System description TwinSAFE
EK1960
12
Version: 1.3.1
2
System description TwinSAFE
2.1
Extension of the Beckhoff I/O system with safety
functions
The TwinSAFE products from Beckhoff enable convenient expansion of the Beckhoff I/O system with safety
components, and integration of all the cabling for the safety circuit within the existing fieldbus cable. Safe
signals can be mixed with standard signals as required. The transfer of safety-related TwinSAFE telegrams
is handled by the standard controller. Maintenance is simplified significantly thanks to faster diagnosis and
simple replacement of components.
The following basic functionalities are included in the TwinSAFE components:
digital inputs (e.g. EL19xx, EP1908), digital outputs (e.g. EL29xx), drive components (e.g. AX5805) and logic
units (e.g. EL6900, EL6910). For a large number of applications, the complete safety sensor and actuator
technology can be wired on these components. The required logical link of the inputs and the outputs is
handled by the EL69xx. In addition to Boolean operations, the EL6910 now also enables analog operations.
2.2
Safety concept
TwinSAFE: Safety and I/O technology in one system
• Extension of the familiar Beckhoff I/O system with TwinSAFE components
• Safe and non-safe components can be combined as required
• Logical link of the I/Os in the EL69xx TwinSAFE logic terminal
• Suitable for applications up to SIL 3 according to EN 61508:2010 and Cat 4, PL e according to
EN ISO 13849-1:2015
• Safety-relevant networking of machines via bus systems
• In the event of an error, all TwinSAFE components always switch to the wattless and therefore safe
state
• No safety requirements for the higher-level standard TwinCAT system
Safety over EtherCAT protocol (FSoE)
• Transfer of safety-relevant data via any media (“genuine black channel”)
• TwinSAFE communication via fieldbus systems such as EtherCAT, Lightbus, PROFIBUS, PROFINET
or Ethernet
• IEC 61508:2010 SIL 3 compliant
• FSoE is IEC standard (IEC 61784-3-12) and ETG standard (ETG.5100)
Fail-safe principle (fail stop)
The basic rule for a safety system such as TwinSAFE is that failure of a part, a system component or the
overall system must never lead to a dangerous condition. The safe state is always the switched off and
wattless state.
CAUTION
Safe state
For all TwinSAFE components the safe state is always the switched-off, wattless state.
Содержание EK1960 Series
Страница 1: ...Operating Instructions for EK1960 TwinSAFE Compact Controller 1 3 1 2019 01 28 Version Date...
Страница 2: ......
Страница 6: ...Table of contents EK1960 6 Version 1 3 1...
Страница 58: ...Operation EK1960 58 Version 1 3 1 Fig 51 Safety parameters of the input modules...
Страница 102: ...Operation EK1960 102 Version 1 3 1 Fig 131 Group Status Online ERROR Fig 132 Group Status Online STOP...
Страница 140: ...Appendix EK1960 140 Version 1 3 1 5 2 Certificates...