel solutions. The safe brake control needs a feedback from the brake system. The SBC feedback can be from a relay/contactor or from the mechanical brake itself.
Page 235 Planning for installation 235 Active sensors / input signals from solid state devices Examples: • PLC 24 V DC PNP • Light curtain OSSD Physical separation of the different channels or appropriate cable protection (eg. double- shielding) X114 X113 Diagnostic pulses from an active sensor must not be 24 V DC CH 2...
Page 236 236 Planning for installation Cascade Example: Module 1 X114 X113 (cascade master) E-stop button button Common Physical separation of the different Module 2 X114 X113 channels or appropriate cable protection (eg. double-shielding) Common Module 3 X114 X113 Common Channel separation Diagnostic pulses...
Page 237: Installation
WARNING! The supply voltage for the FSO module is 24 V DC. If the FSO module is supplied with a higher voltage, for example 230 V or 115 V, it is damaged and must be replaced. WARNING! To connect the FSO module to the drive, use only wire kits delivered by ABB.
Page 238: Unpacking
238 Installation Unpacking If you have ordered the FSO module option separately, it is delivered in its own package. The package contains: • the FSO module (1) • connector plugs and attachment screws (2) • FSO data cable (3) • STO cable (4) •...
Page 239: Mechanical Installation
Installation 239 Mechanical installation If you have ordered the FSO module option with the drive, it is delivered with the FSO already installed and the FSO data cable connected, so you can go directly to section Electrical installation on page 240. If you have ordered the FSO module option separately, it is delivered in its own package.
Page 240: Electrical Installation
240 Installation Electrical installation  Terminals The connections are shown in the figure below. X110: DATA Data connection to the drive control unit X111: STO STO 24 V STO STO ground STO STO1LO drive internal signal STO STO2LO drive internal signal X112: POWER 24 V POWER 0 V...
Page 241: Connection Procedure
Installation 241  Connection procedure To connect the FSO module to the drive: 1. Make sure that the FSO electronics grounding screw is properly tightened. 2. Make sure that the FSO enclosure grounding screw is properly tightened. 3. Make sure that the FSO data cable (terminal X110) is connected to the drive.
Page 242 242 Installation 4. Connect the supplied four-wire cable to the FSO terminal X111 and plug the other end of the cable to the drive STO connection. Use the tightening torque of 0.24 Nm (2.1 lbf·in) for the FSO terminals. 5. Connect the digital inputs, digital outputs, diagnostic pulses and ground at the FSO terminals X113 and X114 according to the application.
Page 243 Installation 243 6. Connect the power supply wires to the FSO terminal X112. Use the tightening torque of 0.24 Nm (2.1 lbf·in) for the FSO terminals.
Page 244 244 Installation...
Page 245: Installation Checklists
Installation checklists 245 Installation checklists Contents of this chapter This chapter contains a checklist for checking the mechanical and electrical installation of the FSO module and refers to common cause failure checklists in standards. Checklists Check the mechanical and electrical installation of the FSO module before start-up. Go through the checklists below together with another person.
Page 246: General Checklist
246 Installation checklists  General checklist Check MECHANICAL INSTALLATION (See chapter Planning for installation and section Installation: Unpacking.) The ambient operating conditions are within the allowed range. Drives with separate inverter and supply units: Make sure that you have installed the FSO module in the inverter unit.
Page 247: Configuration
Configuration 247 Configuration Contents of this chapter This chapter describes the password usage, outlines the configuration process and gives examples of how to configure the FSO module to implement each safety function as described in chapter Safety functions. Competence The person who configures the safety functions in the FSO module must be a competent person as required by IEC 61508-1 clause 6.
Page 248: Configuring The Fso Module
248 Configuration Configuring the FSO module The FSO parameters are set with the Drive composer pro PC tool. The names of the FSO parameters and parameter settings are shown in the manual as they appear on the screen when using the tool. See Drive composer PC tool user's manual (3AUA0000094606 [English]) for instructions on using the tool.
Page 249 Configuration 249 1. Plan the configuration (parameter values) according to the safety system, installation, wiring, etc. 2. Set the parameter values in the Drive composer pro PC tool. a. Power up the drive and make sure that the motor is not running. b.
Page 250 250 Configuration e. After configuring all necessary functions, do these two steps: • Save the configuration to your PC (button Save safety file). • Download the configuration to the FSO (button Download to FSO and validate). A password is required. f.
Page 251: Configuring General Settings
Configuration 251 Configuring general settings  How to configure general settings To configure the general settings, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter group FSOGEN page 180. Example: The figure below shows an example I/O set-up: •...
Page 252: Configuring The Safety Encoder Interface
252 Configuration Configuring the safety encoder interface  How to configure the safety encoder interface To configure the safety encoder interface, set the drive and FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups Safety, S_ENCGEN, Enc module settings (91) and...
Page 253 Configuration 253 • The maximum pulse frequency range of Encoder 1: 92.17 Accepted pulse freq of encoder 1 = 220 kHz Note: You can use this formula to define the value: r_max x ppr_enc + 10%, where • r_max = the maximum motor speed (rpm) used in the application (or the motor nominal speed) •...
Page 254: Configuring The Safety Fieldbus Communication
254 Configuration Configuring the safety fieldbus communication  How to configure the safety communication with PROFIsafe To configure the safety fieldbus communication between the FSO module and a safety PLC, set the FSO parameters shown in the figure below to appropriate values using the Drive composer pro PC tool.
Page 255: Configuring I/O
Configuration 255 Configuring I/O  How to configure I/O To configure the I/O, set the FSO parameters shown in the figure below to appropriate values using the Drive composer pro PC tool. See parameter group SAFEIO on page 201. The location of the input and output terminals on the FSO module is shown in section Layout on page 27.
Page 256 256 Configuration Example: The figure below shows an example I/O set-up: • All inputs use diagnostic pulses with 1 ms width and 30 s period. • One redundant cascaded connection from input 1 to output 7 • One safety relay (always redundant) connected to output 8 with feedback connected to input 3 •...
Page 257: How To Configure A Cascaded System
Configuration 257  How to configure a cascaded system This example shows how to configure the SSE function in a cascaded system (Cascade A) as shown in section Cascade on page 55. 1. Define one of the FSO modules as the master and the other FSO modules are followers: •...
Page 258 258 Configuration Parameter settings in the master FSO Index Name/Value Description SAFEIO.11 M/F mode Sets the master/follower mode of the FSO module for both for cascade cascade connections A and B separately. In this example, only cascade connection A is used. A = master, This module is the master on cascade connection A and B.
Page 259 Configuration 259 Parameter settings in the follower FSOs Index Name/Value Description SAFEIO.11 M/F mode for Sets the master/follower mode of the FSO module for both cascade cascade connection A and B separately. In this example, only cascade connection A is used. A = follower, This module is a follower on cascade connection A and B.
Page 260: How To Configure Safety Relays
260 Configuration  How to configure safety relays If you want to control a safety relay or contactor with the FSO module, define the use of the related I/O with these parameters. See also section Relay / contactor output with feedback on page 233.
