ABB FSO-12 User Manual Download | Manualshive

Page: 381 / 388

background image

Technical data 381



Relevant failure modes

The following failure modes related to the outputs of the FSO-12 have been
considered in the design:

• STO output
• PROFIsafe
• Digital outputs.

The relevant dangerous failure mode due to internal random hardware failure of FSO-
12 are that these outputs are not activated on command.

The probabilities of the dangerous undetected failures of the safety functions are
given in the basic safety table.

FSO-12 implements several diagnostics to detect internal random hardware failures.
The diagnostics cycle time for each of the channels is 10 hours or less. The
diagnostics of each channel is separate and independent of the other channel.

The relevant failure mode of the diagnostics is that, due to a random hardware fault in
the diagnostic system, the fault reaction is not performed while a detectable fault in
the safety function is present.

Conservative estimates for the probabilities of a dangerous random hardware failure
of the diagnostics when proof test interval is 20 years for the following configurations
is:

• FSO-12 module: 8.57*10-3

When a shorter proof test interval is used, the probability of a dangerous random
hardware failure is lower.

For FSO-12 module, there are no dangerous failures that are not detected by the
diagnostics.

Hardware diagnostics results, summary

λ

s

λ

d

MTTF

D

λ

du

MTTF

DU

[FIT]

[FIT]

[a]

[FIT]

[a]

FSO-xx diagnostics

713.21

713.21

160.1

7.1

16005.9

3AXD10001067885 rev B

«
...
379
380
381
382
383
...
»

Summary of Contents for FSO-12

Page 1: ... OPTIONS FOR ABB DRIVES FSO 12 safety functions module User s manual ...

Page 2: ...160 to 3200 kW hardware manual 3AXD50000020436 ACS880 37 160 to 3200 kW hardware manual 3AXD50000020437 ACS880 17 132 to 355 kW hardware manual 3AXD50000035158 ACS880 37 132 to 355 kW hardware manual 3AXD50000035159 ACS880 104 inverter modules hardware manual 3AUA0000104271 ACS880 107 inverter units hardware manual 3AUA0000102519 Drive firmware manuals and guides ACS880 primary control program fir...

Page 3: ...User s manual FSO 12 safety functions module 3AXD50000015612 Rev H EN EFFECTIVE 2020 07 24 2020 ABB All Rights Reserved 1 Safety instructions Table of contents 12 Start up 8 Installation ...

Page 4: ......

Page 5: ...ontents 17 Recommended reading 19 Terms and abbreviations 19 Certificates 25 3 Safety information and considerations Contents of this chapter 27 Meeting the requirements of the Machinery Directive 27 Responsibilities 28 Intentional misuse 28 Safety considerations 28 Response times 28 FSO diagnostics 28 I O 29 Acknowledgement 30 Motor speed feedback 30 Proof testing 34 Safety separation 35 ACS880 d...

Page 6: ...1 61 SS1 with time monitoring SS1 t 62 SS1 with ramp monitoring SS1 r 64 SS1 with speed limit activated SBC 66 SS1 with speed limit activated SBC SBC before STO 70 SS1 ramp functions when drive modulation is lost 74 Safe stop emergency SSE 76 SSE with immediate STO 77 SSE with immediate STO SBC after STO 78 SSE with immediate STO SBC before STO 80 SSE with time monitoring 82 SSE with ramp monitori...

Page 7: ...ROFIsafe message format 141 FSO PROFIsafe profiles 142 FSO module modes and states 148 PROFIsafe response time 160 PROFIsafe watchdog time 162 Installation 164 Configuration 165 Configuring the FENA adapter module 165 Configuring the FSO module 166 Configuring the safety PLC 166 Downloading the GSD file 167 Configuring the ABB AC500 S Safety PLC 167 Configuring the Siemens SIMATIC Fail safe S7 PLC...

Page 8: ...ng general settings 224 How to configure general settings 224 Configuring the safety fieldbus communication 225 How to configure the safety communication with PROFIsafe 225 Configuring I O 226 How to configure I O 226 How to configure a cascaded system 227 How to configure safety relays 230 Configuring SBC 231 How to configure the SBC in the STO function 232 How to configure the SBC in the SS1 fun...

Page 9: ...fety functions 268 Configuring SMS 269 How to configure SMS version 1 269 How to configure SMS version 2 270 Related safety functions 270 Configuring POUS 271 How to configure POUS 271 How to configure SLS function behavior when drive modulation is lost 271 How to configure SLSn with time monitoring if drive modulation is lost during SLS decelera tion ramp 272 How to configure SLSn with ramp monit...

Page 10: ...48 Validation of the cascaded safety function 349 Proof test intervals during operation 350 Residual risks 350 14 Fault tracing Contents of this chapter 351 Status LEDs 351 Event types 352 Event code decoding with Drive composer Pro tool 352 Faults warnings and events 353 User selectable events for function requests 360 User selectable events for limit hits and special events 360 User selectable e...

Page 11: ...nd cable entry data for the control cables 372 STO cable and data cable between FSO module and drive 373 Tightening torques 373 Size and weight 373 Cooling 373 Speed estimation 374 Ambient conditions 374 Safety functions 375 Safety data 376 General 376 Basic safety data 378 Safety data for some typical configurations 380 Relevant failure modes 381 Response times 382 Related standards and directive...

Page 12: ...12 Table of contents ...

Page 13: ... occur Read this chapter before you start the installation Use of warnings Warnings tell you about conditions which can cause injury or death or damage to the equipment They also tell you how to prevent the danger The manual uses these warning symbols Electricity warning tells you about hazards from electricity which can cause injury or death or damage to the equipment General warning tells you ab...

Page 14: ...ch or by other means Disconnect all dangerous external voltages from the control circuits After you disconnect power from the drive always wait 5 minutes to let the intermediate circuit capacitors discharge before you continue 3 Protect any other energized parts in the work location against contact 4 Take special precautions when close to bare conductors 5 Measure that the installation is de energ...

Page 15: ...on needed to use the FSO 12 safety functions module when implementing safety systems The information and examples given are for general use only They do not describe all the necessary details for implementing a safety system The manufacturer of the machinery always remains ultimately responsible for the product safety and compliance with applicable laws ABB does not accept any liability for direct...

Page 16: ... version 1 7 or later Note This manual applies to the Drive composer pro PC tool versions until 1 12 If you use a later version the menus and button names can differ from the ones used in this manual For more information see the documentation of the tool Supported safety functions This manual provides instructions for creating the following safety functions according to EN IEC 61800 5 2 for the AC...

Page 17: ...n to the manual this chapter page 15 states exclusion of liability and describes the applicability compatible products supported safety functions target audience and purpose of the manual It also lists contents of this manual and recommended reading and explains used definitions terms and abbreviations The safety certificate is included at the end of the chapter Chapter Safety information and cons...

Page 18: ...cribes the general precautions to be taken before starting up the safety system for the first time Chapter Verification and validation page 327 describes verification and validation procedures of the implemented safety functions Chapter Fault tracing page 351 describes the status LEDs and provides generic diagnostics and troubleshooting tips for FSO related faults generated by the drive Chapter Ma...

Page 19: ...ater chapters of this manual Functional safety Technical guide No 10 3AUA0000048753 English Safety and functional safety A general guide 1SFC001008B0201 English firmware and hardware manuals of the drive For a complete list of related standards and directives see section Related standards and directives on page 384 Terms and abbreviations The terms and abbreviations used in this manual are defined...

Page 20: ...vice Passive bus participant In PROFINET IO terminology device stations or slaves are also called passive stations Also referred to as nodes DI Digital input DO Digital output E stop Emergency stop ELV Extra low voltage EMC Electromagnetic compatibility External active load Load in systems where the motor speed does not decrease when the motor control is stopped Fail safe mode The FSO module has a...

Page 21: ...ion file that describes the basic capabilities of a device in a specified form PROFINET uses GSDML files which are GSD files written in XML format HAT Host acknowledgement time Hazard Potential source of harm physical injury or damage to health or equipment HFT Hardware fault tolerance IEC 61508 hi Z state In digital outputs the signal is neither driven to a logical high nor low level It is floati...

Page 22: ...ademark of PROFIBUS and PROFINET International PI community PROFIsafe An additional layer on top of the PROFINET protocol for safety related communication Registered trademark of PROFIBUS and PROFINET International PI community Proof test Test that can detect faults and degradation in a Safety related electronic control system SRECS and its subsystems so that if necessary the SRECS and its subsyst...

Page 23: ... a safety system physical entity Example FSO safety functions module Safety related control function SRCF Control function implemented by a SRECS with a specified integrity level that is intended to maintain the safe condition of the machine or prevent an immediate increase of the risk s Safety related electrical control system SRECS Electrical control system of a machine whose failure can result ...

Page 24: ...op category 0 an uncontrolled stop where power to the machine actuators is removed immediately stop category 1 a controlled stop where the machine actuators have power for stopping after which the power is removed stop category 2 a controlled stop where the machine actuators continue to have power Stop category 0 and 1 definitions also apply to Emergency stop categories T1 Proof test interval IEC ...

Page 25: ...idity of the certificate with a specific drive variant WCDT Worst case delay time WD Watchdog ZCU xx Drive control unit type xx version number Zero speed Speed below the value given with parameter FSOGEN 51 Zero speed without encoder on page 291 λd Dangerous failure rate λdu Dangerous failure rate undetected failures λs Safe failure rate Term Abbreviation Description ...

Page 26: ...26 Introduction to the manual The PROFIsafe certificate for the FSO 12 module is attached below ...

Page 27: ...ety system must always be properly commissioned and verified validated before it can be considered safe Meeting the requirements of the Machinery Directive In order to fulfill the requirements of the Machine directive the requirements in the applicable standards must be met and the FSO module must be used according to all instructions provided in this manual Implementing safety functions requires ...

Page 28: ...lso after you later modify any application parameters or the configuration you must check the safety of the entire system by doing a verification according to the system safety verification plan and by doing a validation of the correct operation of the safety application See chapter Verification and validation Response times Safety function response time and FSO response times are specified in sec...

Page 29: ...e redundant inputs is activated upon a safety function request the FSO module activates the safety function but it cannot be acknowledged before the failure has been repaired To acknowledge the safety function you must set both input channels down and up at the same time or switch the power off and on Note ABB recommends to use external devices which are equipped with either a positive mechanical ...

Page 30: ... from the FSO I O or from a safety PLC The acknowledgement method can be selected separately for the start up the STO SSE and SS1 always end in drive STO SLS and POUS safety functions For more information see section Acknowledgement methods on page 46 WARNING If the FSO module has the automatic acknowledgement in use make sure that it does not cause an unacceptable risk for example due to an autom...

Page 31: ...of the nominal speed there is ripple in the safe speed estimate signal If the speed close to this region needs to be monitored by the FSO module using the safe speed estimate the applicability of the estimate must be checked and considered case by case For example the motor type and number of pole pairs If the motor shaft speed needs to be known also in cases where the drive is not modulating the ...

Page 32: ...n example of the SLS function and the behavior of the safe speed estimation with an induction motor and its slip It also illustrates the possible effect unnecessary limit hit if you do not take the slip into account when defining the trip limits in the FSO module In the example the motor torque is 100 during the acceleration and the motor slip is at its maximum value The FSO module speed estimates...

Page 33: ... for example in acceleration or direction changes the safe speed estimation can reach the safety function trip limit for a short period of time These situations can cause an unnecessary trips The transient mute time feature can mute the monitoring for short pre defined periods and prevent unnecessary trips Transient mute time means that for example in case of a limit hit the FSO safety function re...

Page 34: ...s applicable for all 3 situations Proof testing Periodic proof testing of for example electromechanical parts of the safety system may be required in order to maintain the claimed SIL PL level of the system In this case proof testing must be taken into consideration in the safety calculations and it must be properly documented in the user documentation Proof testing has to be verified in the accep...

Page 35: ...FSO WARNING The Safe torque off function does not disconnect the voltage of the main and auxiliary circuits from the drive Therefore maintenance work on electrical parts of the drive or the motor can only be carried out after isolating the drive system from the main supply from rotating permanent magnet motors and from rotating motors equipped with sine filters asserting the STO is not sufficient ...

Page 36: ...36 Safety information and considerations ...

Page 37: ... 4 Overview Contents of this chapter This chapter briefly describes the FSO module with safety system components as well as the FSO module layout connections type designation label and operational characteristics ...

Page 38: ...tegrator must obey those requirements when he she implements safety functions with the FSO module FSO module and safety system components Example figure of a safety system with the FSO 12 safety functions module the ACS880 01 drive a safety PLC the FENA 21 module switches and buttons The FSO safety functions module is an option for the ACS880 drives The Safe torque off STO function is a standard f...

Page 39: ...lated to a situation where drive modulation is lost when SLS function is active it is recommended to update all FSO modules to revision H or later Each new revision of the FSO 12 module supports all or most functions of previous FSO 12 module revisions and it can be used together with previous ACS880 drive firmware versions In addition previous FSO 12 module revisions can be used together with new...

Page 40: ...oints for drives with other control units may vary 5 FSO grounding screw grounds the electronics 6 FSO status LEDs see section Status LEDs on page 351 7 Input output status LEDs one for each I O connector see No 8 The LEDs are in two rows above the corresponding two rows of I O connectors The LED is lit if the state of the corresponding I O is ON 24 V in the input or output The data shown by LEDs ...

Page 41: ...re shown below 8 Input output connections 4 redundant or 8 single digital inputs or combinations of redundant and single inputs Possible redundant pairs X113 1 X114 1 X113 2 X114 2 X113 3 X114 3 and X113 4 X114 4 3 redundant or 6 single digital outputs or combinations of redundant and single outputs Possible redundant pairs X113 7 X114 7 X113 8 X114 8 and X113 9 X114 9 two 24 V DC reference output...

Page 42: ... an internal fault during its diagnostics tests see section FSO modes on page 51 The FSO module checks on every boot that the drive has the same configuration as the FSO module If the configurations do not match the FSO module keeps the STO active When the FSO module is configured with the Drive composer pro the tool will do a sanity check for the FSO configuration to make sure that it is plausibl...

Page 43: ...E with time monitoring on page 82 and SSE with ramp monitoring on page 84 Safe brake control SBC This safety function provides a safe output for controlling external safety brakes When you use the SBC function with other safety functions of the FSO module it is always combined with the drive STO function That is the SBC function is activated before at the same time with or after the drive STO func...

Page 44: ...e activates the SSE function and the motor stops See section Safely limited speed SLS on page 94 Variable Safely limited speed SLS This safety function prevents the motor from exceeding user defined speed limits With the Variable SLS function the speed limits can be changed on the fly The speed limits are controlled from a safety PLC via the PROFIsafe communication bus See section Variable Safely ...

Page 45: ...feature 55 Safe stop 1 SS1 Stop category 1 With time SS1 t or ramp monitoring SS1 r 61 Safe stop emergency SSE Stop category 0 or 1 With immediate STO or emergency ramp 76 Safe brake control SBC With STO SSE and SS1 functions 43 Safely limited speed SLS With time or ramp monitoring 94 Variable Safely limited speed SLS Only with PROFIsafe 124 Safe maximum speed SMS Function permanently on off Two d...

Page 46: ... activate up to two separate safety functions A request activates both functions simultaneously For the execution order see section Priorities between safety functions page 134 Note The FSO module does not react to activation requests of the safety functions during the boot Acknowledgement methods You can configure the acknowledgement method separately for the start up STO SSE and SS1 always end i...

Page 47: ...ust be of type normally closed NC The acknowledgement button is connected like a normal safety input 24 V in the input is the standby negative state and 0 V is the positive acknowledge state Acknowledgement can be performed if A safety function request is not active STO Delay defined by parameter STO 13 Restart delay after STO or STO 14 Time to zero speed with STO and modoff has passed ID Descript...

Page 48: ...etween safety functions page 134 apply Note If the FSO module is rebooted after a safety function request has been removed but before it has been acknowledged the FSO reboot acknowledges the safety function DC magnetization and drive start modes The correct operation of safety functions that limit or monitor motor speed eg SLS SMS SSM requires that ID run has been performed prior to operation Note...

Page 49: ...ter SARx 02 SAR initial allowed range This parameter moves the location of the maximum ramp forward on the time axis when monitoring is started that is at time of D the maximum limit is the value of the motor speed that was in use when the monitoring started Common for all ramps SARn n 0 1 E Scaling speed value of parameter 200 202 SAR speed scaling Speed value that the FSO module uses as a refere...

Page 50: ...S output Ramp monitoring SAR0 and SAR1 see section Configuring SAR on page 257 is not indicated The FSO module switches off the digital output indications SSE SS1 and POUS functions when the function is acknowledged Stop completed indications are activated when the stopping function has completed but is not yet acknowledged There are separate indications for each stopping function STO SSE and SS1 ...

Page 51: ...ot the FSO to exit the Fail safe mode Configuration Parameters are uploaded from the FSO module The drive STO is active Indicated with blinking RUN and STATUS FAULT LEDs You can exit the Configuration mode by downloading the new configuration to the FSO or by rebooting the FSO For more information on the FSO LEDs see section Status LEDs on page 351 FSO states When the FSO is up and running it can ...

Page 52: ...art up checks performed Configuration STO active setting of parameters Operational STO inactive FSO running Operational STO active POUS active FSO running Safe STO active FSO running Fail safe STO active I O FSO or communication fault detected Power down STO active Start up STO active Configuration STO active Fail safe STO active Safe STO active Operational STO inactive STO POUS active Acknowledge...

