Page 1 Safety functions integrated in the system/drive Connecting sensors and actuators Data descriptions Commissioning Diagnostics Interaction with other functions Appendix Valid for Control system SINUMERIK 840D sl / 840DE sl Software version NCU system software for 840D sl/840DE sl 4.8 SP2 12/2017 6FC5397-4BP40-6BA1...
Page 2 Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems.
Page 3: Preface
At the following address, you can find information on how to create your own individual documentation based on Siemens' content, and adapt it for your own machine documentation. Training At the following address, you can find information about SITRAIN (Siemens training on products, systems and solutions for automation and drives).
Page 4 Preface Target group This publication is intended for: ● Project engineers ● Technologists (from machine manufacturers) ● System startup engineers (Systems/Machines) ● Programmers Benefits The function manual describes the functions so that the target group knows them and can select them. It provides the target group with the information required to implement the functions.
Page 5: Table Of Contents
Table of contents Preface.................................3 Fundamental safety instructions.........................11 General safety instructions.....................11 Equipment damage due to electric fields or electrostatic discharge........14 Warranty and liability for application examples..............14 Industrial security........................15 Residual risks of power drive systems...................16 Regulations and standards.........................17 General..........................17 2.1.1 Objective..........................17 2.1.2 Functional safety........................17 Machine safety in Europe.......................18 2.2.1...
Page 6 Table of contents Safety technology integrated in the drive................36 3.3.1 Overview of the safety functions integrated in the drive............38 Comparison of the function names..................38 System features............................41 System requirements......................41 Current information........................43 Certifications..........................44 Probability of failure........................44 Safety information & instructions and residual risks...............44 4.5.1 General residual risks for PDS (Power Drive Systems)............44 4.5.2...
Page 7 Table of contents Actual value conditioning.......................84 6.4.1 Encoder types........................84 6.4.2 Encoder adjustment, calibrating the axes................89 6.4.3 Axis states..........................90 6.4.4 User agreement........................92 6.4.5 Selector gearboxes........................94 6.4.5.1 Taking into account selector gearboxes.................94 6.4.5.2 Gearbox with direction of rotation reversal................95 6.4.6 Actual value synchronization (slip for 2-encoder systems)............96 6.4.7 Encoder limit frequency......................98 Enabling the safety-related functions..................98...
Page 8 Table of contents Connecting sensors and actuators......................171 Safety-related input/output signals..................171 8.1.1 Overview of the SGEs/SGAs and their structure..............171 8.1.2 Forced checking procedure of SPL signals................177 8.1.3 Connecting sensors - actuators using the 3-terminal concept..........179 8.1.4 Sensor connection using the 4-terminal concept..............181 8.1.5 Multiple distribution and multiple interlocking...............183 Connecting I/O via PROFIsafe.....................184...
Page 9 Table of contents 8.5.8 Safe software relay......................277 8.5.9 System variables for SINUMERIK 840D sl................282 8.5.10 Behavior after power on/mode change/reset...............288 8.5.11 SPL data on the PLC side....................288 8.5.12 Direct communications between NCK and PLC-SPL............289 Safe Brake Test (SBT)......................290 8.6.1 Applications..........................290 8.6.2...
Page 10 11.1.2 Safety Integrated global checksums..................580 11.1.3 Integrating safety SPL user alarms..................584 11.1.4 Trace bit graphics for Safety Integrated................589 11.2 NCK safety alarms for SINUMERIK 840D sl................595 11.3 Safety messages for SINAMICS S120.................692 11.3.1 General..........................692 11.3.2 List of faults and alarms.......................695 11.4...
Page 11: Fundamental Safety Instructions
Fundamental safety instructions General safety instructions WARNING Electric shock and danger to life due to other energy sources Touching live components can result in death or severe injury. ● Only work on electrical devices when you are qualified for this job. ●...
Page 12 Fundamental safety instructions 1.1 General safety instructions WARNING Electric shock due to equipment damage Improper handling may cause damage to equipment. For damaged devices, hazardous voltages can be present at the enclosure or at exposed components; if touched, this can result in death or severe injury.
Page 13 ● If you come closer than around 2 m to such components, switch off any radios or mobile phones. ● Use the "SIEMENS Industry Online Support App" only on equipment that has already been switched off. WARNING...
Page 14: Equipment Damage Due To Electric Fields Or Electrostatic Discharge
Fundamental safety instructions 1.3 Warranty and liability for application examples WARNING Malfunctions of the machine as a result of incorrect or changed parameter settings As a result of incorrect or changed parameterization, machines can malfunction, which in turn can lead to injuries or death. ●...
Page 15: Industrial Security
Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer’s exposure to cyber threats.
Page 16: Residual Risks Of Power Drive Systems
Fundamental safety instructions 1.5 Residual risks of power drive systems Residual risks of power drive systems When assessing the machine- or system-related risk in accordance with the respective local regulations (e.g., EC Machinery Directive), the machine manufacturer or system installer must take into account the following residual risks emanating from the control and drive components of a drive system: 1.
Page 17: Regulations And Standards
Regulations and standards General 2.1.1 Objective Manufacturers and operators of technical equipment and products are responsible in minimizing the risk from plants, machines and other technical equipment corresponding to state-of-the-art technology. Regulations and standards are essential documents that define the minimum requirements to minimize risks. By maintaining these minimum requirements, the company erecting a plant or a manufacturer of a machine or a piece of equipment can prove that they have fulfilled their obligation to exercise care and diligence.
Page 18: Machine Safety In Europe
Regulations and standards 2.2 Machine safety in Europe In this case, it is necessary to use specially qualified technology that fulfills the requirements described in the relevant standards. The requirements to achieve functional safety are based on the following basic goals: ●...
Page 19: Harmonized European Standards
Regulations and standards 2.2 Machine safety in Europe Manufacturers of a machine must verify that their machine complies with the basic requirements. This verification is facilitated by means of harmonized standards. 2.2.2 Harmonized European standards The two Standards Organizations CEN (Comité Européen de Normalisation) and CENELEC (Comité...
Page 20: Standards For Implementing Safety-Related Controls
Regulations and standards 2.2 Machine safety in Europe requirements for specific machines. The requirements can, under certain circumstances, deviate from the basic and group standards. Type C/product standards have the highest priority for machine manufacturers who can assume that it fulfills the basic requirements of Annex I of the Machinery Directive (automatic presumption of compliance).
Page 21: Iso 13849-1
Regulations and standards 2.2 Machine safety in Europe 2.2.4 EN ISO 13849-1 EN ISO 13849-1 is based on previous standard EN 954-1, and additionally requires a quantitative consideration of the safety functions. The following safety-related parameters are required for components/devices: ●...
Page 22 Regulations and standards 2.2 Machine safety in Europe Safety-related characteristic quantities for subsystems: ● SIL CL: SIL suitablility SIL claim limit ● PFH Probability of hazardous failures per hour Probability of dangerous failure per hour ● T1: Service life Lifetime Basic subsystems, e.g.
Page 23: Series Of Standards En 61508 (Vde 0803)
Regulations and standards 2.2 Machine safety in Europe Data on non-electrical systems is not included in EN 62061. The standard provides detailed information on implementing safety-related electrical, electronic, and programmable electronic control systems. EN ISO 13849-1 must be applied for non-electric systems. Note Details of basic subsystems that have been implemented and integrated are available as "function examples".
Page 24 Regulations and standards 2.2 Machine safety in Europe 2.2.7 EN 60204-1 European standard EN 60204-1 is based on the modified ISO edition of IEC 60204-1. It includes general requirements and recommendations for the electrical, electronic and programmable electronic equipment of machines with rated voltages up to and including 1000 V AC/ 1500 V DC at rated frequencies up to and including 200 Hz, in order to: - promote the safety of persons and assets - maintain the functionality...
Page 25: Risk Analysis/Assessment
Regulations and standards 2.2 Machine safety in Europe 2.2.9 Risk analysis/assessment Systems and machines represent risks due to their design and functionality. For this reason, the Machinery Directive requires that a risk assessment be performed for each machine and, if necessary, the level of risk reduced until the residual risk is less than the tolerable risk. To assess these risks, the following standard must be applied: ●...
Page 26: Risk Reduction
Regulations and standards 2.2 Machine safety in Europe Figure 2-1 Iterative process to achieve the required level of safety according to DIN ISO 12100 Risks must be reduced by suitably designing and implementing the machine - for instance a control system or protective measures suitable for the safety-related functions. If the protective measures involve the use of interlocking or control functions, these must be designed in accordance with EN ISO 13849-1.
Page 27: Residual Risk
Regulations and standards 2.3 Machine safety in the USA 1050). Annex A of the standard describes a method for determining the required Safety Integrity Level (SIL). Regardless of which standard is applied, steps must be taken to ensure that all the machine controller components required for executing the safety-related functions fulfill these requirements.
Page 28: Nrtl Listing
Regulations and standards 2.3 Machine safety in the USA exists in the US taken into account. Due to the product liability legislation, it is in the interests of manufacturing and operating companies that they carefully maintain the applicable regulations and are "forced" to fulfill the requirement to use state-of-the-art technology. Third-party insurance companies generally demand that their customers fulfill the applicable standards of the standards organizations.
Page 29: Ansi B11
Regulations and standards 2.4 Machine safety in Japan Underwriter Laboratories Inc. (UL) has defined a special category for "Programmable Safety Controllers" for implementing this requirement (code NRGF). This category covers control devices that contain software and are designed for use in safety-related functions. A precise description of the category and a list of devices that fulfill this requirement can be found on the Internet at the following address: NRGF →...
Page 30: Equipment Regulations
Regulations and standards 2.6 Other safety-related issues Equipment regulations In addition to the requirements of the guidelines and standards, company-specific requirements must be taken into account. Large corporations in particular (e.g. automobile manufacturers) make stringent demands regarding automation components, which are often listed in their own equipment specifications.
Page 31: Additional Information
Regulations and standards 2.6 Other safety-related issues 2.6.3 Additional information A list of links on the topic of "SINUMERIK Safety Integrated" is provided in this Product announcement. The following topics are also included there: ● Calculation of the safety functions with SET and SISTEMA ●...
Page 32 Regulations and standards 2.6 Other safety-related issues Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 33: Brief Description
Brief description Control/drive systems In order to implement safety-related measures, up until now, external equipment and devices were used - e.g. contactors, switches, cams and monitoring devices. If a hazardous situation is detected, these devices generally interrupt the power circuit using contacts, thus stopping motion.
Page 34: Safety Technology Integrated In The System
Safety technology integrated in the system SINUMERIK Safety Integrated Using the SINUMERIK Safety Integrated function, for SINUMERIK 840D sl, for all power/ performance classes, integrated safety functions are available in conjunction with the SINAMICS S120 drive system; these are used to monitor standstill (zero speed), velocity and position.
Page 35: Overview Of The Safety Functions Integrated In The System
Brief description 3.2 Safety technology integrated in the system Features of the two-channel, diverse structure A two-channel, diverse structure is characterized by the following features: ● Two-channel structure with at least 2 independent computers (i.e. computers with different hardware and software). ●...
Page 36: Safety Technology Integrated In The Drive
Under certain limitations and constraints (refer to the system prerequisites), the Safety Integrated Basic Functions can be used together with SINUMERIK 840D sl. They can be activated via terminals at the power unit and at the NCU or at the NX module.
Page 37 Brief description 3.3 Safety technology integrated in the drive Figure 3-3 Safety functions integrated in the drive in conjunction with SINUMERIK Features of the two-channel, diverse structure A two-channel, diverse structure is characterized by the following features: ● Two-channel structure with at least 2 independent computers (i.e. computers with different hardware and software).
Page 38: Overview Of The Safety Functions Integrated In The Drive
Brief description 3.4 Comparison of the function names Reacting When the integrated safety-related functions respond, the drive processors can act on the connected actuators in a safety-related fashion in-line with the actual situation. For example, the appropriate stop responses for the drives can be initiated and/or the brakes activated. 3.3.1 Overview of the safety functions integrated in the drive The safety functions are available in all modes and can communicate with the process using...
Page 39 Brief description 3.4 Comparison of the function names SINUMERIK Safety Integrated functional name Function name according to EN 61800-5-2 German English Abbr. German English Abbr. Safety-relevant input/ Safety-related I/O SGE/SGA output signals F-DI/F-DO Safe Programmable Safe Programmable Logic Logic Safe software relay Safe software relay 1) For the drive-based safety functions of SINAMICS, this involves a delayed SOS 2) For the drive-based safety functions of SINAMICS, this involves a delayed SOS with previous initiation of ESR (extended...
Page 40 Brief description 3.4 Comparison of the function names Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 41: System Features
Case b) is only permissible if this combination has been explicitly approved by the manufacturer. ● SINUMERIK 840D sl; all NCU types can be used ● The measuring circuit cables must comply with the specifications of the SINAMICS S120. ● Safety-related devices/modules, that correspond to open-type devices according to UL 50, may only be operated in enclosure-type housings/cabinets that have as a minimum degree of protection IP54 in accordance with EN 60529.
Page 42 SINAMICS booksize and chassis units. ● For the Safety Integrated function, only the explicitly released encoder systems may be used. A list of the Siemens encoders and motors permissible for Safety Integrated Functions can be obtained from your local Siemens contact partner.
Page 43: Current Information
Go into the Internet at: http://automation.siemens.com Note You have to register and log in if you want to subscribe to the newsletter. You will be led automatically through the registration process.
Page 44: Certifications
As result you will receive a standards-compliant report that can be integrated in the machine documentation as proof of safety. See: http://www..siemens.de/safety-evaluation-tool For additional information, please contact your local Siemens office. Safety information & instructions and residual risks 4.5.1...
Page 45 System features 4.5 Safety information & instructions and residual risks DANGER Power Drive Systems The control and drive components of a power drive system (PDS) are approved for industrial and commercial use in industrial line supplies. Their use in public line supplies (public grids) requires a different configuration and/or additional measures.
Page 46: Additional Safety Information & Instructions And Residual Risks For Safety Integrated
System features 4.5 Safety information & instructions and residual risks 4.5.2 Additional safety information & instructions and residual risks for Safety Integrated DANGER Risk reduction for plants and machines Safety Integrated can be used to minimize the level of risk associated with machines and plants.
Page 47 System features 4.5 Safety information & instructions and residual risks As a result of the fault analysis, the machine manufacturer is in a position to define the residual risk at his machine regarding Safety Integrated. The following residual risks are known. WARNING Additional residual risks ●...
Page 48 System features 4.5 Safety information & instructions and residual risks WARNING Additional residual risks ● The "Automatic restart" function of SINAMICS S120 must not be used in conjunction with safety functions since this is prohibited in EN 60204-1, Chapter 9.2.5.4.2. (Deselecting a safety shutdown function alone must not result in the machine restarting.) ●...
Page 49 – Use a 2-encoder system (in this case it is not permissible that the encoders are mounted on same shaft). A list of the Siemens encoders and motors permissible for Safety Integrated Functions can be obtained from your local SIEMENS contact partner.
Page 50 System features 4.5 Safety information & instructions and residual risks Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 51: Safety Functions Integrated In The Drive
Safety Functions integrated in the drive Note This Chapter describes the safety functions that are integrated in the drive - "Safe Torque Off" (STO), "Safe Brake Control" (SBC) and "Safe Stop 1" (SS1), which are controlled via the drive terminals. Safety functions SH and SBC from the context of the safety-related motion monitoring functions are described in Chapter "Basics regarding the safety functions integrated in the system/ drive (Page 81)".
Page 52: Supported Functions
Safety Functions integrated in the drive 5.1 General information about SINAMICS Safety Integrated Switch-off signal paths Two independent switch-off signal paths are available. All switch-off signal paths are low active. This ensures that the system is always switched to a safe state if a component fails or in the event of cable breakage.
Page 53: Supported Functions: Hla Module
Safety Functions integrated in the drive 5.1 General information about SINAMICS Safety Integrated The following Safety Integrated Functions are available (SI functions): ● Safety Integrated Basic Functions These functions are part of the standard scope of the drive and can be used without any additional license: –...
Page 54: Parameter, Checksum, Version, Password
Safety Functions integrated in the drive 5.1 General information about SINAMICS Safety Integrated 5.1.4 Parameter, checksum, version, password Properties of Safety Integrated parameters The following applies to Safety Integrated parameters: ● They are kept separate for each monitoring channel. ● At power up, a checksum (Cyclic Redundancy Check, CRC) over the Safety parameters is generated and checked.
Page 55 1. Restore the factory setting of the complete drive unit (Control Unit with all connected drives/ components). 2. Recommission the drive unit and drives 3. Recommission Safety Integrated Or contact your regional Siemens office and ask for the password to be deleted (complete drive project must be made available). Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 56: Forced Checking Procedure
Safety Functions integrated in the drive 5.1 General information about SINAMICS Safety Integrated Parameter overview ● p9761 SI password input ● p9762 SI new password ● p9763 SI password acknowledgment 5.1.5 Forced checking procedure Forced checking procedure and test of the switch-off signal paths The forced checking procedure of the switch-off signal paths is used to detect software/ hardware faults at both monitoring channels in time and is automated by selecting/deselecting the "Safe Torque Off"...
Page 57: Safety Instructions
Safety Functions integrated in the drive 5.2 Safety instructions ● In defined cycles (e.g. every 8 hours). ● In the automatic mode, dependent on time or a specific event Safety instructions Safety notices WARNING System power-up and drive activation after changing or replacing hardware and/or software After hardware and/or software components have been modified or replaced, it is only permissible for the system to run up and the drives to be activated with the protective devices closed.
Page 58: Safe Torque Off (Sto)
Safety Functions integrated in the drive 5.3 Safe Torque Off (STO) WARNING Limited motion If two power transistors in the power unit fail at the same time (one in the upper bridge and one in the lower bridge of the inverter), this can cause brief, limited movement. The maximum movement can be: ●...
Page 59 Safety Functions integrated in the drive 5.3 Safe Torque Off (STO) ● The selection/deselection of the STO function also acknowledges the safety faults when the Basic Functions are used. The standard acknowledgment mechanism must also be performed. ● The signals of the components connected at the terminals (e.g. pushbuttons, switches, ...) can be debounced in order to prevent false tripping due to signal disturbances.
Page 60 Safety Functions integrated in the drive 5.3 Safe Torque Off (STO) Note If Safe Torque Off is selected and deselected again through one channel within the time in p9650, the pulses are canceled but a signal is not output. However, if you want a message to be displayed, then you must reconfigure N01620 as an alarm or fault using p2118 and p2119.
Page 61: Safe Stop 1 (Ss1, Time-Controlled)
Safety Functions integrated in the drive 5.4 Safe Stop 1 (SS1, time-controlled) Parameter overview (see Chapter “Parameter overview (Page 395)”) ● p0799 "CU inputs/outputs, sampling time" ● r9780 "SI monitoring clock cycle (Control Unit)" ● r9880 "SI monitoring clock cycle (Motor Module)" Internal armature short-circuit with the "Safe Torque Off"...
Page 62 Safety Functions integrated in the drive 5.4 Safe Stop 1 (SS1, time-controlled) Note So that the drive is able to travel down the OFF3 ramp completely and any motor holding brake present can be applied before the pulse is switched off, the delay time can be set as follows: ●...
Page 63: Ss1 (Time-Controlled) With External Stop
Safety Functions integrated in the drive 5.4 Safe Stop 1 (SS1, time-controlled) 5.4.2 SS1 (time-controlled) with external stop CAUTION SS1 and controlled shutdown In order to achieve stop Category 1 according to EN 60204-1 using function "SS1 (time- controlled) with external stop (SS1E)", the higher-level control must facilitate a controlled shutdown at the same time.
Page 64: Safe Brake Control (Sbc)
Safety Functions integrated in the drive 5.5 Safe Brake Control (SBC) Safe Brake Control (SBC) Description Safe Brake Control is used to control actuators that function according to the closed-circuit principle (e.g. brake). The command for releasing or applying the brake is transmitted to the Motor Module/Power Module via DRIVE-CLiQ.
Page 65 Safety Functions integrated in the drive 5.5 Safe Brake Control (SBC) Enabling the Safe Brake Control (SBC) function The Safe Brake Control function is enabled using the following parameters: ● p9602 "SI enable Safe Brake Control (Control Unit)" ● p9802 "SI enable Safe Brake Control (Motor Module)" The Safe Brake Control function is only selected if at least one safety monitoring function is enabled (i.e.
Page 66: Control Via Terminals On The Control Unit And The Power Unit
Safety Functions integrated in the drive 5.6 Control via terminals on the Control Unit and the power unit Safe Brake Control for Motor Modules in the chassis format To be able to control the high rating brakes used with devices of this format, an additional Safe Brake Adapter (SBA) module is needed.
Page 67 Safety Functions integrated in the drive 5.6 Control via terminals on the Control Unit and the power unit ● Different terminal strips depending on design ● Automatic ANDing of up to 8 digital inputs (p9620[0...]) on the Control Unit with parallel configuration of power units in chassis format is not possible.
Page 68: Simultaneity And Tolerance Time Of The Two Monitoring Channels
Safety Functions integrated in the drive 5.6 Control via terminals on the Control Unit and the power unit Note The same grouping must be set in both monitoring channels. If a fault in a drive results in a Safe Torque Off (STO), this does not automatically mean that the other drives in the same group also switch to Safe Torque Off (STO).
Page 69: Bit Pattern Test
Safety Functions integrated in the drive 5.6 Control via terminals on the Control Unit and the power unit "Simultaneously" means: The changeover must have been completed in both monitoring channels within the parameterized tolerance time. ● p9650 SI SGE changeover tolerance time (Control Unit) ●...
Page 70: Commissioning The Sto, Sbc And Ss1 Functions
Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions Overview of important parameters (see SINAMICS S120/S150 List Manual) ● p9651 SI STO/SBC/SS1 debounce time (Control Unit) ● p9851 SI STO/SBC/SS1 debounce time (Motor Module) Commissioning the STO, SBC and SS1 functions 5.7.1 General information about commissioning safety functions Note...
Page 71: Sequence When Commissioning Sto, Sbc And Ss1
Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions 3. The terminals for "Safe Torque Off" must be wired. – Control Unit: Digital input DI 0 ... DI 7 (NCU) – Control Unit: Digital input DI 0 ... DI 3 (NX) –...
Page 72 Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions With "Activate drive commissioning", p0010 is set to 95; the required functions can then be enabled and the settings entered (see also following Table, Steps 3 to 9). With "Deactivate drive commissioning"...