Page 261: Configuring Sbc
Configuration 261 Configuring SBC When you use the SBC function (brake) with other safety functions of the FSO module, it is always combined with the drive STO function. That is, the SBC function is activated before, at the same time with or after the drive STO function. You can configure the SBC in the STO, SSE and SS1 functions: •...
Page 262: How To Configure The Sbc In The Sto Function
262 Configuration  How to configure the SBC in the STO function Use these parameters to configure the SBC: 1. Set the how the brake is used with parameter SBC.11 STO SBC usage: • None: the SBC is not used •...
Page 263: How To Configure The Sbc In The Ss1 Function
Configuration 263  How to configure the SBC in the SS1 function Use these parameters to configure the SBC: 1. Set the correct SBC speed limit with parameter SBC.15 SSE/SS1 SBC speed: • If the value is zero (0 rpm) the SBC is not used in the SS1 and SSE with emergency ramp functions.
Page 264: Configuring Sto
264 Configuration Configuring STO To configure the STO function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups page on page 332. For more information on the STO and SBC functions, see page 58. Note: Always set the parameters related to the STO function to have the correct monitoring limit hit and fault reaction behavior.
Page 265 Configuration 265 Example 2 (with an encoder): The figure below shows an example of a simple STO function set-up when an encoder is used. Configure the safety encoder interface first (see section Configuring the safety encoder interface on page 252). •...
Page 266: How To Configure Sbc After Sto
266 Configuration  How to configure SBC after STO For more information on the SBC after STO function, see page 60. Example 1 (without an encoder): The figure below shows an example of the SBC after the STO function set-up when an encoder is not used: •...
Page 267 Configuration 267 Example 2 (with an encoder): The figure below shows an example of the SBC after the STO function set-up when an encoder is used. Configure the safety encoder interface first (see section Configuring the safety encoder interface on page 252). •...
Page 268: How To Configure Sbc Before Sto
268 Configuration  How to configure SBC before STO For more information on the SBC before STO function, see page 63. Example 1 (without an encoder): The figure below shows an example of the SBC before the STO set-up when an encoder is not used: •...
Page 269 Configuration 269 Example 2 (with an encoder): The figure below shows an example of the SBC before the STO set-up when an encoder is used. Configure the safety encoder interface first (see section Configuring the safety encoder interface on page 252). •...
Page 270: How To Configure Sto With Speed Limit Activated Sbc
270 Configuration  How to configure STO with speed limit activated SBC This safety function requires that you use an encoder in the safety application. Configure the safety encoder interface first (see section Configuring the safety encoder interface on page 252). Note: If you configure the STO with speed limit activated SBC function, this activates the same function in the SSE with immediate STO function (see section How to...
Page 271 Configuration 271 Example: The figure below shows an example of a set-up of the STO with speed limit activated SBC: • STO with speed limit activated SBC, speed limit: 60 rpm (SBC.11 STO SBC usage = Speed limit, SBC.14 STO SBC speed = 60 rpm) •...
Page 272 272 Configuration Encoder or FSE failure situations The STO with speed limit activated SBC function (parameter SBC.11 STO SBC usage = Speed limit) requires the exact motor speed, and when this is not available, the FSO module starts to use the Delayed brake selection (parameter SBC.11 STO SBC usage = Delayed brake).
Page 273: Configuring Ss1
Configuration 273 Configuring SS1 To configure the SS1 function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter group page 339. For more information on the SS1 function, see page 68. ...
Page 274 274 Configuration SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-t Inputs Outputs Speed SS1.14 = 2000 ms SS1.21 SS1.11 = DO X114:9 = DI X113:1 & X114:1 SS1.22 SS1.12 = None = None SS1.15 = 0 ms FSOGEN.51 = 90 rpm Time SBC.15...
Page 275: How To Configure Ss1 With Ramp Monitoring (Ss1-R)
Configuration 275  How to configure SS1 with ramp monitoring (SS1-r) Example: The figure below shows an example of the SS1-r function set-up: • SS1 function activated (SS1.01 SS1 activity and version = Version 1) • SAR1 emergency ramp (always with the SS1 function) •...
Page 276: How To Configure Ss1 With Speed Limit Activated Sbc
276 Configuration  How to configure SS1 with speed limit activated SBC Note: If you configure the SS1 with speed limit activated SBC function, this activates the same function in the SSE function (see section How to configure SSE with speed limit activated SBC on page 289).
Page 277 Configuration 277 SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-t Inputs Outputs Speed SS1.11 SS1.14 = 2000 ms SS1.21 = DI X113:1 & X114:1 = DO X114:9 SS1.12 = None SS1.22 = None SAFEIO.22 = DI X113:2 SS1.15 = 0 ms SBC.21 SBC.15...
Page 278 278 Configuration Example 2: The figure below shows an example of the SS1-r function with speed limit activated SBC set-up: • SS1 function activated (SS1.01 SS1 activity and version = Version 1) • SAR1 emergency ramp (always with the SS1 function) •...
Page 279 Configuration 279 SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-r Inputs Outputs Speed SS1.11 SS1.21 = DI X113:1 & X114:1 = DO X114:9 SS1.12 SS1.22 = None = None SAFEIO.22 = DI X113:2 SS1.15 = 0 ms SBC.21 SBC.15 = DO X113:7 &...
Page 280: How To Configure Ss1 With Speed Limit Activated Sbc, Sbc Before Sto
280 Configuration  How to configure SS1 with speed limit activated SBC, SBC before Note: If you configure the SS1 with speed limit activated SBC, SBC before STO function, this activates the same function in the SSE function (see section How to configure SSE with speed limit activated SBC on page 289).
Page 281 Configuration 281 SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-t Inputs Outputs Speed SS1.11 SS1.14 = 2000 ms = DI X113:1 & X114:1 SS1.21 SS1.12 = DO X114:9 SBC.13 = 1200 ms = None SS1.22 SBC.12 = -300 ms SAFEIO.22 = None = DI X113:2...
Page 282 282 Configuration Example 2: The figure below shows an example of the SS1-r function with speed limit activated SBC, SBC before STO set-up: • SS1 function activated (SS1.01 SS1 activity and version = Version 1) • SAR1 emergency ramp (always with the SS1 function) •...
Page 283: Related Safety Functions
Configuration 283 SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-r Inputs Outputs Speed SS1.11 SBC.13 = 1200 ms SS1.21 = DI X113:1 & X114:1 = DO X114:9 SS1.12 SBC.12 = -300 ms SS1.22 = None = None SAFEIO.22 = DI X113:2 SS1.15 = 0 ms...
Page 284: Configuring Sse
284 Configuration Configuring SSE To configure the SSE function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups page on page 332. For more information on the SSE function, see page 93. Note: Always set the parameters related to the SSE function to have the correct trip limit hit and fault reaction behavior.
Page 285 Configuration 285 Example 2 (with an encoder): The figure below shows an example of the SSE function with immediate STO set-up when an encoder is used. Configure the safety encoder interface first (see section Configuring the safety encoder interface page 252). •...
Page 286: How To Configure Sse With Immediate Sto, Sbc After Or Before Sto
286 Configuration  How to configure SSE with immediate STO, SBC after or before STO The configuration is identical to the SBC after or before STO functions with these differences: • parameter STO.13 Restart delay after STO is not used •...
Page 287: How To Configure Sse With Time Monitoring
Configuration 287  How to configure SSE with time monitoring For more information on the SSE function with time monitoring, see page 103. Example: The figure below shows an example of the SSE function with time monitoring set-up: • SAR0 emergency ramp (always with the SSE function) •...
