Transcript Safety Remote IO - Schneider Electric

Safety PLCs
Customer presentations
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
2
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
3
Preventa Safety Solutions
The Preventa safety product range provides flexible
solutions for safety processing by offering:
 a full range of Safety Modules
 AS-Interface Safety at Work monitors and
interfaces
 the XPS-MC Safety Controllers
 the XPS-MF Safety PLCs
Machine Control Safety- Jason Minto – December 2006 - English
4
Safety Product Position
Safety
Safety System
Process and
Safety Island
Centralised
I/O
Multiple Safety
Functions
Single Safety
Function
Decentralised I/O
Simple
Machines
Machine Control Safety- Jason Minto – December 2006 - English
Repetitive
Machines
Complex
Machines
Manufacturing
Process
Batch
Process
Machine
Complexity
5
Safety positioning:
PLC Availability & Safety
Availability
Standard
PLC
Hot Standby
System
Control
(Partner product to be purchased from
HIMA)
Availability
140 CRP
Standard
PLC
140 CRP
Safety PLC’s
SIL 2- Quantum
SIL 3- HIMA
H41q/H51q
Standard PLC’s
Premium / Quantum
S908
Remote
I/O
Control
Availability
Safety
Standard PLC’s
•Premium
•Modicon M340
•Twido
Control
Safety
Machine Control Safety- Jason Minto – December 2006 - English
6
Safety PLC Application
and Customer Benefits
 Single Network Solution; For Safety & Standard Data Transfer-Ethernet!
 Reduced Machine Downtime due to diagnostics via Ethernet possible to see failure
before a failure occurs (Operating temperature, contact failure…)
 Increased Diagnostics Capabilities providing flexible solutions, able to view all data
from a central location
 Simpler Maintenance/Installation
 Reduced Wiring using a single network in a decentralised architecture, thus
enabling products to be placed near to the sensors and actuators
 Reduced wiring costs compared to a hardwired solution
 The Hardware/Software functionality enables the simple realisation of very complex
systems
 Increased flexibility allowing Safety subsystems of different machine manufacturers
to be linked together quickly
Machine Control Safety- Jason Minto – December 2006 - English
7
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
8
The Family
 Compact Solution



Consisting of Compact Safety PLC range
Use with Modular PLC range and Remote IO
Manages up to 64 Safety Remote IO modules
 Safety Remote IO extension


Digital IO, Analogue IO
Used with either Compact or Modular Safety PLCs
 Modular Solution