Page 53: ...ts the FSO with the Boot FSO button in the Drive composer pro PC tool or reboots the FSO with drive parameter 96 09 FSO reboot see the drive firmware manual When the FSO is in the Power down Start up Configuration Safe or Fail safe mode the drive STO function is always active When the FSO is in the Operational state the drive STO function is inactive except when the POUS function is active the dri...

Page 54: ...t of any safety function or a diagnostics fault you must have the SSE function in the cascaded system If an FSO module activates the STO function after a limit hit an STO request from the I O or the safety fieldbus or after an internal fault also the cascaded SSE output is triggered Note When several drives are linked together in a master follower system and the follower drive is in the torque con...

Page 55: ... on the STO function in the ACS880 drives see the drive hardware manual WARNING For the encoderless mode you have to set parameters STO 14 and SBC 13 so that the motor has enough time to stop from full speed when modulation is stopped Note If the SSE is cascaded STO activation also activates the SSE cascade indication signal output See sections Safe stop emergency SSE on page 76 and Cascade on pag...

Page 56: ...y start You can use this feature only in certain applications This parameter is relevant only when an external request activates the STO function Step Description 1 The STO request is received for example from the I O The FSO activates the drive STO function and starts counters for times A and B 2 After time B has elapsed the acknowledgement becomes allowed as soon as the STO request has been remo...

Page 57: ...d while the motor is still rotating B SBC time to zero speed parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the STO completed indication parameter STO 22 goes on You must set this to the estimated time in which the motor brakes to a stop from the maximum speed C Restart delay after STO parameter STO 13 Time from the STO activation to the momen...

Page 58: ... STO request has been removed step 5 3 After time A has elapsed the FSO activates the SBC brake and starts a counter for time B 4 After time B has elapsed the FSO module defines the motor as stopped and the STO completed indication goes on 5 The STO request is removed 6 After the acknowledgement the STO and SBC functions are deactivated and the control is given back to the drive which controls the...

Page 59: ...ake In this case the value is negative and the FSO activates the SBC before the drive STO If the value is zero the FSO activates the SBC and drive STO functions at the same time B SBC time to zero speed parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the STO completed indication parameter STO 22 goes on The acknowledgment becomes allowed You mu...

Page 60: ...A has elapsed the FSO activates the drive STO 4 After time B has elapsed the FSO module defines the motor as stopped and the STO completed indication goes on The acknowledgement becomes allowed as soon as the STO request has been removed step 5 5 The STO request is removed 6 After the acknowledgement the STO and SBC functions are deactivated and the control is given back to the drive which control...

Page 61: ... If the motor speed does not follow the monitoring limit s the FSO activates the STO function and the motor coasts to a stop The SS1 function uses SAR1 parameters to define and or monitor the stop ramp When you use the SBC function with the SS1 function you can configure the SBC and drive STO combination to be activated at a user defined speed limit while ramping down to zero speed You can also de...

Page 62: ...er SS1 14 Time after which the FSO activates the STO function regardless of the motor speed B Zero speed parameter FSOGEN 51 Speed limit for activating the drive STO function The safety function is completed and the SS1 completed indication parameter SS1 22 goes on C Response time depends on system configuration see page 382 Drive STO state indication SS1 request Motor speed Time SS1 state indicat...

Page 63: ... page 55 also the SBC is activated not shown in the figure If the STO SBC delay parameter SBC 12 is negative the SBC is activated here and the drive STO after this delay If the STO SBC delay is positive or zero the SBC and drive STO functions are activated at the same time The SS1 completed indication goes on after the delay defined with parameter SBC 13 has elapsed from the SBC activation Note Yo...

Page 64: ...Zero speed parameter FSOGEN 51 Speed limit for activating the drive STO function The safety function is completed and the SS1 completed indication parameter SS1 22 goes on The acknowledgment becomes allowed B Response time depends on system configuration see page 382 Ramp monitoring limits Drive STO state indication SS1 request Motor speed Time SS1 state indication 1 2 5 A B SS1 completed indicati...

Page 65: ...ation goes on and the acknowledgement becomes allowed as soon as the SS1 request has been removed step 4 Note If the SBC is configured in the STO function see section Safe torque off STO on page 55 also the SBC is activated not shown in the figure If the STO SBC delay parameter SBC 12 is negative the SBC is activated here and the drive STO after this delay If the STO SBC delay is positive or zero ...

Page 66: ... functions while ramping B SS1 t delay for STO parameter SS1 14 Time after which the FSO activates the STO function regardless of the motor speed C SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SS1 completed indication parameter SS1 21 goes on The acknowledgment becomes allowed You must set this to the estimated time in w...

Page 67: ...ere and the drive STO after this delay see section SS1 with speed limit activated SBC SBC before STO on page 70 The FSO starts a counter for time C Note You can define an extra delay parameter SS1 15 before the FSO activates the SBC and drive STO functions not shown in the figure 3b If the drive has not ramped down fast enough when time B has elapsed the FSO activates the STO function See section ...

Page 68: ...mping B SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SS1 completed indication parameter SS1 21 goes on The acknowledgment becomes allowed You must set this to the estimated time in which the motor brakes to a stop from the maximum speed C Response time depends on system configuration see page 382 Ramp monitoring limits D...

Page 69: ... SBC delay is negative the SBC is activated here and the drive STO after this delay see section SS1 with speed limit activated SBC SBC before STO on page 70 The FSO starts a counter for time B Note You can define an extra delay parameter SS1 15 before the FSO activates the SBC and drive STO functions not shown in the figure 3b If the motor speed hits a ramp monitoring limit the FSO activates the S...

Page 70: ...d limit below which the FSO activates the SBC brake B SS1 t delay for STO parameter SS1 14 Time after which the FSO activates the STO function regardless of the motor speed C SBC delay parameter SBC 12 Time from the activation of the SBC function to the moment when the FSO activates the drive STO function D SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safet...

Page 71: ... FSO activates the SBC function This affects also the STO activation step 4 3b If the drive has not ramped down fast enough when time B has elapsed the FSO activates the STO function See section Safe torque off STO on page 55 for more information on how to configure the STO function 4 After time C has elapsed the FSO activates the drive STO function 5 The SS1 request is removed 6 After time D has ...

Page 72: ...e activation of the SBC function to the moment when the FSO activates the drive STO function C SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SS1 completed indication parameter SS1 21 goes on The acknowledgment becomes allowed You must set this to the estimated time in which the motor brakes to a stop from the maximum spee...

Page 73: ...ter SS1 15 not shown in the figure before the FSO activates the SBC function This affects also the STO activation step 4 3b If the motor speed hits a ramp monitoring limit the FSO activates the STO function See section Safe torque off STO on page 55 for more information on how to configure the STO function 4 After time B has elapsed the FSO activates the drive STO function 5 The SS1 request is rem...

Page 74: ...afe speed estimation With both SS1 r and SS1 t STO function is activated right away when the modulation is lost but the SS1 indications are operational STO cascading is not activated in this case The completed indication of the STO function is not indicated STO 22 instead the SS1 completed indication SS1 22 is activated Otherwise STO function and SBC if in use behaves as configured A Zero speed pa...

Page 75: ...tput SAR1 ramp monitoring goes off See section Safe torque off STO on page 55 for more information on how to configure the STO function Note If STO is used in cascaded system see Cascade on page 53 it will not be activated in the whole system in this case Note SS1 completed indication SS1 22 is used instead of STO completed indication STO 22 in this case Note If the SBC is configured in the STO fu...

Page 76: ...SSE function uses SAR0 parameters to monitor and or define the emergency ramp Drive ramp parameters cannot be used When you use the SBC function with the SSE function you can configure the SBC and drive STO combination to be activated at a user defined speed limit while ramping down to zero speed You can also define a delay so that the SBC is activated first at the user defined speed limit and the...

Page 77: ...hich the motor coasts to a stop from the maximum speed Step Description 1 The SSE request is received for example from the I O The FSO activates the drive STO function and starts a counter for time A 2 After time A has elapsed the FSO module defines the motor as stopped and the SSE completed indication goes on The acknowledgement becomes allowed as soon as the SSE request has been removed step 3 3...

Page 78: ...vates the SBC after the drive STO If the value is zero the FSO activates the SBC and drive STO functions at the same time Note It is possible to set the SBC delay so that the SBC is activated while the motor is still rotating B SBC time to zero speed parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SSE completed indication parameter SSE 22 g...

Page 79: ...s a counter for time B 3 After time B has elapsed the FSO module defines the motor as stopped and the SSE completed indication goes on The acknowledgement becomes allowed as soon as the SSE request has been removed step 4 4 The SSE request is removed 5 After the acknowledgement the SSE STO and SBC functions are deactivated and the control is given back to the drive which controls the brake from no...

Page 80: ...ctivates the SBC function brake In this case the value is negative and the FSO activates the SBC before the drive STO If the value is zero the FSO activates the SBC and drive STO functions at the same time B SBC time to zero speed parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SSE completed indication parameter SSE 22 goes on The acknowled...

Page 81: ...elapsed the FSO activates the drive STO function 4 After time B has elapsed the FSO module defines the motor as stopped and the SSE completed indication goes on The acknowledgement becomes allowed as soon as the SSE request has been removed step 5 5 The SSE request is removed 6 After the acknowledgement the SSE STO and SBC functions are deactivated and the control is given back to the drive which ...

Page 82: ...he FSO activates the STO function regardless of the motor speed B Zero speed parameter FSOGEN 51 Speed limit for activating the drive STO function The safety function is completed and the SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed C Response time depends on system configuration see page 382 Drive STO state indication SSE request Motor speed Time SSE state ...

Page 83: ...own in the figure If the STO SBC delay parameter SBC 12 is negative the SBC is activated here and the drive STO after this delay If the STO SBC delay is positive or zero the SBC and drive STO functions are activated at the same time The SSE completed indication goes on after the delay defined with parameter SBC 13 has elapsed from the SBC activation Note You can define an extra delay parameter SSE...

Page 84: ...SOGEN 51 Speed limit for activating the drive STO function The safety function is completed ramp monitoring is stopped and the SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed B Response time depends on system configuration see page 382 Ramp monitoring limits Drive STO state indication SSE request Motor speed Time SSE state indication 1 2 5 A B SSE completed ind...

Page 85: ...becomes allowed as soon as the SSE request has been removed step 4 Note If the SBC is configured in the STO function see section Safe torque off STO on page 55 also the SBC is activated not shown in the figure If the STO SBC delay parameter SBC 12 is negative the SBC is activated here and the drive STO after this delay If the STO SBC delay is positive or zero the SBC and drive STO functions are ac...

Page 86: ...unctions while ramping B SSE delay for STO parameter SSE 15 Time after which the FSO activates the drive STO function regardless of the motor speed C SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed You must set this to the estimated time in...

Page 87: ...ee section SSE with speed limit activated SBC SBC before STO on page 90 The FSO starts a counter for time C Note You can define an extra delay parameter SSE 16 before the FSO activates the SBC and drive STO functions not shown in the figure 3b If the drive has not ramped down fast enough when time B has elapsed the FSO activates the STO function See section Safe torque off STO on page 55 for more ...

Page 88: ... SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed B SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed You must set this to the estimated time in which the motor brakes to a stop from the maximum speed C Res...

Page 89: ...ted here and the drive STO after this delay see section SSE with speed limit activated SBC SBC before STO on page 90 The FSO starts a counter for time B Note You can define an extra delay parameter SSE 16 before the FSO activates the SBC and drive STO functions not shown in the figure 3b If the motor speed hits a ramp monitoring limit the FSO activates the STO function See section Safe torque off ...

Page 90: ...limit below which the FSO activates the SBC function brake B SSE delay for STO parameter SSE 15 Time after which the FSO activates the STO function regardless of the motor speed C SBC delay parameter SBC 12 Time from the activation of the SBC function to the moment when the FSO activates the drive STO function D SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the ...

Page 91: ...fects also the STO activation step 4 3b If the drive has not ramped down fast enough when time B has elapsed the FSO activates the STO function See section Safe torque off STO on page 55 for more information on how to configure the STO function 4 After time C has elapsed the FSO activates the drive STO function 5 The SSE request is removed 6 After time D has elapsed the safety function is complete...

Page 92: ...ctivation of the SBC function to the moment when the FSO activates the drive STO function C SBC time to zero parameter SBC 13 Time from the SBC activation to the moment when the safety function is completed and the SSE completed indication parameter SSE 22 goes on The acknowledgment becomes allowed You must set this to the estimated time in which the motor brakes to a stop from the maximum speed D...

Page 93: ...SBC function The FSO starts counters for times B and C Note You can define an extra delay parameter SSE 16 not shown in the figure before the FSO activates the SBC function This affects also the STO activation step 4 3b If the motor speed hits a ramp monitoring limit the FSO activates the STO function See section Safe torque off STO on page 55 for more information on how to configure the STO funct...

Page 94: ...ate within SAR1 minimum and maximum limits otherwise STO function is activated see section SLS with ramp monitoring and speed above monitored speed on page 99 Note If the SLS monitoring must be activated immediately after the SLS request regardless of the current speed time monitoring with a zero time delay parameter SLSx 04 must be used instead of ramp monitoring When the SLS monitoring is active...

Page 95: ...g on page 101 SLS with speed below monitored speed This applies to both time and ramp monitoring A SLS trip limit positive parameter SLSx 14 SLSx 23 SLSx 33 or SLSx 43 B SLS limit positive parameter 200 23 200 33 200 43 or 200 53 SSE coast stop due to SLS trip limit hit SLS state indication SLS request Motor speed Time A 4 1 3 B 2 Safe stop emergency SSE Motor speed Time 1 3 2 4 A B SLS request SL...

Page 96: ...o above the SLS limit positive 2 If the motor speed reaches the SLS trip limit positive A the FSO activates the SSE function and the motor coasts to a stop in this case the SSE function has been configured as Immediate STO parameter SSE 13 see section SLS trip limit hits on page 121 3 The SLS request is removed The SLS monitoring is still on acknowledgement method is manual or from a safety PLC pa...

Page 97: ... time monitoring on page 258 A SLS trip limit positive parameter SLSx 14 SLSx 23 SLSx 33 or SLSx 43 B SLS limit positive parameter 200 23 200 33 200 43 or 200 53 C SLS time delay parameter SLSx 04 Delay for forcing to start SLS monitoring SLS state indication 2 4 SLS request D Motor speed Time 5 6 B A 3 SLSx 04 C 1 Safe stop emergency SSE Motor speed Time 1 5 4 3 2 6 A B C SLS request SLS monitori...

Page 98: ...LS limit positive B 3 6 The drive limits the motor speed but if the motor speed still reaches the SLS trip limit positive the FSO activates the SSE function See section SLS trip limit hits on page 121 4 The FSO starts the SLS monitoring at the latest here that is after the SLS time delay C has elapsed Note If the motor speed is above the SLS trip limit after the SLS time delay C has elapsed the FS...

Page 99: ...ction How to configure SLSn with ramp monitoring on page 260 A SLS trip limit positive parameter SLSx 14 SLSx 23 SLSx 33 or SLSx 43 B SLS limit positive parameter 200 23 200 33 200 43 or 200 53 C Response time depends on system configuration see page 382 Ramp monitoring limits SAR1 or SLS trip limit A SLS state indication C A 2 3 5 SLS request Motor speed Time SAR1 monitoring 1 B 2b 4 Safe torque ...

Page 100: ...he SLS indication parameter SLSx 15 SLSx 24 SLSx 34 or SLSx 44 goes on 2b If the motor speed does not follow the ramp monitoring limits the FSO activates the STO function See section Safe torque off STO on page 55 for more information on how to configure the STO function 3 The motor speed reaches the SLS limit positive B 3 5 The drive limits the motor speed but if the motor speed still reaches the...

Page 101: ...ff delay time disabled SLS reaction if modulation is lost with Modoff delay time The operation of the SLS function in case the modulation of the drive is lost during the deceleration ramp with Modoff delay time selected parameter SLSx 05 is set to Modoff delay time is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modul...

Page 102: ...ve parameter 23 23 defines the ramp 2 The drive trips on a fault there is a drive power loss or user stops the drive by coast stop SAR1 monitoring of the FSO is switched off SLS Modoff delay time starts parameters SLSx 05 SLSx 06 STO 14 delay starts Note This reaction is the default for FSO and the delay time is set to 0 ms 3 Modulation of the drive has not returned and the SLSx 06 Modoff delay ti...

Page 103: ...the modulation returns before the Modoff delay time has run out with Modoff delay time selected parameter SLSx 05 is set to Modoff delay time is described in the time diagram and table below A SAR1 ramp monitoring B Actual motor speed coasting after modoff C SLS trip limit D SLS limit Motor speed Time 1 4 3 2 5 A A Drive modulation SLS request SAR1 monitoring SLSx 06 Modoff delay time monitoring S...

Page 104: ...2 The drive trips on a fault there is a drive power loss or user stops the drive by coast stop SAR1 monitoring of the FSO is switched off SLS Modoff delay time starts parameters SLSx 05 SLSx 06 STO 14 delay starts 3 Modulation of the drive returns FSO activates SAR1 monitoring again with same ramps as when the SLS request was set 4 The Modoff delay time limit If the modulation would not return bef...

Page 105: ...is set to Monitoring active is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 A SAR1 ramp monitoring B Actual motor speed coasting after modoff C SLS trip limit D SLS limit E Last valid speed estimate of FSO STO active Motor speed Time 1 3 4 2 A A Drive modulation SLS request SAR1 monitori...