Page 288: How To Configure Sse With Ramp Monitoring
288 Configuration  How to configure SSE with ramp monitoring For more information on the SSE function with ramp monitoring, see page 107. Example: The figure below shows an example of the SSE function with ramp monitoring set-up: • SAR0 emergency ramp (always with the SSE function) •...
Page 289: How To Configure Sse With Speed Limit Activated Sbc
Configuration 289  How to configure SSE with speed limit activated SBC Note: If you configure the SSE with speed limit activated SBC function, this activates the same function in the SS1 function (see section How to configure SS1 with speed limit activated SBC on page 276).
Page 290 290 Configuration STO.02 = Automatic SSE.13 = Emergency ramp SSE.14 = Time Outputs Inputs SSE.11 SSE.21 Speed = DI X113:1 & X114:1 = DO X113:9 SSE.15 = 2000 ms SSE.22 SSE.12 = None = None SAFEIO.22 SBC.21 = DI X113:2 = DO X113:7 SSE.16 = 0 ms...
Page 291 Configuration 291 Example 2: The figure below shows an example of the SSE with emergency ramp function with speed limit activated SBC set-up with ramp monitoring: • SSE with emergency ramp (SSE.13 SSE function = Emergency ramp) • SAR0 emergency ramp (always with the SSE function) •...
Page 292 292 Configuration STO.02 = Automatic SSE.13 = Emergency ramp SSE.14 = Ramp Outputs Inputs SSE.11 SSE.21 Speed = DI X113:1 & X114:1 = DO X113:9 SSE.22 SSE.12 = None = None SBC.21 = DO X113:7 SSE.16 = 0 ms SBC.15 &...
Page 293: How To Configure Sse With Speed Limit Activated Sbc, Sbc Before Sto
Configuration 293  How to configure SSE with speed limit activated SBC, SBC before The configuration of the SSE with speed limit activated SBC, SBC before STO is identical to the configuration of the same SS1 function with these differences: •...
Page 294: Configuring Sar
294 Configuration Configuring SAR  How to configure SARn To configure the SARn (n = 0…1), set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups Safety page SARx on page 348. See also section Ramp monitoring on page 51.
Page 295: Configuring Sls
Configuration 295 Configuring SLS To configure the SLSn (n = 1…4), set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups Safety page SLSx on page 342. For more information on the SLS function, see page 127. Depending on the application, set the negative and positive SLS and SLS trip limits separately.
Page 296 296 Configuration SLS1 200.21 = Version 1 SLSx.02 = Automatic SLSx.03 = Time Inputs Outputs SLSx.15 Speed = DO X114:7 SLSx.11 SLSx.04 = 2000 ms SLSx.16 = DI X113:2 & = None X114:2 SLSx.14 = 1320 rpm SLSx.12 = None 200.23 = 1200 rpm Time...
Page 297: How To Configure Slsn With Ramp Monitoring
Configuration 297  How to configure SLSn with ramp monitoring Example: The figure below shows an example of the SLS2 function with ramp monitoring set-up: • SLS2 function activated (200.31 SLS2 activity and version = Version 1) • monitored deceleration ramp (SLSx.03 SLS activation monitoring method = Ramp) •...
Page 298: Related Safety Functions
298 Configuration SLS2 200.31 = Version 1 SLSx.02 = Automatic SLSx.03 = Ramp Input Output Speed SLSx.24 SLSx.24 = DO X114:7 = DI X113:2 & X114:2 SLSx.23 = 1320 rpm 200.33 = 1200 rpm Time SLS monitoring started SLS activated 200.32 = -900 rpm SLSx.22...
Page 299: Configuring Variable Sls
Configuration 299 Configuring Variable SLS This safety function requires that a safety PLC is connected to the FSO module via the PROFIsafe communication bus. For more information, see chapter PROFIsafe and section Configuring the safety fieldbus communication on page 254. To configure the Variable SLS function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool.
Page 300 300 Configuration These values are defined in the safety program: • only positive limits are scaled: Positive_Scaling = 0, Negative_Scaling = 1 • scaling values from the safety PLC: 70%, 50%, 100% (value set in Variable_SLS_limit = 7000, 5000, 10000). 200.61 = Version 1 SLSx.02...
Page 301: How To Configure Variable Sls With Ramp Monitoring
Configuration 301  How to configure Variable SLS with ramp monitoring Example: The figure below shows an example of the Variable SLS function with ramp monitoring set-up: • Variable SLS function activated (200.61 SLS variable activity and version = Version 1) •...
Page 302 302 Configuration These values are defined in the safety program: • only positive limits are scaled: Positive_Scaling = 0, Negative_Scaling = 1 • scaling values from the safety PLC: 70%, 50%, 100% (value set in Variable_SLS_limit = 7000, 5000, 10000). 200.61 = Version 1 SLSx.02...
Page 303: Defining The Scaled Sls4 Limit And Sls4 Trip Limits
Configuration 303  Defining the scaled SLS4 limit and SLS4 trip limits Because the same scaling percentage is used to scale both the original SLS4 limit and SLS4 trip limit, this affects the difference between new, scaled SLS4 limit and SLS4 trip limits.
Page 304 304 Configuration Example 1 (no encoder): The original SLS4 and SLS4 trip limits are: 100 and 110 rpm. The scaling value is 10%. The zero speed value is 10 rpm. • original SLS4 limit - original SLS4 trip limit = 10 rpm. This is smaller than 25 rpm, so 10 rpm becomes the “limiting difference”.
Page 305: Related Safety Functions
Configuration 305 Example 3 (with encoder): The original SLS4 and SLS4 trip limits are: 100 and 110 rpm. The scaling value is 10%. The zero speed value is 10 rpm. • original SLS4 limit - original SLS4 trip limit = 10 rpm. This is greater than 5 rpm, so 5 rpm becomes the “limiting difference”.
Page 306: Configuring Sms
306 Configuration Configuring SMS To configure the SMS, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter groups on page Safety on page 322. There are two different versions of the SMS function. Select the required version with parameter 200.71 SMS activity and version.
Page 307: How To Configure Sms, Version 2
Configuration 307  How to configure SMS, version 2 Example: The figure below shows an example of the SMS, version 2 set-up: • SMS function version 2 activated (200.71 SMS activity and version = Version 2) • SMS limit positive (200.73 SMS limit positive = 1750) •...
Page 308: Configuring Pous
308 Configuration Configuring POUS  How to configure POUS To configure the POUS function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter group POUS page 335. For more information on the POUS function, see page 145. Example: The figure below shows an example of the POUS function set-up: •...
Page 309: Configuring Ssm
Configuration 309 Configuring SSM To configure the SSM function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter group SSMx page 353. You can use the SSM function either with or without an encoder. For more information on the SSM function, see page 147.
Page 310: How To Configure Ssm
310 Configuration  How to configure SSM Example: The figure below shows an example of an SSM1 set-up. Only the positive SSM1 limit is configured. • SSM1 function activated (SSMx.01 SSM1 activity and version = Version 1) • redundant SSM activation button connected to input (SSMx.11 SSM1 input = DI X113:2 &...
Page 311: Configuring Sdi
Configuration 311 Configuring SDI To configure the SDI function, set the FSO parameters listed below to appropriate values using the Drive composer pro PC tool. See parameter group on page 348. This safety function requires that an encoder is used. Configure the encoder interface first (see section Configuring the safety encoder interface on page 252).
Page 312: How To Configure Sdi With Ramp Monitoring
312 Configuration SDI positive SDI.01 = Version 1 SDI.13 = Automatic SDI.10 = Time Inputs Outputs Speed SDI.23 SDI.21 = DO X114:7 = DI X113:2 & SDI.12 = 2000 ms X114:2 SDI.24 = None SDI.22 = None SDI.14 = 2 deg Time (not shown in the figure)
Page 313: Related Safety Functions
Configuration 313 SDI positive SDI.01 = Version 1 SDI.13 = Automatic SDI.10 = Ramp Outputs Inputs Speed SDI.23 SDI.21 = DO X114:7 = DI X113:2 & X114:2 SDI.24 = None SDI.22 = None Time SDI.14 = 2 deg (not shown in the figure) SDI monitoring started SDI activated,...
Page 314: Fine-Tuning The Configuration
