Banner SC26-2 Series Instruction Manual Download

Page: 68 / 117

6.3.1 Safety Circuit Integrity and ISO 13849-1 Safety Circuit Principles

Safety circuits involve the safety-related functions of a machine that minimize the level of risk of harm. These safety-

related functions can prevent initiation, or they can stop or remove a hazard. The failure of a safety-related function or its

associated safety circuit usually results in an increased risk of harm.

The integrity of a safety circuit depends on several factors, including fault tolerance, risk reduction, reliable and well-tried

components, well-tried safety principles, and other design considerations.

Depending on the level of risk associated with the machine or its operation, an appropriate level of safety circuit integrity

(performance) must be incorporated into its design. Standards that detail safety performance levels include ANSI B11.19

Performance Criteria for Safeguarding and ISO 13849-1 Safety-Related Parts of a Control System.

Safety Circuit Integrity Levels

Safety circuits in International and European standards have been segmented into Categories and Performance Levels,

depending on their ability to maintain their integrity in the event of a failure and the statistical likelihood of that failure.

ISO 13849-1 details safety circuit integrity by describing circuit architecture/structure (Categories) and the required

performance level (PL) of safety functions under foreseeable conditions.

In the United States, the typical level of safety circuit integrity has been called "Control Reliability". Control Reliability

typically incorporates redundant control and self-checking circuitry and has been loosely equated to ISO 13849-1 Category

3 or 4 and/or Performance Level “d” or “e” (see ANSI B11.19).

Perform a risk assessment to ensure appropriate application, interfacing/hookup, and risk reduction (see ANSI B11.0 or

ISO 12100). The risk assessment must be performed to determine the appropriate safety circuit integrity in order to

ensure that the expected risk reduction is achieved. This risk assessment must take into account all local regulations and

relevant standards, such as U.S. Control Reliability or European "C" level standards.

The safety controller inputs support up to Category 4 PL e (ISO 13849-1) and Safety Integrity Level 3 (IEC 61508 and IEC

62061) interfacing/hookup. The actual safety circuit integrity level is dependent on the configuration, proper installation of

external circuitry, and the type and installation of the safety input devices. The user is responsible for the determination of

the overall safety rating(s) and full compliance with all applicable regulations and standards.

The following sections deal only with Category 2, Category 3, and Category 4 applications, as described in ISO 13849-1.

The input device circuits shown in the table below are commonly used in safeguarding applications, though other solutions

are possible depending on fault exclusion and the risk assessment. The table below shows the input device circuits and the

safety category level that is possible if all of the fault detection and fault exclusion requirements are met.

WARNING: Risk Assesment

The level of safety circuit integrity can be greatly affected by the design and installation of the safety

devices and the means of interfacing of those devices. A risk assessment must be performed to

determine the appropriate level of safety circuit integrity to ensure the expected risk

reduction is achieved and all relevant regulations and standards are complied with.

WARNING: Input Devices with dual contact inputs using 2 or 3 terminals

Detection of a short between two input channels (contact inputs, but not complementary contacts) is

not possible, if the two contacts are closed. A short can be detected when the input is in the Stop state

for at least 2 seconds (see the INx & IOx input terminals Tip in

Safety Input Device Function

page 71).

WARNING: Category 2 or 3 Input Shorts

Detection of a short between two input channels (contact inputs, but not complementary

contacts), if they are supplied through the same source (for example, the same terminal from the

Controller in a dual-channel, 3-terminal hookup, or from an external 24 V supply) is not possible, if the

two contacts are closed.

Such a short can be detected only when both of the contacts are open and the short is

present for at least 2 seconds.

XS/SC26-2 Safety Controller

Summary of Contents for SC26-2 Series

Page 1: ...XS SC26 2 Safety Controller Instruction Manual Original Instructions 174868 Rev E 20 June 2014 174868 ...

Page 2: ...dding Inputs and Status Outputs 19 4 7 1 Adding Safety and Non Safety Inputs 19 4 7 2 Adding Status Outputs 21 4 8 Functional View 23 4 8 1 Logic Blocks 24 4 8 2 Function Blocks 26 4 8 3 Error Codes 43 4 9 Designing the Control Logic 44 4 10 Industrial Ethernet 45 4 10 1 Network Settings 46 4 10 2 EtherNet IP Input Assembly Objects 47 4 10 3 Industrial Ethernet Table Row and Column Descriptions 47...

Page 3: ...ckouts 97 7 2 Commissioning Checkout Procedure 97 7 2 1 Verifying System Operation 97 7 2 2 Initial Setup Commissioning and Periodic Checkout Procedures 98 8 Operating Instructions 103 8 1 LED Status 103 8 2 Live Mode Information PC Interface 103 8 3 Live Mode Information Onboard Interface 103 8 4 Lockout Conditions 104 9 Troubleshooting 105 9 1 PC Interface Troubleshooting 105 9 1 1 Verifying Dri...

Page 4: ...tatements are intended to inform the machine designer and manufacturer the end user and maintenance personnel how to avoid misapplication and effectively apply the XS SC26 2 Safety Controllers to meet the various safeguarding application requirements These individuals are responsible to read and abide by these statements 1 2 EC Declaration of Conformity DOC Banner Engineering Corp herewith declare...

Page 5: ...81 8363 2714 or 01 800 BANNERE toll free Website www bannerengineering com mx Email mexico bannerengineering com Brazil Address Banner do Brasil Rua Barão de Teffé nº 1000 sala 54 Campos Elíseos Jundiaí SP CEP 13208 761 Brasil Phone 1 763 544 3164 Website www bannerengineering com br Email brasil bannerengineering com China Address Banner Engineering Shanghai Rep Office Xinlian Scientific Research...

