ABB FSO-12 User Manual
  1. Manuals
  2. Brands
  3. ABB Manuals
  4. Control Unit
  5. FSO-12
  6. User manual
ABB FSO-12 User Manual

ABB FSO-12 User Manual

Safety functions module
Hide thumbs Also See for FSO-12:
1
2
3
4
Table Of Contents
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
Table of Contents

Advertisement

Quick Links

Download this manual
OPTIONS FOR ABB DRIVES
FSO-12 safety functions module
User's manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FSO-12 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ABB FSO-12

Summary of Contents for ABB FSO-12

  • Page 1 — OPTIONS FOR ABB DRIVES FSO-12 safety functions module User’s manual...

  • Page 2: List Of Related Manuals

    ACS880 primary control program (YINLX) firmware manual 3AXD50001000998 Option manuals and guides ACS-AP-I, -S, -W and ACH-AP-H, -W Assistant control panels user's manual 3AUA0000085685 FSO-12 safety functions module user's manual 3AXD50000015612 FENA-01/-11/-21 Ethernet adapter module user’s manual 3AUA0000093568 FPNO-21 PROFINET adapter module user's manual...
  • Page 3 User’s manual FSO-12 safety functions module Table of contents 1. Safety instructions 8. Installation 12. Start-up  2025 ABB. All Rights Reserved. 3AXD50000015612 Rev L Original instructions EFFECTIVE: 2025-01-09...

  • Page 5: Table Of Contents

    Table of contents 5 Table of contents 1. Safety instructions Contents of this chapter ............13 Use of warnings .
  • Page 6 6 Table of contents Operational characteristics ........... . 42 Response times .
  • Page 7 Configuring the ABB AC500-S Safety PLC ........
  • Page 8 8 Table of contents 7. Planning for installation Contents of this chapter ............219 Requirements for designers and installers .
  • Page 9 FSO-12 parameters ........
  • Page 10 10 Table of contents Status and control words ............347 12.
  • Page 11 Table of contents 11 Reporting problems and failures ..........395 15.
  • Page 12 12 Table of contents 17. Dimension drawings Further information...

  • Page 13: Safety Instructions

    Safety instructions 13 Safety instructions Contents of this chapter The chapter contains the warning symbols used in this manual and the safety instructions which you must obey when you install or connect an option module to a drive or inverter. If you ignore the safety instructions, injury, death or damage can occur.

  • Page 14: Electrical Safety Precautions

    14 Safety instructions Electrical safety precautions This manual does not give detailed information for disconnecting and isolating all drive types. Refer also to the drive or inverter unit hardware manual. These electrical safety precautions are for all personnel who do work on the drive, motor cable or motor.
  • Page 15 Safety instructions 15 electrical work. This includes, but is not limited to, electric shock and arc protection. • Before and after you measure the installation, verify the operation of the voltage tester on a known voltage source. • Make sure that the voltage between the input power terminals of the drive (L1, L2, L3) and the grounding (PE) busbar is zero.
  • Page 16 16 Safety instructions...

  • Page 17: Introduction To The Manual

    Do not open the FSO module. If you open the FSO module, the safety classification becomes invalid and the warranty ceases to be in effect. Applicability This manual is applicable to the FSO-12 safety functions module, revision J.

  • Page 18: Compatible Products

    (AINLX), version 3.46 or earlier. It is not applicable to drives with ACS880 primary control program (YINLX). There is a potential safety problem in drives with an FSO-12 module and ACS880 primary control program (AINLX), version 3.46 or earlier. With this combination, drive parameter 99.16 Motor phase order has a possible effect on the safety...
  • Page 19 Introduction to the manual 19 Example: The initial settings are: • SLS limit positive = 5000 rpm • SLS limit negative = -100 rpm Then, one year later, parameter 99.16 is changed from UVW to UWV. In this case, request for 4000 rpm forward will cause a speed of 4000 rpm backward without SLS limit violation.

  • Page 20: Controller Stations

    4. Make sure that the rotation direction agrees with the limits that the FSO module is monitoring. To remove the effects of the delta package, the drive firmware must be reloaded. Contact your local ABB representative for the software packages or for more information. Controller stations ...

  • Page 21: Supported Safety Functions

    • Safe maximum speed (SMS), see page • Prevention of unexpected start-up (POUS), see page 131. Note: The FSO-12 module does not support an encoder in safety applications. Target audience The manual is intended for qualified persons who design the safety application, plan the installation as well as install and commission the safety application.
  • Page 22 PROFIsafe profile of PROFINET. It describes the FSO module states and transitions and the contents of the PROFIsafe messages. The chapter also includes installation instructions, configuration instructions for the ABB AC500- S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC as well as fault tracing tips.

  • Page 23: Recommended Reading

    Introduction to the manual 23 It also gives instructions for the replacement of the FB module, FSO factory reset, safety system update and decommissioning as well as proof tests. Chapter Technical data (page 405) contains the technical specifications of the FSO module, for example, electrical data, sizes and safety data.
  • Page 24 24 Introduction to the manual Term / Description Abbreviation Number of cycles until 10% of the components fail dangerously (for pneumatic and electromechanical components). (EN ISO 13849-1) Type of control unit Black channel Communication channel that is not safe as it has not been designed and/or validated according to IEC 61508.
  • Page 25 FPNO-21 PROFINET fieldbus adapter module FSE-31 Pulse encoder interface module which can be used in safety applications FSO-12 Safety functions module which does not support the use of encoders FSO-21 Safety functions module which supports the FSE-31 module and the use of safety encoders...
  • Page 26 26 Introduction to the manual Term / Description Abbreviation In digital outputs, the signal is neither driven to a logical high nor hi-Z state low level. It is “floating”. IGBT Insulated gate bipolar transistor Internal fault A fault which is detected by FSO module’s internal diagnostics. When an internal fault is detected, the FSO goes into fail-safe mode, activates drive STO, and creates a fault to the drive.
  • Page 27 Introduction to the manual 27 Term / Description Abbreviation Profile Adaptation of the protocol for certain application field, for example, drives. PROFINET An open standard for industrial communication systems that uses the Ethernet standard. Registered trademark of PROFIBUS and PROFINET International (PI) community. PROFIsafe An additional layer on top of the PROFINET protocol for safety- related communication.
  • Page 28 28 Introduction to the manual Term / Description Abbreviation Safety function Worst-case elapsed time following an actuation of a safety sensor response time connected to a fieldbus before the corresponding safe state of its (SFRT) safety actuator(s) is achieved in the presence of errors or failures in the safety function channel.
  • Page 29 Introduction to the manual 29 Term / Description Abbreviation Safe torque off (EN/IEC 61800-5-2). In this manual, this term is used in two different contexts: • the STO circuit in the drive (the drive STO function) • the STO safety function in the FSO module. Safety functions in the FSO module (eg, STO, SSE, SS1 and POUS) activate the drive STO function, that is, open the drive STO circuit.

  • Page 30: Certificates

    Dangerous failure rate, undetected failures λ Safe failure rate Certificates TÜV Nord certificate for the FSO-12 and ACS880 drive series can be found in the ABB Library, where you can also check the validity of the certificate with a specific drive variant.
  • Page 31 Introduction to the manual 31 The PROFIsafe certificate for the FSO-12 module is shown below. Certificate PROFIBUS Nutzerorganisation e.V. grants to ABB Oy Hiomotie 13, 00380 Helsinki, Finland the Certificate No: Z20141 for the PROFIsafe device: Model Name: FSO-12 Order Number:...
  • Page 32 32 Introduction to the manual...

  • Page 33: Safety Information And Considerations

    Safety information and considerations 33 Safety information and considerations Contents of this chapter This chapter contains general safety considerations and information to be taken into account when applying the FSO safety functions. WARNING! The FSO safety functions module is delivered with the safety functions bypassed by jumper wires in connectors X:113 and X:114 to allow initial drive commissioning without the need to configure safety functions first.

  • Page 34: Meeting The Requirements Of The Machinery Directive

    Intentional misuse Use the FSO module according to the instructions given in the applicable user’s manual. ABB is not responsible for any damage caused by the misuse of the module. The FSO module is not designed to protect a machine against intentional misuse or sabotage.

  • Page 35: Proof Testing

    Safety information and considerations 35 unexpected start-up according to the limitations of IEC 60204-1, 5.4 and ISO 14118. The Safe torque off function does not disconnect or isolate the voltage of the main and auxiliary circuits of the drive. Therefore maintenance work on any electrical parts of the system (including drive and the motor) can only be carried out after a proper isolating procedure, which must be obeyed to make sure that the maintained part of the system is properly isolated.
  • Page 36 36 Safety information and considerations...

  • Page 37: Overview

    FSO module layout, connections, type designation label and operational characteristics. Intended use of the FSO module FSO-12 is a safety option module for ABB ACS880 drives, which adds safety functionality, including support for PROFIsafe communication with a safety PLC through an FB module.

  • Page 38: System Description

    FSO module. FSO module and safety system components  The figure below shows a safety system example that has these components: • FSO-12 safety functions module • ACS880-01 drive • safety PLC • FB module • switches and buttons.

  • Page 39: Fso Module Version Handling

    FSO-12 module has a version handling system. Both the FSO module and the ACS880 drive firmware must support the used safety functions. You can always replace the FSO-12 module with a newer revision and use the same configuration file with the new revision. Each time you make any changes...

  • Page 40: Layout

    40 Overview Layout  No Description 24 V DC input connection Safe torque off (STO) connection Data connection Mounting for drives with ZCU-12 control unit shown. Two mounting points on each side. The screw attached at 4b also grounds the enclosure of the FSO. Mounting points vary by installation and/or control unit type.

  • Page 41: Connections

    Connections The FSO module has several safety I/Os for external safety devices, for example buttons, gates and indicators. The FSO-12 module does not have an encoder interface. When you use the Safe brake control (SBC) function, the FSO module controls the mechanical brake.

  • Page 42: Operational Characteristics

    42 Overview Operational characteristics  The FSO module monitors that the drive operates within the configured safety limits when safety functions are active. If the limits are exceeded, FSO activates a safe stopping in the drive within the response time. The safe stopping function activates the drive STO function immediately or after an emergency ramp.

  • Page 43: Fso Diagnostics

    Overview 43 FSO diagnostics  The FSO module performs extensive auto diagnostics tests during the runtime operation on FSO internal parts as well as the communication and STO connection between the FSO and the drive. The FSO goes into the Fail-safe mode if it detects a fault.

  • Page 44: Acknowledgement

    44 Overview Note: ABB recommends that you use external devices which have a positive mechanical action or force-guided contacts. Note: With external test pulses, the length of the pulses must be 0.5 … 2 ms. Test pulses must be in totally different phasing, and must not overlap.

  • Page 45: Motor Speed Feedback

    The FSO module must have motor speed feedback to perform safety functions. The motor speed feedback can be a measured speed from a safety encoder, or a safe speed estimate. With FSO-12 module only safe speed estimate is available. Depending on the motor speed feedback method, safety functions operate slightly differently (for example, when the indications turn on and off) due to inaccuracy in safe speed estimate.
  • Page 46 46 Overview ABB Sp. z o.o. ul. Placydowska 27 95-070 Aleksandrów Lódzki Poland IEC60034-1 3~ Motor M2BAX 160MLA 4 IMB3/IM1001 2022 Ins. cl. F IP 55 r/min Duty 1478 12.8 0.77 1478 0.77 1475 0.80 1475 22.5 0.80 IE4-93.3%(100%)-93.6%(75%)-93%(50%) Product code...
  • Page 47 Overview 47 Restrictions for the use of safe speed estimate As the safe speed estimation is based on the drive electrical output frequency, there are characteristics which must be taken into account: 1. Safe speed estimate is available when the drive is modulating. If the motor shaft speed information must be safely available when the drive is not modulating, use a safety encoder together with the FSO-21 and FSE-31 modules for measuring the motor shaft speed.
  • Page 48 48 Overview The safe speed estimate calculated by the FSO module does not include slip compensation for induction motors. You must take this into account when you define monitoring limits for the safety functions. Otherwise it is possible that unnecessary monitoring limit hits occur. Using encoder for only control purposes decreases the ripple in the safe speed estimate signal.
  • Page 49 Overview 49 the possible effect (unnecessary limit hit) if you do not take the slip into account when defining the trip limits in the FSO module. Motor speed Slip Time - - - Actual speed Safe speed estimate SLS trip limits In the example, the motor torque is 100% during the acceleration and the motor slip is at its maximum value.

  • Page 50: Overview Of Safety Functions

    50 Overview The FSO module has a mute time feature that can be used to suspend the monitoring limits for a short period so that spurious trips can be eliminated. The feature is available for both safe speed estimate and safety encoder feedback.

  • Page 51: Safe Brake Control (Sbc)

    Overview 51 You can configure this safety function to be similar to the STO (SSE with immediate STO, stop category 0) or SS1 function (SSE with emergency ramp, stop category 1). Refer to sections • SSE with immediate STO on page 86, •...

  • Page 52: Safely-Limited Speed (Sls)

    52 Overview Safely-limited speed (SLS)  This safety function prevents the motor from exceeding user-defined speed limits. If the motor speed reaches the positive or negative SLS trip limit, the FSO module activates the SSE function and the motor stops. Refer to section Safely- limited speed (SLS) on page 102.

  • Page 53: Safety Functions

    Safety functions 53 Safety functions Contents of this chapter This chapter describes how the safety functions of the FSO module operate. The FSO-12 module supports these safety functions: Safety function Stop category Information Page Safe torque off (STO) Stop category 0...

  • Page 54: General

    54 Safety functions General Safety function request  A safety function can be activated locally from FSO digital inputs, from a safety PLC, in FSO internal fault situations or by another safety function (see section Dependencies between safety functions on page 133). If you want to control a safety function with a push button, connect an activation button to an FSO digital input.
  • Page 55 Safety functions 55 The acknowledgement method can be manual or automatic, from a safety PLC via the PROFIsafe communication bus, or either manual or from a safety PLC. • Automatic: The FSO module acknowledges the power-up process and/or safety functions automatically when these have completed successfully and the safety function request has been removed.
  • Page 56 56 Safety functions Acknowledgement is possible, if: • A safety function request is not active. • STO: Delay defined by parameter STO.13 Restart delay after STO STO.14 Time to zero speed with STO and modoff has passed. Note: If an SSE or SS1 request is received while the STO function is active, the STO function must be completed before acknowledgement is permitted.

  • Page 57: Dc Magnetization And Drive Start Modes

    Safety functions 57 DC magnetization and drive start modes  The correct operation of safety functions that limit or monitor motor speed (for example, SLS, SMS) requires that the ID run is done prior to operation. Note: Motor speed estimation is disabled on drive side when certain start modes with magnetization or DC current control modes are active.

  • Page 58: Ramp Monitoring

    58 Safety functions Ramp monitoring  The ramp monitoring is configured with five parameters as described below. Ramp monitoring using the Defining the ramp monitoring Speed Speed Motor Limit hit Ramp monitoring started * Lower monitoring limit is always 30 rpm below actual speed.Starting point of the upper monitoring limit is based on Description...

  • Page 59: Safety Function Indications

    Safety functions 59 event type (warning, fault or event) with parameter FSOGEN.62 STO indication safety limit.  Safety function indications Safety functions have the following indications: • Request indication, which is shown in the control panel or in the event log (stopping functions (STO, SS1, SSE) and POUS) •...
  • Page 60 60 Safety functions only. They are not allowed to be used as safe status and control indications in PROFIsafe/safety systems. STO, SS1, SSE, POUS functions States of the configured and connected functions are indicated with FSO digital outputs and fieldbus status signals when the function is started: •...

