PROFISafe NEW PRODUCTS DEVELOPMENT KIT ... - Siemens

More documents

Recommendations

Info

2by Bernd ManglerPROFIBUS, the leading industrial fieldbus system in themanufacturing area, is well defined and has been a stablestandard for more than 10 years. Now it is part of the IEC61158 international standard. However, stable does notmean static. This is an especially important facet of a communicationprotocol used in a highly innovative area likeautomation. Over the years, there have been many enhancementsto PROFIBUS. Enhancements like PA, for the processautomation area (see issue October 1999), DPV1 (the DPextensions), for acyclic communication and the new versionof the profile for Motion Control (see issue March 2000).Enhancements like these will continually be defined in orderto extend the protocol into new application areas and to protectthe huge investments already made by end-users, OEMsand device vendors. This article focuses on PROFISafe, theprofile that enables the utilization of PROFIBUS for real safetyapplication (yes, we are talking about emergency push-buttons,light curtains, safety outputs…). As always, theenhancements are defined so that devices with the new featurescan be used in existing installations (like last time, let usavoid the stressed word "compatibility").ProfileBefore wejump intoPROFISafeand how itworks, letus rememberwhat theterm "profile"means.PROFIBUS Figure 1 - Typical System Todaydefines themechanism for exchanging data between a controlling deviceand the assigned field devices (e.g. I/O blocks, drives, HMIpanels…). The data inside the telegrams are not evaluatedby PROFIBUS itself; this is the task of the user application(e.g. a Soft PLC program).A profile goes one step further in defining the data structurefor the application, i.e., HMI or safety devices. For example,an HMI profile could say that the first two bytes transferredfrom HMI devices to controller are status bytes.The benefit for the user is that the evaluation of the statusbytes needs to be implemented only once, independent of theHMI vendor, because the defined profile meaning is alwaysthe same. An additional benefit of a profile is that a profiledefinition affects only the application and NOT the wayPROFIBUS works. Therefore, it is ensured that devices supportingthe profile can be used together with all otherPROFIBUS devices in the same application, at the sametime. These devices can also be connected to the samephysical media (e.g. fiber optic, copper), can cover the samedistances, transfer the same amount of data and support thesame number of stations on the bus as before. Conclusion:the objective of a profile definition is to make the life of endusersand OEMs easier. It defines the meaning of the dataexchanged without sacrificing the advantages of PROFIBUS.How is a profile for PROFIBUS defined? All members ofPROFIBUS International (and therefore Regional PROFIBUSAssociations, e.g. PTO) have the possibility to form a workinggroup and specify a profile. Members of the working groupdefining PROFISafe are:• Festo AG• Hima GmbH & Co. KG• Kloeckner-Moeller GmbH • Leuze lumiflex GmbH & Co.*• Schmersal GmbH & Co. • Sick AG*• Siemens AG• University Munich• Wago GmbH* members since 2nd versionSafetySafety is a rather complex issue and various standards areinvolved. Depending on the standard, safety is measured andorganized in levels (Safety Integrity Level, SIL IEC 61408) orcategories (EN 954-1). PROFISafe is defined to meet therequirements of SIL 3 and Category 4. Figure 1 shows thetypical system today. Depending on the application and thelocation, a special safety level/categorymay be required. Safety categoriesdefine what happens in case of a failure,e.g. the safety related functions never failand failures are detected in time to preventthe loss of any safety functions. Toreach certain categories, special hardwareis necessary (safe inputs and outputs).For example, a safe output may beimplemented as a break contact. Toensure functionality, the output is implementedtwice. The second contact (makecontact) makes sure that a failure of thebreak contact can be detected.Application safety is implemented via parallel wiring or via aproprietary safety bus system. However it is done, the solutionworks in parallel to the fieldbus. As expected, if you usetwo different solutions in one application, you have two differentprocedures for wiring the devices, additional hardware toimplement the safety functions, additional software for theconfiguration of the safety devices and additional tools to be
