Assembling and Installing Systems
A-33
S7-400 and M7-400 Programmable Controllers Hardware and Installation
A5E00069481-04
Risks
In all cases where the occurrenced of failures can failures can result in material
damage or injury to persons, special measures must be taken to enhance the
safety of the installation - and therefore also of the situation. System-specific and
special regulations exist for such applications. They must be observed on installing
the control system (e.g. VDEE 0116 for burner control systems).
For electronic control equipment with a safety function, the measures that habe to
be taken to prevent or rectify faults are based on the risks involved in the
installation. As of a certain degree of hazard the basic measures mentioned above
are no longer sufficient. That is, additional measures (e.g. redundant
configurations, tests, checksums, etc.) must be implemented and certified for the
control equipment (DIN VDE 0801). The prototype of the fail-safe PLC S5-95F was
tested by TÜV (German Institute for Technological Suirveillance), BIA and G EM III;
several certificates have been granted. Thus, it is suitable in the same way as the
previously tested fail-safe PLC S5-115F to control and monitor safety-relevant
system areas.
Splitting the group into safety-relevant areas and areas which are not
savety-relevant
Most plants contain equipment performing safety-relevant operations (e.g.
EMERGENCY-OFF switch, protective gates, two-hand controls). To avoid the need
to examine the entire controller from the aspect of safety, the controller is usually
divided into an area that is saftey-relevant and an area that is not
safety-relevant. In the non-safety-related area, no special demands are placed on
the safety of the control equipment because any failure in the electronics will have
no effect on the safety of the installation. In the safety-relevant area, however, it is
only allowed to operate controllers or circuits compliant with corresponding
regulations.
The following divisions are common in practical situations:
•
For control equipment with few safety-related functions (e.g. machine controls)
The conventional PLC is responsible for machine control, whereas
safety-related functions are implemented with a fail-safe mini PLC (e.g.
S5-95F).
•
For controllers with balanced areas (e.g. chemical installations, cable cars)
In this case also, the area that is not safety-relevant is controlled with a
standard PLC, whereas a tested fail-safe controller (S7-400F, S7-400FH,
S5-115F, or multiple S5–95F) controls the safety-relevant areas.
The entire installation is implemented with a fail-safe control system.
•
For control equipment with mainly safety-relevant functions (e.g. burner control
systems)
The entire control system is implemented with fail-safe technology