Page 6: ...eady to solve the machine safety challenges before purchasing any hardware The following terms are used in this manual XS SC26 2 Safety Controllers formal name of the product line Safety Controller an abbreviated version referring to the entire XS SC26 2 Safety Controller system Expandable Safety Controller refers to expandable models Base Controller refers to the main module in the XS SC26 2 Safe...

Page 7: ...verview on page 15 for details 2 4 USB Connections The micro USB port on the Base Controller is used to connect to the PC via the SC USB2 cable and the SC XM2 drive to read and write configurations created with the PC Interface 2 5 Ethernet Connections Ethernet connections are made using an Ethernet cable connected from the Ethernet port of the Base Safety Controller Ethernet models only to a netw...

Page 8: ...etect external device failures The Safety Controller has two independently controlled and redundant solid state Safety Outputs terminals SO1a SO1b and SO2a SO2b The controller s self checking algorithm ensures that the outputs turn On and Off at the appropriate times in response to the assigned input signals Each redundant solid state Safety Output is designed to work either in pairs or as two ind...

Page 9: ...atus Outputs Status Outputs and Virtual Status Outputs are not safety outputs and can fail in either the On or the Off state They must never be used to control any safety critical applications If a Status Output or a Virtual Status Output is used to control a safety critical application a failure to danger is possible and may lead to serious injury or death 2 8 Internal Logic The Safety Controller...

Page 10: ...sults before the configuration can be saved and used by the device Once confirmed the configuration can be sent to a Safety Controller or saved on a PC or an SC XM2 drive WARNING After confirming the configuration the Safety Controller operation must be fully tested commissioned before it can be used to control any hazards Failure to follow the commissioning process may lead to serious injury or d...

Page 11: ...h 200 μs max Rate 200 ms typical Certifications Non expandable models SC26 2xx Approvals pending Expandable models XS26 2xx Approvals pending Safety Inputs and Convertible I O when used as inputs Input On threshold 15 V dc guaranteed on 30 V dc max Input Off threshold 5 V dc and 2 mA 3 V dc min Input On current 5 mA typical at 24 V dc 50 mA peak contact cleaning current at 24 V dc Input lead resis...

Page 12: ...A 24 V 0 1 Hz Contact Ratings to preserve 5 μm AgNi gold plating Minimum Maximum Voltage 100 mV ac dc 60 V ac dc Current 1 mA 300 mA Power 1 mW 1 mVA 7 W 7 VA 3 2 Dimensions 110 4 3 129 5 1 45 1 8 Ethernet Port Micro USB Port Figure 3 Dimensions 3 3 PC Requirements Operating system Microsoft Windows XP Service Pack 3 Windows Vista Windows 7 or Windows 8 except Windows RT System type 32 bit 64 bit ...

Page 13: ...andable Safety Controller PC Interface can be downloaded from www bannerengineering com xs26 or installed from the optional Resource CD ordered separately Important Administrative rights are required to install the Safety Controller drivers needed for communication with the controller To install the software from the Banner Engineering website 1 Download the latest version of the software from www...

Page 14: ... of the Latch Reset Block and the Safety Outputs ME Mute Enable input node of the Muting Blocks and Two Hand Control Blocks MEx Mute Enable input MP1 First Muting Sensor Pair input node in Muting Blocks and Two Hand Control Blocks MP2 Second Muting Sensor Pair input node Muting Blocks only Mx Base Controller and Expansion modules in the order displayed on the Equipment view MRx Manual Reset input ...

Page 15: ...4 3 PC Interface Overview Figure 4 XS26 2 Expandable Safety Controller PC Interface XS SC26 2 Safety Controller 15 ...

Page 16: ...esentation of the control logic Wiring Diagram displays the I O device wiring detail for the use by the installer Ladder Logic displays a symbolic representation of the Controller s safeguarding logic for the use by the machine designer or controls engineer Industrial Ethernet when enabled displays editable network configuration options Configuration Summary displays a detailed configuration summa...

Page 17: ...ng a Configuration on page 53 The following steps are optional and may be used to aid with the system installation Modify the configuration access rights See Password Manager on page 53 View the Configuration Summary for the detailed device information and response times See Configuration Summary on page 51 Print the configuration views including the Configuration Summary and Network Settings See ...

Page 18: ...omized by either double clicking the module or selecting it and clicking Edit under the Properties table on the left and selecting the appropriate Controller features display Ethernet expandability The properties of Safety and Non Safety inputs Status Outputs Logic Blocks and Function Blocks are also configured by either double clicking the block or selecting it and clicking Edit under the Propert...

Page 19: ...inputs and Logic and Function Blocks can be moved around on the Functional View The Safety Outputs are statically positioned on the right side 4 7 1 Adding Safety and Non Safety Inputs 1 On the Equipment view click below the module which will have the input device connected the module and terminals can be changed from the input device Properties window or any of the placeholders on the Functional ...

Page 20: ...opriate for the selected input device Module the module to which the input device is connected I O Terminals the assignment of input terminals for the selected device on the selected module Enable Startup Test where applicable an optional precautionary safety input device test required after each power up Reset Options where applicable various reset options such as Manual Power Up System Reset and...

Page 21: ...ored where applicable 4 7 2 Adding Status Outputs 1 On the Equipment view click below the module which will have the status monitoring 2 Click Status Outputs to add status monitoring2 Figure 12 Status Outputs 3 Select appropriate Status Output settings 2 Status outputs can be configured when the state of an input device or an output needs to be communicated The IOx terminals are used for these sta...

Page 22: ...Figure 13 Status Output Properties Name Module I O where applicable Terminal Input or Output where applicable Signal Convention XS SC26 2 Safety Controller 22 ...