  • Page 61: Fso Modes

    Safety functions 61 FSO modes  The FSO can be in one of the following modes: • Power down: The power to the FSO is off. The drive STO circuit is open. The POWER LED is off. • Start-up: The FSO is starting up after power-up. Indicated with a blinking green RUN LED.

  • Page 62: Transitions Between Fso Modes And States

    62 Safety functions Transitions between FSO modes and states  The following diagram shows the possible transitions during normal operation of the FSO module. • Power down:STO active, power off (below 19 V) • Start-up:STO active, power on (above 19 V), start-up checks performed •...

  • Page 63: Cascade

    Safety functions 63 At power-up, the FSO goes into the Start-up mode. During the power-up process, FSO is in Safe state (STO active). It performs start-up checks and, according to the configuration, enters the Operational state either automatically or after an acknowledgement request from the FSO I/O or from a safety PLC.
  • Page 64 64 Safety functions cascaded in one cascade loop (Cascade A) and safety function 2 in another (Cascade B). Acknowledgement button Automatic Indication lamp Emergency acknowledgement stop Cascade A X114:2 Follower Follower Master X113:1 X114:1 X113:7 Safety Safety Safety Safety Safety Safety function 1 function 1...

  • Page 65: Mute Time Feature

    Safety functions 65 acknowledgement method. The acknowledgement always starts from the master FSO module. You can configure one or two safety functions in the same cascaded system (Cascade A and Cascade B). If the whole cascaded system must trip after reaching a trip limit of any safety function, or with a safety fieldbus failure, you must cascade the SSE function.
  • Page 66 66 Safety functions After the SLSx specific mute times have been enabled, the following mute time parameters are used in limit hit situations. • SLSx.17 Mute time for SLS1 • SLSx.27 Mute time for SLS2 • SLSx.37 Mute time for SLS3 •...

  • Page 67: Safe Torque Off (Sto)

    Safety functions 67 Monitoring start Limit hit (E) Zero speed delay delay (D) time (F) FSOGEN.31 FSOGEN.31 FSOGEN.31 Function-specific mute times disabled FSOGEN.31 Function-specific FSOGEN.31 mute times Function-specific mute times enabled Note: SS1 and SSE functions always use FSOGEN.31 for limit hit situations. Safe torque off (STO) The STO function brings the machine safely into a no-torque state and/or prevents it from starting accidentally.
  • Page 68 68 Safety functions Motor speed STO.14 STO.13 Time STO request Drive STO state & indication completed Time to zero speed (parameter STO.14): Time from the STO activation to the moment when the safety function is completed and the STO completed indication (parameter STO.22) goes on.

  • Page 69: Sbc After Sto

    Safety functions 69 SBC after STO  The operation of the SBC after the STO function (positive SBC delay) is described in the time diagram and table below. For configuration, see section How to configure SBC after STO on page 257. Motor speed SBC.12 SBC.13...

  • Page 70: Step Description

    70 Safety functions Step Description After time C has elapsed, the acknowledgement becomes allowed as soon as the STO request has been removed (step 5). After time A has elapsed, the FSO activates the SBC (brake) and starts a counter for time B.

  • Page 71: Sbc Before Sto

    Safety functions 71  SBC before STO The operation of the SBC before the STO function (negative SBC delay) is described in the time diagram and table below. For configuration, see section How to configure SBC before STO on page 258. The reason to use a negative SBC delay is to have the mechanical brake closed just before the drive STO circuit is opened.

  • Page 72: Safe Stop 1 (Ss1)

    72 Safety functions Step Description After time C has elapsed, the SBC starts to brake the motor. After time A has elapsed, the FSO activates the drive STO. After time B has elapsed, the FSO module defines the motor as stopped and the STO completed indication goes on.

  • Page 73: Ss1 With Time Monitoring (Ss1-T)

    Safety functions 73 SS1 with time monitoring (SS1-t)  The operation of the SS1 with time monitoring (SS1-t) is described in the time diagram and table below. For configuration, see section How to configure SS1 with time monitoring (SS1-t) on page 259. Motor speed SS1.14 Safe torque off (STO)
  • Page 74 74 Safety functions Step Description The motor speed reaches the zero speed limit (B), FSO activates the drive STO function and STO active indication parameter STO output (STO.21) goes on. The SS1 completed output indication (parameter SS1.22) goes on and the acknowledgement becomes allowed as soon as the SS1 request has been removed (step 4).

  • Page 75: Ss1 With Ramp Monitoring (Ss1-R)

    Safety functions 75 SS1 with ramp monitoring (SS1-r)  The operation of the SS1 with ramp monitoring (SS1-r) is described in the time diagram and table below. For configuration, see section How to configure SS1 with ramp monitoring (SS1-r) on page 261. Motor speed Safe torque off (STO) - ->...
  • Page 76 76 Safety functions Step Description The motor speed reaches the zero speed limit (B), FSO stops the SAR1 monitoring and activates the drive STO function, and STO active indication parameter STO output (STO.21) goes on. The SS1 completed output indication (parameter SS1.22) goes on and the acknowledgement becomes allowed as soon as the SS1 request has been removed (step 4).

  • Page 77: Ss1 With Speed Limit Activated Sbc

    Safety functions 77 SS1 with speed limit activated SBC  In these examples, the SBC and drive STO functions are activated at a user- defined speed limit. With time monitoring (SS1-t) The operation of the SS1-t function with speed limit activated SBC is described in the time diagram and table below.
  • Page 78 78 Safety functions Step Description The SS1 request is received (for example, from the I/O). The FSO starts a counter for time B. SS1 state indication parameter SS1 output (SS1.21) goes on. After time D has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp.
  • Page 79 Safety functions 79 With ramp monitoring (SS1-r) The operation of the SS1-r function with speed limit activated SBC is described in the time diagram and table below. For configuration, see section How to configure SS1 with speed limit activated SBC on page 262.

  • Page 80: Ss1 With Speed Limit Activated Sbc, Sbc Before Sto

    80 Safety functions Step Description After time C has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts the SAR1 ramp monitoring (parameters SARx.21 and SARx.22). Note: If parameter 200.112 has value 0, the drive (parameter 23.23) defines the ramp.
  • Page 81 Safety functions 81 Motor speed SS1.14 - -> Safe torque off (STO) SBC.12 SBC.13 Time SS1 request Drive STO state & SBC output SS1 state & indication completed SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake).
  • Page 82 82 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO activates SBC function. The FSO starts counters for times C and D. Note: You can define an extra delay (parameter SS1.15, not shown in the figure) before the FSO activates the SBC function.
  • Page 83 Safety functions 83 Motor speed - -> Safe torque off (STO) SBC.12 SBC.13 Time SS1 request Drive STO state & SBC output SS1 state & indication completed SAR1 monitoring SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC function (brake) while ramping.

  • Page 84: Ss1 Ramp Functions When Drive Modulation Is Lost

    84 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO stops the SAR1 monitoring and activates the SBC function. The FSO starts counters for times B and C. Note: You can define an extra delay (parameter SS1.15, not shown in the figure) before the FSO activates the SBC function.
  • Page 85 Safety functions 85 Motor speed Time SS1-r request SAR1 monitoring Drive modulation STO indication STO.14 counter on SS1 completed Zero speed (parameter FSOGEN.51) Step Description The SS1 request is received (for example, from the I/O). The drive starts to ramp down the motor speed.

  • Page 86: Safe Stop Emergency (Sse)

    86 Safety functions Safe stop emergency (SSE) The SSE function can be configured either with immediate STO or with emergency ramp. With immediate STO The behavior of the SSE with immediate STO is identical to the STO function (see section Safe torque off (STO) on page 67) except that parameter Restart...

  • Page 87: Sse With Immediate Sto, Sbc After Sto

    Safety functions 87 Motor speed STO.14 Time SSE request Drive STO state & SSE state & indication completed Time to zero speed (parameter STO.14): Time from the STO activation to the moment when the safety function is completed, the SSE completed indication (parameter SSE.22) goes on and the acknowledgement becomes allowed.
  • Page 88 88 Safety functions Motor speed SBC.12 SBC.13 Time SSE request Drive STO state & SSE state & indication SBC output completed SBC delay (parameter SBC.12): Time from the activation of the drive STO function to the moment when the FSO activates the SBC function (brake). In this case, the value is positive and the FSO activates the SBC after the drive STO.

  • Page 89: Sse With Immediate Sto, Sbc Before Sto

    Safety functions 89 Step Description After the acknowledgement, the SSE, STO and SBC functions are deactivated and the control is given back to the drive, which controls the brake from now on. The indications SSE output (SSE.21), SSE completed output (SSE.22), and STO output (STO.21) go off.
  • Page 90 90 Safety functions Motor speed SBC.12 SBC.13 Time SSE request Drive STO state & SSE state & indication SBC output completed SBC delay (parameter SBC.12): Time from the activation of the drive STO function to the moment when the FSO activates the SBC function (brake). In this case, the value is negative and the FSO activates the SBC before the drive STO.

  • Page 91: Sse With Time Monitoring

    Safety functions 91 Step Description After the acknowledgement, the SSE, STO and SBC functions are deactivated and the control is given back to the drive, which controls the brake from now on. The indications SSE output (SSE.21), SSE completed output (SSE.22), and STO output (STO.21) go off.
  • Page 92 92 Safety functions Description After time C has elapsed, the drive starts to ramp down the motor speed. SAR0 parameter 200.102 defines the deceleration ramp. The motor speed reaches the zero speed limit (B), FSO activates the drive STO function and STO active indication parameter STO output (STO.21) goes on.

  • Page 93: Sse With Ramp Monitoring

    Safety functions 93 SSE with ramp monitoring  The operation of the SSE with ramp monitoring is described in the time diagram and table below. For configuration, see section How to configure SSE with ramp monitoring on page 272. Motor speed Safe torque off (STO) - ->...

  • Page 94: Sse With Speed Limit Activated Sbc

    94 Safety functions Step Description The motor speed reaches the zero speed limit (B), the FSO stops the SAR0 monitoring and activates the drive STO function, and STO active indication parameter STO output (STO.21) goes on. The SSE completed indication goes on the acknowledgement becomes allowed as soon as the SSE request has been removed (step 4).
  • Page 95 Safety functions 95 Motor speed SSE.15 - -> Safe torque off (STO) SBC.13 Time SSE request Drive STO state & SBC output SSE state & indication completed SBC speed (parameter SBC.15): Speed limit below which the FSO activates SBC (brake) and drive STO functions while ramping. SSE delay for STO (parameter SSE.15): Time after which the FSO activates the drive STO function regardless of the motor speed.
  • Page 96 96 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO checks the value of STO SBC delay (parameter SBC.12) and activates the SBC and drive STO functions: • If the STO SBC delay is positive or zero, the SBC and drive STO functions are activated at the same time (this case is shown in the figure).
  • Page 97 Safety functions 97 Motor speed - -> Safe torque off (STO) SBC.13 Time SSE request Drive STO state & SBC output SSE state & indication completed SAR0 monitoring SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake) and drive STO functions while ramping.

  • Page 98: Sse With Speed Limit Activated Sbc, Sbc Before Sto

    98 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO stops the SAR1 monitoring. The FSO checks the value of STO SBC delay (parameter SBC.12) and activates the SBC and drive STO functions: •...
  • Page 99 Safety functions 99 Motor speed SSE.15 - -> Safe torque off (STO) SBC.12 SBC.13 Time SSE request Drive STO state & SBC output SSE state & indication completed SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC function (brake).
  • Page 100 100 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO activates SBC function. The FSO starts counters for times C and D. Note: You can define an extra delay (parameter SSE.16, not shown in the figure) before the FSO activates the SBC function.
  • Page 101 Safety functions 101 Motor speed - -> Safe torque off (STO) SBC.12 SBC.13 Time SSE request Drive STO state & SBC output SSE state & indication completed SAR0 monitoring SBC speed (parameter SBC.15): Speed limit below which the FSO activates the SBC (brake) while ramping.

  • Page 102: Sse When Drive Modulation Is Lost During Deceleration Ramp

    102 Safety functions Step Description The motor speed goes below the SBC speed limit (A), the FSO stops the SAR0 monitoring and activates the SBC function. The FSO starts counters for times B and C. Note: You can define an extra delay (parameter SSE.16, not shown in the figure) before the FSO activates the SBC function.
  • Page 103 Safety functions 103 otherwise SSE function is activated (see section SLS with time monitoring and speed above monitored speed on page 105). Ramp monitoring When SLS function is activated at a speed higher than SLS limit, motor starts to decelerate according to deceleration ramp slope defined by SLS SAR1 function. The motor speed must decelerate within SAR1 minimum and maximum limits, otherwise STO function is activated (see section SLS with ramp monitoring and...

  • Page 104: Sls With Speed Below Monitored Speed

    104 Safety functions SLS with speed below monitored speed  This applies to both time and ramp monitoring. Motor speed Time SLS request SLS monitoring SLS indication Manual acknowledgment SLS trip limit positive (parameter SLSx.14, SLSx.23, SLSx.33 or SLSx.43) SLS limit positive (parameter 200.23, 200.33, 200.43 or 200.53) - - - SSE coast stop due to SLS trip limit hit...

  • Page 105: Sls With Time Monitoring And Speed Above Monitored Speed

    Safety functions 105 Note: If drive modulation is lost when SLS function is activated and the motor speed is below SLS limit, SLS indication is on and STO is not activated due to loss of drive modulation.  SLS with time monitoring and speed above monitored speed The operation of the SLS function with time monitoring is described in the time diagram and table below.

  • Page 106: Sls With Ramp Monitoring And Speed Above Monitored Speed

    106 Safety functions Step Description The FSO starts the SLS monitoring at the latest here, that is, after the SLS time delay (C) has elapsed. Note: If the motor speed is above the SLS trip limit after the SLS time delay (C) has elapsed, the FSO module activates the SSE function.

  • Page 107: Sls Reaction When Modulation Is Lost During Deceleration Ramp, With Ramp Monitoring

    Safety functions 107 Step Description After time C has elapsed, the drive starts to ramp down the motor speed. The SAR1 parameter 200.112 defines the deceleration ramp until the speed reaches the SLS limit positive (B). The FSO starts the SAR1 ramp monitoring (parameters SARx.21, SARx.22).
  • Page 108 108 Safety functions Motor speed Time SLS request SAR1 monitoring Drive modulation SLSx.06 Modoff delay time monitoring STO.14 delay STO active SLS indication SAR1 ramp monitoring Actual motor speed (coasting after modoff) SLS trip limit SLS limit Step Description The SLS request is received. The motor speed is above the SLS trip limit positive (A).
  • Page 109 Safety functions 109 SLS reaction if modulation is lost with Modoff delay time - modulation returns before modoff delay The operation of the SLS function in case of the modulation of the drive is lost during the deceleration ramp and the modulation returns before the Modoff delay time has run out with Modoff delay time selected (parameter SLSx.05 set to Modoff delay time) is described in the time diagram and table below.
  • Page 110 110 Safety functions Step Description Modulation of the drive returns. FSO activates SAR1 monitoring again with same ramps as when the SLS request was set. The Modoff delay time limit. If the modulation would not return before this time, see previous case. The FSO starts the SLS monitoring when the motor speed is in the middle of the SLS limit and the SLS trip limit (see also section How to configure mute time for...
  • Page 111 Safety functions 111 Step Description The SLS request is received. The motor speed is above the SLS trip limit positive (A). The drive starts to ramp down the motor speed. The SAR1 parameter 200.112 defines the deceleration ramp slope until the speed reaches the SLS limit. The FSO starts the SAR1 ramp monitoring (parameters SARx.21, SARx.22).
  • Page 112 112 Safety functions How to configure SLS function behavior when drive modulation is lost on page 291. Motor speed Time SLS request SAR1 monitoring SLSx.06 Modoff delay time monitoring Drive modulation SLS indication SAR1 ramp monitoring Actual motor speed (coasting after modoff) SLS trip limit SLS limit Last valid speed estimate of FSO...
  • Page 113 Safety functions 113 Step Description Modulation of the drive returns before the last valid speed information hits the SAR1 limit and before the modoff delay time has run out. Deceleration continues as parametrized as long as the speed does not hit the SAR1 limits.