Page 73 Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions Parameter Description and comments Enables the Safe Brake Control function p9602 = 1 Enables SBC on the Control Unit p9802 = 1 Enables SBC on the Motor Module ●...
Page 74 Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions Parameter Description and comments Sets the transition time from STOP F to STOP A p9658 = "Val‐ Transition time from STOP F to STOP A on the Control Unit ue"...
Page 75: Safety Faults
Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions Parameter Description and comments p0010 = value Exits the Safety Integrated commissioning mode not equal to 95 ● If at least one safety monitoring function is enabled (p9601 =p9801 ≠ 0), the checksums are checked: If the reference checksum on the Control Unit has not been correctly adapted, then fault F01650 (SI CU: Acceptance test required) is output with fault code 2000 and it is not possible to exit...
Page 76 Safety Functions integrated in the drive 5.7 Commissioning the STO, SBC and SS1 functions Stop re‐ Action Effect Triggered ... sponse STOP A corresponds to stop Category 0 to EN 60204-1. With STOP A, the motor is switched directly to zero torque via the Safe Torque Off (STO) function. A motor at standstill cannot be started again accidentally.
Page 77: Acceptance Test And Acceptance Report
Safety Functions integrated in the drive 5.9 Overview of parameters and function diagrams Description of faults and alarms See also "Safety messages for SINAMICS S120 (Page 692)". Note The faults and alarms for SINAMICS Safety Integrated are described in the following documentation: Reference: /LH1/SINAMICS S120/S150 List Manual Acceptance test and acceptance report...
Page 78: Connecting External Sinamics Drives As Plc/Nc Axes
5.10 Connecting external SINAMICS drives as PLC/NC axes SINUMERIK 840D sl allows both NC controlled as well as PLC controlled axes to be operated. The PLC controlled axes are addressed exclusively via the PLC user program. For implementing the safety functions, for the PLC axes, the Safety Integrated Basic and Extended Functions of the SINAMICS drive family are available.
Page 79 5.10 Connecting external SINAMICS drives as PLC/NC axes For further information on PLC-controlled axes, refer to the Commissioning Guide of SINUMERIK 840D sl. The Safety Integrated Basic and Extended Functions are described in the Function Manual "SINAMICS S120 Safety Integrated" or in the respective function manuals.
Page 80 Safety Functions integrated in the drive 5.10 Connecting external SINAMICS drives as PLC/NC axes Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 81: Basics Regarding The Safety Functions Integrated In The System/Drive
Basics regarding the safety functions integrated in the system/drive Motion monitoring functions with a higher-level control The motion monitoring functions are carried out using a higher-level control. The higher-level control and the drive are the two monitoring channels. Just like the monitoring functions integrated in the drive, also here, each channel must be assigned a switch-off signal path so that when a fault develops, the pulses can be cancelled independently of the other channel.
Page 82: Forced Checking Procedure
Basics regarding the safety functions integrated in the system/drive 6.3 Forced checking procedure The following apply for the axis-specific monitoring functions: In the case of "non-steady-state" data, tolerance values defined using machine data are used by which amount the results of the two channels may deviate from one another without initiating a response (e.g.
Page 83 For Safety Integrated, the forced checking procedure interval is max. 1 year. This involves components from the SINUMERIK 840D sl / SINAMICS S120 system. Possible requirements relating to shorter forced checking procedure intervals of safety-related components (e.g. PROFIsafe I/O modules, sensors such as e.g. Emergency Stop buttons, actuators such as e.g.
Page 84: Actual Value Conditioning
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning Programmable Logic (SPL) is tested to ensure that it is correctly functioning (refer to Chapter "Forced checking procedure of SPL signals (Page 177)"). WARNING Duration of the interval The test interval duration of max.
Page 85 2-encoder system* 2-encoder system* Note: x → encoder connection * A list of the Siemens encoders and motors permissible for Safety Integrated Functions can be obtained from your local SIEMENS contact partner. 1-encoder system For a 1-encoder system, the motor encoder is used for the safety-related actual values of the NC and drive.
Page 86 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning For a 1-encoder system, for all position monitoring functions, the accuracy of the redundant actual value must be assumed to apply. This accuracy depends on the encoder evaluation. For all encoder evaluation functions that can be used with Safety Integrated (SMI, SME, SMC, motor/encoder with DRIVE-CLiQ), a redundant position value is generated and the closed-loop control is made available.
Page 87 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning Figure 6-2 2-encoder system for a feed drive (FD) with connection via 2 Sensor Modules Figure 6-3 2-encoder system for the main spindle, connected via 2 Sensor Modules Note For systems with slip, see Chapter "Actual value synchronization (slip for 2-encoder systems) (Page 96)".
Page 88 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning DRIVE-CLiQ encoder If a DRIVE-CLiQ encoder is connected for the NCK monitoring channel (drive parameter r9527 = 2 or 3), in addition to the parameter field r0979, additional drive parameters that define the redundant coarse position value in more detail must be read-out.
Page 89: Encoder Adjustment, Calibrating The Axes
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning have a direct impact on the accuracy of the safe position monitoring, and are therefore factored into the functional checksum scope $MA_SAFE_ACT_CHECKSUM[0]. Further, if they do not match the associated drive parameters, Alarm 27036 "Axis %1 encoder parameterization MD %2[%3] was adapted"...
Page 90: Axis States
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning machine data. Calibration must always be carried out for position-controlled (closed-loop) axes/ spindles. References: Commissioning Manual, SINUMERIK 840D sl Commissioning CNC: NC, PLC, drive SINUMERIK 840D sl, "Referencing Axis" 6.4.3 Axis states "Axis not referenced"...
Page 91 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning "Axis safely referenced" state In order to reach the axis state "axis safely referenced", the axis state "axis referenced" must have been reached, and either ● the user must acknowledge the actual position using the user agreement (see Chapter "User agreement (Page 92)") ●...
Page 92: User Agreement
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning Figure 6-5 Axis states when referencing 6.4.4 User agreement Description With a user agreement, an appropriately authorized person confirms that the currently displayed SI actual position of an axis corresponds to the actual position at the machine. This can be checked by traversing the axis to a known position (e.g.
Page 93 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning All safety axes are listed in the HMI display "user agreement" for which safe limit positions and/ or safety cams have been activated. The following data are displayed: ●...
Page 94: Selector Gearboxes
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning Interlocking the user agreement Before a user agreement can be issued, the interlock must be cancelled: ● Key-operated switch in setting 3 → the user agreement can be issued After the user agreement has been issued, the interlocking must be again set (e.g.
Page 95: Gearbox With Direction Of Rotation Reversal
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning ● As a result of the gearbox stage changeover, the encoder evaluation for the safety-related actual values change. Ideally, the gearbox stage for Safety Integrated is changed-over at standstill.
Page 96: Actual Value Synchronization (Slip For 2-Encoder Systems)
Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning $MA_SAFE_ENC_IS_GEAR_REVERSAL (gearbox direction of rotation reversal) is available on the NC side for all gearbox stages. If, a value of 1 (TRUE) is entered in MD SAFE_ENC_IS_GEAR_REVERSAL for a gearbox stage, then this results in a direction of rotation reversal of the safety-relevant actual value, and compensates the direction of rotation reversal of the mechanical gearbox.
Page 97 Basics regarding the safety functions integrated in the system/drive 6.4 Actual value conditioning The actual values are synchronized in the crosswise data comparison clock cycle. Actual value synchronization is also performed when a crosswise data comparison of the SI actual position outputs an error.
Page 98: Encoder Limit Frequency
Which safety functions are to be effective can be individually selected for each axis using the following machine data: For 840D sl MD36901 $MA_SAFE_FUNCTION_ENABLE (See Chapter "Machine data for SINUMERIK 840D sl (Page 311)"). For S120 p9501 SI Motion enable safety functions (Control Unit) (See Chapter "Parameters for SINAMICS S120 (Page 394)").
Page 99: Switching The System On/Off
Safety Integrated is used. (automatic firmware update (p7826) must be equal to 1) Case b) is only permissible if this combination has been explicitly approved by the manufacturer. http://support.automation.siemens.com/WW/view/en/28554461 Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 100 Basics regarding the safety functions integrated in the system/drive 6.6 Switching the system on/off WARNING Changes or replacement of hardware and/or software components After hardware and/or software components have been changed or replaced, it is only permissible to run up the system and activate the drives when the protective devices are closed.
Page 101: Safety Functions Integrated In The System/Drive
Safety functions integrated in the system/drive Safe standstill (SH) Note This chapter describes the safety function safe standstill (SH), controlled from the safety- related motion monitoring functions. The function is based on the safety functions STO/SBC of the drive. The safety functions STO, SBC and SS1, integrated in the drive and controlled via the drive terminals, are described in Chapter "Safe Torque Off (STO) (Page 58)".
Page 102 Safety functions integrated in the system/drive 7.1 Safe standstill (SH) WARNING Potentially hazardous motion If the safe standstill function or "STOP A" is activated, then the motor can no longer generate any torque. This is the reason that potentially hazardous motion can occur, e.g. for the following: ●...
Page 103: Switch-Off Signal Paths
Safety functions integrated in the system/drive 7.1 Safe standstill (SH) WARNING Testing the safe standstill function After the machine has been switched on, the safe standstill function must always be tested for all of the axes/spindles by testing the switch-off signal path using Safety Integrated. 7.1.1 Switch-off signal paths The interaction of the safety functions integrated in the drive and the motion monitoring...
Page 104 Safety functions integrated in the system/drive 7.1 Safe standstill (SH) Switch-off signal path of the monitoring channel, drive The motion monitoring function in the CU signals the monitoring function integrated in the drive in the CU that the pulses must be cancelled in the SI monitoring channel integrated in the drive. ●...
Page 105: Testing The Switch-Off Signal Paths
Safety functions integrated in the system/drive 7.1 Safe standstill (SH) If problems are manifested in the form of an unexpected alarm occurrence on the side of the motion control (Alarm 21612 "Enable reset, cause 3 or 4"), then the following measures can be applied in order to improve the response: ●...
Page 106: Safe Operating Stop (Sbh)
Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) Prerequisites for the test stop ● At the start, the pulses must still be enabled; further, it is not permissible that SH is selected at the start. ● For vertical (suspended) axes, the manufacturer must ensure that these are locked (to stop them falling).
Page 107: Selecting/Deselecting The Safe Operating Stop
Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) p9530 SI Motion standstill tolerance (Control Unit) Note The width of the SBH tolerance window should be based on the standstill (zero speed) monitoring limit - and should lie slightly above it. Otherwise, the standard monitoring functions of the control could be ineffective.
Page 108 Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) Note If safely reduced speed was not active prior to the selection of SBH, any moving axis/spindle is stopped with STOP B/A. The actual status of the function is displayed using the SGA "SBH active". The SGEs and SGAs are described in Chapter "Safety-related input/output signals (Page 171)"...
Page 109 Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) Figure 7-3 Timing when SBH is selected from SG Deselecting SBH Safe Operating Stop can be deselected using SGE "SBH/SG deselection" (= "1" signal); this results in a general deactivation of SBH and SG. The SBH function is also deselected when the SG function is selected using the SGE "SBH deselection".
Page 110: Effects When The Limit Is Exceeded For Sbh
Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) 7.2.2 Effects when the limit is exceeded for SBH WARNING Fault situation for SBH If the Safe Operating Stop function is activated, when a fault situation occurs, the axis mechanical system can exhibit jerky, uneven motion.
Page 111 Safety functions integrated in the system/drive 7.2 Safe Operating Stop (SBH) Timing when the limit value is exceeded If the Safe Operating Stop function is active, the timing response when the limit value is exceeded is as follows: Figure 7-4 Timing when the limit value is exceeded for SBH Table 7-1 Explanation of the diagram...
Page 112: Safe Stops A-F
Safety functions integrated in the system/drive 7.3 Safe Stops A-F Time Explanation Time required to stop the axis for a STOP A. Note: Each axis must be measured during commissioning (start-up) to determine the distance that it travels between the limit value being violated and it coming to a standstill.
Page 113 Safety functions integrated in the system/drive 7.3 Safe Stops A-F differentiation is made between the stop responses STOP A, B, C, D, E, F and the test stop. The type of stop response that occurs in the event of a fault/error can either be pre-determined by the system or configured by the machine manufacturer.
Page 114 Safety functions integrated in the system/drive 7.3 Safe Stops A-F STOP Action Effect Initiated in re‐ Transitioned into Acknowledgment sponse to Distinction between cases: a) NC start and traverse in‐ a) -- a) RESET a) Safety function in‐ terlocking active (no SBH, SG, Crosswise data SE and SN active): comparison...
Page 115 Safety functions integrated in the system/drive 7.3 Safe Stops A-F Assignment table for stop responses Table 7-4 Stop responses for SI acc. to E 60204-1 Stop response for SINUMERIK Safety Integrated Stop function acc. to EN 60204-1 STOP A Category 0 STOP B, STOP F Category 1 STOP C, STOP D, STOP E...
Page 116 Safety functions integrated in the system/drive 7.3 Safe Stops A-F The drives can be brought to a standstill in the following ways: ● through pulse cancellation SGE "Deselect ext. STOP A" ● Braking with n = 0 / OFF3 ramp SGE "Deselect ext.
Page 117 Safety functions integrated in the system/drive 7.3 Safe Stops A-F SGE to stop the drive The following SGE are available to stop the drive: Stopping type Priority Deselect ext STOP A (= SH deselec‐ Pulse suppression High tion) Deselect ext. STOP C Braking with n = 0 / OFF3 ramp Deselect ext.
Page 118: Description Of Stop A
Safety functions integrated in the system/drive 7.3 Safe Stops A-F Acknowledging a stop request After requesting a specific stop type via SGE, this sequence can be cancelled by one of the following events: ● Deselecting the stop request ● Selecting a stop request using an SGE with a higher priority ●...
Page 119 Safety functions integrated in the system/drive 7.3 Safe Stops A-F the pulses are cancelled via the internal switch-off signal path of the NCK monitoring channel ● Effect: The drive coasts to a standstill if no external braking mechanism such as an armature short- circuit and/or holding brake is used.
Page 120: Description Of Stop B
Safety functions integrated in the system/drive 7.3 Safe Stops A-F MD36977 $MA_SAFE_EXT_STOP_INPUT[0] is used to define the selection/deselection of the external brake request, in this case, "deselect external STOP A" (SH, pulse cancellation). An external STOP A is also activated if the "Parking axis" function is selected. Deactivating SBH/SG monitoring during external STOP A In order to avoid that an axis, whose the pulses have been canceled, violates a limit value as a result of SBH or SG monitoring, users can use the "Deactivate SBH/SG monitoring during...
Page 121 Safety functions integrated in the system/drive 7.3 Safe Stops A-F The shutdown speed for the pulse cancellation is generally reached faster than the delay time for the pulse cancellation. ● Effect: The drive is braked along the OFF3 ramp under closed-loop speed control and brought to a safe standstill.
Page 122: Description Of Stop C
● Alarm message for an internally initiated STOP C: The alarm message "STOP C triggered" is output (refer to Chapter "NCK safety alarms for SINUMERIK 840D sl (Page 595)"). ● Acknowledgment for an internally initiated STOP C: An unintentional restart is prevented for a STOP C. The error can be acknowledged using the NC-RESET key.
Page 123: Braking Response For Stop B/C
Safety functions integrated in the system/drive 7.3 Safe Stops A-F SGE deselect external STOP C If a stop request is active, SGA "STOP C is active" is set in the same way as it would be for an internally initiated STOP C. MD36977 $MA_SAFE_EXT_STOP_INPUT[1] is used to define the selection/deselection of the external braking request;...
Page 124 Safety functions integrated in the system/drive 7.3 Safe Stops A-F $MA_SAFE_STOP_SWITCH_TIME_D. The SBH function is automatically activated after the timer expires. ● Effect: The drive is braked in a group - including simultaneous axes - along the set traversing path. For axes, the acceleration characteristic is defined so that the axes stop within the time saved in MD36953 $MA_SAFE_STOP_SWITCH_TIME_D.
Page 125: Description Of Stop E
Safety functions integrated in the system/drive 7.3 Safe Stops A-F Alternative MD Program command MAX_AX_ACCEL MAX_AX_ACCEL MAX_AX_JERK JOG_AND_POS_MAX_JERK JERKLIM Comment regarding INCH-METRIC switchover: The calculated value should be rounded off to one decimal place so that for an INCH- METRIC switchover, internal rounding effects can be compensated and no undesirable alarms are initiated.
Page 126 Safety functions integrated in the system/drive 7.3 Safe Stops A-F An ESR is requested by the control monitoring channel. In parallel, the timer in MD36954 $MA_SAFE_STOP_SWITCH_TIME_E is started. The SBH function is automatically activated after the timer expires. ● Effect: The extended stop and retract that has been configured is also started.
Page 127: Description Of Stop F
Safety functions integrated in the system/drive 7.3 Safe Stops A-F An external STOP E can also be initiated in the drive monitoring channel from the PLC-SPL CDC - or the PROFIsafe/FSEND-FRECV communication interface on the PLC side. Note STOP E only produces a different response than STOP D if the user has configured the ESR function - extended stop and retract - and initiation of the ESR is programmed depending on $VA_STOPSI or $A_STOPESI.
Page 128 The significance of the error code is provided in Chapter "NCK safety alarms for SINUMERIK 840D sl (Page 595)" under Alarm 27001 "Defect in a monitoring channel". A delay time before STOP B is initiated can be parameterized using MD36955 $MA_SAFE_STOP_SWITCH_TIME_F.
Page 129 Safety functions integrated in the system/drive 7.3 Safe Stops A-F Note A delay time between STOP F and STOP B should only be set, if, during this time, an alternative response is initiated by evaluating the system variables $VA_XFAULTSI and $A_XFAULTSI. Further, when using the delay time, a monitoring function should always be active - also in the automatic mode (e.g.
Page 130 Safety functions integrated in the system/drive 7.3 Safe Stops A-F Figure 7-7 Velocity characteristic of an SI axis when stopping with STOP F The following actions take place at the following instants in time: STOP F occurs, ESR is started 500 ms after t1, braking starts along the parameterized ramp STOP B is initiated 2.5 s after t1.
Page 131: Forced Checking Procedure Of The External Stops
Safety functions integrated in the system/drive 7.3 Safe Stops A-F 500 ms after t2, braking starts along the parameterized ramp STOP B is initiated 2.5 s after t2. The axis is already stationary at this time, which means that the pulses can be immediately cancelled. Example 3 for STOP F with interruption by STOP D A retraction axis is shown in the following diagram.
Page 132: Canceling Stopping Delay Times
Safety functions integrated in the system/drive 7.3 Safe Stops A-F Figure 7-10 Sequence of the test stop for external STOPs. Example: External STOPs A, B, C, D, E are used Which SGE/SGA are required for the test stop of external STOPs? The following SGE/SGA can be used to perform the test stop for external STOPs: NCK monitoring channel NCK-SGE ”Deselect ext.
Page 133 Safety functions integrated in the system/drive 7.3 Safe Stops A-F range. Otherwise, for the subsequent switchover to a Safe Operating Stop, the SBH limits could be exceeded, which in turn would initiate a STOP B/A response. This situation can then only by acknowledged by a restarting again.
Page 134: Safe Acceleration Monitor
Safety functions integrated in the system/drive 7.4 Safe Acceleration Monitor Safe Acceleration Monitor Description Using this function, the effectiveness of braking, initiated using stop responses B and C, along the current limit/OFF3 ramp is checked through two channels. Functional features The most important functional features include: ●...
Page 135 Safety functions integrated in the system/drive 7.4 Safe Acceleration Monitor Figure 7-11 Characteristic of the SBR tolerance of the actual speed Calculating the SBR tolerance of the actual speed The following applies when parameterizing the SBR tolerance: The possible speed increase after initiating a STOP B/C is obtained from the effective acceleration a and the duration of the acceleration phase.
Page 136 Safety functions integrated in the system/drive 7.4 Safe Acceleration Monitor Figure 7-12 Timing when the actual stop limit value for SBR is exceeded Table 7-5 Explanation of the diagram Time Explanation Position control clock cycle, defined by the following MD: MD10050 $MN_SYSCLOCK_CYCLE_TIME MD10060 $MN_POSCTRL_SYSCLOCK_TIME_RATIO Monitoring clock cycle, defined by the following MD:...
Page 137: Safely Reduced Speed (Sg)
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) WARNING Potentially hazardous motion If the safe standstill function or "STOP A" is activated, then the motor can no longer generate any torque. This is the reason that potentially hazardous motion can occur, e.g. for the following: ●...
Page 138: Speed Monitoring, Encoder Limit Frequency
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) Functional features The features of the SG function are as follows: ● Load-side speed limit values are safely monitored ● Monitoring limit values are adapted to various operating states (e.g. test, setting-up, automatic modes) ●...
Page 139: Selecting/Deselecting Safely Reduced Speed
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) Encoder frequency limit The encoder limit frequency is 500 kHz. When the encoder limit frequency in SG is exceeded, the SG-specific parameterized stop is initiated. Note Monitoring against a limit frequency of 500 kHz is not performed for DRIVE-CLiQ encoders. 7.5.2 Selecting/deselecting safely reduced speed Selecting SG...
Page 140 Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) The required speed limit is selected as follows by combining the following SGEs: SG selection SG selection Meaning bit 1 bit 0 Speed limit value for SG1 active Speed limit value active for SG2 Speed limit value for SG3 active Speed limit value active for SG4 Note:...
Page 141: Effects When The Limit Value Is Exceeded For Sg
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) Figure 7-13 Timing when changing-over from a higher to a lower speed limit. Deselecting SG The SG function can be deselected at any speed by activating the SGE "SBH/SG deselection". WARNING Delay time The delay time must be selected as a function of the distance to the hazardous location.
Page 142 Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) For SINAMICS S120: p9561 SI Motion SLS (SG) stop response (Control Unit) p9563[0...3] SI Motion SLS (SG)-specific stop response (Control Unit) Note ● An alarm is displayed (for 840D sl: 27011, for SINAMICS S120: F01714). After the cause of the fault has been removed, the alarm can be acknowledged with RESET.
Page 143 Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) Table 7-6 Explanation of the diagram Time Explanation The position control clock cycle, defined by the following MDs: MD10050 $MN_SYSCLOCK_CYCLE_TIME MD10060 $MN_POSCTRL_SYSCLOCK_TIME_RATIO Monitoring clock cycle, defined by the following MD: for 840D sl MD10090 $MN_SAFETY_SYSCLOCK_TIME_RATIO for SINAMICS S120:...
Page 144: Override For Safely Reduced Speed
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) For SINAMICS S120: p9563[0...3] SI Motion SLS(SG)-specific stop response (Control Unit) 7.5.4 Override for safely reduced speed General 16 SG override stages for the limit values of safely reduced speeds 2 and 4 can be entered using SGEs.
Page 145 Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) Changing over an SG override SG override values are changed over subject to the same conditions as those that apply to speed limit values. Changeover Description From lower to Instantaneous higher From higher...
Page 146 Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) SG se‐ SG se‐ SG override SG override SG override SG override Meaning lection, lection, selection, bit selection, selection, bit 1 selection, bit bit 1 bit 0 bit 2 Speed limit value for SG4 active with override stage 0 As above...
Page 147: Example: Override For Safely Reduced Speed
Safety functions integrated in the system/drive 7.5 Safely reduced speed (SG) 7.5.5 Example: Override for safely reduced speed Task When safely reduced speeds are selected, the speed limit values must be set as follows. Table 7-7 Application example of how override is used for safely reduced speed SGE override selec‐...
Page 148: Safe Speed Range Detection "N
Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" Defining machine data Table 7-8 Supplying the machine data for the velocity limit values For 840D sl For SINAMICS S120 Limit value MD number Value Parameter No. Value 36931[0] 1000 p9531[0]...