Machine Control Safety- Jason Minto – December 2006 - English
Consisting of a Modular Safety PLC
Use with Compact PLC range and Remote IO
Manages up to 64 Safety Remote IO modules
9
Safety PLC Family
Safety applications requiring:
– Speed: Response time
– Large application memory
– High network flexibility
Safety applications requiring:
– wiring cost reduction
– network flexibility
Compact Solution: 90% of Applications
XPSMF40
Safety PLC
Digital
IO
XPSMF35
Digital &
Safety PLC Analogue IO
XPSMF30
Safety PLC
XPSMF31
Safety PLC
Digital
IO
Digital
IO
Machine Control Safety- Jason Minto – December 2006 - English
Safety
Remote IO
Modular Solution: 10% of Applications
Digital
Input
XPSMF1
Digital
Input
Remote IO
XPSMF IO
Cards
XPSMF2
Digital
Output
Remote IO
XPSMF3
Input &
output
Remote IO
Digital
Output
Digital Input
& Output
Analogue
Input
Rack
Power supply
unit
Central
processing
unit
Analogue
Output
Counter
Input
10
Main Hardware Characteristics
 Certified up to SIL (Claim Limit) 3, EN/IEC 61508 and up to Category 4, EN ISO
13849-1 (EN 954-1), UL/CSA, NFPA8501, NFPA8502, NFPA72:1999, EN 54-2
 Each Safety PLC contains Redundant Processors
 SafeEthernet Protocol for Safety related data transfer
 Standard Bus Communication using Modbus TCP/IP on Ethernet
 2 or 4 RJ45 Connection points (depending on version): using Line/Star (Daisy chain)
Topology
 All Remote IO Modules are Hot Swappable
 LED Diagnostics on PLC housing
 Removable Screw terminals
 Compact range contain Din rail attachment simplifying installation
Machine Control Safety- Jason Minto – December 2006 - English
11
Internal PLC Structure
I/O bus
Digital
Inputs
FB1
Dual Port
RAM
Analogue
Inputs
FB2
dual
µProcessor
system
COM.
controller
Counters
RJ45
Analogue
Outputs
RJ45
Digital
Outputs
Watch
Dog
outputs
switch off
Ethernet
Switch
RJ45
RJ45
Machine Control Safety- Jason Minto – December 2006 - English
12
How does SafeEthernet protocol work?
 Basic requirement:
No change of the proven standard Ethernet TCP/IP-frame
 Black Channel principle
 Each telegram is protected, and secured by the CRC** and a
specific numbering sequence
 Each Safety Telegram data packet contains the Source and
destination address
Source and
Destination
Address
Safety Data
Preamble
Preamble Address
Address
Length
Length
Source and
Destination
Address
Source and
Destination
Address
Safety
CRC
Safety
Data
DATA
Safety
CRC
CRC
Preamble Address
Standard TCP/IP-Frame
Ethernet Frame
Preamble
Address
Length
DATA
CRC
Preamble
Ethernet Frame
Address
Length
Source and
Destination
Address
Safety
Data
DATA
Safety
CRC
CRC Preamble
Ethernet Frame
PreambleAddressLength
Ethernet Frame
Source and
Destination
Address
Address
Length
DATA
Ethernet Frame
Safety Data
Safety
CRC
CRC
Preamble
Address
Length
CRC
Preamble
Address
Length
Safety
Data
DATA
Source and
Destination
Address
Safety
CRC
CRC Preamble
Ethernet Frame
DATA
Ethernet Frame
Preamble
AddressLength
CRC
Ethernet Frame
Safety Data
Safety
CRC
Safety
CRC
Safety
Data
DATA
Source and
Destination
Address
Length
Safety
CRC
CRC
CRC
Ethernet Frame
Address
DATA
Length
Ethernet Frame
Source and
Destination
Address
Safety Data
CRC
CRC
Preamble
Address
Length
Source and
Destination
Address
Safety
Data
DATA
Safety
CRC
CRC Preamble
Ethernet Frame
Preamble
Address
Ethernet Frame
Length
DATA
Address
DATA
Length
CRC
Ethernet Frame
Preamble
AddressLength
CRC
Source and
Destination
Address
Safety Data
Safety
CRC
CRC
Ethernet Frame
** CRC is the Cyclic Redundancy Check (Check Sum)
Machine Control Safety- Jason Minto – December 2006 - English
13
How does SafeEthernet protocol work?
 Internal Structure. (e.g. XPSMF4022)
Safety related
Modbus Serial
Field Bus
Source and
Preamble Address Length Destination
address
Safety Data
Communications Processor
Safety
CRC
Non-Safety
related
CRC
3 Port
Switch
Dual port RAM
Safety Data
8 Line
Control
Outputs
24
Digital
Input/
Outputs
Machine Control Safety- Jason Minto – December 2006 - English
Redundant
processorSystem
RJ45/
Ethernet
RJ45/
Ethernet
Source and
Preamble Address Length Destination
address
Safety
Data
Safety
CRC
CRC
Ethernet
Watch Dog
14
Safety PLC and
Safety Remote IO Process
Safety Remote IO
Safety PLC
Inputs
Processing
Check CRC, Source IP,
Destination IP and SRS**
and Check the packet
number is correct and
received in correct time
Processing
Average
Cycle time:
10 -15 ms
Equal?
Yes
Outputs
No
Shut down
outputs
Average
Cycle time:
<10 ms
Data com.
Yes
Outputs
No
Shut down
outputs
Check CRC, Source IP,
Destination IP and SRS**
and check the packet
number is correct and
received in correct time
Data com.
Tests
Inputs
Self-tests:
Self-tests:
µProcessor
memory areas
watchdog
I/O bus
µProcessor
memory areas
watchdog
I/O bus
Tests
** SRS is the System Resource Slot (specific to PLC and Remote IO)
Machine Control Safety- Jason Minto – December 2006 - English
15
New Solution offer
 Compact Safety PLC
NEW for 2007!!