Page 106: ...nitoring active As the modulation is lost FSO s safe speed estimation is stopped and it starts to use the last speed information that it had before the modulation was lost With SLSx 06 Monitor active SAR1 monitoring stays active also when the modulation is lost from the drive STO 14 delay starts 3 Modulation of the drive has not returned and the safe speed estimation with the last valid speed info...

Page 107: ...eter SLSx 05 is set to Monitoring active and modoff delay time is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 A SAR1 ramp monitoring B Actual motor speed coasting after modoff C SLS trip limit D SLS limit E Last valid speed estimate of FSO Motor speed Time 1 4 3 2 5 Drive modulation SLS...

Page 108: ...lation is lost FSO s safe speed estimation is stopped and it starts to use the last speed information that it had before the modulation was lost 3 Modulation of the drive returns before the last valid speed information hits the SAR1 limit and before the modoff delay time has run out Deceleration continues as parametrized as long as the speed does not hit the SAR1 limits 4 If modulation of the driv...

Page 109: ... disabled selected parameter SLSx 05 is set to Monitoring and modoff delay time disabled is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 A SAR1 ramp monitoring B Actual motor speed coasting after modoff C SLS trip limit D SLS limit SLS indication Motor speed Time 1 3 2 A A B Drive modula...

Page 110: ...he SAR1 ramp monitoring parameters SARx 21 SARx 22 SAR1 configuration defines the target and monitoring limits for the deceleration ramp SARx 22 200 112 SARx 02 Note If parameter 200 112 has value 0 the drive parameter 23 23 defines the ramp 2 The drive trips on a fault there is a drive power loss or user stops the drive by coast stop SAR1 monitoring of the FSO is switched off parameter SLSx 05 co...

Page 111: ...h Modoff delay time selected parameter SLSx 05 is set to Modoff delay time is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 B Actual motor speed coasting after modoff C SLS trip limit D SLS limit SLS indication Motor speed Time 1 4 5 3 2 STO active Drive modulation SLS request SLSx 06 Mod...

Page 112: ...ault there is a drive power loss or user stops the drive by coast stop SLS Modoff delay time starts parameters SLSx 05 SLSx 06 STO 14 delay starts 3 Modulation of the drive has not returned and the SLSx 06 Modoff delay time has run out parameter SLSx 06 and FSO activates STO function and STO indication parameter STO 21 STO output See section See section Safe torque off STO on page 55 for more info...

Page 113: ...and the modulation returns before the Modoff delay time has runout with Modoff delay time selected parameter SLSx 05 is set to Modoff delay time is described in the time diagram and table below B Actual motor speed coasting after modoff C SLS trip limit D SLS limit Motor speed Time 1 6 5 4 3 2 B Drive modulation SLS request SLS monitoring SLS indication SLSx 06 Modoff time delay monitoring SLSx 04...

Page 114: ...starts parameters SLSx 05 SLSx 06 3 Modulation of the drive returns before the SLSx 06 Modoff delay time has run out 4 Modoff delay time limit If the modulation would not return before this time see previous case 5 Speed is below the monitoring limit and SLS monitoring is started 6 The FSO starts the SLS monitoring at the latest here that is after the SLS time delay has elapsed The FSO starts the ...

Page 115: ...Sx 05 is set to Monitoring active is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 B Actual motor speed coasting after modoff C SLS trip limit D SLS limit E Last valid speed estimate of FSO SLS indication Motor speed Time 1 3 4 2 B E STO active Drive modulation SLS request SLSx 04 time de...

Page 116: ...ive has not returned and the safe speed estimation with the last valid speed information of the motor speed is above the SLS trip limit after the SLS time delay has elapsed FSO module activates the SSE function SSE function triggers STO function because the modulation is lost and it cannot activate any deceleration ramp in this case For more information see section SLS trip limit hits on page 121 ...

Page 117: ...trip limit D SLS limit Step Description 1 The SLS request is received The motor speed is above the SLS limit The drive starts to ramp down the motor speed The drive parameter 23 13 or 23 15 defines the deceleration ramp until the speed reaches the SLS limit The FSO starts to monitor the SLS time delay parameter SLSx 04 2 The drive trips on a fault there is a drive power loss or user stops the driv...

Page 118: ...ff delay time disabled selected parameter SLSx 05 is set to Monitoring and modoff delay time disabled is described in the time diagram and table below For configuration see section How to configure SLS function behavior when drive modulation is lost on page 271 B Actual motor speed coasting after modoff C SLS trip limit D SLS limit Motor speed Time 1 5 4 3 2 B Drive modulation SLS indication SLS r...

Page 119: ...S time delay parameter SLSx 04 2 The drive trips on a fault there is a drive power loss or user stops the drive by coast stop SLS delay time monitoring is switched off parameter SLSx 04 as Monitoring and modoff delay time are disabled FSO starts to wait until the STO 14 delay has run out or modulation returns 3 The drive modulation returns Deceleration continues toward SLS limit speed 4 FSO starts...

Page 120: ...eboot and parameter SLSx 05 is configured so that Modoff delay time or Monitoring active is selected the FSO will prevent the drive from restarting until the STO 14 delay time has elapsed Step Description 1 SLS request is active during FSO boot 2 FSO module is rebooted STO 14 delay time counter is started 3 STO 14 has elapsed STO acknowledgement is possible and SLS indication is activated Note If ...

Page 121: ...p emergency SSE on page 76 SSE with immediate STO This applies when the SSE function has been configured as Immediate STO A SLS trip limit positive parameter SLSx 14 SLSx 23 SLSx 33 or SLSx 43 B SLS limit positive parameter 200 23 200 33 200 43 or 200 53 C Response time depends on system configuration see page 382 D Time to zero speed parameter STO 14 SLS trip limit A SLS indication SLS request Mo...

Page 122: ...has elapsed the motor has stopped and the SLS indication goes on speed is below the SLS limit positive The SSE completed indication goes on Note If the SBC is configured in the SSE function parameter SBC 13 is used here instead of STO 14 6 The SLS request is removed The SLS monitoring is still on acknowledgement method is manual or from a safety PLC 7 The SLS function is acknowledged and the FSO s...

Page 123: ...reaches the SLS trip limit positive A The SLS indication goes off 4 After time C has elapsed the FSO activates the SSE function and the drive starts the ramp down the motor speed SAR0 parameter 200 102 defines the ramp 5 The motor speed goes below the SLS limit positive B and the SLS indication goes on 6 The motor speed goes below the zero speed limit D The motor has stopped and the FSO opens the ...

Page 124: ...est to the FSO module in a PROFIsafe message The message includes a scaling value as a percentage The scaling value is used to scale the original SLS and trip limits SLS4 parameters to new scaled values The FSO module uses these scaled values until a new scaling value is received the safety PLC The Variable SLS limits cannot be scaled above the SLS4 limits In the PROFIsafe message the bits that ar...

Page 125: ...e 70 The FSO sends a request to the drive to ramp down the motor speed to the new SLS speed limit The FSO start a counter for the SLS time delay B 2 After time C has elapsed the drive starts to ramp down the motor speed The drive parameter 23 13 or 23 15 defines the deceleration ramp The FSO starts the SLS monitoring when the motor speed is in the middle of the new SLS limit and the SLS trip limit...

Page 126: ...fine tune limit hit situations on page 282 The FSO starts the SLS monitoring when the motor speed is in the middle of the new SLS limit and the SLS trip limit see also section How to fine tune when monitoring is started on page 284 7 The new motor speed has been reached The SLS indication goes on 8 The FSO starts the SLS monitoring with the new SLS limits at the latest here that is after the SLS t...

Page 127: ... 1 The Variable SLS request is received from the safety PLC for example 70 The FSO sends a request to the drive to ramp down the motor speed to the new speed limit 2 3 After time B has elapsed the drive starts to ramp down the motor speed SAR1 parameter 200 112 defines the deceleration ramp The FSO starts to monitor the ramp according to SAR1 parameters SARx 21 SARx 22 Note If parameter 200 112 ha...

Page 128: ... and the FSO starts to monitor the motor speed according to the new SLS limits The Variable SLS indication goes on 7 The Variable SLS request is received again from the safety PLC 100 The FSO sends a request to the drive The FSO starts to monitor the motor speed according to the new SLS limits 8 After time B has elapsed and if the motor speed is lower than the new speed limit the drive accelerates...

Page 129: ... the motor speed reaches the minimum or the maximum SMS trip limit the FSO module activates the SSE function 2 Version 2 The minimum and maximum SMS limits limit the motor speed This version of the SMS function is similar to the SLS function except that it can only be permanently on or off The required SMS function is selected with an FSO parameter at the start up You can configure the minimum and...

Page 130: ...activates the SSE function In this case the SSE function has been configured as Immediate STO parameter SSE 13 This opens the drive STO circuit immediately and the motor coasts to a stop The STO and SSE indications go on Note If SBC is used it is also activated see the note on page 43 See section Safe stop emergency SSE on page 76 for more information on how to configure the SSE function 3 After t...

Page 131: ...n how to configure the SSE function Note If you use the SMS function version 2 and you have to remove the FSO module from the drive do these steps 1 Re configure the FSO module so that the SMS function version 2 is deactivated set parameter 200 71 SMS activity and version to Disabled For more information see chapter Configuration 2 Remove the FSO module from the drive This removes the SMS limits f...

Page 132: ... 1 2016 For more information on the STO function in the ACS880 drives see the drive hardware manual The operation of the POUS function is described in the time diagram and table below For configuration see section Configuring POUS on page 271 A POUS delay for completion parameter POUS 13 An additional security delay The POUS completed indication parameter POUS 22 goes on after this delay 1 2 4 Dri...

Page 133: ...tion becomes active parameter POUS 22 Note Connect the POUS indication lamp to this indication signal 4 The user removes the POUS request The POUS completed indication is deactivated The acknowledgement becomes allowed Note If the user activates the POUS request again before the POUS function has been acknowledged the counter for time A is restarted and the POUS completed indication is activated a...

Page 134: ...refore SAR0 parameters are used instead of SAR1 parameters to define the stop ramp When a safety function overrides another safety function this does not remove the request of the overridden safety function Therefore the overridden safety function restarts after the other safety function has been completed and acknowledged Dependencies between safety functions The figure below shows how different ...

Page 135: ... ramp 3 2 SS1 1 SSE 2 3 SMS Time monitoring SLS1 4 Variable SLS POUS FSO STO Drive STO Time monitoring Ramp monitoring with SAR0 ramp Immediate STO Emergency ramp 3 Monitoring limit hit Zero speed limit reached 1 Trip limit hit 2 3 1 Ramp monitoring with SAR1 ramp ...

Page 136: ...136 Safety functions ...

Page 137: ... can be done with the PROFIsafe technology The PROFIsafe technology includes several safety measures to minimize the effect of various transmission errors that can occur when messages are transferred in a complex network PROFIsafe is an application layer protocol that describes the safety communication between fail safe devices It is an additional layer on top of the standard PROFIBUS and PROFINET...

Page 138: ...rive composer pro version 1 7 or later For ABB PLCs Automation builder 1 0 or later includes PS501 Control Builder Plus version 2 3 0 safety license PS501 S For Siemens PLCs SIMATIC Step 7 V5 5 S7 Distributed Safety V5 4 and SIMATIC Step 7 V 11 TIA Portal Step 7 Safety Advanced V 13 System overview This figure shows an overview of a safety PLC that is connected to the ACS880 drive via the PROFIsaf...

Page 139: ...essages and performs the required actions The FSO module sends PROFIsafe messages back to the FENA module which transmits them to the safety PLC The term PROFIsafe F Output data refers to the application specific user data in the frames that are transmitted to the FSO module F Device from the safety PLC F Host The term PROFIsafe F Input data refers to the application specific user data in the fram...

Page 140: ... states on page 148 To exit the Fail safe mode remove the power from the FSO or reboot the FSO with drive parameter 96 09 FSO reboot FSO module passivation If the FSO module or the safety PLC detects an error in the fieldbus communication the FSO module is passivated The status of the FSO outputs that are not configured for any control use for example to control an indication lamp or a brake are s...

Page 141: ...ontrol Byte and CRC2 No is the length of F Output user data Data F Input F Output user data Status Control Byte CRC2 Size octets Max 12 1 3 Octet Bit Name Description Control Byte No 7 Reserved The value is ignored 6 Reserved The value is ignored 5 Toggle_h Toggle bit 4 Activate_FV Fail safe values FV to be activated 3 Use_TO2 Use F_WD_Time_2 secondary watchdog Not in use The value is ignored 2 R_...

Page 142: ...monitor the safety functions the SLS limits the safe speed value and the states of the FSO I O Octet Bit Name Description Status Byte Ni 7 Reserved The value is always 0 Must be ignored by the F Host 6 cons_nr_R Vconsnr_d has been reset 5 Toggle_d Toggle bit 4 FV_activated Fail safe values FV activated 3 WD_timeout Communication fault Watchdog timeout 2 CE_CRC Communication fault CRC error 1 Devic...

Page 143: ...tivation request by the controller 7 STO_request STO Safe torque off activation requested by the controller 1 0 Reserved Must not be used must be 0 1 Reserved Must not be used must be 0 2 Reserved Must not be used must be 0 3 Reserved Must not be used must be 0 4 Reserved Must not be used must be 0 5 Reserved Must not be used must be 0 6 SLS4_request SLS4 Safely limited speed activation requested ...

Page 144: ... V 0 0 V 5 Safe_output_x113 _7_ctrl State of the safe output X113 7 see section Remote I O control on page 140 1 24 V 0 0 V 6 Negative_Scaling Selects whether Variable SLS limit is scaled for negative direction 0 Limit scaled 1 Limit not scaled 100 7 Positive_Scaling Selects whether Variable SLS limit is scaled for positive direction 0 Limit scaled 1 Limit not scaled 100 4 Variable_SLS_limit _MSB ...

Page 145: ...and the motor speed is below the SLS1 limit that is when the SLS1 monitoring is on 2 Reserved The value is 0 Must be ignored by the F Host 3 Reserved The value is 0 Must be ignored by the F Host 4 SS1_active SS1 Safe stop 1 is function active 5 SSE_active SSE Safe stop emergency function is active 6 SBC_active SBC Safe brake control function is active 7 STO_active STO Safe torque off function is a...

Page 146: ...Safe_input_X114_2 State of the safe input X114 2 3 Safe_input_X114_1 State of the safe input X114 1 4 Safe_input_X113_4 State of the safe input X113 4 5 Safe_input_X113_3 State of the safe input X113 3 6 Safe_input_X113_2 State of the safe input X113 2 7 Safe_input_X113_1 State of the safe input X113 1 4 0 Variable_SLS_active Variable SLS Safely limited speed is active Active when the Variable SLS...

Page 147: ... octet 5 bit 4 if safe state then SS1 is completed 2 STO_control_active The drive STO circuit is open Note The motor may still be rotating 3 Speed_value_valid Is the speed value valid 1 or not 0 The speed value is defined in octets 6 and 7 Note Octet 2 bit 0 indicates the speed source and octet 5 bit 3 indicates the validity of the indicated speed source 4 FSO_state Safe state 1 Operational state ...

Page 148: ...assivation Safe Module passivation reintegration Safe Module passivation with a command The FSO module modes and states are described in the following two figures and tables The first figure shows the modes states and transitions during normal operation The second figure shows the modes states and transitions when fatal errors in the FSO module occur or when cycling power of the FSO module Note If...

Page 149: ...he drive is not modulating From the Configuration mode it is possible to go only to the Start up mode Start up Fail safe Safe Module passivation Safe User acknowledgement request Safe Module passivation with a command Safe Module passivation reintegration Operational RUN 22 1 3 20 21 10 23 30 18 7 8 27 11 31 29 28 19 Configuration 24 Power down Drive composer pro 32 Internal fault 33 ...

Page 150: ...le occur or when cycling power of the FSO module Start up Fail safe Safe Module passivation Safe User acknowledgement request Power on off Fatal error Safe Module passivation with a command Safe Module passivation reintegration Operational 16 13 9 5 12 25 6 15 17 14 26 4 2 9 2 RUN Configuration 32 33 ...

Page 151: ... have been solved The FSO is in the Safe User acknowledgement request state and variable OA_Req_S is set to 1 Setting OA_C variable to 1 acknowledges that the PROFIsafe communication errors have been solved and it is possible to go to the Operational state Device_Fault This variable is the Device_Fault bit of the PROFIsafe Status Byte When the value is 1 the FSO is in the Fail safe mode State Desc...

Page 152: ... is running without any detected errors PROFIsafe Status Byte bits in the F Host for the FSO module OA_Req_S 0 FV_activated_S 0 Device_Fault 0 ABB_PS1 profile bits in the F Host for the FSO module FSO_mode 1 0 FSO_mode 0 1 SF_end_ack_req_local 0 SF_end_ack_req 0 FSO_state 0 State Description ...

Page 153: ...ia FSO inputs SF_end_ack_req is set if any of the safety functions can be acknowledged via PROFIsafe frame bit SF_end_ack A positive edge from 0 to 1 is required to acknowledge the module reintegration If automatic acknowledgement is configured for the error condition neither of the status bits is set The acknowledgement is done automatically As soon as all errors have been solved and they have be...

Page 154: ...the fail safe value 0 is transferred to the safety PLC for all I O channels If the PROFIsafe communication is broken the safety application continuously attempts to establish a communication to the safety PLC A state transition to another RUN state is possible only if the detected error has been solved PROFIsafe Status Byte bits in the F Host for the FSO module if communication is possible OA_Req_...