314 Configuration Fine-tuning the configuration To minimize the effect of small transient variations in the speed measurement data, you can fine-tune the operation of the safety functions with “mute times” (parameter FSOGEN.31 Transient mute time), and when you use an encoder, also parameters FSOGEN.32 Zero speed delay time FSOGEN.33 Monitoring start delay).
Page 315: How To Fine-Tune When Zero Speed Limits Are Detected
Configuration 315  How to fine-tune when zero speed limits are detected Example 1: Zero speed limit in reached in the SS1 function (and SSE with emergency ramp), the SBC is not used. • With an encoder: parameter FSOGEN.32 Zero speed delay time = 20 ms •...
Page 316 316 Configuration Example 2: Zero speed limit in reached in the SS1 function (and SSE with emergency ramp), a negative SBC delay (parameter SBC.12 STO SBC delay) is configured in the STO function: • With an encoder: parameter FSOGEN.32 Zero speed delay time = 20 ms •...
Page 317: How To Fine-Tune When Sbc Speed Limits Are Detected
Configuration 317  How to fine-tune when SBC speed limits are detected Example 1: SBC speed limit (parameter SBC.15) is reached in the SS1 function (and SSE with emergency ramp), a negative SBC delay (parameter SBC.12 STO SBC delay is configured in the SS1 function: •...
Page 318 318 Configuration Example 2: SBC speed limit (parameter SBC.14 STO SBC speed) is reached in the STO function (and SSE with immediate STO), requires an encoder: • With an encoder: parameter FSOGEN.32 Zero speed delay time = 20 ms. Speed FSOGEN.32 = 20 ms SBC.14...
Page 319: How To Fine-Tune When Monitoring Is Started
Configuration 319  How to fine-tune when monitoring is started Example: The start of SLS monitoring in the SLS1 function. • With an encoder: parameter FSOGEN.33 Monitoring start delay = 20 ms • Without an encoder: parameter FSOGEN.31 Transient mute time = 20 ms.
Page 320: Configuring The Fso For Fse Or Encoder Failure Situations
320 Configuration Configuring the FSO for FSE or encoder failure situations For the FSE module or encoder failure situations, you can configure the FSO module so that it either: • goes into the Fail-safe mode and actives the STO function: S_ENCGEN.
Page 321: Fso-21 Parameters
This chapter describes the parameters and the status and control words of the FSO module. FSO-21 parameters The following table lists the FSO-21 parameters: The parameter row shows the parameter index, name, description and factory default value. The subsequent rows show the parameter value range or names, descriptions and numerical values of the selectable named alternatives.
Page 322 322 Parameters Index Name/Value Description Factory default Safety General drive safety parameters 200.21 SLS1 activity and Activates or deactivates the SLS1 function Disabled version and shows the version of the SLS1 function. Disabled Deactivates the SLS1 function. Version 1 Activates version 1 of the SLS1 function. 200.22 SLS1 limit negative Sets the SLS1 negative speed limit for the 0.0 rpm...
Page 323 Parameters 323 Index Name/Value Description Factory default 200.61 SLS variable activity Activates or deactivates the Variable SLS Disabled and version function and shows the version of the Variable SLS function. Note: This function can be activated only when the safety fieldbus is installed. Disabled Deactivates the Variable SLS function.
Page 324 324 Parameters Index Name/Value Description Factory default 200.112 SAR1 ramp time to Sets the target time for the SAR1 ramp 1 ms zero (used in the SS1 and SLS functions). Target time = Time in which the drive decelerates the motor from speed 200.202 SAR speed scaling to zero.
Page 325 Parameters 325 Index Name/Value Description Factory default 200.232 Number of encoders Sets the number of encoders that are Single connected to the FSE module and, in the encoder single encoder case, also the channel that it is connected to. Note: ACS880 primary control program, version 2.21 supports only one safety pulse encoder, and this parameter is read-only.
Page 326 326 Parameters Index Name/Value Description Factory default FSOGEN.31 Transient mute time Sets the mute time for the drive transient 0 ms operations. The FSO modules waits for the Transient mute time before it acts after a ramp monitoring or trip limit hit, or after the zero speed limit is reached.
Page 327 Parameters 327 Index Name/Value Description Factory default FSOGEN.41 Power-up Sets the power-up acknowledgement Manual acknowledgement method. Note: If a safety function request is active when the FSO module is rebooted, the request must be removed before the power- up acknowledgement is accepted. Manual The FSO module reads an external acknowledgement signal through the digital...
Page 328 328 Parameters Index Name/Value Description Factory default FSOGEN.52 Zero speed with Sets the general zero speed limit for safety 0.0 rpm encoder functions when an encoder is used. In this case, the motor speed is the exact value measured with the encoder. Select a suitable value depending on your motor.
Page 329 Parameters 329 Index Name/Value Description Factory default STO.02 STO Sets the acknowledgement method used in Manual acknowledgement the STO, SSE and SS1 functions. See section Acknowledgement methods page for more information on different acknowledgement methods. Manual The FSO module reads the external STO acknowledgement signal through the digital input defined by parameter FSOGEN.42...
Page 330 330 Parameters Index Name/Value Description Factory default DI X114:1 Single input X114:1 DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 STO.12 STO input B Sets the digital input that is connected to the None secondary input of the STO function.
Page 331 Parameters 331 Index Name/Value Description Factory default STO.14 Time to zero speed Sets the time after which the 3,600,000 with STO and acknowledgement is allowed after coast modoff stop in the STO, SSE and SS1 functions (when SBC is not used). Must be configured to the estimated time in which the motor coasts to a stop from the maximum speed.
Page 332 332 Parameters Index Name/Value Description Factory default DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 STO.22 STO completed Sets the digital output that indicates the None output completion of the STO function. See the diagrams in section Safe torque off (STO) page 57.
Page 333 Parameters 333 Index Name/Value Description Factory default SBC.12 STO SBC delay Sets the time after which the FSO module 3,600,000 activates the SBC after it has activated the drive STO function. A negative value means that the FSO module activates the SBC before the drive STO function.
Page 334 334 Parameters Index Name/Value Description Factory default SBC.14 STO SBC speed Sets the speed limit below which the FSO 0.0 rpm module activates the brake (SBC) in the STO function. Requires that an encoder is used and parameter SBC.11 STO SBC usage is set to value Speed limit.
Page 335 Parameters 335 Index Name/Value Description Factory default DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 POUS Parameters for the POUS function POUS.01 POUS activity and Activates or deactivates the POUS function Disabled version and shows the version of the POUS function.
Page 336 336 Parameters Index Name/Value Description Factory default POUS.13 POUS delay for Sets the time after which the POUS 0 ms completion complete indication is activated after the POUS request. 0…3,600,000 ms Time POUS.21 POUS output Sets the digital output that indicates the None activity of the POUS function.
Page 337 Parameters 337 Index Name/Value Description Factory default DI X113:1 & X114:1 Redundant input X113:1 & X114:1 DI X113:2 & X114:2 Redundant input X113:2 & X114:2 DI X113:3 & X114:3 Redundant input X113:3 & X114:3 DI X113:4 & X114:4 Redundant input X113:4 & X114:4 DI X113:1 Single input X113:1 DI X113:2...
Page 338 338 Parameters Index Name/Value Description Factory default Ramp Ramp monitoring. SAR0 parameters define the emergency ramp and monitoring limits. See parameters 200.102, SARx.11, SARx.12 and SARx.02. Time Time monitoring. Parameter 200.102 SAR0 ramp time to zero defines the emergency ramp and it is monitored with parameter SSE.15 SSE delay for STO.
