2018-06-25 twinsafe loader - beckhoff · foreword twinsafe loader version: 2.2.05 1 foreword...

Documentation for

TwinSAFE Loader

Tool to load and adapt a TwinSAFE project

2.2.02018-06-25

Version:Date:

Table of contents

TwinSAFE Loader 3Version: 2.2.0

Table of contents1 Foreword .................................................................................................................................................... 5

1.1 Notes on the documentation.............................................................................................................. 51.2 Safety instructions ............................................................................................................................. 6

1.2.1 Delivery state ..................................................................................................................... 61.2.2 Operator's obligation to exercise diligence ........................................................................ 61.2.3 Description of safety symbols ............................................................................................ 7

1.3 Documentation issue status .............................................................................................................. 7

2 System description ................................................................................................................................... 82.1 General .............................................................................................................................................. 82.2 System limits...................................................................................................................................... 8

3 Product description................................................................................................................................... 93.1 System requirements......................................................................................................................... 9

3.1.1 Operating System .............................................................................................................. 93.1.2 Target system .................................................................................................................... 93.1.3 Communication with the TwinSAFE logic component ..................................................... 10

3.2 Intended use.................................................................................................................................... 113.3 Functioning ...................................................................................................................................... 11

3.3.1 Communication................................................................................................................ 113.3.2 Authentication .................................................................................................................. 113.3.3 Loading a safety project................................................................................................... 123.3.4 Activation of a safety project............................................................................................ 133.3.5 Deleting a safety project .................................................................................................. 133.3.6 Customizing a safety project............................................................................................ 133.3.7 List of the current group configuration ............................................................................. 153.3.8 Additional functions.......................................................................................................... 15

3.4 List of all available parameters ........................................................................................................ 173.5 Safety parameters ........................................................................................................................... 173.6 Error codes ...................................................................................................................................... 183.7 FMEDA ............................................................................................................................................ 18

4 EtherCAT Mailbox Gateway.................................................................................................................... 214.1 Settings EtherCAT Mailbox Gateway .............................................................................................. 214.2 Beckhoff Virtual Ethernet Adapter ................................................................................................... 224.3 Adding a route ................................................................................................................................. 24

5 Appendix .................................................................................................................................................. 265.1 Support and Service ........................................................................................................................ 265.2 Certificates....................................................................................................................................... 27

5.2.1 Letter of Confirmation ...................................................................................................... 27

Table of contents

TwinSAFE Loader4 Version: 2.2.0

Foreword


1 Foreword

1.1 Notes on the documentation

Intended audience

This description is only intended for the use of trained specialists in control and automation engineering whoare familiar with the applicable national standards.

It is essential that the following notes and explanations are followed when installing and commissioningthese components.

The responsible staff must ensure that the application or use of the products described satisfy all therequirements for safety, including all the relevant laws, regulations, guidelines and standards.

Origin of the document

This documentation was originally written in German. All other languages are derived from the Germanoriginal.

Currentness

Please check whether you are using the current and valid version of this document. The current version canbe downloaded from the Beckhoff homepage at http://www.beckhoff.com/english/download/twinsafe.htm.In case of doubt, please contact Technical Support [} 26].

Product features

Only the product features specified in the current user documentation are valid. Further information given onthe product pages of the Beckhoff homepage, in emails or in other publications is not authoritative.

Disclaimer

The documentation has been prepared with care. The products described are subject to cyclical revision. Forthat reason the documentation is not in every case checked for consistency with performance data,standards or other characteristics. We reserve the right to revise and change the documentation at any timeand without prior announcement. No claims for the modification of products that have already been suppliedmay be made on the basis of the data, diagrams and descriptions in this documentation.

Trademarks

Beckhoff®, TwinCAT®, EtherCAT®, Safety over EtherCAT®, TwinSAFE®, XFC® and XTS® are registeredtrademarks of and licensed by Beckhoff Automation GmbH.Other designations used in this publication may be trademarks whose use by third parties for their ownpurposes could violate the rights of the owners.