  • Page 114: Sls Reaction When Modulation Is Lost During Deceleration Ramp, With Time Monitoring

    114 Safety functions SLS limit Step Description The SLS request is received. The motor speed is above the SLS trip limit positive (A). The drive starts to ramp down the motor speed. The SAR1 parameter 200.112 defines the deceleration ramp slope until the speed reaches the SLS limit. The FSO starts the SAR1 ramp monitoring (parameters SARx.21, SARx.22).

  • Page 115: Step Description

    Safety functions 115 below. For configuration, see section How to configure SLS function behavior when drive modulation is lost on page 291. Motor speed Time SLS request SLSx.04 time delay monitoring Drive modulation SLSx.06 Modoff time delay monitoring STO active STO.14 delay SLS indication Actual motor speed (coasting after modoff)
  • Page 116 116 Safety functions SLS reaction if modulation is lost with Modoff delay time - modulation returns before modoff delay The operation of the SLS function in case the modulation of the drive is lost during the deceleration ramp and the modulation returns before the Modoff delay time has run out with Modoff delay time selected (parameter SLSx.05 set to Modoff delay time) is described in the time diagram and table below.
  • Page 117 Safety functions 117 Step Description The FSO starts the SLS monitoring at the latest here, that is, after the SLS time delay has elapsed. The FSO starts the SLS monitoring when the motor speed is in the middle of the SLS limit and the SLS trip limit (see also section How to configure mute time for monitoring start on page 306).
  • Page 118 118 Safety functions Step Description The SLS request is received. The motor speed is above the SLS trip limit positive (A). The drive starts to ramp down the motor speed. The FSO starts the counter for the SLS time delay (C) (parameter SLSx.04). The drive (parameter 23.13 or 23.15) defines the deceleration ramp until the speed reaches the SLS limit.
  • Page 119 Safety functions 119 Motor speed Time SLS request SLSx.04 time delay monitoring Drive modulation STO.14 delay SLS indication Actual motor speed (coasting after modoff) SLS trip limit SLS limit Step Description The SLS request is received. The motor speed is above the SLS trip limit positive (A).
  • Page 120 120 Safety functions see section How to configure SLS function behavior when drive modulation is lost on page 291. Motor speed Time SLS request Drive modulation SLSx.04 time delay monitoring SLS monitoring SLS indication Actual motor speed (coasting after modoff) SLS trip limit SLS limit Step...

  • Page 121: Fso Boot Behavior With Sls Active

    Safety functions 121 Step Description FSO starts the SLS monitoring at the latest here, that is, after the SLS time delay has elapsed. Note: With time-monitored SLS: If modulation is lost during deceleration ramp but it returns after SLSx.04 delay time has elapsed, with motor speed higher than SLS trip limit, then SLS limit hit is generated.
  • Page 122 122 Safety functions SSE with immediate STO This applies when the SSE function has been configured as “Immediate STO”. Motor speed - -> Safe stop emergency (SSE) STO.14 Time SLS request SLS indication SSE state & indication completed SLS trip limit positive (parameter SLSx.14, SLSx.23, SLSx.33 or SLSx.43) SLS limit positive (parameter 200.23, 200.33,...
  • Page 123 Safety functions 123 Step Description The SLS function is acknowledged and the FSO stops the SLS monitoring. The SSE function is acknowledged with the same acknowledgement. The indications go off. SSE with emergency ramp This applies when the SSE function has been configured as “Emergency ramp” (with ramp monitoring or time monitoring).

  • Page 124: Variable Safely-Limited Speed (Sls)

    124 Safety functions Step Description After time C has elapsed, the FSO activates the SSE function and the drive starts the ramp down the motor speed. SAR0 parameter 200.102 defines the ramp. The motor speed goes below the SLS limit positive (B) and the SLS active indication goes on.

  • Page 125: Variable Sls With Time Monitoring

    Safety functions 125 Note: Do not add a plus or a minus sign (+ / -) in front of the scaling value for the Variable_SLS_limit. Use a scaling value smaller than 100. The same scaling value is applied to both the positive and the negative limits. For more information, see section ABB_PS1 profile F-Output user data page 141.
  • Page 126 126 Safety functions Step Description The Variable SLS request is received from the safety PLC (for example, 70%). The FSO sends a request to the drive to ramp down the motor speed to the new SLS speed limit. The FSO start a counter for the SLS time delay (B). After time C has elapsed, the drive starts to ramp down the motor speed.

  • Page 127: Variable Sls With Ramp Monitoring

    Safety functions 127 Note: For more information on the modoff functionality in a situation where drive modulation is lost during SLS deceleration ramp, see chapter SLS reaction when modulation is lost during deceleration ramp, with ramp monitoring page 107, and SLS reaction when modulation is lost during deceleration ramp, with time monitoring on page 114).

  • Page 128: Safe Maximum Speed (Sms)

    128 Safety functions Step Description After time B has elapsed, the drive starts to ramp down the motor speed. SAR1 parameter 200.112 defines the deceleration ramp. The FSO starts to monitor the ramp according to SAR1 parameters (SARx.21, SARx.22). Note: If parameter 200.112 has value 0, the drive (parameter 23.23) defines the ramp.

  • Page 129: Sms Function, Version 1

    Safety functions 129 1. Version 1: If the motor speed reaches the minimum or the maximum SMS trip limit, the FSO module activates the SSE function. 2. Version 2: The minimum and maximum SMS limits limit the motor speed. This version of the SMS function is similar to the SLS function except that it can only be permanently on or off.

  • Page 130: Sms Function, Version 2

    130 Safety functions Step Description After time C has elapsed, the FSO activates the SSE function. In this case, the SSE function has been configured as “Immediate STO” (parameter SSE.13). This opens the drive STO circuit immediately and the motor coasts to a stop. The STO and SSE indications go on.

  • Page 131: Prevention Of Unexpected Start-Up (Pous)

    Safety functions 131 1. Reconfigure the FSO module so that the SMS function, version 2 is deactivated (set parameter 200.71 SMS activity and version to Disabled). For more information, see chapter Configuration. 2. Remove the FSO module from the drive. This removes the SMS limits from the drive.

  • Page 132: Priorities Between Safety Functions

    POUS function when another safety function is active (for example, during a deceleration ramp), it can disturb the performance of the other safety function. ABB recommends that you do not activate the POUS function when the motor is running. Example: The SS1 function uses SAR1 parameters to define the stop ramp. In some situations (for example, with PROFIsafe-related faults or trip limit hits), the FSO module activates the Safe stop emergency (SSE) function.

  • Page 133: Dependencies Between Safety Functions

    Safety functions 133 function while the SS1 function is active, the SSE function overrides the SS1 function. Therefore, SAR0 parameters are used instead of SAR1 parameters to define the stop ramp. When a safety function overrides another safety function, this does not remove the request of the overridden safety function.
  • Page 134 134 Safety functions...

  • Page 135: Profisafe

    PROFINET. It describes the FSO module states and transitions and the contents of the PROFIsafe messages. The chapter also includes installation instructions, configuration instructions for the ABB AC500-S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC and fault tracing tips.

  • Page 136: System Description

    ACS880 primary control program (YINLX) version 1.30 or later • FB module: FPNO-21 PROFINET fieldbus adapter module (version 1.00 or later) or FENA-21 Ethernet adapter module (version 3.05 or later) • compatible safety PLC system, for example, ABB AC500-S Safety PLC or Siemens SIMATIC Fail-safe S7 PLC ...

  • Page 137: System Overview

    PROFIsafe communication bus. Safety PLC ACS880 drive system controller (F-Host) FB module PROFIsafe over PROFINET FSO-12 Control Byte F-Output data (F-Device) Status Byte F-Input data The FSO safety functions module and the FB module are installed on the ACS880 drive.

  • Page 138: Remote I/O Control

    PROFIsafe connection is created. They contain the PROFIsafe addresses and the watchdog time for the PROFIsafe connection. Note: ABB recommends that you use only PROFINET compatible Ethernet switches and cables in the PROFIsafe communication bus. Remote I/O control You can control the FSO module outputs and read input information also from the safety PLC.
  • Page 139 PROFIsafe 139 CRC (3 octets) and one Status/Control Byte octet. Therefore, the maximum frame size of the message is 16 octets. Data F-Input / F-Output user data Status / Control CRC2 Byte Size (octets) Max. 12 Control Byte and CRC2 bit order PROFIsafe messages sent from the safety PLC to the FSO module include the F-Output user data, the Control Byte and CRC2.

  • Page 140: Fso Profisafe Profiles

     The content of the F-Input and F-Output user data is configured with FSO specific PROFIsafe profiles. The FSO-12 module supports the ABB_PS1 profile. The ABB_PS1 profile provides the functionality to control and monitor the safety functions, the SLS limits, the safe speed value and the states of the FSO I/O.
  • Page 141 PROFIsafe 141 ABB_PS1 profile F-Output user data This table shows the bit order of the F-Output data, which is included in the PROFIsafe message sent to the FSO module from the safety PLC. For all the bits in the F-Output data, one (1) means active and zero (0) non-active. Type Octet Bit Name Description...
  • Page 142 “0”. In these cases, you can read the FSO state from: • Siemens PLC: bits QBAD and PASS_OUT in the PROFIsafe data block • ABB PLC: bit Device_Fault in the PROFIsafe data structure. See also section FSO module modes and states on page 146.
  • Page 143 PROFIsafe 143 Type Octet Bit Name Description Unsig SLS2_active SLS2 (Safely-limited speed) is active. Active ned1 when the SLS2 function is active and the motor speed is below the SLS2 limit (that is, when the (used SLS2 monitoring is on). SLS1_active SLS1 (Safely-limited speed) is active.
  • Page 144 144 PROFIsafe Type Octet Bit Name Description Unsig Safe_input_X114_4 State of the safe input X114:4. ned1 Safe_input_X114_3 State of the safe input X114:3. Safe_input_X114_2 State of the safe input X114:2. (used Safe_input_X114_1 State of the safe input X114:1. bits) Safe_input_X113_4 State of the safe input X113:4.
  • Page 145 PROFIsafe 145 Type Octet Bit Name Description Unsig SF_end_ack_req Safety function ending acknowledgement ned1 requested = 1, no acknowledgement requested = 0. (used Acknowledgement can be done via PROFIsafe. Note: These values are indicative only and shall bits) not be used for safety-related decisions about safety function states (there are other ways to safely determine the state of a function, for example, using SS1 to check octet 0 bit 4 and...

  • Page 146: Fso Module Modes And States

    146 PROFIsafe Type Octet Bit Name Description Modulating The drive is modulating = 1 It is not known if the drive is modulating or not WARNING! The only safe way to make sure that a drive is not modulating is to activate drive STO.
  • Page 147 PROFIsafe 147 Note: If PROFIsafe is configured, the FSO module stays in the Start-up mode until it has received valid F-Parameters from the safety PLC. State diagrams Overview of states and transitions in the FSO module during normal operation. Internal fault Drive composer Power down Start-up...
  • Page 148 148 PROFIsafe Note: It is possible to go to the Configuration mode from any other state when the drive is not modulating. From the Configuration mode, it is possible to go only to the Start-up mode. Overview of states and transitions in the FSO module when fatal errors in the FSO module occur or when cycling power of the FSO module.
  • Page 149 PROFIsafe 149 Description of states This table describes the FSO module states and how the states are shown in the PROFIsafe messages. The Status Byte and the profiles are described in detail in sections Status Byte and CRC2 bit order on page FSO PROFIsafe profiles...
  • Page 150 150 PROFIsafe State Description Operational PROFIsafe communication is up and running. The safety application is running without any detected errors. PROFIsafe Status Byte bits in the F-Host for the FSO module: • OA_Req_S = 0 • FV_activated_S = 0 • Device_Fault = 0 ABB_PS1 profile bits in the F-Host for the FSO module: •...
  • Page 151 PROFIsafe 151 State Description Safe PROFIsafe communication is up and running. The FSO application is (Module running with detected errors. passivation & At least one of the active safety functions has encountered an error. reintegration) For example, the SLS1 function is active and its speed limits are violated.
  • Page 152 152 PROFIsafe State Description Safe (Module The FSO application is running and there has been an error in the passivation) PROFIsafe communication. The FSO module and, as a result, all its I/O channels are passivated. Possible reasons for module passivation are: 1.
  • Page 153 PROFIsafe 153 State Description Safe (Module PROFIsafe communication is up and running. The FSO application is passivation with running without any detected errors. a command) The FSO module and all its I/O channels are passivated because the safety application on the safety PLC requested a module passivation (activate_FV_C = 1 was set).
  • Page 154 154 PROFIsafe State Description Fail-safe The FSO application keeps the system in the Fail-safe mode. PROFIsafe communication is up and running. This state is reached if a fatal error (for example, CPU test, RAM test, I/O channel test etc. failed) takes place. The drive is stopped using the configured method.

  • Page 155: Transitions Between States

    PROFIsafe 155 Transitions between states This table describes the transitions between the FSO module states. The numbering of the transitions refer to the transitions shown in the state diagrams on page 147. From Description Start-up Safe (Module The FSO module goes to this state directly passivation after Start-up during a normal start-up.
  • Page 156 156 PROFIsafe From Description Operational Safe (Module Command “activate_FV_C = 1” was sent from passivation the safety PLC. with a command) Safe (Module Fail-safe Fatal error(s) (CPU test, RAM test, etc. failed) passivation & detected. reintegration) Safe (Module Fail-safe Fatal error(s) (CPU test, RAM test, etc. failed) passivation) detected.
  • Page 157 PROFIsafe 157 From Description Safe (User Operational OA_C (positive edge) was set by the PROFIsafe acknowledgemen F-Host for the FSO module. t request) Safe (User Safe (Module Command “activate_FV_C = 1” was sent from acknowledgemen passivation the PROFIsafe F-Host. t request) with a command) Safe (Module...

  • Page 158: Profisafe Response Time

    158 PROFIsafe PROFIsafe response time  The safety function response time (SFRT) is the time within which the safety system must react after an error has occurred in the system. SFRT is also the maximum time within which the safety system must respond to a change in the input signals.
  • Page 159 AC500-S Safety User Manual (3ADR025091M0212 [English]) for details. For example, when using the ABB AI581-S as the input device, the SM560-S safety PLC and the FSO module as the output device, SFRT can be calculated as follows: SFRT = Device_WD1 + 0.5 x F_WD_Time1 + F_Host_WD + 0.5 x F_WD_Time2 + Device_WD2 + Longest ∆T_WD...