Page 23: ...reas Important The XS26 2 Expandable Safety Controller PC Interface is designed to assist in creating a valid configuration however the user is responsible for verifying the integrity safety and functionality of the configuration by following the Commissioning Checkout Procedure on page 97 On the Functional View you can Customize the look of the diagram by repositioning inputs Function Blocks and ...

Page 24: ... functional relationships between inputs outputs and other logic and function blocks Logic Blocks accept appropriate safety inputs non safety inputs or safety outputs as an input The state of the output reflects the Boolean logic result of the combination of the states of its inputs 1 On 0 Off x do not care CAUTION Inverted Logic It is not recommended to use Inverted Logic configurations in safety...

Page 25: ... Output is On when all inputs are Off XOR US EU Input 1 Input 2 Output 0 0 0 0 1 1 1 0 1 1 1 0 The output value is an exclusive OR of 2 to 5 inputs Output is On when only one exclusive input is On NOT US EU Input Output 0 1 1 0 Output is the opposite of the input RS Flip Flop Input 1 Set Input 2 Reset Output 0 0 Value remains the same 0 1 0 Reset 1 0 1 Set 1 1 0 Reset has priority This block is Re...

Page 26: ...e Run state Stop state convention instead of referring to a safety input device as being On 24 V dc or Off 0 V dc Bypass Block Default Nodes Additional Nodes Notes IN BP When the BP node is inactive the safety signal simply passes through the Bypass Block When the BP node is active the output of the block is On regardless of the state of the IN node The Bypass Block output turns Off when the bypas...

Page 27: ... of written procedures for specific tasks and the associated hazards The user must also address the possibility that an individual could bypass the safeguarding device and then either fail to reinstate the safeguarding or fail to notify other personnel of the bypassed condition of the safeguarding device both cases could result in an unsafe condition One possible method to prevent this is to devel...

Page 28: ...ch from On to Off and then back to On All On and Off delay time limits associated with the safety outputs that are controlled by the enabling device function are followed during the Enable mode Latch Reset Block Default Nodes Additional Nodes Notes IN LR RE The RE Reset Enable node can be used to enable or disable the Latch Reset function If the input devices connected to the IN node are all in th...

Page 29: ... based on the state of another output Represent the state of an output input safety function or logic block on another page When output SO2 is On the SO2 reference signal state is On or High The function block above shows reference signal SO2 connected to the Reset Enable node RE of Latch Reset Block LR1 LR1 can only be reset turned On when ES1 is in the Run state and SO2 is On Reference Signals M...

Page 30: ...equire a reset signal If OS1 switches to the Stop state without the valid mute conditions then the latch function block LR1 and mute function block M1 will turn SO1 Off A latch reset will be needed after OS1 changes to the Run state M0 OS1 M0 MR1 M0 MSP1 M0 SO1 Latch Reset Mute Function Figure 23 Timing Diagram Latch Reset Block and Muting Block Manual Reset Input and Latch Reset Block The Manual ...

Page 31: ... safeguarding must be provided Failure to do so may result in serious bodily injury or death Important Resetting a safeguard must not initiate hazardous motion Safe work procedures require a start up procedure to be followed and the individual performing the reset to verify that the entire hazardous area is clear of all personnel before each reset of the safeguard is performed If any area cannot b...

Page 32: ...trailing edge event Non monitored reset Requires only that the reset signal transitions from low 0 V dc to high 24 V dc and stays high for at least 0 3 seconds After the reset the reset signal can be either high or low This is called a leading edge event Muting Block Default Nodes Additional Nodes Notes IN MP1 MP2 ME BP Muting Sensor Pair input blocks must be connected directly to the Muting funct...

Page 33: ...s In this case one or more mute sensors must be activated while the safeguard is in the Stop state The normal Bypass is used to temporarily bypass the safeguarding device to keep on or turn on the output of the function block There are 2 types of Mute Bypass Mute Dependent Override Bypass normal Figure 25 Muting Block Bypass Override Mode Options Mute Dependent Override On or Off M0 OS1 M0 MSP1 1 ...

Page 34: ...clear Mute ends due to defined area going clear Note MO OS1 must be blocked before either MSP1 1 or MSP1 2 clears Note MO OS1 must be blocked before either MSP1 1 or MSP1 2 clears End Delay Timer M0 SO1 M0 OS1 Mute M0 ME1 M0 MSP1 1 M0 MSP1 2 3s 3s Mute ends due to Mute Delay timeout Mute ends due to Mute Delay timeout On or Off On or Off Figure 28 Timing Diagram One Way Muting Block One Muting Sen...

Page 35: ...1 2 Mute Function One Way 2 Sensor Pair On or Off On or Off Figure 29 Timing Diagram One Way Muting Block Two Muting Sensor Pairs Mute Function Two Way 1 Sensor Pair M0 SO1 M0 OS1 M0 MSP1 M0 ME1 On or Off Figure 30 Timing Diagram Two Way Muting Block One Muting Sensor Pair XS SC26 2 Safety Controller 35 ...

Page 36: ...ton is pressed switched to the Stop state SO1 will not turn Off This will result in a loss of safety control and may lead to a potential hazardous condition Proper E Stop Control The configuration to the right shows OS1 connected directly to the Mute block M1 M1 and ES1 are both inputs to AND A1 In this case both M1 and ES1 control SO1 If there is a an active mute cycle in progress and the E Stop ...

Page 37: ...ed for each muting operation The muting typically occurs 100 ms after the second mute sensor input has been satisfied One or two pairs of mute sensors can be mapped to one or more safety input devices so that their assigned safety outputs can remain On to complete the operation WARNING Muting Limitations Muting is allowed only during the non hazardous portion of the machine cycle A muting applicat...