Patent Pending

The EtherCAT Technology is covered, including but not limited to the following patent applications andpatents: EP1590927, EP1789857, DE102004044764, DE102007017835 with corresponding applications orregistrations in various other countries.

The TwinCAT Technology is covered, including but not limited to the following patent applications andpatents: EP0851348, US6167425 with corresponding applications or registrations in various other countries.

http://www.beckhoff.com/english/download/twinsafe.htm

Foreword


EtherCAT® is registered trademark and patented technology, licensed by Beckhoff Automation GmbH,Germany

Copyright

© Beckhoff Automation GmbH & Co. KG, Germany.The reproduction, distribution and utilization of this document as well as the communication of its contents toothers without express authorization are prohibited.Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of apatent, utility model or design.

Delivery conditions

In addition, the general delivery conditions of the company Beckhoff Automation GmbH & Co. KG apply.

1.2 Safety instructions

1.2.1 Delivery stateAll the components are supplied in particular hardware and software configurations appropriate for theapplication. Modifications to hardware or software configurations other than those described in thedocumentation are not permitted, and nullify the liability of Beckhoff Automation GmbH & Co. KG.

1.2.2 Operator's obligation to exercise diligenceThe operator must ensure that

• the TwinSAFE products are only used as intended (see chapter Product description);• the TwinSAFE products are only operated in sound condition and in working order.• the TwinSAFE products are operated only by suitably qualified and authorized personnel.• the personnel is instructed regularly about relevant occupational safety and environmental protection

aspects, and is familiar with the operating instructions and in particular the safety instructions containedherein.

• the operating instructions are in good condition and complete, and always available for reference at thelocation where the TwinSAFE products are used.

• none of the safety and warning notes attached to the TwinSAFE products are removed, and all notesremain legible.

Foreword


1.2.3 Description of safety symbolsIn these operating instructions the following instructions are used.These instructions must be read carefully and followed without fail!

DANGERSerious risk of injury!Failure to follow this safety instruction directly endangers the life and health of persons.

WARNINGRisk of injury!Failure to follow this safety instruction endangers the life and health of persons.

CAUTIONPersonal injuries!Failure to follow this safety instruction can lead to injuries to persons.

NOTEDamage to the environment/equipment or data lossFailure to follow this instruction can lead to environmental damage, equipment damage or data loss.

Tip or pointerThis symbol indicates information that contributes to better understanding.

1.3 Documentation issue statusVersion Comment2.2.0 • Added TwinSAFE Loader Version v62.1.1 • Note to Virtual Ethernet Adpater added

• Parameter --localams added2.1.0 • Added extensions for TwinSAFE Loader, version v52.0.0 • Migration

• List of supported hardware updated1.2.0 • Setting up EtherCAT Mailbox Gateway added1.1.0 • Expanding system requirements

• Foreword updated1.0.0 • First released version0.0.7 • Functions Delete and Customize added0.0.6 • Note added to FMEDA chapter

• Graphic added to Chapter 2.10.0.5 • Addition of the FMEDA

• Exchange of Chapters 3.2 and 3.30.0.4 • Resorting of chapters0.0.3 • Chapter 3.7, CSV format added0.0.2 • Revision of call parameters0.0.1 • First draft

System description


2 System description

2.1 GeneralThe TwinSAFE Loader is a software for loading a safety project to an EL69xx or EK19x0 safety controllerindependently of the TwinCAT development environment. The starting point of a loading procedure is abinary file that is exported in advance from the TwinCAT development environment.

Following the actual loading procedure, it is possible to adapt the safety project. To perform an adaptation,the safety project must be configured accordingly in the TwinCAT development environment. The TwinSAFEgroups that are to be activated, deactivated or be passivated must be parametrized accordingly and the safesubstitute values for the outputs of the groups must be defined during the development by the programmer.These substitute values are also part of the binary file that the programmer created after completion of thesafety program.

Fig. 1: TwinSAFE Loader - Overview

2.2 System limitsThe TwinSAFE Loader software is delivered as an executable program library and is available for theWindows and Linux operating systems. This library can be integrated into applications. The various functionsof the program library are controlled by corresponding command line parameters.