Product
Inputs/
Outputs
XPSMF4000
24
XPSMF4002
24
XPSMF4020
24
XPSMF4022
24
XPSMF4040
24
XPSMF4042
24
XPSMF40: 6 Product references
Line
Control
Outputs
Safety
Network
Non-Safety Related Data
transfer Network/Protocols
+
+
+
8
2 RJ45/Eth. None
8
2 RJ45/Eth. Ethernet (Modbus TCP/IP Server)
8
2 RJ45/Eth. Modbus Serial Slave (RTU)
+
+
+
8
2 RJ45/Eth.
8
2 RJ45/Eth. Profibus DP Slave
8
2 RJ45/Eth.
Ethernet (Modbus TCP/IP Server)
+ Modbus Serial Slave (RTU)
Ethernet (Modbus TCP/IP Server)
+ Profibus DP Slave
Configurable!
Machine Control Safety- Jason Minto – December 2006 - English
16
Solution Offer
 Compact Safety PLC
Product
Inputs
Outputs
Safety
Network
XPSMF3502
XPSMF3522
XPSMF3542
XPSMF3022
XPSMF31222
24 digital
8 analogue
2 counter
20 digital
20 digital
+ 8 digital
+8 digital *
+8 digital *
4 RJ45/Eth.
4 RJ45/Eth.
4 RJ45/Eth.
Non-Safety Related Data
transfer Network/Protocols
Ethernet (Modbus TCP/IP Server)
Ethernet (Modbus TCP/IP Server) +
Modbus Serial Slave (RTU)
Ethernet (Modbus TCP/IP Server) +
Profibus DP Slave
Ethernet (Modbus TCP/IP Server) +
Modbus Serial Slave (RTU)
Ethernet (Modbus TCP/IP Server)
* can be configured as line control outputs
Machine Control Safety- Jason Minto – December 2006 - English
17
Solution Offer
 Compact Safety Remote IO Digital Input Module

Product reference
XPSMF1DI1601
Machine Control Safety- Jason Minto – December 2006 - English
Managed by parent Compact or Modular Safety PLC
Inputs
16 digital
+
Line
Control
Outputs
Safety Network
4
2 RJ45/Eth.
18
Solution Offer
 Compact Safety Remote IO Digital Output Modules

Product reference
XPSMF2DO401
XPSMF2DO1601
XPSMF2DO801
XPSMF2DO1602
Machine Control Safety- Jason Minto – December 2006 - English
Managed by parent Compact or Modular Safety PLC
Outputs
Power output module
4 digital (up to 5A each output)
Two separated groups
of 8 digital outputs
(Total 16 digital outputs)
Safety
Network
2 RJ45/Eth.
2 RJ45/Eth.
8 relay outputs
2 RJ45/Eth.
16 relay outputs
2 RJ45/Eth.
19
Solution Offer
 Compact Safety Remote IO Input/Output Modules

Product
reference
Managed by parent Compact or Modular Safety PLC
Inputs
Line Control
Outputs
XPSMF3DIO8801
8 digital
2
8 digital outputs +
2 RJ45/Eth.
2 double pole digital outputs
XPSMF3DIO16801
16 digital
2
8 double pole digital outputs 2 RJ45/Eth.
XPSMF3DIO20802
20 digital
8 digital outputs*
2 RJ45/Eth.
XPSMF3AIO8401
8 analogue
4 analogue (non-safe)
2 RJ45/Eth.
Outputs
Safety
Network
* can be configured as line control outputs
Machine Control Safety- Jason Minto – December 2006 - English
20
Solution Offer
 Modular Safety PLC