Page 339 Parameters 339 Index Name/Value Description Factory default DO X113:7 Single output X113:7 DO X113:8 Single output X113:8 DO X113:9 Single output X113:9 DO X114:7 Single output X114:7 DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 SSE.22 SSE completed Sets the digital output that indicates the None output...
Page 340 340 Parameters Index Name/Value Description Factory default SS1.12 SS1 input B Sets the digital input that is connected to the None secondary input of the SS1 function. The secondary input is mostly used for the cascade connection. See parameters SAFEIO.12 Cascade A SAFEIO.13 Cascade None No input connected...
Page 341 Parameters 341 Index Name/Value Description Factory default SS1.15 SS1-r ramp zero Sets an extra delay time for the drive STO 12,0000 ms speed delay for STO (and SBC, if used) activation at the zero speed limit in the SS1 function. With this parameter, the FSO module delays the STO activation so that the drive is able to reach the axle zero speed before the FSO...
Page 342 342 Parameters Index Name/Value Description Factory default DO X113:9 Single output X113:9 DO X114:7 Single output X114:7 DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 … SLSx Parameters for the SLS1 4 functions SLSx.02 SLS Sets the acknowledgement method used in Manual acknowledgement …...
Page 343 Parameters 343 Index Name/Value Description Factory default SLSx.04 SLS time delay Sets the security delay after which the FSO 0 ms module actives the SLS monitoring after the SLS request. This parameter is relevant only if time monitoring is used. See parameter SLSx.03 SLS activation monitoring...
Page 344 344 Parameters Index Name/Value Description Factory default DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 SLSx.13 SLS1 trip limit Sets the SLS1 negative speed limit that trips 0.0 rpm negative the drive. -35880.0 …0.0 rpm Speed SLSx.14 SLS1 trip limit Sets the SLS1 positive speed limit that trips 0.0 rpm positive...
Page 345 Parameters 345 Index Name/Value Description Factory default SLSx.21 SLS2 input Sets the digital input that is connected to the None secondary input of the SLS function with limits 2. None No input connected DI X113:1 & X114:1 Redundant input X113:1 & X114:1 DI X113:2 &...
Page 346 346 Parameters Index Name/Value Description Factory default DI X113:2 & X114:2 Redundant input X113:2 & X114:2 DI X113:3 & X114:3 Redundant input X113:3 & X114:3 DI X113:4 & X114:4 Redundant input X113:4 & X114:4 DI X113:1 Single input X113:1 DI X113:2 Single input X113:2 DI X113:3 Single input X113:3...
Page 347 Parameters 347 Index Name/Value Description Factory default DI X113:3 Single input X113:3 DI X113:4 Single input X113:4 DI X114:1 Single input X114:1 DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 SLSx.42 SLS4 trip limit Sets the SLS4 negative speed limit that trips 0.0 rpm negative...
Page 348 348 Parameters Index Name/Value Description Factory default DO X114:9 Single output X114:9 Parameters for the SMS function SMS.13 SMS trip limit Sets the negative speed limit that trips the 0.0 rpm negative drive for the SMS function. -35880.0 …0.0 rpm Speed SMS.14 SMS trip limit Sets the positive speed limit that trips the 0.0 rpm...
Page 349 Parameters 349 Index Name/Value Description Factory default Disabled Deactivates the SDI positive function. Enabled Activates the SDI positive function. SDI.03 SDI negative activity Activates or deactivates the SDI negative Disabled function. Disabled Deactivates the SDI negative function. Enabled Activates the SDI negative function. SDI.10 SDI activation Sets the monitoring method that is used in Ramp...
Page 350 350 Parameters Index Name/Value Description Factory default SDI.14 SDI tolerance limit Sets the position tolerance for the SDI 0.00 deg degree function. The position of the motor axle cannot move into the forbidden direction more than defined with this parameter. Note: This is the absolute value.
Page 351 Parameters 351 Index Name/Value Description Factory default DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 Always on The SDI positive function is always on. SDI.23 SDI positive output Sets the digital output connected to the SDI None positive primary output. Active when the motor rotates in the correct (positive) direction.
Page 352 352 Parameters Index Name/Value Description Factory default DI X113:1 Single input X113:1 DI X113:2 Single input X113:2 DI X113:3 Single input X113:3 DI X113:4 Single input X113:4 DI X114:1 Single input X114:1 DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 Always on...
Page 353 Parameters 353 Index Name/Value Description Factory default DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 SDI.34 SDI negative output Sets the digital output that is connected to None the secondary output of the SDI negative function. Active when the motor rotates in the correct (negative) direction.
Page 354 354 Parameters Index Name/Value Description Factory default DI X113:3 & X114:3 Redundant input X113:3 & X114:3 DI X113:4 & X114:4 Redundant input X113:4 & X114:4 DI X113:1 Single input X113:1 DI X113:2 Single input X113:2 DI X113:3 Single input X113:3 DI X113:4 Single input X113:4 DI X114:1...
Page 355 Parameters 355 Index Name/Value Description Factory default DI X114:1 Single input X114:1 DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 Always on The SSM2 function is always on. SSMx.22 SSM2 limit negative Sets the negative speed limit for the SSM2 0.0 rpm function.
Page 356 356 Parameters Index Name/Value Description Factory default SSMx.32 SSM3 limit negative Sets the negative speed limit for the SSM3 0.0 rpm function. -35880.0 …0.0 rpm Speed SSMx.33 SSM3 limit positive Sets the positive speed limit for the SSM3 0.0 rpm function.
Page 357 Parameters 357 Index Name/Value Description Factory default SSMx.44 SSM4 output Sets the digital output connected to the None SSM4 function. Active when the motor speed is within the SSM4 speed limits. None No output connected DO X113:7 & X114:7 Redundant output X113:7 & X114:7 DO X113:8 &...
Page 358 358 Parameters Index Name/Value Description Factory default S_ENCGEN. Gear numerator Sets the rotation direction for the safety encoder 1 encoder. With this parameter, you can change the rotation direction of the motor. Positive direction. Negative direction. Enc module settings Parameters for the safety encoder interface module 91.11 Module 1 type Sets the type of the safety encoder interface None...
Page 359 Parameters 359 Index Name/Value Description Factory default A = master, The module is the master on cascade B = follower connection A and a follower on cascade connection B. A = follower, The module is a follower on cascade B = master connection A and the master on cascade connection B.
Page 360 360 Parameters Index Name/Value Description Factory default X113:1 -> X113:7 Single cascade X113:1 -> X113:7 X113:2 -> X113:8 Single cascade X113:2 -> X113:8 X113:3 -> X113:9 Single cascade X113:3 -> X113:9 X114:1 -> X114:7 Single cascade X114:1 -> X114:7 X114:2 -> X114:8 Single cascade X114:2 ->...
Page 361 Parameters 361 Index Name/Value Description Factory default SAFEIO.23 Safety relay 1 Sets the type of the feedback signal for Mechanicall feedback type safety relay 1. y linked NC contacts Note: The feedback delay is 800 ms for both feedback types, that is, a feedback signal from the safety relay must be received within 800 ms.
Page 362 362 Parameters Index Name/Value Description Factory default Mechanically linked Feedback of the safety relay is NO (same NO contacts state compared with the relay). SAFEIO.31 DI diagnostic pulse Sets the length of the diagnostic pulse for 1 ms length digital inputs. 0.5 ms Length of the diagnostic pulse is 0.5 ms.
Page 363 Parameters 363 Index Name/Value Description Factory default Diagnostic pulse on SAFEIO.51 DO diagnostic pulse Sets the length of the diagnostic pulse for 1 ms length digital outputs. 0.5 ms Length of the diagnostic pulse is 0.5 ms. 1 ms Length of the diagnostic pulse is 1 ms. 2 ms Length of the diagnostic pulse is 2 ms.
Page 364 364 Parameters Index Name/Value Description Factory default SAFEIO.73 DO X113:9 logic Sets the logic state of digital output X113:9. Active low state Active low Active state of the output is low voltage. Active high Active state of the output is high voltage. SAFEIO.74 DO X114:7 logic Sets the logic state of digital output X114:7.