The safety project can only be loaded for the EL6900 TwinSAFE logic terminal. It is not possible to adapt thesafety project here.

The safety project can be loaded and adapted for the EL6910 TwinSAFE logic terminal, the EK1960TwinSAFE controller and any future TwinSAFE products.

A TwinCAT version 3.1 or higher is required to create a corresponding safety project.

Product description


3 Product descriptionThe TwinSAFE Loader is a program library for the loading and adaptation of a safety project for TwinSAFElogic components. Before describing the functional mode of the product in detail, the system requirementsfor the successful use of the TwinSAFE Loader are dealt with in the following section.

3.1 System requirements

3.1.1 Operating SystemTo run the TwinSAFE Loader, the following system requirements must be met depending on the operatingsystem.

3.1.1.1 Windows

No additional components are required for the operating system Windows 7 (32 bit).

The following table lists the different versions of the TwinSAFE Loader and the associated SHA checksums.

File name Operating system Version SHA ChecksumTwinSAFE_Loader.exe Win32 v1 SHA1:

3dfc76aca223f04a0e91677f2c6452df8a39a8f9v5 SHA256:

970a4ee096e181d20cea42d700c6ded1253a61a34c9ea00a5db6cc9ee99693f6

v6 SHA256:177f74ae6ce036ecc0f747f1f1324cfd890c627be91c111429a4bf124a3a1a1d

3.1.1.2 Linux

No additional components are required for the operating system Ubuntu 16.04.

The following table lists the different versions of the TwinSAFE Loader and the associated SHA checksums.

Filename Operating system Version SHA ChecksumTwinSAFE_Loader.bin Linux x86 64-Bit v1 SHA1:

c37f52a2fb8e3609346671feb2f60c9cba2bd2f9v5 SHA256:

462a9f652eab4ad43fb0dbf487bb3db9fa71a596ce339fb9fd5990f544d0a808

v6 SHA256:972391f4aa88322dc8ffad415919ae814095ab7349f059ffcb03e8a8c5d0f8a5

TwinSAFE_Loader-i386.bin Linux x86 32-Bit v5 SHA256:4b25dbd486cd56a3da411e7b1643be6834b7db51c3cb58bfb9caecdd36bdc9e1

v6 SHA256:11ed882fd06dd28f19ec3a7c458fdebf87b8fdd269bec930a145056ece4dc835

3.1.2 Target systemThe supported TwinSAFE logic components can be taken from the following list:

Product description


Product name SW versionEL6900 05 or newer (Production from week 02/2014)EL6910 01 or newerEK1960 01 or newerEJ6910 01 or newer

3.1.3 Communication with the TwinSAFE logic componentThe TwinSAFE Loader supports the following protocols for the loading or adaptation of a safety project to aTwinSAFE logic component.

ADS over EtherCAT (AoE)

EtherCAT Mailbox Gateway

For successful communication with the TwinSAFE logic component, the TwinSAFE Loader must be able toestablish a connection with the EtherCAT master existing in the system. The following system requirementsmust be fulfilled for this:

3.1.3.1 ADS over EtherCAT (AoE)

The EtherCAT master must be configured so that it accepts AoE connections (according to ETG.1020) onport 0xBF02 (TCP/IP).

3.1.3.2 EtherCAT Mailbox Gateway

The EtherCAT master must be configured so that it accepts packets of the EtherCAT mailbox gateway(according to ETG.8200) on port 0x88A4 (UDP/IP).

Product description


3.2 Intended use WARNING

Risk of injury!TwinSAFE terminals may only be used for the purposes described below!

CAUTIONFollow the machinery directive!The TwinSAFE terminals may only be used in machines according to the machinery directive.

WARNINGLoading and adapting the project - workflow!For loading and adapting a safety project, the user must specify a workflow in order to ensure that the cor-rect safety project for the application is activated on the TwinSAFE logic component.

WARNINGLoading and adapting the project - authentication!The user must ensure that only authorized persons are able to load or adapt the safety project.