Page 155: ...0 FSO_mode 0 1 SF_end_ack_req_local 0 SF_end_ack_req 0 FSO_state 1 Safe User acknowledgement request PROFIsafe communication is up and running The FSO application is running without any errors but waits for the acknowledgment of a module reintegration module error has been solved The FSO module is in the Safe state The fail safe value 0 is still transferred to the safety PLC for all input channels...

Page 156: ..._mode 1 1 FSO_mode 0 0 SF_end_ack_req_local 0 SF_end_ack_req 0 FSO_state 1 See also the Note on page 145 Configuration The FSO module is in the Safe state Upon transferring to the Configuration mode the FSO answers to one PROFIsafe frame The fail safe value 0 is transferred to the safety PLC for all I O channels After that PROFIsafe communication is not possible The fail safe value 0 is set to all...

Page 157: ...rive parameter 96 09 FSO reboot see the drive firmware manual 5 Start up Fail safe Fatal error s CPU test RAM test etc failed detected 6 Fail safe Start up The FSO module goes to the Start up mode by cycling power of the FSO module or by giving the reset command via the drive parameter 96 09 FSO reboot see the drive firmware manual 7 Operational Safe Module passivation reintegration Execution of a...

Page 158: ...O module or by giving the reset command via the drive parameter 96 09 FSO reboot see the drive firmware manual 18 Safe Module passivation with a command Safe Module passivation PROFIsafe watchdog time or PROFIsafe communication error was detected 19 Safe Module passivation Safe Module passivation with a command Module error watchdog time or communication error CRC has been solved and command activ...

Page 159: ... a command Command activate_FV_C 1 was sent from the safety PLC 30 Safe User acknowledgement request Safe Module passivation reintegration OA_C positive edge was set by the PROFIsafe F Host but there are existing errors in the active safety functions or there are errors that need to be acknowledged 31 Safe Module passivation with a command Safe Module passivation reintegration Command activate_FV_...

Page 160: ...f the components during the signal transfer It is enough to consider a single fault only see PROFIsafe System Description Version November 2010 The worst case delay time WCDT and watchdog WD values for the FSO and FENA modules are listed in the table below The documentation of the safety PLC defines how you can calculate the processing time and transmission time of the PROFIsafe connection For exa...

Page 161: ... PLC and the FSO module as the output device SFRT can be calculated as follows SFRT Device_WD1 0 5 x F_WD_Time1 F_Host_WD 0 5 x F_WD_Time2 Device_WD2 Longest T_WD 76 5 15 6 45 5 50 45 5 238 5 ms where Device_WD1 76 5 ms F_WD_Time1 30 ms F_Host_WD 6 ms F_WD_Time2 91 ms Device_WD2 50 ms Longest T_WD Max 0 5 x F_WD_Time1 0 5 x F_WD_Time2 45 5 ms all other used WCDT values are equal to their correspon...

Page 162: ...e PROFIsafe frame is transmitted from the F Device FSO module to the F Host such as the ABB SM560 S safety controller station through the black channel 3 Host acknowledgement time HAT is the time it takes for the F Host to process an incoming PROFIsafe frame 4 Another Bus time elapses when the new PROFIsafe frame is transmitted from the F Host back to the F Device F_WD_Time assigned to the FSO mod...

Page 163: ...device If you use this approach for the FSO module you can set the PROFIsafe cycle time and the corresponding watchdog time F_WD_Time as short as possible for the given system If the longest recorded PROFIsafe cycle time minimum F_WD_Time is for example 40 ms a suitable value for F_WD_Time is F_WD_Time 40 ms x 1 3 52 ms If you can calculate F_WD_Time instead use the values given in the table on pa...

Page 164: ...are manual 2 Install the fieldbus adapter module to the drive See the appropriate manual FENA 01 11 21 Ethernet adapter module user s manual 3AUA0000093568 English or FPNO 21 PROFINET adapter module user s manual 3AXD50000158614 English 3 Connect the fieldbus adapter module to the safety PLC through a PROFINET network See the manual of the module and the manual of the safety PLC ...

Page 165: ...ups 54 55 and 56 for FBA B Groups 52 53 55 and 56 configure the contents of the normal PROFINET cyclic communication by mapping the words in the PROFINET frame to the desired drive parameters Groups 51 and 54 configure the PROFINET connection Index Name Value Description Example value 50 01 FBA A enable Enables disables communication between the drive and fieldbus adapter A and specifies the slot ...

Page 166: ...nication with the adapter module Examples of ABB AC500 S Safety PLC and Siemens SIMATIC Fail safe S7 PLC are given below The examples include the minimum required steps for starting the PROFINET and PROFIsafe communication with the FENA and FSO modules For detailed information see the documentation of your safety PLC Auto Ethernet communication rate is negotiated automatically by the device 0 51 5...

Page 167: ...nected to PROFINET Configuring the ABB AC500 S Safety PLC This example shows how to configure the communication between the ABB AC500 S Safety PLC and the FENA 21 adapter module using PS501 Control Builder Plus software version 2 3 0 Before you use the safety configuration and programming tools in PS501 Control Builder Plus you must study the AC500 S Safety PLC user manual AC500 S Safety User Manu...

Page 168: ...art the ABB Control Builder application 2 On the Tools menu select Device Repository 3 In the window that opens click Install and browse for the GSD file 4 Open or create the PLC project that is used to control the drive ...

Page 169: ...ller station AC500 SM560 S and PROFINET controller CM579 PNIO Note Make sure that the Enable debug setting is On for the safety controller station if you want to view or debug the PLC program after the download 6 Right click on the PROFINET controller CM579 PNIO Master and add the FENA module to the PROFINET IO network Controller station Safety controller station PROFINET controller ...

Page 170: ...NA module to define cyclic communication between the module and the PLC 8 Add the PROFIsafe module PROFIsafe ABB_PS1 to the second slot of the FENA module to define cyclic communication between the module and the PLC 9 Download the safety and non safety PLC programs I O module PROFIsafe module ...

Page 171: ...ings for devices Select CM579_Master On the PROFINET Master tab define the necessary IP addresses 11 Define the FENA properties Select FENA_21 On the PNIO identification tab define the IP address and Subnet mask and type the Station name in this example drive1 Note Use only lower case letters for the Station name ...

Page 172: ...tween Control Builder and the PLC Click Scan to find all PROFINET devices connected to the network In the Configure station name box select the station name defined for the module in step 10 in this example drive1 and click Assign I O Device name In the IP address and Network mask boxes type the IP address and subnet mask defined in step 11 and click Assign IP configuration ...

Page 173: ...n and Control zero mode functions and define Fail safe values for the PLC output process data PZDs Rename the I O modules for example drive1_PPO4 and drive1_ABB_PS1 On the PNIO Module I O Mapping tab type names for the variables that refer to the drive s signals in the PLC program See section ABB_PS1 profile F Output user data on page 143 ...

Page 174: ...FSO parameter PROFIsafe 11 see section Configuring the safety fieldbus communication on page 225 These two define the codename for the PROFIsafe relationship of this particular FENA module and the safety controller station F_WD_Time is the PROFIsafe watchdog time See section Calculating the watchdog time on page 163 for instructions on how to calculate the correct watchdog time On the PNIO Module ...

Page 175: ...500_S and select Create Safety Configuration Data 17 Create a program that controls the drive Double click the AC500 This opens the PLC program in the CoDeSys programming tool 18 Create a safety program that controls the FSO via PROFIsafe Double click the AC500_S This opens the safety PLC program in the CoDeSys programming tool Note If you do not have an existing safety program you must at least i...

Page 176: ... Do not use this safety program in real safety applications This safety program is shown only as an example and can only be used for trial purposes Note This example program also keeps the SLS3 function active all the time ...

Page 177: ...changes have been made select Clean all from the Project menu In the window that opens click Yes This downloads the program to the PLC In the Online menu select Create boot project This saves the program permanently to the PLC In the Online menu select Logout 20 Repeat step 19 for the safety program 21 Switch the power of both PLCs off and on 22 For the non safety program In the Online menu select...

Page 178: ...OFIsafe Monitoring the PROFIsafe message It is possible to monitor the contents of the PROFIsafe message For example 1 Check the variable values in the Current Value column on the PNIO Module I O Mapping tab ...

Page 179: ...s see the documentation of the safety PLC S7 Distributed Safety configuring and programming Programming and Operating Manual 07 2013 A5E00109537 05 Before you start make sure that you have downloaded the FENA GSD file from the ABB Document library See section Downloading the GSD file on page 167 1 Start SIMATIC Manager and open create a SIMATIC project 2 Add the necessary objects to the project In...

Page 180: ...ontroller station V2 8 that is installed in a RACK 300 Rail 5 When you install the controller station to the rail select Industrial Ethernet as the subnet for the controller station 6 Install the FENA GSD file In the Options menu select Install GSD Files Browse for the GSD file that you downloaded from the ABB Document library Click Install ...

Page 181: ...f the SIMATIC environment you have to close the whole SIMATIC program and open it again to make the new GSD file visible in the object catalogue 7 Click and drag the FENA object from the device catalog to the Ethernet 1 PROFINET IO System ...

Page 182: ...the FENA module to define cyclic standard communication between the module and the PLC 9 Click and drag the PROFIsafe object PROFIsafe ABB_PS1 to the second slot of the FENA module to define cyclic safety communication between the module and the PLC 10 Double click FENA to open the Properties window ...

Page 183: ...apter module also in other tools eg the Drive composer pro PC tool which you use to connect to the drive 12 Click OK 13 In the hardware configuration double click the I O object PPO Type 4 in Slot 1 to open the Properties window This is the IP address that will be assigned to the FENA adapter module To modify the IP address click the Ethernet button The IO controller assigns the IP address ...

Page 184: ... 14 Type a name for the I O object in this example PROFIsafe ABB_PS1 15 On the Parameters tab configure the Stop mode and Control zero mode functions and define Fail safe values for the PLC output process data PZDs ...

Page 185: ... hardware configuration click FENA In the PLC menu select Ethernet and select Assign Device Name Click the Update button Click the available device with the correct MAC address to which the device name will be assigned Click Assign name This assigns the name to the FENA module Click Close ...

Page 186: ...e hardware configuration double click the controller station for example CPU 319F 3 Select the F Parameters tab When prompted give the password for the Safety Program See the documentation of the SIMATIC system for details Make the necessary changes and click OK ...

Page 187: ...n modify this in the host F Parameters tab F_Dest_Add is the address of the FENA module This is defined by FSO parameter PROFIsafe 11 see section Configuring the safety fieldbus communication on page 225 These two define the codename for the PROFIsafe relationship of this particular FENA module and the safety controller station F_WD_Time is the PROFIsafe watchdog time See section Calculating the w...

Page 188: ...peat the same for the PROFIsafe object PROFIsafe ABB_PS1 in Slot 2 Note In PROFINET communication the bits of each octet are sent the most significant bit first Therefore the bits of every octet in the PROFINET message are in reversed order compared to the bits shown in the figure For example the first bit that is sent in the PROFINET message is the 7th bit of the first octet I 0 7 ...

Page 189: ...on for example CPU 319F 3 Select Protection tab Select 1 Access protect for F CPU Check Can be bypassed with password Enter the password twice to the edit boxes Check CPU contains safety program 21 Save compile and download the hardware configuration to the PLC The PLC is now ready for communication with the FENA adapter module ...

Page 190: ...ations This safety program is only an example which you can use only for trial purposes to get the system up and running 1 In SIMATIC Manager right click on the Blocks folder of the S7 Program of the project 2 Select Insert New Object and add the following blocks to the program Organization Block OB35 to call the safety program cyclically Function Block FB1 using F FBD language Function FC1 using ...

Page 191: ...ose the dialog windows 6 In SIMATIC manager double click on OB35 7 Add call to FC1 by dragging the FC1 block from the FC blocks folder 8 Save the block and close the editor 9 In SIMATIC manager double click on FB1 10 Add acknowledgement for reintegration by assigning the value of ACK_REQ to ACK_REI in DB2185 ...

Page 192: ...ample program also keeps the SLS3 function active all the time 12 In SIMATIC Manager select Edit safety program from the Options menu 13 Select Compile 14 Select Download If prompted accept the inclusion of standard blocks 15 Switch the controller station to run mode ...

Page 193: ...193 Monitoring the PROFIsafe message It is possible to monitor the contents of the PROFIsafe message For example 1 In HW Configuration select Monitor Modify for the PROFIsafe telegram in Slot 2 of the FENA module ...

Page 194: ...In this case make sure that drive parameter 51 21 is set to Enabled see the drive firmware manual ABB AC500 S In the ABB AC500 S system you can read PROFINET diagnostics messages from Control Builder Plus or with a separate PNIO_DEV_DIAG function block in the non safety PLC program To read the alarm data of the last active alarm from Control Builder Plus 1 Select FENA_21 2 On the Diagnostics for P...

Page 195: ...ATIC Manager To read diagnostics messages 1 In the PLC menu select Diagnostic Setting 2 Select Hardware diagnostics 3 In the window that opens select the FENA module of your system 4 Click the Module Information button ...

Page 196: ...196 PROFIsafe 5 To read the diagnostic messages select the I O Device Diagnostics tab ...

Page 197: ...e Value hex Description Notes 64 0x0040 Mismatch of safety destination address F_Dest_Add F_Dest_Add did not match the value configured in the safety parameters PROFIsafe 11 PROFIsafe F_Dest_Add 65 0x0041 Safety destination address is not valid F_Dest_Add F_Dest_Add of 0 or FFFFh is not allowed A valid F_Dest_Add is within range 1 65534 66 0x0042 Safety source address is not valid F_Source_Add F_S...

Page 198: ... Fault Checksum CRC1 calculated over the F Parameters does not match the checksum value in the F Parameters 72 0x0048 Device specific diagnosis information Unsupported PROFINET submodule identification number received from the controller station upon PROFINET connection or general error in the F Parameters Fault Cause What to do You cannot start the PROFINET communication The FENA station name sav...

Page 199: ...he watchdog time is too short Calculate a new watchdog time See section Calculating the watchdog time on page 163 All errors solved but you still cannot start the PROFIsafe communication After you have modified the configuration of the safety devices you may have to reboot of the whole system before the changes take effect Reboot the safety PLC If this does not help reboot also the FSO module the ...

Page 200: ...200 PROFIsafe ...

Page 201: ...st for the appropriate standard in section Stop the drive and do the steps in section Electrical safety precautions on page 14 before you start the work on page 217 Mechanical installation Installation site The subsystem elements must always be likely to operate within the range of temperature humidity corrosion dust vibration etc for which they are specified without the use of external environmen...

Page 202: ...nd clamped where practicable When installing cabling it must be assured that there is no pulling or pinching on the cables Connections Inputs and outputs To design the safety system architecture and select components to be used it is essential to read and understand the different architecture options for example single channel redundancy Single inputs can be connected to any terminal X113 1 4 or X...

Page 203: ... to enable an easy start up of the FSO module Note The FSO module power input X112 is protected against over voltage under voltage and over current and it has a reverse polarity protection FSO module enters Fail safe mode if any of these protections trip The module enters Fail safe mode also if output voltages of the internal power supply are outside specified limits due to supply input over volta...

Page 204: ...d Electronic Control System SRECS signal cables for the individual channels must be routed separately from the other channels at all positions or sufficiently shielded SRECS signal and electrical energy power cables must be separated at all positions or sufficiently shielded Cross connection between the channels of the subsystem must be prevented Signal paths must be physically separated for examp...

Page 205: ...Planning for installation 205 Relay contactor output with feedback Examples Brake control Door gate unlock 1 10 9 8 7 6 5 4 3 2 X114 TP DO GND DI X113 Diagnostic pulses ...

Page 206: ...and redundant 2 channel solutions The safe brake control needs a feedback from the brake system The SBC feedback can be from a relay contactor or from the mechanical brake itself Note If also the drive can control the brake the feedback must not be from the mechanical brake 1 10 9 8 7 6 5 4 3 2 X114 TP DO GND DI X113 M Diagnostic pulses DO GND ...

Page 207: ... 1 COM GND GND Physical separation of the different channels or appropriate cable protection eg double shielding Channel separation 24 V DC PNP outputs Diagnostic pulses from an active sensor must not be overlapping 1 10 9 8 7 6 5 4 3 2 X114 TP DO GND DI X113 CH 1 CH 2 COM GND GND Physical separation of the different channels or appropriate cable protection eg double shielding 24 V DC NPN inputs C...

Page 208: ...4 3 2 X114 TP DO GND DI X113 1 10 9 8 7 6 5 4 3 2 X114 TP DO GND DI X113 Physical separation of the different channels or appropriate cable protection eg double shielding Module 1 cascade master Module 2 Module 3 Common GND Common GND Common GND E stop button ACK button Channel separation Diagnostic pulses ...

Page 209: ...ter This chapter gives examples of how to connect the FSO module to the ACS880 drive WARNING The supply voltage for the FSO module is 24 V DC If the FSO module is supplied with a higher voltage for example 230 V or 115 V it is damaged and must be replaced ...

Page 210: ...wires 5 mounting plate for ZCU 14 6 the default mounting plate for ZCU 12 is attached to the module user s manual not shown in the figure Checking the delivery Check that all parts are in the package and that there are no signs of damage Notify the shipper immediately if you find damaged components Do not use damaged parts they must be replaced Check that the FSO module is of the correct type see ...