Page 365 Parameters 365 Index Name/Value Description Factory default PROFIsafe Parameters for PROFIsafe PROFIsafe. PROFIsafe Sets the PROFIsafe destination address, F_Dest_Add that is, the address of the FENA adapter module in the safety communication network. Note: This address must be the same as is set in the F-Parameters for the PROFIsafe module properties (F_Dest_Add).
Page 366: Status And Control Words
366 Parameters Status and control words This table lists the FSO module and drive status and control words. You can view these in the ACS880 window of Drive composer pro. Index Name/Value Description Safety 200.01 FSO speed ch1 Shows the motor speed estimate 1 of the FSO module. The FSO module reads the value from the drive via communication channel 1.
Page 367 Parameters 367 Index Name/Value Description 200.05 FSO control word 1 Shows the states of the FSO commands. Name Values STO request 0 = Off, 1 = On SSE request 0 = Off, 1 = On SS1 request 0 = Off, 1 = On Reserved SAR0 request 0 = Off, 1 = On...
Page 368 368 Parameters Index Name/Value Description 200.07 FSO status word 1 Shows the FSO status word 1. Bit Name Values FSO mode bit 1 0 = Undefined 1 = Start-up mode FSO mode bit 2 2 = Running mode FSO mode bit 3 3 = Fail-safe mode 4 = Configuration mode FSO state bit 1...
Page 369 Parameters 369 Index Name/Value Description 200.08 FSO status word 2 Shows the FSO status word 2. Bit Name Values Reserved SLS1 monitoring 0 = Off, 1 = On SLS2 monitoring 0 = Off, 1 = On SLS3 monitoring 0 = Off, 1 = On SLS4 monitoring 0 = Off, 1 = On Reserved...
Page 370 370 Parameters Index Name/Value Description 200.09 Drive status word 1 Shows the drive status word 1. Bit Name Description Values Drive status bit 1 0 = Disabled 1 = Readyon Drive status bit 2 2 = Readyrun Drive status bit 3 3 = Starting Drive status bit 4 4 = Readyref...
Page 371 Parameters 371 Index Name/Value Description 200.10 Drive status word 2 Shows the drive status word 2. Name Description Values Reserved SLS1 active State on the 0 = Off, 1 = On drive side SLS2 active 0 = Off, 1 = On SLS3 active 0 = Off, 1 = On SLS4 active...
Page 372 372 Parameters...
Page 373: Start-Up
Start-up 373 Start-up Contents of this chapter This chapter describes the general precautions to be taken before starting up the safety system for the first time. Safety considerations The start-up may only be carried out by a qualified electrician who has appropriate knowledge on functional, machine and process safety.
Page 374 374 Start-up...
Page 375: Verification And Validation
Verification and validation 375 Verification and validation Contents of this chapter This chapter describes verification and validation of the implemented safety functionality. Verification and validation produce documented proof of the compliance of the implementation with specified safety requirements. Further information can be found in Technical guide No. 10 - Functional safety (3AUA0000048753 [English]).
Page 376: Acceptance Test Reports
376 Verification and validation The acceptance test using the start-up checklists described below (see Validation checklists for start-up) must be performed: • at initial start-up of the safety function • after any changes related to the safety function (wiring, components, settings, etc.) •...
Page 377: Validation Checklists For Start-Up
Verification and validation 377  Validation checklists for start-up Validation of the PROFIsafe connection Follow the steps below to validate the PROFIsafe connection: 1. Make sure that the PROFIsafe communication is enabled in FSO parameter Safety bus type. 2. Make sure that the FENA module is enabled in drive parameter 50.01 (FBA A enable) or 50.31 (FBA B enable).
Page 378 378 Verification and validation 12. If possible, make sure that the FSO LEDs do not indicate any unexpected conditions. See chapter Fault tracing for details. 13. Make sure that the diagnostic messages at the safety controller station do not contain any unexpected entries. Validation of the safety encoder interface If an encoder or FSE module failure occurs, the reaction depends on the value of parameter...
Page 379 Verification and validation 379 11. Make sure that there are no unwanted errors in the drive. 12. Reconnect the encoder cable. 13. To exit the Fail-safe mode, switch the power off and on, reboot the FSO module with drive parameter 96.09 FSO reboot (see the drive firmware manual) or press the Boot FSO button in Drive composer pro.
Page 380 380 Verification and validation Validation of safety functions Once the system is fully configured and wired for the safety functions, and the start- up safety check has been done, you must do the following functional test procedure for each safety function: 1.
Page 381 Verification and validation 381 Validation of the STO function without SBC Follow these steps to validate the STO function without SBC: 1. Check the cabling between the drive STO connector (XSTO) and the FSO module STO terminal (X111). 2. Upload the parameters from the FSO with the Drive composer pro PC tool or open an existing safety file.
Page 382 382 Verification and validation Validation of the STO function with SBC after or before STO Follow these steps to validate the STO function with a time controlled brake (SBC): 1. Check the cabling between the drive STO connector (XSTO) and the FSO module STO terminal (X111).
Page 383 Verification and validation 383 14. Make sure that the correct failure reaction takes place if there is no SBC feedback signal (for example, disconnect the SBC feedback cable). 15. Make sure that you cannot acknowledge the STO function and restart the drive before the time defined by parameter Restart delay after STO has elapsed (or...
Page 384 384 Verification and validation 10. Make sure that the drive STO is activated immediately after the STO request. 11. Check that the SBC is activated after the motor has reached the STO SBC speed, for example, using the monitoring feature of the Drive composer pro PC tool. 12.
Page 385 Verification and validation 385 Validation of the SSE with emergency ramp and SS1 functions The SSE with emergency ramp and SS1 functions are identical with only minor differences. These functions are included in the same validation procedures below. Validation of the SSE and SS1 functions with time monitoring Follow these steps to validate the SSE and SS1 functions with time monitoring (each function separately): 1.
Page 386 386 Verification and validation 12. Remove the SSE (SS1) function request. 13. If automatic acknowledgement is not used: Set an acknowledgement (for example, with an acknowledgement button). 14. Restart the drive and make sure that the motor runs normally. 15. If the motor can rotate in the reverse direction, repeat the test procedure for the reverse direction.
Page 387 Verification and validation 387 Validation of the SSE and SS1 functions with ramp monitoring Follow these steps to validate the SSE and SS1 functions with ramp monitoring (each function separately): 1. Check the SSE (SS1) input connections from the field equipment to the FSO against the circuit diagrams.
Page 388 388 Verification and validation 14. Restart the drive and make sure that the motor runs normally. 15. If the motor can rotate in the reverse direction, repeat the test procedure for the reverse direction. Validation of the SLS functions Note: The SLS validation procedures described in this section do not test the SLS trip limits.
Page 389 Verification and validation 389 8. Activate the SLS1 function (for example, disconnect the signal from the field device to the FSO input). 9. Make sure that the motor speed ramps to below the speed defined by parameter SLS1 limit positive before SLS time delay has elapsed.
Page 390 390 Verification and validation Validation of the SLS function with ramp monitoring Follow these steps to validate the SLS1...4 functions with ramp monitoring (SLS1 is used as an example): 1. Check the SLS1 input connections from the field equipment to the FSO against the circuit diagrams.