Page 149: Basic Function "N
Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" the appropriate stop response initiated when the velocity deviation between the two monitoring channels is so large that this tolerance is exceeded (this corresponds to the behavior for the crosswise monitoring of the results to compare the actual position with the output cam positions).

Page 150: Function "Synchronization, Hysteresis And Filtering N
Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" Response time and error responses Typical response time for n<n 1 interpolation clock cycle + 2 monitoring clock cycles Maximum response times: 1 position controller clock cycle + 5.5 monitoring clock cycles + 2 interpolation clock cycles + 3 PLC cycles WARNING n<n...

Page 151 Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" Figure 7-16 n<nx value range with synchronization and hysteresis CDC tolerance As tolerance in the crosswise data comparison for the extended n functionality, machine data $MA_SAFE_POS_TOL is not used, but instead for 840D sl: MD36947 $MA_SAFE_VELO_X_HYSTERESIS for SINAMICS S120:...
Page 152 Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" The machine data $MA_SAFE_VELO_X_HYSTERESIS is subject to a crosswise data comparison. Hysteresis Similarly, the new MD36947 $MA_SAFE_VELO_X_HYSTERESIS is used to determine the magnitude of the hysteresis. As a result of the hysteresis, the switching point of the SGA "n<n "...
Page 153 Safety functions integrated in the system/drive 7.6 Safe speed range detection "n<nx" The smoothed, safe actual value of the NCK is also available in the servo trace. Note By parameterizing a filter time not equal to 0, the reaction time of the SGA "n<n "...
Page 154: Safe Software Limit Switches (Se)
Safety functions integrated in the system/drive 7.7 Safe software limit switches (SE) Safe software limit switches (SE) Note The function "safe software limit switches" (SE) is also known as "safe limit positions". Description The "safe software limit switches" function (SE) can be used to implement protective functions for operating personnel and machinery or working zone/protection zone delimination on an axis-for-axis basis.
Page 155: Effects When An Se Responds
Safety functions integrated in the system/drive 7.7 Safe software limit switches (SE) Preconditions The following prerequisites must be fulfilled for the "safe software limit switches" function: ● The "safe software limit switches" function must be enabled ● The axis/axes must have been safely referenced (user agreement) ●...
Page 156 Safety functions integrated in the system/drive 7.7 Safe software limit switches (SE) Effect ● The configured stop response is initiated ● The relevant alarm is displayed Acknowledging and retracting 1. Withdraw the user agreement (SE is no longer active) or changeover to another SE. 2.
Page 157: Safety Software Cams And Safety Cam Track (Sn)
Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Time Explanation Time until the configured stop response becomes effective typical 1.5 monitoring clock cycles, maximum 2 monitoring clock cycles + 1 position controller clock cycle) Time until the stop response that was initiated actually starts typical 2 position controller clock cycles, maximum 2 position controller clock cycles STOP C:...
Page 158 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Tolerance for SN Owing to variations in the clock cycle and signal run times (signal propagation times), the cam signals of the two monitoring channels do not switch simultaneously and not precisely at the same position.
Page 159: Safe Software Cams (4 Cam Pairs)
Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) 7.8.1 Safe software cams (4 cam pairs) Note For more than four cam pairs, then the "Safe Cam Track" function must be used (see Chapter "Safe Cam Track (Page 162)").
Page 160 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Synchronizing cam signals As a result of system-related actual value differences, the cam signals of the monitoring channels can have different states. In order to prevent this, the cam synchronization can be activated.
Page 161 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Safe software cams for endlessly turning rotary axes For rotary axes with cams, the modulo range (cam actual value range) can be set using the following machine data/parameters: for 840D sl: MD36902 $MA_SAFE_IS_ROT_AX...
Page 162: Safe Cam Track
Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) MD36936 $MA_SAFE_CAM_POS_PLUS[n] for 840D sl p9536 SI Motion SCA (SN) plus cam position (Control Unit) for SINAMICS S120 MD36937 $MA_SAFE_CAM_POS_MINUS[n] for 840D sl p9537 SI Motion SCA (SN) minus cam position (Control Unit) for SINAMICS S120 When booting, the parameterization (parameter assignments) are checked in each monitoring channel.
Page 163 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) ● The modulo function is not supported. If the "Safe Cam Track" function is enabled and a value > 0 entered in the MD36905 $MA_SAFE_MODULO_RANGE / p9505 SI Motion SCA (SN) modulo value (Control Unit), then Alarm 27033 "Axis %1 parameterization of the MD $MA_SAFE_REFP_STATUS_OUTPUT[0] invalid"...
Page 164 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) The "hundreds" position defines which cam track is assigned to the cams. The "tens" and "ones" positions contain the numerical value that is signaled to the SPL as SGA "cam range".
Page 165 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Parameterization example for SGA "cam track" and "cam range" Figure 7-20 SGA "cam track" and "cam range" Note The traversing range for rotary axes must lie within ± 2048 revolutions. This corresponds to the value range of the safety-related actual value.
Page 166 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Parameterizing the cam range assignment (all cams that have been enabled are assigned to cam track 2) ● $MA_SAFE_CAM_TRACK_ASSIGN[0] = 201 (cam SN1 is assigned cam range 1) ●...
Page 167 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) The specified machine data follow the generally valid rules when assigning the safety-related inputs/outputs. WARNING Cam range as supplementary information for the cam track In the case of a fault, SGAs can assume a value of "0" (e.g. as a result of the cam synchronization between monitoring channels, loss of the safety-related referencing etc.).
Page 168 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Synchronization The synchronization of the cam SGA is carried out between the NCK and PLC. Both the SGA "cam track" as well as the SGA "cam range" must be synchronized. The SGA "cam track"...
Page 169 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Figure 7-22 SGA "cam track" and "cam range" Explanation ● Cam SN2 is assigned to track 2 by parameterizing cam range 3: ($MA_SAFE_CAM_TRACK_ASSIGN[1] = 203). If the axis is at cam SN2, SGA "cam range bit [3]"...
Page 170 Safety functions integrated in the system/drive 7.8 Safety software cams and safety cam track (SN) Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 171: Connecting Sensors And Actuators
Connecting sensors and actuators Safety-related input/output signals 8.1.1 Overview of the SGEs/SGAs and their structure Description The safety-related input and output signals (SGEs and SGAs) are the interface of the internal Safety Integrated functionality to the process. SGE signals (safety-related input signals) control the active monitoring by deselecting or selecting the safety functions.
Page 172 Connecting sensors and actuators 8.1 Safety-related input/output signals Processing I/O signals for the NC and drive through two channels A dual-channel structure is available for input/output and for processing safety-related input/ output signals (see the following diagram). All of the requests and feedback signals for safety- related functions should be entered or retrieved through both monitoring channels (two- channel structure).
Page 173 Connecting sensors and actuators 8.1 Safety-related input/output signals Crosswise data comparison is implemented between the monitoring channels that operate independently of one another. If there is inequality, then a STOP F is initiated (CDC between the drive and NCK). A STOP D/E is triggered for an SPL-CDC error. SGE/SGA are set into the safe state if an error is detected by the communication CDC.
Page 174 Connecting sensors and actuators 8.1 Safety-related input/output signals What SGE/SGA are there? For each axis/spindle, the following SGE and SGA are in each monitoring channel: Figure 8-2 SGE and SGA in every monitoring channel for each axis/spindle Note The SGE/SGA signals are described in Chapter "Description of the interface signal (Page 477)".
Page 175 Connecting sensors and actuators 8.1 Safety-related input/output signals NCK-SGE/SGA The signals are assigned to the NCK-SPL inputs/outputs using machine data. Note Only the NCK-SGE are assigned to an NCK-SPL output that are also required for the particular application. For axes, where for example, the gear ratio does not change, the NCK-SGE "ratio selection bit 2 to 0"...
Page 176 Connecting sensors and actuators 8.1 Safety-related input/output signals Function Minimum SGEs required Minimum SGAs required Safely reduced speed (SG) SBH/SG deselection SBH/SG active SBH deselection Status, pulses cancelled (drive) SG selection, bit 1 (only for SG changeover) STOP A/B, C, D, E active (only if re‐ quired) SG selection, bit 0 (only for SG changeover) active SG stage, bits 0, 1 (only if re‐...
Page 177: Forced Checking Procedure Of Spl Signals
Connecting sensors and actuators 8.1 Safety-related input/output signals 8.1.2 Forced checking procedure of SPL signals Fundamentals Safety-related input/output signals including the connecting cables to the I/O (peripherals) and the sensors and actuators connected to them must always be subject to a forced-checking procedure (see Chapter "Forced checking procedure (Page 82)").
Page 178 Connecting sensors and actuators 8.1 Safety-related input/output signals Trigger/test The timer or event controlled triggering of the forced checking procedure is activated in one channel by the PLC. If errors are detected, the PLC user program should respond by initiating an external "STOP D/E"...
Page 179: Connecting Sensors - Actuators Using The 3-Terminal Concept
Connecting sensors and actuators 8.1 Safety-related input/output signals 8.1.3 Connecting sensors - actuators using the 3-terminal concept Basic principle for safety-related signal processing With the 3-terminal concept, three terminals (signals) are required to connect a sensor or actuator. Faults in the sensors and actuators can be detected in conjunction with the SPL-CDC and forced checking procedure - or the forced checking as a result of the process itself.
Page 180 Connecting sensors and actuators 8.1 Safety-related input/output signals Figure 8-3 Cascaded shutdown using failsafe outputs In other cases a second actuator must be connected in series in the load circuit (see the following diagram). In conjunction with the safety-related control of a brake, no feedback signal is available. The brake test will identify as to whether the actuator is correctly functioning from a mechanical perspective.
Page 181: Sensor Connection Using The 4-Terminal Concept
Connecting sensors and actuators 8.1 Safety-related input/output signals Example of connecting a sensor 2 safety-related inputs (to read-in through 2 channels via SGE) and 1 standard test output (for the forced checking procedure) are required to connect a sensor in a failsafe fashion. The test output is fed from the power supply voltage of the safety input module.
Page 182 Connecting sensors and actuators 8.1 Safety-related input/output signals Example 2 inputs (to read-in the 2-channel sensor signals via SGE) and 2 standard test outputs (for the forced checking procedure) are required for connecting a sensor in a failsafe fashion. The test outputs are supplied from the two power supply voltages (VS1, VS2) of the safety input module.
Page 183: Multiple Distribution And Multiple Interlocking
Connecting sensors and actuators 8.1 Safety-related input/output signals 8.1.5 Multiple distribution and multiple interlocking Interlocking functions between the SGE/SGA are implemented in the NCK channel in the NCK- SPL. However, in order to relieve the NCK-SPL, it is also possible to pre-process signals between the NCK-SPL and NCK monitoring channel using the "multiple distribution"...
Page 184: Connecting I/O Via Profisafe
8.2.1 Function description The failsafe master (F-master) integrated in SINUMERIK 840D sl in conjunction with failsafe I/O modules (F-modules), permits failsafe communication as specified according to the PROFIsafe profile both on PROFIBUS DP as well as on PROFINET IO (PROFIsafe communication).
Page 185 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Figure 8-9 SI I/O using failsafe modules connected to PROFIBUS DP PROFIsafe PROFIsafe is a communication profile for failsafe data transfer between failsafe components based on the field buses PROFIBUS and PROFINET. This represents an extension to the standard communication.
Page 186: System Structure
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe 8.2.2 System structure Figure 8-10 System structure of the SI I/O using F-modules connected to PROFIBUS DP Just like Safety Integrated, the PROFIsafe system structure also has a 2-channel diverse system design based on the PLC and NCK-PROFIsafe layer. PROFIsafe communication The principle of PROFIsafe communications between SINUMERIK 840D and the F-modules is explained in detail below.
Page 187: Configuring And Parameterizing The Profisafe I/O
Configuring and parameterizing the PROFIsafe I/O The configuration of the PROFIBUS/PROFINET I/O connections on the PLC side of a SINUMERIK 840D sl is defined using the Step7 component HW Config. There are two options: ● Integrating Siemens failsafe devices via the hardware catalog ●...
Page 188 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe configuring and parameterizing PROFIsafe components from Siemens is provided in the SIMATIC Manuals: References: ● ET 200S Distributed I/O System, Operating Instructions (http://support.automation.siemens.com/WW/view/de/1144348) ● ET 200S Distributed I/O System Failsafe Modules, Installation and Operation Manual (http://support.automation.siemens.com/WW/view/de/27235629)
Page 189 For ET 200SP, 65534 PROFIsafe target addresses can be assigned. * A network comprises one or several subnets. "Throughout the network" means beyond subnet limits. ** "Station-wide" means for a station with HW configuration (e.g. a Sinumerik 840D sl). Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 190 HW Config – must be saved in the F-master. To do this, the PROFIsafe address of the F-master must be converted from decimal into hexadecimal and entered into the machine data of SINUMERIK 840D sl (see Chapter "Parameterizing the F-master (PLC) (Page 205)").
Page 191 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe F-parameters: F-monitoring time The F-monitoring time defines the maximum time that is tolerated when a PROFIsafe component is waiting for a new F-telegram from its communication partner. Note If the F-monitoring time is configured to be shorter than the PROFIsafe monitoring clock cycle set using the appropriate machine data, when the control runs-up an alarm is displayed: Alarm 27242 ”PROFIsafe: F-module %1, %2 faulty Parameters: DO/DI channel x...
Page 192 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Figure 8-12 2f2/1f1 mapping of the F-DI channels to SPL input data Note If mixed 2f2 and 1f1 parameterization is used in an F-DI module, this can reduce the number of SPL input data $A_INSE/INSEP that can be used. This is the reason that we recommend that 1f1 is first parameterized followed by 2f2.
Page 193: Parameterizing The F-Master (Nck)
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe DP cycle time After the station has been fully configured, the DP cycle time can be determined by activating the equidistant (isochronous) bus cycle: Open the properties dialog box of PROFIBUS DP master of the configured station in HW Config: Dialog: Properties –...
Page 194: Parameterizing The Profisafe Communication (Nck)
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe See Chapter "Parameterizing the PROFIsafe communication (NCK) (Page 194)" ● SPL-SGE/SGA interface – PROFIsafe address of the PROFIsafe component – F-net data filter – SGE/SGA assignment SPL-SGE interface: see “parameterizing the SPL-SGE interface (Page 196)” SPL-SGA interface: see “Parameterizing the SPL-SGA interface (Page 201)”...
Page 195 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe In order to reduce the possible resulting computational load, machine data ● MD10098 $MN_PROFISAFE_IPO_TIME_RATIO (factor, PROFIsafe communications clock cycle) can be used to modify the ratio between the PROFIsafe and interpolation clock cycle. To achieve a sufficiently fast response time for PROFIsafe communication, the PROFIsafe cycle time must not be set to longer than 25 ms.
Page 196: Parameterizing The Spl-Sge Interface
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe If the PROFIsafe clock cycle is continuously exceeded and just not sporadically, then the following alarm is displayed: ● Alarm: 27256 "PROFIsafe actual cycle time %1 [ms] > parameterized cycle time" Distribution of the computational load on the NCK side MD10095 $MN_ SAFE_MODE_MASK, bit 3 lists an operating mode with which the computational load can be distributed using the PROFIsafe driver to the IPO clock cycles, the...
Page 197 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe it is possible to save symbolic names such as these. This name is used in the following situations: ● Alarms: If a symbolic name for a PROFIsafe connection has been saved in the MD mentioned, then this is displayed instead of the PROFIsafe address.
Page 198 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe The machine data is used to assign the F-DI module to the F-master: ● MD10386 $MN_PROFISAFE_IN_ADDRESS[0...47] (PROFIsafe address of the F-DI module) Input format: 0s 0x aaaa s: Bus segment Value range: 5 = I/O connection on the PLC side x: Sub-slot address Value range: 0...2 x = 0 addresses the F-net data signals 1...32...
Page 199 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe is possible and also makes sense. Note All machine data to connect an F-DI module to the SPL-SGE are associated with one another through the common index of the machine data: ●...
Page 200 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Figure 8-15 Filtering the F-net data signals in the input direction SPL-SGE assignment With this assignment, it is defined in which SPL-SGE ($A_INSE/$A_INSEP) the seamless (without gaps) F-net data selected using the F-net data filter are transferred. The assignment is made using machine data: ●...
Page 201: Parameterizing The Spl-Sga Interface
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Figure 8-16 Transfer: filtered F-net data signals in SPL-SGE 8.2.7 Parameterizing the SPL-SGA interface Note The following examples show the parameterization of the SPL-SGA interface based on the following specifications: F-DO module F-address: 256 = 100H F-net data length: 6 bytes Machine data...
Page 202 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe The machine data is used to assign the F-DO module to the F-master: ● MD10387: $MN_PROFISAFE_OUT_ADDRESS[0...47] (PROFIsafe address of the F-DI module) Input format: 0s 0x aaaa s: Bus segment Value range: 5 = PLC-side I/O connection x: Sub-slot address Value range: 0...2 x = 0 addresses the F-net data signals 1...32...
Page 203 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe is possible and also makes sense. Note All machine data to connect an F-DO module to the SPL-SGA are associated with one another through the common index of the machine data: ●...
Page 204: Module Type (Nck)
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe SPL-SGA assignment The assignment defines which SPL-SGA ($A_OUTSE/$A_OUTSEP) are transferred in the F- net data of the F-DO module. The SPL-SGA can only be specified as a field of output signals without any gaps (consecutive field of output signals).
Page 205: Parameterizing The F-Master (Plc)
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Dependent on this, the PROFIsafe component is identified as either input, output or bidirectional I/O module. Table 8-1 PROFIsafe component module types ..._IN_ADDRESS ..._OUT_ADDRESS Type F-address Input module F-address Output module F-address F-address Input/output module...
Page 206: Response Times
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe END_STRUCT; 8.2.10 Response times The response times listed here refer exclusively to the internal processing of the signals by the F-master. The following apply: ● T(FDI → DB18) or T(FDI→ SPL-INSE) The transfer time from the input area of the F-DI module to the input interface of the PLC- SPL or NCK-SPL ●...
Page 207 Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe PLC processing times Time: T(FDI → DB18) Formula 2 * PST + 1 * OB1 Maximum times 2 * 50 ms + 1 * 150 ms 250 ms Typical times 2 * 16 ms + 1 * 30 ms 62 ms Time: T(DB18 →...
Page 208: Functionality Of The Spl Input/Output Data
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Formula 2 * PST + PST + 0...m * IPO + OB40_INT Maximum times 100 ms +25 ms + 50 ms + 50 ms 225 ms Typical times 2 * 18 ms + 18 ms + 2 ms 56 ms with: PST: PROFIsafe clock cycle PST = n * IPO;...
Page 209: Functional Secondary Conditions
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe Three SPL output data are considered to be contiguous. The value is changed from 101 to 110 in both SPL programs (NCK-SPL and PLC-SPL). Values transferred in the PROFIsafe telegram: NCK- PLC-SPL PROFIsafe telegram Output value...
Page 210: Profisafe Communication Response When System Errors Occur
Connecting sensors and actuators 8.2 Connecting I/O via PROFIsafe PROFIsafe components As far as the PROFIsafe components that can be operated with a SINUMERIK 840D sl, the following limitations apply: ● PROFIsafe components with dynamic i parameters are not supported.
Page 211: Modular Profisafe I/O Interface
Connecting sensors and actuators 8.3 Modular PROFIsafe I/O interface PROFIsafe drivers of type F-DI or F-DI/DO F-modules that have stopped output failsafe values (0) as F-net data in the direction of SPL. Behavior regarding PROFIsafe slave: Stopped PROFIsafe drivers no longer generate F-telegrams. At the latest after the configured timeout time, the F-modules (PROFIsafe slaves) identify the failure of the PROFIsafe communication and go into the safe state corresponding to the specifications of the PROFIsafe profile.
Page 212 Connecting sensors and actuators 8.3 Modular PROFIsafe I/O interface ● $MN_PROFISAFE_IN_SUBS[n] (see substitute values) ● $MN_PROFISAFE_IN_NAME[n] Substitute values If, within the scope of a specific machine configuration, the corresponding PROFIsafe module for a slot is not connected, static substitute values can be parameterized to supply the associated SPL inputs ($A_INSE).
Page 213 Connecting sensors and actuators 8.3 Modular PROFIsafe I/O interface The following table shows the interrelationship between the machine data and the slot mode obtained from this. PROFISAFE_IN_ENABLE_MASK[m], PROFISAFE_IN_SUBS_ENAB_MASK[m], Slot mode Bit n Bit n Active Passive Inactive SPL assignment for passive slots active slots, where the F-net data of the associated PROFIsafe input module is transferred into the SPL inputs, the SPL input areas assigned via MD $MN_PROFISAFE_IN_ASSIGN must not overlap.
Page 214: Profisafe Output Modules
Connecting sensors and actuators 8.3 Modular PROFIsafe I/O interface 8.3.2 PROFIsafe output modules Activating a machine data set or a slot A machine data set or slot for PROFIsafe communication and SPL interface of a PROFIsafe output module are activated using: MD13303 $MN_PROFISAFE_OUT_ENABLE_MASK[m], bit x = 1 The machine data set of a slot includes machine data: ●...
Page 215: Safety-Related Cpu-Cpu Communication (F_Dp Communication)
F-CPUs. Data transfer is realized using the F_SENDDP blocks to send and F_RECVDP blocks to receive. The options as to how a SINUMERIK 840D sl with F_DP communication can be integrated is shown in the following diagram.
Page 216 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) With SINUMERIK 840D sl, a maximum of sixteen safety-relevant send connections and sixteen safety-relevant receive connections can be configured for each NCU (option "SI Connect"). Note The diagram is an example - for I Device, the PN/PN coupler can be eliminated.
Page 217 SIMATIC: ● 6 bytes F-net data 2 bytes Bool 2x2 bytes for 2 INT values (Notice: is not evaluated for SINUMERIK 840D sl) ● 2 byte status word ● 2 byte sequence number ● 2 byte CRC...
Page 218: Configuring And Parameterizing The F_Dp Communication
The start addresses (logical basis addresses) of the input and output ranges of the F_DP communication at the I/O bus lines of a SINUMERIK 840D sl on the PLC side are defined when configuring the hardware using SIMATIC Step7 HW Config.
Page 219 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) http://support.automation.siemens.com/WW/view/en/23641045/133300 Note In order to couple the NCUs with one another, both NCUs must be configured in a Step7 project. Step 1: Set the interface type The properties of the interface are accessed by double clicking on interface X136. The interface type must be set to "PROFIBUS"...
Page 220 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Figure 8-23 DP slave properties The window to parameterize the logical basis addresses is opened by selecting "New ...". The mode (F-master-slave send F-MS-S or F-master-slave receive F-MS-R) and the addresses (LADDR) of the connection can now be set in this window.
Page 221: Sender F_Senddp
MD13334/13344 $MN_SAFE_SDP/RDP_LADDR. 8.4.2 Sender F_SENDDP In order to send SPL output data ($A_OUTSE) from one SINUMERIK 840D sl to another F- CPU using F_DP communication, an SPL connection must be parameterized. An SPL connection comprises the following: ● F_DP communication relationship...
Page 222 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) For the case that 16 SPL connections are parameterized, for each SPL connection, there is only one SPL coupling available. The following value range for system variables and machine data is obtained from this: ●...
Page 223 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Parameterizing data The parameterizing data set of an SPL connection involves the following values: ● Identifier: DP_DP_ID: MD13331 $MN_SAFE_SDP_ID Name: MD13332 $MN_SAFE_SDP_NAME ● Connection number: MD13333 $MN_SAFE_SDP_CONNECTION_NR # ● Communication parameters: I/O start address: MD13334 $MN_SAFE_SDP_LADDR # Monitoring time: MD13335 $MN_SAFE_SDP_TIMEOUT # ●...
Page 224 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) ● Net data parameters SPL outputs used: $A_OUTSE[1...4] Filter data: 1111H SPL outputs used: $A_OUTSE[33...36] Filter data: 8888H ● Error response: 0 The following parameterizing data sets are obtained: 1. SPL connection (sub-slot 1) $MN_SAFE_SDP_ID[0] = 2000 $MN_SAFE_SDP_NAME[0] = WZM1 $MN_SAFE_SDP_CONNECTION_NR[0] = 1...
Page 225 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) data index. All other data sets of an SPL connection are not evaluated with reference to connection names. This MD is not incorporated in the checksum calculation; i.e. it can also be changed without aligning the checksum.
Page 226 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) MD13336 $MN_SAFE_SDP_ASSIGN: SPL assignment For the SPL assignment, the SPL outputs ($A_OUTSE) are selected, which are assigned to the F-net data signals via the F-net data filter. Only a contiguous area can be selected. The SPL assignment is set using MD $MN_SAFE_SDP_ASSIGN[0...m].
Page 227 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) The monitoring time is set using MD $MN_SAFE_SDP_TIMEOUT[0...m]. When the monitoring time is exceeded, then depending on the system variables $A_FSDP_ERR_REAC, the selected alarm responses are initiated: Alarm 27350 “F_DP: %1 communication, DP_DP_ID = 52 signals error %3" and Alarm 27351 "F_DP: %1 communication, DP_DP_ID = 52 signals error %3".
Page 228 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Input data ● $A_FSDP_ERR_REAC[1...n] Output data ● $A_FSDP_ERROR[1...n] ● $A_FSDP_SUBS_ON[1...n] ● $A_FSDP_DIAG[1...n] The connection number is set using MD $MN_SAFE_SDP_CONNECTION_NR. Example The parameterizing data set x set should be assigned to the 2nd SPL connection. $MN_SAFE_SDP_CONNECTION_NR[x] = 2 This means, that as user interface, SPL connection x uses the above mentioned system variables with index 2, e.g.: $A_FSDP_ERROR[2]...
Page 229 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Supplementary conditions 1. For a communication error, the following system variables are always set independent of the error response set using the system variable $A_FSDP_ERR_REAC: $A_FSDP_ERROR = 1 $A_FSDP_SUBS_ON = 1 2.
Page 230: Receiver F_Recvdp
FSDP[1...3].RETVAL14 or FSDP_HF[4..16].RETVAL14 FSDP[1...3].RETVAL15 or FSDP_HF[4..16].RETVAL15 8.4.3 Receiver F_RECVDP In order to transfer SPL output data from an F-CPU to a SINUMERIK 840D sl using F-DP communication, an SPL connection must be parameterized. This connection comprises the following: ● F_DP communication relationship...
Page 231 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) SPL connection, are not contiguous, then several SPL connections must be parameterized in the parameterizing sets. These SPL connections are designated using identical F_DP communication relationships and connection numbers, but different SPL couplings. The one SPL connection with several SPL couplings is designated as sub-slots parameterization of within the framework of PROFIsafe (see Chapter "parameterizing the SPL-SGE interface...
Page 232 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Interface overview Figure 8-29 Interface overview F_RECVDP Activation data Every parameterizing data set can be separately activated using the activation data. Parameterizing data The parameterizing data set of an SPL connection involves the following data areas: ●...
Page 233 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) Error responses The system responses when a communication error occurs can be influenced by the user by appropriately setting the machine data $MN_SAFE_RDP_ERR_REAC and $MN_SAFE_RDP_SUBS - or at a later time by programming the system variables $A_FRDP_ERR_REAC, $A_FRDP_SUBS in the SPL program.
Page 234 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) The following parameterizing data sets are obtained: 1. SPL connection (sub-slot 1)$MN_SAFE_RDP_ID[0] = 1000 $MN_SAFE_RDP_NAME[0] = WZM1 $MN_SAFE_RDP_CONNECTION_NR[0] = 1 $MN_SAFE_RDP_LADDR[0] = 298 $MN_SAFE_RDP_TIMEOUT[0] = 0. MN_SAFE_RDP_ASSIGN[0] = 001 004 $MN_SAFE_RDP_FILTER[0] = 000F $MN_SAFE_RDP_ERR_REAC[0] = 0 $MN_SAFE_RDP_SUBS[0] = 0...
Page 235 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) MD13344 $MN_SAFE_RDP_LADDR: I/O start address When generating the configuration in SIMATIC STEP7 HW Config, for each SPL connection a start address must be defined for the I/O area, which is used for the F_RECVDP to exchange data with the associated F_SENDDP.
Page 236 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) From the F-net data signals of the F-telegram, via the F-net data filter of the 1st SPL connection (sub-slot 1), bits 0 to 3 are selected and via the F-net data filter of the 2nd SPL connection (sub-slot 2), bits 12 to 15 are selected.
Page 237 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) time ≥ 5 * F_DP clock cycle of the slower component of the SPL connection with F_DP clock cycle = $MA_SAFE_SRDP_IPO_TIME_RATIO * IPO clock cycle. For more complex PLC user programs, it is possible that the parameterized F_ DP clock cycle is either briefly or even permanently exceeded.
Page 238 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) MD13348 $MN_SAFE_RDP_ERR_REAC: Error response Machine data $MN_SAFE_RDP_ERR_REAC[1...n] is used to set the default alarm response, which is initiated when an F_DP communication error occurs. The alarm response can be dynamically changed by the appropriate user programming via system variable $A_FRDP_ERR_REAC[1...n].
Page 239 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) 3. Whether STOP D or STOP E is initiated as error response can be parameterized using: NCK: $MN_SAFE_SPL_STOP_MODE PLC: DB18.DBX36.1 4. The system variable $A_FRDP_ERR_REAC[1...n] is a part of the crosswise data comparison SPL-CDC.
Page 240 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) not part of The driver-specific interface signals are single-channel signals and are therefore the crosswise data comparison SPL-CDC. Note The user acknowledgment via the interface signal only refers to acknowledging a communication error.
Page 241: Mapping The Simatic Blocks
FRDP[1...3].RETVAL15 or FRDP_HF[4..16].RETVAL15 8.4.4 Mapping the SIMATIC blocks The parameters of the F_SENDDP and F_RCVDP blocks to be programmed in a SIMATIC-F- CPU and their corresponding mapping for SINUMERIK 840D sl are shown in the following: Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 242 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) F_SENDDP SIMATIC block parameter SINUMERIK parameters F_SENDDP (FB223) Inputs SD_BO_00 $A_OUTSE[x] SD_BO_15 $A_OUTSE[y] SD_I_00 - - - SD_I_01 - - - DP_DP_ID $MN_SAFE_SDP_ID TIMEOUT $MN_SAFE_SDP_TIMEOUT LADDR $MN_SAFE_SDP_LADDR Outputs ERROR $A_FSDP_ERROR SUBS_ON $A_FSDP_SUBS_ON RETVAL 14...
Page 243: Parameterizing The Plc
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) SIMATIC block parameter SINUMERIK parameters F_RCVDP (FB224) RETVAL 15 Alarm27354 DIAG $A_FRDP_DIAG Transfer of integer values has not been implemented. Substitute values not required for integer values. Assignment of the corresponding assign and filter machine data of the SPL connection. Transfer of integer values has not been implemented.
Page 244: Response Times Of The F_Dp Communication
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) ● Displaying the maximum F_DP clock cycle The maximum F_DP clock cycle that has occurred is displayed in MD13322 $MN_INFO_SAFE_SRDP_CYCLE_TIME. ● Incorrect parameterization of the F_DP clock cycle The lower value of the F_DP clock cycle is not actively limited. When setting the F_DP clock cycle, the PLC-CPU performance should always be taken into consideration.
Page 245 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) ● OB40_INT is the maximum permissible time to initiate the interrupt on the NCK side up to execution of the PROFIsafe software and a ready signal to the NCK. The time is mainly determined by the run time (propagation time) of the F-driver implementation on the PLC side and the PLC user program to be run-through in the OB40 context.
Page 246: Boot Behavior Of The F_Dp Communication
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) NCK processing times (F_DP clock cycle <= 2 * IPO) Times: T(FRDP - DB18) Formula 2 * F_DP clock cycle + 1 * IPO Maximum times 2 * 500 ms + 1 * 8 ms 1008 ms Typical times 2 * 16 ms + 1 * 8 ms...
