FandMmag.com |

Magazine Article

  

Home » Fabricating & Metalworking » May 2008 Issue » Magazine Article
More from Fabricating & Metalworking
More from The May 2008 Issue
More from Helge Hornis, PhD, Pepperl+Fuchs, Inc.
Most Read Stories TodayMost Read Most E-mailed Stories TodayMost E-mailed Email This StoryE-mail Article Print This StoryPrint Article | Save Article | License Article [Get Copyright Permissions]
Pressing On with Safety Networks
Similar discretely wired safety relays can finally be replaced by safety rated networks. Why did we abandon relay-based control but hold on so long to relay-based safety?
By Helge Hornis, PhD, Pepperl+Fuchs, Inc.

Figure 1. The unique safety sequence is split into two-bit groups and then used to generate contact test pulses. After passing the safe contacts, the return signals are processed in a logic unit and coupled into the AS-Interface network. This solution has been approved to CAT 4/SIL3. Using the unique safety sequence this way makes auxiliary contacts unnecessary and enables the PLC to directly detect the state of the safe inputs in real time. Detecting otherwise hard to find intermittent contacts is finally fast and easy.

All metalforming process applications have one thing in common: cutting, milling, shearing, and bending are processes where tremendous forces and huge pressures are always present, resulting in potentially dangerous situations for operators. Consequently, a solid functional safety concept is an absolute must.

At the same time, the vibrations and shocks that are constantly present are challenging designers to engineer solutions that are not only safe (anything less than a CAT 4 is playing with fire in our litigious society) but offer the operational reliability and real-time diagnostics required to succeed in a brutally competitive business environment.

The solution that addresses these (on first sight) mutually exclusive requirements, has been available for a few years: safety networks. The fundamental idea behind networking safety devices is as simple as it is obvious: create a system where individual safe inputs (e-stops, light curtains, door interlock switches, or any other safety device) are not individually wired into a safety relay, but rather transmit their status over a network.

In hindsight this was an almost inevitable development. Relay controlled automation was superseded by PLC control and then enhanced by digital I/O network. Similar discretely wired safety relays can finally be replaced by safety rated networks. So why did we abandon relay based control but hold on to relay based safety?

One of the first questions experienced users of traditional safety solutions will ask is, "How can it be safe without redundant wiring?" Redundant wiring - we will only consider CAT 4 safety here - is necessary to address the information problem. Safe devices have only two operational states: released and safe. For example, an e-stop is in the released state when it is pulled out and in the safe state when pushed in.

In traditional hardwired safety installations the state of the safe device is transmitted over two sets of wires, giving the safety relay the ability to compare two pieces of information. A discrepancy between those pieces of information will cause the safety relay to drop out its safe contacts i.e., transitioning to the safe state. This path to redundant information does work, but it is highly inefficient, inflexible, and offers virtually no diagnostics.

Networked safety solutions address the information problem differently and result in efficient and decidedly more flexible solutions while offering detailed contact-level diagnostics. The data exchanged between the safe device and the safety controller - taking the place of the safety relay - is structured such that the recipient can reliably distinguish between correct and faulty messages; the redundancy is in the message!

How this is done depends on the implementation details of the particular safety network. Common methods include extended checksums, pre-negotiated message content and message duplication. The author is most familiar with AS-Interface and its safety implementation called Safety at Work (SaW).

With over 50,000 installed systems, it is the dominant technology. The idea behind SaW is as simple as it is ingenious. A safe input device is redundantly connected to a safe coupling module. The safe coupling module contains a unique code number called the safety sequence. As soon as the coupling module is connected to the network, it starts transmitting this code, four bits at a time, over the redundant contacts of the safe input and then couples them into the AS-Interface network (see Figure 1).

Two bits of each four-bit nibble are sent through one safe contact. This has the following effect:

• As long as both safe contacts are closed, each four-bit data packet is transmitted via the safe contacts to the net work, resulting in transmission of the full safety sequence after a number of data cycles.
• When the safe device is in the safe state (e-stop pushed, light curtain interrupted, door interlock switch opened) the safe contacts interrupt the transmission of the four-bit nibbles resulting in the safe coupling module sending a constant stream of 0000 packets.
• When one of the two safe contacts is in the released (closed) state and the other is in the safe (open) state, two of the four bits sent to the network are constantly zero. As a result, the safety sequence is violated.

1 2 next

[Get Copyright Permissions] Click here for copyright permissions!
Copyright 2008 Cygnus Business Media