  • Page 160: Profisafe Watchdog Time

    2. Bus time is the time it takes when the PROFIsafe frame is transmitted from F-Device (FSO module) to the F-Host (such as the ABB SM560-S safety controller station) through the "black channel". 3. Host acknowledgement time (HAT) is the time it takes for the F-Host to process an incoming PROFIsafe frame.

  • Page 161: Installation

    PROFIsafe 161 You must then set F_WD_Time about 30% higher than the worst-case value in variable tResponseTimeMS (in the AC500-S safety program) for the given safety device. If you use this approach for the FSO module, you can set the PROFIsafe cycle time and the corresponding watchdog time F_WD_Time as short as possible for the given system.
  • Page 162 This parameter is read-only. 51/54.02 FBA A/B PAR2 Selects one of the PNIO profiles. (PROTOCOL/ PROFILE) PNIO ABB Pro Profile PNIO ABB Pro is selected 51/54.03 FBA A/B PAR2 Sets the Ethernet communication rate. (COMMRATE) Auto Ethernet communication rate is negotiated automatically by the device.

  • Page 163: Configuring The Fso Module

    Configuring the safety PLC After the drive has initialized the FB module, you must prepare the safety PLC for communication with the adapter module. Examples of ABB AC500-S Safety PLC and Siemens SIMATIC Fail-safe S7 PLC are given below. The examples include the minimum required steps for starting the PROFINET and PROFIsafe communication with the FB and FSO modules.

  • Page 164: Downloading The Gsd File

    For detailed information on the passwords and access permissions in Automation Builder, refer to the AC500-S Safety PLC user manual. You can find the complete documentation of ABB PLCs and Automation Builder 2.0 application in www.abb.com/PLC. Before you start, make sure that you have downloaded the FENA GSD file from the ABB Document library.
  • Page 165 PROFIsafe 165 1. Start the ABB Automation Builder application. 2. On the Tools menu, select Device Repository. 3. In the window that opens, click Install... and browse for the GSD file. 4. Open or create the PLC project that is used to control the drive.
  • Page 166 166 PROFIsafe Next, add the necessary controller devices to the PLC project. First add the safety controller to slot 1 (make sure that the physical controller is in the same slot). Right-click on the slot, select Add object, and pick the SM560-S safety controller from the list.
  • Page 167 PROFIsafe 167 User name: Owner Password: (empty) Next, in the same way, add the CM579-PNIO PROFINET master to slot 2.
  • Page 168 168 PROFIsafe Note: Make sure that the “Enable debug” setting is On for the safety controller station, if you want to view or debug the PLC program after the download. Controller station Safety controller station PROFINET controller 6. Right-click on the PROFINET controller CM579-PNIO-Master and add the FENA module to the PROFINET IO network.
  • Page 169 PROFIsafe 169 7. Add the desired I/O module, for example, “PPO Type 4” to the first slot of the FENA module to define cyclic communication between the module and the PLC. 8. Add the PROFIsafe module “PROFIsafe ABB_PS1” to the second slot of the FENA module to define cyclic communication between the module and the...
  • Page 170 170 PROFIsafe PLC. I/O module PROFIsafe module 9. Define the PROFINET controller (CM579-PNIO) properties, such as the IP address and IP address settings for devices: • Select PNIO_Controller. • On the PROFINET I/O Controller tab, define the necessary IP addresses. 10.
  • Page 171 PROFIsafe 171 Note: Use only lower case letters for the Station name. 11. Set the communication parameters (if you have already done this, you can move on to the next step Create configuration data for safety and non- safety.). • Right-click on the PLC_AC500_V2 controller and open the communication settings.
  • Page 172 172 PROFIsafe • In the advanced settings, create a new local profile with the following parameters: • Next open the CoDeSys safety program and choose Communication...
  • Page 173 PROFIsafe 173 parameters from the Online drop down menu. • Now create a new profile and fill in the following parameters: • Next check that your network adapter is in the same subnet. Open the...
  • Page 174 174 PROFIsafe Windows network and sharing center and click on the network adapter. • Navigate to the IPv4 properties. • Finally, set your subnet to the same range as the PLC. Check that the IP address is not in use on the network.
  • Page 175 PROFIsafe 175 12. Create configuration data for safety and non-safety.
  • Page 176 176 PROFIsafe Note: The PROFIsafe source and destination addresses have to be different in order for the configuration process to work. Also, when creating safety data, some libraries will have to be created. 13. Return to the PROFINET controller (CM579-PNIO) properties. On the Assign I/O Device Name tab: •...
  • Page 177 PROFIsafe 177 profile F-Output user data on page 141.) 15. Define the PROFIsafe module properties: • Select the PROFIsafe module PROFIsafe_ABB_PS1. On the F-Parameter tab, modify the PROFIsafe safety parameters. Three of the listed parameters can be modified for FENA: •...
  • Page 178 178 PROFIsafe These two define the codename for the PROFIsafe relationship of this particular FENA module and the safety controller station. • F_WD_Time is the PROFIsafe watchdog time. See section Calculating the watchdog time on page for instructions on how to calculate the correct watchdog time.
  • Page 179 PROFIsafe 179 WARNING! Do not use this safety program in real safety applications. This safety program is shown only as an example and can only be used for trial purposes. Note: This example program also keeps the SLS3 function active all the time. 21.
  • Page 180 180 PROFIsafe Note: To make sure that the program is downloaded to the PLC (even when no changes have been made), select Clean all from the Project menu. • In the window that opens, click Yes. This downloads the program to the PLC.

  • Page 181: Configuring The Siemens Simatic Fail-Safe S7 Plc

    PLC (S7 Distributed Safety - configuring and programming, Programming and Operating Manual, 07/2013, A5E00109537-05). Before you start, make sure that you have downloaded the FENA GSD file from the ABB Document library. Refer to section Downloading the GSD file page 164.
  • Page 182 182 PROFIsafe 1. Start SIMATIC Manager and open/create a SIMATIC project. 2. Add the necessary objects to the project. In this example, a SIMATIC 300 Station and an Industrial Ethernet object have been added. 3. Open the hardware configuration of the project. 4.
  • Page 183 5. When you install the controller station to the rail, select Industrial Ethernet as the subnet for the controller station. 6. Install the FENA GSD file: • In the Options menu, select Install GSD Files. • Browse for the GSD file that you downloaded from the ABB Document library. • Click Install.
  • Page 184 184 PROFIsafe Note: In some versions of the SIMATIC environment, you have to close the whole SIMATIC program and open it again to make the new GSD file visible in the object catalogue. 7. Click and drag the FENA object from the device catalog to the Ethernet (1): PROFINET-IO-System.
  • Page 185 PROFIsafe 185 module and the PLC. 10. Double-click FENA to open the Properties window. 11. On the General tab, type the Device name for the adapter module (in this...
  • Page 186 186 PROFIsafe example, drive1). This is the IP address that will be assigned to the FENA adapter module. To modify the IP address, click the Ethernet button. The IO controller assigns the IP address.
  • Page 187 PROFIsafe 187 Note: Do not change the IP address assigned here. Use the same IP address for the FENA adapter module also in other tools (eg, the Drive Composer pro PC tool) which you use to connect to the drive. 12.
  • Page 188 188 PROFIsafe • Click the available device with the correct MAC address to which the device name will be assigned. • Click Assign name. This assigns the name to the FENA module. • Click Close. 17. Check F-Parameters for the controller: •...
  • Page 189 PROFIsafe 189 • Make the necessary changes and click OK. 18. Set F-Parameters of the FENA module: • In the hardware configuration, double-click PROFIsafe ABB_PS1 to open the Properties window. • On the PROFIsafe tab, modify the F_Dest_Add and F_WD_Time values as needed.
  • Page 190 190 PROFIsafe These two define the codename for the PROFIsafe relationship of this particular FENA module and the safety controller station. • F_WD_Time is the PROFIsafe watchdog time. See section Calculating the watchdog time on page for instructions on how to calculate the correct watchdog time.
  • Page 191 PROFIsafe 191 example, the first bit that is sent in the PROFINET message is the 7th bit of the first octet (I 0.7). 20. Check the protection of the controller station: • In the hardware configuration, double-click the controller station (for example, CPU 319F-3).
  • Page 192 192 PROFIsafe WARNING! Do not use this safety program in real safety applications. This safety program is only an example which you can use only for trial purposes to get the system up and running.
  • Page 193 PROFIsafe 193 1. In SIMATIC Manager, right-click on the Blocks folder of the S7 Program of the project. 2. Select Insert New Object, and add the following blocks to the program: • Organization Block OB35 to call the safety program cyclically. •...
  • Page 194 194 PROFIsafe 5. Click OK and close the dialog windows. 6. In SIMATIC manager, double-click on OB35. 7. Add call to FC1 by dragging the FC1 block from the FC blocks folder. 8. Save the block and close the editor. 9.
  • Page 195 PROFIsafe 195 11. Save the block and close the editor. Note: This example program also keeps the SLS3 function active all the time. 12. In SIMATIC Manager, select Edit safety program from the Options menu. 13. Select Compile. 14. Select Download. If prompted, accept the inclusion of standard blocks. 15.

  • Page 196: Configuring Siemens S7-1200 Plc With Tia14

    196 PROFIsafe Monitoring the PROFIsafe message It is possible to monitor the contents of the PROFIsafe message. For example: 1. In HW Configuration, select Monitor/Modify for the PROFIsafe telegram in Slot 2 of the FENA module. Configuring Siemens S7-1200 PLC with TIA14 ...
  • Page 197 PROFIsafe 197 1. Open TIA14 and create a new project. 2. Select your CPU from the list.
  • Page 198 198 PROFIsafe 3. Install the FENA-21 GSDML file. 4. Add FENA-21 to the device configuration by dragging it from the hardware catalog. 5. Open the FENA-21 device view and add (by dragging and dropping) the desired PPO and PS telegrams to slot 1 and 2. In this example, we use PPO7 and PS2 (Additional info in manuals).
  • Page 199 PROFIsafe 199 6. Network view shows E-stop icon on the FENA device to indicate that device has safety I/O. 7. Assign FENA-21 to PROFINET controller. • Network configuration is updated. • I/O addressing is assigned automatically to FENA. This can be seen in...
  • Page 200 200 PROFIsafe Device view (highlighted with a red box in the image below). 8. Select PLC from network view and Properties will show on the bottom of the screen. In PLC properties, enable F-capability (safety and PROFIsafe) under the Fail-safe submenu. 9.
  • Page 201 PROFIsafe 201 10. In Ethernet addresses submenu, set the PLC IP address. 11. In Advanced options, set PLC minimum cycle time for I/O and PROFINET communication (PROFINET cycle time). 12. For testing purposes, you can disable the PLC password. Remember to enable the PLC password after you have done the validation.
  • Page 202 202 PROFIsafe 13. In FENA properties, set the FENA-21 IP address and PROFINET device name. The device name will be used as identification. After successful identification, PLC will assign IP address to FENA.
  • Page 203 PROFIsafe 203 Note: FB module parameters (51.04 onwards) should be static 0.0.0.0 in the drive. 14. Configure FENA ABB PS PROFIsafe settings: • F_Source_Add = PLC PROFIsafe address • F_Dest_Add = FSO PROFIsafe address • F_WD_Time = Maximum allowed PROFIsafe message cycle time. In this...
  • Page 204 204 PROFIsafe 15. Add OB86 (Rack or station failure) program block to prevent PLC from stopping on I/O error. 16. Add new Function block “ABB_Drive”.
  • Page 205 PROFIsafe 205 17. Add variables to ABB_Drive FB. 18. Add ABB_Drive FB to OB1. Assign new instance Data Block for ABB_Drive FB. When using multiple drives, create one DB for each drive.
  • Page 206 206 PROFIsafe 19. Select the corresponding FENA PPO address for the drive HW input.
  • Page 207 PROFIsafe 207 The value can be verified from the HW configuration, in the FENA PPO type properties, under the Hardware Identifier tab.
  • Page 208 208 PROFIsafe 20. In ABB_Drive FB, add blocks DPRD_DAT and DPWR_DAT. 21. Insert values to blocks.
  • Page 209 PROFIsafe 209 Later the PPO message data can be found in ABB_Drive1_DB. 22. In PLC Safety Administration, configure F-runtime group cycle time, warn and maximum cycle time limits. If maximum limit is exceeded, PLC will go to safe state.
  • Page 210 210 PROFIsafe 23. Create tag table for ABB_PS2 safety functions. See bit descriptions from FSO PROFIsafe profiles (Chapter 6). See correct I/O addresses from HW configuration. 24. Save and download project to PLC. 25. Scan for accessible devices (start search). Note that a firewall can block...
  • Page 211 PROFIsafe 211 traffic. 26. In device configuration, right-click FENA icon and select Assign device name.
  • Page 212 212 PROFIsafe 27. Select update list and identify the correct FENA-based on MAC ID label. Click Assign name. Note: The MAC ID can be found on the cover of the FB module. The PLC will assign a name and IP address to the selected FENA and drive parameter group 51 values will update accordingly.

  • Page 213: Fault Tracing

    3. the error buffers of the PLC system. In this case, make sure that drive parameter 51.21 is set to Enabled. ABB AC500-S In the ABB AC500-S system, you can read PROFINET diagnostics messages from Control Builder Plus or with a separate PNIO_DEV_DIAG function block in the “non-safety” PLC program.
  • Page 214 214 PROFIsafe SIMATIC Manager To read diagnostics messages: 1. In the PLC menu, select Diagnostic/Setting. 2. Select Hardware diagnostics. 3. In the window that opens, select the FENA module of your system. 4. Click the Module Information button.
  • Page 215 PROFIsafe 215 5. To read the diagnostic messages, select the I/O Device Diagnostics tab.

  • Page 216: Diagnostic Messages Related To F-Parameters

    216 PROFIsafe 6. To check the Device number of the FENA module, select the General tab. Diagnostic messages related to F-Parameters  The diagnostics messages in this table are caused by problems in the F-Parameter processing that takes place only when the controller station sends F-Parameters to FB module.

  • Page 217: Typical Communication Errors

    PROFIsafe 217 Value Description Notes (hex) Safety watchdog time value is 0 ms Watchdog time 0 ms is not allowed. (F_WD_Time). (0x0043) A valid F_WD_Time is within range 1...65535. Parameter "F_SIL" exceeds SIL from F_SIL defined for this device at F-Host specific device application.
  • Page 218 218 PROFIsafe Fault Cause What to do You cannot start The drive safety parameters are In the ACS880 drives, check the the PROFIsafe not set correctly. values of parameters 200.222 communication. Safety bus type 200.223 Safety fieldbus adapter slot. See section How to configure the safety communication with PROFIsafe page...

  • Page 219: Planning For Installation

    Planning for installation 219 Planning for installation Contents of this chapter This chapter gives instructions and references to instructions in other manuals for planning the safety system installation, as well as the requirements for installation in the applicable safety standards. Requirements for designers and installers •...

  • Page 220: Electrical Installation

    220 Planning for installation WARNING! Do not operate a safety module in environmental conditions that are outside of the limits given in the technical data of the safety module. Environmental conditions that are outside of the specified limits can cause a malfunction in the module and a subsequent loss of a safety function.

  • Page 221: Sto Cable And Data Cable Between Fso Module And Drive

    (9.8 ft) or less, or a sufficiently low interference level must be otherwise guaranteed. To make it easy to energize and de-energize the FSO module, ABB recommends that you install a supply disconnecting device for the FSO power supply. To prevent unnecessary fault indications, ABB recommends that you: •...