Page 247 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) The boot state of the F_DP communication is represented in the output data of the user interface (DB18) as follows: ● F_SENDDP (NCK) - $A_FSDP_ERROR[1...n] = 0 - $A_FSDP_DIAG[1...n] = 0 - $A_FSDP_SUBS_ON[1...n] = 1 ●...
Page 248: Communication Error After The Control Boots And Active Spl Processing
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) After an error-free boot, the cyclic F-communication is represented in the output data of the user interface as follows: ● F_SENDDP (NCK) $A_FSDP_ERROR[1...n] = 0 $A_FSDP_DIAG[1...n] = 0 $A_FSDP_SUBS_ON[1...n] = 0 ●...
Page 249 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) F_SENDDP and F_RECVDP initiate the error response $A_FSDP/FRDP_ERR_REAC (PLC: FSDP / FRDP[1..3].ERR_REAC or FRDP_HF[4...16]) programmed in the user program. F_SENDDP and F_RECVDP immediately attempt to resume cyclic F_DP communication. Note There is no time limit when waiting for the communication partner.
Page 250 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) The wait state for the user acknowledgment is represented in the output data of the user interface as follows: ● F_SENDDP (NCK) - $A_FSDP_ERROR[1...n] = 1 - $A_FSDP_DIAG[1...n] = X (value corresponding to the detected communication error) - $A_FSDP_SUBS_ON[1...n] = 1 ●...
Page 251: Communication Error When Booting Before Spl Processing Starts
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) After the user acknowledgment has been given, the F_DP communication is represented in the output data of the user interface as follows: ● F_SENDDP (NCK) - $A_FSDP_ERROR[1...n] = 0 - $A_FSDP_DIAG[1...n] = 0 - $A_FSDP_SUBS_ON[1...n] = 0 ●...
Page 252: Acknowledging A Communication Error With Channel_1 Reset
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) FRDP[1...3] or FRDP_HF[4..16].ERR_REAC = $MN_SAFE_RDP_ERR_REAC 8.4.11 Acknowledging a communication error with channel_1 reset If, due to a communication error, an alarm with NCK responses and possibly a STOP D/E initiated, then the user acknowledgment must be realized using a channel_1 reset in order that the alarms are cleared and the alarm responses reset.
Page 253 Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) ● Discrepancies in the F-telegram data (TelegramDiscrepancy) NCK and PLC-F_DP drivers cyclically generate an F-telegram with diversity through 2 channels. The two F-telegrams are compared before compiling the F-telegram to be sent. A discrepancy in the telegram data was identified in this comparison.
Page 254: Nck/Plc Data Exchange
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) 8.4.13 NCK/PLC data exchange Cyclic F_DP data transfer After evaluating the machine data of the F_DP communication through the NCK and PLC-F_DP layers - and initializing the parameterized F_SENDDP and F_RECVDP drivers - cyclic operation of both F_DP layers is started.
Page 255: Functionality Of The Spl Input/Output Data
Connecting sensors and actuators 8.4 Safety-related CPU-CPU communication (F_DP communication) The evaluation of the status signals of the SPL connections and changing the system responses in the case of an error must, if necessary, be additionally programmed in the SPL. WARNING Inverting status signals Depending on the application, the user must invert the status signals of an F_SENDDP-/...
Page 256: Supplementary Conditions
8.4.16 Supplementary conditions For SINUMERIK 840D sl, the following restrictions apply for the safety-related CPU-CPU communication to couple plants and systems: ● The 2 integer values, defined in the F-net data area of the F-telegram, are not used or not evaluated by the F_SENDDP and F_RECVDP realized for SINUMERIK.
Page 257: Fundamentals
Connecting sensors and actuators 8.5 Safe programmable logic 8.5.1 Fundamentals Fundamentals Function These signals must be logically combined (interlocked) in a safety-related, freely programmable form in order to be able to flexibly process safety-related external process signals and safety-related internal input and output signals. The "Safe Programmable Logic" (SPL) handles this task as an integral system component.
Page 258 Connecting sensors and actuators 8.5 Safe programmable logic Figure 8-32 Integrating the SPL into the complete system Crosswise data comparison Data is cyclically exchanged between the PLC and NCK to check the correct functioning of the two SPLs (PLC and NCK). Just the same as the comparison between the NCK and the drive, it cross-checks the signals that the SPL receives, the safety-related signals generated by the SPL as well as internal markers.
Page 259 Connecting sensors and actuators 8.5 Safe programmable logic NCK-SPL data Signal image of the PLC data PLC-SPL data (DB18) $A_FRDP_SUBS[1...16] DBW220, DBW232, DBW244 DBW578, DBW590, DBW602 DBW698, DBW710, DBW722 $A_FRDP_ERR_REAC[1...16] DBW222, DBW234, DBW246 DBW580, DBW592, DBW604 DBW700, DBW712, DBW724 $A_INSE[65...192] $A_INSEP[65...192] DBX272.0 ...DBX287.7 $A_OUTSE[65...192]...
Page 260 Connecting sensors and actuators 8.5 Safe programmable logic This state occurs if data for crosswise data comparison is not exchanged between the NCK and PLC for one second. This is due to the fact that ● the one second limit of the user cycle limit in the PLC (OB1 cycle) was exceeded. ●...
Page 261: Synchronized Actions For Safety Integrated
Connecting sensors and actuators 8.5 Safe programmable logic ● External STOPs must be enabled (they are also used internally) and can be extracted from the SPL if required. When using the SPL via MD $MA_SAFE_EXT_STOP_INPUT[0], for all safety axes, the external STOP A must be parameterized at the SPL interface. If this condition is not fulfilled, then Alarm 27033 is output.
Page 262: Nck-Spl Program
Connecting sensors and actuators 8.5 Safe programmable logic This data has no function for the NCK and PLC (they are not interpreted any further by the NCK and PLC). For the NCK, a general machine data field MD13312 $MN_SAFE_SPL_USER_DATA[0...3] is applicable Users can save information in this MD that must be set the same as the corresponding data in DB18 (DBD256, 260, 264, 268), e.g.
Page 263 Connecting sensors and actuators 8.5 Safe programmable logic Features The NCK-SPL program has the following features: ● The program can be started manually with NC START during commissioning. ● The following applies once the program has been started: – The synchronous actions assigned an ID No. are cyclically executed in the IPO clock cycles (modal) –...
Page 264 Connecting sensors and actuators 8.5 Safe programmable logic ● A reference checksum is calculated when booting and for changes/saving the file by the NCK-SPL (/_N_CST_DIR/_N_SAFE_SPF) - it is entered into the program as a comment: Example: ; SAFE_CHECKSUM = 000476bbH The checksum is then cyclically re-calculated and compared with the reference checksum.
Page 265: Starting The Spl
Connecting sensors and actuators 8.5 Safe programmable logic 8.5.5 Starting the SPL Preconditions The NCK-SPL is active after the control has booted, if at least 1. The functions SBH/SG and "external STOPs" have been enabled for at least one axis using $MA_/$MD_SAFE_FUNCTION_ENABLE, 2.
Page 266 Connecting sensors and actuators 8.5 Safe programmable logic It is only possible to work with a restricted language scope in order that SAFE.SPF can be started in spite of the fact that alarms are active. The PLC or drives cannot be accessed. For commands, which are not included in the language scope, Alarm 15420 "Channel%1 %2 Instruction in the current mode not allowed"...
Page 267 Connecting sensors and actuators 8.5 Safe programmable logic For the PROG_EVENT.SPF cycle, MD11602 $MN_ASUP_START_MASK, PROG_EVENT.SPF and the SAFE.SPF are taken into account, which can be used to set that stop reasons for the sequence are ignored. In order to be able to use $MC_PROG_EVENT_MASK and $MN_ASUP_START_MASK, the "Cross-mode actions"...
Page 268 Connecting sensors and actuators 8.5 Safe programmable logic N600 ... N700 M17 ; end of cycle The part program SAFE.SPF is called if the system variable check $P_PROG_EVENT indicated that the part program call PROG_EVENT.SPF was called when the control system booted.
Page 269 Connecting sensors and actuators 8.5 Safe programmable logic Deviating from the recommended setting 7H, the following settings are also possible: ● Bit 1 can be deleted if MD20700 $MN_REFP_NC_START_LOCK (in the channel in which the SPL is started) is deleted, or, if at the instant that the ASUB starts, the axes (in the channel, in which the SPL is started) do not have to be safely referenced, e.g.
Page 270: Language Scope For Safe.spf
Connecting sensors and actuators 8.5 Safe programmable logic Parameterizing FC9 Signal In‐ Type Value range Remark Start Bool ChanNo E 1 to 10 [1] No. of the NC channel IntNo 1 - 8 [1] Interrupt No. Active Bool 1 = active Done Bool 1 = ASUB completed...
Page 271 Connecting sensors and actuators 8.5 Safe programmable logic ● MD20108 $MC_PROG_EVENT_MASK, bit 5 = 1 ● MD10095 $MN_SAFE_MODE_MASK, bit 2 = 0 restricted language scope is ● SAFE.SPF is called when the system boots, and with the executed error-free. Configuration The function is activated using machine data 20108 $MC_PROG_EVENT_MASK, bit 5 = 1.
Page 272 Connecting sensors and actuators 8.5 Safe programmable logic R parameters $AC_PARAM[ ] $AC_MARKER[ ] $AA_ESR_TRIGGER ;Single axis, trigger ESR $AA_ESR_TRIGGER ;Trigger ESR $AN_ESR_TRIGGER ;Trigger ESR all Synact GUDs Safety system variables that can be written to: $A_OUTSE[ ] $A_OUTSED[ ] $A_OUTSI[ ] $A_OUTSID[ ] $A_MARKERSI[ ]...
Page 273 Connecting sensors and actuators 8.5 Safe programmable logic MINVAL( ) ;Lower value of two variables MAXVAL( ) ;Larger value of two variables BOUND( ) ;Variable value within the defined value range Predefined safety functions SIRELIN( ) ;Assign input quantities SIRELOUT( ) ;Assign output quantities SIRELTIME( ) ;Assign times for timer...
Page 274 Connecting sensors and actuators 8.5 Safe programmable logic REPEAT, UNTIL ;Program loop with condition at end of loop Program flow STOPRE ;Preprocessing stop DELAYSTON ;Start of a stop delay area DELAYSTOF ;End of a stop delay area Comparison operators <>, ==, >=, <, >, <= Bit-by-bit logic operators B_END B_OR...
Page 275: Diagnostics/Commissioning
Connecting sensors and actuators 8.5 Safe programmable logic G04 F ;Dwell time (group 2) End of program ENDPROC ;End line of program with start line PROC ;Without output to the PLC ;The RET command without parameter can now be programmed in a ;main program.
Page 276 Connecting sensors and actuators 8.5 Safe programmable logic ; End of program These instructions simulate the output interfaces of the NCK-SPL and therefore "short-circuit" the crosswise data comparison. WARNING Commissioning The logic used in this phase has a single channel structure and is therefore not safe! The described minimum NCK-SPL must be replaced by a full NCK-SPL without any access to $A_INSIP(D), ..., $A_MARKERSIP(D) when the PLC side is completed! Additional diagnostic support:...
Page 277: Safe Software Relay
Connecting sensors and actuators 8.5 Safe programmable logic 8.5.8 Safe software relay General The standard SPL block "safety software relay" is designed to meet the requirements of an Emergency Stop function with safe programmable logic. However, it can also be used to implement other similar safety functions, e.g.
Page 278 Connecting sensors and actuators 8.5 Safe programmable logic The description is provided in the following: Three shutdown inputs If one of these inputs is set to 0, then direct output A0 is set to 0. Outputs A1 to A3 switch with E1 to E3 the delay of timer 1-3.
Page 279 Connecting sensors and actuators 8.5 Safe programmable logic SIRELOUT: This language command assigns the input quantities A0, A1, A2 and A3 to the safety relay x (x = 1...4). The return value "status" contains the number of the first incorrect parameter;...
Page 280 Connecting sensors and actuators 8.5 Safe programmable logic The "status" variable must be defined as integer to correctly map the possible return values of the function block. The following values are possible for status: Return value Meaning status The input quantity of the safety relay is either not parameterized or not correctly parameterized. Remedy: Call SIRELIN with the correct parameterization The output quantities of the safety relay are either not parameterized or not correctly parameter‐...
Page 281 Connecting sensors and actuators 8.5 Safe programmable logic E3), then time t4i is allocated the measured time t4. For additional measurements, while A0 remains at 0, t4i is only re-saved if the measured time t4 is greater than the old value of t4i. Supplementary conditions The language commands SIRELIN, SIRELOUT and SIRELTIME may not be used in synchronized actions.
Page 282: System Variables For Sinumerik 840D Sl
SPL program starts. The user must provide an instance DB with any number for this purpose. The call is multi-instance-capable. 8.5.9 System variables for SINUMERIK 840D sl The following system variables can only be used in combination with SINUMERIK Safety Integrated. They are used when programming the safe programmable logic (SPL).
Page 283 Connecting sensors and actuators 8.5 Safe programmable logic For a detailed description of the system variables, also see Chapter "Description of the system variables (Page 511)". Table 8-5 Overview of system variables System variable Meaning Value range Data type Possible access for Part program Synchronized action Actual position...
Page 284 Connecting sensors and actuators 8.5 Safe programmable logic System variable Meaning Value range Data type Possible access for $A_OUTSI[n] NCK output n = 1, 2, ... 192 BOOL stands for the number of the out‐ $A_OUTSID[n] NCK outputs n = 1, 2, ... 6 stands for the number of the dou‐...
Page 285 Connecting sensors and actuators 8.5 Safe programmable logic System variable Meaning Value range Data type Possible access for $A_MARKERSI[n] Marker n = 1, 2, ... 192 BOOL stands for the number of the marker $A_MARKERSID[n] Marker n = 1, 2, ... 6 stands for the number of the dou‐...
Page 286 Connecting sensors and actuators 8.5 Safe programmable logic System variable Meaning Value range Data type Possible access for $A_FRDP_SUBS[n] Those substitute values n = 1, ..., 16 stands are specified, which are for the number of output to the SPL in cer‐ the F-RECVDP tain states connection, is also...
Page 287 Connecting sensors and actuators 8.5 Safe programmable logic System variable Meaning Value range Data type Possible access for $A_STATSID A value not equal to 0 Bit 0...5=1: CDC means that an error has error in I/O sig‐ occurred in the cross‐ nals, markers or wise data comparison.
Page 288: Behavior After Power On/Mode Change/Reset
Connecting sensors and actuators 8.5 Safe programmable logic 8.5.10 Behavior after power on/mode change/reset 1. After the system has booted, the following Safety Integrated system variables are assigned the value zero: $A_INSE(D), not for F_DP communication, $A_OUTSE(D), $A_OUTSI(D), $A_MARKERSI(D), ,$A_INSEP(D), not for F_DP communication, $A_OUTSEP(D), $A_OUTSIP(D), $A_MARKERSIP(D),...
Page 289: Direct Communications Between Nck And Plc-Spl
Connecting sensors and actuators 8.5 Safe programmable logic Data area/status SPL_DATA The useful (net) data for the PLC-SPL is contained in the SPL_DATA structure. The net data area is sub-divided into internal inputs/outputs and marker areas and external inputs/outputs that correspond to the hardware I/O. With the appropriate parameterization for external inputs/outputs, the basic program transfers the input image of the I/Os to the external inputs in DB18 and from the external outputs in DB18 to the output.
Page 290: Safe Brake Test (Sbt)
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) In order to be able to exchange single-channel SI-specific signals between the NCK and PLC in a dedicated data area, a corresponding communication interface exists between these components. The meaning of the individual bits in this interface are defined by the user. $A_PLCSIOUT[1...96] DB18.DBB128-131, 96 bits from the NCK to PLC...
Page 291: Parameterization
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Note From software release 4.7 SP2, the brake test integrated in the drive can also be used in conjunction with SINUMERIK Safety Integrated. You can find an application example on the Internet at our "Industry Online Support": 8.6.2 Parameterization...
Page 292 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) MD37030 $MA_FIXED_STOP_THRESHOLD: Threshold for fixed stop reached The contour deviation that is determined is always used in the brake test to detect that the fixed stop has been reached. The parameterization in MD37040 $MA_FIXED_STOP_BY_SENSOR is therefore irrelevant.
Page 293 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) MD36968 $MA_SAFE_BRAKETEST_CONTROL, bit 0: Sequence check for the brake test Principally, the automatic determination of the load torque available using MD36968 $MA_SAFE_BRAKETEST_CONTROL, bit 0 = 1 is preferred. This is because over the complete traversing path of a suspended axis the torque situation continually changes to some extent or the other.
Page 294 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Effectiveness of the torque limiting Figure 8-35 Torque limiting for SINAMICS S120 ① When selecting the brake test, the holding torque required for the force due to the weight of the axis is internally measured (m ②...
Page 295: Torque Limits
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) 8.6.3 Torque limits The torque limits p1520[0] and p1521[0] and the reference torque p2003 are pre-assigned when commissioning the motor. The torque limits and the reference torque are pre-assigned differently depending on the technological application p0500, and dependent on the hardware components being used.
Page 296: Traversing Direction For The Brake Test
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) To ensure that the brake test functions without any errors, it should be checked as to whether the required test torque in MD36966 $MA_SAFE_BRAKETEST_TORQUE is not prevented from being generated due to the fact that torque limits are effective in the drive. For details on this, please see SINAMICS List Manual, e.g.
Page 297: Brake Control For Sinumerik 840D Sl
$MA_SAFE_BRAKETEST_CONTROL: Sequence check for the brake test. 8.6.5 Brake control for SINUMERIK 840D sl If Safety Integrated is activated for an axis, then the brake can be closed using the interface signal "Close brake", DB31-61, DBX23.5. The feedback signal is realized using the interface bit "Motor holding brake open", DB31-61, DBX92.5.
Page 298 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) For a PLC-controlled axis, also see: Reference: /FB2/, P2 "Autonomous single-axis processes" Note The signals shown here are only intended for diagnostics and providing an understanding. The signals should not be influenced by the user program elsewhere. Sequence to test the mechanical braking Before the brake test can be started via FB 11 (from the basic program), the NC axis to be tested must be transferred to the PLC as "PLC-controlled axis".
Page 299 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Figure 8-36 Sequence, function test of the mechanical brake system Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 300: Description Of Fb11
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) 8.6.7 Description of FB11 Declaration of the function VAR_INPUT Start : BOOL; //Start of brake test Ackn : BOOL; //Acknowledge error Bclosed: BOOL; //Brake closed input (single channel - PLC) Axis : INT ; //Testing axis no.
Page 301 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Signal Input Type Remark or out‐ TV_FeedCommand S5TIME Monitoring time value → output travel command. Check traversing commands after MoveAxis has been set. TV_FXSreached S5TIME Monitoring time value → fixed stop reached TV_FXShold S5TIME Monitoring time value →...
Page 302: Application Example
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) 8.6.8 Application example Information and notes for typical applications are provided as example in the following description. Parameterization of the machine data Machine data Value Description MD37000 Enable brake test $MA_FIXED_STOP_MODE MD37030 2 mm Threshold for fixed stop detection.
Page 303 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) 111.4 //Error has occurred 110.7 //Brake test running 110.6 //Start SPBN m001 //Conditional jump DBB 68 //Load channel status W#16#F //Select bits //Load channel status B#16#10 //Load fixed value DBB8 //Request neutral axis m001: NOP 0 //Jump marker DBX 68.6...
Page 304 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) OPEN DB37 //Brake test, Z axis 111.2 //Moveaxis 111.5 //FC18 start 111.7 //Start FC18 111.3 //Test successfully completed 111.4 //Error has occurred 110.3 //Edge marker DBX 28.7 //Request, PLC-controlled axis DBX6 //Checkback signal, axis controlled by PLC 111.0 //Start brake test for FB...
Page 305 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Determining the test torque, MD36966 $MA_SAFE_BRAKETEST_TORQUE When determining the test torque MD36966 $MA_SAFE_BRAKETEST_TORQUE, the maximum holding torque that occurs must first be determined. The maximum occurring holding torque can be determined in parameter r1509 by traversing the axis to various positions with different forces / torques due to weight (tools or workpieces).
Page 306 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Figure 8-37 Servo trace brake test SBC acceptance test The safe brake test can be carried out under the acceptance test. Figure 8-38 Acceptance test – safe brake test An overview of the recording can be obtained via the "Show trace" softkey. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 307 Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Figure 8-39 Acceptance test – trace brake test Actual position when testing the SBT Axis motion is minimal if the brake was suc‐ cessfully tested. The holding current re-estab‐ lishes itself at the end of the SBT and after opening the brake.
Page 308: Supplementary Conditions
Connecting sensors and actuators 8.6 Safe Brake Test (SBT) Torque limit when testing the SBT Reduction of the torque limit – at the end of the test, the limit is set to 0 in order to decrease the additionally generated torque to zero. Required torque when testing the SBT During the test, an additional torque is built up and reduced again at the end.
Page 309: Safety Information Channel And Safety Control Channel
Connecting sensors and actuators 8.7 Safety Information Channel and Safety Control Channel ● The feed override should be set to 100% so that the required velocity can be reached during the test. If this is realized via the interface, then it should be carefully noted that if the brake test is not successful, then the override does not statically remain at 100%.
Page 310 Connecting sensors and actuators 8.7 Safety Information Channel and Safety Control Channel Use in the "SINUMERK Safety Integrated" operating mode This functionality is used in the following cases in the "SINUMERIK Safety Integrated" operating mode: ● Connecting external SINAMICS drives with safety functionality integrated in the drive, which are assigned to an NC axis, to the motion control.
Page 311: Data Descriptions
PROFIsafe-CRC1 27073 "Checksum error, S7 PROFIsafe configuration. Con‐ firmation and acceptance test required. -- means: This data is not calculated into any checksum. Table 9-1 Overview of machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD General ($MN_ ...)
Page 312 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD 10092 INFO_CROSSCHECK_CYCLE_TIME Displays the clock cycle time for a crosswise data comparison 10093 INFO_NUM_SAFE_FILE_ACCESS Number of SPL file access operations 10094 SAFE_ALARM_SUPPRESS_LEVEL Alarm suppression level 10095...
Page 313 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD 13316 SAFE_GLOB_CONFIG_CHANGE_DATA Date/time of the last change SI-NCK-MD 13317 SAFE_GLOB_PREV_CONFIG Data, previous safety configuration 13318 SAFE_GLOB_ACT_CHECKSUM Actual checksum NCK 13319 SAFE_GLOB_DES_CHECKSUM Reference checksum 13320 SAFE_SRDP_IPO_TIME_RATIO Factor F_DP communication clock cycle...
Page 314 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD 20700 REFP_NC_START_LOCK NC-Start disable without reference point 28251 MM_NUM_SAFE_SYNC_ELEMENTS Number of elements for expressions in safety synchronized actions Axis/spindle-specific ($MA_ ...) 30130 CTRLOUT_TYPE Setpoint output type...
Page 315 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD 36924 SAFE_ENC_NUM_BITS[0] Bit information of the redundant actual value AX[1] SAFE_ENC_NUM_BITS[1] AX[1] SAFE_ENC_NUM_BITS[2] AX[0] SAFE_ENC_NUM_BITS[3] AX[0] 36925 SAFE_ENC_POLARITY Direction reversal actual value AX[0] 36927 SAFE_ENC_MOD_TYPE Encoder evaluation type...
Page 316 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Number Identifier Name Checksums MD 36968 SAFE_BRAKETEST_CONTROL Extended settings for the brake test AX[0] 36969 SAFE_BRAKETEST_TORQUE_NORM Reference quantity for the holding torque, AX[0] brake test 36970 SAFE_SVSS_DISABLE_INPUT Input assignment, SBH/SG deselection...
Page 317: Description Of Machine Data
General General information about machine data and an explanation of their contents such as units, data type, protective stage, effectiveness, etc. can be found in the following references: Reference: /LIS1/, List Manual Machine Data SINUMERIK 840D sl 10050 $MN_SYSCLOCK_CYCLE_TIME MD number Basic system cycle clock Default value: 0.004...
Page 318 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10060 $MN_POSCTRL_SYSCLOCK_TIME_RATIO MD number Factor for position-control cycle Default value:1 Min. input limit: 1 Max. input limit: 31 Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD...
Page 319 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10089 $MN_SAFE_PULSE_DIS_TIME_BUSFALL MD number Wait time pulse cancellation when the bus fails Default value: 0.0 Min. input limit: 0.0 Max. input limit: 0.8 Change becomes effective after: POWER ON Protection level: 7/2...
Page 320 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10091 $MN_INFO_SAFETY_CYCLE_TIME MD number Display, monitoring clock cycle time Default value: 0.0 Min. input limit: 0.0 Max. input limit:- Change becomes effective after: POWER ON Protection level: 7/0 Unit: s Data type: DOUBLE...
Page 321 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10093 $MN_INFO_NUM_SAFE_FILE_ACCESS Meaning: Display data: SPL file /_N_CST_DIR/_N_SAFE_SPF has been accessed n-times in the pro‐ tected state. This MD is only used for service purposes. The value of the MD can only be 0 or 1.
Page 322 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10094 $MN_SAFE_ALARM_SUPPRESS_LEVEL Meaning: Influences the display of safety alarms. The monitoring channels NCK and drive display alarms with the same significance in several situations. In order to reduce the size of the alarm screen, this MD is used to specify whether safety alarms with the same significance are to be suppressed.
Page 323 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10094 $MN_SAFE_ALARM_SUPPRESS_LEVEL This machine data must be set to 0 to generate an acceptance report. This allows the system to document all of the alarms that have been initiated. Special cases, errors,...
Page 324 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10096 $MN_SAFE_DIAGNOSIS_MASK Meaning: Bit 0=0 SGE differences between NCK and the drive monitoring channels are not displayed Bit 0=1 Default setting: SGE differences between NCK and the drive monitoring channels are dis‐...
Page 325 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10097 $MN_SAFE_SPL_STOP_MODE Meaning: Selects the stop response when errors are detected in the crosswise data comparison of NCK and PLC-SPL 3: Stop D 4 Stop E When the value 4 is entered in this MD (Stop E) without enabling the external Stop E in all axes with SI function enable signals (MD36901 $MA_SAFE_FUNCTION_ENABLE not equal to 0) results in Alarm 27033 with reference to this MD.
Page 326 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10385 $MN_PROFISAFE_MASTER_ADDRESS[0...2] MD number PROFIsafe address of the master module Default value: 0 Min. input limit: 0 Max. input limit: 0x0500FA7DH Change becomes effective after: power on Protection level: 7/2 Unit: -...
Page 327 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10387 $MN_PROFISAFE_OUT_ADDRESS[0...47] Meaning: PROFIsafe target address of an output module Format: 0s 0x aaaa s: Bus segment (5 = I/O connection on the PLC side) x: Sub-slot address Value range: 0...2 x = 0 addresses the F-net data signals 1 ...32...
Page 328 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 10393 $MN_SAFE_DRIVE_LOGIC_ADDRESS[0...30] MD number Logical drive addresses, SI Default value: 6700, 6724, 6748, 6772, ... Min. input limit: 258 Max. input limit:16383 Change becomes effective after: POWER ON Protection level: 7/2...
Page 329 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 11411 $MN_ENABLE_ALARM_MASK Meaning: Screen form to generate alarms, which are normally suppressed. Bit set: Alarms of this alarm group are output. Bit not set: Alarms of this alarm group are not output.
Page 330 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 11415 $MN_SUPPRESS_ALARM_MASK_2 Meaning: Screen form for suppressing special alarm outputs. Bit set: The corresponding alarm (warning) is not triggered. Bit hex. Meaning Value ===================================================================== 0: 0x1 16773 "Channel %1 Axis %3 is following axis. The axis/spindle inhibits of the leading axes are different"...
Page 331 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 11500 $MN_PREVENT_SYNACT_LOCK MD number Protected synchronized actions Default value: 0.0 Min. input limit: 0 Max. input limit:255 Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD Meaning: Fist and last ID of a protected synchronized action area.
Page 332 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 11602 $MN_ASUP_START_MASK Meaning: The machine data specifies which stop reasons are to be ignored for an ASUB start. The ASUB is started or the following stop reasons are ignored: Bit 0:...
Page 333 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 11604 $MN_ASUP_START_PRIO_LEVEL Data type: DWORD Meaning: This machine data specifies from which ASUB priority the machine data $MN_AS‐ UP_START_MASK is to be applied. MD ASUP_START_MASK is applied from the level speci‐...
Page 334 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13301 $MN_PROFISAFE_OUT_FILTER[0...47] Meaning: Filter between $A_OUTSE variables and F-net data The machine data is used to define in which F-net data bits the relevant $A_OUTSE[n] varia‐ bles are transferred. Machine data MD10389 $MN_PROFISAFE_OUT_ASSIGN is used to define which $A_OUTSE[n] variables are transferred into the F-net data bits of the PROFIsafe module.
Page 335 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13303 $MN_PROFISAFE_OUT_ENABLE_MASK[0...1] MD number Enable screen form of the connections to PROFIsafe outputs modules Field index 0: Default value 0 Min. input limit: 0 Max. input limit: FFFFFFFFH Field index 1: Default value 0 min.
Page 336 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13305 $MN_PROFISAFE_IN_SUBS[0...47] Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD Meaning: For passive connections to PROFIsafe input modules, substitute values parameterized in the machine data are transferred to SPL inputs ($A_INSE) parameterized using MD10388 $MN_PROFISAFE_IN_ASSIGN[n].
Page 337 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13309 $MN_PROFISAFE_OUT_NAME[0...47] Meaning: Every PROFIsafe output module can be assigned a symbolic name. If a name is assigned, this is displayed in the alarm text instead of the PROFIsafe address. corresponds with ...
Page 338 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13317 $MN_SAFE_GLOB_PREV_CONFIG[0...10] MD number Data of the previous safety configuration Default value 0H Min. input limit: 0H Max. input limit: FFFFFFFFH Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 339 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13319 $MN_SAFE_GLOB_DES_CHECKSUM[0...3] MD number Reference checksum Default value 0H Min. input limit: 0H Max. input limit: FFFFFFFFH Change becomes effective after: POWER ON Protection level: 7/1 Unit: - Data type: DWORD...
Page 340 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13330 $MN_SAFE_SDP_ENABLE_MASK MD number Enable screen form F_SENDDP communication relationships Default value 0 Min. input limit: 0 Max. input limit: 0xFFFF Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 341 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13333 $MN_SAFE_SDP_CONNECTION_NR[0...15] Meaning: This machine data is used to set the number of the F_SENDDP-SPL connection which is parameterized with this data set. The F_SENDDP-SPL connection number is, at the same time, also the index to access the system variables of the user interface of this F_SENDDP- SPL connection.
Page 342 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13336 $MN_SAFE_SDP_ASSIGN[0...15] Data type: DWORD Meaning: The selection of the SPL signals $A_OUTSE in the F_SENDDP net data to be transferred can only be done area for area. The SPL area is specified in the decimal notation in the format aaa bbb...
Page 343 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13338 $MN_SAFE_SDP_ERR_REAC[0...15] corresponds with ... Additional reference 13340 $MN_SAFE_RDP_ENABLE_MASK MD number Enable screen form F_RECVDP communication relationships Default value 0 Min. input limit: 0 Max. input limit: 0xFFFF Change becomes effective after: POWER ON...
Page 344 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13343 $MN_SAFE_RDP_CONNECTION_NR[0...15] Meaning: The number of the F_RECVDP-SPL connection, which is parameterized with this data set, is set using the machine data. The F_RECVDP-SPL connection number is, at the same time, also the index to access the system variables of the user interface of this F_RECVDP-SPL connection.
Page 345 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13346 $MN_SAFE_RDP_ASSIGN[0...15] MD number Input assignment F_RECVDP net data to $A_INSE Default value 0 Min. input limit: 0 Max. input limit: 192192 Change becomes effective after: POWER ON Protection level: 7/2...
Page 346 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 13348 $MN_SAFE_RDP_ERR_REAC[0...15] Meaning: The error response defined here is initiated in the case of a communication error. This value is valid as long as no other value is entered from the SPL via the system variable $A_FRDP_ERR_REAC.
Page 347 Data descriptions 9.1 Machine data for SINUMERIK 840D sl Only MD13370 $MN_SAFE_MODE_MASK = 0 is relevant for this documentation. Please do not change this value. 13372 $MN_SAFE_PS_DRIVE_LOGIC_ADDR[0...30] MD number Logical PROFIsafe drive address SI Default value 1008, 992, 976, 960, 944, Min.
Page 348 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 20106 $MC_PROG_EVENT_IGN_SINGLEBLOCK MD number Prog events ignore the single block Default value (0x0, 0x0,...) Min. input limit: 0 Max. input limit: 0x3F Change becomes effective after: POWER ON Protection level: 7/2...