Connects to Compact or Modular Safety PLCs
and Safety Remote IO
Product
reference
Function
Safety
Network
Non-Safety Related Data transfer
Network/Protocols
XPSMFCPU22
CPU
4 RJ45/Eth.
Ethernet (Modbus TCP/IP Server) +
Modbus Serial Slave (RTU)
XPSMFGEH01
XPSMFPS01
XPSMFBLK
Modular Rack can house
up to 6 Modules
Power Supply Unit for the
racks' back plane bus
Cover plate for unused
slots
 Requirements per Rack

Single CPU per Rack
 Maximum 6 Modules per rack (can use the same type up to 6 times)

Require as a minimum the Rack, Power supply unit, and CPU
Machine Control Safety- Jason Minto – December 2006 - English
21
Solution Offer
 Modular Safety PLC Safety IO Modules (Cards)

Product
For the Modular Safety PLC
Type
Inputs
digital input
24 digital
module
(110 V)
digital input
XPSMFDI3201
32 digital
module
digital input +
XPSMFDIO241601
24 digital
output module
relay output
XPSMFDO801
module
counter input +
XPSMFCIO24801
2 counter
output module
analogue input
8
XPSMFAI801
module
analogue
analogue output
XPSMFAO801
module
Outputs
XPSMFDI2401
16 digital*
8 digital
4 digital
8 analogue
* can be configured as line control outputs
Machine Control Safety- Jason Minto – December 2006 - English
22
Solution Offer
NEW 2007!!
 Modbus TCP/IP Client Licence and Modbus RTU
Master Serial Licence

For managing standard automation devices for use by
Compact or Modular Safety PLCs
Product reference
XPSMFMMTCPIP
XPSMFMMRTU



Function
Enables use of Modbus TCP/IP Client to control
devices such as STB, Magelis, etc.
Enables use of Modbus RTU Master (serial) to control
devices such as STB, Magelis, etc.
The Client/Master Licenses are available for controlling non-safety related IO such as STB,
Magelis, etc.
The use of Non-safety related control by the Safety PLC is only recommended for a small
quantity of non-safe IO, typically under 50 I/O
The customer must ensure that the worst case response time of their safety functions are met!
Magelis
HMI
XPSMF40 Safety PLC
Machine Control Safety- Jason Minto – December 2006 - English
Advantys Ethernet
STB
Standard Remote
IO
23
Monitoring of Inputs
 For Category 4, according to EN ISO 13849-1 (EN 954-1),
and SIL 3 according to EN/IEC 61508 to be realised, line
control outputs must be used to monitor Safety Devices
 A Line Control Output transmits a specific pulse over a
specific duration from the output of a module through a
device (e.g. E-Stop) and back into the inputs of the same
module
Machine Control Safety- Jason Minto – December 2006 - English
24
Monitoring of Inputs
 Product contains either line control outputs or
dedicated digital outputs which can be configured in
the XPSMFWIN Software to a line control output
 The input monitors the signal and it is possible to
detect faults such as;



short circuits between inputs
short circuits to ground
external voltage intrusion
 If a fault is detected, the assigned outputs of the
XPS-MF safety controller will move into a safe state
Machine Control Safety- Jason Minto – December 2006 - English
25
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
26
Network Architecture
 The Safety Network is based on SafeEthernet protocol
 A Safety PLC is able to communicate with a standard automation products (Premium
PLC, HMI device, etc.) over Ethernet using Modbus TCP/IP, or using Modbus Serial
(RTU) for non-Safety communication
 SafeEthernet protocol increases the network flexibility. It is possible to use a single
network transferring standard and safety data (Picture 1) or two separated networks
using Ethernet for Safe Data transfer (Picture 2)
1
HMI
Machine Control Safety- Jason Minto – December 2006 - English
2
HMI
27
Interoperability between
Safety PLC Family
Machine Control Safety- Jason Minto – December 2006 - English
28
Network Architecture
Machine Control Safety- Jason Minto – December 2006 - English
29
Control of Advantys STB (Ethernet)
 The XPSMF Safety PLC range can be used in applications to provide both Safety and
Standard automation processing, it is mandatory however to ensure that the worst
case response times for the Safety function are fulfilled
 The Safety PLC communicates with the Standard Remote IO (Advantys STB) over
Ethernet using Modbus TCP/IP (Non-Safety Related!)
 To control Standard Remote IO modules, a Modbus TCP/IP Client license is required
 Using the Safety PLC to control standard automation products reduces cost for
hardware, engineering, installation and maintenance
 The connection to STB is recommended for applications requiring a small quantity of
Standard IO’s (<50) it is dependant primarily on the required response times of the
safety functions!
XPSMF40 Safety PLC
Machine Control Safety- Jason Minto – December 2006 - English
XPSMF Safety Remote IO
Advantys Ethernet STB
Standard Remote IO
30
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
31
The Software
 Simple programming by means of Function Block Diagram
(FBD) & Drag and Drop functionality
 Accurate and meaningful diagnostics by means of Off/On-Line
Test, & Diagnostics window
 Total harmony with IEC 61131-3
 Safety function library