  • Page 222: Ensuring The Emc Compatibility

    222 Planning for installation supply are outside the specified limits (caused by, for example, overvoltage in the supply input). Note: If you de-energize the FSO module, you cannot operate the drive. Ensuring the EMC compatibility  The system must only be used in the EMC environment it is designed for, or necessary mitigations must be applied.

  • Page 223: Standard Function And Wiring Examples

    Planning for installation 223 Standard function and wiring examples  Passive switch Examples: • Limit switch • Emergency stop button Physical separation of the X114 X113 different channels or sufficient cable protection (eg, double- shielding) Channel separation Diagnostic pulses Relay / contactor output with feedback Examples: •...
  • Page 224 224 Planning for installation The safe brake control must have a feedback from the brake system. The SBC feedback can be from a relay/contactor or from the mechanical brake itself. If an inductive load is connected to the digital outputs on the FSO module, it is recommended to use a flyback diode in the circuit.
  • Page 225 Planning for installation 225 Active sensors / input signals from solid state devices Examples: • PLC 24 V DC PNP • Light curtain OSSD Physical separation of the different channels or sufficient cable protection (eg, double-shielding) X114 X113 Diagnostic pulses from an active sensor must not be 24 V DC CH 2...
  • Page 226 226 Planning for installation Cascade Example: Module 1 X114 X113 (cascade master) button Common Physical separation of the different Module 2 X114 X113 channels or sufficient cable protection (eg, double-shielding) Common Module 3 X114 X113 Common Channel separation Diagnostic pulses...

  • Page 227: Installation

    Installation 227 Installation Contents of this chapter This chapter gives examples of how to connect the FSO module to the ACS880 drive. WARNING! Connect the FSO module to a 24 V DC power supply. If you connect it to a power supply with a higher voltage (for example, 115 V or 230 V), it will cause damage to the module.

  • Page 228: Unpacking

    If you have ordered the FSO module option separately, it is delivered in its own package. The package contains these items: • FSO-12 module. The default mounting plate for ZCU-12 control unit is attached to the module. (1) • connector plugs and attachment screws (2) •...

  • Page 229: Examining The Delivery

    Installation 229 Examining the delivery Make sure that all parts are in the package and that there are no signs of damage. Notify the shipper immediately if you find damaged parts. Do not use damaged parts, they must be replaced. Make sure that the FSO module is of the correct type.

  • Page 230: Installing The Module Onto A Zcu Control Unit

    230 Installation  Installing the module onto a ZCU control unit Install the FSO mechanically onto the control unit as described in the drive hardware manual. For the tightening torques, refer to Tightening torques page 408. Examples are shown below:...

  • Page 231: Electrical Installation

    Installation 231 Electrical installation Terminals  The connections are shown in the figure below. X110: DATA Data connection to the drive control unit X111: STO STO 24 V STO STO ground STO STO1LO drive internal signal STO STO2LO drive internal signal X112: POWER 24 V POWER 0 V...

  • Page 232: Connection Procedure

    232 Installation  Connection procedure WARNING! Obey the safety instructions. See chapter Safety instructions on page 13. If you ignore them, injury or death can occur. 1. Stop the drive and do the steps in section Electrical safety precautions page before you start the work.
  • Page 233 Use only the cable delivered with the module. 5. Connect the supplied four-wire cable to FSO terminal X111. Connect the other end of the cable to the drive STO connection (XSTO connector). ABB recommends that you use the cable delivered with the FSO module. For the...
  • Page 234 234 Installation 6. Connect the digital inputs, digital outputs, diagnostic pulses and signal ground at the FSO terminals X113 and X114 according to the application requirements. • Use a tightening torque of 0.24 Nm (2.1 lbf·in). • Use proper cable strain relief. •...
  • Page 235 Installation 235 7. Connect the power supply wires to the FSO terminal X112. Use a tightening torque of 0.24 Nm (2.1 lbf·in) for the FSO terminals. Use proper cable strain relief. See also section Power supply connection on page 221.
  • Page 236 236 Installation...

  • Page 237: Installation Checklists

    Installation checklists 237 Installation checklists Contents of this chapter This chapter contains a checklist for checking the mechanical and electrical installation of the FSO module and refers to common cause failure checklists in standards. Checklists WARNING! Obey the safety instructions given in chapter Safety instructions.
  • Page 238 238 Installation checklists Make sure that … Mechanical installation The ambient operating conditions are within the permitted range. Drives with separate inverter and supply units: The FSO module is installed in the inverter unit. The FSO module is correctly attached and the grounding screw is correctly tightened.

  • Page 239: Configuration

    IEC 61508-1 clause 6. In this context, the person must have adequate expertise and knowledge of functional safety, the safety functions as well as the configuration of the FSO module. ABB has training courses available on the FSO module.

  • Page 240: Configuring The Fso Module

    240 Configuration Configuring the FSO module Overview - safety system configuring process  The diagram and table below explain the main phases of the safety system configuring process. Risk assessment 2. Safety requirements FSO configuring 3. Planning the configuration of the FSO 4.
  • Page 241 Configuration 241 Phase Risk assessment & Safety requirements & • analysis and evaluating of the risks • need for risk reduction • required PL or SIL level • speed limits and distances for safety functions. Planning of the configuration of the FSO How to do the safety configuration in a safe way, including configuration, commissioning, validation and verification.

  • Page 242: Fso Configuring Procedure

    Note: Configuration is only possible when the drive is not modulating or the FSO is in the Safe state. Note: FSO-12 and FSO-21 have different firmware versions, and thus their safety configuration files are not compatible. After you initially start up the FSO and also after you later modify any...
  • Page 243 Configuration 243 exit the Configuration mode by rebooting the FSO module or by downloading the parameters to the FSO (refer to steps 5…6 below). 4. Set the parameter values. • General parameters: Make sure that at least that the motor parameters are correct •...

  • Page 244: Configuring General Settings

    244 Configuration Configuring general settings To configure the general settings, use the Drive Composer pro PC tool to set the FSO parameters listed below. See parameter group FSOGEN on page 180. Example: The figure below shows an example I/O set-up: •...

  • Page 245: Configuring The Safety Fieldbus Communication

    Configuration 245 Configuring the safety fieldbus communication  How to configure the safety communication with PROFIsafe To configure the safety fieldbus communication between the FSO module and a safety PLC, set the FSO parameters shown in the figure below to appropriate values using the Drive Composer pro PC tool.

  • Page 246: Configuring I/O

    246 Configuration Configuring I/O How to configure I/O  To configure the I/O, set the FSO parameters shown in the figure below to appropriate values using the Drive Composer pro PC tool. See parameter group SAFEIO on page 339. The location of the input and output terminals on the FSO module is shown in section Layout on page 40.
  • Page 247 Configuration 247 Example: The figure below shows an example I/O set-up: • All inputs use diagnostic pulses with 1 ms width and 30 s period. • One redundant cascaded connection from input 1 to output 7 • One safety relay (always redundant) connected to output 8 with feedback connected to input 3 •...

  • Page 248: How To Configure A Cascaded System

    248 Configuration How to configure a cascaded system  This example shows how to configure the cascaded system (Cascade A) as shown in section Cascade on page 63. The SSE function is used as an example (Safety function 1 in the figure on page 63). In this configuration example, Cascade B is not configured (parameter SAFEIO.13 Cascade B = None).
  • Page 249 Configuration 249 Parameter settings in the master FSO Index Name/Valu Description SAFEIO.11 M/F mode Sets the master/follower mode of the FSO module for both cascade connections A and B separately. In this example, only cascade cascade connection A is used. A = master, This module is the master on cascade connection A.
  • Page 250 250 Configuration Index Name/Valu Description SSE.22 SSE Sets the digital output that indicates the completion of the completed SSE function. output In this example, output X113:7 is connected to the indication lamp. DO X113:7 Single output X113:7 FSOGEN.42 Acknowled Sets the digital input that is connected to the button for gement acknowledgement operations.
  • Page 251 Configuration 251 Parameter settings in the follower FSOs Index Name/Valu Description SAFEIO.11 M/F mode Sets the master/follower mode of the FSO module for both for cascade cascade connection A and B separately. In this example, only cascade connection A is used. This module is a follower on cascade connection A.

  • Page 252: How To Configure Safety Relays

    252 Configuration Index Name/Valu Description SSE.22 SSE Sets the digital output that indicates the completion of the completed SSE function. output None No output connected How to configure safety relays  If you want to control a safety relay or contactor with the FSO module, define the use of the related I/O with these parameters.

  • Page 253: Configuring Sbc

    Configuration 253 desired safety function. In this example, safety relay 1 is connected to the SBC function. Index Name/Value Description SBC.21 SBC output Sets the digital output that is connected to the SBC output (brake relays). DO X113:8 & Redundant output X113:8 & X114:8 X114:8 Configuring SBC When you use the SBC function (brake) with other safety functions of the FSO...

  • Page 254: How To Configure The Sbc In The Sto Function

    254 Configuration SBC at monitoring limit hits The FSO module activates the STO function after time or ramp monitoring limit hits in the SS1, SSE with emergency ramp and SLS functions. If you want that the SBC is activated at monitoring limit hits, you have to configure the SBC function in the STO function.

  • Page 255: Configuring Sto

    Configuration 255 at the same time when the speed limit is reached. See section How to configure SS1 with speed limit activated SBC on page262. 2. You can also set a negative delay with parameter SBC.12 STO SBC delay: • If the value is negative, the FSO activates the SBC at the speed limit (set with parameter SBC.15 SSE/SS1 SBC...

  • Page 256: How To Configure Sto

    256 Configuration How to configure STO  Example: The figure below shows an example of a simple STO function set-up: • redundant emergency stop button connected to input (STO.11 STO input A = DI X113:1 & X114:1) • automatic acknowledgement (STO.02 STO acknowledgement = Automatic) •...

  • Page 257: How To Configure Sbc After Sto

    Configuration 257 How to configure SBC after STO  For more information on the SBC after STO function, see page 69. Example: The figure below shows an example of the SBC after the STO function set-up: • STO delayed brake with positive delay 900 ms (SBC.11 STO SBC usage Delayed brake, SBC.12 STO SBC delay = 900...

  • Page 258: How To Configure Sbc Before Sto

    258 Configuration How to configure SBC before STO  For more information on the SBC before STO function, see page 71. Example: The figure below shows an example of the SBC before the STO set-up: • STO delayed brake with negative delay -500 ms (SBC.11 STO SBC usage = Delayed brake, SBC.12 STO SBC delay...

  • Page 259: Configuring Ss1

    Configuration 259 Configuring SS1 To configure the SS1 function, set the FSO parameters listed below to appropriate values using the Drive Composer pro PC tool. See parameter group on page 327. For more information on the SS1 function, see page 72. ...
  • Page 260 260 Configuration SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-t Inputs Outputs Speed SS1.14 = 2000 ms SS1.21 SS1.11 = DO X114:9 = DI X113:1 & X114:1 SS1.22 SS1.12 = None = None SS1.15 = 0 ms FSOGEN.51 = 90 rpm Time SBC.15...

  • Page 261: How To Configure Ss1 With Ramp Monitoring (Ss1-R)

    Configuration 261 How to configure SS1 with ramp monitoring (SS1-r)  Example: The figure below shows an example of the SS1-r function set-up: • SS1 function activated (SS1.01 SS1 activity and version Version 1) • SAR1 emergency ramp (200.112 SAR1 ramp time to zero, always with the SS1 function - see section Configuring SAR...

  • Page 262: How To Configure Ss1 With Speed Limit Activated Sbc

    262 Configuration How to configure SS1 with speed limit activated SBC  Note: If you configure the SS1 with speed limit activated SBC function, this activates the same function in the SSE function (see section How to configure SSE with speed limit activated SBC on page 273).
  • Page 263 Configuration 263 SS1.01 = Version 1 STO.02 = Automatic SS1.13 = SS1-t Inputs Outputs Speed SS1.11 SS1.14 = 2000 ms SS1.21 = DI X113:1 & X114:1 = DO X114:9 SS1.12 SS1.22 = None SBC.13 = 1200 ms = None SAFEIO.22 DI X113:2 SBC.21 SS1.15...
  • Page 264 264 Configuration Example 2: The figure below shows an example of the SS1-r function with speed limit activated SBC set-up: • SS1 function activated (SS1.01 SS1 activity and version Version 1) • SAR1 emergency ramp (200.112 SAR1 ramp time to zero, always with the SS1 function - see section Configuring SAR on page 278)

  • Page 265: How To Configure Ss1 With Speed Limit Activated Sbc, Sbc Before Sto

    Configuration 265 SS1.01 Version 1 STO.02 Automatic SS1.13 SS1-r Inputs Outputs Speed SS1.11 SS1.21 DI X113:1 & X114:1 DO X114:9 SS1.12 SS1.22 None SBC.13 = 1200 ms None SAFEIO.22 = DI X113:2 SS1.15 = 0 ms SBC.21 SBC.15 DO X113:7 & = 180 rpm X114:7 Time...
  • Page 266 266 Configuration Example 1: The figure below shows an example of the SS1-t function with speed limit activated SBC, SBC before STO set-up: • SS1 function activated (SS1.01 SS1 activity and version Version 1) • SS1 with time monitored ramp (SS1.13 SS1 type = SS1-t) •...
  • Page 267 Configuration 267 SS1.01 Version 1 STO.02 Automatic SS1.13 SS1-t Inputs Outputs Speed SS1.11 SS1.14 = 2000 ms DI X113:1 & X114:1 SS1.21 SS1.12 DO X114:9 SBC.13 = 1200 ms None SS1.22 SBC.12 = -300 ms SAFEIO.22 None DI X113:2 SBC.15 SBC.21 = 180 rpm DO X113:7 &...

  • Page 268: Related Safety Functions

    268 Configuration Note: The same SBC delay is used in the STO and SS1/SSE functions. • delay for activating the brake after the SBC speed limit has been reached: 0 ms (SS1.15 SS1-r ramp zero speed delay for STO = 0 ms, not shown in the figure) •...

  • Page 269: Configuring Sse

    Configuration 269 The FSO module activates the STO function if the motor speed hits a monitoring limit (time or ramp monitoring). See section Configuring STO page 255. Configuring SSE To configure the SSE function, set the FSO parameters listed below to appropriate values using the Drive Composer pro PC tool.

  • Page 270: How To Configure Sse With Immediate Sto

    270 Configuration How to configure SSE with immediate STO  Example: The figure below shows an example of the SSE function with immediate STO set-up: • drive STO is activated immediately after the SSE request (SSE.13 SSE function = Immediate STO) •...

  • Page 271: How To Configure Sse With Time Monitoring

    Configuration 271 See sections How to configure SBC after STO on page How to configure SBC before STO on page 258. For more information on the SSE with immediate STO and SBC after STO function, see page 87. For more information on the SSE with immediate STO and SBC before STO function, see page 89.

  • Page 272: How To Configure Sse With Ramp Monitoring

    272 Configuration Example: The figure below shows an example of the SSE function with time monitoring set-up: • SAR0 emergency ramp (200.102 SAR0 ramp time to zero, always with the SSE function - see section Configuring SAR on page 278) •...

