ABB AC500-S Safety User Manual page 44
Hide thumbs
Also See for AC500-S:
- Safety user manual (452 pages) ,
- Application note (24 pages) ,
- System manual (119 pages)
Table of Contents
Advertisement
AC500-S safety modules
Safety CPU - SM560-S / SM560-S-FD-1 / SM560-S-FD-4 > Safety CPU module states
RUN
In this state, the safety application is normally executed, provided that the boot project is
loaded. No error of severity levels 1 or 2 is available.
SM560-S
All CODESYS online services from "Online" menu are available for users, but only three of them
can be executed without leaving RUN state: "Login", "Logout" and "Check boot project in PLC".
PWR
All other services (e.g., set a breakpoint) switch the safety CPU to non-safety DEBUG states
DIAG
(DEBUG RUN or DEBUG STOP).
RUN
I-ERR
E-ERR
SAFE STOP
The safety CPU goes to SAFE STOP state if an error of severity level 1 or 2 is identified. All
PROFIsafe output telegrams are nulled (no valid PROFIsafe telegrams are generated in this
SM560-S
state). No CODESYS online services from "Online" menu are available for users.
This state can be left only using powering off/on or "reboot" PLC browser/shell command on
PWR
non-safety CPU.
DIAG
RUN
I-ERR
E-ERR
DEBUG RUN
DEBUG RUN (non-safety) state can be reached if CODESYS online services from "Online"
menu are used (except "Login" , "Logout" and "Check boot project in PLC" ) from safe RUN
SM560-S
state. The user can set a breakpoint in the safety program, perform "Single cycle" program exe-
cution, force and write variable values and execute other debugging functions of CODESYS
Safety.
PWR
DIAG
If CODESYS online service "Stop" is called or the breakpoint is reached in the safety applica-
tion program, the safety CPU switches to DEBUG STOP (non-safety) state.
RUN
I-ERR
Valid PROFIsafe safety telegrams are generated in DEBUG RUN state. DEBUG RUN state is
E-ERR
non-safe, thus, the responsibility for safe process operation lies entirely with the organization
and person responsible for the activation of DEBUG RUN (non-safety) mode.
One can go back to a safe RUN state only using powering off/on or "reboot" PLC browser/shell
command on non-safety CPU.
44
DANGER!
The safety functionality and, as a result, safe process operation, is no more
guaranteed by the safety CPU in the DEBUG RUN (non-safety) or DEBUG
STOP (non-safety) mode.
In case of DEBUG RUN (non-safety) or DEBUG STOP (non-safety) mode acti-
vation on the safety CPU, the responsibility for safe process operation lies
entirely with the organization and person responsible for the activation of
DEBUG RUN (non-safety) or DEBUG STOP (non-safety) mode.
With the help of POU SF_SAFETY_MODE one can retrieve the information if
the safety CPU is in SAFETY or DEBUG (non-safety) mode and, if required,
stop or limit user application program execution
"SF_SAFETY_MODE" on page 305.
3ADR025091M0208, 12, en_US
Ä Chapter 4.6.7.7
2020/06/19
Advertisement
Table of Contents
