Principle Of Operation; Parameterization; Position Monitoring; Retracting - Siemens Simatic Manual

Fail-safe function blocks for storage and retrieval machines
3.5.2

Principle of operation

3.5.2.1

Parameterization

1. The user must interconnect the safety-related position actual value of the system to be moni-
tored at SAFE_POS, and at input POS_VALID its validity AND'ed with the valid reference
(REFERENCED). Block "F_SAFE_POS" (Chapter 3.2) provides three signals as output.
2. It also behaves the same with inputs SAFE_V and V_VALID, which refer to the safety-related
actual velocity.
3. The permitted range for the retraction path is parameterized at inputs X_POSITIVE and/or
X_NEGATIVE, specifying the upper and lower limits.
4. VMAX_RELEASE must lie in the range 1 – 32767. The block identifies if values less than 1 or
values higher than 32767 are parameterized, and DIAG bit 4 is set. ERROR changes to 1.
The block identifies if not all of the mentioned preconditions are satisfied, and this is signaled
as parameterizing error with the appropriately set DIAG bits.
Note
The block only checks the parameterization at the 1st call. This results in a sub-
sequent increased block performance.
As a consequence, reparameterization is not permitted when safety operation is
deactivated. The safety program must be regenerated and loaded each time that
any of the block operating parameters are changed.
3.5.2.2

Position monitoring

5. As long as the position actual value is valid, and is in the permitted range, the block does not
signal an error i.e. outputs ERROR and DIAG supply a 0 signal.
6. If the position actual value is in the permitted range, is however identified as not being valid as
a result of POS_VALID = 0, then an error code is also output at DIAG. Until acknowledgment,
ERROR remains in the actual state, assuming that no additional faults/errors occur as a result
of another active monitoring function. All other outputs maintain their actual state until ac-
knowledgment, or the cancellation of RELEASE. This case, DIAG bit No. 5 is set.
7. As soon as POS_VALID again changes to 1, DIAG bit No. 5 then returns to 0.
8. As soon as SAFE_POS lies outside the parameterized travel range, depending on the direc-
tion in which this was exited, X_POSITIVE_OK or X_NEGATIVE_OK is set to 0. In the user in-
terconnection, a stop response should be initiated in the drive.
9. In addition, DIAG bit No. 0 is set for falling below the lower end stop – or DIAG bit No. 1 is set
for exceeding the upper end stop. ERROR is set to 1.
!
Safety notes and instructions
Block F_SAFE_POS signals a 0 signal at POS_VALID via output ERROR = 1.
When POS_VALID goes to zero, a user interconnection must initiate a stop re-
sponse in the drive. All other blocks flag this state using an error code ; to avoid a
lot of messages occurring at any one time, ERROR is not again set to a 1. The
end stops are no longer monitored. End stop monitoring errors can be immediately
acknowledged X_NEGATIVE_OK, X_POSITIVE_OK and SLS_OK are again set.
If a 1 signal is again present at POS_VALID, the associated DIAG bit 5 is reset,
and the end stops are again monitored
3.5.2.3

Retracting

10. The block retraction function can be activated using a positive edge at RELEASE in order to
travel from the end stop back into the permitted travel range. The velocity parameterized at
VMAX_RELEASE is then output at the SLS_THRESHOLD output, and depending on the di-
rection in which the end range was violated, MOVE_POSITIVE_OK or
MOVE_NEGATIVE_OK is set to 0, in order to prevent additional motion into the end zone.
MOVE_POSITIVE_OK = 0 inhibits motion in the positive direction, MOVE_NEGATIVE_OK = 0
inhibits motion in the negative direction.
S7-Distributed Safety/SIMATIC Safety - fail-safe function blocks for storage and retrieval machines
.
- 3-28 -