  • Page 273: How To Configure Sse With Speed Limit Activated Sbc

    Configuration 273 Example: The figure below shows an example of the SSE function with ramp monitoring set-up: • SAR0 emergency ramp (200.102 SAR0 ramp time to zero, always with the SSE function - see section Configuring SAR on page 278) •...
  • Page 274 274 Configuration in the STO function. If necessary, configure the SBC also in the STO function (see section Configuring STO on page 255). See also the note on page 51. Example 1: The figure below shows an example of the SSE with emergency ramp function with speed limit activated SBC set-up with time monitoring: •...
  • Page 275 Configuration 275 STO.02 Automatic SSE.13 Emergency ramp SSE.14 Time Outputs Inputs SSE.11 SSE.21 Speed DI X113:1 & X114:1 DO X113:9 SSE.15 = 2000 ms SSE.22 SSE.12 None None SAFEIO.22 SBC.21 = DI X113:2 DO X113:7 SSE.16 = 0 ms & X114:7 SBC.15 SAFEIO.21 = 240 rpm...
  • Page 276 276 Configuration Example 2: The figure below shows an example of the SSE with emergency ramp function with speed limit activated SBC set-up with ramp monitoring: • SSE with emergency ramp (SSE.13 SSE function Emergency ramp) • SAR0 emergency ramp (200.102 SAR0 ramp time to zero, always with the SSE function - see section...

  • Page 277: How To Configure Sse With Speed Limit Activated Sbc, Sbc Before Sto

    Configuration 277 STO.02 Automatic SSE.13 Emergency ramp SSE.14 Ramp Outputs Inputs SSE.11 SSE.21 Speed DI X113:1 & X114:1 DO X113:9 SSE.22 SSE.12 None None SAFEIO.22 SBC.21 = DI X113:2 DO X113:7 SSE.16 = 0 ms SBC.15 SAFEIO.21 = 240 rpm DO X113:7 &...

  • Page 278: Related Safety Functions

    278 Configuration Note: If you configure the SSE with speed limit activated SBC function, this activates the same function in the SS1 function (see section How to configure SS1 with speed limit activated SBC, SBC before STO on page 265). This does not activate the SBC in the STO function.

  • Page 279: Configuring Sls

    Configuration 279 Example: The figure below shows an example of a SAR1 monitoring set-up: • SAR1 • ramp time from Scaling speed to zero: 1000 ms (200.112 SAR1 ramp time to zero = 1000 ms) • Scaling speed: 1500 rpm (200.202 SAR speed scaling = 1500 rpm) •...

  • Page 280: How To Configure Slsn With Time Monitoring

    280 Configuration How to configure SLSn with time monitoring  Example: The figure below shows an example of the SLS1 function with time monitoring set-up: • SLS1 function activated (200.21 SLS1 activity and version Version 1) • time monitored deceleration ramp (SLSx.03 SLS activation monitoring method = Time) •...
  • Page 281 Configuration 281 SLS1 Speed SLSx.04 = 2000 ms SLSx.14 = 1320 rpm 200.23 = 1200 rpm Time 200.22 = -900 rpm SLSx.13 = -1020 rpm monitoring monitoring started started (typical) (latest) Inputs Outputs 200.21 Version 1 SLSx.11 SLSx.15 DI X113:2 & DO X114:7 SLSx.02 = Automatic...

  • Page 282: How To Configure Slsn With Ramp Monitoring

    282 Configuration How to configure SLSn with ramp monitoring  Example: The figure below shows an example of the SLS2 function with ramp monitoring set-up: • SLS2 function activated (200.31 SLS2 activity and version Version 1) • monitored deceleration ramp (SLSx.03 SLS activation monitoring method = Ramp) •...

  • Page 283: Related Safety Functions

    Configuration 283 SLS2 200.31 = Version 1 SLSx.02 = Automatic SLSx.03 = Ramp Input Output Speed SLSx.24 SLSx.24 = DO X114:7 DI X113:2 & X114:2 SLSx.23 = 1320 rpm 200.33 = 1200 rpm Time SLS monitoring started SLS activated 200.32 = -900 rpm SLSx.22 = -1020 rpm...

  • Page 284: How To Configure Variable Sls With Time Monitoring

    284 Configuration To configure the Variable SLS function, set the FSO parameters listed below to appropriate values using the Drive Composer pro PC tool. See parameter groups Safety on page SLSx on page 330. The Variable SLS function uses the SLS4 limits of the FSO module. Depending on the application, set the negative and positive SLS and trip limits separately.

  • Page 285: How To Configure Variable Sls With Ramp Monitoring

    Configuration 285 These values are defined in the safety program: • only positive limits are scaled: Positive_Scaling = 0, Negative_Scaling = 1 • scaling values from the safety PLC: 70%, 50%, 100% (value set in Variable_SLS_limit = 7000, 5000, 10000). 200.61 = Version 1 SLSx.02...

  • Page 286: Defining The Scaled Sls4 Limit And Sls4 Trip Limits

    286 Configuration (200.52 SLS4 limit negative = -100 rpm, SLSx.42 SLS4 trip limit negative = -150 rpm). • See also section Configuring mute times on page 301. Note: The difference between the SLS limit and the corresponding SLS trip limit must be at least 0.1 rpm.
  • Page 287 Configuration 287 The FSO module first scales the original SLS4 and SLS4 trip limits with the given percentage. If necessary, the new, scaled SLS4 trip limit is then adjusted according to these rules when safe speed estimate is used: • If the difference between original SLS4 and SLS4 trip limits is less than 25 rpm: the difference between the scaled limits is the same as the original difference.

  • Page 288: Related Safety Functions

    288 Configuration Minimum value for scaled SLS4 trip limit determined by the zero speed value (12 rpm) Example 2: • Original SLS4 limit 100 rpm • Original SLS4 trip limit 150 rpm • Zero speed value 12 rpm In this case, the difference between original SLS4 and SLS4 trip limits is greater than 25 rpm.

  • Page 289: Configuring Sms

    Configuration 289 The FSO module activates the STO function if the motor speed hits a ramp monitoring limit during the deceleration ramp (Variable SLS with ramp monitoring). See section Configuring STO on page 255. The FSO module activates the SSE function if the motor speed hits a trip limit. See section Configuring SSE on page 269.

  • Page 290: How To Configure Sms, Version 2

    290 Configuration How to configure SMS, version 2  Example: The figure below shows an example of the SMS, version 2 set-up: • SMS function version 2 activated (200.71 SMS activity and version = Version • SMS limit positive (200.73 SMS limit positive = 1750) •...

  • Page 291: How To Configure Sls Function Behavior When Drive Modulation Is Lost

    Configuration 291 For more information on the POUS function, see page 131. Example: The figure below shows an example of the POUS function set-up: • POUS function activated (POUS.01 POUS activity and version = Version 1) • automatic acknowledgement (POUS.02 POUS acknowledgement Automatic) •...

  • Page 292: Celeration Ramp

    292 Configuration For more information on the modoff reaction related to SLS function, see reaction when modulation is lost during deceleration ramp, with ramp monitoring on page SLS reaction when modulation is lost during deceleration ramp, with time monitoring on page 114. ...
  • Page 293 Configuration 293 1. SLS request is activated (SLSx.11 SLS1 input A = DI X113:2 & X114:2). SLS time delay monitoring is started (SLSx.04 SLS time delay = 2000 ms). Deceleration to SLS limit speed is started (23.13 Deceleration time 1). 2.
  • Page 294 294 Configuration Motor speed SLSx.04 Time STO active SLS indication Drive modulation SLS request SLSx.04 time delay monitoring STO.14 delay 1. SLS request is activated (SLSx.11 SLS1 input A = DI X113:2 & X114:2). SLS time delay monitoring is started (SLSx.04 SLS time delay = 2000 ms).
  • Page 295 Configuration 295 Example 3: The figure below shows an example of the SLS function with time monitoring when "Monitoring active and modoff delay time" (parameter SLSx.05) is selected: • Basic parametrization of the SLS function made according to chapter Configuring SLS on page 279.
  • Page 296 296 Configuration ms). Modoff delay time starts to run (SLSx.06 SLS ramp modoff delay time 300 ms). 3. Modulation of the drive returns before the SLS ramp modoff delay time has elapsed (SLSx.06 SLS ramp modoff delay time = 300 ms). Drive continues to decelerate according to drive parameter in step 2.
  • Page 297 Configuration 297 Motor speed STO.14 Time SLS indication Drive modulation SLS request SLSx.04 time delay monitoring STO.14 delay 1. SLS request is activated (SLSx.11 SLS1 input A = DI X113:2 & X114:2). SLS time delay monitoring is started (SLSx.04 SLS time delay = 2000 ms).

  • Page 298: Celeration Ramp

    298 Configuration How to configure SLSn with ramp monitoring if drive modulation is  lost during SLS deceleration ramp Example 1: The figure below shows an example of the modoff situation with SLS function with ramp monitoring when "Modoff delay time" (parameter SLSx.05) is selected: •...
  • Page 299 Configuration 299 1. SLS request is activated (SLSx.11 SLS1 input A = DI X113:2 & X114:2). SLS ramp monitoring is activated (SAR1). Parameter 200.202 SAR speed scaling 1500 rpm) is used as a reference point in ramp time calculations. Deceleration towards the SLS limit speed is started according to SAR1 parameters: •...
  • Page 300 300 Configuration Relevant parameters for this configuration: • Scaling speed: 1500 rpm (200.202 SAR speed scaling = 1500 rpm) • Deceleration time and ramp monitoring according to SAR1 parameters • ramp time from Scaling speed to zero: 1000 ms (200.112 SAR1 ramp time to zero = 1000 ms) •...

  • Page 301: Configuring Mute Times

    Configuration 301 Deceleration towards the SLS limit speed is started according to SAR1 parameters. • ramp time from Scaling speed to zero: 1000 ms (200.112 SAR1 ramp time to zero = 1000 ms) • initial range for monitoring: 100 ms (SARx.02 SAR initial allowed range = 100 •...

  • Page 302: How To Determine Values For Mute Time Parameters

    302 Configuration How to determine values for mute time parameters  The suitable values for mute times can be determined by monitoring FSO speed signals (200.01 FSO speed ch1, 200.02 FSO speed ch2) with the Drive Composer pro tool. If possible, all transient situations within the whole speed range of the application should be monitored.
  • Page 303 Configuration 303 This example covers trip limit situations of SMS function with synchronous machines. This example is valid when SMS-specific mute time is disabled (parameter FSOGEN.39). • parameter FSOGEN.39 Enable SMS mute time = Disabled • parameter FSOGEN.31 Transient mute time = 100 ms.
  • Page 304 304 Configuration This example covers safe speed estimate trip limit situations with acceleration of an induction motor. It is possible that safe speed estimate goes above the SLS trip limit for limited time when an induction machine is accelerated with high load inertia.

  • Page 305: How To Configure Mute Time For Zero Speed Detection

    Configuration 305 How to configure mute time for zero speed detection  Example 1: Zero speed limit is reached with the SS1 function (or SSE with emergency ramp), the SBC is not used. • parameter FSOGEN.31 Transient mute time = 20 ms. Speed FSOGEN.31 = 20 ms...

  • Page 306: How To Configure Mute Time For Sbc Speed Limit Detection

    306 Configuration How to configure mute time for SBC speed limit detection  Example: SBC speed limit (parameter SBC.15) is reached with the SS1 function (or SSE with emergency ramp), a negative SBC delay (parameter SBC.12 STO SBC delay is configured with the SS1 function: •...
  • Page 307 Configuration 307 In this example, SLS1 function is requested from a higher speed than the SLS trip limit. • parameter FSOGEN.31 Transient mute time = 20 ms Speed FSOGEN.31 = 20 ms SLSx.14 = 1320 rpm 200.23 = 1200 rpm Time SLS1 request SLS1 indication...
  • Page 308 308 Configuration...

