Fail-Safe Blocks
Fail-Safe Systems
8-74
A5E00085588-03
Name
Data Type
Explanation
Default
NFY_STAT
WORD
Return of SFB 31 NOTIFY_8P
STAT output.
W#16#0000
Partial Shutdown Configuration
When SHUTDOWN =Partial, the F-run-time groups that have a detected failure will
automatically become disabled, not affecting other fault free F-run-time groups.
For each F-run-time group with a detected failure, a diagnostic buffer event will be
reported indicating that a failure was detected.
Full Shutdown Configuration
When SHUTDOWN =Full, the shutdown logic will respond to the first detected F-
run-time group failure. All F-run-time groups will become disabled under this
condition. A diagnostic buffer event will be reported indicating that the entire
Safety Program was disabled.
!
Safety Note – F_SHUTDN in slowest configured OB
This note pertains to users who utilize the “Full shutdown. Please note that the
F_SHUTDN will be configured in the slowest running OB3x that contains an F Run-
time group. If OB35 and OB34 were configured with F Blocks, the F_SHUTDN
would be placed in OB34 since it is the slowest out of the two (by default OB34 is
200ms and OB35 is 100ms). The consequence of this is that a shutdown for the
faster F Run-time group may not occur until the next scan of the slowest
configured OB, in this example OB34.
The F Run-time group that encounters the detected fault, regardless of the
SHUTDOWN value will be shutdown.
Request Safety Program Shutdown
Under certain circumstances, the user may wish to manually request a complete
shutdown. This can be accomplished by providing a rising edge to the RQ_FULL
input. It will force FULL_SD output to be TRUE, which will disable the entire Safety
Program. When this request is detected and the Safety Program is forced to
shutdown, a diagnostic buffer event will be reported. The FULL_SD output is
latched and is only resettable through an entire system cold/warm start or through
the RESTART input.
Restart Safety Program
The restart is triggered when a rising edge is detected on the RESTART input.
Restart may only be triggered if there exists disabled F-run-time groups.
Otherwise, the restart is ignored. When the restart is initiated, the EN_INIT output
triggers a series of DB_INIT functions that coldstart initialize only those F Function
Blocks within disabled F-run-time groups. During Safety Program coldstart
initialization, the disabled F-run-time groups will remain disabled. The DB_INIT
Содержание SIMATIC S7 F
Страница 8: ...Important Information Fail Safe Systems viii A5E00085588 03 ...
Страница 16: ...Contents Fail Safe Systems xvi A5E00085588 03 ...
Страница 38: ...Product Overview Fail Safe Systems 1 22 A5E00085588 03 ...
Страница 56: ...Getting Started Fail Safe Systems 2 18 A5E00085588 03 ...
Страница 70: ...Safety Mechanisms Fail Safe Systems 3 14 A5E00085588 03 ...
Страница 115: ...Programming Fail Safe Systems A5E00085588 03 5 33 Examples Receive Block Send Block ...
Страница 154: ...Programming Fail Safe Systems 5 72 A5E00085588 03 ...
Страница 166: ...Operation and Maintenance Fail Safe Systems 6 6 A5E00085588 03 ...
Страница 332: ...Fail Safe Blocks Fail Safe Systems 8 144 A5E00085588 03 ...
Страница 344: ...References Fail Safe Systems B 2 A5E00085558 03 ...
Страница 350: ...Glossary Fail Safe Systems Glossary 6 A5E00085588 03 ...