Interrupts/diagnostic messages/diagnostics
6.2 Fault diagnostics overview
Digital I/O module F-DI 4+F-DQ 2x24VDC/2A, 4xM12 (6ES7146-5FF00-0BA0)
Equipment Manual, V1.0, 05/2021, A5E51082342-AA
65
6.2
Fault diagnostics overview
Diagnostics detect faults that can affect the integrity of safety-related I/O. The faults can be in
the fail-safe module, communication with the CPU, or external circuits. Diagnostic
information is assigned either to a single channel or to the entire fail-safe module.
Most diagnostics operate without user selection. You can configure the following diagnostic
options:
•
Short-circuit testing using the digital input sensor supply can be enabled. The interval and
duration of short-circuit tests is configurable.
•
The readback times for 24 V DC digital outputs are configurable.
•
The timeout intervals for failures in the safety communication or failure of a safety
program to run is configurable.
•
Dark testing of the digital outputs can be disabled (max. SIL 2, Cat. 3, PL d).
Refer to "Parameters/address space (Page 23)" for a complete description of these options.
The safety-critical and validated action of the diagnostics is to passivate I/O when faults are
detected. The reporting of status and diagnostic results through the LED displays and
diagnostic messages is subject to single point failures in electronics or software. These
reports are offered as maintenance and debugging aids. Observe and interpret the reports
with caution.
In the presence of single faults, any or all LED indications can be wrong. You should not rely
solely on the presence or absence of red or green LED indicators to make safety decisions.
In the presence of single faults, diagnostic messages may fail to be delivered, or the
numerical event ID or text message can be wrong. You should not rely solely on the presence,
absence, or content of diagnostic reports to make safety decisions.
WARNING
Diagnostic and status reports through LEDs and text messages are subject to single
point failure errors.
Reliance on such reported information to determine that a system or I/O point is in a safely-
controlled state can result in death, severe personal injury, or property damage.
If the integrity of your fail-safe system is in doubt, you should use additional measures such
as restricted access or power removal to control hazards during maintenance and debug
activities.
6.3
Diagnostics performed at startup
Each fail-safe module executes self-diagnostics at power-up to assure that the electronics and
software meet testable expectations before allowing the module to participate in process
control. If tests are not successful, the module passivates either individual or all channels.
In addition to internal tests, some tests create signal changes at the terminals.
Summary of Contents for SIMATIC ET 200AL
Page 2: ......
Page 143: ......
Page 218: ......
Page 250: ......
Page 296: ......
Page 337: ......
Page 365: ......
Page 392: ......
Page 419: ......
Page 451: ......
Page 483: ......
Page 597: ......
Page 648: ......
Page 702: ......
Page 739: ......
Page 781: ......
Page 804: ......
Page 828: ......
Page 853: ......
Page 880: ......
Page 906: ......
Page 996: ...Diagnostics ...
Page 1121: ......
Page 1565: ......