Iec 61784 3 18 2016

This stan ard explain the relevant prin iples for f un tional saf ety commu ication with ref eren e to IEC 615 8 series an sp cif ies several safety commu ication layers prof iles an cor

R éseaux de communication industriels – Profi s –

Partie 3- 18: Bus de ter ain de sécurité fonctionnel e – Spécificat ions

supplément aires pour le CPF 18

THIS PUBLICATION IS COPYRIGHT PROT CTED

Copyr ight © 2 16 IEC, Ge e a, Switzer la d

Al r i hts r es r ve Unle s oth r wis s e ifi d, n p r t of this p blc tio ma b r epr od c d or uti z d in a y form

or b a y me n ,ele tr onic or me h nic l in lu in p oto o yin a d microfim, with ut p r mis io in wr itin fr om

eith r IEC or IEC's memb r Natio al Commite in th c u tr y of th r eq e ter If y u h v a y q e tio s a o t IEC

c p r i ht or h v a e q iry a o t o tainin a ditio al r i hts to this p blc tio , ple s c nta t th a dr es b low or

y ur lo al IEC memb r Natio al Commite for f ur th r infor matio

Droits d r epro u tio r és r vé Sa f in ic tio c ntrair e, a c n p rtie d c te p blc tio n p ut êtr e r epr od ite

ni uti s e s u q elq e forme q e c s it et p r a c n pr oc d , éle tr oniq e o mé a iq e, y c mp s la p oto o ie

et le micr ofims, s n la c r d é r it d l EC o d Comité n tio al d l EC d p y d d ma d ur Si v u a e d s

q e tio s s r le c p r i ht d l EC o si v u d sire o te ir d s dr oits s p léme tair es s r c te p blc tio , uti s z

le c or do n e ci-a r ès o c nta te le Comité n tio al d l EC d v tr e p y d ré id n e

Th Inter natio al Ele tr ote h ic l Commis io (IEC) is th le din glo al or ga iz tio th t pr ep re a d p bls e

Intern tio al Sta d r ds for al ele tr i al ele tr onic a d relate te h olo ie

A bout IEC publc tio s

Th te h ic l c nte t of IEC p blc tio s is k pt u d r c n ta t r eview b th IEC Ple s ma e s r e th t y u h v th

late t e itio , a c r r ig n a or a ame dme t mig t h v b e p bls e

IEC Catalo u - webstore.e ch/cat alo u

Th st an -alo e a plc at io for c on ult in t he e t ire

biblo ra hic al informat io o IEC Int ern tio al St an ard ,

Te h ic al Sp cific at io s, Tec hnic al R ep rt s a d ot her

d c ume t s A v aia le for PC, Ma OS, A ndroid Ta let s a d

iPa

IEC publc t io s s arch - w w w.e ch/s arch ub

Th a v anc ed s arc h e a le t o fin IEC p blc t io s b a

v riety of c riteria (efere c e n mb r, text, t ec hnic l

c mmit t ee,…) It als giv es informat io o projec t s, re lac ed

Ele tro edia - www.ele tro edia.org

Th world's le din o ln dic t io ary of elec t ro ic a d

elec t ric l t erms c ont ainin 2 0 0 t erms a d d finitio s in

En ls a d Fre c , wit h e uiv le t t erms in 15 a dit io al

la g a e A ls k nown a t he Int ern t io al Ele trot ec nic l

V oc ab lary (IEV ) o ln

IEC Glos ar y - st d.e ch/glos ary

6 0 0 elec t rote h ic l t ermin lo y e t rie in En ls a d

Fre c ex t rac t ed fom t he Terms a d Definit io s cla s of

IEC p blc tio s is u d sin e 2 0 Some e trie h v b e

c lec t ed fom e rler p blc at io s of IEC TC 3 , 7 , 8 a d

CIS R

IEC Cu t omer Servic Centre - webst ore.e ch/cs

If y ou wis t o giv u your fe d ac k o t his p blc t io or

n e furt her a sist an e,ple s c ont ac t t he Cu t omer Servic

Ce t re: c sc@ie c h

A pro os de l'IEC

L Commis io Ele trote h iq e Inter natio ale (IEC) e t la pr emièr e org nis tio mo diale q i éla or e et p ble d s

Nor me intern tio ale p ur to t c q i a tr ait à léle tr i ité, à léle tr oniq e et a x te h olo ie a p r enté s