3.3 FunctioningThe task of the TwinSAFE Loader is to load a safety project to a TwinSAFE logic component independentlyof the TwinCAT development environment or to adapt a safety project already existing on a TwinSAFE logiccomponent.

The data packets necessary for this are transmitted via the EtherCAT master existing in the system to thecorresponding component. The functions of the TwinSAFE Loader are controlled by command lineparameters.

3.3.1 CommunicationThe following parameters must be used to control communication.

Command line parameters Description--gw <IPv4 address> Specification of the IPv4 address of the EtherCAT

mailbox gateway or, in AoE mode, the IPv4 addressof the EtherCAT master. As of version v5, theEtherCAT master can also be addressed via the hostname in AoE mode.

--ams <NetId> Specification of the AmsNetID, if ADS over EtherCAT(AoE) is to be used.

--localams <NetId> if --ams is used the local AMSNetID can be specified.If the parameter is not used, the AmsNetID is formedfrom its own IP address + ".1.1".

3.3.2 AuthenticationThe following parameters must be used to authenticate a user on the TwinSAFE logic.

Command line parameters Description--user <user name> Name of the user with the appropriate rights to

perform the desired function.--pass <password> Password of the user.

Product description


User managementEach TwinSAFE logic component has its own user administration. Only users registered in theTwinSAFE logic component can perform certain functions.

3.3.3 Loading a safety projectThe following parameters must be used to load a safety project.

Command line parameters Description--slave <EtherCat address of the EtherCAT slave> Specification of the EtherCAT slave address of the

TwinSAFE logic component.--proj <path to the binary file> Specification of the path to the binary file of the safety

project.

WARNINGLoading a safety projectThe loading of a safety project typically consists of a two-step process. The safety project must be activatedafter loading it to the TwinSAFE logic component.This division of the process enables measures to be taken to ensure that the correct safety project for therespective application on the TwinSAFE logic component is switched to active. The user must define thesemeasures. The user shall bear full responsibility to provide proof for the accuracy and efficacy of thesemeasures. See also Chapter FMEDA [} 18].In the TwinCAT development environment, for example, the checksum of the transferred safety project ischecked and a repeat login carried out before the safety project is really enabled (see chapter Intended use[} 11]).

Product description


The loading of a safety project takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.254 --user Administrator --pass TwinSAFE --slave 1007 --proj ./exam-ple.bin

Fig. 2: Call to load a safety project

3.3.4 Activation of a safety projectThe following parameters must be used to activate a safety project.



project.--crc <project CRC of the safety project to beactivated>

Specification of the project CRC of the safety projectto be activated.

The activation of a safety project takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.117 --ams 192.168.1.117.2.1 --user Administrator --pass TwinSAFE --slave 1007 --proj ./example.bin --crc 0x4273

Fig. 3: Call to activate a safety project

3.3.5 Deleting a safety projectThe following parameters must be used to delete a safety project.


TwinSAFE logic component.--delete Command to delete the project

The deletion of a safety project takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.254 --user Administrator --pass TwinSAFE --slave 1007 --delete

Fig. 4: Call to delete a safety project

3.3.6 Customizing a safety projectThe following parameters must be used to customize a safety project.

Product description



TwinSAFE logic component.--customize <path to csv file> Specification of the path to the csv file for the group

configuration

The customizing of a safety project takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.254 --user Administrator --pass TwinSAFE --slave 1007 --customize ./groupconfig.csv

Fig. 5: Call to customize a safety project

3.3.6.1 CSV format of the group configuration

The CSV file for the customization consists of several lines of ASCII text, whose columns are separated bysemicolons. The column order is fixed and includes the following information

1st column: ID of the TwinSAFE group2nd column: Indicates whether the group should be activated3rd column: Indicates whether the group can and should be passivated4th column: Indicates whether the group can and should be temporarily deactivated5th column: Indicates whether the group can and should be permanently deactivated

The first line contains an unsigned integer, which is interpreted as the version number of the csv format:

"1"

The second line contains the header:

"id;activate;passivate;temporarily;permanent"

The (2+n)th line contains the configuration of the nth TwinSAFE group in the format:

<id>;[AE];[ADE]; [ADE]; [ADE]

A: Active

D: cannot be activated

E: can be activated, but is currently inactive

Example Logic Terminal Listing (Tabular form)

1id; activate; passivate; temporarily; permanent1; E; E; E; A2; E; A; D; D

Example of TwinSAFE group configuration (plain text)1id;activate;passivate;temporarily;permanent1;E;E;E;A2;E;A;D;D

This is a version-1 csv format;

The file contains a configuration for a TwinSAFE project with 2 groups.

