ABB AC500-S Safety User Manual page 411

Nr. Item to check
3. Make sure that the following rule, as defined by PRO-
FIsafe standard (refer to www.profisafe.net for more
details), was considered in the safety application
analysis:
n A maximum of 10 communication links (i.e., PRO-
FIsafe connections from the given safety input to
the given safety output) per safety function is per-
mitted for an average probability of a dangerous
failure of 10
communication links per safety function, the prob-
ability of a dangerous failure increases by 10
per additional communication link. Correspond-
ingly, a maximum of 100 communication links is
permitted in case of SIL2.
4. Make sure that all network devices used in conjunc-
tion with AC500-S Safety PLC meet the requirements
of IEC 61010 or IEC 61131-2 (e.g., PELV). Single port
routers are not permitted as borders for a safety
island.
Ä [3] for further details
5 Before any deployment of a safety application with
PROFIsafe, especially those using wireless compo-
nents, an assessment for dangerous threats such as
eavesdropping or data manipulation shall be exe-
Ä [11] for more details). Check that adequate
cuted (
level of security defining security zones with security
gates was established.
In case of no threat, no security measures are neces-
sary.
Note:
There are two possible threats identified so far mainly
for applications with wireless components [3]:
n Willful changes of parameters of F-Devices and
safety programs;
n Attacks on the cyclic communication, e.g., simula-
tion of the safety communication.
6. The complete functional testing of all parts of the
safety-oriented application has to be performed. This
test must be carried out with the machine in its final
configuration including mechanical, electrical and
electronic components, sensors, actuators, and soft-
ware.
30.03.2017
-9 /h (SIL3). In case of more than 10
Checklists for AC500-S Commissioning
Checklist for operation, maintenance and repair
Fulfilled (Yes / No)?
-10 /h
AC500-S
Comment
411