  • Page 309: Fso-12 Parameters

    This chapter describes the parameters and the status and control words of the FSO module. FSO-12 parameters The following table lists the FSO-12 parameters: The parameter row shows the parameter index, name, description and factory default value. The subsequent rows show the parameter value range or names, descriptions and numerical values of the selectable named alternatives.
  • Page 310 310 Parameters Index Name/Value Description Factory default 200.12 FS hardware FSO module hardware version indicator Shows the version current version 200.13 FS firmware FSO module firmware version indicator Shows the version current FW version 200.21 SLS1 activity and Activates or deactivates the SLS1 Disabled version function and shows the version of the...
  • Page 311 Parameters 311 Index Name/Value Description Factory default 0.0…35880.0 rpm Speed 200.51 SLS4 activity and Activates or deactivates the SLS4 Disabled version function and shows the version of the SLS4 function. Disabled Deactivates the SLS4 function. Version 1 Activates version 1 of the SLS4 function. 200.52 SLS4 limit Sets the SLS4 negative speed limit for 0.0 rpm...
  • Page 312 312 Parameters Index Name/Value Description Factory default 200.73 SMS limit positive Sets the positive speed limit for the SMS 0.0 rpm function. Note: This parameter is used only in version 2 of the SMS function. 0.0…35880.0 rpm Speed 200.101 SAR0 version Shows the version of the SAR0 function.
  • Page 313 Parameters 313 Index Name/Value Description Factory default 200.222 Safety bus type Sets the type of the safety fieldbus (if Not used used). Note: To activate the safety fieldbus, you must also set parameter SBUSGEN. 01 SBUS activity and version to value Version Not used The safety fieldbus is not used.
  • Page 314 314 Parameters Index Name/Value Description Factory default DO X114:9 Single output X114:9 FSOGEN.21 Motor nominal Sets the synchronous motor speed. 100.0 rpm speed 1.0 …35880.0 rpm Speed FSOGEN.22 Motor nominal Sets the nominal motor frequency. 1.00 Hz frequency 1.00…598.00 Hz Frequency FSOGEN.31 Transient mute Sets the mute time for the safe speed...
  • Page 315 Parameters 315 Index Name/Value Description Factory default Automatic The FSO module generates the acknowledgement signal automatically after the power-up. Safebus The FSO module expects an external acknowledgement signal from the safety fieldbus after the power-up. Manual_Safebus The FSO module expects an external acknowledgement signal either from a digital input or from the safety fieldbus after the power-up.
  • Page 316 316 Parameters Index Name/Value Description Factory default Warning Warning generated Event Pure event generated FSOGEN.62 STO indication Sets the type of the event that the FSO Fault safety limit module generates for limit hits in the SLS1, …, SLS4 and SMS functions and for limit hits during ramp and time monitoring of safety ramps SAR0 and SAR1.
  • Page 317 Parameters 317 Index Name/Value Description Factory default Safebus The FSO module expects an external STO acknowledgement signal from the safety fieldbus after the STO, SSE or SS1 request has been removed and the stop function is completed (output defined by parameter FSOGEN.11 STO completed output...
  • Page 318 318 Parameters Index Name/Value Description Factory default DI X113:1 Single input X113:1 DI X113:2 Single input X113:2 DI X113:3 Single input X113:3 DI X113:4 Single input X113:4 DI X114:1 Single input X114:1 DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 STO.13 Restart delay after...
  • Page 319 Parameters 319 Index Name/Value Description Factory default STO.14 Time to zero Sets the time that is needed to coast the 3,600,000 speed with STO motor to a standstill from maximum and modoff process speed. If this time is not known, it can be measured with Drive Composer pro PC tool when an encoder is used for motor control (otherwise you have to...
  • Page 320 320 Parameters Index Name/Value Description Factory default DO X113:9 Single output X113:9 DO X114:7 Single output X114:7 DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 STO.22 STO completed Sets the digital output that indicates the None output completion of the STO function. See the diagrams in section Safe torque off (STO)
  • Page 321 Parameters 321 Index Name/Value Description Factory default SBC.12 STO SBC delay Sets the time when the SBC function will 3,600,000 be activated in relation to the activation of the STO function. A negative value means that the FSO module activates the SBC before the drive STO function.
  • Page 322 322 Parameters Index Name/Value Description Factory default SBC.15 SSE/SS1 SBC Sets the speed below which the FSO 0.0 rpm speed module activates the brake (SBC) while ramping in the SSE and SS1 functions. If the value is 0.0 rpm, this feature is not in use.
  • Page 323 Parameters 323 Index Name/Value Description Factory default Safebus The FSO module expects an external POUS acknowledgement signal from the safety fieldbus after the POUS request has been removed. Manual_Safebus The FSO module expects an external POUS acknowledgement signal either from a digital input or from the safety fieldbus after the POUS request have been removed.
  • Page 324 324 Parameters Index Name/Value Description Factory default DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 POUS.22 POUS completed Set the digital output that indicates the None output completion of the POUS function. Active after the time defined by parameter POUS.13 POUS delay for completion elapsed from the POUS request until the POUS request has been removed.
  • Page 325 Parameters 325 Index Name/Value Description Factory default SSE.12 SSE input B Sets the digital input that is connected None to the secondary input of the SSE function. The secondary input is mostly used for the cascade connection. See parameters SAFEIO.12 Cascade A SAFEIO.13 Cascade None No input connected...
  • Page 326 326 Parameters Index Name/Value Description Factory default SSE.15 SSE delay for STO Sets the delay for STO activation after 3,600,000 the SSE request. This parameter is relevant only if parameter SSE.13 SSE function is set to Emergency ramp, time monitoring is used (SSE.14 SSE monitoring method Time) and the motor speed does not...
  • Page 327 Parameters 327 Index Name/Value Description Factory default DO X114:8 Single output X114:8 DO X114:9 Single output X114:9 SSE.22 SSE completed Sets the digital output that indicates the None output completion of the SSE function. See the diagrams in section Safe stop emergency (SSE) on page 86.
  • Page 328 328 Parameters Index Name/Value Description Factory default SS1.12 SS1 input B Sets the digital input that is connected None to the secondary input of the SS1 function. The secondary input is mostly used for the cascade connection. See parameters SAFEIO.12 Cascade A SAFEIO.13 Cascade None No input connected...
  • Page 329 Parameters 329 Index Name/Value Description Factory default SS1.15 SS1-r ramp zero Sets an extra delay time for the drive STO 0 ms speed delay for (and SBC, if used) activation at the zero speed limit in the SS1 function. The FSO module uses a speed estimation, which may differ, due to motor slip, from the actual shaft speed of the motor).
  • Page 330 330 Parameters Index Name/Value Description Factory default DO X113:7 & X114:7 Redundant output X113:7 & X114:7 DO X113:8 & X114:8 Redundant output X113:8 & X114:8 DO X113:9 & X114:9 Redundant output X113:9 & X114:9 DO X113:7 Single output X113:7 DO X113:8 Single output X113:8 DO X113:9 Single output X113:9...
  • Page 331 Parameters 331 Index Name/Value Description Factory default SLSx.03 SLS activation Sets the monitoring method that is used Ramp monitoring in SLS activation. method Ramp Ramp monitoring. SAR1 parameters define the deceleration ramp and monitoring limits. See parameters 200.112, SARx.21, SARx.22 and SARx.02.
  • Page 332 332 Parameters Index Name/Value Description Factory default Monitoring active If drive modulation is lost during the SLS deceleration ramp, SLS ramp or time monitoring (SLSx.03) is kept on. Limit hit is generated based on the last valid speed estimate information of FSO. Monitoring active Both Modoff delay time and Monitoring and Modoff delay...
  • Page 333 Parameters 333 Index Name/Value Description Factory default None No input connected DI X113:1 & X114:1 Redundant input X113:1 & X114:1 DI X113:2 & X114:2 Redundant input X113:2 & X114:2 DI X113:3 & X114:3 Redundant input X113:3 & X114:3 DI X113:4 & X114:4 Redundant input X113:4 &...
  • Page 334 334 Parameters Index Name/Value Description Factory default SLSx.16 SLS1 output B Sets the secondary digital output for the None SLS1 function. Active when SLS1 function is active and the motor speed is below the SLS1 limit (that is, when the SLS1 monitoring is on).
  • Page 335 Parameters 335 Index Name/Value Description Factory default SLSx.22 SLS2 trip limit Sets the SLS2 negative speed limit that 0.0 rpm negative trips the drive. -35880.0 …0.0 Speed SLSx.23 SLS2 trip limit Sets the SLS2 positive speed limit that 0.0 rpm positive trips the drive.
  • Page 336 336 Parameters Index Name/Value Description Factory default DI X114:4 Single input X114:4 SLSx.32 SLS3 trip limit SLS3 negative speed limit that trips the 0.0 rpm negative drive. -35880.0 …0.0 Speed SLSx.33 SLS3 trip limit Sets the SLS3 positive speed limit that 0.0 rpm positive trips the drive.
  • Page 337 Parameters 337 Index Name/Value Description Factory default DI X114:2 Single input X114:2 DI X114:3 Single input X114:3 DI X114:4 Single input X114:4 SLSx.42 SLS4 trip limit Sets the SLS4 negative speed limit that 0.0 rpm negative trips the drive. Note: Variable SLS uses this limit as scaled.
  • Page 338 338 Parameters Index Name/Value Description Factory default DO X113:7 & X114:7 Redundant output X113:7 & X114:7 DO X113:8 & X114:8 Redundant output X113:8 & X114:8 DO X113:9 & X114:9 Redundant output X113:9 & X114:9 DO X113:7 Single output X113:7 DO X113:8 Single output X113:8 DO X113:9 Single output X113:9...
  • Page 339 Parameters 339 Index Name/Value Description Factory default 0…1,799,999 ms Time. Note: With value 0 ms, the ramp is not monitored SARx.12 SAR0 max ramp Sets the maximum ramp time for the 1 ms time to zero SAR0 ramp monitoring. 1…3,600,000 ms Time SARx.21 SAR1 min ramp Sets the minimum ramp time for the...
  • Page 340 340 Parameters Index Name/Value Description Factory default X113:2 & X114:2 -> Redundant cascade X113:2 & X114:2 -> X113:8 & X114:8 X113:8 & X114:8 X113:3 & X114:3 -> Redundant cascade X113:3 & X114:3 -> X113:9 & X114:9 X113:9 & X114:9 X113:1 -> X113:7 Single cascade X113:1 ->...
  • Page 341 Parameters 341 Index Name/Value Description Factory default SAFEIO.21 Safety relay 1 Sets the digital output connected to the None output safety relay 1. To connect the safety relay to a certain safety function, you must set the same digital outputs in the output parameter for that safety function.
  • Page 342 342 Parameters Index Name/Value Description Factory default Mechanically Feedback of the safety relay is NC linked NC contacts (inverted state compared with the relay). Mechanically Feedback of the safety relay is NO (same linked NO state compared with the relay). contacts SAFEIO.24 Safety relay 2 Sets the digital output for safety relay 2.
  • Page 343 Parameters 343 Index Name/Value Description Factory default SAFEIO.31 DI diagnostic Sets the length of the diagnostic pulse 1 ms pulse length for digital inputs. 0.5 ms Length of the diagnostic pulse is 0.5 ms. 1 ms Length of the diagnostic pulse is 1 ms. 2 ms Length of the diagnostic pulse is 2 ms.
  • Page 344 344 Parameters Index Name/Value Description Factory default Diagnostic pulse on SAFEIO.51 DO diagnostic Sets the length of the diagnostic pulse 1 ms pulse length for digital outputs. 0.5 ms Length of the diagnostic pulse is 0.5 ms. 1 ms Length of the diagnostic pulse is 1 ms. 2 ms Length of the diagnostic pulse is 2 ms.
  • Page 345 Parameters 345 Index Name/Value Description Factory default Active low Active state of the output is low voltage. Active high Active state of the output is high voltage. SAFEIO.73 DO X113:9 logic Sets the logic state of digital output Active low state X113:9.
  • Page 346 346 Parameters Index Name/Value Description Factory default PROFIsafe Parameters for PROFIsafe PROFIsafe.1 PROFIsafe Sets the PROFIsafe destination address F_Dest_Add for FSO which is used in the safety communication network. Note: This address must be the same as is set in the F-Parameters for the PROFIsafe module properties (F_Dest_Add).

  • Page 347: Status And Control Words

    Parameters 347 Status and control words This table lists the FSO module and drive status and control words. You can view these in the ACS880 parameter tab of Drive Composer pro. WARNING! This data is purely informative. Do not use it for functional safety purposes.
  • Page 348 348 Parameters Index Name/Value Description 200.04 FSO DO status Shows the states of the FSO digital outputs. Name Values Output X113:7 0 = Off, 1 = On Output X113:8 0 = Off, 1 = On Output X113:9 0 = Off, 1 = On Output X114:7 0 = Off, 1 = On Output X114:8...
  • Page 349 Parameters 349 Index Name/Value Description 200.07 FSO status word 1 Shows the FSO status word 1. Name Values FSO mode bit 1 0 = Undefined 1 = Start-up mode FSO mode bit 2 2 = Running mode FSO mode bit 3 3 = Fail-safe mode 4 = Configuration mode FSO state bit 1...
  • Page 350 350 Parameters Index Name/Value Description 200.08 FSO status word 2 Shows the FSO status word 2. Name Values Reserved SLS1 monitoring 0 = Off, 1 = On SLS2 monitoring 0 = Off, 1 = On SLS3 monitoring 0 = Off, 1 = On SLS4 monitoring 0 = Off, 1 = On Reserved...
  • Page 351 Parameters 351 Index Name/Value Description 200.09 Drive status word Shows the drive status word 1. Name Description Values Drive status bit 1 0 = Disabled 1 = Readyon Drive status bit 2 2 = Readyrun Drive status bit 3 3 = Starting Drive status bit 4 4 = Readyref 5 = Stopping...
  • Page 352 352 Parameters Index Name/Value Description 200.10 Drive status word Shows the drive status word 2. Name Description Values Reserved SLS1 active State on the 0 = Off, 1 = On drive side SLS2 active 0 = Off, 1 = On SLS3 active 0 = Off, 1 = On SLS4 active...

  • Page 353: Start-Up

    Start-up 353 Start-up Contents of this chapter This chapter describes the general precautions to be taken before starting up the safety system for the first time. Safety considerations The start-up must be done by a qualified electrical professional who has sufficient knowledge of functional, machine and process safety.

  • Page 354: Checks

    354 Start-up Checks Before starting the system for the first time, make sure that • the installation has been checked, according to the individual product checklists (drive, safety component) and the checklists provided in this document (see chapter Installation checklists). •...

  • Page 355: Verification And Validation

    Verification and validation 355 Verification and validation Contents of this chapter This chapter describes verification and validation of the implemented safety functionality. Verification and validation produce documented proof of the compliance of the implementation with specified safety requirements. More information can be found in Technical guide No.

  • Page 356: Preconditions For Validation Testing

    356 Verification and validation Preconditions for validation testing Validation testing is done for the entire and complete safety system. It is recommended to do all the verification and validation tests so that the real load of the application is connected to the motor. The whole safety system (for example, emergency stop buttons, light curtains, etc.) must be installed, set-up, and the drives commissioned and ready to use before the safety system can be tested.

  • Page 357: Validation Test Reports

    Verification and validation 357 The validation test must include at least these steps: • preparing a validation test plan • testing all commissioned functions for proper operation in the final complete safety system • testing all used inputs for proper operation, also for the input redundancy. See also Validation of redundant inputs on page 359.

  • Page 358: Validation Of Acs880 Drive Firmware

    358 Verification and validation Validation of ACS880 drive firmware  If ACS880 primary control program (AINLX) version 3.46 or earlier is used, you must take into account the safety notice in section ACS880 drives manufactured before December 2024 on page 18. ...

  • Page 359: Validation Of Safety Functions

    Verification and validation 359 10. Make sure that the communication between controller and PROFINET/ PROFIsafe devices is established properly. 11. Verify by activating some suitable safety function in each of the FSOs modules in PROFIsafe network, that the safety function is activated in correct drive.

  • Page 360: Validation Of Safety I/O's

    360 Verification and validation 1. Remove one channel from the FSO input 1 for SS1 function (for example, input X113:1). 2. Make sure that the FSO module activates the SS1 function (FSO SS1 request). 3. Make sure that the warning of redundant inputs (A7D0) appears. 4.

  • Page 361: Validation Of The Sto Function

    Verification and validation 361 Validation of the STO function  WARNING! Configure and validate the STO function independently and before other safety functions. General validation principles: • The STO function is the basic safety function. It must always be configured and validated before (and independent of) other safety functions.

  • Page 362: Validation Of The Sbc Function

    362 Verification and validation Functionality: • STO.13 Restart delay after STO (if fly-start is used) • STO.14 Time to zero speed with STO and modoff. (This is the estimated time in which the motor coasts to a stop from the maximum process speed.) Indication: •...
  • Page 363 Verification and validation 363 Drive STO is always activated immediately in the following cases/situations: • FSO STO function • SSE, when it is configured to be immediate STO • SSE ramp or SS1 function is completed. Validation of the delayed brake function 1.

  • Page 364: Validation Of The Sse Function

    364 Verification and validation 1. Check the wiring between the FSO module and safe brake, and make sure that they are done correctly according to the design. 2. Make sure that the SBC function is configured correctly according to your design.
  • Page 365 Verification and validation 365 Validation of the SSE with immediate STO function with safe speed estimation 1. Make sure that the input for the SSE function is configured according to the wiring diagram. 2. Make sure that the SSE function is configured correctly according to your design.
  • Page 366 366 Verification and validation Validation of the SSE with emergency ramp function 1. Make sure that the input for the SSE function is configured according to the wiring diagram. 2. Make sure that the SSE function and SAR0 setting or time monitoring limit is configured correctly according to your design.

  • Page 367: Validation Of The Ss1 Function

    Verification and validation 367 Indication: • SSE.21 SSE output • SSE.21 SSE completed output • FSOGEN.11 Stop completed output. 3. If you made any changes, download and validate the configuration with the Drive Composer pro PC tool. 4. Make sure that you can run and stop the motor freely. Start the drive and accelerate the motor to the maximum speed of the application.
  • Page 368 368 Verification and validation see chapter How to configure SS1 with time monitoring (SS1-t) on page 259, How to configure SS1 with ramp monitoring (SS1-r) on page 261. Check these settings: Activation: • SS1.11 SS1 input A • SS1.12 SS1 input •...

  • Page 369: Validation Of The Sls Functions

    Verification and validation 369 Note: SAR1 is common with the SS1, SLSfunctions. Any changes to the SAR1 values will have impact on these functions. 4. Make sure that you can run and stop the motor freely. Start the drive and accelerate to the maximum speed of the application.
  • Page 370 370 Verification and validation Note: If SLS4 limits are changed, this will have an impact on varSLS function also, which means that both of these functions must be validated. 1. Make sure that the input for the SLS1 function is wired and configured according to the wiring diagram.

  • Page 371: Validation Of The Variable Sls Function

    Verification and validation 371 Indication: • SLSx.15 SLS1 output A • SLSx.16 SLS1 output B (only available for SLS1). Test the SLS function as it is used in the application. Pay attention to the testing of the relevant fault situations for the application, for example, tripping fault in the drive, etc.
  • Page 372 372 Verification and validation 1. Make sure that the input for the variable SLS function is configured in use in the safety PLC project. 2. Make sure that the variable SLS function is configured in the FSO module according to your design. For a configuration example, see section Configuring Variable SLS on page 283.