Page 38: ...ended through the Mute status output Important Mute Status Indication Indication that the safety device is muted must be provided and be readily observable from the location of the muted safety device Operation of the indicator may need to be verified by the operator at suitable intervals Muting Time Limit The muting time limit allows the user to select a maximum period of time that muting is allo...

Page 39: ... devices to verify that their outputs turn ON within 3 seconds of each other If the inputs do not meet this simultaneity requirement a mute condition cannot occur Several types and combinations of mute devices can be used including but not limited to photoelectric sensors inductive proximity sensors limit switches positive driven safety switches and whisker switches Corner Mirrors Optical Safety S...

Page 40: ...has turn Off authority OS1 needs to be in the Run state before TC1 can turn the output of T1 SO1 On Two Hand Control Function Block M0 SO1 M0 TC1 M0 OS1 Figure 34 Timing Diagram Two Hand Control Block Two Hand Control Bypass Function Blocks The Two Hand Control actuators TC2 and the Bypass Switch BP1 need to be in the Run state and need to be the last devices in time to transition to the Run state...

Page 41: ...Control Block and Bypass Blocks with 1 Two Hand Control Input Two Hand Control Bypass Function Blocks The Bypass function can be used with the TC2 actuators to turn the Safety Output On When the TC1 actuators are not bypassed they must be used along with the TC2 actuators to turn the Safety Output On If the TC1 actuators and the Bypass switch are both in the Run state TI and SO1 cannot be turned O...

Page 42: ...ute sensors to keep the SO On after the TC1 and TC2 actua tors are in the Stop state Two Hand Control with Muting M0 ME1 M0 SO1 M0 TC1 M0 TC2 A2 Output M0 MSP1 Figure 39 Timing Diagram Two Hand Control Block with Muting Two Hand Control Activation on Power Up Protection The Controller s two hand control logic does not permit the assigned safety output to turn On when power is initially supplied wh...

Page 43: ...nd Rope Pull inputs cannot be connected to a Latch Reset Block that is connected to a Muting Block F 3 A Latch Reset Block that is connected to an Emergency Stop or a Rope Pull input cannot be connected to a Muting Block G 1 Only a Manual Reset input can be connected to the FR node of a Safety Output G 2 Only a Manual Reset input can be connected to the LR node of a Latch Reset Block or Safety Out...

Page 44: ...tputs on page 19 for more information and device properties 2 Add Logic and or Function Blocks see Logic Blocks on page 24 and Function Blocks on page 26 by clicking any of the empty placeholders in the middle area NOTE The response time of the Safety Outputs can increase if a large number of blocks are added to the configuration Use the function and logic blocks efficiently to achieve the optimum...

Page 45: ...o access the Industrial Ethernet view 1 Click Network Settings 2 Select Enable Network Interface 3 Adjust any settings if necessary see Network Settings on page 46 4 Click OK Use the Auto Configure function located on the Industrial Ethernet view of the PC Interface to automatically configure the Virtual Status Outputs to a set of commonly used functions based on the current configuration Click in...

Page 46: ... Name Factory Default Value IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Gateway Address Disabled Link Speed and Duplex Mode Auto Negotiate The Advanced option allows further configuration of Modbus and EtherNet IP settings such as Swap character bytes MSW and LSW sending precedence and String Length Type EtherNet IP and PCCC Click Send to write the network settings to the controller Network s...

Page 47: ...DINT Unsigned double integer 32 bits Word Bit string 16 bits Dword Bit string 32 bits String Two ASCII characters per Word see protocol based String information below Octet Reads as each byte translated to decimal separated by a dot Hex Reads as each nibble translated to hex paired and then separated by a space Fault Flag If the particular input or output being tracked causes a lockout a flag asso...

Page 48: ...so words read correctly While the string length is provided it is usually not required for Modbus TCP systems If string length is used for Modbus TCP the length format corresponds to the settings used for Ethernet IP Timestamp The time in seconds when the fault occurred since power up Virtual Status Output The reference designator associated with a particular Virtual Status Output for example VO10...

Page 49: ...fset 2 Name String String 6 Offset 4 Error Code WORD 1 Offset 10 Advanced Error Code WORD 1 Offset 11 Error Message Index WORD 1 Offset 12 Reserved WORD 2 Offset 13 System Information Type Length Words Starting Register Seconds since boot UDINT 2 382 Operating mode WORD 1 384 LengthOfConfigName DWORD 2 385 ConfigName String 8 387 Config CRC WORD 2 395 EtherNet IP Explicit Messages Fault Log Type L...

Page 50: ...t log entry 2 15 17 19 25 26 27 28 Fault log entry 3 30 32 34 40 41 42 43 Fault log entry 4 45 47 49 55 56 57 58 Fault log entry 5 60 62 64 70 71 72 73 Fault log entry 6 75 77 79 85 86 87 88 Fault log entry 7 90 92 94 100 101 102 103 Fault log entry 8 105 107 109 115 116 117 118 Fault log entry 9 120 122 124 130 131 132 133 Fault log entry 10 oldest 135 137 139 145 146 147 148 UDINT DWORD String W...

Page 51: ...guration Summary The Configuration Summary view displays the detailed information about all configured inputs Function and Logic Blocks Safety Outputs Status Outputs and the related Response Times in a text format XS SC26 2 Safety Controller 51 ...

Page 52: ...ns Equipment prints Equipment tab Functional View prints Functional View tab Wiring Diagram prints Wiring Diagram tab Ladder Logic prints Ladder Logic tab Configuration Summary Network Settings prints Configuration Summary and Network Settings when available Printing Options Print to PDF prints the selection to a PDF file stored in a user defined location Print opens the default Windows Print dial...