used in case of diagnostic situations. If control and safetydevices could be combined on a single bus, how would thesystem look? Let's take a look at figure 2.Figure 2 - How the system should lookdevices exchange data like they always do. The controllersends output data (up to 244 bytes) to a field device and thedevice answers with input data (up to 244 bytes). APROFISafe device does exactly the same.The enhancement is that the data section ispartly used for safety relevant information thatwill be evaluated in accordance with thePROFISafe profile implementation in thereceiving station. Figure 4 shows the datasection of a standard PROFIBUS telegram toa PROFISafe device.The F-I/O section is used to transfer the failsafeprocess data of the safety modules. TheControl Byte is used by the controller to sendcommands to the field device, e.g., to assigna new parameter set. In the response, theStatus Byte is used by the field device to signalevents, e.g., the expiration of watchdogWouldn't it be great if you could utilizePROFIBUS for both your standard automationtask AND for the safety related issues at thesame time? Wouldn't it be nice if you couldconnect safety devices like emergency pushbuttonsor light curtains to the same wire asHMI panels or drives? Wouldn't it be helpful tosave costs via the combination of standardand safety I/O modules in the same fielddevice? This is exactly what PROFISafe does- it makes a special or additional solution for safety-relatedissues unnecessary.How is it implemented?Because PROFISafe is defined as a profile within the socalledapplication layer level, the standard PROFIBUS communicationmechanisms are not affected. You continue touse the cable and components to install your network youused before. If you are a device manufacturer, you continueto use the same ASICs (the chip sets to migrate PROFIBUStechnology into your device) that you have used before.Figure 3 shows the implementation principle (the communicationlayers are not safety relevant). And how does thecommunication between safety devices work? PROFIBUSASICs, Links, Cables, ... - NOT safety relevantFunctions e.g. diagnostic - NOT safety relevantFigure 4 - PROFISafe Telegram (Data Unit)Parts of the failsafe communications systems, e.g. watchdog timers as deined in the profileSafety relevant, but not part of the profile, e.g. Safety I/OFigure 3 - PROFISafe and the 7 Layer Communication Modeltimers. The Sequence Number serves as a counter to monitorthe life of the controller and the communication link. TheCRC key is generated on both ends of the communicationlink and is used as a check sequence to validate the receivedfailsafe data.Figure 5 shows how PROFISafe works.1. The emergency button (connected to a failsafe input modulein the field device) is pushed.2. During the next communication cycle, the safety controller(e.g., a PLC that is able to handle the safety application andalso the standard automation task) sends output data to thefield device (including failsafe data according to thePROFISafe profile).3. The field device responds with input data(including failsafe data according to thePROFISafe profile).4. The safety application in the controller evaluatesthe relevant part of the data unit and initiatesthe necessary steps according to theprogram. In our example, load power needs tobe disabled via a failsafe output.5. With the next telegram, the information issent to the appropriate station as part of theoutput data.6. The motor stops.With PROFISafe, this safety scenario is availabletoday and the next enhancements arealready in preparation. Direct communication3
Page 1: August 2000advancing PROFIBUS knowl
Page 5 and 6: PROFIBUS-DPSupport For theOpen DACF
Page 7 and 8: Possibility 2: rely on an existing
Page 9 and 10: development and debugging environme
Page 11 and 12: CCESS PROFIBUS SUCCESS PROFIBUS SUC
Page 13 and 14: ESS PROFIBUS SUCCESS PROFIBUS SUCCE
Page 15 and 16: PC Solutions - PC-Based Control Ven
Page 17 and 18: understand format• Allow the user
Page 19 and 20: figure: no longer is specific progr
Page 21 and 22: to the maximum lengthrestriction.If
Page 23 and 24: •Shielded and unshielded cables f

PROFISafe NEW PRODUCTS DEVELOPMENT KIT ... - Siemens

Create successful ePaper yourself

Delete template?

Save as template?