14 Certified Function Blocks provided with the Software
–
–
–
–
–
–
–
–
–
–
–
–
–
Machine Control Safety- Jason Minto – December 2006 - English
Emergency Stop
Safety Guard
Two-Hand Control
Light curtains / Laser Scanners
Feedback Loop
Selector Switches "1 out of 8”
Selector Switches "2 out of 6”
Muting
Press Safety Valves
Analogue Values
Enabling Switch (two types)
Dynamic Initiator
Safety Locking
32
The Software
 Online Test / Offline Simulation









Provides the user with a near real time
diagnostic
display of the internal program logic
connected to the
external hardware’s Inputs and Outputs
Safety Door
contacts C1 & C2
Emergency stop
control contacts
C1 & C2
Emergency stop
Reset
Safety Door Reset
Safety control output for Robot
Boolean Variables shown in Red or
Blue indicating either “1” or “0”
Other Variables (e.g.. Time) status shown
in On Line Test field box
Excellent for use with program testing,
signal analysis, fault finding, user
information
Machine Control Safety- Jason Minto – December 2006 - English
33
XPSMFWIN and Unity
platform interaction
 The declaration of communication variables
between XPSMFWIN and Unity is carried out once
using the XPSMFWIN to Premium PLC Image
Generator
 The tool enables the customer reduced engineering
time, by enabling the user to export all signals from
the XPSMFWIN programming environment and
using the tool to convert the signals into unity
format variables
 This tool is included within Safety Suite V2
Machine Control Safety- Jason Minto – December 2006 - English
34
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
35
Diagnostics within the Safety
PLC Systems
 Each PLC / Remote IO has a diagnostics window
 The Diagnostics displays all faults within the PLC
 This data can be used to quickly identify a problem
within the Remote IO, or PLC
Machine Control Safety- Jason Minto – December 2006 - English
36
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
37
6. Applications
Batch Process Applications (UK)
 Batch Process Safety Shut down system
Machine Control Safety- Jason Minto – December 2006 - English
38
Batch Process Applications (UK)
XPSMF1DI1601
350 m Fiber Optic Hyperring (availability)
Ethanol Oxide
Reactor
XPSMF3502
XPSMF3DIO8801
Reactor House
XPSMF3AIO8401
Propylene Oxide
Reactor
TSXETG100 Gateway
(Serial to Ethernet)
Control Room
XPSMF3502
XPSMF3DIO8801
Old Boiler House
Machine Control Safety- Jason Minto – December 2006 - English
HMI
Existing
SCADA
Existing PLC
39
Application Benefits:
Batch Process Applications (UK)
 Can be monitored over Ethernet for Safety and Standard data
via a central control panel
 Reduced Machine Downtime due to diagnostics via Ethernet
possible to see failure before a failure occurs (Operating
temperature, contact failure…)
 Reduced maintenance costs
 Reduced Wiring using a single network and decentralised
solution, thus enabling products to be situated within 50 m of
Chemical reaction vessels
 Reduced architectural Complexity compared to hardwire
solution
Invisible
Machine Control Safety- Jason Minto – December 2006 - English
 Analogue IO (Pressure and Temperature)
40
New Applications: In Work
 UK