Product description


1. The first group can be activated, passivated, temporarily deactivated and permanently deactivated. Itscurrent state is permanently deactivated.

2. The second group can only be activated or passivated. Its current state is passivated.

3.3.7 List of the current group configurationThe following parameters must be used to list the groups of a safety project.


TwinSAFE logic component.--list <file name> Saves the list of the group configuration as a CSV list

in the specified file.

The listing of the groups of a safety project takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.254 --user Administrator --pass TwinSAFE --slave 1007 --list ./group-config.csv

Fig. 6: Call to list the groups of a safety project

3.3.7.1 CSV format of the group configuration

The csv format corresponds to the csv format from chapter 3.3.6.1 [} 14].

3.3.8 Additional functionsThe following additional functions can be used via parameters.

Command line parameters Description--list <file name> Saves the list of all available slaves as a CSV list in

the specified file.

The listing of the available slaves takes place, for example, as shown in the following call:TwinSAFE_Loader --gw 192.168.1.254 --list ./safetyterminals.csv

3.3.8.1 CSV format of the list of all available slaves

The CSV file listing the compatible EtherCAT slaves consists of several lines of ASCII text, whose columnsare separated by semicolons. The column order is fixed and includes the following information

1st column: EtherCat address of the slave2nd column: FsoE address of the slave3rd column: Terminal type of the slave4th column: Project CRC of the project currently active on the slave5th column: Name of the EtherCAT slave in TwinCAT

Product description


The first line contains the header:

"EtherCAT address; "FSoE address; type; project crc; name"

The (1+n)th row contains the configuration of the nth EtherCAT slave in the format:

<EtherCAT address>;<FSoE address>;<Type>;<Project CRC>;<Name>

Sample Logic Terminal Listing (Tabular form)

EtherCAT address; FSoE address; type; project crc; name;1001; 1; EL6900; 0x0; Term 2 (EL6900)1003; 3; EL6910; 0x0; Term 4 (EL6910)1004; 50; EL6930; 0x4539; Term 5 (EL6930)

Sample Logic Terminal Listing (Clear text)EtherCAT address;FSoE address;type;project crc;name1001;1;EL6900;0x0;Term 2 (EL6900)1003;3;EL6910;0x0;Term 4 (EL6910)1004;50;EL6930;0x4539;Term 5 (EL6930)

The file contains a listing of three logic terminals

1. The first logic terminal is accessible via the EtherCAT address "1001", it has the FSoE address "1", itis of the type "EL6900", no project is currently active on it ("0x0") and it is called "Term 2 (EL6900)"

2. The second logic terminal is accessible via the EtherCAT address "1003", it has the FSoE address "3",it is of the type "EL6910", no project is currently active on it ("0x0") and it is called "Term 4 (EL6910)"

3. The third logic terminal is accessible via the EtherCAT address "1004", it has the FSoE address "50",it is of the type "EL6930", the project with the CRC "0x4539" is currently active on it and it is called"Term 5 (EL6930)"

Product description


3.4 List of all available parametersCommand line parameters Description--gw <IPv4 address> Specification of the IPv4 address of the EtherCAT

mailbox gateway or, in AoE mode, the IPv4 addressof the EtherCAT master.

--ams <NetId> Specification of the AmsNetID, if ADS over EtherCAT(AoE) is to be used.

--localams <local AMSNetID> if --ams is used the local AMSNetID can be specified.If the parameter is not used, the AmsNetID is formedfrom its own IP address + ".1.1".