Page 53: ... passwords for devices with firmware version 1 5 and later for User1 User2 and User3 are 1901 1902 and 1903 respectively The default passwords for devices with firmware version 1 4 and earlier are 0000 1111 and 2222 It is highly recommended to change the default passwords to new values 4 14 Saving and Confirming a Configuration Saving a Configuration 1 Click Save 2 Select Save As 3 Navigate to the...

Page 54: ...r data such as model number and firmware version configuration and network settings and wiring diagram Viewing System and Network Settings Snapshot Click Read from Controller on the PC Interface toolbar The current Controller settings are displayed Configuration Name Configuration CRC Date Confirmed Time confirmed Author Project Name IP Address Subnet mask Gateway address Link speed and duplex mod...

Page 55: ...nly the current configuration can be viewed or imported Module Information Click Import Configuration Network Settings to access the current Controller configuration and network settings depends on user access rights see Password Manager on page 53 4 16 Wiring Diagram Figure 46 Wiring Diagram The Wiring Diagram view shows the terminal assignments and the electrical circuits for the safety and non ...

Page 56: ...4 17 Ladder Logic Figure 47 Ladder Logic The Ladder Logic view displays a simplified relay logic rendering of the configuration XS SC26 2 Safety Controller 56 ...

Page 57: ...iew provides additional device and fault information including a fault code see Fault Code Table on page 108 for the description and possible remedies The Run time data is also updated on the Functional View Equipment and Wiring Diagram views providing the visual representation of the device states See Figure 52 on page 59 for the differences between Live Mode view and all other views XS SC26 2 Sa...

Page 58: ...Figure 49 Run Time Equipment view Figure 50 Run Time Functional View XS SC26 2 Safety Controller 58 ...

Page 59: ...y method of the device statuses between the Live Mode view and all other views Live Mode Equipment Functional View Wiring Diagram Bypassed Fault Inactive Muted Not Used Off Off Delay On Delay Ready Run Stop Figure 52 View based device state color representation XS SC26 2 Safety Controller 59 ...

Page 60: ... Settings on page 17 3 Select Base Controller model See Equipment on page 18 for this configuration only the Is Expandable box is required to be checked 4 Add the expansion module XS8si by clicking on to the right of the Base Controller module a Click Input Modules b Select XS8si 5 Add the following inputs leaving the default settings Input Quantity Type Module Terminals Circuit Emergency Stop 1 S...

Page 61: ... Mode One Pair ME Mute Enable Checked Enabling Device Block ES Checked JOG Jog Checked 9 Add the following Logic Blocks by clicking on any of the empty placeholders in the middle area of the Functional View see Logic Blocks on page 24 for more information AND with 2 input nodes AND with 4 input nodes 10 Connect the following to each Muting Block 1 x Optical Sensor IN node 1 x Mute Sensor Pair MP1 ...

Page 62: ...Figure 54 Sample Configuration Functional View XS SC26 2 Safety Controller 62 ...

Page 63: ...set M0 MR1 is pressed it turns On Safety Output M0 SO2 which in turn turns On Safety Output M0 SO1 Figure 55 Safety Output controlled by another Safety Output 4 21 SC XM2 Drive and SC XMP2 Programming Tool The SC XM2 drive is used to store a confirmed configuration The configuration can be written directly by the Safety Controller when the drive is plugged in to the micro USB port see Configuratio...

Page 64: ...2 drive see Configuration Mode on page 65 Configuration Summary provides the access to terminal assignments network settings and configuration CRC Model displays the current model number and software and hardware versions Set Display Contrast provides the controls to adjust display brightness Configuration Summary System Status Fault Diagnostics Configuration Mode Configuration CRC View Network Se...

Page 65: ...XM process copies all data Configuraton Network Settings and passwords to the SC XM drive 6 Wait for the write process to complete 7 Reset the System To import data from an SC XM2 drive 1 Insert the SC XM2 drive into the Safety Controller 2 From the System Menu select Configuration Mode 3 Enter the password 4 Hold OK until Configuration Mode menu appears 5 Select Import from XM For configuration o...

Page 66: ... checkout procedures are not followed properly the Banner Safety Controller cannot provide the protection for which it was designed The user is responsible for satisfying all local state and national laws rules codes or regulations relating to the installation and use of this control system in any particular application Make sure that all safety requirements have been met and that all technical in...

Page 67: ...nterconnecting control wires from each other and from secondary sources of power Routing interconnecting control wires in separate conduit runs or channels Locating all control elements Safety Controller interface modules FSDs and MPCEs within one control panel adjacent to each other and directly connected with short wires Properly installing multi conductor cabling and multiple wires through stra...

Page 68: ...ards such as U S Control Reliability or European C level standards The safety controller inputs support up to Category 4 PL e ISO 13849 1 and Safety Integrity Level 3 IEC 61508 and IEC 62061 interfacing hookup The actual safety circuit integrity level is dependent on the configuration proper installation of external circuitry and the type and installation of the safety input devices The user is re...

Page 69: ...or automatic reset or trip mode the safety output s it controls will turn back On when the input device changes to the Run state provided that all other controlling inputs are also in the Run state Connecting the Input Devices The Safety Controller needs to know what device signal lines are connected to which wiring terminals so that it can apply the proper signal monitoring methods Run and Stop c...

Page 70: ...limit may need to be increased in cases where high magnitude device vibration impact shock or switch noise conditions result in a need for longer signal transition times If the debounce time is set too short under these harsh conditions the system may detect a signal disparity fault and lock out The default setting is 6 ms CAUTION Debounce and Response Any changes in the debounce times may affect ...