Page 211: ...s own package Install the FSO mechanically on the drive as described in chapter Electrical installation in the drive hardware manual Use the specified screw tightening torques See section Tightening torques on page 373 Note Do not install the FSO module on the FEA 03 F series extension adapter If necessary remove the default mounting plate from the FSO module and replace it with the other mounting...

Page 212: ...put 2 3 DI Channel 1 digital input 3 4 DI Channel 1 digital input 4 5 GND Signal ground 6 GND Signal ground 7 DO Channel 1 digital output 1 8 DO Channel 1 digital output 2 9 DO Channel 1 digital output 3 10 TP Channel 1 test pulse out X114 1 DI Channel 2 digital input 1 2 DI Channel 2 digital input 2 3 DI Channel 2 digital input 3 4 DI Channel 2 digital input 4 5 GND Signal ground 6 GND Signal gro...

Page 213: ... 1 Stop the drive and do the steps in section Electrical safety precautions on page 14 before you start the work 2 Make sure that the FSO electronics grounding screw is properly tightened See section Tightening torques on page 373 3 Make sure that the enclosure grounding screw is properly tightened Use T10 head See section Tightening torques on page 373 2 3 2 3 ...

Page 214: ...214 Installation 4 Make sure that the FSO data cable terminal X110 is connected to the drive Use only the cable delivered with the module 4 4 ...

Page 215: ...e and data cable between FSO module and drive on page 373 6 Connect the digital inputs digital outputs diagnostic pulses and signal ground at the FSO terminals X113 and X114 according to the application requirements Use the tightening torque of 0 24 Nm 2 1 lbf in Use proper cable strain relief Use only the I O terminal blocks attached to the FSO module Make sure that the ground terminal maximum cu...

Page 216: ...Connect the power supply wires to the FSO terminal X112 Use the tightening torque of 0 24 Nm 2 1 lbf in for the FSO terminals Use proper cable strain relief See also section Power supply connection cables on page 203 7 7 ...

Page 217: ...ists Check the mechanical and electrical installation of the FSO module before start up Go through the checklists below together with another person Read chapter Safety instructions before you work on the safety system WARNING Obey the safety instructions See chapter Safety instructions on page 13 If you ignore them injury or death can occur Stop the drive and do the steps in section Electrical sa...

Page 218: ...ed Packing materials and tools have been removed from the installation area ELECTRICAL INSTALLATION See chapter Planning for installation and section Installation Electrical installation If a PELV power supply is used its ground has to be in the same potential as the drive ground Appropriate supply input power fuses are installed Data cable between the drive and the FSO module is routed separately...

Page 219: ...e adequate expertise and knowledge of functional safety the safety functions as well as the configuration of the FSO module ABB has training courses available on the FSO module Password You need a password to be able to upload the parameters from the FSO and download the modified parameters from your PC to the FSO and the drive The password is set to 12345678 at the factory The password must conta...

Page 220: ...lain the main phases of the safety system configuring process 1 Risk assessment 2 Safety requirements 3 Planning the configuration of the FSO 4 Design of the safety functions 5 Commissioning of the FSO 6 Validation of the functional safety system 7 Validation test report 8 Modification 9 Decommissioning FSO configuring ...

Page 221: ...g of the safety parameters of the FSO module commissioning of the PROFIsafe connection to the safety PLC electrical installation etc 6 Validation of the functional safety system Validation of the safety functions which are used in the safety system They operate as required in the application and the safety requirements SRS arising from the risk assessment are fulfilled If any of the safety functio...

Page 222: ...ring etc 2 Set the parameter values in the Drive composer pro PC tool a Power up the drive and make sure that the motor is not running b Connect your PC to the drive start the Drive composer pro PC tool and select Safety settings c Open the parameters for setting First start up Upload the parameters from the FSO to the PC tool button Read settings from drive A password is required Make a backup co...

Page 223: ...n Apply setting to drive A password is required f After downloading the FSO and the tool validate the configuration and the tool asks you to confirm the validation g Change the password to protect the settings button Change password A password is required Note The motor must be stopped when you change the password 3 Validate safety functions print the report from the configuration including all th...

Page 224: ... the value on the motor type designation label FSOGEN 21 Motor nominal speed 1360 0 rpm Use the same value with the drive parameter 99 09 Motor nominal speed and the value on the motor type designation label FSOGEN 51 Zero speed without encoder 90 0 rpm Use a suitable low enough value The motor must coast to stand still in a relatively short time External requests ending in the drive STO are repor...

Page 225: ...FIsafe Example PROFIsafe communication activated SBUSGEN 01 SBUS activity and version Version 1 and 200 222 Safety bus type PROFIsafe Speed scaling 1500 rpm SBUSGEN 06 Safety fieldbus speed scaling 1500 rpm the FSO module generates a fault message if the module is passivated due to safety fieldbus problems SBUSGEN 10 STO indication passivation Fault the FENA module is connected to option slot 1 20...

Page 226: ...ting two different and independent activation switches for the same function It is possible to set diagnostic pulses for the inputs User must set the pulse length and period and also define the inputs which use the pulses Outputs Outputs can be configured into use for different safety functions Function indications on page 50 a safety relay the SBC function and a cascade loop User can select the o...

Page 227: ...acknowledgement Manual 4 Set the acknowledgement method in the follower FSO modules Automatic STO 02 STO acknowledgement Automatic 5 Set the digital inputs and outputs of the SSE function as defined for the cascaded system The SSE function is activated from a redundant digital input in the master FSO SSE 11 SSE input A DI X113 1 X114 1 The SSE function is cascaded with a single connection in the f...

Page 228: ...nctions See section Acknowledgement methods on page 46 for more information on different acknowledgement methods Manual The FSO module reads the external STO acknowledgement signal through the digital input defined by parameter FSOGEN 42 Acknowledgement button input SSE 11 SSE input A Sets the digital input that is connected to the primary input of the SSE function DI X113 1 X114 1 Redundant input...

Page 229: ...Not cascaded STO 02 STO acknowledge ment Sets the acknowledgement method used in the STO SSE and SS1 functions Automatic The FSO module generates the STO acknowledgement signal automatically after the STO SSE or SS1 request has been removed and the stop function is completed output defined by parameter FSOGEN 11 STO completed output is active SSE 11 SSE input A Sets the digital input that is conne...

Page 230: ...utput X113 8 X114 8 SAFEIO 22 Safety relay 1 feedback Sets the digital feedback input of safety relay 1 DI X113 4 Single input X113 4 SAFEIO 23 Safety relay 1 feedback type Sets the type of the feedback signal for safety relay 1 Mechanically linked NC contacts Feedback of the safety relay is NC inverted state compared with the relay SAFEIO 24 Safety relay 2 output Sets the digital output for safet...

Page 231: ... hits The FSO module activates the SSE function after trip limit hits in the SLS and SMS functions You can configure the SSE function either with immediate STO stop category 0 or with emergency ramp stop category 1 see section Safe stop emergency SSE on page 76 If you want that the SBC is activated at trip limit hits you have to configure the SBC function in the correct SSE function Note Make sure...

Page 232: ...t delay with parameter SBC 12 STO SBC delay If the value is zero 0 rpm the FSO activates the SBC and drive STO functions at the same time It the value is positive the FSO activates the SBC after the drive STO See section How to configure SBC after STO on page 235 If the value is negative the FSO activates the SBC before the drive STO See section How to configure SBC before STO on page 236 See also...

Page 233: ...BC before STO on page 244 If the value is zero 0 ms or positive the FSO activates the SBC and drive STO functions at the same time when the speed limit is reached Note If parameter SBC 11 STO SBC usage is Delayed brake the same parameter SBC 12 STO SBC delay is used also in the STO and SSE with immediate STO functions see section How to configure the SBC in the STO function on page 232 In the SS1 ...

Page 234: ... of a simple STO function set up redundant emergency stop button connected to input STO 11 STO input A DI X113 1 X114 1 automatic acknowledgement STO 02 STO acknowledgement Automatic estimated time in which the motor coasts to a stop from the maximum speed is 1500 ms STO 14 Time to zero speed with STO and modoff 1500 ms the fly start feature is in use that is you can restart the drive before the m...

Page 235: ...or before it has stopped STO 13 Restart delay after STO 1300 ms brake connected to redundant output diagnostic pulses activated SBC 21 SBC output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On STO is activated if brake feedback fails SBC 22 SBC feedback action STO feedback from the brake is connected to digital input X113 2 SAFEIO 22 Safety relay 1 feedback DI X113 2 feedback input type NC inverted s...

Page 236: ... 1200 ms brake connected to redundant output diagnostic pulses activated SBC 21 SBC output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On STO is activated if brake feedback fails SBC 22 SBC feedback action STO brake feedback input connected to input SAFEIO 22 Safety relay 1 feedback DI X113 2 feedback input type NC inverted state compared with the brake relay SAFEIO 23 Safety relay 1 feedback type Me...

Page 237: ...h time monitored ramp SS1 13 SS1 type SS1 t security delay for activating the drive STO 2000 ms SS1 14 SS1 t delay for STO 2000 ms automatic acknowledgement STO 02 STO acknowledgement Automatic redundant emergency stop button connected to input SS1 11 SS1 input A DI X113 1 X114 1 single output connected SS1 21 SS1 output DO X114 9 zero speed limit for activating the drive STO 90 rpm FSOGEN 51 Zero...

Page 238: ...S1 11 DI X113 1 X114 1 SS1 12 None SS1 21 DO X114 9 SS1 22 None SS1 13 SS1 t FSOGEN 51 90 rpm SS1 14 2000 ms Time Speed Inputs Outputs SS1 activated STO activated SS1 01 Version 1 STO 02 Automatic SBC 15 0 rpm SS1 15 0 ms ...

Page 239: ... 11 SS1 input A DI X113 1 X114 1 single output connected SS1 21 SS1 output DO X114 9 zero speed limit for activating the drive STO 90 rpm FSOGEN 51 Zero speed without encoder 90 rpm delay for activating STO after the zero speed limit has been reached 0 ms SS1 15 SS1 r ramp zero speed delay for STO 0 ms speed limit activated brake not in use SBC 15 SSE SS1 SBC speed 0 ms See also section Fine tunin...

Page 240: ...1 SS1 input A DI X113 1 X114 1 single output connected SS1 21 SS1 output DO X114 9 brake connected to redundant output diagnostic pulses activated SBC 21 SBC output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On speed limit activated brake in use speed below which the brake and STO are activated 180 0 rpm SBC 15 SSE SS1 SBC speed 180 rpm delay for activating STO after brake is zero STO and SBC are ac...

Page 241: ...activated SS1 13 SS1 t SS1 01 Version 1 STO 02 Automatic SS1 21 DO X114 9 SS1 22 None SS1 11 DI X113 1 X114 1 SS1 12 None SBC 15 180 rpm SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SS1 15 0 ms SBC 21 DO X113 7 X114 7 SAFEIO 53 SAFEIO 56 On SS1 14 2000 ms SBC 13 1200 ms ...

Page 242: ...in use speed limit below which the brake and STO are activated 180 0 rpm SBC 15 SSE SS1 SBC speed 180 rpm delay for activating STO after brake is zero STO and SBC are activated at the same time SBC 12 STO SBC delay 0 ms delay for activating the brake and STO after the SBC speed limit has been reached 0 ms SS1 15 SS1 r ramp zero speed delay for STO 0 ms delay for defining the safety function as com...

Page 243: ...uts SS1 activated SS1 13 SS1 r SS1 01 Version 1 STO 02 Automatic SS1 21 DO X114 9 SS1 22 None SS1 11 DI X113 1 X114 1 SS1 12 None SBC 15 180 rpm SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SS1 15 0 ms SBC 21 DO X113 7 X114 7 SAFEIO 53 SAFEIO 56 On SBC 13 1200 ms ...

Page 244: ...4 1 single output connected SS1 21 SS1 output DO X114 9 brake connected to redundant output diagnostic pulses activated SBC 21 SBC output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On speed limit activated brake in use speed below which the brake and STO are activated 180 0 rpm SBC 15 SSE SS1 SBC speed 180 rpm delay for activating STO after brake 300 ms only a negative delay is possible the SBC is a...

Page 245: ...1 13 SS1 t SS1 01 Version 1 STO 02 Automatic SS1 21 DO X114 9 SS1 22 None SS1 11 DI X113 1 X114 1 SS1 12 None SBC 15 180 rpm SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SBC 12 300 ms SBC 21 DO X113 7 X114 7 SAFEIO 53 SAFEIO 56 On SS1 14 2000 ms STO activated SBC 13 1200 ms ...

Page 246: ...ke is activated 180 0 rpm SBC 15 SSE SS1 SBC speed 180 rpm delay for activating STO after brake 300 ms only a negative delay is possible the SBC is activated before STO SBC 12 STO SBC delay 300 ms Note The same SBC delay is used in the STO and SS1 SSE functions delay for activating the brake after the SBC speed limit has been reached 0 ms SS1 15 SS1 r ramp zero speed delay for STO 0 ms not shown i...

Page 247: ...toring See section Configuring STO on page 234 Remember to configure SAR1 Time Speed SBC activated Inputs Outputs SS1 activated SS1 13 SS1 r SS1 01 Version 1 STO 02 Automatic SS1 21 DO X114 9 SS1 22 None SS1 11 DI X113 1 X114 1 SS1 12 None SBC 15 180 rpm SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SS1 15 0 ms SBC 21 DO X113 7 X114 7 SAFEIO 53 SAFEIO 56 On SBC 12 300 ms...

Page 248: ...The figure below shows an example of the SSE function with immediate STO set up drive STO is activated immediately after the SSE request SSE 13 SSE function Immediate STO automatic acknowledgement STO 02 STO acknowledgement Automatic redundant emergency stop button connected to input SSE 11 SSE input A DI X113 1 X114 1 no outputs connected delay for restarting the drive 1500 ms This is the estimat...

Page 249: ...ut A and SSE 12 SSE input B are used instead of STO input parameters SSE output parameters SSE 21 SSE output and SSE 22 SSE completed output are used instead of STO output parameters See sections How to configure SBC after STO on page 235 and How to configure SBC before STO on page 236 For more information on the SSE with immediate STO and SBC after STO function see page 78 For more information on...

Page 250: ...c redundant emergency stop button connected to input SSE 11 SSE input A DI X113 1 X114 1 single output connected SSE 21 SSE output DO X113 9 zero speed limit for activating the drive STO 90 rpm FSOGEN 51 Zero speed without encoder 90 rpm delay for activating the drive STO after the speed limit has been reached 0 ms SSE 16 SSE ramp zero speed delay for STO 0 ms speed limit activated brake not in us...

Page 251: ...ut SSE 11 SSE input A DI X113 1 X114 1 single output connected SSE 21 SSE output DO X113 9 zero speed limit for activating the drive STO 90 rpm FSOGEN 51 Zero speed without encoder 90 rpm delay for activating the drive STO after the zero speed limit has been reached 0 ms SSE 16 SSE ramp zero speed delay for STO 0 ms speed limit activated brake not in use SBC 15 SSE SS1 SBC speed 0 rpm See also sec...

Page 252: ...O 2000 ms SSE 15 SSE delay for STO 2000 ms redundant emergency stop button connected to input SSE 11 SSE input A DI X113 1 X114 1 single output connected SSE 21 SSE output DO X113 9 brake connected to redundant output diagnostic pulses activated SBC 21 SBC output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On speed limit activated brake in use speed below which the brake and STO are activated 240 0 r...

Page 253: ...s SSE activated SSE 11 DI X113 1 X114 1 SSE 12 None SSE 21 DO X113 9 SSE 22 None SSE 14 Time SSE 13 Emergency ramp STO 02 Automatic SBC 15 240 rpm SSE 16 0 ms SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SAFEIO 53 SAFEIO 56 On SBC 21 DO X113 7 X114 7 SSE 15 2000 ms ...

Page 254: ... output DO X113 7 X114 7 SAFEIO 53 and SAFEIO 56 On speed limit activated brake in use speed below which the brake and STO are activated 240 0 rpm SBC 15 SSE SS1 SBC speed 240 rpm delay for activating STO after brake is zero STO and SBC are activated at the same time SBC 12 STO SBC delay 0 ms delay for activating the brake and drive STO after the speed limit has been reached 0 ms SSE 16 SSE ramp z...

Page 255: ... Outputs SSE activated SSE 11 DI X113 1 X114 1 SSE 12 None SSE 21 DO X113 9 SSE 22 None SSE 14 Ramp SSE 13 Emergency ramp STO 02 Automatic SBC 15 240 rpm SSE 16 0 ms SBC 22 STO SAFEIO 23 Mechanically linked NC contacts SAFEIO 22 DI X113 2 SAFEIO 53 SAFEIO 56 On SBC 21 DO X113 7 X114 7 ...

Page 256: ...ay for activating the drive STO is set with parameter SSE 15 SSE delay for STO delay for activating the brake after the speed limit has been reached is set with parameter SSE 16 SSE ramp zero speed delay for STO Note If you configure the SSE with speed limit activated SBC function this activates the same function in the SS1 function see section How to configure SS1 with speed limit activated SBC S...

Page 257: ...eed to zero 1000 ms 200 102 SAR0 ramp time to zero 1000 ms Scaling speed 1500 rpm 200 202 SAR speed scaling 1500 rpm initial range for monitoring 100 ms SARx 02 SAR initial allowed range 100 ms minimum allowed ramp time 500 ms SARx 11 SAR0 min ramp time to zero 500 ms maximum allowed ramp time 1000 ms SARx 12 SAR0 max ramp time to zero 1500 ms Note If you use SAR1 in several safety functions at th...