Page 349 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 20108 $MC_PROG_EVENT_MASK MD number Event-controlled program call Default value (0x0, 0x0,...) Min. input limit: 0 Max. input limit: 0x3F Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD...
Page 350 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 20700 $MC_REFP_NC_START_LOCK MD number NC start inhibit without reference point Default value TRUE Min. input limit: - Max. input limit: - Change becomes effective after: RESET Protection level: 7/2 Unit: -...
Page 351 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36901 $MA_SAFE_FUNCTION_ENABLE Meaning: The functions for safe operation can be enabled for one axis/spindle using this machine data. It is only possible to enable - on an axis-specific basis - as many axes/spindles for safe operation as have been enabled by the global option.
Page 352 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36903 $MA_SAFE_CAM_ENABLE MD number Function enable Safe Cam Track Default value: 0H Min. input limit: 0H Max. input limit:3FFF FFFFH Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 353 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36904 $MA_SAFE_ADD_FUNCTION_MASK MD number Enables additional functions for Safety Integrated Default value: 0H Min. input limit: 0H Max. input limit:1H Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 354 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36906 $MA_SAFE_CTRLOUT_MODULE_NR Special cases, errors,... corresponds with ... 36907 $MA_SAFE_DRIVE_PS_ADDRESS MD number PROFIsafe address of the drive Default value: 0 Min. input limit: 0 Max. input limit: 65534 Change becomes effective after: POWER ON...
Page 355 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36913 $MA_SAFE_ENC_MEAS_STEPS_POS1 MD number Non-safety-related measuring increments POS1 Default value: 22000 Min. input limit: 0 Max. input limit:4294967295 Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD Meaning: Sets the non-safety-related measuring steps of position value POS1.
Page 356 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36916 $MA_SAFE_ENC_IS_LINEAR Meaning: This MD specifies whether a linear or a rotary encoder is connected. = 0: rotary encoder is connected, its resolution is specified using MD36918 $MA_SAFE_ENC_RE‐ SOL - and converted over to the load side using MD36920 $MA_SAFE_ENC_GEAR_PITCH, MD36921 $MA_SAFE_ENC_GEAR_DENOM[n] and MD36922 $MA_SAFE_ENC_GEAR_NU‐...
Page 357 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36919 $MA_SAFE_ENC_PULSE_SHIFT MD number Shift factor of the encoder multiplication Default value: 11 Min. input limit: 2 Max. input limit: 18 Change becomes effective after: POWER ON Protection level: 7/- Unit: -...
Page 358 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36923 $MA_SAFE_INFO_ENC_RESOL[0...7] MD number Safety-relevant encoder resolution Default value: 0.0 Min. input limit: - Max. input limit: - Change becomes effective after: POWER ON Protection level: 7/- Unit: mm, degrees Data type: DOUBLE...
Page 359 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36925 $MA_SAFE_ENC_POLARITY Meaning: Using this data, the direction of the actual value can be reversed. = -1: Direction reversal = 0: no direction reversal or = 1: no direction reversal corresponds with ...
Page 360 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36928 $MA_SAFE_ENC_IDENT[0...2] Meaning: Identification of the encoder evaluation of this axis used for Safety Integrated. When booting, the encoder evaluation (drive parameter r9881) reads out this identification and compares with the last value saved here. This MD is then overwritten. The value of this MD is incorporated in the calculation of MD36998 $MA_SAFE_ACT_CHECKSUM[1].
Page 361 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36931 $MA_SAFE_VELO_LIMIT[0...3] MD number Limit value for safely reduced speed Default value: 2000 Min. input limit: 0.0 Max. input limit: - Change becomes effective after: POWER ON Protection level: 7/2 Unit: mm/min, inch/min,...
Page 362 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36933 $MA_SAFE_DES_VELO_LIMIT[0...3] Meaning: Evaluation factor to define the speed setpoint limit. The selection of the active evaluation factor is realized using the axis specific NC/PLC interface DB3x.DB34.0 and 1. Parameterization: This MD may have to be altered several times before an optimum setting for the dynamic response of the drives is found.
Page 363 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36935 $MA_SAFE_POS_LIMIT_MINUS[0...1] Meaning: This MD specifies the lower limit value for safe end positions 1 and 2. When SE1 or SE2 is selected and the actual position is less than this limit value, then the control system outputs Alarm 27012 with the stop response configured in MD36962 $MA_SAFE_POS_STOP_MODE and changes over into the SBH mode.
Page 364 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36937 $MA_SAFE_CAM_POS_MINUS[0...29] Data type: DOUBLE Meaning: This MD specifies the minus cam position for Safe Cams SN1-, SN2-, SN3-, ... For the "Safe Cams" function, the following applies: If the actual position is greater than this value when the Safe Cam function is active (MD36901 $MA_SAFE_FUNCTION_ENABLE), then the appropriate safety-relevant output signal (SGA) is set to 1.
Page 365 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36938 $MA_SAFE_CAM_TRACK_ASSIGN[0...29] corresponds with ... MD36903 $MA_SAFE_CAM_ENABLE MD36936 $MA_SAFE_CAM_POS_PLUS[n] MD36937 $MA_SAFE_CAM_POS_MINUS[n] MD37900 $MA_SAFE_CAM_TRACK_OUTPUT[n] MD37901/37902/37903/37904 $MA_SAFE_CAM_RANGE_OUTPUT_1/2/3/4[n] MD37906/37907/37908/37909 $MA_SAFE_CAM_RANGE_BIN_OUTPUT_1/2/3/4[n] Additional reference /FBSIsl/ see Chapter "Safety software cams and safety cam track (SN) (Page 157)"...
Page 366 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36944 $MA_SAFE_REFP_POS_TOL MD number Tolerance, actual value comparison (referencing) Default value: 0.01 Min. input limit: 0 Max. input limit: Linear axis 1mm/inch, Max. input limit: Rotary axis 36 degrees Change becomes effective after: POWER ON...
Page 367 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36946 $MA_SAFE_VELO_X Data type: DOUBLE Meaning: This machine data defines the limit speed n for the SGA "n < n ". If this velocity limit is fallen below, SGA "n < n "...
Page 368 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36949 $MA_SAFE_SLIP_VELO_TOL MD number Speed tolerance, slip Default value: 6 - for mm/min, inch/min Min. input limit: 0 Max. input limit: 1000 default value: 1. for rpm min. Input limit: 0 max.
Page 369 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36951 $MA_SAFE_VELO_SWITCH_DELAY Meaning: A timer with this value is started when changing from a higher to a lower safely reduced speed - or when a Safe Operating Stop is selected when the safely reduced speed function is active.
Page 370 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36954 $MA_SAFE_STOP_SWITCH_TIME_E Meaning: This data defines the time period between the initiation of a STOP E and the activation of a Safe Operating Stop. The parameterized value must be selected as low as possible.
Page 371 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36957 $MA_SAFE_PULSE_DIS_CHECK_TIME Meaning: This machine data specifies the time when, after pulse cancellation has been requested, the pulses must be actually cancelled. The time that elapses between deleting the SGA "enable pulses" and detecting the SGE "pulses cancelled status"...
Page 372 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36961 $MA_SAFE_VELO_STOP_MODE Meaning: The stop response programmed in this machine data is initiated if a limit value for safely reduced speed 1, 2, 3 or 4 is exceeded. = 0, 1, 2, 3 correspond to STOP A, B, C, D - common for each SG level = 5 means that the stop response can be configured for specific SGs in MD36963 $MA_SAFE_VELO_STOP_REACTION.
Page 373 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36962 $MA_SAFE_POS_STOP_MODE Meaning: When passing a safe limit position 1 or 2, then the stop response specified in this machine data is initiated. 2: STOP C 3: STOP D 4: STOP E corresponds with ...
Page 374 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36963 $MA_SAFE_VELO_STOP_REACTION[0...3] Special cases, errors,... corresponds with ... MD10089 $MA_SAFE_PULSE_DIS_TIME_BUSFAIL MD36961 $MA_SAFE_VELO_STOP_MODE 36964 $MA_SAFE_IPO_STOP_GROUP MD number Grouping, safety IPO response Default value: 0 Min. input limit: 0 Max. input limit: 1...
Page 375 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36966 $MA_SAFE_BRAKETEST_TORQUE Change becomes effective after: POWER ON Protection level: 7/2 Unit: % Data type: DOUBLE Meaning: This MD specifies the torque or force when testing the mechanical brake system. This torque or this force is generated during the test against the closed brake, and it is not permissible that the axis moves.
Page 376 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36968 $MA_SAFE_BRAKETEST_CONTROL Meaning: Extended settings for the NC-controlled and SINAMICS brake test. Bit 0: Select the average value for the torque limiting Bit 0 = 0: Drive parameter p1532 is used as the average value of the torque limiting.
Page 377 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 02: Addressing the external SPL inter‐ face $A_INSE System variable word 01-06H Index of the system variable word index Number of the system 01-20H Bit number in the system variable word variable bit ●...
Page 378 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36971 $MA_SAFE_SS_DISABLE_INPUT Meaning: Assignment of the NCK input to de-select the Safe Operating Stop function. Structure: Refer to the coding of the input assignment Input assignment to the safe functions if safely reduced speed or Safe Operating Stop has been activated.
Page 379 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36974 $MA_SAFE_GEAR_SELECT_INPUT[0...2] MD number Input assignment, gearbox ratio selection Default value: 0 Min. input limit: 0 Max. input limit: 84020620 Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 380 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36978 $MA_SAFE_OVR_INPUT[n]: 0 ... 3 Meaning: Assigns the NCK inputs for the correction of the limit value of the safely reduced speeds 2 and 4. Structure: Refer to the coding of the input assignment...
Page 381 Data descriptions 9.1 Machine data for SINUMERIK 840D sl ● If a single output signal is connected to a system variable, the following applies: If MD bit 31 is set, then the signal is processed inverted. ● If several output signals are connected to the same system variable, the following applies: If MD bit 31 is set, then the relevant signal is initially inverted.
Page 382 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36981 $MA_SAFE_SS_STATUS_OUTPUT Meaning: This machine data defines the output or the system variable for the "SBH active" signal. Structure: Refer to the coding of the output assignment Signal means = 0, SBH is not active = 1, SBH is active Special cases, errors,...
Page 383 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36987 $MA_SAFE_REFP_STATUS_OUTPUT MD number Output assignment, axis safely referenced Default value: 0 Min. input limit: 0 Max. input limit: 84010620 Change becomes effective after: POWER ON Protection level: 7/2 Unit: -...
Page 384 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36989 $MA_SAFE_CAM_MINUS_OUTPUT[0...3] Meaning: This machine data defines the outputs for the minus cams SN1- to SN4-. = 0, 1, 2, 3 corresponds to the assignment for minus cams SN1-, SN2-, SN3-, SN4-...
Page 385 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36993 $MA_SAFE_CONFIG_CHANGE_DATE[0...7] Change becomes effective after: POWER ON Protection level: 7/- Unit: - Data type: STRING Meaning: Display data: Date and time of the last configuration change of safety-related NCK axis machine data.
Page 386 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 36997 $MA_SAFE_ACKN MD number User agreement Default value: 0 Min. input limit: - Max. input limit: - Change becomes effective after: POWER ON Protection level: 7/2 Unit: - Data type: DWORD Meaning: The status of the user agreement is displayed in this machine data.
Page 387 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37000 $MA_FIXED_STOP_MODE Data type: BYTE Meaning: Activation of subfunction "Travel to fixed stop" Bit 0: Reserved Bit 1: enables the Safe Brake Test = 0: Safe brake test not available = 1: Safe brake test can be performed, controlled from the PLC.
Page 388 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37901 $MA_SAFE_CAM_RANGE_OUTPUT_1[0...3] Meaning: This machine data specifies the outputs for the cam range of cam track 1. Structure: Refer to the coding of the output assignment n = 0, 1, 2, 3 correspond to the 4 bits to specify the range on cam track 1...
Page 389 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37902 $MA_SAFE_CAM_RANGE_OUTPUT_2[0...3] Special cases, errors,... corresponds with ... MD37900 $MA_SAFE_CAM_TRACK_OUTPUT 37903 $MA_SAFE_CAM_RANGE_OUTPUT_3[0...3] MD number Output assignment, cam range for cam track 3 Default value: 0 Min. input limit: 0 Max. input limit: 84020620...
Page 390 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37904 $MA_SAFE_CAM_RANGE_OUTPUT_4[0...3] Meaning: This machine data specifies the outputs for the cam range of cam track 4. Structure: see $MA_SAFE_SVSS_STATUS_OUTPUT n = 0, 1, 2, 3 correspond to the 4 bits to specify the range on cam track 4...
Page 391 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37907 $MA_SAFE_CAM_RANGE_BIN_OUTPUT_2[0...14] MD number Output assignment, cam range bit for cam track 2 Default value: 0 Min. input limit: 0 Max. input limit: 84020620 Change becomes effective after: POWER ON Protection level: 7/2...
Page 392 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37909 $MA_SAFE_CAM_RANGE_BIN_OUTPUT_4[0...14] MD number Output assignment, cam range bit for cam track 3 Default value: 0 Min. input limit: 0 Max. input limit: 84020620 Change becomes effective after: POWER ON Protection level: 7/2...
Page 393 Data descriptions 9.1 Machine data for SINUMERIK 840D sl 37922 $MA_SAFE_STANDSTILL_DELAY Meaning: If, when transitioning to a safe operating stop or to a lower velocity level, standstill is identified (see MD37920 $MA_SAFE_STANDSTILL_VELO_LIMIT), then at the latest, after this transi‐ tion time SBH or the selected SG stage becomes active. In this case, transition times from STOP C, D and E - as well as from SG to SBH - are interrupted or replaced by this delay time.
Page 394: Parameters For Sinamics S120
STARTER drive commissioning tool. However, the access stage is reduced as a result of a user-specific view for SINUMERIK 840D sl to 3 (expert access) so that the safety parameters for the motion monitoring functions are visible on the HMI without having to enter a password for the access level.
Page 395: Parameter Overview
Data descriptions 9.2 Parameters for SINAMICS S120 The possible data types of parameter values are as follows: Integer8 8: Bit integer number Integer16 16: Bit integer number Integer32 32: Bit integer number Unsigned8 8: Bit without sign Unsigned16 16: Bit without sign Unsigned32 32: Bit without sign REAL32...
Page 396 Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name p9519 SI Motion fine resolution G1_XIST1 36919 $MA_SAFE_ENC_PULSE_SHIFT (Control Unit) p9520 SI Motion leadscrew pitch (Control 36920 $MA_SAFE_ENC_GEAR_PITCH Unit) p9521 SI Motion gearbox encoder/load de‐ 36921 $MA_SAFE_ENC_GEAR_DENOM[n] nominator (Control Unit)
Page 397 Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name p9547 SI Motion SSM (SGA n < n ) speed 36947 $MA_SAFE_VELO_X_HYSTERESIS hysteresis (CU) p9548 SI Motion SBR actual speed tolerance 36948 $MA_SAFE_STOP_VELO_TOL (Control Unit)
Page 398 Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name p9620 BI: SI signal source for STO (SH)/SBC/ SS1 (Control Unit) p9621 BI: SI Safe Brake Adapter signal source (Control Unit) p9622 SI SBA relay wait times (Control Unit) p9625...
Page 399 Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name r9730 SI Motion safe maximum velocity r9731 SI safe position accuracy r9733 SI CO: SI Motion effective setpoint speed limiting p9735 SI Motion diagnostics results list 3 p9736 SI Motion diagnostics results list 4...
Page 400 Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name p9801 SI enable safety functions (Motor Mod‐ ule) p9802 SI enable Safe Brake Control (Motor Module) p9810 SI PROFIsafe address (Motor Module) p9821 BI: SI Safe Brake Adapter signal source (Motor Module)
Page 401: Description Of Parameters
Data descriptions 9.2 Parameters for SINAMICS S120 Designators for SINAMICS S120 Checksum Equivalent MD for 840D sl Name Name p10218 SI Motion SBT test torque sign p10220 SI Motion SBT test torque factor se‐ quence 2 p10221 SI Motion SBT test duration sequence p10222 SI Motion SBT position tolerance se‐...
Page 402 Data descriptions 9.2 Parameters for SINAMICS S120 r0470[0...2] Redundant coarse position value valid bits Displays the valid bits of the redundant coarse position value. Checksum: Protection level: [0] = Encoder 1 [1] = encoder 2 [2] = encoder 3 See also: p9523 Unit: Default value: Minimum value:...
Page 403 Data descriptions 9.2 Parameters for SINAMICS S120 r0474[0...2] Redundant coarse position value configuration Displays the encoder configuration for the redundant coarse position value. Checksum: Protection level: [0] = Encoder 1 [1] = encoder 2 [2] = encoder 3 Bit array 00 up counter 1 signal, yes, 0 signal, no 01 encoder CRC least significant byte to start...
Page 404 Data descriptions 9.2 Parameters for SINAMICS S120 r0979[0..30] PROFIdrive encoder format / PD encoder format Displays the position actual value encoder that is being used according to PROFI‐ Checksum: Protection level: drive. [0] = header [1] = type, encoder 1 [2] = resolution, encoder 1 [3] = shift factor G1_XIST1 [4] = shift factor G1_XIST2...
Page 405 Data descriptions 9.2 Parameters for SINAMICS S120 p1135[0...n] OFF3 ramp-down time Sets the ramp down time from the maximum velocity to standstill for the OFF3 Checksum: Protection level: command. Note: This time can be exceeded if the maximum the DC link voltage is reached. Unit: Default value: Minimum value:...
Page 406 Data descriptions 9.2 Parameters for SINAMICS S120 p1227 Standstill detection monitoring time Sets the monitoring time for standstill detection. Checksum: Protection level: When braking with OFF1 or OFF3, standstill is detected after this time has expired, after the setpoint speed p1226 has been fallen below (also see p1145). The brake control is then started, the system waits for the closing time in p1217 and the pulses are canceled.
Page 407 Data descriptions 9.2 Parameters for SINAMICS S120 p2003 Reference force Setting the reference quantity for forces. Checksum: Protection level: All of the torques specified as relative value refer to this reference quantity. The reference variable corresponds to 100% or 4000 hex (word) or 4000 0000 hex (double word).
Page 408 Data descriptions 9.2 Parameters for SINAMICS S120 The Safety Integrated monitoring clock cycle is, just like all other SI drive parameters, a drive- specific monitoring clock cycle. However, different SI monitoring clock cycles within a drive system are not supported. p9501 SI Motion enable safe functions (Control Unit) Sets the enable signals for the safety-related motion monitoring functions...
Page 409 Data descriptions 9.2 Parameters for SINAMICS S120 p9503 SI Motion SCA (SN) enable (Control Unit) Setting to enable function "Safe Cams " (SCA). Checksum: Protection level: Bit signal name 00 enable SCA1 (SN1) 01 enable SCA2 (SN2) 02 enable SCA3 (SN3) 03 enable SCA4 (SN4) 04 enable SCA5 (SN5) 05 enable SCA6 (SN6)
Page 410 Data descriptions 9.2 Parameters for SINAMICS S120 checked during booting and where relevant C01681 ("SI Motion: Monitoring function not supported") is output with fault value 2. p9505 SI Motion SP modulo value (Control Unit) Sets the modulo range for rotary axes for the "Safe position" function. Checksum: Protection level: Unit:...
Page 411 Data descriptions 9.2 Parameters for SINAMICS S120 p9515 SI Motion coarse position value configuration (CU) Sets the encoder configuration for the redundant coarse position value Checksum: Protection level: The encoder, which is used for safe motion monitoring on the Control Unit must be parameterized in this parameter.
Page 412 Data descriptions 9.2 Parameters for SINAMICS S120 The information whether a 1-encoder system or 2-encoder system is not included in this parameter. This is derived from the parameter p9526 "SI Motion encoder assignment control". p9517 SI Motion linear scale grid division (Control Unit) Sets the grid division for a linear encoder.
Page 413 Data descriptions 9.2 Parameters for SINAMICS S120 Sets the fine resolution in bits of incremental position actual values for the PROFIBUS encoder interface. Corresponds to p0418. p9520 SI Motion leadscrew pitch (Control Unit) Sets the ratio between the encoder and load in mm/rev for a linear axis with rotary Checksum: Protection level: encoder.
Page 414 Data descriptions 9.2 Parameters for SINAMICS S120 p9522[0...7] SI Motion gearbox encoder (motor) / load denominator (Control Unit) Sets the numerator for the gear between the encoder (or motor for encoderless Checksum: Protection level: monitoring functions) and load. The actual gearbox stage can be switched over via PROFIsafe.
Page 415 Data descriptions 9.2 Parameters for SINAMICS S120 p9525 SI Motion redundant coarse position value relevant bits (CU) Sets the number of relevant bits for the redundant coarse position value. Checksum: Protection level: The encoder, which is used for safe motion monitoring on the Control Unit must be parameterized in this parameter.
Page 416 Data descriptions 9.2 Parameters for SINAMICS S120 p9530 SI Motion standstill tolerance (Control Unit) Sets the tolerance for the "Safe Operating Stop" function (SOS). Checksum: Protection level: See also: C01707 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness: FloatingPoint32 POWER ON p9531[0...3]...
Page 417 Data descriptions 9.2 Parameters for SINAMICS S120 p9534[0...1] SI Motion SLP (SE) upper limit values (Control Unit) Sets the upper limit values for the "Safely-Limited Position" function (SLP). Checksum: Protection level: Index: [0] = limit value SLP1 (SE1) [1] = limit value SLP2 (SE2) See also: p9501, p9535, p9562 and C01715 For the setting of these limit values, the following applies: p9534[x] >...
Page 418 Data descriptions 9.2 Parameters for SINAMICS S120 p9536[0...29] SI Motion SCA (SN) plus cam position (Control Unit) Sets the plus cam position for the "Safe Cam" function (SCA). Checksum: Protection level: Index: [0] = cam position SCA1 (SN1) [1] = cam position SCA2 (SN2) [2] = cam position SCA3 (SN3) [3] = cam position SCA4 (SN4) [4] = cam position SCA5 (SN5)
Page 419 Data descriptions 9.2 Parameters for SINAMICS S120 p9537[0...29] SI Motion SCA (SN) minus cam position (Control Unit) Sets the minus cam position for the "Safe Cam" function (SCA). Checksum: Protection level: Index: [0] = cam position SCA1 (SN1) [1] = cam position SCA2 (SN2) [2] = cam position SCA3 (SN3) [3] = cam position SCA4 (SN4) [4] = cam position SCA5 (SN5)
Page 420 Data descriptions 9.2 Parameters for SINAMICS S120 p9538[0...29] SI Motion SCA (SN) cam track assignment (Control Unit) Assigns the individual cams to a maximum of 4 cam tracks, and defines the nu‐ Checksum: Protection level: merical value for the SGA "cam range". p9538[0...29] = CBA dec C = assigns the cam to the cam track.
Page 421 Data descriptions 9.2 Parameters for SINAMICS S120 p9538[0...29] SI Motion SCA (SN) cam track assignment (Control Unit) [16] = track assignment SCA17 [17] = track assignment SCA18 [18] = track assignment SCA19 [19] = track assignment SCA20 [20] = track assignment SCA21 [21] = track assignment SCA22 [22] = track assignment SCA23 [23] = track assignment SCA24...
Page 422 Data descriptions 9.2 Parameters for SINAMICS S120 p9538[0...29] SI Motion SCA (SN) cam track assignment (Control Unit) Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness: [0] 100 Unsigned32 POWER ON [1] 101 [2] 102 [3] 103 [4] 104 [5] 105 [6] 106 [7] 107...
Page 423 Data descriptions 9.2 Parameters for SINAMICS S120 p9542 SI Motion actual value comparison tolerance (crosswise) (Control Unit) Sets the tolerance for the crosswise comparison of the actual position between the Checksum: Protection level: two monitoring channels See also: C01711 For a linear axis, the tolerance is internally limited to 10 mm. The default setting of p9542 corresponds, for a configuration for "linear axis with rotary motor"...
Page 424 Data descriptions 9.2 Parameters for SINAMICS S120 p9547 SI Motion SSM (SGA n < n ) speed hysteresis (CU) Sets the speed hysteresis for the SSM feedback signal to detect standstill (n < n Checksum: Protection level: See also: C01711 The velocity hysteresis is only effective when the function has been enabled (p9501.16 = 1).
Page 425 Data descriptions 9.2 Parameters for SINAMICS S120 p9552 SI Motion transition time STOP C to SOS (SBH) (Control Unit) Sets the transition time from STOP C to "Safe Operating Stop" (SOS). Checksum: Protection level: The set time is internally rounded off to an integer multiple of the monitoring clock cycle (p9500/p9300).
Page 426 Data descriptions 9.2 Parameters for SINAMICS S120 p9557 SI Motion STO test time (Control Unit) Sets the time where, after initiating the test stop, STO must become active. Checksum: Protection level: See also: C01798 The set time is internally rounded off to an integer multiple of the monitoring clock cycle (p9500/p9300).
Page 427 Data descriptions 9.2 Parameters for SINAMICS S120 p9561 SI Motion SLS (SG) stop response (Control Unit) Sets the stop response for the "Safely-Limited Speed" function (SLS). Checksum: Protection level: This setting applies to all SLS limit values. An input value of less than 5 signifies protection for personnel, from 10 and on‐ wards, machine protection.
Page 428 Data descriptions 9.2 Parameters for SINAMICS S120 p9563[0...3] SI Motion SLS(SG)-specific stop response (Control Unit) Sets the SLS-specific stop response for the "Safely-Limited Speed" function (SLS). Checksum: Protection level: These settings apply to the individual limit values for SLS. An input value of less than 5 signifies protection for personnel, from 10 and on‐ wards, machine protection.
Page 429 Data descriptions 9.2 Parameters for SINAMICS S120 p9569 SI Motion transition time to SOS after standstill (Control Unit) Sets the transition time to SOS after standstill. Checksum: Protection level: If, when transitioning to SOS, standstill is detected, (p9567), then SOS becomes active at the latest after this transition time.
Page 430 Data descriptions 9.2 Parameters for SINAMICS S120 r9590[0..3] SI Motion version safe motion monitoring functions (Control Unit) Displays the Safety Integrated version for safe motion monitoring functions on the Checksum: Protection level: Control Unit. [0] = safety version (major release) [1] = safety version (minor release) [2] = safety version (baselevel or patch) [3] = safety version (hotfix)
Page 431 Data descriptions 9.2 Parameters for SINAMICS S120 It is permissible to simultaneously enable the safety functions integrated in the drive (p9601/ p9801 < > 0) and the motion monitoring functions (p9501 < > 0). See also: p9801 p9602 SI enable Safe Brake Control (Control Unit) Sets the enable signal for the function Safe Brake Control (SBC) on the Control Checksum: Protection level:...
Page 432 Data descriptions 9.2 Parameters for SINAMICS S120 p9621 BI: SI Safe Brake Adapter signal source (Control Unit) Sets the signal source for the Safe Brake Adapter (SBA). Checksum: Protection level: This therefore defines via which digital input the Safe Brake Adapter checkback signal (SBA_DIAG) is read in.
Page 433 Data descriptions 9.2 Parameters for SINAMICS S120 p9625[0...1] SI HLA shutoff valve wait time (CU) Sets the wait times for switching on and switching off the shutoff valve. Checksum: Protection level: The valve-specific minimum wait times to evaluate the feedback signal contacts must be set.
Page 434 Data descriptions 9.2 Parameters for SINAMICS S120 p9651 SI STO/SBC/SS1 debounce time (Control Unit) Setting the debounce time for the Failsafe Digital Inputs to control STO/SBC/SS1. Checksum: Protection level: The debounce time is rounded-off to whole milliseconds. It specifies the maximum duration of a fault pulse at the Failsafe Digital Inputs with no associated reaction on the selection or deselection of the Safety Basic functions.
Page 435 Data descriptions 9.2 Parameters for SINAMICS S120 p9653 SI Safe Stop 1 drive-based braking response Sets the braking response integrated in the drive for the "Safe Stop 1" (SS1) func‐ Checksum: Protection level: tion. Value: 0: SS1 with OFF3 Value 1: SS1E external stop Note: SS1: Safe Stop 1 (safe stop 1, corresponds to stop Category 1 according to EN60204)
Page 436 Data descriptions 9.2 Parameters for SINAMICS S120 r9660 SI forced checking procedure remaining time Displays the remaining time until the forced checking procedure and testing the Checksum: Protection level: safety switch-off signal paths. See also: A01699 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness:...
Page 437 Data descriptions 9.2 Parameters for SINAMICS S120 General diagnostic parameters on the CU r9710[0...1] SI Motion, diagnostics result list 1 Displays result list 1 which led to an error for a crosswise data comparison between Checksum: Protection level: the two monitoring channels. [0]: Result list second channel [1]: Result list, drive Bit 00: Actual value >...
Page 438 Data descriptions 9.2 Parameters for SINAMICS S120 r9710[0...1] SI Motion, diagnostics result list 1 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness: Unsigned32 Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 439 Data descriptions 9.2 Parameters for SINAMICS S120 r9711[0...1] SI Motion diagnostics results list 2 Displays result list 2, which led to an error between the two monitoring channels Checksum: Protection level: for a crosswise data comparison. [0]: Result list second channel [1]: Result list, drive Bit 00 actual value >...
Page 440 Data descriptions 9.2 Parameters for SINAMICS S120 r9711[0...1] SI Motion diagnostics results list 2 See also: C01711 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness: Unsigned32 r9712 CO: SI Motion diagnostics position actual value motor side Displays the position actual value on the motor side for the motion monitoring Checksum: Protection level: functions on the Control Unit.
Page 441 Data descriptions 9.2 Parameters for SINAMICS S120 r9714[0...2] SI Motion diagnostics speed actual value load side Displays the actual load side speed value for the motion monitoring functions on Checksum: Protection level: the Control Unit. [0] = load side actual velocity value on the Control Unit [1] = actual SAM/SBR velocity limit on the Control Unit See also: For a linear axis, the following units apply: Millimeters per minute...
Page 442 Data descriptions 9.2 Parameters for SINAMICS S120 r9719.0...31 CO/BO: SI Motion, control signals 2 Control signals 2 for the safe motion monitoring functions. Checksum: Protection level: Bit signal name 00 deselect SOS/SLS (SBH/SG) 1 signal: Yes, 0 signal: No 01 deselect SOS (SBH) 1 signal: Yes, 0 signal: No 03 select SLS (SG) bit 0 1 signal: Set, 0 signal: Not set...
Page 443 Data descriptions 9.2 Parameters for SINAMICS S120 r9719.0...31 CO/BO: SI Motion, control signals 2 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness: Unsigned32 r9721.0...15 CO/BO: SI Motion, status signals Status signals for the safety motion monitoring functions. Checksum: Protection level: Bit signal name 00 SOS or SLS active...
Page 444 Data descriptions 9.2 Parameters for SINAMICS S120 r9725[0...2] SI Motion, diagnostics STOP F Displays the message value that resulted in a STOP F on the drive. Checksum: Protection level: Value = 0: STOP F was signaled from the Control Unit. Value = 1 ...
Page 445 Data descriptions 9.2 Parameters for SINAMICS S120 r9728[0...2] SI Motion actual checksum SI parameters Displays the checksum over the checked Safety Integrated parameters of the mo‐ Checksum: Protection level: tion monitoring functions (actual checksum). [0]: Checksum over SI parameters for motion monitoring [1]: Checksum over SI parameters for actual values [2] = Checksum over SI parameters for HW See also: p9729 and F01680...
Page 446 Data descriptions 9.2 Parameters for SINAMICS S120 r9732[0...1] SI Motion velocity resolution Displays the velocity resolution for the safe motion monitoring functions. Checksum: Protection level: For index 0: Displays the safe velocity resolution (load side). Specifications of velocity limits or parameter changes for velocities below this threshold have no effect.
Page 447 Data descriptions 9.2 Parameters for SINAMICS S120 r9747[0...63] SI message code Displays the number of the safety messages that have occurred. Checksum: Protection level: See also r9744, r9748, r9749, r9754, p9752, r9753, r9754, r9755, r9756, r9759 "Safety message" (Cxxxxx) type messages are entered in the safety message buffer.
Page 448 Data descriptions 9.2 Parameters for SINAMICS S120 p9752 SI message cases, counter Number of safety message cases that have occurred since the last reset. The Checksum: Protection level: safety message buffer is cleared by resetting the parameter to 0. See also r9745, r9748, r9749, r9754, r9755, r9756 Unit: Default value: Minimum value:...
Page 449 Data descriptions 9.2 Parameters for SINAMICS S120 p9762 SI password new Enters a new Safety Integrated password. If the Safety Integrated password is Checksum: Protection level: changed it must be acknowledged in the following parameter: See also: p9763 Unit: Default value: Minimum value: Maximum value: Data type:...
Page 450 Data descriptions 9.2 Parameters for SINAMICS S120 r9771 SI common functions (Control Unit) Displays the Safety Integrated monitoring functions supported on the Control Unit Checksum: Protection level: and Motor Module. The Control Unit determines this display. Bit 00: STO via terminals is supported 1 signal: Yes, 0 signal: No Bit 01: SBC supported 1 signal: Yes, 0 signal: No...
Page 451 Data descriptions 9.2 Parameters for SINAMICS S120 r9774.0...31 CO/BO: SI status (group STO) Displays the status for Safety Integrated of the group to which this drive belongs. Checksum: Protection level: This signals are an AND logic operation of the individual status signals of the drives included in this group Bit 00: STO selected in the group 1 signal: Yes, 0 signal: No...
Page 452 Data descriptions 9.2 Parameters for SINAMICS S120 r9776 SI diagnostics The parameter is used for diagnostics. Checksum: Protection level: Bit 00: Safety parameter changed, POWER ON required 1 signal: Yes, 0 signal: No Bit 01: Safety functions enabled 1 signal: Yes, 0 signal: No Bit 02: Safety component replaced and save necessary 1 signal: Yes, 0 signal: No Bit 03: Safety component replaced and acknowledgment/save required...