Page 71: ...ble due to safety device or installation limitations or if for example the controller s IOx input terminals are all in use then the highest safety category may not be possible Tip INx IOx input terminals these circuits can be manually configured to meet Category 4 circuit requirements by changing the first left most standard input terminal INx to any available convertible terminal IOx as shown bel...

Page 72: ...tion the design and installation of the Emergency Stop device must comply with ANSI NFPA 79 or ISO 13850 The stop function must be either a functional stop Category 0 or a Category 1 see ANSI NFPA79 Emergency Stop Push Button Requirements E stop switch must provide one or two contacts for safety which are closed when the switch is armed When activated the E stop switch must open all its safety rat...

Page 73: ...ts when routing the rope around a corner or whenever direction changes even slightly Never run rope through conduit or other tubing Never attach weights to the rope A tensioning spring is recommended to ensure compliance with direction independent actuation of the wire rope and must be installed on the load bearing structure machine frame wall etc Temperature affects rope tension The wire rope exp...

Page 74: ...e strong enough to contain hazards within the guarded area which may be ejected dropped or emitted by the machine The safety interlock switches actuators sensors and magnets must be designed and installed so that they cannot be easily defeated They must be mounted securely so that their physical position cannot shift using reliable fasteners that require a tool to remove them Mounting slots in the...

Page 75: ...dard or Safety Integration Level as determined by a risk assessment WARNING Point of Operation Guarding When properly installed a two hand control device provides protection only for the hands of the machine operator It may be necessary to install additional safeguarding such as safety light screens additional two hand controls and or hard guards to protect all individuals from hazardous machinery...

Page 76: ...s including the physical ability of the operator when determining the value of K to be used Th the response time of the slowest hand control from the time when a hand disengages that control until the switch opens Th is usually insignificant for purely mechanical switches However Th should be considered for safety distance calculation when using electronic or electromechanical powered hand control...

Page 77: ...ion the user is responsible to safely install operate and maintain each safety system per the manufacturer s recommendations and comply with all relevant laws and regulations Do not use safety mats as a tripping device to initiate machine motion such as in a presence sensing device initiation application due to the possibility of unexpected start or re start of the machine cycle resulting from fai...

Page 78: ...to the sensor Any damage cuts tears wear or punctures to the outer insulating jacket of the interconnect cable or to any part of the exterior of the safety mat must be immediately repaired or replaced Ingress of material including dirt particles insects fluid moisture or turning chips which may be present near the mat may cause the sensor to corrode or to lose its sensitivity Routinely inspect and...

Page 79: ...the physical ability of the operator when determining the value of K to be used Ts the overall stop time of the machine in seconds from the initial stop signal to the final ceasing of all motion including stop times of all relevant control elements and measured at maximum machine velocity Ts is usually measured by a stop time measuring device If the specified machine stop time is used add at least...

Page 80: ... responsible to satisfy all local state and national laws rules codes and regulations relating to the use of safety equipment in any particular application Make sure that all appropriate agency requirements have been met and that all installation and maintenance instructions contained in the appropriate manuals are followed Photoelectric Sensors Opposed Mode Opposed mode sensors should be configur...

Page 81: ...troubleshooting Bypass switches can be mapped to one or more of the following safety input devices Safety gate interlocking switches Optical sensors Two Hand Controls Safety mats Protective stop Requirements of Bypassing Safeguards Requirements to bypass a safeguarding device include5 The bypass function must be temporary The means of selecting or enabling the bypass must be capable of being super...

Page 82: ...table Valve Monitoring 100 ms to 5 sec 100 ms to 5 sec Don t Care Don t Care Closed Open SO1 AVM Figure 60 Timing logic AVM Function Note 100 ms to 5 s time period is adjustable in 50 ms intervals default is 100 ms The Adjustable Valve Device Monitoring function is useful for dynamically monitoring devices under the control of the safety output that may become slow stick or fail in an energized st...

Page 83: ... Run state this function permits the safety output to turn On and Off This is a single channel signal the Run state is 24 V dc and the Stop state is 0 V dc An On Off input can be added without mapping to a safety output which allows this input to control only a status output Mute Enable Switch signals the Controller when the mute sensors are permitted to perform a mute function When the mute enabl...

Page 84: ... Adding Inputs and Status Outputs on page 19 EDM External Device Monitoring Enables the safety controller to monitor devices under control FSDs and MPCEs for proper response to the stopping command of the safety outputs It is strongly recommended to incorporate EDM or AVM in the machine design and the safety controller configuration to ensure the proper level of safety circuit integrity see EDM an...

Page 85: ...t has elapsed An output cannot have both On and Off Delays The On and Off Delay time limit options range from 100 milliseconds to 5 minutes in 1 millisecond increments Safety Inputs SO1 On Delay SO2 Off Delay Delay 500 ms Delay Figure 65 Timing Diagram General Safety Output On Delay and Off Delay WARNING Off Delays A safety output Off Delay time will be honored even if the safety input that caused...

Page 86: ...6 From Link to Safety Output drop down list select the Safety Output with an Off Delay to which you wish to link this Safety Output NOTE The same input s need to be connected to both Safety Outputs in order for outputs to show up as available for linking 7 Click OK The linked Safety Output will have a link icon indicator XS SC26 2 Safety Controller 86 ...

Page 87: ...r to the Base Controller if using separate power supplies WARNING Single Channel Split Outputs use in Safety Critical Applications If a single channel output is used in a safety critical application then fault exclusion principles must be incorporated to ensure Category 3 safety operation Routing and managing single channel output wires so shorts to other outputs or other voltage sources are not p...