--user <user name> Name of the user with the appropriate rights toperform the desired function.

--pass <password> Password of the user.--slave <EtherCat address of the EtherCAT slave> Specification of the EtherCAT slave address of the


project.--crc <project CRC of the safety project to beactivated>

Specification of the project CRC of the safety projectto be activated.

--list <file name> Together with the command parameter --gw:Saves the list of all available slaves as a CSV list inthe specified file.

--list <file name> Together with the command parameters --gw and --slave:saves the list of the group configuration as a CSV listin the specified file.

--customize <path to csv file> Specification of the path to the csv file for the groupconfiguration

--delete Command to delete the project

3.5 Safety parametersThe product is classified in accordance with IEC 61508:2010 as a T2 tool.

Product description


3.6 Error codesThe product has the following error codes.

Error code Meaning Possible cause0x0000 No error Action successfully carried out0x0001 Invalid parameter Command-line parameter was incorrect0x0002 File does not exist or is

corruptedProject file is corrupted or the specified path is invalid

0x0003 Login failed The specified user name or password is invalid on the logicterminal

0x0004 Unknown EtherCAT slave No slave could be found for the specified EtherCAT address0x0005 Error during the data

transmissionThe communication connection was disconnected

3.7 FMEDAThe following table contains the FMEDA for the TwinSAFE loader. The errors are described in theFailureMode column, in Effect the effect and in Diagnostics how the errors are detected or not detected.

CAUTIONFMEDAThe last column, User measures required of the following table indicates whether the user has to take ac-tion to handle the errors described under FailureMode in a safe manner. These measures must be definedand implemented by the user in the form of e.g. process descriptions or software specifications. The usershall bear full responsibility to provide proof for the accuracy and efficacy of these measures.

Product description


FMEDAID

FailureMode Effect Diagnostics User mea-sures required

1 A download with a defec-tive project file is starting.

Prior to the actual download the currentsafety project is deleted by the tool. Thedownload with the new project file is car-ried out by the tool.

During the download the checksumsof the download packages arechecked by the target system. Thedownload is canceled in the event ofdiscrepancy of the checksums..

No

2 A download with a projectfile is starting which doesnot contain the expectproject.

Download will be carried out completelyand validly by the tool, but it won’t be acti-vated yet.

Activation only occurs if the projectCRC of the activation record matchesthe project CRC of the target system.A discrepancy leads to cancellationof the activation.

Yes

11 A download and an acti-vation of the project arebeing carried out on a tar-get system which was notintended from the point ofview of the secure ad-dress.

Download will be carried out completelyand validly by the tool, but it won’t be acti-vated yet.

Activation only occurs if the secureaddress in the activation recordmatches the secure address of thetarget system. A discrepancy leads tocancellation of the activation.

No

3 The download and theactivation are being car-ried out with an unex-pected project.

Download is carried out completely andvalidly by the tool.

Error is not detected by the tool. Yes

5 A user is attempting tocarry out a download withfalse access data.

Prior to start of the actual downloadprocess a login is carried out with the in-valid access data on the target system.

Invalid access data is detected on thetarget system during the login, thedownload is refused and a feedbackis given to the tool.

No

7 An unauthorized user isattempting to carry out adownload with valid ac-cess data.

The download is successfully carried out. Error is not detected by the tool. Yes

13 Customizing is being car-ried out by an unautho-rized user with valid ac-cess data.

The customizing is successfully carriedout.


14 Customizing is being car-ried out by a user withfalse access data.

Prior to starting the actual customizingprocess a login is carried out on the targetsystem with the invalid access data.

Invalid access data is detected on thetarget system during the login, cus-tomizing is refused and a feedback isgiven to the tool.

No

8 Customizing record is be-ing incorrectly transmit-ted.

The customizing is successfully carriedout.


12 The wrong customizingrecord is being transmit-ted.

Customizing action is carried out com-pletely and validly by the tool.


9 A communication connec-tion cannot be estab-lished with the target sys-tem.

No action is executed on the target sys-tem.

An error code indicates a communi-cation error.

