Safety Function And Fault Reaction; Safety Cpu (Sm560-S) - ABB AC500-S Safety User Manual
Safety programmable logic controllers system
Hide thumbs
Also See for AC500-S:
- Safety user manual (404 pages) ,
- Application note (24 pages) ,
- System manual (119 pages)
Table of Contents
Advertisement
Overview of AC500-S Safety PLC
Safety function and fault reaction > Safety CPU (SM560-S)
The following communication requirements shall be fulfilled for using AC500-S Safety PLC:
n
Safety data cannot be transferred over public networks, e.g., Internet. If safety data is transferred across
company/factory networks, ensure that sufficient protection is provided against manipulation (firewall or
router for network separation).
n
Equipment connected to communication devices shall feature safe electrical isolation.
NOTICE!
You can use AC500-S Safety I/O modules with 3
valid ABB GSDML files in your 3
After this, you can configure and use AC500-S Safety I/Os with 3
Control Builder Plus V2.2.1 (or newer) / Automation Builder 1.0 (or newer) to obtain F_iPar_CRC value
for your configured iParameters or contact ABB technical support to obtain F_iPar_CRC values.
Validate that all iParameters (Input delay, channel configuration, etc.) for all AC500-S Safety I/Os and
other F-Devices are correct with a given F_iPar_CRC value using appropriate functional validation
tests or verification procedure (
AC500-S Safety I/Os" on page 412) for those parameters.
2.13
Safety function and fault reaction
The main safety function of AC500-S Safety PLC is to read safety digital and analog inputs to control the
safety digital outputs by the safety logic module SM560-S according to a user-defined IEC 61131 application
program and configuration.
The AC500-S Safety PLC can be used as a "de-energize to trip" (Normally Energized, NE) system. The safe
state of the outputs is defined according to the table below:
Table 2: NE safety system behaviour
Mode according to IEC 61508 ed. 2
Safety Function
Safe State
The purpose of AC500-S safety function is to enable a machine (as a system) to achieve with a given SIL
(IEC 61508 ed. 2, IEC 62061) and PL (ISO 13849) a system safe state. An exemplary Safety Function on
the application level, which can be executed by AC500-S in machinery applications, is the Emergency Stop.
2.13.1
Safety CPU (SM560-S)
The safety function of SM560-S Safety CPU is to correctly process signal information. It processes safety
input signals and internal data storage to generate signals to safety output modules and set a new state of its
internal data storage.
If this function cannot be correctly executed, the SM560-S Safety CPU goes to a SAFE STOP state, in which
no valid safety telegrams are generated and, as a result, all safety output module channels are de-energized
('0' state) after watchdog time is expired.
Faults in the cyclic communication between the Safety CPU and Safety I/O modules are detected by the
Safety CPU and, as a result, '0' values are handed to the safety application program.
24
rd
party F-Hosts on PROFINET. Download and install
rd
party F-Host engineering environment from http://www.abb.com/plc.
Ä Chapter 6.5 "Verification procedure for safe iParameter setting in
AC500-S
rd
party F-Host. Use ABB PS501
Normally energized, NE
High-demand
De-energize to trip
De-energized outputs
30.03.2017
Hide quick links:
Advertisement
Table of Contents