Page 258: ...g SLS activation delay 2000 ms SLSx 04 SLS time delay 2000 ms automatic acknowledgement SLSx 02 SLS acknowledgement Automatic redundant SLS activation button connected to input SLSx 11 SLS1 input A DI X113 2 X114 2 single output connected SLSx 15 SLS1 output A DO X114 7 positive limits SLS 1200 0 rpm trip limit 1320 0 rpm 200 23 SLS1 limit positive 1200 rpm SLSx 14 SLS1 trip limit positive 1320 rp...

Page 259: ...2 SLSx 12 None SLSx 15 DO X114 7 SLSx 16 None SLSx 03 Time SLSx 02 Automatic SLSx 04 2000 ms SLSx 13 1020 rpm 200 23 1200 rpm SLSx 14 1320 rpm 200 22 900 rpm SLS1 Time Speed Inputs Outputs SLS activated SLS monitoring started 200 21 Version 1 ...

Page 260: ... input DI X113 2 X114 2 single output connected SLSx 24 SLS2 output DO X114 7 positive limits SLS 1200 0 rpm trip limit 1320 0 rpm 200 33 SLS2 limit positive 1200 rpm SLSx 23 SLS2 trip limit positive 1320 rpm negative limits SLS 900 0 rpm trip limit 1020 0 rpm 200 32 SLS2 limit negative 900 rpm SLSx 22 SLS2 trip limit negative 1020 rpm See also section Fine tuning the configuration on page 282 Not...

Page 261: ...toring limit during the deceleration ramp SLS with ramp monitoring See section Configuring STO on page 234 The FSO module activates the SSE function if the motor speed hits a trip limit See section Configuring SSE on page 248 SLSx 24 DI X113 2 X114 2 SLSx 24 DO X114 7 SLSx 03 Ramp SLSx 02 Automatic Remember to configure SAR1 SLS2 Time Speed Input Output SLS activated SLS monitoring started 200 31 ...

Page 262: ...e SLS function see page 124 How to configure Variable SLS with time monitoring Example The figure below shows an example of the Variable SLS function with time monitoring set up Variable SLS function activated 200 61 SLS variable activity and version Version 1 automatic acknowledgement SLSx 02 SLS acknowledgement Automatic time monitored deceleration ramp SLSx 03 SLS activation monitoring method T...

Page 263: ...ng 0 Negative_Scaling 1 scaling values from the safety PLC 70 50 100 value set in Variable_SLS_limit 7000 5000 10000 SLSx 51 DO X113 7 200 43 1200 rpm SLSx 43 1320 rpm Speed Time Output varSLS activated 70 scaling New scaling values from PLC 50 100 200 61 Version 1 SLSx 03 Time SLSx 02 Automatic SLSx 04 2000 ms ...

Page 264: ...ring limits according to SAR1 parameters acceleration ramp according to drive parameters single output connected SLSx 51 Variable SLS output DO X114 7 positive limits SLS 1200 0 rpm trip limit 1320 0 rpm 200 43 SLS4 limit positive 1200 rpm SLSx 43 SLS4 trip limit positive 1320 rpm negative limits SLS 100 rpm trip limit 150 FSOGEN 51 Zero speed without encoder not shown in the figure 200 42 SLS4 li...

Page 265: ... 50 100 value set in Variable_SLS_limit 7000 5000 10000 See also section SLS reaction when modulation is lost during deceleration ramp with ramp monitoring on page 101 Speed Time Output varSLS activated 70 scaling New scaling values from PLC 50 100 Remember to configure SAR1 SLSx 51 DO X113 7 200 43 1200 rpm SLSx 43 1320 rpm 200 61 Version 1 SLSx 03 Ramp SLSx 02 Automatic ...

Page 266: ...t scales the original SLS4 and SLS4 trip limits with the given percentage If necessary the new scaled SLS4 trip limit is the adjusted according to these rules If the difference between original SLS4 and SLS4 trip limits 25 rpm the difference between the scaled limits must be at least the same as the original difference See Example 1 below If the difference between original SLS4 and SLS4 trip limit...

Page 267: ... 2 The original SLS4 and SLS4 trip limits are 1000 and 1100 rpm The scaling value is 0 The zero speed value is 20 rpm original SLS4 limit original SLS4 trip limit 100 rpm This is greater than 25 rpm so 25 rpm becomes the limiting difference Scaling by 0 SLS4 limit 0 rpm SLS4 trip limit 0 rpm difference 0 rpm Difference 25 rpm SLS4 limit 0 rpm SLS4 trip limit 25 rpm In this case the scaled SLS4 and...

Page 268: ...monitoring See section Configuring SAR on page 257 The FSO module activates the STO function if the motor speed hits a ramp monitoring limit during the deceleration ramp Variable SLS with ramp monitoring See section Configuring STO on page 234 The FSO module activates the SSE function if the motor speed hits a trip limit See section Configuring SSE on page 248 ...

Page 269: ...tion on the SMS function see page 129 How to configure SMS version 1 Example The figure below shows an example of the SMS version 1 set up SMS function version 1 activated 200 71 SMS activity and version Version 1 positive limit 1800 0 rpm SMS 14 SMS trip limit positive e 1800 rpm negative limit 1200 0 rpm SMS 13 SMS trip limit negative 1200 rpm SSE function configured as immediate STO SSE 13 SSE ...

Page 270: ...rpm SSE function configured as immediate STO SSE 13 SSE function Immediate STO See also section Fine tuning the configuration on page 282 Note If you also use an SLS function the SMS positive and negative trip limits must be more than the speed defined by the corresponding SLS positive trip limit and less than the speed defined by the corresponding SLS negative trip limit respectively Related safe...

Page 271: ...mpletion 0 ms POUS completed output for example an indication lamp connected to single output X114 9 POUS 22 POUS completed output DO X114 9 How to configure SLS function behavior when drive modulation is lost When it is critical for the process that the drive must be able to indicate safely if the drive modulation is lost during SLS deceleration user must configure this behavior separately for th...

Page 272: ...ows an example of the modoff situation with SLS function with time monitoring when Modoff delay time parameter SLSx 05 is selected Basic parametrization of the SLS function made according to chapter Configuring SLS on page 258 Modoff delay time monitoring is active when drive modulation is lost SLSx 05 SLS ramp modoff reaction Modoff delay time Modoff delay time SLSx 06 SLS ramp modoff delay time ...

Page 273: ...TO function regardless of the configuration of the SSE function STO indication goes on STO 21 STO output DO X113 7 4 SLS time monitoring limit SLSx 04 SLS time delay 2000 ms 5 STO 14 delay starts when drive modulation is lost If modulation does not return SLS indication goes on after STO 14 delay has elapsed Example 2 The figure below shows an example of the modoff situation with SLS function with...

Page 274: ... 21 STO output DO X113 7 see chapter How to configure STO on page 234 4 STO 14 delay starts when drive modulation is lost If modulation does not return SLS indication goes on after STO 14 delay has elapsed When drive modulation is lost last valid speed estimate is stored to FSO module until modulation comes back or monitoring limit is reached Time monitoring is kept active also when modulation is ...

Page 275: ...modulation is lost SLSx 05 SLS ramp modoff reaction Monitoring active and modoff delay time Modoff delay time SLSx 06 SLS ramp modoff delay time 300 ms Relevant parameters for this configuration Deceleration time drive parameter 23 13 Deceleration time 1 SLS activation delay 2000 ms SLSx 04 SLS time delay 2000 ms STO 14 time to zero speed with STO and modoff 2500 ms Motor speed Time 1 6 5 3 4 2 B ...

Page 276: ...LS indication goes on SLSx 15 SLS1 output A DO X114 7 6 The SLSx 04 time monitoring limit SLS indication is activated at the latest Time monitoring is kept active also when modulation is lost during SLS deceleration ramp and SARx 06 SLS ramp modoff delay is set shorter than SLSx 04 SLS time delay FSO indicates SLS hit and STO is activated when SLSx 06 has elapsed Drive restart is possible until SL...

Page 277: ...tion of the drive does not return After STO 14 has elapsed SLS indication goes on SLSx 15 SLS1 output A DO X114 7 The time monitoring of the SLS function is disabled when modulation of the drive is lost during SLS deceleration ramp When the drive stops modulation FSO disables the time monitoring of the SLS function and starts to wait that the motor will coast to zero speed STO 14 time to zero spee...

Page 278: ...modoff delay time 200 ms Relevant parameters for this configuration Scaling speed 1500 rpm 200 202 SAR speed scaling 1500 rpm Deceleration time and ramp monitoring according to SAR1 parameters ramp time from Scaling speed to zero 1000 ms 200 112 SAR1 ramp time to zero 1000 ms initial range for monitoring 100 ms SARx 02 SAR initial allowed range 100 ms minimum allowed ramp time 500 ms SARx 21 SAR1 ...

Page 279: ...p modoff delay time 200 ms 3 Modulation of the drive has not returned before the SLS ramp modoff delay time has elapsed SLSx 06 SLS ramp modoff delay time 200 ms FSO activates STO function STO indication goes on STO 21 STO output DO X113 7 4 STO 14 delay starts when drive modulation is lost If modulation does not return SLS indication goes on after STO 14 delay has elapsed When drive modulation is...

Page 280: ...x 02 SAR initial allowed range 100 ms minimum allowed ramp time 500 ms SARx 21 SAR1 min ramp time to zero 500 ms maximum allowed ramp time 1000 ms SARx 22 SAR1 max ramp time to zero 1500 ms STO 14 time to zero speed with STO and modoff 2500 ms 1 SLS request is activated SLSx 11 SLS1 input A DI X113 2 X114 2 SLS ramp monitoring is activated SAR1 Parameter 200 202 SAR speed scaling STO active Motor ...

Page 281: ...toring limit hit is generated based on the last valid speed estimate of FSO 4 STO 14 delay starts when drive modulation is lost If modulation does not return SLS indication goes on after STO 14 delay has elapsed When drive modulation is lost last valid speed estimate is stored to FSO module until modulation comes back or monitoring limit is reached Ramp monitoring is kept active also when modulati...

Page 282: ...ute time How to fine tune limit hit situations Example SMS trip limit hit parameter FSOGEN 31 Transient mute time 20 ms This applies also to trip limit hits in the SLS1 4 and Variable SLS functions ramp monitoring limit hits in the SS1 SSE and SLS functions Variable SLS indication when the motor speed is decelerated to a new SLS limit FSOGEN 31 20 ms Speed Time Limit hit Mute time elapsed SSE acti...

Page 283: ... negative SBC delay parameter SBC 12 STO SBC delay is configured in the STO function parameter FSOGEN 31 Transient mute time 20 ms Note If the SBC delay parameter SBC 12 STO SBC delay is positive or zero 0 ms the SBC and STO functions are activated at the same time Time Speed Zero speed limit reached FSOGEN 51 90 rpm Mute time elapsed STO activated FSOGEN 31 20 ms Time Speed Zero speed limit reach...

Page 284: ... positive or zero 0 ms the SBC and STO functions are activated at the same time How to fine tune when monitoring is started Example The start of SLS monitoring in the SLS1 function parameter FSOGEN 31 Transient mute time 20 ms Note The SLS indication goes on after this delay Time Speed SBC delay elapsed STO activated FSOGEN 31 20 ms SBC 15 90 rpm SBC speed limit reached Mute time elapsed SBC activ...

Page 285: ...rs in the Safety settings window of the Drive composer pro PC tool Note The factory default values shown in the table can be different from the pre set parameter values in a delivered FSO ordered with a plus code eg Q973 For more information see section Factory reset on page 368 Note ABB recommends that you set drive parameter 31 22 STO indication run stop to value 3 4 or 5 This setting prevents t...

Page 286: ...r the drive 0 0 rpm 35880 0 0 0 rpm Speed 200 33 SLS2 limit positive Sets the SLS2 positive speed limit for the drive 0 0 rpm 0 0 35880 0 rpm Speed 200 41 SLS3 activity and version Activates or deactivates the SLS3 function and shows the version of the SLS3 function Disabled Disabled Deactivates the SLS3 function Version 1 Activates version 1 of the SLS3 function 200 42 SLS3 limit negative Sets th...

Page 287: ...n 1 of the SMS function See section SMS function version 1 on page 130 Version 2 Activates version 2 of the SMS function See section SMS function version 2 on page 131 200 72 SMS limit negative Sets the negative speed limit for the SMS function Note This parameter is used only in version 2 of the SMS function 0 0 rpm 35880 0 0 0 rpm Speed 200 73 SMS limit positive Sets the positive speed limit for...

Page 288: ... a speed value that the FSO module uses as a reference point in ramp time calculations See section Ramp monitoring on page 49 1500 rpm 0 35880 rpm Speed 200 222 Safety bus type Sets the type of the safety fieldbus if used Note To activate the safety fieldbus you must also set parameter SBUSGEN 01 SBUS activity and version to value Version 1 Not used Not used The safety fieldbus is not used PROFIsa...

Page 289: ... SSE or SS1 function None None No input connected DO X113 7 X114 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X113 8 Single output X113 8 DO X113 9 Single output X113 9 DO X114 7 Single output X114 7 DO X114 8 Single output X114 8 DO X114 9 Single output X114 9 FSOGEN 21 Motor nomi...

Page 290: ...ne tuning the configuration on page 282 Note You can also use the Transient mute time in applications in which the motor runs a high inertia mass load and rapid changes in speed are not possible 0 ms 0 1000 ms Time FSOGEN 41 Power up acknowledgement Sets the power up acknowledgement method Note If a safety function request is active when the FSO module is rebooted the request must be removed befor...

Page 291: ...ote You cannot set trip limits below this value 0 0 rpm 0 0 600 0 rpm Speed FSOGEN 61 STO indication ext request Sets the type of the event that the FSO module generates and sends to the drive after external requests that end to a successful activation of the drive STO function STO SSE or SS1 Note When the FSO module triggers the STO function in fault situations it always generates a fault Fault N...

Page 292: ...meter FSOGEN 11 STO completed output is active Automatic The FSO module generates the STO acknowledgement signal automatically after the STO SSE or SS1 request has been removed and the stop function is completed output defined by parameter FSOGEN 11 STO completed output is active Safebus The FSO module expects an external STO acknowledgement signal from the safety fieldbus after the STO SSE or SS1...

Page 293: ...t that is connected to the secondary input of the STO function The secondary input is mostly used for the cascade connection See parameters SAFEIO 12 Cascade A and SAFEIO 13 Cascade B None None No input connected DI X113 1 X114 1 Redundant input X113 1 X114 1 DI X113 2 X114 2 Redundant input X113 2 X114 2 DI X113 3 X114 3 Redundant input X113 3 X114 3 DI X113 4 X114 4 Redundant input X113 4 X114 4...

Page 294: ...r pro PC tool when an encoder is used for motor control otherwise you have to make sure that the motor shaft has stopped rotating by other means eg visually Acknowledgement is allowed after coast stop in the STO SSE and SS1 functions when SBC is not used If SBC is used see parameter SBC 13 SBC time to zero speed If an external request activates the STO function this parameter sets the time after w...

Page 295: ...ates the completion of the STO function See the diagrams in section Safe torque off STO on page 55 None None No output connected DO X113 7 X114 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X113 8 Single output X113 8 DO X113 9 Single output X113 9 DO X114 7 Single output X114 7 DO ...

Page 296: ...00 000 ms 5000 3 600 000 ms Time SBC 13 SBC time to zero speed Sets an additional security delay after which the motor has stopped and the system can be set to a safe state after the FSO module has activated the brake SBC Must be configured to the estimated time in which the motor brakes to a stop from the maximum speed The total delay from the moment the FSO module has activated the drive STO fun...

Page 297: ... the POUS function POUS 02 POUS acknowledgement Sets the POUS acknowledgement method Manual Manual The FSO module reads the POUS acknowledgement signal through the digital input defined by parameter FSOGEN 42 Acknowledgement button input The FSO module accepts the acknowledgement after the POUS request has been removed Automatic The FSO module generates the POUS acknowledgement signal automaticall...

Page 298: ...14 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X113 8 Single output X113 8 DO X113 9 Single output X113 9 DO X114 7 Single output X114 7 DO X114 8 Single output X114 8 DO X114 9 Single output X114 9 POUS 22 POUS completed output Set the digital output that indicates the completion...

Page 299: ...DI X113 4 Single input X113 4 DI X114 1 Single input X114 1 DI X114 2 Single input X114 2 DI X114 3 Single input X114 3 DI X114 4 Single input X114 4 SSE 12 SSE input B Sets the digital input that is connected to the secondary input of the SSE function The secondary input is mostly used for the cascade connection See parameters SAFEIO 12 Cascade A and SAFEIO 13 Cascade B None None No input connect...

Page 300: ...ng SAR0 parameters define the emergency ramp and monitoring limits See parameters 200 102 SARx 11 SARx 12 and SARx 02 Time Time monitoring Parameter 200 102 SAR0 ramp time to zero defines the emergency ramp and it is monitored with parameter SSE 15 SSE delay for STO SSE 15 SSE delay for STO Sets the security delay after which the FSO module actives the STO after the SSE request This parameter is r...

Page 301: ... rpm 30 000 ms 0 30 000 ms Time SSE 21 SSE output Sets the digital output that indicates the activity of the SSE function Active from the SSE request until the function has been acknowledged None None No output connected DO X113 7 X114 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X...