No

15 While carrying out thedownload the communi-cation connection to thetarget system is can-celed.

Prior to the actual download the currentsafety project is deleted by the tool. Thedownload of a safety project only leads toa successful change of the active safetyproject if all steps of the download werecorrectly carried out and the safety projectwas activated. A cancellation of thisprocess leads to an empty target system.

An error code indicates the cancella-tion of the action.

No

16 While carrying out thecustomizing the commu-nication connection to thetarget system is can-celed.

The customizing is carried out by a singletransaction. If this transaction is inter-rupted, no action will be carried out on thetarget system. If the transaction is carriedout, the correct action takes place on thetarget system (provided there are no fur-ther errors such as e.g. FMEDA ID 8).

An error code indicates the cancella-tion of the action.

No

Product description


FMEDAID

FailureMode Effect Diagnostics User mea-sures required

10 The execution of the toolis unexpectedly inter-rupted during the down-load of a safety project.

Prior to the actual download the currentsafety project is deleted by the tool. Thedownload of a safety project only leads toa successful change of the active safetyproject if all steps of the download werecorrectly carried out and the safety projectwas activated. A cancellation of thisprocess leads to an empty target system.

A successful download includes thelogin on the target system, the dele-tion of the existing safety project, thedownload of the new safety projectand the activation of the new safetyproject. Only the successful execu-tion of all of the steps results in avalid change of the safety project.

Yes

18 The execution of the toolis unexpectedly inter-rupted during the cus-tomizing of a safetyproject.

The customizing is carried out by a singletransaction. If this transaction is inter-rupted, no action will be carried out on thetarget system. If the transaction is carriedout, the correct action takes place on thetarget system (provided there are no fur-ther errors such as e.g. FMEDA ID 8).

Current configuration data of the tar-get system.

Yes

24 A file is being specifiedfor the customizing thatdoes not correspond tothe CSV format.

No action is executed on the target sys-tem.

If the tool detects an unexpectedcharacter during the processing of aCSV file, further processing is can-celed and an error is reported.

No



4 EtherCAT Mailbox GatewayThe EtherCAT Mailbox Gateway is required to access TwinSAFE logic components when ADS cannot beused for communication.

The following description shows which settings must be made by way of example in order to be able tocommunicate via the EtherCAT Mailbox Gateway.

The configuration for using the EtherCAT Mailbox Gateway consists of a TwinSAFE Loader PC on which theTwinSAFE Loader is installed and a TwinCAT PC which serves as a gateway to route the requests from theTwinSAFE Loader PC to the EtherCAT network and to the TwinSAFE logic components.

Fig. 7: EtherCAT Mailbox Gateway

4.1 Settings EtherCAT Mailbox GatewayActivation of the EtherCAT Mailbox Gateway is performed via the advanced settings of the EtherCAT master.These can be found under the EtherCAT tab when the EtherCAT master is selected in the TwinCAT treestructure.

The settings for the EtherCAT Mailbox Gateway are summarized under the entry EoE Support. The VirtualEthernet Switch, Connect to TCP / IP Stack, and IP Enable Router must be enabled. In addition, theEtherCAT Mailbox Gateway must be activated and an IP address outside the existing networks must beselected. These settings require a restart of the TwinCAT PC.



Fig. 8: EoE Support

Whether these settings are correct should be checked locally with the ping command on the TwinCATcomputer. In this case, the command would read as follows:ping 192.198.67.254

Fig. 9: The command ping 192.198.67.254

4.2 Beckhoff Virtual Ethernet AdapterIf the ping command has not yet delivered a positive result, it may be that the Beckhoff Virtual EthernetAdapter has yet to be configured.

To do this, open the network settings and select the Properties via the context menu of the Beckhoff VirtualEthernet Adapter.



Fig. 10: Network settings - context menu of the Beckhoff virtual Ethernet adapter

Beckhoff Virtual Ethernet AdapterIf there is no Virtual Ethernet adapter in the system listed, an EoE device (e.g. EL6601) can beadded under TwinCAT. Under the Extended EtherCAT settings of this device, under EoE the VirtualEthernet port can be activated.

In the properties of this network adapter, you set a fixed IP address that is within the network area of theEtherCAT Mailbox Gateway. In the example, this is the IP address 192.198.67.13 with the subnet mask255.255.255.0.

Fig. 11: Properties of the Beckhoff virtual Ethernet adapter



Whether this setting is correct should be checked again with the ping command locally on the TwinCATcomputer. The command would again be as follows:ping 192.198.67.254

4.3 Adding a routeAfter all settings on the TwinCAT PC have been carried out and the local execution of the ping commandhas been successful, an IP route has to be added to the TwinSAFE Loader PC.

The route is added by command route add from the command line.

The command prompt to add a route must be started as an administrator.

Fig. 12: Start the Windows command prompt as administrator

The route is then added using the following command:route add 192.198.67.0 mask 255.255.255.0 172.17.42.29

The command returns an OK! when adding the route was successful.

The current routes can be displayed using the route print 192.198.* command.



Fig. 13: Windows command prompt

To check the function, a ping command should now be sent from the TwinSAFE Loader PC to the EtherCATMailbox Gateway.ping 192.198.67.254

Fig. 14: Windows command prompt - command ping 192.198.67.254

If the ping command returns a positive result, the EtherCAT Mailbox Gateway can also be used with theTwinSAFE Loader.

Appendix


5 Appendix

5.1 Support and ServiceBeckhoff and their partners around the world offer comprehensive support and service, making available fastand competent assistance with all questions related to Beckhoff products and system solutions.

Beckhoff's branch offices and representatives

Please contact your Beckhoff branch office or representative for local support and service on Beckhoffproducts!

The addresses of Beckhoff's branch offices and representatives round the world can be found on her internetpages:http://www.beckhoff.com

You will also find further documentation for Beckhoff components there.

Beckhoff Headquarters

Beckhoff Automation GmbH & Co. KG

Huelshorstweg 2033415 VerlGermany

Phone: +49(0)5246/963-0Fax: +49(0)5246/963-198e-mail: [email protected]

Beckhoff Support

Support offers you comprehensive technical assistance, helping you not only with the application ofindividual Beckhoff products, but also with other, wide-ranging services:

• support• design, programming and commissioning of complex automation systems• and extensive training program for Beckhoff system components

Hotline: +49(0)5246/963-157Fax: +49(0)5246/963-9157e-mail: [email protected]

Beckhoff Service

The Beckhoff Service Center supports you in all matters of after-sales service:

• on-site service• repair service• spare parts service• hotline service

Hotline: +49(0)5246/963-460Fax: +49(0)5246/963-479e-mail: [email protected]

http://www.beckhoff.de/english/support/default.htm

http://www.beckhoff.com

http://www.beckhoff.com/english/download/default.htm

Appendix


5.2 Certificates

5.2.1 Letter of Confirmation

Table of figures


Table of figuresFig. 1 TwinSAFE Loader - Overview ..................................................................................................... 8Fig. 2 Call to load a safety project ......................................................................................................... 13Fig. 3 Call to activate a safety project.................................................................................................... 13Fig. 4 Call to delete a safety project ...................................................................................................... 13Fig. 5 Call to customize a safety project ................................................................................................ 14Fig. 6 Call to list the groups of a safety project...................................................................................... 15Fig. 7 EtherCAT Mailbox Gateway ........................................................................................................ 21Fig. 8 EoE Support ................................................................................................................................ 22Fig. 9 The command ping 192.198.67.254 ............................................................................................ 22Fig. 10 Network settings - context menu of the Beckhoff virtual Ethernet adapter .................................. 23Fig. 11 Properties of the Beckhoff virtual Ethernet adapter ..................................................................... 23Fig. 12 Start the Windows command prompt as administrator ................................................................ 24Fig. 13 Windows command prompt ......................................................................................................... 25Fig. 14 Windows command prompt - command ping 192.198.67.254 .................................................... 25

2018-06-25 twinsafe loader - beckhoff · foreword twinsafe loader version: 2.2.05 1 foreword...

Documents