  • Page 373: Validation Of The Sms Functions

    Verification and validation 373 Test the variable SLS function as used in the application. Pay attention to the testing of the relevant fault situations for the application, for example the tripping fault in the drive, etc: 4. Start the drive with suitable speed reference. Activate the variable SLS function via the safety bus.
  • Page 374 374 Verification and validation Validation of the SMS functions, version 1 1. Make sure that the SMS function is configured correctly according to your design. For a configuration example, see section How to configure SMS, version 1 on page 289. Check these settings: Activation: •...

  • Page 375: Validation Of The Pous Function

    Verification and validation 375 sure that the drive does not follow speed reference if it is higher than the SMS limit. Repeat the test for both SMS limits (if in use in the application). 5. Make sure that also SMS trip limits (200.72 200.73) are set according to the application requirements.

  • Page 376: Validation Of The Cascaded Safety Function

    376 Verification and validation Validation of the cascaded safety function  Without a PROFIsafe communication bus, you can cascade only safety functions which have a primary and a secondary digital input: STO, SS1, SSE, SLS1. Repeat the cascading validation procedure to all cascaded safety functions in your application.

  • Page 377: Proof Test Intervals During Operation

    Verification and validation 377 Proof test intervals during operation Proof tests are intended to ensure that the safety integrity of a safety system is maintained continuously and does not deteriorate over time. Proof tests are often required for mechanical brakes, for example. Proof tests are used mainly for parts of the system that cannot be automatically diagnosed.
  • Page 378 378 Verification and validation...

  • Page 379: Fault Tracing

    It contains a list of the warning and fault messages with possible causes and corrective actions. The causes of most warnings and faults can be identified and corrected using the information in this chapter. If not, contact an ABB service representative.

  • Page 380: Event Types

    380 Fault tracing LED off LED on and steady LED flashing STATUS/FAUL The drive is in Green A safety Green Request for a safety normal function is function has ended operation, active. but it has not been without active acknowledged. safety FSO is in the FSO is in the...

  • Page 381: Event Code Decoding With Drive Composer Pro Pc Tool

    Fault tracing 381 • Parameter FSOGEN.62 STO indication safety limit defines the event type for the limit hits of: • SLS1, …, SLS4, Variable SLS and SMS functions • ramp monitoring and time monitoring of the safety ramps SAR0 and SAR1.

  • Page 382: Faults, Warnings And Events

    Cause What to do (hex) Faults 7A81 TUCSO fault FSO subsystem fault Contact your local ABB representative. 7A8B FSO general fault FSO module is in the See the warning log for more Configuration mode. information on the actual cause. FSO module also...
  • Page 383 Fault tracing 383 Code Name Cause What to do (hex) 7A98 FSO undefined FSO new version, Contact your local ABB fault undefined fault in the representative. dive event system. 7A99 FSO passivated FSO module was Examine the fieldbus connection passivated due to...
  • Page 384 If the motor turns in the incorrect direction and it is impractical to change the phase order of the motor cable, contact your local ABB representative. A7DA FSO temperature FSO module • Examine the ambient conditions.
  • Page 385 Fault tracing 385 Code Name Cause What to do (hex) AA92 FSO out of eme Motor speed was not Make sure that the drive can ramp inside the ramp window decelerate the load using the ramp during the SSE function. time (200.102 SAR0 ramp time to zero).
  • Page 386 386 Fault tracing Code Name Cause What to do (hex) AAA5 FSO SLS2 hit FSO module detected Do an investigation to find the 2) 6) an SLS2 speed trip limit cause for the trip from the violation. application point of view. If the application is correct, make sure that SLS is configured correctly.
  • Page 387 Fault tracing 387 Code Name Cause What to do (hex) AAAA FSO SAR1 hit FSO module detected Make sure that the drive can an SAR1 limit violation. decelerate the load using the ramp time (200.112 SAR1 ramp time to zero). AAB2 FSO ramp time FSO module detected a...
  • Page 388 See the tips in the Drive Composer event an event other than a PC tool. fault or a warning. B792 FSO undefined FSO new version, Contact your local ABB event undefined event in the representative. drive event system. BA90 FSO stop FSO module has...
  • Page 389 Fault tracing 389 Code Name Cause What to do (hex) BAA4 FSO SLS1 hit FSO module detected Do an investigation to find the 2) 6) an SLS1 speed trip limit cause for the trip from the violation. application point of view. If the application is correct, make sure that SLS is configured correctly.
  • Page 390 390 Fault tracing Code Name Cause What to do (hex) BAA8 FSO SMS hit FSO module detected Do an investigation to find the 2) 6) an SMS speed trip limit cause for the trip from the violation. application point of view. If the application is correct, make sure that SMS is configured correctly.

  • Page 391: User-Selectable Events For Function Requests

    Fault tracing 391 Code Name Cause What to do (hex) BAB5 FSO varSLS hit FSO module detected a Do an investigation to find the 2) 6) Variable SLS speed trip cause for the trip from the limit violation. application point of view. If the application is correct, make sure that Variable SLS is configured correctly.

  • Page 392: User-Selectable Events For Limit Hits And Special Events

    392 Fault tracing Function/ Events depending on Incident the event type selection (parameter FSOGEN.61) Fault Warning Event SSE function SSE request AAA2 FSO SSE request AAA2 FSO SSE request BAA2 FSO SSE request (warning) 7A90 FSO stop AA90 FSO stop BA90 FSO stop completed completed...
  • Page 393 Fault tracing 393 Limit/Inciden Events depending on the event type selection (parameter FSOGEN.62) Fault Warning Event Variable SLS varSLS limit AAB5 FSO varSLS hit AAB5 FSO varSLS hit BAB5 FSO varSLS hit (warning) System at 7A91 FSO safe speed AA91 FSO safe speed BA91 FSO safe speed safe state limit...

  • Page 394: User-Selectable Events For Safety Fieldbus Failures

    394 Fault tracing generates no event when it detects a limit hit. User-selectable events for safety fieldbus failures  The table below gives user-selectable events related to safety fieldbus failures. Incident Events depending on the event type selection (parameter SBUSGEN.10) Fault Warning Event...

  • Page 395: Internal Fault

    If necessary, also reset the fault in the drive using the control panel (by pressing the Reset button) or the Drive Composer pro PC tool, or through the fieldbus. If the FSO module does not recover from the fault, contact your local ABB representative.
  • Page 396 396 Fault tracing...

  • Page 397: Maintenance

    Maintenance 397 Maintenance Contents of this chapter This chapter contains maintenance information related to the FSO module: • instructions for component replacement in the safety circuit (for example, replacement of the FSO module, control unit, memory unit, power unit, or FB module) •...

  • Page 398: Component Replacement In The Safety Circuit

    398 Maintenance Component replacement in the safety circuit WARNING! During maintenance and repair, if the FSO module is removed, the functional safety of the machinery must be ensured by other means. If the FSO module fails to operate, you must replace it with a new one. The module is not repairable.

  • Page 399: Replacing The Fso Module

    Maintenance 399 Replacing the FSO module  WARNING: Do not bypass the FSO module, or the safety functions of the FSO module under any circumstances. 1. Disconnect IO wiring, data cable and STO cable and remove the FSO module. 2. Mark clearly on the FSO module that it is decommissioned. 3.

  • Page 400: Replacing The Control Unit Of The Drive

    400 Maintenance Replacing the control unit of the drive  This section gives instructions on how to replace a control unit with the same type of control unit. 1. Make a backup of the drive parameters. Use a control panel or the Drive Composer PC tool.

  • Page 401: Replacing The Memory Unit Or Updating The Firmware Of The Drive

    Maintenance 401 1. Make a backup of the drive parameters. Use a control panel or the Drive Composer PC tool. 2. Replace the BCU-02 control unit with a UCU-22 control unit. Refer to the drive hardware manual and/or control unit hardware manual. 3.

  • Page 402: Replacing The Motor Or Motor Cable

    [English]), or FENA-01/-11/-21 Ethernet adapter module user's manual (3AUA0000093568 [English]). 2. Assign the device name for the FB module from the safety PLC (see section Configuring the ABB AC500-S Safety PLC on page or section Configuring the Siemens SIMATIC Fail-safe S7 PLC on page 181.

  • Page 403: Drive Control Board Boot

    Maintenance 403 (approximately 5 seconds). This returns the factory settings (parameters, including the password) to the FSO. 3. Configure the safety functions with the Drive Composer pro PC tool. To be able to restart the drive, make sure that at least these parameters are set according to application requirements: Parameter Name...

  • Page 404: Updates

    404 Maintenance Updates After changes in the safety application or the safety system configuration, you must do the validation tests to make sure that the safety functionality is maintained. Refer to chapter Verification and validation. Proof tests Periodic proof testing of the safety system may be required in order to maintain the claimed SIL/PL level of the system, to make sure that the safety integrity of a safety system is maintained continuously and does not deteriorate over time.

  • Page 405: Technical Data

    Technical data 405 Technical data Contents of this chapter This chapter contains the technical specifications of the FSO-12 module. Electrical data Supply voltage +24 ± 3 V DC (PELV) Current consumption Maximum 1000 mA (external power supply) Inputs 4 redundant or 8 single, or combinations of redundant and...

  • Page 406: Profisafe And Related Network Devices

    406 Technical data PROFIsafe and related network devices All network devices used in conjunction with this device shall meet the requirements of IEC 61010-1 or IEC 61131-2. Control connection data Logic levels “0” < 5 V, “1” > 15 V Digital input impedance 4 kohm Digital output capability...

  • Page 407: Terminal And Cable Entry Data For The Control Cables

    Technical data 407 Terminal and cable entry data for the control cables The tightening torque for the terminals is 0.24 N·m (2.1 lbf·in). Conductor size, one conductor Solid or stranded Stranded, ferrule without Stranded, ferrule with plastic sleeve plastic sleeve Minimum Maximum Minimum...

  • Page 408: Sto Cable And Data Cable Between Fso Module And Drive

    408 Technical data STO cable and data cable between FSO module and drive STO cable ABB recommends that you use the cable included in the delivery. The specifications for a customer-defined cable are as follows: • Maximum length: 1 m (3.28 ft) •...

  • Page 409: Compatible Motor Types

    Technical data 409 Compatible motor types Motor type Induction motor (IM), Permanent magnet motor (PM), Synchronous reluctance motor (SynRM) Motor control mode FSO can be used in Direct Torque Control (DTC) or scalar mode. Speed estimation Speed range Permitted range depends on the motor used. Maximum range: (-35880…+35880 rpm)/(number of motor pole pairs).
  • Page 410 410 Technical data Operation Storage Transportation installed for in the protective in the protective stationary use package package Contamination IEC 60721-3-3:2002 IEC 60721-3-1:1997 IEC 60721-3-2:1997 Chemical gases: Chemical gases: Chemical gases: Class 3C2 Class 1C2 Class 2C2 Solid particles: Solid particles: Solid particles: Class 3S2 Class 1S3 Class 2S2...

  • Page 411: Safety Functions

    Technical data 411 Safety functions Stopping functions Safe torque off Safe brake control Safe stop 1 Safe stop emergency Speed-related functions Safely-limited speed Variable SLS Variable Safely-limited speed Safe maximum speed Safe acceleration range - SAR is used only for deceleration with SS1, SSE and SLS and Variable SLS functions.
  • Page 412 412 Technical data • FSO module with its subsystems. The FSO acts as the logic part in the safety function. The safety data for the safety function where FSO and drive are used is composed of the safety data of the subsystems. Safety data for different subsystems is shown in section Basic safety data on page 413.

  • Page 413: Basic Safety Data

    Basic safety data  The FSO-12 module is a type B safety component as defined in IEC 61508-2.The FSO-12 data related to safety standards IEC 61508, EN/IEC 61800-5-2, EN ISO 13849-1, IEC 61511, and EN/IEC 62061 is listed below for the different subsystems within the FSO module.

  • Page 414: Fso Safety Calculations Guide (Without Profisafe)

    414 Technical data 1-ch. DO, 2-ch. DO, 1-ch. DO, 2-ch. DO, Speed pulses pulses no pulses no pulses output estimate, worst case values PFH (1/h) 6.3E-10 1.7E-10 4.9E-09 2.2E-10 1.8E-11 1.0E-08 = 20 a) 3.8E-07 1.5E-06 2.3E-06 2.4E-06 1.6E-07 1.4E-04 = 2 a) 9.6E-07 3.7E-06...
  • Page 415 SS1-t, SSE-t and SSE with immediate STO functions. Same approach for the logic subsystems applies in all safety functions below. Note: ABB's safety data component libraries do not contain any subsystems for external (non-ABB) components. Note: All safety functions in FSO can be activated either through safety IOs or...
  • Page 416 416 Technical data Encoderless SLS or SS1-r FSO encoderless speed measurement FSO Digital input FSO Logic FSO STO output FSO Digital output (optional) Drive STO Safely-limited speed (SLS) without encoder includes the following subsystems: FSO encoderless speed measurement, FSO Digital input, FSO Logic, FSO STO output, FSO digital output (optional), and Drive STO.
  • Page 417 Drive STO Safe brake control (SBC) includes the following subsystems: FSO Logic, FSO STO output, FSO Digital output, Contactor 1 and 2 (can be provided by ABB), and Drive STO. Note: SBC is used together with other safety functions, and a triggering...

  • Page 418: Fso Safety Calculations Guide (With Profisafe)

    In this case, the FSO encoderless speed measurement must be added to the calculation.  Relevant failure modes The following failure modes related to the outputs of the FSO-12 have been considered in the design: • STO output • PROFIsafe •...
  • Page 419 The probabilities of the dangerous undetected failures of the safety functions are given in the basic safety table. FSO-12 implements several diagnostics to detect internal random hardware failures. The diagnostics cycle time for each of the channels is 10 hours or less.

  • Page 420: Response Times

    Maximum response time of the FB module (FPNO or FENA), FSO and drive combination is 100 ms. Note: Mute time usage increases the response time. FSO-12 response time • from an FSO input to an FSO Maximum 35 ms digital output activation Cascade response time •...

  • Page 421: Ordering Information

    (Drive 3) 170 ms Removal of torque (Drive 3) Up to six drives Time 0 ms 170 ms Ordering information Ordering codes for related kits: FSO-12 kit 3AXD50000016771 FSO-21 kit 3AXD50000023987 FSE-31 kit 3AXD50000023272 FENA-21 3AUA0000089109 FPNO-21 3AXD50000192779 Option codes (plus codes) when ordered together with drive:...

  • Page 422: Related Standards And Directives

    422 Technical data FPNO-21 +K492 Related standards and directives Referenced standards are listed in the table below. Standard Name EN 60204-1:2018 Safety of machinery – Electrical equipment of machines – Part 1: IEC 60204-1:2021 General requirements IEC 61508 Parts 1-3, Functional safety of electrical/electronic/programmable Ed.

  • Page 423: Dimension Drawings

    Dimension drawings 423 Dimension drawings The dimension drawings of the FSO-12 module with two different bottom plates for different drive control unit types are shown below. The dimensions are given in millimeters and [inches].
  • Page 424 424 Dimension drawings...

  • Page 425: Further Information

    Address any inquiries about the product to your local ABB representative, quoting the type designation and serial number of the unit in question. A listing of ABB sales, support and service contacts can be found by navigating to abb.com/searchchannels. Product training For information on ABB product training, navigate to new.abb.com/service/training.
  • Page 426 © Copyright 2025 ABB. All rights reserved. Specifications subject to change without notice.

This manual is also suitable for:

3axd50000012090

Table of Contents