Page 302: ...4 Redundant input X113 4 X114 4 DI X113 1 Single input X113 1 DI X113 2 Single input X113 2 DI X113 3 Single input X113 3 DI X113 4 Single input X113 4 DI X114 1 Single input X114 1 DI X114 2 Single input X114 2 DI X114 3 Single input X114 3 DI X114 4 Single input X114 4 SS1 12 SS1 input B Sets the digital input that is connected to the secondary input of the SS1 function The secondary input is mo...

Page 303: ...00 000 ms 0 3 600 000 ms Time SS1 15 SS1 r ramp zero speed delay for STO Sets an extra delay time for the drive STO and SBC if used activation at the zero speed limit in the SS1 function The FSO module uses a speed estimation which differs from the actual axle speed of the motor With this parameter the FSO module delays the STO activation so that the drive is able to reach the axle zero speed befo...

Page 304: ...e stop 1 SS1 on page 61 None None No output connected DO X113 7 X114 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X113 8 Single output X113 8 DO X113 9 Single output X113 9 DO X114 7 Single output X114 7 DO X114 8 Single output X114 8 DO X114 9 Single output X114 9 41 SLSx Paramete...

Page 305: ...x 03 SLS activation monitoring method Sets the monitoring method that is used in SLS activation Ramp Ramp Ramp monitoring SAR1 parameters define the deceleration ramp and monitoring limits See parameters 200 112 SARx 21 SARx 22 and SARx 02 Time Time monitoring The drive parameter 23 13 or 23 15 defines the deceleration ramp and it is monitored with parameter SLSx 04 SLS time delay SLSx 04 SLS time...

Page 306: ...on is met first and activates the STO Monitoring and modoff delay time are disabled If drive modulation is lost during the SLS deceleration ramp FSO does not activate STO SLS indication eg SLSx 15 goes on after STO 14 time has elapsed SLSx 06 SLS ramp modoff delay time Time to trip when modulation is lost Note SLSx 06 time must be set shorter than STO 14 otherwise STO is not activated due to limit...

Page 307: ...Single input X114 1 DI X114 2 Single input X114 2 DI X114 3 Single input X114 3 DI X114 4 Single input X114 4 SLSx 13 SLS1 trip limit negative Sets the SLS1 negative speed limit that trips the drive 0 0 rpm 35880 0 0 0 rpm Speed SLSx 14 SLS1 trip limit positive Sets the SLS1 positive speed limit that trips the drive 0 0 rpm 0 0 35880 0 rpm Speed SLSx 15 SLS1 output A Sets the digital output that i...

Page 308: ...utput X114 7 DO X114 8 Single output X114 8 DO X114 9 Single output X114 9 SLSx 21 SLS2 input Sets the digital input that is connected to the secondary input of the SLS function with limits 2 None None No input connected DI X113 1 X114 1 Redundant input X113 1 X114 1 DI X113 2 X114 2 Redundant input X113 2 X114 2 DI X113 3 X114 3 Redundant input X113 3 X114 3 DI X113 4 X114 4 Redundant input X113 ...

Page 309: ...ut Sets the digital input that is connected to the secondary input of the SLS function with limits 3 None None No input connected DI X113 1 X114 1 Redundant input X113 1 X114 1 DI X113 2 X114 2 Redundant input X113 2 X114 2 DI X113 3 X114 3 Redundant input X113 3 X114 3 DI X113 4 X114 4 Redundant input X113 4 X114 4 DI X113 1 Single input X113 1 DI X113 2 Single input X113 2 DI X113 3 Single input...

Page 310: ...ut connected DI X113 1 X114 1 Redundant input X113 1 X114 1 DI X113 2 X114 2 Redundant input X113 2 X114 2 DI X113 3 X114 3 Redundant input X113 3 X114 3 DI X113 4 X114 4 Redundant input X113 4 X114 4 DI X113 1 Single input X113 1 DI X113 2 Single input X113 2 DI X113 3 Single input X113 3 DI X113 4 Single input X113 4 DI X114 1 Single input X114 1 DI X114 2 Single input X114 2 DI X114 3 Single in...

Page 311: ...e output of the Variable SLS function Active when Variable SLS function is active and the motor speed is below the Variable SLS limit that is when the Variable SLS monitoring is on None None No output connected DO X113 7 X114 7 Redundant output X113 7 X114 7 DO X113 8 X114 8 Redundant output X113 8 X114 8 DO X113 9 X114 9 Redundant output X113 9 X114 9 DO X113 7 Single output X113 7 DO X113 8 Sing...

Page 312: ...amp time to zero Sets the minimum ramp time for the SAR1 ramp monitoring 0 ms 0 1 799 999 ms Time Note With value 0 ms the ramp is not monitored SARx 22 SAR1 max ramp time to zero Sets the maximum ramp time for the SAR1 ramp monitoring 1 ms 1 3 600 000 ms Time 41 SAFEIO Parameters for FSO inputs and outputs SAFEIO 11 M F mode for cascade Sets the master follower mode of the FSO module for both cas...

Page 313: ...cascade X114 1 X114 7 X114 2 X114 8 Single cascade X114 2 X114 8 X114 3 X114 9 Single cascade X114 3 X114 9 SAFEIO 13 Cascade B Sets the cascade connection B for the FSO module For each FSO module in cascade B the digital input connected to the safety function is also internally connected to the corresponding digital output of the FSO module digital input digital output See section Cascade on page...

Page 314: ...22 Safety relay 1 feedback Sets the digital feedback input of safety relay 1 Parameter SAFEIO 23 Safety relay 1 feedback type sets the type of the feedback input None None No input connected DI X113 1 Single input X113 1 DI X113 2 Single input X113 2 DI X113 3 Single input X113 3 DI X113 4 Single input X113 4 DI X114 1 Single input X114 1 DI X114 2 Single input X114 2 DI X114 3 Single input X114 3...

Page 315: ...nput X114 1 DI X114 2 Single input X114 2 DI X114 3 Single input X114 3 DI X114 4 Single input X114 4 SAFEIO 26 Safety relay 2 feedback type Sets the type of the feedback signal for safety relay 2 Note The feedback delay is 800 ms for both feedback types that is a feedback signal from the safety relay must be received within 800 ms Mechanicall y linked NC contacts Mechanically linked NC contacts F...

Page 316: ...ff Diagnostic pulse off On Diagnostic pulse on SAFEIO 38 DI X114 2 diag pulse on off Sets the diagnostic pulse of digital input X114 2 on or off On Off Diagnostic pulse off On Diagnostic pulse on SAFEIO 39 DI X114 3 diag pulse on off Sets the diagnostic pulse of digital input X114 3 on or off On Off Diagnostic pulse off On Diagnostic pulse on SAFEIO 40 DI X114 4 diag pulse on off Sets the diagnost...

Page 317: ...ut X114 9 on or off On Off Diagnostic pulse off On Diagnostic pulse on SAFEIO 71 DO X113 7 logic state Sets the logic state of digital output X113 7 Active low Active low Active state of the output is low voltage Active high Active state of the output is high voltage SAFEIO 72 DO X113 8 logic state Sets the logic state of digital output X113 8 Active low Active low Active state of the output is lo...

Page 318: ...assivation Sets the type of the event that the FSO module generates when the FSO module is passivated due to safety fieldbus problems Fault None No event generated Fault Fault generated Warning Warning generated Event Pure event generated 41 PROFIsafe Parameters for PROFIsafe PROFIsafe 11 PROFIsafe F_Dest_Add Sets the PROFIsafe destination address that is the address of the FENA adapter module in ...

Page 319: ... FSO module The FSO module reads the source data from the drive via communication channel 2 and calculates the speed estimate 2 using the data 0 00 rpm Speed FbEq16 1 1 rpm FbEq32 100 1 rpm 200 03 FSO DI status Shows the states of the FSO digital inputs 200 04 FSO DO status Shows the states of the FSO digital outputs Bit Name Values 0 Input X113 1 0 Off 1 On 1 Input X113 2 0 Off 1 On 2 Input X113 ...

Page 320: ...request 0 Off 1 On 3 Reserved 4 SAR0 request 0 Off 1 On 5 SAR1 request 0 Off 1 On 6 Reserved 7 Reserved 8 Reserved 9 Reserved 10 SLS1 request 0 Off 1 On 11 SLS2 request 0 Off 1 On 12 SLS3 request 0 Off 1 On 13 SLS4 request 0 Off 1 On 14 Reserved 15 Reserved Bit Name Values 0 Reserved 1 CRC request 0 Off 1 On 2 FSO brake 0 Off 1 On 3 Variable SLS request 0 Off 1 On 4 SS1 modoff allowed 0 Off 1 On 5...

Page 321: ... safe mode 4 Configuration mode 1 FSO mode bit 2 2 FSO mode bit 3 3 FSO state bit 1 0 Safe state 1 Operational state 4 FSO state bit 2 5 FSO STO active 0 Off 1 On 6 Brake state 0 Off 1 On 7 POUS monitoring 0 Off 1 On 8 SSE monitoring 0 Off 1 On 9 SS1 monitoring 0 Off 1 On 10 Reserved 11 SAR0 monitoring 0 Off 1 On 12 SAR1 monitoring 0 Off 1 On 13 Reserved 14 Reserved 15 Reserved ...

Page 322: ...Name Values 0 Reserved 1 SLS1 monitoring 0 Off 1 On 2 SLS2 monitoring 0 Off 1 On 3 SLS3 monitoring 0 Off 1 On 4 SLS4 monitoring 0 Off 1 On 5 Reserved 6 Reserved 7 Reserved 8 Reserved 9 Reserved 10 Reserved 11 Reserved 12 SMS monitoring 0 Off 1 On 13 Reserved 14 var SLS monitoring 0 Off 1 On 15 Reserved ...

Page 323: ...pping 6 Faulted 1 Drive status bit 2 2 Drive status bit 3 3 Drive status bit 4 4 Reserved 5 Reserved 6 Modulation Drive modulation on or off 0 Off 1 On 7 STO circuit 1 State of drive STO circuit 1 0 Off 1 On 8 STO circuit 2 State of drive STO circuit 2 0 Off 1 On 9 SS1 active State on the drive side 0 Off 1 On 10 Reserved 11 SAR0 active 0 Off 1 On 12 SAR1 active 0 Off 1 On 13 Reserved 14 Reserved ...

Page 324: ... 1 SLS1 active State on the drive side 0 Off 1 On 2 SLS2 active 0 Off 1 On 3 SLS3 active 0 Off 1 On 4 SLS4 active 0 Off 1 On 5 Reserved 6 Reserved 7 Reserved 8 Drive brake state State of the drive operational brake 0 Off 1 On 9 STO 1 diag The drive has noticed an STO diagnos tic pulse on cir cuit 1 or 2 0 1 10 STO 2 diag 0 1 11 15 Reserved ...

Page 325: ...ct manuals WARNING Until all the safety functionality is validated the system must not be considered safe Note The safety of the machine users must be ensured in each phase of the application life cycle eg commissioning start up maintenance etc Checks Before starting the system for the first time make sure that the installation has been checked according to the individual product checklists drive ...

Page 326: ...326 Start up ...

Page 327: ... for the system in the safety requirements specification phase The most convenient way to verify the required SIL PL level reached with the implemented system is to use a specific safety calculator software Purpose of the validation testing The purpose of the validation testing is to verify that the safety functions which are used in the safety system operate as required in the application and tha...

Page 328: ...he required safety functions has been appropriately verified and validated It is necessary to validate first the general settings of the FSO module before the validation of the safety functions Always configure and validate the STO and SSE functions An internal monitoring of the FSO module can trigger the STO or SSE function even if you have not defined an external request signal for them WARNING ...

Page 329: ... safety functions that are used in the safety application a list of all safety related parameters and their values the drive STO has no safety related parameters but listing the non safety related parameter 31 22 STO indication run stop and its setting is recommended documentation of start up activities references to failure reports and resolution of failures the test results for each safety funct...

Page 330: ...s parameter 51 21 or 54 21 must be set to Enabled 0 to enable sending of the PROFIsafe diagnosis messages 5 Make sure that the PROFIsafe watchdog time for the fieldbus module that is configured in the controller station is calculated as specified in section Calculating the watchdog time on page 163 6 Make sure that the PROFIsafe address F_Dest_Add of the FSO module is unique in the network and the...

Page 331: ... manual or automatic acknowledgement 3 Activate the safety function for example through PROFIsafe or by an activating safety switch 4 Verify that the desired functionality takes place and the system behaves safely according the requirements of the risk assessment 5 Document the test results to the validation test report 6 Sign and file the validation test report Validation of redundant inputs If s...

Page 332: ...in the application the related diagnostic functions must also be verified Validation of the general settings Make sure that the general settings of the safety functions are configured correctly according to your design For a configuration example see section Configuring general settings on page 224 Check the values of these parameters FSOGEN 41 Power up acknowledgement FSOGEN 42 Acknowledgement bu...

Page 333: ...and that the STO function cannot be acknowledged before the motor shaft has stopped The only exception to this is when STO 13 Restart delay after STO has been set shorter than STO 14 delay time In that case the fly start of the motor is possible To validate the STO function 1 Make sure that the input for the STO function is configured according to the wiring diagram 2 Make sure that the output to ...

Page 334: ...e drive STO correctly 10 a If manual acknowledgement or safebus acknowledgement is in use Verify by trying to acknowledge the function that it is not possible before the motor speed is low enough With safe speed estimation Acknowledgement is not possible before coast time defined by parameter STO 14 Time to zero speed with STO and modoff If fly start is allowed acknowledgement is not possible befo...

Page 335: ... delay SBC 13 SBC time to zero speed SBC 21 SBC output SBC 22 SBC feedback action SAFEIO 22 Safety relay 1 feedback SAFEIO 23 Safety relay 1 feedback type 3 Check that the drive STO and the SBC are activated correctly based on your application needs a When positive STO SBC delay SBC 12 is used Check that the drive STO is activated first and the SBC after the delay has elapsed b When SBC 12 STO SBC...

Page 336: ...Safety relay 1 feedback SAFEIO 23 Safety relay 1 feedback type 3 Check that the drive STO and the SBC are activated correctly based on your application needs 4 Check that the brake is activated at the correct speed a When SBC 12 STO SBC delay is 0 ms or greater check that the SBC and drive STO is activated at the same time at the speed limit b When a negative SBC 12 STO SBC delay is used Check tha...

Page 337: ...iggers the SSE Validation of the SSE with immediate STO function with safe speed estimation 1 Make sure that the input for the SSE function is configured according to the wiring diagram 2 Make sure that the SSE function is configured correctly according to your design For a configuration example see chapter How to configure SSE with immediate STO on page 248 Check these settings Activation SSE 11 ...

Page 338: ...SE function is configured according to the wiring diagram 2 Make sure that the SSE function and SAR0 setting or time monitoring limit is configured correctly according to your design For a configuration example see section How to configure SSE with time monitoring on page 250 or How to configure SSE with ramp monitoring on page 251 Check these settings Activation SSE 11 SSE input A SSE 12 SSE inpu...

Page 339: ...With safe speed estimation FSOGEN 51 Zero speed without encoder b If automatic acknowledgement is in use Verify that the function is not acknowledged before the motor is in safe state see the conditions above 8 Make sure that the motor speed decelerates as expected and the FSO does not trip to the monitoring limit ramp or time 9 Start the drive and accelerate the motor to the maximum speed of the ...

Page 340: ...m the PROFIsafe Acknowledgement STO 02 STO acknowledgement FSOGEN 42 Acknowledgement button input if manual acknowledgement is used Functionality SS1 01 SS1 activity and version Version 1 SS1 15 SS1 r ramp zero speed delay for STO if used 200 202 SAR speed scaling 200 112 SAR1 ramp time to zero drive parameter 23 23 emergency stop time if 200 112 0 ms if with safe speed estimation FSOGEN 51 Zero s...

Page 341: ... 51 Zero speed without encoder OR b If automatic acknowledgement is in use Verify that the function is not acknowledged before the motor speed is low enough See the conditions above 8 Make sure that the motor speed decelerates as it is designed and the FSO module does not trip to the monitoring limit ramp or time 9 After the motor is in safe state and the function is acknlowledged start the drive ...

Page 342: ...ersion SLSx 11 SLS1 input A SLSx 12 SLS1 input B only for SLS1 Functionality for the SLS function 200 22 SLS1 limit negative 200 23 SLS1 limit positive SLSx 13 SLS1 trip limit negative SLSx 14 SLS1 trip limit positive Acknowledgement SLSx 02 SLS acknowledgement FSOGEN 42 Acknowledgement button input if manual acknowledgement is used Functionality a with ramp monitoring SLSx 03 SLS activation monit...

Page 343: ...ed references that are higher than the SLS limit 5 Make sure that the SLS indication output SLSx 15 or SLSx 16 indicates safe speed when motor speed is within SLS limits 6 Deactivate the SLS function Make sure that the SLS indication SLSx 15 or SLSx 16 goes off and the drive runs the motor according to the given user reference outside the SLS speed limits Note If the SLS function can be activated ...

Page 344: ...n Functionality for the SLS function 200 52 SLS4 limit negative 200 53 SLS4 limit positive SLSx 42 SLS4 trip limit negative SLSx 43 SLS4 trip limit positive Acknowledgement SLSx 02 SLS acknowledgement FSOGEN 42 Acknowledgement button input if manual acknowledgement is used Functionality for the deceleration ramp a with ramp monitoring SLSx 03 SLS activation monitoring method Ramp 200 202 SAR speed...