Page 391 Verification and validation 391 9. Make sure that the motor speed ramps to below the speed defined by parameter SLS1 limit positive within the ramp monitoring limits SAR1 min ramp time to zero SAR1 max ramp time to zero). 10. If cascading is used: Test the application so that the SLS1 ramp monitoring trips the drive and other cascaded drives during the deceleration ramp (that is, the FSO activates the STO function and the motor coasts to a stop).
Page 392 392 Verification and validation Validation of the Variable SLS function with time monitoring Note: This safety function requires that a safety PLC is connected to the FSO module via the PROFIsafe communication bus. Validate the PROFIsafe connection first according to the instructions in section Validation of the PROFIsafe connection page 377.
Page 393 Verification and validation 393 8. If cascading is used: Test the application so that the time monitoring trips the drive and other cascaded drives during the deceleration ramp (that is, the FSO activates the SSE function and the motor either coasts or ramps to a stop). 9.
Page 394 394 Verification and validation Validation of the Variable SLS function with ramp monitoring Note: This safety function requires that a safety PLC is connected to the FSO module via the PROFIsafe communication bus. Validate the PROFIsafe connection first according to the instructions in section Validation of the PROFIsafe connection page 377.
Page 395 Verification and validation 395 7. Make sure that the motor speed ramps to below the speed defined by parameter SLS4 limit positive and the desired scaling value within the ramp monitoring limits SAR1 min ramp time to zero SAR1 max ramp time to zero.
Page 396 396 Verification and validation Validation of the SMS functions Validation of the SMS function, version 1 Follow these steps to validate the SMS function, version 1: 1. Upload the parameters from the FSO with the Drive composer pro PC tool or open an existing safety file.
Page 397 Verification and validation 397 Validation of the SMS function, version 2 Note: The SMS validation procedure described in this section does not test the SMS trip limits. You can test the SMS trip limits by changing the SMS limit really close to the SMS trip limit (for example, 1 rpm below the trip limit).
Page 398 398 Verification and validation Validation of the POUS function Follow the steps below to validate the POUS function: 1. Check the POUS input and output connections from the field equipment to the FSO against the circuit diagrams. 2. Upload the parameters from the FSO with the Drive composer pro PC tool or open an existing safety file.
Page 399 Verification and validation 399 Validation of the SSM functions Follow these steps to validate the SSM1...4 functions (the SSM1 function is used as an example): 1. Check the SSM1 input and output connections from the field equipment to the FSO against the circuit diagrams. 2.
Page 400 400 Verification and validation Validation of the SDI positive function with time monitoring Follow these steps to validate the SDI positive function with time monitoring: 1. Check the SDI input connections from the field equipment to the FSO against the circuit diagrams.
Page 401 Verification and validation 401 Validation of the SDI positive function with ramp monitoring Follow the steps below to validate the SDI positive function with time monitoring: 1. Check the SDI input connections from the field equipment to the FSO against the circuit diagrams.
Page 402: Proof Test Intervals During Operation
402 Verification and validation Proof test intervals during operation Proof tests are intended to ensure that the safety integrity of a safety system is maintained continuously and does not deteriorate over time. Proof tests are often required for mechanical brakes, for example. Proof tests are used mainly for parts of the system that cannot be automatically diagnosed.
Page 403: Fault Tracing
Fault tracing 403 Fault tracing Contents of this chapter This chapter describes the status LEDs and provides generic diagnostics and troubleshooting tips for FSO related faults generated by the drive. Status LEDs The status LEDs are situated on the front of the FSO module. The table below describes the status LED indications.
Page 404: Event Types
404 Fault tracing Event types The FSO module generates three types of events to the drive: • Pure events, which are just informative data • Warnings, which are shown to the user • Faults, which stop the drive and are shown to the user. The user can select the event type (warning, fault or event) for certain function requests, limit hits and special events: •...
Page 405: Faults, Warnings And Events
Name Cause What to do (hex) Faults 7A81 TUCSO fault FSO subsystem fault Contact your local ABB representative. 7A8B FSO general fault FSO module is in the See the warning log for more Configuration mode. information on the actual cause.
Page 406 Internal fault in the FSO Reboot the FSO module. If the 5) 3) module problem still exits, replace the FSO module. Contact your local ABB representative. A7D2 FSO IO fault Problems in the I/O Check the FSO I/O cabling. 4) 3)
Page 407 FSO module (switch the power off and on or use drive parameter 96.09 FSO reboot, see the drive firmware manual). • Make sure that cooling is sufficient. Contact your local ABB representative. A7DB FSO undefined FSO new version, Contact your local ABB...
Page 408 408 Fault tracing Code Name Cause What to do (hex) AA97 FSO POUS FSO module received an request external POUS request and activated POUS. AA99 FSO passivated FSO module was Check the fieldbus connection and passivated due to safety fieldbus controller for passivation fieldbus problems.
Page 409 See the tips in the Drive Composer event an event other than a fault PC tool. or a warning. B792 FSO undefined FSO new version, Contact your local ABB event undefined event in the representative. drive event system. B793 FSE Ch1 diag Encoder failure.
Page 410 410 Fault tracing Code Name Cause What to do (hex) BA90 FSO stop FSO module has completed completed the STO, SS1 or SSE function. BA91 FSO safe speed Motor actual speed Check the drive. 2) 3) limit exceeded an SLS1...4 or SMS limit of the FSO module.
Page 411 Fault tracing 411 Code Name Cause What to do (hex) BAA7 FSO SLS4 hit FSO module detected an Check the drive. SLS4 speed limit violation. BAA8 FSO SMS hit FSO module detected an Check the drive. SMS speed limit violation. BAA9 FSO SAR0 hit FSO module detected an Make sure that the drive can...
Page 412: User-Selectable Events For Function Requests
412 Fault tracing Code Name Cause What to do (hex) BAB5 FSO varSLS hit FSO module detected a Check the drive. Variable SLS speed limit violation. BAB6 FSO safebus FSO module was Check the fieldbus connection and passivation passivated due to fieldbus controller for passivation communication problems.
Page 413: User-Selectable Events For Limit Hits And Special Events
Fault tracing 413  User-selectable events for limit hits and special events The table below lists user-selectable events related to limit hits and special events. Limit/Incident Events depending on the event type selection (parameter FSOGEN.62) Fault Warning Event SLS1 SLS1 limit hit AAA4 FSO SLS1 hit AAA4 FSO SLS1 hit BAA4 FSO SLS1 hit...
Page 414 414 Fault tracing Limit/Incident Events depending on the event type selection (parameter FSOGEN.62) Fault Warning Event SDI negative SDI negative AAB1 FSO SDI AAB1 FSO SDI BAB1 FSO SDI negative negative hit (warning) negative hit System at safe 7A96 FSO out of SDI AA96 FSO out of SDI BA96 FSO out of SDI state...
Page 415: User-Selectable Events For Safety Fieldbus Failures
Faults, warnings and events have 32-bit auxiliary codes, which help in finding the problem. See the tips in the Drive Composer PC tool for more information on the auxiliary codes. Reporting problems and failures If you detect any failure in the safety module or safety functions, always contact your local ABB representative.
Page 416 416 Fault tracing...
Page 417: Maintenance
Maintenance 417 Maintenance Contents of this chapter This chapter explains replacement of the FSO and FSE modules in case of a module failure, reinstalling the FSO module to another drive, updating the firmware of the drive where the FSO is installed, factory reset, FSO update and decommissioning as well as proof tests.