Page 88: ...isance lockouts Notice the location of the resistance symbol in the diagram below representing 0 V common wire resistance RL Methods to prevent this situation include Using larger gauge or shorter wires to reduce the resistance RL of the 0 V common wire Separate the 0 V common wire from the loads connected to the safety controller and the 0 V common wire from other equipment powered by the common ...

Page 89: ...ide range of power characteristics see Specifications on page 11 Unlike a solid state Safety Output within an output module an individual safety relay output Mx ROx functions as a group and cannot be split The Safety Relay Outputs are controlled and monitored by the Base Controller without requiring additional wiring For circuits requiring the highest levels of safety and reliability when used in ...

Page 90: ...shed by opening the Safety Output Properties window and checking EDM then adding External Device Monitoring from the Safety Input tab in the Add Equipment window accessed from the Equipment view or Functional View and connecting the External Device Monitoring input to the EDM node of the Safety Output The EDM inputs can be configured as one channel or two channel monitoring One channel EDM inputs ...

Page 91: ...ockout mode Figure 70 Two channel EDM hookup External Device Monitoring EDM is a way to check the operation of dual channel final switching devices or machine primary control elements The force guided N C monitoring contacts of the FSD or MPCE are used as an input to detect a stuck on fault condition and will prevent the safety controller outputs from turning On External Device Monitoring 250 ms 2...

Page 92: ...rridden or defeated unless accomplished in a manner at the same or greater degree of safety as the machine s safety related control system that includes the Controller The normally open outputs from an interfacing module are a series connection of redundant contacts that form safety stop circuits and can be used in either single channel or dual channel control methods Dual Channel Control Dual cha...

Page 93: ...tance value between the Safety Controller solid state safety outputs and the machine inputs is not exceeded The Safety Controller s solid state safety output maximum Off state voltage does not result in an On condition The Safety Controller s solid state safety output maximum leakage current due to the loss of 0 V does not result in an On condition Failure to properly interface the safety outputs ...

Page 94: ...or AVM input for monitoring DC common 0Vdc must be common between the module s 0Vdc terminal and the common of the load e g FSD Figure 74 Generic Hookup Solid State Safety Output with EDM 24 32 14 24Vdc 24Vdc 0Vdc 0Vdc L2 V L1 V EDM XS1ro or XS2ro XS SC26 2xx 23 31 13 Safety Relay Outputs 43 44 53 54 and 61 62 can be wired similarly but require a separate EDM or AVM input for monitoring MPCE1 MPCE...

Page 95: ...Safety Outputs may be used as a Status Output Solid State Safety Outputs may be split and used as Status Outputs Relay Safety Outputs cannot be used as Status Outputs and cannot be split Status Outputs can be configured to perform the following functions Bypass Indicates when a particular Safety Input is bypassed Mute Indicates a muting active status for a particular mutable Safety Input On when a...

Page 96: ...te the same information as the Status Outputs over the network See Status Output Functionality on page 95 for more information The Auto Configure function located on the Industrial Ethernet tab of the PC Interface automatically configures the Virtual Status Outputs to a set of commonly used functions based on the current configuration This function is best used after the configuration has been det...

Page 97: ...ous injury or death Commissioning Checkout A Qualified Person6 must perform a safety system commissioning procedure before the safeguarded machine application is placed into service and after each Safety Controller configuration is created or modified Periodic Semi Annual Checkout A Qualified Person6 must also perform a safety system re commissioning semi annually every 6 months or at periodic int...

Page 98: ...on at power up After power up switch these devices to the Stop state and back to the Run state for their associated outputs turn On If configured for Normal Power Up If latch function is not used verify that Safety Outputs turn on after power up If either input devices or outputs use the latch function verify that Safety Outputs do not turn on after the power up until the specific manual latch res...

Page 99: ...ify that the Safety Output stays On 4 Verify that the Safety Output turns Off when either MSP1 sensors are switched to the stop state Mute time limit expires 5 For multiple Two Hand Control actuators with at least one set of non mutable actuators verify that while in an active mute cycle removing one or both hands from each non muted actuators causes the Safety Outputs to turn Off Bidirectional Tw...

Page 100: ...nd mute safeguarding devices are in the Run state 2 Verify that the Safety Outputs are On 3 Switch the safeguarding device to the Stop state 4 Verify that the Safety Output turns Off 5 Activate one of the mute sensors 6 Verify the optional mute lamp is flashing 7 Start the mute dependent override by activating the Bypass Switch 8 Verify that the Safety Output turns On 9 Verify that the Safety Outp...

Page 101: ...es are in the Run state so that the delayed Safety Output is On 2 Start the off delay time by switching an input device to the Stop state 3 Switch the input device to the Run state again during the Off Delay time and push the Reset button 4 Verify that the delayed output turns Off at the end of the delay and remains Off a latch reset signal during the delay time is ignored Enabling Device Function...

Page 102: ...verify that the primary Output turns a On when the Enabling Device is in the Run state b Off when the Enabling Device is in the Stop state and the Jog button is in the Run state 3 Verify that the output turns On only when the Enabling Device is in the Run state while the Jog button is in the Run state 4 Verify that the secondary Output turns a On when the Enabling Device and the jog button are in ...

Page 103: ... real time Run mode information on a PC the Controller must be connected to the computer via the SC USB2 cable Click Live Mode to access the Live Mode view This feature continually updates and displays data including Run Stop and Fault states of all inputs and outputs as well as the Fault Codes table TheEquipment view and the Functional View also provide device specific visual representation of th...

Page 104: ...res all faults to be remedied and a system reset to be performed A lockout will recur after a system reset unless the fault that caused the lockout has been corrected A system reset is necessary under the following conditions Recovering from a system lockout condition Starting the Controller after a new configuration has been downloaded For internal faults the System Reset likely will not work The...

