rockwell automation - drive safety design and techniques

PUBLIC

Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 1

Rockwell Automation - Drive Safety Design and Techniques

PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 2

Why Safety?

Safety continues to emerge as core system function

Value of Functional Safety:

Increased productivity

Systematic MTTR reduction

Improved competitiveness

Reduced floor space and direct labor

Reduced costs

Global compliance

Common designs

Improved ergonomics

Reduced injuries

Rockwell Automation is committed to delivering world class safety products & solutions

Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved. PUBLIC

3

PowerFlex Series AC Drives Safety Solutions

What Makes a System Safe? • Duality (Also known as Redundancy)

– If one thing fails, there is another thing that can bring the system to a safe state

– In parallel for Inputs or in series for Outputs

• Diversity

– Protects against two things failing in exactly the same way at the same time

– Example: Using one NO and one NC set of contacts

– Example: Using both a high and a low input channel to a safety device

• Diagnostics

– Safety products spend much of their time performing self-diagnostics

– If a problem is detected, the system will go to its “safe state” and will not allow the system to be restarted until the problem is fixed

– Example: A safety PLC has a significantly higher degree of self-diagnostic versus a standard PLC (> 90% vs. ≈ 50%)


Risk Assessment – The Foundation

Provides Safety Performance Level – Design Target

Creates the Foundation of the Safety System Functional

Requirements, System Design and Validation Protocol

Shows “Due Diligence” and Compliance to Global Standards

S1

S2

F2

F1

Performance

Level, PLr

a

b

P1

P2

e

c

d

P1

P2

P1

P2

P1

P2

F2

F1

S = Severity F = Frequency or Duration of Exposure P = Avoidance Probability

Task/Hazard

Contribution to

Risk Reduction

Low

High


5


Safety solutions to meet your needs

• IEC 61508 addresses the design and development of Electrical, Electronic and Programmable Electronic Safety Systems (E/E/PE Systems)

– Probabilistic methodology based on probability of failure of the system

– Also introduces a safety life cycle as part of the standard

– Classifies safety control systems into 4 Safety Integrity Levels (SILs)

• Focus is on the the whole life cycle including design, development, use and modification

• Answers the following question:

– What is the probability of failure for the E/E/PE safety system when a safety related demand is placed on that system (known as the “Probability of Failure on Demand”)

Safety integrity level

(SIL)

Average probability of failure

on demand

Probability of a dangerous

failure per hour

4 10-5 to 10-4 10-9 to 10-8

3 10-4 to 10-3 10-8 to 10-7

2 10-3 to 10-2 10-7 to 10-6

1 10-2 to 10-1 10-6 to 10-5


6

Network

PowerFlex 527/755 SIL3 / PLe (Network)

Hardwired

PowerFlex 70/525/527

SIL2 / PLd

PowerFlex 527/755 SIL3 / PLe

External

PowerFlex Drives



Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved. PUBLIC INFORMATION

Powerflex 525 – Safety Relay

7


Powerflex 525 Safety Relay

8


Powerflex Safe Torque Off

9


Designed for the PowerFlex 755 and 755T AC drives

Safely removes power from the gate firing circuits of the

drive’s output power devices (IGBT)

Provides networked Safe Torque Off over EtherNet/IP

TÜV Rheinland Approved for networked and hardwired STO

PLe, CAT 3 per ISO 62061

SIL3 per IEC EN 61800-5-2

Stop Category 0 per EN 61800-5-2

Networked Safe Torque Off Product Overview


Powerflex 527 Network Solutions

11


Integrated Safety on EtherNet/IP How it works

12

Capable of SIL 3 / PLe for Safe Torque Off

> Duality

> Diagnostics

> Diversity

Safety Message Safety Message

Time Stamp Section Data Section

CRC-B

Producer to Consumer

Time_Stamp CRC

Producer to Consumer

Data B

normal data

inverted data

Data A CRC-A Mode

Output B Output A

A B

STO STO

EtherNet/IP CIP Safety Packet provides Duality, Diagnostics and Diversity!

Change to one axis


Powerflex 527 Safety Solutions

13


Integrated Safety on EtherNet/IP

14

Integrated Safety Enhances Machine Performance and Flexibility


Powerflex 520 Logix

15


Powerflex 520 Application Technique

16


Networked Safety SIL3/Ple (20-750-S3) Hardwired Safety SIL3/Ple (20-750-S)

Networked Safe Torque Off PowerFlex 755 AC Drives Safety Solutions Offerings

SensaGuard

Non-Contact

Interlocks

GuardLogix

Controller

Guardmaster

Safety Relay

Stratix Switch

PointGuard I/O GuardLogix

Controller

SensaGuard

Non-Contact

Interlocks

Stratix Switch

Eliminate field wiring

and safety relays


PointGuard

I/OTM

GuardLogix® Integrated

Safety System Controller

PowerFlex 755 with

Networked

Safe Torque Off

Stratix 5700TM Industrial

Ethernet switch

Networked Safe Torque Off Setup Example for SIL3/PLe Cat. 3


Networked Safety SIL3/PLe

Reduced

hardware & points

of failure

Reduced overall

panel footprint

One node for

safety & drive

Reduced

hardware, wiring

& labor costs

Flexible control

Field installable

Networked Safe Torque Off Product Benefits


20-750-S3 PowerFlex 527 Kinetix 5500

Common configuration, programming and safety related tags

Networked Safe Torque Off Elements of Commonality Across Rockwell Portfolio


21

Safety EtherNet I/O Selections for Safety Logix Processors


Point I/O

Armor Point I/O

rockwell automation - drive safety design and techniques

Documents