New industrial process application:
– Use of XPSMF3022 and Remote IO modules and
communication via Satellite between land and Oil rig and
boats

Batch Chemical process:
– Use of Safety PLC in Whiskey Distilleries (Temperature and
Pressure)

Airport infrastructure:
– Baggage Handling systems
 France

Automotive
– Main safety functions surround Robot Cells with Light curtain,
E-Stop etc.
 France + Germany

Automotive OEM
– Complete solution using ethernet
Invisible
Machine Control Safety- Jason Minto – December 2006 - English
41
Paint system with =S= Safety PLC
Machine Control Safety- Jason Minto – December 2006 - English
42
Paint system with =S= Safety PLC
Machine Control Safety- Jason Minto – December 2006 - English
43
New Applications: In Work
 Australia

Power Plant application
– Burner management using XPSMF Safety PLCs

Machine control application approximately 300 Safety IO
– have specified 2 XPSMF60 PLCs using approximately 9
XPSMFDIO241601

Coal loader application
– Long distance network architecture with SIL 3 requirement
– 12 Remote IO stations with a single Safety PLC
– Each IO station requires approximately 12 Inputs and 7
outputs (approximate total IO:256)
– Fibre optic connection between most stations
Invisible
Machine Control Safety- Jason Minto – December 2006 - English
44
New Applications: In Work
 Australia

Machine Control Safety- Jason Minto – December 2006 - English
Coal loader application (Safety Architecture 1st Draft)
45
New Applications: In Work
 Belgium

Batch Chemical process
– Customer request to update current Safety System from a
profibus DP (Siemens) to Ethernet solution
– Customer has been using the Premium PLC for many years,
and is very happy with the system

Machine Control customer (End user)
– Customer is currently using a Twido PLC to manage their
Safety and Standard application (Not-Safe!)
– Customer wants to use our Safety PLC system to Manage
Safety and the Standard automation
Invisible
Machine Control Safety- Jason Minto – December 2006 - English
46
Press Application: In Work
 Brazil

Machine Control Safety- Jason Minto – December 2006 - English
Press Application for US Market
47
Eccentric Press Application: In Work
Machine Control Safety- Jason Minto – December 2006 - English
48
Eccentric Press Application: In Work
 Press can be monitored over Ethernet for Safety and Standard
data via a central control panel
 Reduced Machine Downtime due to diagnostics via Ethernet
possible to see failure before a failure occurs (Operating
temperature, contact failure…)
 Reduced maintenance costs
 Reduced Wiring using a single network and decentralised
solution, thus enabling products to be situated on the machine
 Reduced architectural Complexity compared to hardwire
solution
 Analogue IO (pressure and encoder)
Machine Control Safety- Jason Minto – December 2006 - English
49
Contents
1. Introduction
2. The Hardware
3. The Safety Network
4. The Software
5. Diagnostics
6. Applications
7. Summary
Machine Control Safety- Jason Minto – December 2006 - English
50
Main Features of the Preventa range
 Schneider is the Supplier for both Standard and Safety
Automation products



Safety PLC
- Safety network On Ethernet
Standard PLC
- Standard network On Ethernet
Using a single medium simplifies the overall network architecture
 Schneider is a complete supplier for the “Safety Chain”





Offering Command and Signaling components, Sensors, Limit
Switches, Actuators, etc..
Offering Safety Modules for simple applications
Offering the Safety Controller for simple configuration in simple to
complex applications
Offering AS-Interface Safety at Work for actuator sensor level
network applications
Offering the Safety PLC and Safety Network for added flexibility
 The quick safety network can be used with standard Ethernet or
Fibre optics
 The diagnostic possibilities simplify commissioning and fault
finding
Machine Control Safety- Jason Minto – December 2006 - English
51
Choosing the most appropriate range
Machine Control Safety- Jason Minto – December 2006 - English
52
Thank you
for your attention
Machine Control Safety- Jason Minto – December 2006 - English
53