Page 345: ...Make sure that the deceleration ramp operates as required and no tripping fault occurs during the deceleration and that the reference SLS4 limits 100 scaling are set according to the application requirements 9 Make sure that SLSx 51 Variable SLS output indicates safe speed when motor speed is within the scaled variable SLS limits 10 Deactivate variable SLS function Make sure that the variable SLS ...

Page 346: ...t in practice 2 Make sure that you can ran and stop the motor freely 3 Start the drive and accelerate to a speed higher than SMS 14 SMS trip limit positive 4 Makes sure that the FSO module detects the over speed and activates the SSE function 5 Make sure that the SSE is configured according to the application safety requirements 6 Make sure that the acknowledgement of the SSE function is only poss...

Page 347: ...the motor speed to the required limit by the application Try to give a speed reference higher than the limit Make sure that the drive does not follow speed reference if it is higher than the SMS limit Repeat the test for both SMS limits if in use in the application 5 Make sure that also SMS trip limits 200 72 200 73 are set according to the application requirements This procedure does not test the...

Page 348: ...d Functionality POUS 13 POUS delay for completion Indication POUS 21 POUS output POUS 22 POUS completed output 6 Make sure that the motor is stopped 7 Activate the POUS function 8 Make sure that you cannot start the drive 9 Make sure that POUS output POUS 21 activates immediately when POUS function is requested according to the system design 10 Make sure that the POUS indication lamp goes on accor...

Page 349: ...ings Master FSO SAFEIO 11 M F mode for cascade SAFEIO 12 Cascade A STO 02 STO acknowledgement automatic SSE 11 SSE input A SSE 12 SSE input B SSE 21 SSE output FSOGEN 42 Acknowledgement button input Follower FSO modules check the settings in each follower FSO module in the cascade chain SAFEIO 11 M F mode for cascade STO 02 STO acknowledgement Automatic SSE 11 SSE input A or SSE 12 SSE input B SSE...

Page 350: ...en the proof test interval has elapsed the safety system has to be tested and restored to an as new condition The proof test must also be part of the regular maintenance plan For some of the components electronics the proof test interval is the same as the expected life time of the system A specific safety calculator software can assist in determining the requirements for the proof tests Residual ...

Page 351: ...s Each table is sorted by warning fault code Status LEDs The status LEDs are situated on the front of the FSO module The table below describes the status LED indications LED LED off LED lit and steady LED blinking POWER No power Green Power to the FSO is on RUN FSO is in the Fail safe mode and Safe state STO activated Green FSO is in the Operational or Safe state Green FSO is in the Configuration ...

Page 352: ...t defines the event type for the limit hits of SLS1 SLS4 Variable SLS and SMS functions ramp monitoring and time monitoring of the safety ramps SAR0 and SAR1 Parameter SBUSGEN 10 STO indication passivation defines the event type for the FSO module passivation due to safety fieldbus problems Event code decoding with Drive composer Pro tool Check the reason for the event from the event log of the Dr...

Page 353: ...heck that transient mute time values are defined properly FSOGEN 31 2 3 7A92 FSO out of eme ramp Motor speed was not inside the ramp window during the SSE function Make sure that the drive can decelerate the load using the ramp time 200 102 SAR0 ramp time to zero 2 7A93 FSO ramp coasted Drive coasted the motor to stop instead of using the ramp Check that the FSO module speed limit for stopping the...

Page 354: ...le received an external STO request 1 A7D5 FSO communication fault Fault in FSO communication Check all connections 4 3 A7D6 FSO safety fieldbus fault Fault in FSO safety fieldbus communication Check all connections 4 3 A7D7 FSO configuration fault Fault in FSO configuration Check the FSO module parameter settings using Drive composer pro 4 A7D9 FSO encoderless fault Speed estimates differ too muc...

Page 355: ... ramp window during the SS1 function Make sure that the drive can decelerate the load using the ramp time 200 112 SAR1 ramp time to zero 2 AA97 FSO POUS request FSO module received an external POUS request and activated POUS AA99 FSO passivated FSO module was passivated due to safety fieldbus problems Check the fieldbus connection and fieldbus controller for passivation cause 5 AAA1 FSO STO reques...

Page 356: ...p time 200 102 SAR0 ramp time to zero 2 AAAA FSO SAR1 hit FSO module detected an SAR1 limit violation Make sure that the drive can decelerate the load using the ramp time 200 112 SAR1 ramp time to zero 2 AAB2 FSO ramp time hit FSO module detected a violation of a time monitored ramp Make sure that the drive can decelerate the load within the time defined for ramp time monitoring Check the drive ra...

Page 357: ...O stop completed FSO module has completed the STO SS1 or SSE function 1 BA91 FSO safe speed limit Motor actual speed exceeded an SLS1 4 or SMS limit of the FSO module Check the drive 2 3 BA92 FSO out of eme ramp Motor speed was not inside the ramp window during the SSE function Make sure that the drive can decelerate the load using the ramp time 200 102 SAR0 ramp time to zero 2 BA93 FSO ramp coast...

Page 358: ...s are defined properly Check that transient mute time values are defined properly FSOGEN 31 2 BAA7 FSO SLS4 hit FSO module detected an SLS4 speed limit violation Make sure that SLS trip limits are defined properly Check that transient mute time values are defined properly FSOGEN 31 2 BAA8 FSO SMS hit FSO module detected an SMS speed limit violation Make sure that SMS trip limits are defined proper...

Page 359: ... ramp Make sure that the drive can decelerate the load within the time defined for ramp time monitoring Check the drive ramp time settings Check that the drive can in fact accomplish the deceleration along the ramp defined Make sure that the limit for ramp time monitoring of the FSO module exceeds the actual drive ramp time The parameter varies depending on the safety function For the SS1 function...

Page 360: ... 61 Fault Warning Event STO function STO request AAA1 FSO STO request warning 1 AAA1 FSO STO request BAA1 FSO STO request STO completed 7A90 FSO stop completed AA90 FSO stop completed BA90 FSO stop completed SS1 function SS1 request AAA3 FSO SS1 request warning 1 AAA3 FSO SS1 request BAA3 FSO SS1 request SS1 completed 7A90 FSO stop completed AA90 FSO stop completed BA90 FSO stop completed SSE func...

Page 361: ...MS hit warning 1 AAA8 FSO SMS hit BAA8 FSO SMS hit System at safe state 7A91 FSO safe speed limit AA91 FSO safe speed limit BA91 FSO safe speed limit SAR0 SAR0 limit hit AAA9 FSO SAR0 hit warning 1 AAA9 FSO SAR0 hit BAA9 FSO SAR0 hit System at safe state 7A92 FSO out of eme ramp AA92 FSO out of eme ramp BA92 FSO out of eme ramp SAR1 SAR1 limit hit AAAA FSO SAR1 hit warning 1 AAAA FSO SAR1 hit BAAA...

Page 362: ...help in finding the problem See the tips in the Drive Composer PC tool for more information on the auxiliary codes Reporting problems and failures If you detect any failure in the safety module or safety functions always contact your local ABB representative Zero speed hit Zero speed hit AAB3 FSO zero spd hit warning 1 AAB3 FSO zero spd hit BAB3 FSO zero spd hit System at safe state 7A92 FSO out o...

Page 363: ...and chapter Safety instructions in the drive hardware manual If you ignore them injury or death or damage to the equipment can occur Planning All maintenance and the repair actions on a safety critical system are safety critical You must plan and perform them accordingly Tools You need the Drive composer pro PC tool to perform the maintenance procedures FSO module replacement If the FSO module fai...

Page 364: ...ly to the FSO 5 Remove the wiring and the FSO module 6 Mark clearly on the FSO module that it is decommissioned 7 Install the new FSO module and wiring according to chapter Installation 8 Download the FSO parameters from the Drive composer pro PC tool to the FSO according to chapter Configuration 9 If you are updating the module from revision G or earlier to H or later revision there are new param...

Page 365: ...y voltage supply to the FSO 5 Remove the wiring and the FSO module 6 Install the new drive See the drive hardware manual 7 Install the FSO module and wiring to the new drive according to chapter Installation 13 Download the FSO parameters from the Drive composer pro PC tool to the FSO according to chapter Configuration 8 Perform the start up procedure according to chapter Start up 9 Perform the va...

Page 366: ...composer pro PC tool and save the safety file 3 Update the firmware of the drive 4 Download the FSO parameters from the Drive composer pro PC tool to the FSO according to chapter Configuration 5 Perform the start up procedure according to chapter Start up 6 Perform the validation procedure for each safety function according to chapter Verification and validation Note The STO function is the basic ...

Page 367: ...ions in FENA 01 11 21 Ethernet adapter module user s manual 3AUA0000093568 English 4 Assign the device name for the FENA module from the safety PLC see section Configuring the ABB AC500 S Safety PLC on page 167 or section Configuring the Siemens SIMATIC Fail safe S7 PLC on page 179 5 Perform the start up procedure according to chapter Start up 6 Perform the validation procedure for the PROFIsafe c...

Page 368: ...neath with for example a pen until the LEDs start to blink about 5 seconds This returns the factory settings parameters including the password to the FSO 1 Reconfigure the safety functions with the Drive composer pro PC tool To be able to restart the drive make sure that at least these parameters are set to suitable values according to your application 2 Specify a new password with the tool Parame...

Page 369: ...If periodic proof testing is necessary based on the safety calculations you must include proof tests in the maintenance plan and perform them periodically See also section Proof test intervals during operation on page 350 Note The person responsible for the design of the complete safety function should also note the Recommendation of Use CNB M 11 050 published by the European co ordination of Noti...

Page 370: ...e drive hardware manual If you ignore them injury or death or damage to the equipment can occur When you decommission the FSO module make sure that the safety of the machine is maintained until the decommissioning is complete Mark clearly on the module that it is decommissioned If you use the SMS function version 2 see the Note on page 131 ...

Page 371: ...IEC 61131 2 Supply voltage 24 3 V DC SELV PELV Current consumption Maximum 1000 mA external power supply Inputs 4 redundant or 8 single or combinations of redundant and single 24 V DC NPN Maximum time delay between redundant input channels 300 ms Outputs 3 redundant or 6 single or combinations of redundant and single 24 V DC PNP EMC Complies with EMC standards EN 61800 3 2004 and IEC 61000 6 7 201...

Page 372: ...or size Tightening torque Solid or stranded Stranded ferrule without plastic sleeve Stranded ferrule with plastic sleeve Min Max Min Max Min Max Min Max Min Max Min Max mm2 AWG mm2 AWG mm2 AWG N m lbf in 0 14 1 5 26 16 0 25 1 5 23 16 0 25 0 5 23 21 0 24 2 1 Conductor size two conductors with the same cross section Tightening torque Solid Stranded Stranded ferrules without plastic sleeve Stranded T...

Page 373: ...practices routing shielding supporting strain relief Data cable Use only the data cable included in the delivery Image No Description Torque 1 Grounding screw FSO module electronics 1 2 N m 10 6 lbf in Screws that attach mounting plate to FSO module 4 pcs On the back 0 96 N m 8 5 lbf in 3 Screw that grounds the mounting plate to drive metal to metal 1 2 N m 10 6 lbf in 4 Screws that attach the mou...

Page 374: ...t above sea level no derating required 1000 2000 m 3300 6600 ft above sea level air outside the module derated to 15 49 C 5 120 F 2000 4000 m 6600 13200 ft above sea level air outside the module derated to 15 40 C 5 104 F Air temperature 15 70 C 5 158 F 40 70 C 40 158 F 40 70 C 40 158 F Relative humidity 5 95 no condensation allowed If corrosive gases are present the maximum allowed humidity is 60...

Page 375: ...SS1 functions activated Atmospheric pressure 70 to 106 kPa Stopping functions STO Safe torque off SBC Safe brake control SS1 Safe stop 1 SSE Safe stop emergency Speed related functions SLS Safely limited speed Variable SLS Variable Safely limited speed SMS Safe maximum speed SAR Safe acceleration range SAR is used only for deceleration with SS1 SSE and SLS and Variable SLS functions Other POUS Pre...

Page 376: ...ment subsystem SMS function SMS function utilizes only FSO s subsystems Speed Measurement Logic 2 and STO output SMS function is not controlled by inputs and it does not control any outputs Functions which monitor the ramp speed eg Emergency stop function These functions do not contain the Speed measurement subsystem as the speed monitoring is implementing diagnostics not the actual safety functio...

Page 377: ...puts of the FSO module are not included in the calculations either Sensors input devices and possible additional actuators For the safety data see the manufacturer s documentation After calculating the total PFDavg PFH for the safety function it must be verified that the PFDavg PFH of the safety function fulfills the requirement for the targeted SIL PL ...

Page 378: ... no pulses 2 ch DI no pulses Logic 1 1 ch DI or DO no pulses2 Logic 2 other cases2 SIL SILCL 3 3 3 2 3 1 3 PL e d e c e c e PFH 1 h 1 0E 09 5 1E 10 1 8E 12 9 0E 09 2 3E 12 4 5E 09 4 4E 11 PFDavg T1 2 a 8 8E 06 4 8E 06 2 4E 08 7 9E 05 2 8E 08 5 2E 05 4 1E 07 PFDavg T1 5 a 2 2E 05 1 2 E5 4 8E 08 2 0E 04 5 8E 08 1 3E 04 9 9E 07 MTTFD a 114155 17844 12648 12648 12648 5048 5048 HFT N A 0 1 0 1 0 1 Cat ...

Page 379: ...of the feedback in other words the data for the input to which the status indication is connected 1 ch DO pulses 2 ch DO pulses 1 ch DO no pulses 1 2 ch DO no pulses STO output Safespeed est SIL SILCL 3 3 1 3 3 3 PL d e c e e e PFH 1 h 3 1E 09 1 3E 11 6 2E 08 1 4E 11 1 8E 11 6 6E 09 PFDavg T1 2 a 3 0E 05 1 7E 07 5 5E 04 1 8E 07 2 5E 07 4 9E 05 PFDavg T1 5 a 7 1E 05 3 4E 07 1 4E 03 3 6E 07 4 8E 07 ...

Page 380: ... 04 1 7E 03 92 26 0 1 613 68 57 97 1 c 2 channel pulsed DI Logic 2 STO output 2 channel pulsed output 7 7E 11 8 5E 07 1 9E 06 99 60 1 3 613 68 97 93 3 e 2 channel non pulsed DI Logic 2 STO output 2 channel non pulsed output 7 8E 11 8 6E 07 1 9E 06 99 59 1 3 613 68 97 90 3 e SLS with a safe status output Safe speed estimate 1 channel pulsed DI Logic 2 STO output 1 channel pulsed output 1 0E 08 8 5E...

Page 381: ...h channel is separate and independent of the other channel The relevant failure mode of the diagnostics is that due to a random hardware fault in the diagnostic system the fault reaction is not performed while a detectable fault in the safety function is present Conservative estimates for the probabilities of a dangerous random hardware failure of the diagnostics when proof test interval is 20 yea...

Page 382: ...e time from FSO s STO activation to the cascade output activation Maximum 35 ms from the cascade input to the cascade output activation Maximum 35 ms If the STO is cascaded safety function response time for the cascaded units is n 1 x 35 ms 100 ms where n is the number of cascaded FSO modules PROFIsafe Worst case delay time WCDT 54 ms FSO and FENA combination Device acknowledgement time DAT 54 ms ...

Page 383: ... of torque Drive 1 35 ms STO request through cascading Drive 2 DO activation for cascading Drive 2 Removal of torque Drive 2 STO request from through cascading Drive 3 DO activation for cascading Drive 3 Removal of torque Drive 3 35 100 170 ms 0 ms 135 70 70 ms 135 ms 105 ms 100 ms 170 ms 70 ms Up to six drives ...

Page 384: ...of machinery Safety related parts of control systems Part 1 General principles for design EN ISO 13849 2 2012 Safety of machinery Safety related parts of control systems Part 2 Validation IEC 61800 3 2004 Adjustable Speed Electrical Power Drive Systems Part 3 EMC requirements and specific test methods IEC 61326 3 2 2008 Electrical equipment for measurement control and laboratory use EMC requiremen...

Page 385: ...wings 385 17 Dimension drawings The dimension drawings of the FSO 12 module with two different bottom plates for different drive control unit types are shown below The dimensions are given in millimeters and inches ...

Page 386: ...386 Dimension drawings ...

Page 387: ...ce contacts can be found by navigating to abb com searchchannels Product training For information on ABB product training navigate to new abb com service training Providing feedback on ABB Drives manuals Your comments on our manuals are welcome Navigate to new abb com drives manuals feedback form Document library on the Internet You can find manuals and other product documents in PDF format on the...

Page 388: ...abb com Copyright 2020 ABB All rights reserved Specifications subject to change without notice 3AXD50000015612 Rev H EN 2020 07 24 ...

Reviews:

No comments

Related manuals for FSO-12

Relion 670 series

Brand: ABB Pages: 760

Brand: ABB Pages: 128

Brand: Access Pages: 12

Brand: Lawler Pages: 6

Brand: Data Aire Pages: 28

Brand: UCS Pages: 4

Brand: Saga Pages: 9

Brand: Dahua Pages: 137

Brand: Abocom Pages: 10

Cutler-Hammer Jockey

Brand: Eaton Pages: 12

Brand: Fagor Pages: 8

Brand: ICP DAS USA Pages: 7

Brand: FUTABA Pages: 16

Brand: Weidmüller Pages: 18

Brand: tams elektronik Pages: 20

MAXinBOX 24 ZIO-MB24

Brand: Zennio Pages: 24

Brand: Hach Pages: 504

ECOFRIDGE DISPLAY

Brand: HULTSTEINS Pages: 16

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands