Home >
Knowledge Base >
FAQs >
Downloads >Safety FAQ
Following are a series of Frequently Asked Questions relating to "safety". This includes speeds, safety cards, and electronics.
Frequently Asked Questions
SIL (Safety Integrity Level) always refers to a complete system.
SILCL (Safety Integrity Level, Claim Limit) refers to a part of the system only.
MTBF (Mean Time Between Failures) describes the time between to failures.
MTTF (Mean Time To Failure) describes the time up to the first failure.
The designation "d" means "dangerous". MTTFd describes the time up to the first dangerous failure.
See page Residual Current Protective Device.
Standards EN ISO 13849-1 and EN 62061 show reference values for often used components in the appendix. If you have manufacturer values, you must use these values instead of the reference values.
If this occurs when using a linear motor, the workaround is to:
- Switch off the field current (MIMR = 0) before starting Wake & Shake
- Set the current value back after Wake & Shake
A solution for this issue is in process.
If the safety card switches off when a ready-to-operate (BTB) servo amplifier is enabled (HWEnable), the solution is to:
- Evaluate the signal "STO Acknowledge" of the safety card.
- Enable the servo amplifier after receiving this ready to operate signal from the safety card.
No. A duty for certification does not exist according to EN 13849 and EN 62061. But, according to appendix IV of the machine directive, there might be a duty to certify, e.g. for presses. Requirements for programming of software can be found in EN 62061 and EN ISO 13849-1.
With the use of PFH (Probability of Dangerous Failure per Hour) value you can build a relation between PL (Performance Level) and SIL (Safety Integrity Level). See page Safety.
No, sensorless operation with safety card functions is not possible with either synchronous or asynchronous (induction) motors.
No, because one single error only would force the break down of the safety circuit.
When using a low velocity, current evaluations of the safety card in SLS (Safe Limited Speed) mode can still monitor an error. To resolve this set the ASCII parameter CSENID to 1. This increases resolution for low velocity values.
To determine the hardware revision and firmware version of an installed safety card:
- Open the setup software Drivegui.
- Type VER * in the terminal screen.
| DIS1-HW | shows the hardware revision |
|---|---|
| DIS1-SW | shows the firmware version |
Sending a fault reset command (CLRFAULT) while the safety door is open can generate a safety card error.
CLRFAULT restarts the safety card.
The start conditions are not correct in this situation because the safety door is open. Send the CLRFAULT only if the start conditions of the machine are correct, i.e. the safety door is closed.
The tool "Braking Ramps SafetyGUI" (see Downloads) explains that procedure with an example.
| S300, S400, S600 | With these servo amplifiers, safe reduced speed can be realized with external components. Different proposals for cat. 2 and cat.3 are given on page Safe Reduced Speed. |
|---|---|
| S700 | With the built-in Safety expansion card the function SLS (safely limited speed) is integrated in the servo amplifier, see page Safety Concept S700. |
It is possible to connect several servo amplifier STO inputs to one output of a safety control and SIL2/PLd can be met.
A maximum of 9 amplifiers can be connected to one output.
For more information see page S700 Safety: Several S700 on one safety control
Yes. With operating system software and safety functions to PL "e" the requirements according to IEC 61508-3 must be observed.