Page 453 Data descriptions 9.2 Parameters for SINAMICS S120 r9782[0...1] SI change monitoring time stamp (Control Unit) Displays the time stamp for the checksums for tracking changes to Safety Integra‐ Checksum: Protection level: ted. The time stamps for the checksums for tracking changes (fingerprint for the "Safety logbook"...
Page 454 Data descriptions 9.2 Parameters for SINAMICS S120 p9799 SI reference checksum SI parameters (Control Unit) Sets the checksum over the checked Safety Integrated parameters on the Control Checksum: Protection level: Unit (reference checksum). The actual checksum (r9798) calculated by the CU must be entered into the refer‐ ence checksum p9799.
Page 455 Data descriptions 9.2 Parameters for SINAMICS S120 It is permissible to simultaneously enable the safety functions integrated in the drive (p9601/ p9801 < > 0) and the motion monitoring functions (p9501 < > 0). p9802 SI enable Safe Brake Control (Motor Module) Sets the enable signal for the "Safe Brake Control"...
Page 456 Data descriptions 9.2 Parameters for SINAMICS S120 p9821 BI: SI Safe Brake Adapter signal source (Motor Module) Sets the signal source for the Safe Brake Adapter (SBA). Checksum: Protection level: This therefore defines via which digital input the Safe Brake Adapter checkback signal (SBA_DIAG) is read in.
Page 457 Data descriptions 9.2 Parameters for SINAMICS S120 p9825[0...1] SI HLA shutoff valve wait time (MM) Sets the wait times for switching on and switching off the shutoff valve. Checksum: Protection level: The valve-specific minimum wait times to evaluate the feedback signal contacts must be set.
Page 458 Data descriptions 9.2 Parameters for SINAMICS S120 p9850 SI SGE switchover discrepancy time (Motor Module) Sets the discrepancy time to changeover the safety-related inputs (SGE) on the Checksum: Protection level: Motor Module/Hydraulic Module. Because of the different runtimes of the two monitoring channels, an SIS switch‐ over is not effective at the same time.
Page 459 Data descriptions 9.2 Parameters for SINAMICS S120 p9858 SI transition time STOP F to STOP A (Motor Module) Sets the transition period from STOP F to STOP A on the Motor Module/Hydraulic Checksum: Protection level: Module. See also: p9658, r9895 and F30611 For a crosswise data comparison between p9658 and p9858, a difference of one safety monitoring clock cycle is tolerated.
Page 460 Data descriptions 9.2 Parameters for SINAMICS S120 r9871 SI common functions (Motor Module) Displays the Safety Integrated monitoring functions supported on the Control Unit Checksum: Protection level: and Motor Module. The Motor Module/Hydraulic Module determines this display. Bit 00: STO via terminals is supported 1 signal: Yes, 0 signal: No Bit 01: SBC is supported 1 signal: Yes, 0 signal: No...
Page 461 Data descriptions 9.2 Parameters for SINAMICS S120 r9872.0...24 CO/BO: SI status (Motor Module) Displays the Safety Integrated status on the Motor Module/Hydraulic Module. Checksum: Protection level: Bit 00: STO selected on Motor Module 1 signal: Yes, 0 signal: No Bit 01: STO active on Motor Module 1 signal: Yes, 0 signal: No Bit 02: SS1 delay time active on the Motor Module 1 signal: Yes, 0 signal: No...
Page 462 Data descriptions 9.2 Parameters for SINAMICS S120 r9880 SI monitoring cycle (Motor Module) Displays the clock cycle time for the Safety Integrated Basic Functions on the Motor Checksum: Protection level: Module/Hydraulic Module. See also: r0110, p0115, r9780 Unit: Default value: Minimum value: Maximum value: Data type:...
Page 463 Data descriptions 9.2 Parameters for SINAMICS S120 r9895 SI diagnostics, STOP F (Motor Module) Displays the number of the cross-checked data, which has caused STOP F on the Checksum: Protection level: Motor Module/Hydraulic Module. See also: r9795 and F30611 The complete list of numbers for the crosswise compared data is listed in fault F30611.
Page 464 Data descriptions 9.2 Parameters for SINAMICS S120 The actual checksum (r9898) calculated by the MM must be entered into the reference checksum p9899. This therefore acknowledges the safety commissioning on the Motor Module. p10201 SI Motion SBT enable Setting to enable the Safe Brake Test. Checksum: Protection level: Bit 00: Enables the Safe Brake Test...
Page 465 Data descriptions 9.2 Parameters for SINAMICS S120 p10204 SI Motion SBT motor type Selecting the motor type for the Safe Brake Test Checksum: Protection level: 0: Rotary 1: Linear See also: F01787 Note: The following applies to safety-related functions that have not been enabled (p9501 = 0): When powering-up, p10204 is automatically set the same as r0108.12.
Page 466 Data descriptions 9.2 Parameters for SINAMICS S120 p10210[0...1] SI Motion SBT test torque factor sequence 1 Sets the factor for the test torque of sequence 1 for the Safe Brake Test. Checksum: Protection level: The factor is referred to the brake holding torque (p10209). 0: Brake 1 1: Brake 2 See also: p10209, p10235...
Page 467 Data descriptions 9.2 Parameters for SINAMICS S120 p10220[0...1] SI Motion SBT test torque factor sequence 2 Sets the factor for the test torque of sequence 2 for the Safe Brake Test. Checksum: Protection level: The factor is referred to the brake holding torque (p10209). 0: Brake 1 1: Brake 2 See also: p10209, p10230, p10235...
Page 468 Data descriptions 9.2 Parameters for SINAMICS S120 p10230[0...5] SI Motion SBT control word Sets the signal sources for the Safe Brake Test control word. Checksum: Protection level: This parameter is only applicable for "SBT via BICO" (p10203 = 1). [0] = select brake test [1] = start brake test [2] = select brake [3] = test torque select sign...
Page 469 Data descriptions 9.2 Parameters for SINAMICS S120 r10231 SI Motion SBT control word diagnostics Displays the diagnostic bits for the Safe Brake Test control word. Checksum: Protection level: Bit signal name 00 select brake test 1 signal: Yes, 0 signal: No 01 start brake test 1 signal: Yes, 0 signal: No 02 select brake...
Page 470 Data descriptions 9.2 Parameters for SINAMICS S120 p10234.0...15 CO/BO: SI Safety Information Channel status word S_ZSW3B Display and BICO output for status word S_ZSW3B of the Safety Information Checksum: Protection level: Channel. Bit signal name 00 brake test selected 1 signal: Yes, 0 signal: No 01 setpoint input drive/external 1 signal: Drive, 0 signal: External 02 active brake...
Page 471 Data descriptions 9.2 Parameters for SINAMICS S120 r10240 SI Motion SBT load torque diagnostics Displays the load torque for the Safe Brake Test. Checksum: Protection level: This load torque is available at the drive when initializing the brake test. Note The displayed value is kept until the brake test is deselected.
Page 472 Data descriptions 9.2 Parameters for SINAMICS S120 p10250 CI: SI Safety Control Channel control word S_STW1B Sets the signal source for control word S_STW1B of the Safety Control Channel. Checksum: Protection level: See also: p10203, r10251 Unit: Default value: Minimum value: Maximum value: Data type: Effectiveness:...
Page 473: Nck-Md That Are Read From Safety Integrated
Data descriptions 9.4 Drive parameters that are read from the NCK-SI NCK-MD that are read from Safety Integrated The safety software reads the following NCK machine data. To a large extent, these machine data are not calculated into the checksums, as they do not have any direct safety-relevant significance, or as a consequence of changing this data, the safety-relevant data is changed, which in turn, is calculated into the checksum.
Page 474: Protecting Checksum
Data descriptions 9.5 Protecting checksum Parameter No. Meaning Stored in the NCK-MD Alarm when changing the MD value r9747[0] Message code r9748[0] Message time, received r9749[0] Message value p9810 PROFIsafe address SAFE_DRIVE_PS_ADDRESS 27035 r9881[0...11] Sensor Module Node Identifier SAFE_ENC_IDENT 27035 r0469[0,1,2] Resolution measuring steps for lin‐...
Page 475: Interface Signals
Data descriptions 9.6 Interface signals There are machine data fields, which are independent of one another, for these two machine data groups, in which the checksums are saved. These two groups are subdivided into various machine data, which in turn are used to calculate independent checksums.
Page 476: Interface Signals For Sinumerik 840D Sl
SGE and SGA in both the NCK monitoring channel and the drive monitoring channel. Unused SGE must be set to a defined state. 9.6.1 Interface signals for SINUMERIK 840D sl Table 9-3 Interface signals for 840D sl DB 31...
Page 477: Description Of The Interface Signal
Data descriptions 9.6 Interface signals DB 31... Signals from/to the drive DBB 108 Axis safely Communi‐ Fault, data Pulses can‐ Communi‐ SBH/SG ac‐ referenced cation fail‐ transfer celled sta‐ cation fail‐ tive ure not ac‐ knowl‐ edged DBB 109 SN4 - SN4 + SN3 - SN3 +...
Page 478 Data descriptions 9.6 Interface signals SGE, SBH/SG deselection, SBH deselection The SBH and SG functions are selected/deselected using these signals. Meaning SBH/SG deselection SBH deselection SBH and SG are deselected SBH is selected SG is selected x: Signal state is optional SGE SG selection, bits 1, 0 By combining these signals when the SG function is activated it is possible to select the speed limit value for SG1, 2, 3 or 4.
Page 479 Data descriptions 9.6 Interface signals An override factor of between 1 and 100% can be assigned to the selected override using the following machine data: For 840D sl: MD36932 $MA_SAFE_VELO_OVR_FACTOR[n] For SINAMICS S120: p9532[n]: SI Motion, override factor SGE test stop selection This signal is used to initiate the switch-off signal path test for the drive monitoring channel (see Chapter "Switch-off signal paths (Page 103)").
Page 480 Data descriptions 9.6 Interface signals 0 signal: "Pulse cancellation" is requested 1 signal: "Pulse cancellation" is not requested SGE deselect ext. STOP C This SGE requests "braking with n = 0" (braking along the OFF3 down ramp). When this stopping type is initiated, the safe monitoring of the acceleration (SBR) is activated. In addition, the timer set using MD36952/p9552: $MA_SAFE_STOP_SWITCH_TIME_C / "SI Motion transition time STOP C to SBH"...
Page 481 Data descriptions 9.6 Interface signals After this time has elapsed, the system automatically changes over to SBH. If a stop request is active, SGA "STOP E is active" is set in the same way as it would be for an internally triggered STOP E. 0 signal: "Stop/retraction"...
Page 482 Data descriptions 9.6 Interface signals Bit 0 Bit 1 Active setpoint limiting factor SAFE_DES_VELO_LIMIT2 SAFE_DES_VELO_LIMIT3 "Axis is SI axis" status signal DB3x.DBX70.4: "NCK Safety Integrated active" Description of signals from the monitoring channel The individual signals that are transferred from the monitoring channel are listed in the following.
Page 483 Data descriptions 9.6 Interface signals SGA SN1+, SN1-, SN2+, SN2-, SN3+, SN3-, SN4+, SN4- These signals are used to indicate which of the plus or minus cams of cam pair 1, 2, 3 or 4 is "actuated". 0 signal: Axis/spindle is located to the left of the cam (actual value < cam position) 1 signal: Axis/spindle is located to the right of the cam (actual value >...
Page 484 Data descriptions 9.6 Interface signals SGA STOP C is active This signal indicates that STOP C is active. The signal must be used for the forced checking procedure for external STOPs. 0 signal: STOP C is not active 1 signal: STOP C is active SGA STOP D is active This signal indicates that STOP D is active.
Page 485 Data descriptions 9.6 Interface signals WARNING Functions SBH, SG, SE, SN A STOP F (displayed using Alarms 27001, 27101 and onwards or F01711) only results in a subsequent STOP B/A response, if at least one of the safety-related functions SBH, SG, SE, SN or n<n synchronization is active or selected.
Page 486: Plc Data Block (Db18)
Data descriptions 9.6 Interface signals Fault, data transfer This signal is used to diagnose the cause for the set signal "communication error". 1 signal: There is a CRC error 0 signal: There is no CRC error Acknowledgment, communication failure It is possible to acknowledge faults that are displayed via the "communication failure" bit using the "acknowledgment communication failure"...
Page 487 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL DBB1 OUTSEPValid (valid bit) DBB 2 8th output 7th output 6th output 5th output 4th output 3rd output 2nd output 1st output byte byte byte byte byte byte byte byte DBB 3 INSEP_ADDR (address 1st input byte) DBW4...
Page 488 Data descriptions 9.6 Interface signals Note DBB0-35 is not relevant for SINUMERIK 840D sl. Data area/errors DB18 Signals for safety SPL Data block PLC → NCK interface Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2...
Page 489 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL 78...81 SPL_DELTA.INSEP[33 ...64] 82...85 SPL_DELTA.OUTSEP[1 ...32] DBB 86 SPL_DELTA.OUTSEP[33 ...64] 90...93 SPL_DELTA.INSIP[1 ...32] 94...97 SPL_DELTA.INSIP[33 ...64] 98...101 SPL_DELTA.OUTSIP[1 ...32] 102...105 SPL_DELTA.OUTSIP[33 ...64] 106...109 SPL_DELTA.MARKERSIP[1 ...32] 110...113 SPL_DELTA.MARKERSIP[33 ...64] 114...117 DBB 118 CMDSI DBB 119 NCK sig‐...
Page 490 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL PLCSIOUT[1 ...8] From NCK DBB128 PLCSIOUT[9 ...16] From NCK DBB129 PLCSIOUT[17 ..24] From NCK DBB130 PLCSIOUT[25 ...32] From NCK DBB131 PLCSIIN[1 ...8] to the NCK DBB132 PLCSIIN[9 ...16] to the NCK DBB133 PLCSIIN[17 ...24] to the NCK...
Page 491 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL DBB157 DBB158 DBB188 F_SENDDP (sender) DB18 F_SENDDP 1...3 Data block PLC → NCK interface Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 DBW190 FSDP[1].ERR_REAC DBB192...
Page 492 Data descriptions 9.6 Interface signals DB18 F_SENDDP 1...3 DBW216 FSDP[3].RETVAL14 DBW218 FSDP[3].RETVAL15 DB18 F_SENDDP 4...16 Data block PLC → NCK interface Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 DBW448 FSDP HF[4].ERR_REAC DBB450 FSDP FSD HF[4].
Page 493 Data descriptions 9.6 Interface signals DB18 F_SENDDP 4...16 DBW574 FSDP_HF[16].RETVAL14 DBW576 FSDP_HF[16].RETVAL15 F_RECVDP (receiver) DB18 F_RECVDP 1...3 Data block PLC → NCK interface Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 DBB220 FRDP[1].
Page 494 Data descriptions 9.6 Interface signals DB18 F_RECVDP 1...3 DBB244 FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. SUBS[7] SUBS[6] SUBS[5] SUBS[4] SUBS[3] SUBS[2] SUBS[1] SUBS[0] DBB245 FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. FRDP[3]. SUBS[15] SUBS[14] SUBS[13] SUBS[12] SUBS[11] SUBS[10] SUBS[9] SUBS[8] DBW246...
Page 495 Data descriptions 9.6 Interface signals DB18 F_RECVDP 4...16 DBW584 FRDP HF[4].DIAG DBW586 FRDP HF[4].RETVAL14 DBW588 FRDP HF[4].RETVAL15 DBB590 FRDP FRDP FRDP FRDP FRDP FRDP FRDP FRDP HF[5]. HF[5]. HF[5]. HF[5]. HF[5]. HF[5]. HF[5]. HF[5]. SUBS[7] SUBS[6] SUBS[5] SUBS[4] SUBS[3] SUBS[2] SUBS[1] SUBS[0] DBB591...
Page 496 Data descriptions 9.6 Interface signals Data area / errors (extended data area) DB18 Signals for safety SPL Data block PLC → NCK interface Byte Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 DBB272...
Page 497 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL DBB328... SPL_DATA_HF.OUTSIP[129...160] DBB332... SPL_DATA_HF.OUTSIP[161...192] DBB336... SPL_DATA_HF.MARKERSIP[65...96]... DBB340... SPL_DATA_HF.MARKERSIP[97...128] DBB344... SPL_DATA_HF.MARKERSIP[129...160] DBW348.. SPL_DATA_HF.MARKERSIP[161...192] .351 Difference in signal level NCK - PLC for diagnostics DBB352... SPL_DELTA_HF.INSEP[65...96] DBB356... SPL_DELTA_HF.INSEP[97...128] DBB360... SPL_DELTA_HF.INSEP[129...160] DBB364... SPL_DELTA_HF.INSEP[161...192] DBB368...
Page 498 Data descriptions 9.6 Interface signals DB18 Signals for safety SPL DBB392... SPL_DELTA_HF.INSIP[129...160] DBB396... SPL_DELTA_HF.INSIP[161...192] DBB400... SPL_DELTA_HF.OUTSIP[65...96] DBB404... SPL_DELTA_HF.OUTSIP[97...128] DBB408... SPL_DELTA_HF.OUTSIP[129...160] DBB412... SPL_DELTA_HF.OUTSIP[161...192] DBB416... SPL_DELTA_HF.MARKERSIP[65...96] DBB420... SPL_DELTA_HF.MARKERSIP[97...128] DBB424... SPL_DELTA_HF.MARKERSIP[129...160] DBB428... SPL_DELTA_HF.MARKERSIP[161...192] Additional data areas (extended data area) DB 18 Signals for safety SPL Data block PLC →...
Page 499 Data descriptions 9.6 Interface signals DB 18 Signals for safety SPL From NCK PLCSIOUT_HF[89...96] DBB439 From NCK PLCSIIN_HF[33...40] DBB440 From NCK PLCSIIN_HF[41...48) DBB441 From NCK PLCSIIN_HF[49...56] DBB442 From NCK PLCSIIN_HF[57...64] DBB443 From NCK PLCSIIN_HF[65...72] DBB444 From NCK PLCSIIN_HF[73...80] DBB445 From NCK PLCSIIN_HF[81...88] DBB446 From NCK...
Page 500 Data descriptions 9.6 Interface signals Table 9-4 Overview of DB18 signals DB18 Type Value range Remark Signal Parameterization part INSEP_VALID[1..8] Bool Address, input byte (no significance) OUTSEP_VALID[1..8] Bool Address, output byte (no significance) INSEP_ADDR[1..8] 1..EB max Address, input byte (no significance) OUTSEP_ADDR[1..8] 1..AB max Address, output byte...
Page 501 Data descriptions 9.6 Interface signals DB18 Type Value range Remark Signal PLCSIIN[1 ..32] Bool Single-channel signals from the PLC to NCK PLCSIOUT[1 ..32] Bool Single-channel signals from the NCK to the PLC SPL_STATUS Bool Status signals from NCK to PLC INSEP_PROFISAFE Bool 0 = no assignment from PROFIsafe F modules to INSEP...
Page 502 Data descriptions 9.6 Interface signals DB18 Type Value range Remark Signal FRDP[1..3].ERR_REAC 0, 1, 2, 3 0 = Alarm 27350 + Stop D/E FRDP_HF[4..16].ERR_ 1 = Alarm 27350 REAC 2 = Alarm 27351 (only display, self-clearing) 3 = no system response FRDP[1..3].ACK_REI Bool TRUE/FALSE...
Page 503: Axis Signals: Safety Control Channel (Scc) / Safety Information Channel (Sic)
Data descriptions 9.6 Interface signals DB18 Type Value range Remark Signal SPL_DATA_HF.IN‐ Bool External PLC input for the SPL user data SEP[65...192] SPL_DATA_HF.OUT‐ Bool External PLC input for the SPL user data SEP[ 65...192] SPL_DATA_HF.IN‐ Bool Internal PLC input for the SPL user data SIP[65...192] SPL_DATA_HF.OUT‐...
Page 504: System Variable
2 put during Test (SBT) tive sign SBT in the drive DBB174 ...DBB187 System variable 9.7.1 System variable for SINUMERIK 840D sl System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action...
Page 505 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $AA_IM[axis] Actual MCS setpoint of an axis Axis identifier DOUBLE GEOAX CHANAX MACHAX SPINDLE $VA_IM[axis] Encoder actual value in the ma‐ Axis identifier DOUBLE chine coordinate system...
Page 506 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_INSED[n] NCK inputs n = 1, 2, ...6 stands for the number of the double word (32 bit) $A_INSEP[n] Image of a PLC-SPL input from the n = 1, 2, ...
Page 507 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_MARKER‐ Image of the PLC markers n = 1, 2, ...6 SIPD[n] stands for the number of the double word (32 bit) $A_TIMERSI[n] Timer...
Page 508 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_FRDP_SUBS[n] Those substitute values are speci‐ n = 1, ..., 16 fied, which are output to the SPL in stands for the certain states number of the F- RECVDP rela‐...
Page 509 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_STATSID Crosswise data comparison error Bit 0...5=1: CDC triggered if the value is not equal to error in I/O sig‐ nals, markers or dynamic data of the FSENDDP/ FRECVDP com‐...
Page 510 Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_XFAULTSI Bit 0=1: [0,3] In a crosswise data comparison be‐ tween NCK and drive of any partic‐ ular safety axis, an actual value er‐ ror was detected.
Page 511: Description Of The System Variables
Data descriptions 9.7 System variable System variable Meaning Value range Data type Possible access for Part Synchronized program action $A_PLCSIOUT[n] Single-channel direct communica‐ n = 1,2, ... 96 BOOL tion between NCK and PLC-SPL. Signals can be read by the PLC, written and read by the NCK.
Page 512 Data descriptions 9.7 System variable Difference between $VA_IS and $AA_IM Both variable $VA_IS and variable $AA_IM can be used to read actual values. Table 9-5 Difference between $VA_IS and $AA_IM Variable Meaning $VA_IS Reading the actual value used by SI $AA_IM For the actual value, instead of $AA_IM, variable $VA_IM should be used Reference: /PGA/, Programming Manual Job Planning...
Page 513 Data descriptions 9.7 System variable Information about Safety Integrated Stop F for this axis Bit 0 set: In the crosswise data comparison between NCK and drive an actual value error was detected. Bit 1 set: In the crosswise data comparison between NCK and drive - an error was detected and the delay time –...
Page 514 Data descriptions 9.7 System variable System variable $A_INSE[1...192] The system variables $A_INSE contain the input circuit of the NCK-SPL. System variable $A_INSED[1...6] Image of the safety input signals (external NCK interface). $A_INSED[1] corresponds to $A_INSE[1...32] $A_INSED[2] corresponds to $A_INSE[33...64] $A_INSED[3] corresponds to $A_INSE[65...96] $A_INSED[4] corresponds to $A_INSE[97...128] $A_INSED[5] corresponds to $A_INSE[129...160] $A_INSED[6] corresponds to $A_INSE[161...192]...
Page 515 Data descriptions 9.7 System variable N1020 IDS = 02 DO $A_OUTSI[36] = $A_INSI[1] These system variables can be read by the user program and written into by SAFE.SPF. System variables $A_OUTSID[1...6] The control signals of the NCK monitoring channel can be addressed in the NCK-SPL in a double-word-serial fashion using these system variables: $A_OUTSID[1] corresponds to $A_OUTSI[1...32] $A_OUTSID[2] corresponds to $A_OUTSI[33...64]...
Page 516 Data descriptions 9.7 System variable $A_MARKERSID[2] corresponds to $A_MARKERSI[33...64] $A_MARKERSID[3] corresponds to $A_MARKERSI[65...96] $A_MARKERSID[4] corresponds to $A_MARKERSI[97...128] $A_MARKERSID[5] corresponds to $A_MARKERSI[129...160] $A_MARKERSID[6] corresponds to $A_MARKERSI[161...192] System variables $A_TIMERSI[1...16] Up to sixteen timers can be programmed using these system variables. Programming example: ;...
Page 517 Data descriptions 9.7 System variable This means that signal differences between the NCK and PLC system variables can be tolerated for up to 10 seconds without Alarm 27090 being output. This system variable can be read and written into by the user program. System variable $A_LEVELSID This system variable is used to display the stack level of the signal change monitoring in the crosswise data comparison between NCK and PLC.
Page 518 Data descriptions 9.7 System variable Associated DB18 values: DB18.DBD62, DBD66 System variables $A_INSEP[1...192] Images of the PLC-side external SPL input signals (control signals to the PLC-SPL) can be read using these system variables. Associated DB18 values: DB18.DBX38.0 ... DBX45.7 ([1...64]) DB18.DBX272.0 ...
Page 519 Data descriptions 9.7 System variable System variables $A_PLCSIOUT[1..96] Single-channel direct communication between NCK and PLC-SPL. Signals can be read by the PLC and read and written by the NCK. System variable $AC_SAFE_SYNA_MEM Variable $AC_SAFE_SYNA_MEM contains the number of free synchronizing action elements Safety Integrated.
Page 520 Data descriptions 9.7 System variable System variable $A_FSDP_SUBS_ON The system variable is used to indicate that substitute values are output to the application at F_RECVDP (receiver). 0 = output of process values 1 = output of substitute values System variable $A_FSDP_DIAG This system variable is used to indicate the cause of the communication error determined by F_SENDDP.
Page 521 Data descriptions 9.7 System variable The user interface is set in all cases: $A_FRDP_ERROR = 1 $A_FRDP_SUBS_ON = 1 $A_FRDP_DIAG corresponding to the detected communication error SPL inputs $A_INSE corresponding to $A_FRDP_SUBS Whether initiated as fault response STOP D or STOP E, can be parameterized using: NCK: $MN_SAFE_SPL_STOP_MODE PLC: DB18.DBX36.1 Default value: After the control boots, initially, the values saved in MD...
Page 522 1: The F-CPU is in the deactivated safety mode 0: The F-CPU is in the safety mode Note For SINUMERIK 840D sl, the deactivated safety mode corresponds to the SPL commissioning mode ($MN_PREVENT_SYNACT_LOCK == 0 or DB18.DBX36.0 == 0). Note Write access operations to all named system variables are only possible from the program saved in program file /_N_CST_DIR/_N_SAFE_SPF reserved for the SPL.
Page 523: Commissioning
Commissioning 10.1 Alarms WARNING Replacing software/hardware After hardware and/or software components have been changed or replaced, it is only permissible to boot the system and activate the drives when the protective devices are closed. It is not permissible that personnel are present within the danger zone. It may be necessary to carry-out a new, partial or complete acceptance test depending on the requirement or replacement.
Page 524: Images Of The User Interface And Softkeys
Commissioning 10.2 Images of the user interface and softkeys 10.2 Images of the user interface and softkeys Configuring safety-related functions The "Commissioning" operating area is selected. Overview By pressing the "Safety" softkey, you go to the first overview screen "Safety operating mode: SINUMERIK Safety Integrated (SPL)".
Page 525 Commissioning 10.2 Images of the user interface and softkeys Figure 10-2 Overview: Safety operating mode: SINUMERIK Safety Integrated (SPL) You can go to the extended horizontal softkey bar by pressing softkey "<<" and the menu advance key ">" (overview 3). Figure 10-3 Overview: Safety operating mode: SINUMERIK Safety Integrated (SPL) Safety Integrated...
Page 526 Commissioning 10.2 Images of the user interface and softkeys The most important information about the active functions is displayed in the "Overview" window: ● Axis/drive All NC axes and drives in the system are displayed. ● Extended functions This column displays whether and if yes, which extended functions are used for this axis or this drive.
Page 527 Commissioning 10.2 Images of the user interface and softkeys Details Figure 10-4 Detail view The most important detailed information about the active safety functions is displayed in the "Overview - Details" window: ● Extended Functions: For Extended Functions, the settings from parameter p9501 are evaluated and displayed for enabled functions.
Page 528 Commissioning 10.2 Images of the user interface and softkeys Settings You can select the safety functions by pressing softkey "Settings" (Fig. 9-2). Figure 10-5 Settings - options ● In the "Settings - Options" window you can select and enable the safety functions. ●...
Page 529 Commissioning 10.2 Images of the user interface and softkeys Telegram configuration The screen to configure the telegram is displayed by pressing the "Telegram configuration" softkey: Figure 10-6 Settings - telegram configuration You can make the following settings in the "Settings - Telegram configuration" window: ●...
Page 530 Commissioning 10.2 Images of the user interface and softkeys Adapting SI encoders Figure 10-7 Adapting SI encoders A list is created comparing the actual values of the relevant MD and Safety MD. The corresponding drive parameter can be selected using the "SI drive parameters" softkey. Using the "Calculate SI encoder data"...
Page 531 Commissioning 10.2 Images of the user interface and softkeys SI-SBR tolerance The following display appears when pressing the "SI-SBR tolerance" softkey: Figure 10-8 Safe Acceleration Monitor You can scroll between the Safety Integrated drives using the "Drive +" and "Drive -" softkeys. The softkey "Calculate SBR tol."...
Page 532 Commissioning 10.2 Images of the user interface and softkeys SBH/SG The configured limits for Safe Operating Stop and Safely-Limited Speed are displayed using the "SBH/SG" softkey. Figure 10-9 SBH/SG You can scroll through the SI drives using the "Drive +" and "Drive –" softkeys. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 533 Commissioning 10.2 Images of the user interface and softkeys Safe limit positions (SE) By pressing the "SE safe limit positions" softkey, the configured directions and limits of the safe limit positions are displayed: Figure 10-10 Safe software limit positions Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 534 Commissioning 10.2 Images of the user interface and softkeys Safe Cams (SN) With softkey "SN safe cams" the positions and assignments of the Safe Cams are displayed: Figure 10-11 Safe software cams The "Safe Brake Control" function (SBC) is used to safely control holding brakes that function according to the closed-circuit principle (e.g.
Page 535: Procedure When Commissioning The Drive For The First Time
Commissioning 10.3 Procedure when commissioning the drive for the first time Figure 10-12 Safe Brake Control The Safe Brake Control can be enabled or inhibited using this selection list. This selection is deactivated if a motor holding brake is not included in the configuration (p1215). See also Procedure when commissioning the drive for the first time (Page 535) 10.3...
Page 536 Commissioning 10.3 Procedure when commissioning the drive for the first time Note If only the SH, SBC and SS1 functions are used, then commissioning is carried out as described in Chapter “Commissioning the STO, SBC and SS1 functions (Page 70)”. WARNING Firmware versions From SINAMICS SW2.5 and higher, the following applies:...
Page 537 Commissioning 10.3 Procedure when commissioning the drive for the first time Entering and checking the monitoring clock cycle. ● "General machine data" screen: Enter the factor for the monitoring clock cycle in the data $MN_SAFETY_SYSCLOCK_TIME_RATIO (see Chapter "Monitoring cycle (Page 81)" and Chapter "...
Page 538 Commissioning 10.3 Procedure when commissioning the drive for the first time Step 4: Commissioning the drive-based SH/SBC/SS1 functions. Note The parameters of the safety functions integrated in the drive have their own password protection that is however de-activated before commissioning. In the SINUMERIK environment we recommend that this password protection is not activated as the complete commissioning area is password protected.
Page 539 Commissioning 10.3 Procedure when commissioning the drive for the first time 3. Monitoring limit values and tolerances 4. Changeover and monitoring times 5. Stop responses after a monitoring function has responded 6. Assignment of safety-relevant inputs and outputs, i.e. which sources are supplying the control signals for the NC monitoring channel , and where do the feedback signals go (for the drive monitoring channel, this logical assignment must be programmed in the PLC, i.e.
Page 540: Series Commissioning
Commissioning 10.4 Series commissioning Step 8: Carry out the acceptance test and enter in the logbook. ● All of the safety functions that have been enabled must be tested. For suggestions on how to test and check activated SI functions, please refer to Chapter "User agreement (Page 92)".
Page 541: Changing Machine Data
Commissioning 10.5 Changing machine data ● Carry out a POWER ON. This ensures that any errors - i.e. deviations in the data content that may exist between the NCK and drive - will be detected by the checksum check and crosswise data comparison. Data must be checked if an error is detected.
Page 542 Commissioning 10.5 Changing machine data Change log Changes made to NCK machine data important for Safety Integrated are recorded in a display data. The time that the change is made is displayed in an axis 36996 $MA_SAFE_CONFIG_CHANGE_DATE[0...6] and an NCK-MD13316 $MN_SAFE_GLOB_CFG_CHANGE_DATE[0...6]. This MD can neither be overwritten by manual entry nor by loading an MD archive.
Page 543: Acceptance Test
Commissioning 10.6 Acceptance test When a commissioning archive is downloaded, then in a first step, a change is noted in the change history. If the currently active safety configuration is saved in this commissioning archive (⇒ effectively no change to the safety configuration), then the change that was previously entered is withdrawn.
Page 544 ● For SINUMERIK 840D sl, to document a test stop that has been carried out, it is sufficient to just log the test stop alarms of the NCK (27002); it is not absolutely necessary to log the test stop alarms of the SINAMICS S120 (C01798).
Page 545 Commissioning 10.6 Acceptance test In order to define a partial acceptance test, it is necessary in the first instance to specify the acceptance test objects, and in the second instance to define logical groups which represent the elements of the acceptance test. The assignment of the safety-relevant machine data and parameters to difference CRCs support this grouping (e.g.
Page 546 Commissioning 10.6 Acceptance test 3.5 Test of the SI function Safe Cams – SN (check using the diagnostics display or assigned SGAs or with the evaluated measuring diagrams and measured values) 3.6 If necessary, test the SI function external stops (with evaluated measurement diagram or measured values) 3.7 Test the SI function SBC/SBT (with evaluated measurement diagram or measured values / PROFIsafe I/O)
Page 547 An electronic template for the acceptance report is available: ● in the toolbox for SINUMERIK 840D sl ● on DOConCD for SINUMERIK 840D sl ● on the service CD for SINUMERIK 840D sl The acceptance report is divided into the following sections: ● Plant/system description ●...
Page 548 Commissioning 10.6 Acceptance test Measure Documentation Function test Function test Supplementary Completion of the measures report Part 1 Part 2 Replacing the Inclusion of hard‐ Yes, only points Point 4.1 NCU hardware ware data/ soft‐ 2.1, 2.2, 2.3 and ware version data 2.5 (without trace recording) Replacing the NX...
Page 549 Commissioning 10.6 Acceptance test Measure Documentation Function test Function test Supplementary Completion of the measures report Part 1 Part 2 SW upgrade Supplementary Points 4.3 and 4.4 Document 1, 4 software version changed check‐ (NCU/drive/PLC) Software upgrade Supplementary (HMI) software version Changing an indi‐...
Page 550: Conventional Acceptance Test
Commissioning 10.6 Acceptance test 10.6.2 Conventional acceptance test Procedure for the conventional acceptance test Safety function Test initiated by Function checked using Represented using Forced checking procedure Test stop initiated e.g. by re‐ Alarm log 27002 axis test stop running of the switch-off signal paths ducing the test stop time or C01798 test stop running...
Page 551 Commissioning 10.6 Acceptance test Safety function Test initiated by Function checked using Represented using SBC / SBT Test stop initiated e.g. by re‐ Servo trace: ducing the test stop time or (actual value active encoder, separate key torque) F_DP communication F_DP communication inter‐...
Page 552 10.6 Acceptance test Figure 10-14 Exceeding SG Figure 10-15 Exceeding SE Note The acceptance test for SINUMERIK Operate is described in: SINUMERIK 840D sl Help for the acceptance test in SINUMERIK Operate Version 4.7 SP3 Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 553: Acceptance Test Support
Commissioning 10.6 Acceptance test 10.6.3 Acceptance test support In order to make it easier to carry out the acceptance test and standardize this, there is the function "Acceptance test support" in the SinuCom NC commissioning tool". The objective of this acceptance support is to control the creation and administration of an acceptance report and prepare and carry out the required test steps using the appropriate operator actions via the operator interface.
