24
Festo — CMMT-ST-C8-1C-...-S0 — 2021-04b
Operation
No.
Question
Relevant
Done
3c2
Is a restart after an emergency stop prevented in the safety relay unit? Yes
o
No
o
o
3c3
Is the safety sub-function STO executed immediately if only one of the
assigned inputs #STO-A or #STO-B is requested? Does the diagnostic
contact indicate the unsafe state as per the truth table?
Truth table
Tab. 2 State of the diagnostic contact STA.
Does the functional firmware log an appropriate fault once the dis-
crepancy time has elapsed?
Yes
o
No
o
o
3c4
Does the safety relay unit detect a fault based on an evaluation of the
diagnostic contact STA when the safety sub-function is requested via
1 channel?
Truth table
Tab. 2 State of the diagnostic contact STA.
Yes
o
No
o
o
3c5
Only when linking multiple servo drives and connecting the diagnostic
contacts: does the safety relay unit detect a fault based on an evalua-
tion of the diagnostic contact STA if the linkage STA is interrupted at
a particular point or when the safety sub-function is requested via 1
channel for a servo drive?
Truth table
Tab. 2 State of the diagnostic contact STA.
Yes
o
No
o
o
Tab. 8: Questions for validation in accordance with EN ISO 13849-2 (example)
Information on PDS integration
The system manufacturer must guarantee the following steps are taken in order to integrate the safety
sub-function of the CMMT-ST into their overall system:
–
Provide evidence of a system of project management/functional safety management
–
Perform a risk analysis
–
Perform a functional test on initial commissioning and during operation, or after a device is replaced
(black-box test)
–
Document the entire safety function
7
Operation
Check the safety functions at adequate intervals for proper functioning. It is the responsibility of the
operator to choose the type and frequency of the checks within the specified time period. The manner
in which the test is conducted must make it possible to verify that the safety device is functioning
perfectly in interaction with all components. Time period for cyclical test (PTI)
safety engineering.
After the safety sub-function STO has been requested and the request completed, the functional
controller enable must be reactivated.
Have qualified personnel regularly check and document the function of the diagnostic contact. The
machine manufacturer must specify the exact interval, based on their application.
The CMMT-ST is maintenance-free during its period of use and specified service life.
The machine manufacturer must ensure the device is protected against restart according to the
EN ISO 14118 standard “Safety of machinery – Prevention of unexpected start-up”.