Page 105: ...t back in 5 Start the software Unable to read from the controller or send the configuration to the controller buttons grayed out Make sure Live Mode is disabled Make sure the SC USB2 cable is plugged in both to the computer and the controller Verify that the controller is installed properly see Verifying Driver Installation on page 106 Exit the software Unplug the controller and plug it back in St...

Page 106: ... 2 Expandable Safety Controller followed by a COM port number for example COM3 It must not have an exclamation mark a red or a down arrow on the entry If you do not have any of these indicators your device is properly installed If any of the indicators appear follow the instructions after this table to resolve these issues SC XMP2 Drivers 1 Expand the Universal Serial Bus controllers dropdown menu...

Page 107: ...y of the indicators appear follow the instructions after this table to resolve these issues SC XMP2 Drivers 1 Expand the Universal Serial Bus controllers dropdown menu 2 Find XMP2 Programmer A and XMP2 Programmer B Either one of the entries must not have an exclamation mark a red or a down arrow on the entry If you do not have any of these indicators your device is properly installed If any of the...

Page 108: ... not equipped with an LCD use the Live Mode views in the PC Interface on a PC connected to Controller with the SC USB2 cable Fault diagnostics are also available over the network An additional message may also be displayed to help remedy the fault 9 2 1 Fault Code Table Fault Code Displayed Message Additional Message Steps to resolve 1 1 Output Fault Check for shorts A Safety Output appears On whe...

Page 109: ...t Fault Check Terminal xx Input stuck low Check for a short to ground 2 14 Input Fault Check Terminal xx Missing test pulses Check for a short to other inputs or other voltage sources 2 15 Open Lead Check Terminal xx Check for an open lead 2 16 2 18 Input Fault Check Terminal xx Missing test pulses Check for a short to other inputs or other voltage sources 2 19 Open Lead Check Terminal xx Check fo...

Page 110: ...it to the Controller 4 3 4 11 Internal Fault Internal failure Contact Banner Engineering see Repairs and Warranty Service Repairs Warranty on page 111 4 12 Configuration Timeout Check Configuration The Safety Controller was left in Configuration mode for more than one hour without pressing any keys 4 13 Configuration Timeout Check Configuration The Safety Controller was left in Configuration mode ...

Page 111: ...d Warranty Service Repairs Warranty on page 111 6 xx Internal Fault Invalid configuration data Possible internal failure Try writing a new configuration to the Controller 9 3 Recovering from a Lockout To recover from a lockout condition Follow the recommendation in the fault display LCD models Follow the recommended steps and checks listed in the Fault Code Table on page 108 Perform a system reset...

Page 112: ...ription XS16si Safety Input Module 16 inputs 4 convertible XS8si Safety Input Module 8 inputs 2 convertible XS2so 2 Dual Channel Solid State Safety Output Module XS4so 4 Dual Channel Solid State Safety Output Module XS1ro 1 Dual Channel Safety Relay Module XS2ro 2 Dual Channel Safety Relay Module 10 2 Replacement Parts and Accessories Model Description SC TS2 Screw terminal blocks controller SC TS...

Page 113: ...ply Voltage Inputs Safety Outputs Output Rating EDM Contacts Aux Outputs IM T 9A 24V dc 2 dual channel hookup 3 N O 6 amps 2 N C IM T 11A 2 N O 1 N C 10 4 1 Mechanically Linked Contactors Mechanically Linked Contactors provide an additional 10 or 18 amp carrying capability to any safety system If used two contactors per Safety Output pair are required for Category 4 A single OSSD output with 2 con...

Page 114: ...ANSI PMMI B155 1 Package Machinery and Packaging Related Converting Machinery Safety Requirements 11 2 Applicable OSHA Regulations OSHA Documents listed are part of Code of Federal Regulations Title 29 Parts 1900 to 1910 OSHA 29 CFR 1910 212 General Requirements for Guarding of All Machines OSHA 29 CFR 1910 147 The Control of Hazardous Energy lockout tagout OSHA 29 CFR 1910 217 Guarding of Mechani...

Page 115: ...xternal resources A fault is often the result of a failure of the device itself but may exist without prior failure H Hard Fixed Guard Screens bars or other mechanical barriers affixed to the frame of the machine intended to prevent entry by personnel into the hazardous area s of a machine while allowing the point of operation to be viewed The maximum size of the openings is determined by the appl...

Page 116: ...turn On if their other associated input signals are also in the Run state S SELV Separated or safety extra low voltage power supply for circuits without earth ground Per IEC 61140 A SELV system is an electrical system in which the voltage cannot exceed ELV 25 V ac rms or 60 V ripple free dc under normal conditions and under single fault conditions including earth faults in other circuits Simultane...

Page 117: ...D Status 103 Live Mode 57 103 105 Lockout 104 111 Logic Blocks 9 24 26 M Modbus TCP 3X 4X 48 Model 64 Models 112 Mounting the Controller 66 Muting Block 32 N NAND 25 Network Settings 45 46 New Configuration 44 NOR 25 NOT 25 O Octet 47 Onboard Interface 64 103 Operating Conditions 11 OR 24 25 P Password 9 53 Password Manager 9 53 PC Interface 13 15 PC Requirements 12 PCCC 49 Periodic Checkout 97 Pr...

Search results

Summary of Contents for SC26-2 Series

Reviews:

Related manuals for SC26-2 Series

Brands by name

Popular brands

Banner SC26-2 Series, Instruction Manual

Search results

Summary of Contents for SC26-2 Series

Reviews:

Related manuals for SC26-2 Series

Brands by name

Popular brands