Page 554 Commissioning 10.6 Acceptance test Designation Purpose of the test step Emergency Stop Test the internal Emergency Stop functionality when executed via external stop responses and the response to the external SPL I/O. Function inter-relationships Test all of the states relevant for the safety functions that should be first docu‐ mented within the scope of a function table or similar (interdependency of sensor signals, positions, modes).
Page 555 Commissioning 10.6 Acceptance test ● Traversing motion is possible in spite of the external Stop C/D. This means that it is also possible to test the active SBH monitoring state that results from an external Stop. not result in a traversing inhibit for the axis being tested ●...
Page 556 Commissioning 10.6 Acceptance test selection of alarms to be logged can be reduced to those alarms that are relevant for the specific test step. Internal trace function to record signal characteristics The SinuCom NC internal trace function is started when the data trace is started and the signals, relevant for the specific test step, recorded.
Page 557: Replacing A Motor Or Encoder
Commissioning 10.7 Replacing a motor or encoder 10.7 Replacing a motor or encoder WARNING Changes or replacement of hardware and/or software components After hardware and/or software components have been changed or replaced, it is only permissible to boot the system and activate the drives when the protective devices are closed. It is not permissible that personnel are present within the danger zone.
Page 558 Commissioning 10.7 Replacing a motor or encoder When service is required (motor defective or encoder defective), it might be necessary to completely replace the motor or just the motor encoder. In this case, the motor encoder must be re-calibrated. This influences the behavior of Safety Integrated if the functionality "safe limit positions"...
Page 559 Commissioning 10.7 Replacing a motor or encoder The actual position value supplied by the new motor encoder has no reference to the mechanical system. This means that the absolute value encoder must be re-aligned and set- up at this point. Note A safety acceptance report is generally not required after a motor has been replaced.
Page 560 Commissioning 10.7 Replacing a motor or encoder Replacing a motor with incremental encoder The same conditions apply as when replacing a motor with absolute encoder. To calibrate the encoder, the reference point approach is set up, e.g. using reference point cams.
Page 561 Commissioning 10.7 Replacing a motor or encoder Note Note regarding Point 3. The error at a reference point approach is no more than one revolution of the motor (difference between two zero marks). This offset is usually not critical for the mechanical parts of the machine.
Page 562 Commissioning 10.7 Replacing a motor or encoder After at least one of these encoder components has been replaced, Alarm 27035 "Axis %1 new HW component, acknowledgment and function test required" is output (changed CRC in index 1 of $MA_SAFE_ACT_CHECKSUM[ ] and possibly Alarm F01680 with ID 2, i.e. hardware IDs have changed).
Page 563 Commissioning 10.7 Replacing a motor or encoder Figure 10-17 Acknowledging SI HW, step 2 After acknowledging with softkey "OK", the actual checksums SAFE_ACT_CHECKSUM[1] / r9728[2] for all of the axes are copied to the reference checksum SAFE_DES_CHECKSUM[1] / p9729[2] and a recommendation is given to power on the control. This is done by pressing the "OK"...
Page 564: Replacing A Hardware Component
Commissioning 10.7 Replacing a motor or encoder 10.7.1 Replacing a hardware component General For SINUMERIK controls with the Safety Integrated function, the safety-related hardware components (e.g. SMI motors, SMC, SME) are secured using a checksum. In the case of service, when replacing one of these components, the checksum for the hardware component must be confirmed.
Page 565: Diagnostics
Diagnostics 11.1 Troubleshooting procedure ● The alarms that have been activated in response to an error are output in the "DIAGNOSIS - ALARMS" screen. When required, the safety alarms can be suppressed in the diagnostics display using the "Filter out SI alarms" softkey. ●...
Page 566: Service Displays
Diagnostics 11.1 Troubleshooting procedure 11.1.1 Service displays SINUMERIK Operate If safety functions are configured in the NCK as well as at the drive, softkeys "Display NCK status" and "Display drive status" are available. Figure 11-1 New softkeys to select the display for SI status In the menu header line you can see whether you are in the NCK or in the drive.
Page 567 Diagnostics 11.1 Troubleshooting procedure Display of the diagnostic signals of the NCK Figure 11-3 Status display NCK The "axis+", "axis-" vertical softkeys or "Direct selection" are used to set the required axis. The actual axis is displayed in the top right half of the table header line. Various states for both channels are displayed separately in the diagnostics screen.
Page 568 Diagnostics 11.1 Troubleshooting procedure Figure 11-4 Status signals, drive The following table shows the list of signals of the drive for the status SI screen. Signal Motor Module Control Unit STO active r9872.1 r9772.1 SS1 active r9872.2 r9772.2 STOP A active r9872.10 r9772.10 STOP F active...
Page 569 Diagnostics 11.1 Troubleshooting procedure Figure 11-6 Global checksum ● "Save" softkey With this softkey, the values of the checksum for all drives and axes are saved in an XML file, which is selected by the user. ● "Details" softkey This softkey is used to select detailed information concerning the selected checksum. SI configuration You can go to the SI configuration window by pressing the softkey "SI configuration".
Page 570 Diagnostics 11.1 Troubleshooting procedure Figure 11-7 SI configuration An overview of the safety options that have been set is displayed in the upper section of this diagnostics screen. The Safety checksums for the NCK, the axis and the drive are shown in the lower window section.
Page 571 Diagnostics 11.1 Troubleshooting procedure Figure 11-8 Status display of SGE/SGA The available signals are shown in the diagram above. The following diagram shows the detailed status display of the safety-related input and output signals. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 572 Diagnostics 11.1 Troubleshooting procedure Figure 11-9 Significance of the status display of the safety-related input and output signals Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 573 Diagnostics 11.1 Troubleshooting procedure Cam SGA You can access the corresponding menu for Safe Cam or Safe Cam Track access using the "Cam SGA" softkey. Figure 11-10 Safe Cams Figure 11-11 Safe Cam Track Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 574 Diagnostics 11.1 Troubleshooting procedure The softkey "SPL" is used to access the window for the status display of the SPL. Figure 11-12 Status display SPL In the "Variable" selection box, you can select: $A_INSE(P) corresponds to simultaneous selection of $A_INSE upper line, origin of the NCK and $A_INSEP lower line, origin of the PLC and essentially in the same way for the other variables: $A_OUTSE(P)
Page 575 Diagnostics 11.1 Troubleshooting procedure The selected format is applicable for the particular variable, as each variable can be assigned an individual display format. Further, various SPL states are displayed. Displaying the qualities of SPL input/output variables Just displaying values "0" and "1" in the diagnostics screen is not sufficient to identify the cause of faults that have occurred.
Page 576 Diagnostics 11.1 Troubleshooting procedure Figure 11-14 Status display SI communication The send and receive connections can be selected using the vertical softkeys. Figure 11-15 SI communication (send) The SI communication (send) menu contains a list of the configuration in tabular form and the status of the send connection (F_SENDDP).
Page 577 Diagnostics 11.1 Troubleshooting procedure Figure 11-16 SPL coupling (sending) Data for F_RECVDP are displayed using the "Receive connection" softkey and "Display SPL couplings". Figure 11-17 SI communication (receive) Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 578 Diagnostics 11.1 Troubleshooting procedure Figure 11-18 SPL coupling (receiving) SI I/O If, in the status display (Fig. "Status display NCK"), the "SI I/O" softkey is pressed, then you obtain a general overview of the parameterized PROFIsafe communication: Figure 11-19 SI I/O Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 579 Diagnostics 11.1 Troubleshooting procedure By pressing the "F-modules" softkey, all of the parameterized F-modules are displayed together with the master address, PROFIsafe address, module type with the actual status. Figure 11-20 SI I/O F-modules Using the "Display SPL connection" softkey, the parameterized assignment of the F-module to the SPL is displayed with the actual data.
Page 580: Safety Integrated Global Checksums
Diagnostics 11.1 Troubleshooting procedure Figure 11-22 Details of the F-modules 11.1.2 Safety Integrated global checksums The number of checksums to be checked at a machine is reduced through the introduction of master checksums. All of the checksums of an axis - or also all axes - are added in these master checksums. This means that users only have to compare one checksum in order to check whether something has changed since the last time it was determined.
Page 581 Diagnostics 11.1 Troubleshooting procedure Figure 11-23 Softkey bar for safety diagnostics, global checksums, SI checksum The following dialog is displayed with softkey "Checksum SI" Figure 11-24 SI global checksums Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 582 Diagnostics 11.1 Troubleshooting procedure Figure 11-25 SI checksum A table is displayed in which the global checksums are listed with the calculation date. When the dialog is first displayed, the cursor is positioned at the first line with a checksum. The cursor is only positioned to lines that contain a checksum.
Page 583 Diagnostics 11.1 Troubleshooting procedure The global checksums are calculated as follows: Master checksum Calculated by adding the listed data Global safety engineer‐ NC master checksum SAFE.SPF checksum ing checksum $MN_SAFE_GLOB_ACT_CHECKSUM[0] (sum of all master check‐ $MN_SAFE_GLOB_ACT_CHECKSUM[1] sums) $MN_SAFE_GLOB_ACT_CHECKSUM[2] $MN_SAFE_GLOB_ACT_CHECKSUM[3] Axis master checksum $MA_SAFE_ACT_CHECKSUM[0] $MA_SAFE_ACT_CHECKSUM[2] (Sum across all axes with $MA_SAFE_FUNCTION_ENA‐...
Page 584: Integrating Safety Spl User Alarms
Diagnostics 11.1 Troubleshooting procedure The safety-relevant hardware checksum has only one master checksum. In the Details menu, only one line is displayed with this checksum. Using the "Back" softkey, you can change to the vertical softkey bar of the Safety diagnostics. 11.1.3 Integrating safety SPL user alarms Preconditions...
Page 585 Diagnostics 11.1 Troubleshooting procedure As the SPL user text files are index text files (pro rata alarm text), for correct conversion in the specified "Source Path", a subdirectory with the name */ALSI must be created. The alarm text extension file *.com to be converted must be saved in this subdirectory. Figure 11-28 Creating a subdirectory In "Target Path", the target directory is specified in which the converted safety user alarm text...
Page 586 Diagnostics 11.1 Troubleshooting procedure Figure 11-31 Generating files in "lng" Depending on the language, the SI user alarm files are generated in "Ing": Using WinSCP, the files/directories are copied to card/user/sinumerik/hmi/cfg respectively, card/user/sinumerik/hmi/lng - or card/oem/sinumerik/hmi/cfg respectively, card/oem/ sinumerik/hmi/lng. These files must now be copied to the card using WINSCP: Figure 11-32 Copying the files into the user directory using WinSCP If files with the same name already exist on the CF card, then the contents of the generated...
Page 587 Diagnostics 11.1 Troubleshooting procedure Figure 11-33 Extending slaesvcadapconf.xml Figure 11-34 Extending slaesvcconf.xml Generating, converting, and integrating SINUMERIK Operate safety user alarms COM files Generating language-dependent COM files and converting into *.ts files If there are no HMI Advanced files available, *.com files can be generated and converted into files in the SINUMERIK Operate format using the "HMI solutionline alarm text converter".
Page 588 Diagnostics 11.1 Troubleshooting procedure ;%4 = 065...128: Error in system variables $A_OUTSE[01...64] ;%4 = 129...192: Error in system variables $A_INSI[01...64] ;%4 = 193...256: Error in system variables $A_OUTSI[01...64] ;%4 = 257...320: Error in system variables $A_MARKERSI[01...64] ; SPL protection 000000 0 0 "User text for Safety--SPL--commissioning--status (DB18.DBX36.0) / MD11500” 000001 0 0 ”User text for INSE(P)01”...
Page 589: Trace Bit Graphics For Safety Integrated
Diagnostics 11.1 Troubleshooting procedure 11.1.4 Trace bit graphics for Safety Integrated General The trace function is one of the measuring functions in the Diagnostics operating area. Using the trace, for drive signals and NCK signals, measurements can be started by entering a measuring time and trigger conditions.
Page 590 Diagnostics 11.1 Troubleshooting procedure Figure 11-36 Selecting variables for tracing To start the trace, the system changes into the graphic display and the trace is started using softkeys "Display trace" and "Start trace". There is also an option to display all variables and then to search for the required variables using the filter function, in the the following diagram e.g.
Page 591 Diagnostics 11.1 Troubleshooting procedure Figure 11-37 Selecting variables Figure 11-38 Selecting system variables The variables that you wish to trace can also be assigned a particular color. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 592 Diagnostics 11.1 Troubleshooting procedure Figure 11-39 Selecting the colors for the trace recording Example of a trace when SBH is exceeded With softkey "New trace (Drive/NC) initially, the session type is called, in this case NC and PLC variables. Figure 11-40 General call for a new session Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 593 Diagnostics 11.1 Troubleshooting procedure The trace is to be performed for Safe Operating Stop, i.e. the trace file name SBH_Test is entered: Figure 11-41 Trace SBH_test The variables are determined using the "Insert variable" softkey. The following variables are selected for SBH_Test: Figure 11-42 Overview of the variables for SBH test Safety Integrated...
Page 594 Diagnostics 11.1 Troubleshooting procedure To start the trace, the graphic display is selected using softkeys "Display trace" and "Start trace". The trace is started. The measuring curves of the variables are shown as example in the following diagrams. Figure 11-43 Trace SBH exceeded Figure 11-44 Trace SBH exceeded with legend...
Page 595: Nck Safety Alarms For Sinumerik 840D Sl
Alarms for SINUMERIK 840D sl/SINAMICS S120 Detailed explanations of all alarms that are not described here can be found in the following references for the SINUMERIK 840D sl system with SINAMICS S120: /DA/, Diagnostics Guide SINUMERIK 840D sl /LH1/ SINAMICS S120/S150 List Manual...
Page 596 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl Alarms for SINUMERIK Safety Integrated The alarms that can occur in connection with the SI option are listed below: 14710 Channel %1 Block %2 Error in initialization sequence in function %3...
Page 597 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 14710 Channel %1 Block %2 Error in initialization sequence in function %3 Remedy Please inform the authorized personnel/service department For parameter %3=0-3: If the alarm(s) occur(s) at RESET: Check the setting of machine data MD20110 $MC_RESET_MODE_MASK, MD20120 $MC_TOOL_RE‐...
Page 598 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 15189 Channel %1 Block %2 Error executing SAFE.SPF Parameter %1 = channel number %2 = block number, label Explanation When processing the NC initialization program for Safety Integrated /_N_CST_DIR/_N_SAFE_SPF an error has occurred.
Page 599 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 16965 Channel %1 SAFE.SPF run-up not completed Parameter %1 = channel number Explanation The alarm is initiated if the safety program /N_CST_DIR/N_SAFE_SPF should be executed when booting and was not completed after four times the time, which is defined in MD $MN_SPL_START_TIMEOUT. One reason could be an extremely long execution time of SAFE.SPF.
Page 600 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 20096 Axis %1 brake test aborted, additional info %2 Parameter %1 = axis name, spindle number %2 = fault information, based on $VA_FXS_INFO Explanation The brake test has detected a problem. The additional information provides details of the cause of the alarm.
Page 601 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 20149 Channel %1 Block %2 motion-synchronized action: Index invalid Remedy Use a valid index. Program con‐ Clear the alarm with the RESET key. Restart the part program. tinuation 22001 Channel %1 Block %2 Axis %3: Braking ramp longer than STOP D time. Reason: %4...
Page 602 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27000 Axis %1 is not safely referenced Parameter %1 = axis name, spindle number Explanation There are two reasons for this alarm: ● the user has still not acknowledged the machine position, ●...
Page 603 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Parameter %1 = axis name, spindle number %2 = supplementary information, crosswise data comparison index %3 = supplementary information, comparison value, NCK...
Page 604 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 For the monitoring function SN or n < n , a different state has occurred between the NCK and drive.
Page 605 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Copy SI data The setting in MD36930 $MA_SAFE_STANDSTILL_TOL does not correspond with the associated drive pa‐ rameter assignment.
Page 606 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Copy SI data The setting in MD36936 $MA_SAFE_CAM_POS_PLUS[1] + MD36940 $MA_SAFE_CAM_TOL does not cor‐ respond with the associated drive parameter assignment.
Page 607 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Copy SI data The setting in MD36936 $MA_SAFE_CAM_POS_PLUS[3] does not correspond with the associated drive parameter assignment. Remedy...
Page 608 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Copy SI data The setting in MD36952 $MA_SAFE_STOP_SWITCH_TIME_C does not correspond with the associated drive parameter assignment. Remedy...
Page 609 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Error codes 44-57 cannot be clearly assigned to an error cause. For the monitoring functions that run internally (e.g.
Page 610 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Lower limit value for SG1 = position actual value - MD36931 $MA_SAFE_VELO_LIMIT[0] referred to a mon‐ itoring clock cycle...
Page 611 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Upper limit value for n < n (plus tolerance) Position actual value + MD36946 $MA_SAFE_VELO_X (referred to a monitoring clock cycle) + MD36942 $MA_SAFE_POS_TOL.
Page 612 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 The setting in MD36932 $MA_SAFE_VELO_OVR_FACTOR[2] does not correspond with the associated drive parameter assignment. Remedy Copy SI data The setting in MD36932 $MA_SAFE_VELO_OVR_FACTOR[3] does not correspond with the associated drive parameter assignment.
Page 613 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 The setting in MD36932 $MA_SAFE_VELO_OVR_FACTOR[11] does not correspond with the associated drive parameter assignment. Remedy Copy SI data The setting in MD36932 $MA_SAFE_VELO_OVR_FACTOR[12] does not correspond with the associated drive parameter assignment.
Page 614 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 The setting in MD36963 $MA_SAFE_VELO_STOP_REACTION[3] does not correspond with the associated drive parameter assignment. Remedy Copy SI data...
Page 615 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Set $MA_SAFE_ENC_INPUT_NR and drive parameter p9526 so that they are equal. Cam enable: The setting in MD36903 $MA_SAFE_CAM_ENABLE does not correspond with the drive pa‐...
Page 616 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[5] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 617 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[7] does not correspond with the as‐ sociated drive parameter assignment. Remedy Safe Cam 8-.
Page 618 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36936 $MA_SAFE_CAM_POS_PLUS[10] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 619 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36936 $MA_SAFE_CAM_POS_PLUS[12] does not correspond with the as‐ sociated drive parameter assignment. Remedy Safe Cam 13+.
Page 620 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[14] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 621 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[16] does not correspond with the associated drive parameter assignment. Remedy Safe Cam 17-. Enter the same MD.
Page 622 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36936 $MA_SAFE_CAM_POS_PLUS[19] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 623 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36936 $MA_SAFE_CAM_POS_PLUS[21] does not correspond with the as‐ sociated drive parameter assignment. Remedy Safe Cam 22+.
Page 624 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[23] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 625 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36937 $MA_SAFE_CAM_POS_MINUS[25] does not correspond with the associated drive parameter assignment. Remedy Safe Cam 26-. Enter the same MD.
Page 626 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam position: the setting in MD36936 $MA_SAFE_CAM_POS_PLUS[28] + MD36940 $MA_SAFE_CAM_TOL does not correspond with the associated drive parameter assignment.
Page 627 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam track assignment: the setting in MD36938 $MA_SAFE_CAM_TRACK_ASSIGN[1] does not correspond with the associated drive parameter assignment or the cam enable is different.
Page 628 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam track assignment: the setting in MD36938 $MA_SAFE_CAM_TRACK_ASSIGN[10] does not correspond with the associated drive parameter assignment or the cam enable is different.
Page 629 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam track assignment: the setting in MD36938 $MA_SAFE_CAM_TRACK_ASSIGN[19] does not correspond with the associated drive parameter assignment or the cam enable is different.
Page 630 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Cam track assignment: the setting in MD36938 $MA_SAFE_CAM_TRACK_ASSIGN[28] does not correspond with the associated drive parameter assignment or the cam enable is different.
Page 631 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Filter time constant for n<n : the calculation or setting in MD36945 $MA_SAFE_VELO_X_FILTER_TIME does not correspond with the associated drive value.
Page 632 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Result list 1 (see cross comparison value 1) Switchover velocity SBH/SG MD37920 $MA_SAFE_STANDSTILL_VELO_LIMIT Remedy Check MD37920 $MA_SAFE_STANDSTILL_VELO_LIMIT. Delay time, switchover to SBH/SG MD37920 $MA_SAFE_STANDSTILL_DELAY Remedy Check MD37922 $MA_SAFE_STANDSTILL_DELAY.
Page 633 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Check the mechanical system of the axis - it is possible that the axis was moved when powered-down and the actual value last saved by the control no longer corresponds with the new value the next time the system is booted.
Page 634 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27001 Axis %1 error in a monitoring channel, Code%2, values: NCK%3, drive %4 Saved standstill positions of NCK and PLC different. Remedy Re-establish data consistency using a power on. 1025 The drive or encoder signaled "parking active" - however the control had not requested "parking axis".
Page 635 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27004 Axis %1 difference safe input %2, NCK %3, drive %4 Parameter %1 = axis name, spindle number %2 = monitoring function involved %3 = interface identifier, NCK input %4 = interface identifier, drive input Explanation A difference has been detected at the specified safe input.
Page 636 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27005 Axis %1 error for crosswise data comparison: Static actual value difference Remedy The user agreement must be deleted if the alarm is present as a steady-state alarm. When the control has been rebooted, the machine can be brought into the safe state again, and operation resumed by a new referencing process and setting the user agreement.
Page 637 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27010 Axis %1 tolerance for Safe Operating Stop exceeded Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm Channel not ready Stop the axis with speed setpoint = 0 (STOP B).
Page 638 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27012 Axis %1 safe limit position exceeded Response NC start disable in this channel NC start disable in this channel Interface signals are set Alarm display NC stop for alarm This axis is stopped with STOP C, D or E, according to the configuration in MD36962 $MA_SAFE_POS_STOP_MODE.
Page 639 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27020 Axis %1 STOP E activated Parameter %1 = axis name, spindle number Explanation This alarm comes with alarms 27011 "Safely reduced speed exceeded" or 27012 "Safe limit position excee‐ ded" (according to the configuration in...
Page 640 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27022 Axis %1 STOP C activated Response NC start disable in this channel Interface signals are set Alarm display NC stop for alarm "Braking along the current limit / OFF3 ramp" is initiated and the Safe Operating Stop (SBH) is internally activated after the time set in MD36952 $MA_SAFE_STOP_SWITCH_TIME_C has expired.
Page 641 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27024 Axis %1 STOP A activated Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm "Pulse cancellation" initiated.
Page 642 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27033 Axis %1 parameterization of the MD %2[%3] invalid, error code %4 Parameter %1 = axis name, spindle number %2 = MD name %3 = MD field index for MD name...
Page 643 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27033 Axis %1 parameterization of the MD %2[%3] invalid, error code %4 ● 13: A zero was entered in MD36918 $MA_SAFE_ENC_RESOL. ● 14: The parameterized cam modulo range MD36905 $MA_SAFE_MODULO_RANGE is not an integral multiple of 360 degrees.
Page 644 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27033 Axis %1 parameterization of the MD %2[%3] invalid, error code %4 ● 27: Cam position MD36936 $MA_SAFE_CAM_POS_PLUS[n] or MD36937 $MA_SAFE_CAM_POS_MINUS[n] has been parameterized too close to the modulo limit. ● 28: "Safe Cams" have been enabled in MD36901 $MA_SAFE_FUNCTION_ENABLE in bits 8..15, while the "Safe Cam Track"...
Page 645 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27033 Axis %1 parameterization of the MD %2[%3] invalid, error code %4 Remedy Check and modify the MD named in the alarm text. Have the checksum re-calculated. Safety functions should be subject to a new acceptance test.
Page 646 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27035 Axis %1 new HW component, acknowledgement and function test required Remedy If the alarm occurs while commissioning, then the following should be done: ● Acknowledge checksum MD36998 $MA_SAFE_ACT_CHECKSUM[1] (key switch setting 3 or password must be entered), continue commissioning.
Page 647 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27037 Axis %1 and %2 with the same PROFIsafe address %3 Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display...
Page 648 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27038 Axis %1 value %2 in drive parameter %3 violates the limits of NCK MD %4 Remedy Investigate, why in the specified drive parameter(s) an incorrect value has been entered (e.g. for internal software errors in the drive, refer to the drive documentation).
Page 649 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27040 Axis %1 waiting for the Motor Module Remedy The alarm is continuously active when booting if the drive does not communicate. Otherwise, the alarm is only briefly active - and is then automatically cleared again. Possible causes for the alarm being permanently present: ●...
Page 650 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27060 Axis %1 checksum error, drive assignment, acknowledgement and acceptance test required! Response Alarm display Interface signals are set NC start disable in this channel NC stop for alarm Mode group not ready...
Page 651 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27072 Checksum error, enabling safe communication. Confirmation and acceptance test required! Parameter Explanation The NCK-MD to enable the SPL coupling (also including MD13302/13303 $MN_PROFISAFE_IN/OUT_EN‐ ABLE_MASK, MD13330/13340 $MN_SAFE_RDP/SDP_ENABLE_MASK) are protected by a checksum. The alarm indicates that the actual checksum no longer matches the saved checksum, i.e.
Page 652 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27090 Error in crosswise Data comparison NCK-PLC %1 [%2], NCK: %3; %4<ALSI> Parameter %1 = name of the system variable in which the error was detected %2 = supplementary info, system variables - field index...
Page 653 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27090 Error in crosswise Data comparison NCK-PLC %1 [%2], NCK: %3; %4<ALSI> Remedy Analyze the displayed value and evaluate DB18: SPL_DELTA on the PLC side. Find the difference between the monitoring channels.
Page 654 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27093 Checksum error NCK-SPL, %1, %2, %3 Parameter %1 = supplementary information about the type of error %2 = supplementary information about the reference size %3 = supplementary information about the actual size Explanation The checksum error in the NCK SPL.
Page 655 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27096 SPL start not allowed Remedy SPL protection withdrawn via MD11500 $MN_PREVENT_SYNACT_LOCK[0,1] or ● Commissioning of the axis-specific Safety Integrated functionality and ● Parameterization of at least one SGE/SGA at an SPL interface and ●...
Page 656 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27099 Double assignment in the SPL assignment MD %1[%2] - MD %3[%4] Parameter %1 = MD name 1 %2 = MD field index for MD name 1 %3 = MD name 2...
Page 657 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27101 Axis %1, difference in Safe Operating Stop function, NCK: %2, drive: %3 Parameter %1 = axis name, spindle number %2 = monitoring status, Safe Operating Stop %3 = monitoring status, Safe Operating Stop...
Page 658 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27102 Axis %1, difference in safely reduced speed function %2, NCK: %3, drive: %4 Response Alarm display NC start disable in this channel A STOP F was initiated. If a safety monitoring function was active, then a STOP B was also automatically initiated.
Page 659 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27104 Axis %1, difference in Safe Cam plus function %2, NCK: %3, drive: %4 Parameter %1 = axis name, spindle number %2 = number of the cam %3 = monitoring status, Safe Cam plus...
Page 660 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27104 Axis %1, difference in Safe Cam plus function %2, NCK: %3, drive: %4 Safe Cam 11+: Bits 16, 17 in result list 4 Safe Cam 12+: Bits 20, 21 in result list 4...
Page 661 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27105 Axis %1, difference in Safe Cam minus function %2, NCK: %3, drive: %4 Parameter %1 = axis name, spindle number %2 = number of the cam %3 = monitoring status, Safe Cam minus...
Page 662 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27105 Axis %1, difference in Safe Cam minus function %2, NCK: %3, drive: %4 Safe Cam 11-: Bits 18, 19 in result list 4 Safe Cam 12-: Bits 22, 23 in result list 4...
Page 663 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27106 Axis %1, difference for function safely reduced speed nx, NCK: %2, drive: %3 Parameter %1 = axis name, spindle number %2 = monitoring status, safely reduced speed n %3 = monitoring status, safely reduced speed n...
Page 664 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27110 Axis %1 data transfer error, index %2 Parameter %1 = axis name, spindle number %2 = index in the crosswise data comparison Explanation Communication errors between the NCK and drive have meant that for three times in a row, the crosswise data comparison of the data with the specified index was not able to be carried out.
Page 665 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27112 Axis %1 CRC error of the safe actual value Parameter %1 = axis name, spindle number Explanation When checking the data consistency of the safe actual value (CRC), an error was detected.
Page 666 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27113 Axis %1 hardware encoder fault of the safety-related actual value Remedy After adjusting the encoder, initiate that the encoder serial number is transferred (only applicable for absolute encoders). Check and ensure that the EMC directive is complied with.
Page 667 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27135 Checksum group error safe monitoring on at least one axis. Confirmation and acceptance test required! Parameter Explanation A checksum protects the relevant MD to parameterize the axis-specific safety functionality. The alarm indi‐...
Page 668 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27200 PROFIsafe: Cycle time %1 [ms] is too long Parameter %1 = parameterized cycle time Explanation The PROFIsafe communication cycle time resulting from MD10098 $MN_PROFISAFE_IPO_TIME_RATIO and MD10071 $MN_IPO_CYCLE_TIME exceeds the permissible limit value of 25 ms.
Page 669 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27203 PROFIsafe: MD %1[%2]: Incorrect SPL assignment Parameter %1 = MD name %2 = MD field index Explanation The SPL coupling in the displayed MD is incorrect. Possible causes: ● Bit value greater than in the definition of the SPL interface (bit value > maximum bit value) ●...
Page 670 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27205 PROFIsafe: Number of signals in MD %1[%2] < > MD %3[%4] Parameter %1 MD name 1 %2 MD field index to the MD name 1 %3 MD name 2 %4 MD field index to the MD name 2 Explanation The parameterized number of signals used must be the same in both machine data.
Page 671 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27207 PROFIsafe: MD %1[%2] max. sub-slot number: %3 exceeded Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm Remedy Reduce the number of sub-slots by changing the F-net (useful) data distribution of the PROFIsafe module.
Page 672 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27220 PROFIsafe: Number of NCK-F modules (%1) <> number of S7-F modules (%2) Remedy Check the F-parameterization in MD10386/10387 $MN_PROFISAFE_IN/OUT_ADDRESS. Check the F-configuration in the S7 PROFIBUS configuration. Check the parameterized PROFIsafe master address in MD10385 $MN_PROFISAFE_MASTER_ADDRESS and S7 PROFIBUS configuration.
Page 673 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27223 PROFIsafe: NCK F-module MD %1[%2] is not a %3 module Parameter %1 = MD name %2 = MD field index %3 = module type Explanation The F-module parameterized in the specified NCK MD has not been designated as an appropriate input/ output module in the S7 PROFIBUS configuration.
Page 674 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27225 PROFIsafe: Slave %1, configuration error, %2 Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm Remedy Check the S7 PROFIBUS configuration and correct.
Page 675 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27241 PROFIsafe: Version different, NCK: %1, PLC: %2, (%3) Response Mode group not ready Channel not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm Remedy Check the PLC operating system and correct NCK software versions.
Page 676 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27242 PROFIsafe: F-module %1, %2 error, error code %3, %4 Remedy ● %2 = CRC1: General PLC reset, reload the S7 F-configuration. ● %2 = F_WD_timeout: Re-parameterize the PROFIsafe clock cycle time or F-monitoring time.
Page 677 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27251 PROFIsafe: F-module %1, %2 reports error %3 Parameter %1 = PROFIsafe address or name %2 = signaling components (master/slave) %3 = error detection Explanation There is a communication error between the F-master and the specified F- module.
Page 678 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27252 PROFIsafe: Slave/Device %1, Bus %2, sign-of-life error Response Mode group not ready NC start disable in this channel Interface signals are set Alarm display NC stop for alarm Stop D/E is initiated. A STOP D/E is initiated (this can be set using MD10097 $MN_SAFE_SPL_STOP_MODE) on all axes with safety functionality.
Page 679 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27254 PROFIsafe: F-module %1, error on channel %2; %3<ALSI> Parameter %1 = PROFIsafe address or name %2 = channel type, channel number %3 = supplementary info, system variables - field index Explanation The F-module signals that an error has occurred in the interface of the specified channel.
Page 680 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27256 PROFIsafe: actual cycle time %1 [ms] > parameterized cycle time Parameter %1 = actual PROFIsafe communications cycle time Explanation The actual PROFIsafe communication cycle time is greater than the value set using MD10098 $MN_PRO‐...
Page 681 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27257 PROFIsafe: %1 %2 signals a system error %3 (%4) Response NC start disable in this channel Alarm display Interface signals are set Mode group not ready Channel not ready NC stop for alarm A STOP D/E is initiated (this can be set using MD10097 $MN_SAFE_SPL_STOP_MODE) on all axes with safety functionality.
Page 682 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27300 F_DP: Cycle time %1[ms] is too long Remedy Correct cycle time using MD13320 $MN_SAFE_SRDP_IPO_TIME_RATIO and/or MD10071$MN_IPO_CY‐ CLE_TIME Program con‐ Switch control system OFF and ON again. tinuation 27301 F_DP: MD %1[%2]: SPL coupling incorrect...
Page 683 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27302 F_DP: Dual allocation MD %1[%2] - MD %3[%4] Parameter %1 = MD name 1 %2 = MD field index for MD name 1 %3 = MD name 2 %4 = MD field index for MD name 2 Explanation A double assignment has been illegally parameterized in the specified machine data.
Page 684 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27303 F_DP: Number of signals in MD %1[%2] < > MD %3[%4] Response Alarm display NC start disable in this channel Interface signals are set Mode group not ready Channel not ready...
Page 685 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27306 F_DP: Max. number of active SPL connections (%1) for (%2) exceeded Response Alarm display NC start disable in this channel Interface signals are set Mode group not ready Channel not ready...
Page 686 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27350 F_DP: %1 communication, connection %2 signals error %3 Remedy Check PROFIBUS communication and the communication partner. Note Only the F_DP communication is acknowledged for a user acknowledgment via DB18.FRDP_ACK_REI. The alarm is still displayed and must be separately acknowledged using NC-RESET.
Page 687 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27352 F_DP: communication error %1, error %2 Parameter %1 = faulty components (NCK/PLC) %2 = error detection Explanation Communication between the NCK and PLC can no longer function. Component with error where the communication error occurred (%1): ●...
Page 688 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27354 F_DP: %1 communication, connection %2 signals SFC%3 error %4 Parameter %1 = communication type %2 = name or DP_DP_ID of the communication relationship %3 = SFC block number %4 = error detection Explanation There is an F_DP communication error with the external communication partner.
Page 689 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27355 F_DP: %1 communication, connection %2 signals system error %3 (%4) Parameter %1 = communication type %2 = name or DP_DP_ID of the SPL connection %3 = error detection %4 = component Explanation A system error was detected within the scope of the F_DP communication.
Page 690 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27801 Safety operating mode inconsistent: MD "%1" = %2 ; PLC configuration = %3 Parameter %1: $MN_SAFE_MODE %2: Value from $MN_SAFE_MODE %3: Value of the PLC configuration Explanation The value in MD13370 $MN_SAFE_MODE does not match the value of the PLC configuration.
Page 691 Diagnostics 11.2 NCK safety alarms for SINUMERIK 840D sl 27811 Axis %1: Parameterizing error: MD %2[%3] invalid Parameter %1: Axis name, spindle number %2: MD name %3: MD field index to the MD name Explanation The parameterization of the displayed machine data is incorrect. This alarm occurs in the following contexts: ●...
Page 692: Safety Messages For Sinamics S120
Diagnostics 11.3 Safety messages for SINAMICS S120 27830 Axis %1: Control not ready for the "Safe Brake Test" integrated in the drive" Response Alarm display Remedy The alarm automatically disappears if the conditions in the motion control for carrying out the drive-integrated "Safe brake test"...
Page 693 Diagnostics 11.3 Safety messages for SINAMICS S120 Differences between faults and alarms Type Description Faults What happens when a fault occurs? ● The appropriate fault response is initiated. ● Status signal ZSW1.3 is set. ● The fault is entered in the fault buffer. How are the faults eliminated? ●...
Page 694 Diagnostics 11.3 Safety messages for SINAMICS S120 Acknowledging faults The list of faults and alarms specifies how to acknowledge each fault after the cause has been eliminated. List Description POWER ON The fault is acknowledged by a POWER ON (switch drive unit off and on again). Note: If the fault cause has still not been resolved, then the fault is immediately displayed again after booting.
Page 695: List Of Faults And Alarms
Diagnostics 11.3 Safety messages for SINAMICS S120 The optional brackets indicates whether the type specified for this message can be changed, and which message types can be selected via parameter. Information about the response and acknowledgment are independently specified for a message with adjustable message type (e.g.
Page 696 Diagnostics 11.3 Safety messages for SINAMICS S120 F01611 SI P1 (CU): Defect in a monitoring channel 1 to 999: Number of the crosswise compared data that resulted in this fault. This number is also displayed in r9795. 1: SI monitoring clock cycle (r9780, r9880). 2: SI enable safety functions (p9601, p9801).
Page 697 Diagnostics 11.3 Safety messages for SINAMICS S120 F01611 SI P1 (CU): Defect in a monitoring channel 6064: Target address and PROFIsafe address differ (F_Dest_Add). 6065: Target address invalid (F_Dest_Add). 6066: Source address invalid (F_Source_Add). 6067: Watchdog time value invalid (F_WD_Time). 6068: Incorrect SIL level (F_SIL).
Page 698 Diagnostics 11.3 Safety messages for SINAMICS S120 F01611 SI P1 (CU): Defect in a monitoring channel For fault value = 2000, 2001, 2002, 2003, 2004, 2005: ● Check the tolerance time SGE changeover and if required, increase the value (p9650/p9850, p9652/ p9852).
Page 699 Diagnostics 11.3 Safety messages for SINAMICS S120 F01611 SI P1 (CU): Defect in a monitoring channel For fault value 6065: Check the value setting in the F-parameter F_Dest_Add at the PROFIsafe slave. The target address must not be 0 or FFFF! For fault value 6066: Check the value setting in the F-parameter F_Source_Add at the PROFIsafe slave.
Page 700 Diagnostics 11.3 Safety messages for SINAMICS S120 N01620 (F, A) SI P1 (CU): Safe Torque Off active Explanation The "Safe Torque Off" (STO) function of the basis functions has been selected on the Control Unit (CU) via the input terminal and is active. Note: This message does not result in a safety stop response.
Page 701 There is either a DRIVE-CLiQ communications error or communications have failed. A time slice overflow of the safety software has occurred. Fault value (r0949, interpret decimal): Only for internal Siemens troubleshooting. Remedy Select Safe Torque Off and then deselect again.
Page 702 Diagnostics 11.3 Safety messages for SINAMICS S120 F01630 SI P1 (CU): Brake control defective Explanation For fault value 30, 31: Fault for "Close brake" Brake not connected or interrupted cable (check whether for p1278 = 1 and p9602/p9802 = 0 (SBC switched- out) the brake opens).
Page 703 Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret as hexadecimal): Only for internal Siemens troubleshooting. Remedy Carry out a POWER ON (power off/on) for all components ● Re-commission the Safety Integrated function and carry out a POWER ON.
Page 704 Diagnostics 11.3 Safety messages for SINAMICS S120 F01650 SI P1 (CU): Acceptance test required 2001: Reference and actual checksum on monitoring channel 2 are not identical (commissioning mode). Reference checksum incorrectly entered for monitoring channel 2 (p9899 not equal to r9898). When deactivating the safety functions, p9501 or p9503 not deleted.
Page 705 Diagnostics 11.3 Safety messages for SINAMICS S120 F01650 SI P1 (CU): Acceptance test required Remedy For fault value = 130: Carry out safety commissioning routine. For fault value = 1000: Check the cycle time for the Safety Integrated Basic Functions (r9780) and adapt the set checksum (p9799). Repeat safety commissioning.
Page 706 Fault value 150: Fault in the synchronization to the PROFIBUS master. All other values: For Siemens internal fault diagnostics only. See also: p9510 (SI Motion isochronous PROFIBUS master) Remedy For fault value 121: Carry out a common power on/warm restart for the higher-level control and SINAMICS.
Page 707 Diagnostics 11.3 Safety messages for SINAMICS S120 F01652 SI P1 (CU): Monitoring clock cycle not permissible Explanation One of the Safety Integrated monitoring clock cycles is not permissible: ● The monitoring clock cycle integrated in the drive cannot be maintained due to the communication conditions requested in the system.
Page 708 Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret as hexadecimal): Only for internal Siemens troubleshooting. Remedy Carry out a POWER ON (power off/on) for all components ● Upgrade the Motor Module/Hydraulic Module software.
Page 709 Diagnostics 11.3 Safety messages for SINAMICS S120 F01659 SI P1 (CU): Write task for parameter rejected Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The write task for one or several Safety Integrated parameters on the Control Unit (CU) was rejected. Note: This fault does not result in a safety stop response.
Page 710 Diagnostics 11.3 Safety messages for SINAMICS S120 F01659 SI P1 (CU): Write task for parameter rejected ● 18.: An attempt was made to enable PROFIsafe for Basic Functions although this cannot be supported. ● 19.: An attempt was made to enable SBA (Safe Brake Adapter), although this cannot be supported. ●...
Page 711 Diagnostics 11.3 Safety messages for SINAMICS S120 F01664 SI P1 (CU): No automatic firmware update Explanation When booting it was identified that function "Automatic firmware update" (p7826 = 1) was not activated. However, this is necessary for the automatic firmware update/downgrade in order to avoid, when enabling the safety functions, an inadmissible combination of versions.
Page 712 Diagnostics 11.3 Safety messages for SINAMICS S120 F01670 SI Motion: Invalid Sensor Module parameterization Explanation 1. No encoder was parameterized for Safety Integrated. 2. An encoder was parameterized for Safety Integrated that does not have an A/B (sine/cosine) track. 3. The encoder data set selected for Safety Integrated is still not valid. 4.
Page 713 Diagnostics 11.3 Safety messages for SINAMICS S120 F01671 SI Motion: Encoder parameterization error Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The parameterization of the encoder used for Safety Integrated is not the same as the parameterization of the standard encoder. Note: This fault does not result in a safety stop response.
Page 714 Note: This fault does not result in a safety stop response. Fault value (r0949, decimal): Only for internal Siemens troubleshooting. Remedy Use a Sensor Module that supports the safety-related motion monitoring functions. Upgrade the Sensor Module software.
Page 715 Diagnostics 11.3 Safety messages for SINAMICS S120 F01682 SI Motion P1 (CU): Monitoring function not supported Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The monitoring function enabled in p9501, p9601 or p9801 is not supported in this firmware version. Note: This fault results in a STOP A that cannot be acknowledged.
Page 716 Diagnostics 11.3 Safety messages for SINAMICS S120 F01685 SI Motion P1 (CU): Safely-Limited Speed limit value too high Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The limit value for the function "Safely-Limited Speed" (SLS) is greater than the speed that corresponds to an encoder limit frequency of 500 kHz.
Page 717 Diagnostics 11.3 Safety messages for SINAMICS S120 F01688 SI Motion CU: Actual value synchronization not permissible Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation It is not permissible to enable actual value synchronization for a 1-encoder system. ● Simultaneously enabling actual value synchronization and a monitoring function with absolute reference (SCA/SLP) is not permitted.
Page 718 Diagnostics 11.3 Safety messages for SINAMICS S120 F01690 SI Motion: Data backup problems for NVRAM Explanation There is not enough memory space in the drive NVRAM to save parameters r9781 and r9782 (Safety log‐ book). Note: This fault does not result in a safety stop response. Fault value (r0949, interpret decimal): 0: There is no physical NVRAM available in the drive.
Page 719 Diagnostics 11.3 Safety messages for SINAMICS S120 C01700 SI Motion P1 (CU): STOP A initiated Response OFF2 Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The drive is stopped using a STOP A (the pulses are cancelled via the safety switch-off signal path of the Control Unit).
Page 720 Diagnostics 11.3 Safety messages for SINAMICS S120 C01701 SI Motion P1 (CU): STOP B initiated Explanation The drive is stopped using STOP B (braking along the OFF3 down ramp). As a result of this fault, after the time parameterized in p9556 has expired or the speed threshold parameterized in p9560 has been fallen below, message C01700 "STOP A initiated"...
Page 721 Diagnostics 11.3 Safety messages for SINAMICS S120 C01707 SI Motion P1 (CU): Tolerance for Safe Operating Stop exceeded Explanation The actual position has moved further away from the setpoint position than permitted in the stop tolerance. The drive is stopped with message C01701 "SI Motion P1 (CU): STOP B initiated". Remedy Check whether additional safety faults are present, and if required carry out the diagnostics for the faults involved.
Page 722 Diagnostics 11.3 Safety messages for SINAMICS S120 C01709 SI Motion P1 (CU): STOP D initiated Explanation The drive is stopped using STOP D (braking along the path). "Safe Operating Stop" (SOS) is activated after the parameterized timer has expired. Possible causes: ●...
Page 723 The message value that resulted in a STOP F is displayed in r9725. The message values described involve the crosswise data comparison between the Control Unit and Motor Module. If the drive is operated together with a SINUMERIK, the message values are written to Alarm 27001 of the SINUMERIK 840D sl. Remedy In general, the following applies: The monitoring clock cycles in both channels must be checked to ensure that they are identical and if required, they must be set the same.
Page 724 Diagnostics 11.3 Safety messages for SINAMICS S120 C01711 SI Motion P1 (CU): Defect in a monitoring channel For fault value = 1012: Upgrade the Sensor Module software. For fault value = 1020, 1021: Check the communication connection. Carry out a POWER ON for all components (which-office/switch-on). Hardware replacement.
Page 725 Diagnostics 11.3 Safety messages for SINAMICS S120 C01711 SI Motion P1 (CU): Defect in a monitoring channel For fault value = 5012: Check the setting of the PROFIsafe address of the Control Unit (p9610) and that of the Motor Modules (p9810).
Page 726 Diagnostics 11.3 Safety messages for SINAMICS S120 C01711 SI Motion P1 (CU): Defect in a monitoring channel For fault value = 5066: Check the value setting of the F-parameter F_WD_Time at the PROFIsafe slave and possibly increase. For fault value = 6000, 6072: Carry out a POWER ON (power off/on) for all components.
Page 727 Diagnostics 11.3 Safety messages for SINAMICS S120 C01714 SI Motion P1 (CU): Safely-Limited Speed exceeded Response NONE Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The drive has moved faster than that specified by the speed limit value (p9531). The drive is stopped by the configured stop response (p9563).
Page 728 Explanation The DRIVE-CLiQ encoder for the safe motion monitoring outputs an error for the effectiveness test. Message value (r9749, interpret as decimal): For Siemens internal fault diagnostics only. Remedy Check the encoder connection. Replace the encoder. This message can be acknowledged as follows: Motion monitoring functions with SINUMERIK: From the machine control panel.
Page 729 Diagnostics 11.3 Safety messages for SINAMICS S120 A01781 SBT brake opening time exceeded Response NONE Acknowledg‐ NONE ment Explanation The maximum time (11 s) to open the brake during the brake test has been exceeded. Possible causes: During the brake test, the drive has gone into a fault condition, and therefore the drive closed the brake. For an external brake, the feedback signal "Brake closed"...
Page 730 Diagnostics 11.3 Safety messages for SINAMICS S120 A01783 SBT brake closing time exceeded Explanation The maximum time (11 s) to close the brake during the brake test has been exceeded. Alarm value (r2124, interpret binary): Bit 0 = 1: Internal brake was not able to be closed. Bit 1 = 1: External brake was not able to be closed.
Page 731 Diagnostics 11.3 Safety messages for SINAMICS S120 A01784 SBT brake test canceled with error Bit 21 = 1: axis position during the brake test invalid as a result of parking axis. Bit 22 = 1: Internal software error. Bit 23 = 1: The permissible position range of the axis when the brake is closed was violated (p10212/p10222). Bit 24 = 1: The tested internal brake was opened during the active brake test.
Page 732 Diagnostics 11.3 Safety messages for SINAMICS S120 F01786 SCC signal source changed Response NONE Acknowledg‐ IMMEDIATELY ment Explanation The signal source in p10235 or p10250 was changed. The new signal source is active immediately. See also: p10235 (SI Safety Control Channel control word S_STW3B), p10250 (SI Safety Control Channel control word S_STW1B) Remedy Acknowledge fault...
Page 733 Diagnostics 11.3 Safety messages for SINAMICS S120 A01796 (F, N) SI Motion CU: Wait for communication Response for NONE Acknowledg‐ NONE ment for N C01797 SI Motion P1 (CU): Axis not safely referenced Response NONE Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation The stop position saved before powering-down does not coincide with the actual position that is determined when powering-up.
Page 734 Diagnostics 11.3 Safety messages for SINAMICS S120 F30600 SI P2: STOP A initiated Explanation The "Safety Integrated" function integrated in the drive on monitoring channel 2 has detected a fault and initiated a STOP A (STO via the safety switch-off signal path of monitoring channel 2). ●...
Page 735 Diagnostics 11.3 Safety messages for SINAMICS S120 F30611 SI P2: Defect in a monitoring channel 1 to 999: Number of the crosswise compared data that resulted in this fault. This number is also displayed in r9895. 1: SI monitoring clock cycle (r9780, r9880) 2: SI enable safety functions (p9601, p9801).
Page 736 Diagnostics 11.3 Safety messages for SINAMICS S120 N30620 (F, A) SI P2: Safe Torque Off active Response NONE Acknowledg‐ NONE ment Explanation The "Safe Torque Off" (STO) function of the basis functions has been selected on monitoring channel 2 via the input terminal and is active.
Page 737 ● The enable signal for the safety functions in both monitoring channels is inconsistent (p9601 = 0, p9801 <> 0). Fault value (r0949, interpret decimal): Only for internal Siemens troubleshooting. Remedy Select Safe Torque Off and then deselect again. ● Carry out a POWER ON (power off/on) for all components.
Page 738 Motor Modules connected in parallel. Note: This fault results in a STOP A that can be acknowledged. Fault value (r0949, interpret as decimal): Only for internal Siemens troubleshooting. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 739 Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret as hexadecimal): Only for internal Siemens troubleshooting. Remedy Carry out a POWER ON (power off/on) for all components. ● Re-commission the Safety Integrated function and carry out a POWER ON.
Page 740 Diagnostics 11.3 Safety messages for SINAMICS S120 F30650 SI P2: Acceptance test required Explanation The "Safety Integrated" function on monitoring channel 2 requires an acceptance test. Note: This fault results in a STOP A that can be acknowledged. Fault value (r0949, interpret as decimal) 130: Safety parameters for monitoring channel 2 not available.
Page 741 This synchronization routine was not successful. Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret decimal): Only for internal Siemens troubleshooting. Remedy Carry out a POWER ON (power off/on) for all components Upgrade the Motor Module/Hydraulic Module software.
Page 742 Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret as hexadecimal): Only for internal Siemens troubleshooting. Remedy Carry out a POWER ON (power off/on) for all components Upgrade the Motor Module/Hydraulic Module software.
Page 743 Note: This fault results in a STOP A that cannot be acknowledged. Fault value (r0949, interpret decimal): Only for internal Siemens troubleshooting. Remedy Check whether there are faults in the safety function alignment between the two monitoring channels (F01655, F30655), and if required carry out diagnostics for the faults involved.
Page 744 Diagnostics 11.3 Safety messages for SINAMICS S120 F30680 SI Motion P2: Checksum error safe monitoring functions Explanation The actual checksum calculated by the Motor Module/Hydraulic Module and entered into r9398 over the safety-related parameters does not match the reference checksum in p9399 saved when the machine was accepted the last time.
Page 745: Safety Plc Alarms
Diagnostics 11.4 Safety PLC alarms F30706 SI Motion P2: SAM/SBR limit exceeded Response NONE Acknowledg‐ IMMEDIATELY (POWER ON) ment Explanation After the initiation of STOP B (SS1) or STOP C (SS2), the speed has exceeded the selected tolerance value. The drive is stopped with message C30700 "SI Motion P2: STOP A initiated". Remedy Check the braking behavior and if required, adapt the parameterization of the "SAM"...
Page 746: Reducing The Number Of Alarms
Diagnostics 11.5 Reducing the number of alarms 400552 Error on the DP bus Remedy Check the I/O, resolve I/O errors Program con‐ Internal tinuation 411101 FB11, illegal axis number Explanation Parameter axis not in the permissible range Response Alarm display PLC stop Remedy PLC general reset, use the basic program with the correct version.
Page 747 Diagnostics 11.5 Reducing the number of alarms SINAMICS Alarm suppression using the following values in $MN_SAFE_ALARM_SUP‐ alarm S120 alarm PRESS_LEVEL, several values are alternatively possible number number 27021 C01709 1, 2, 3, 12, 13 27022 C01708 1, 2, 3, 12, 13 27023 C01701 1, 2, 3, 12, 13...
Page 748: Assigning Priorities To Alarms
Diagnostics 11.5 Reducing the number of alarms global acceptance test group alarm 27135 "Axis %1 checksum group error, safety-related monitoring functions on at least one axis. Confirmation and acceptance test required", replaced. Note The alarm reduction is only made in the SPL commissioning mode (MD $MN_PREVENT_SYNACT_LOCK[0,1] = 0).
Page 749 Diagnostics 11.5 Reducing the number of alarms Assigning priorities to Alarm 27090 only becomes effective if it occurs due to differences in the $A_INSE system variables. Only then will this alarm be initiated as a result of different input signals. For Alarms 27004, 27001 and 27101 to 27107, no additional condition is required, as ●...
Page 750 Diagnostics 11.5 Reducing the number of alarms ● 27106 difference for the function safely reduced speed n ● 27107 difference for the function, cam modulo monitoring Subsequent alarms for Alarms 27001 and 27101 to 27107 ● 27023 STOP B initiated ●...
Page 751: Interaction With Other Functions
Interaction with other functions 12.1 Limiting the speed setpoint The setpoint speed is parameterized as a function of the active safety monitoring in MD36933 $MA_SAFE_DES_VELO_LIMIT. This machine data is not incorporated in the axis-specific checksum MD36998 $MA_SAFE_ACT_CHECKSUM, so that changes can be made to the MD for the acceptance test without having to again change the checksum.
Page 752: Setpoint Switchover
Interaction with other functions 12.2 Setpoint switchover 1. Changing-over from non-safe operation in SG/SBH There is no delay (VELO_SWITCH_DELAY), so that this changeover must always be performed at zero speed or below the enabled SG limit. 2. Changing-over from SGx to SGy A) SGx >...
Page 753 Interaction with other functions 12.2 Setpoint switchover Setpoint changeover and Safety Integrated In conjunction with the setpoint changeover, the SI functionality is only supported with a restricted scope. At each setpoint changeover, the absolute position reference is lost. This means that only SI functions can be sensibly and practically used that do not require absolute position information.
Page 754: Measuring System Switchover
Interaction with other functions 12.4 Gantry axes STOPs The setting MD36964 SAFE_IPO_STOP_GROUP <> 0 is not permissible for the SI axis, as this causes the interpolating relationships to be cancelled. Brake test The brake test can only be carried-out in the SI axis. The SI axis must have the drive checking function for the brake test.
Page 755: Parking Axis
Interaction with other functions 12.5 Parking axis 12.5 Parking axis When the park state is activated (using the interface signal "parking"), then the system automatically cancels the pulses using an external STOP A. After the park state has been removed, the external STOP A is automatically deactivated again. WARNING "Parking"...
Page 756: Incremental Encoder Functionality
Interaction with other functions 12.7 OEM applications 12.6 Incremental encoder functionality The function "Save actual value with incremental encoder" is enabled in MD $MA_ENC_REFP_STATE for the parameterizable incremental encoder, and a monitoring function with absolute reference (SE/SN) is enabled in MD $MA_SAFE_FUNCTION_ENABLE. This combination of functions is not permitted.
Page 757: Ncu-Link
Interaction with other functions 12.9 Response of the Sim-NCK systems 12.8 NCU-Link An NCU link involves a group of several NCUs to control a machine. In this case, the interpolation function of the various SERVO axes is distributed across the various NCUs. The following definitions apply when operating systems such as these with safety functionality: ●...
Page 758: Response Of Safety Integrated When The Communication Fails
Interaction with other functions 12.10 Response of Safety Integrated when the communication fails ● $MN_SAFE_SDP_ENABLE_MASK Enable F_SENDDP connections ● $MN_SAFE_RDP_ENABLE_MASK Enable F_RECVDP connections ● $MA_SAFE_FUNCTION_ENABLE Enabling axis-specific SI functions This means that the safety functionality in these systems is not activated and they behave neutrally.
Page 759 Interaction with other functions 12.10 Response of Safety Integrated when the communication fails The ESR integrated in the drive is configured for fault/error situations where the NC can no longer enter a setpoint at the drive. Even when communication fails with the SI functionality active, ESR integrated in the drive is possible to protect machine.
Page 760 Interaction with other functions 12.10 Response of Safety Integrated when the communication fails If a pulse suppression delay is parameterized using $MN_SAFE_PULSE_DIS_TIME_BUSFAIL, after a communication failure, the SGA of all axis- specific SI monitoring channels are first left in their old state. All SGAs are deleted after this delay time has expired.
Page 761 Interaction with other functions 12.10 Response of Safety Integrated when the communication fails The following parameterization ensures that when the communication fails there is 200 ms for an ESR - integrated in the drive - before the pulses are cancelled. The SG stages for personnel protection are defined differently in the individual axes: $MN_SAFE_PULSE_DIS_TIME_BUSFAIL= 0.2 ;...
Page 762 Interaction with other functions 12.10 Response of Safety Integrated when the communication fails $MA_SAFE_VELO_STOP_MODE[AX5] = 5 ; ⇒ $MA_SAFE_VELO_STOP_REACTION becomes active $MA_SAFE_VELO_STOP_REACTION[0, AX5] = 3 ; SG stage 1 $MA_SAFE_VELO_STOP_REACTION[1, AX5] = 13 ; SG stage 2 $MA_SAFE_VELO_STOP_REACTION[2, AX5] = 3 ; SG stage 3 $MA_SAFE_VELO_STOP_REACTION[3, AX5] = 13 ;...
Page 763: Appendix
You can contact the experts of Technical Support in Germany under the following telephone number: +49 (0) 911 895 7222 Outside Germany, you can use the following link to find the relevant contact person: https:// support.industry.siemens.com/cs/ww/en/sc/3082 (https://support.industry.siemens.com/cs/ ww/en/sc/3082) Table 13-1...
Page 764: References
13.2 References /ASI/ Low-voltage switchgear and systems, Catalog Drive, Switchgear and Installation Technology from Siemens Order No.: Reinert, D./Schäfer, M./Umbreit, M.: Drives and CNC systems with integrated safety (drives and CNC systems), in: ETZ booklet, 11/98. Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 765: Abbreviations
Appendix 13.3 Abbreviations Documentation An overview of publications that is updated monthly is provided in a number of languages in the Internet at: http://www.siemens.com/motioncontrol Select the menu items "Support" → "Technical Documentation" → "Overview of Publications" or "DOConWEB". 13.3 Abbreviations The most important abbreviations are listed alphabetically.
Page 766 Appendix 13.3 Abbreviations Diagnostic coverage DRIVE DATA SET (drive parameters that can be changed over together as a set) Digital input Digital output DKE-AK German Electrotechnical Working Committee Data left Direct Measuring System Distributed I/O DP master Dual Port RAM Data right DRIVE-CLiQ "DRIVE Component Link with IQ"...
Page 767 Appendix 13.3 Abbreviations International Electrotechnical Commission Institute for work safety Pulse inhibit Indirect Measuring System INSE Input data of the safe programmable logic (SPL) from the I/O INSI Input data of the safe programmable logic (SPL) from the output data of the axis-specific monitoring functions Interpolator Input/output...
Page 768 Appendix 13.3 Abbreviations PM-E F Power Module Electronic Failsafe PROFIBUS user organization PROFIBUS Bus system for communication between automation components PROFIsafe Communication profile based on PROFIBUS for safety-related communica‐ tions PROFIsafe clock cycle Slave-to-slave communication (peer-to-peer communication) SA-Link Sensor-Actuator link Safe Brake Control Safe Operating Stop Safe Brake Management...
Page 769: List Of Links For Sinumerik Safety Integrated Application Examples
Lower limit Revolutions per minute Ü Gear ratio Feed Drive Machine Tool 13.4 List of links for SINUMERIK Safety Integrated application examples Application examples for SINUMERIK Safety Integrated are available at Link (https:// support.industry.siemens.com/cs/ww/en/view/109475885). Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 770 Appendix 13.4 List of links for SINUMERIK Safety Integrated application examples Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 771: Glossary
Glossary Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 772 Glossary Safety Integrated Function Manual, 12/2017, 6FC5397-4BP40-6BA1...
Page 773: Index
Index Computing load, 196 Connection name (RDP), 234 Connection name (SDP), 224 Connection number (RDP), 237 $A_STOPESI, 126 Connection number (SDP), 227 $VA_STOPSI, 126 Consistency check of machine data sets, 214 Correction factor, safely reduced speed, 479 CPU-CPU communication, 215 Crosswise data comparison, 82, 258 2-encoder system, 86 DAC output, 544...
Page 774 Index F-net data filter (SDP), 226 Multiple assignment, 184 Forced checking procedure Multiple distribution, 183 Safety relay, 280 SPL signals, 177 Frequency limit, 139 FXS, 290 NCK-SGE/SGA, 175 NCK-SPL program, 262 NCK-SPL start PLC user program, 268 Gantry axes, 754 NCU-Link, 757 Global checksum, 580 Group standards, 19...
Page 775 Index Safe end positions, 154 SGE/SGA Safe Operating Stop, 106 Minimum number, 175 Deselection, 109 Signal propagation times, 176 Functional features, 106 SGE/SGA assignment, 539 Preconditions, 107 SI I/O, 578 Selection, 107 SI machine data Safe software cams Change, 541 Functional features, 157 SIC, 309 Hysteresis, 160...
Page 776 Index Stopping delay times Cancel, 132 Sub-slot address, 197 Sub-slots, 233 Substitute values (RDP), 238 Switching on the system, 100 Switch-off signal paths Stop responses, 113 symbolic name, 196 Synchronized action, 261 Synchronizing cam signals, 160 System error F_DP communication, 252 System variable $A_XFAULTSI, $VA_XFAULTSI, 512 System variable $VA_IS, 511...

Siemens SINUMERIK 840D sl Function Manual

1 Fundamental Safety Instructions

2 Regulations and Standards

3 Brief Description

4 System Features

5 Safety Functions Integrated in the Drive

6 Basics Regarding the Safety Functions Integrated in the System/Drive

7 Safety Functions Integrated in the System/Drive

8 Connecting Sensors and Actuators

9 Data Descriptions

10 Commissioning

11 Diagnostics

12 Interaction with Other Functions

13 Appendix

Quick Links

Related Manuals for Siemens SINUMERIK 840D sl

Summary of Contents for Siemens SINUMERIK 840D sl