Page 418: Replacing The Fso Module
418 Maintenance WARNING! Read and obey the instructions in chapter Safety and chapter Safety instructions in the drive hardware manual. If you ignore them, injury or death, or damage to the equipment can occur.  Replacing the FSO module 1. Stop the driven machinery and prevent an unexpected start-up. 2.
Page 419: Drive Replacement
Maintenance 419 Drive replacement If you have to replace the drive where the FSO is installed, for example, because of a serious drive failure, follow the procedure below.  Reinstalling the FSO module to another drive 1. Stop the driven machinery and prevent an unexpected start-up. 2.
Page 420: Drive Firmware Update
420 Maintenance Drive firmware update If you have to update the firmware of the drive where the FSO module is installed, follow the procedure below.  Updating the firmware of the drive where the FSO module is installed 1. Stop the driven machinery and prevent an unexpected start-up. 2.
Page 421: Fena Module Replacement
3. Replace the FENA module according to the instructions in FENA-01/-11/-21 Ethernet adapter module user’s manual (3AUA0000093568 [English]). 4. Assign the device name for the FENA module from the safety PLC (see section Configuring the ABB AC500-S Safety PLC on page or section...
Page 422: Fse Module Replacement
422 Maintenance FSE module replacement If you have to replace the FSE module, for example, because of a serious hardware failure, follow the procedure below.  Replacing the FSE module 1. Stop the driven machinery and prevent an unexpected start-up. 2.
Page 423: Factory Reset
Maintenance 423 Factory reset Do a factory reset if • you forget the password • you want to do the configuration again from scratch. Note: The factory reset clears the configuration and takes the factory default values back in use. These factory default values are not the same as the pre-set values in a delivered FSO (ordered with a plus code).
Page 424: Drive Control Board Boot
424 Maintenance Drive control board boot If you reboot the drive control board (either by cycling the power or with parameter 96.08 Control board boot), the FSO module goes into the Fail-safe mode. To exit the Fail-safe mode, switch the power off and on, reboot the FSO module with drive parameter 96.09 FSO reboot or press the Boot FSO button in Drive composer pro.
Page 425: Decommissioning
Maintenance 425 Decommissioning WARNING! Read and obey the instructions in chapter Safety and chapter Safety instructions in the drive hardware manual. If you ignore them, injury or death, or damage to the equipment can occur. When you decommission the FSO or FSE module, make sure that the safety of the machine is maintained until the decommissioning is complete.
Page 426 426 Maintenance...
Page 427: Technical Data
Technical data 427 Technical data Contents of this chapter This chapter contains the technical specifications of the FSO-21 module. Electrical data Supply voltage +24 ± 3 V DC (SELV/PELV) Current consumption Maximum 1000 mA (external power supply) Inputs 4 redundant or 8 single, or combinations of redundant and...
Page 428: Terminal And Lead-Through Data For The Control Cables
428 Technical data Terminal and lead-through data for the control cables Conductor size Tightening torque Solid or stranded Stranded, ferrule Stranded, ferrule with without plastic sleeve plastic sleeve Min/Max Min/Max Min/Max Min/Max Min/Max Min/Max N·m lbf·in 0.14/1.5 26/16 0.25/1.5 23/16 0.25/0.5 23/21 0.24...
Page 429: Speed Estimation
Technical data 429 Speed estimation Speed range Allowed range depends on the used motor. Maximum range: (-30000…+30000 rpm)/(number of motor pole pairs). Accuracy The speed estimation error is ± motor slip. With synchronous motors, there can be small estimation ripples at the zero speed region (below 10 rpm).
Page 430: Safety Functions
430 Technical data Safety functions Stopping functions Safe torque off Safe brake control Safe stop 1 Safe stop emergency Speed-related functions Safely-limited speed Variable SLS Variable Safely-limited speed Safe maximum speed Safe speed monitor Safe direction Safe acceleration range - SAR is used only for deceleration with SS1, SSE, SDI and SLS and Variable SLS functions.
Page 431: Safety Data
Technical data 431 Safety data  General o determine the SIL/PL capability of the whole safety function where the FSO is included, the failure rates (PFD /PFH) of all components implementing the safety function (see the figure below) must be added. Drive Switch, input...
Page 432 432 Technical data • Feedback. Feedback circuit is not part of safety calculations. Thus the external feedback contacts that are connected to the digital inputs of the FSO module are not included in the calculations either. • Sensors, input devices and possible additional actuators. For the safety data, see the manufacturer’s documentation.
Page 433: Basic Safety Data
 Basic safety data The FSO-21 module is a type B safety component as defined in IEC 61508-2. The FSO-21 data related to safety standards IEC 61508, EN/IEC 61800-5-2, EN ISO 13849-1 and EN/IEC 62061 is listed below for the different subsystems within the FSO module.
Page 434: Pulse Encoder Interface Module
434 Technical data 1-ch. DO, 2-ch. DO, 1-ch. DO, 2-ch. DO, Speed Speed pulses pulses no pulses no pulses output meas. meas. with FSE-31 SIL/SILCL PFH (1/h) 3.1E-09 1.3E-11 6.2E-08 1.4E-11 1.8E-11 6.6E-09 3.8E-09 3.0E-05 1.7E-07 5.5E-04 1.8E-07 2.5E-07 4.9E-05 5.1E-05 (T1 =2 a) 7.1E-05...
Page 435: Safety Data For Some Typical Configurations
Technical data 435  Safety data for some typical configurations The table below shows FSO-21 safety data for some safety functions with typical combinations of the FSO module subsystems. See section Basic safety data page for more information on the subsystems.
Page 436 436 Technical data Values with the FSE-31 module Subsystems used MTTF Cat. PL SILCL in the safety (1/h) (T1 =2 a) (T1 =5 a) function Prevention of unexpected start-up / Emergency stop, with a safe output (eg, releasing a mechanical brake) 1-channel pulsed DI Logic 2...
Page 437: Life Time
Technical data 437  Life time FSO-21 life time 20 years  Response times Safety function response time Maximum response time of the FENA, FSO and drive combination is 100 ms. Note: Delays that depend on parameter settings can change the response time.
Page 438 438 Technical data Example 2 STO request from I/O or PROFIsafe (Drive 1) 35 ms DO activation for cascading 100 ms Removal of torque (Drive 1) STO request through cascading (Drive 2) 70 ms DO activation for cascading (Drive 2) 135 ms Removal of torque (Drive 2)
Page 439: Related Standards And Directives
Technical data 439 Related standards and directives Referenced standards are listed in the table below. Standard Name EN 60204-1:2006 + Safety of machinery – Electrical equipment of machines – Part 1: AC:2010 General requirements IEC 60204-1:2016 IEC 61508 Parts 1-3, Functional safety of electrical/electronic/programmable electronic Ed.
Page 440 440 Technical data...
Page 441: Dimension Drawings
Dimension drawings 441 Dimension drawings The dimension drawings of the FSO-21 module with two different bottom plates for different drive control unit types are shown below. The dimensions are given in millimeters and [inches].
Page 442 442 Dimension drawings...
Page 443: Further Information
Product and service inquiries Address any inquiries about the product to your local ABB representative, quoting the type designation and serial number of the unit in question. A listing of ABB sales, support and service contacts can be found by navigating to www.abb.com/searchchannels.
Page 444 Contact us www.abb.com/drives www.abb.com/drivespartners 3AXD50000015614 Rev D (EN) EFFECTIVE: 2017-04-26...

ABB FSO-21 User Manual

1 Safety

2 Introduction to the Manual

3 Safety Information and Considerations

4 Overview

5 Safety Functions

6 Profisafe

7 Planning for Installation

8 Installation

9 Installation Checklists

10 Configuration

11 FSO-21 Parameters

12 Start-Up

13 Verification and Validation

14 Fault Tracing

15 Maintenance

16 Technical Data

17 Dimension Drawings

Further Information

Quick Links

Related Manuals for ABB FSO-21

Summary of Contents for ABB FSO-21