A pro os de publc t io s IEC

L c nte u te h iq e d s p blc tio s IEC e t c n tamme t r ev Ve i e v u a s r er q e v u p s é e lé itio la

plu ré e te, u c r r ig n um o ame d me t p ut a oir été p blé

Cat alo u IEC - webstore.e ch/cat alo u

A pplc t io a t on me p ur c n ult er tou le re s ig eme t s

biblo ra hiq e s r le Norme intern t io ale ,

Sp cific t io s t ec niq e , R ap ort s t ec hniq e et a t re

d c ume t s d l EC Dis o ible p ur PC, Ma OS, t ablett es

A ndroid et iPa

R echerche de publc tio s IEC - w w w.e ch/se rch ub

L rec herc e a a c ée p rmet d t ro v r d s p blc at io s IEC

e ut ils nt difére t s crit ère (n méro d référe c , t ex te,

c mit é d’ét ud s,…) Ele d n e a s i d s informat io s s r le

projet s et le p blc t io s remplac ée o ret iré s

IEC J st Publshed - webstore.e ch/j st publshed

R est ez informé s r le n uv ele p blc at io s IEC Ju t

Pu ls e d t ai e le n u ele p blc atio s p ru s

Dis o ible e lg e et a s i u e fois p r mois p r emai

Ele tro edia - www.ele tro edia.org

L premier dic t io n ire e lg e d t erme élec tro iq e et

élec t riq e I c nt ie t 2 0 0 t erme et d finit io s e a glais

et e fa ç is, ain i q e le t erme é uiv ale t s d n 15

la g e a dit io n le Eg leme t a p lé V oc b laire

Ele t rot ec hniq e Int ern tio al (IEV ) e lg e

Glos aire IEC - st d.e ch/glos ary

6 0 0 e t ré s termin lo iq e éle t rot ec hniq e ,e a glais

et e fa ç is, ext raites d s article Terme et Définit io s d s

p blc t io s IEC p ru s d p is 2 0 Plu c rt ain s e t ré s

a t érie re ex t rait es d s p blc at io s d s CE 3 , 7 , 8 et

CIS R d l EC

Servic Clent s - webstore.e ch/cs

Si v u d sire n u d n er d s c mme t aire s r c t t e

p blc at io o si v u a e d s q e t io s c nt act ez-n u :

c c@ie c

R éseaux de communicat ion indust riels – Profi s –

Partie 3- 18: Bus de ter ain de sécurit é fonct ionnel e – Spécificat ions

W arnin ! Mak e s re th t you o tain d this publc tion from a a thorize distribut or

A tt ention! Veui ez vou a s rer qu vou avez o te u c t te publc tion v ia u distribute r a ré

c olour

inside

IEC 61784- 3- 1 8

Edit io 1.1 2 16-0

R éseaux de communication industriels – Profi s –

Partie 3- 18: Bus de ter ain de sécurité fonctionnel e – Spécificat ions

supplément aires pour le CPF 18

CONTENTS

FOREWORD 5

0 Introd ction 7

0.1 General 7

0.2 Patent declaration 9

1 Sco e 10 2 Normative ref eren es 10 3 Terms, def i ition , s mb ls, a breviated terms an con ention 1

3.1 Terms an def i ition 1

3.1.1 Common terms an def i ition 1

3.1.2 CPF 18: Ad itional terms an defi ition 15 3.2 Symb ls an a breviated terms 16 3.2.1 Common s mb ls an a breviated terms 16 3.2.2 CPF 18: Ad itional s mb ls an a breviated terms 17 3.3 Con ention 17 4 Overview of FSCP 18/1 (Saf etyNET p™) 19 4.1 General 19 4.2 FSCP 18/1 19 5 General 2

5.1 External doc ments providin sp cifi ation for the profile 2

5.2 Saf ety f un tional req irements 2

5.3 Saf ety me s res 21

5.4 Saf ety commu ication layer stru ture 21

5.5 Relation hips with FAL (an DL , PhL) 2

5.5.1 General 2

5.5.2 Data Typ s 2

6 Saf ety commu ication layer services 2

6.1 General elements 2

6.1.1 General 2

6.1.2 Saf ety o ject dictionary 2

6.1.3 Saf ety proces data o ject (SPDO) 2

6.1.4 Saf ety he rtb at (SHB) 2

6.1.5 Saf ety delay monitorin (SDM) 2

6.2 Commu ication relation 2

7 Saf ety commu ication layer protocol 2

7.1 Saf ety PDU f ormat 2

7.1.1 General 2

7.1.2 Saf ety proces data o jects (SPDO) 2

7.1.3 Saf ety he rtb at (SHB) 2

7.1.4 Saf ety PDUs emb d ed in a Typ 2 PDU 2

7.2 Saf ety commu ication layer management (SALMT) 2

7.3 Saf ety proces data commu ication 31

7.4 Saf ety he rtb at 3

7.5 Delay monitorin 3

8 Saf ety commu ication layer management 3

8.1 Parameter han ln 3

8.2 Saf ety o ject dictionary 3

8.2.1 General 3

8.2.2 Commu ication prof ile section 3

8.2.3 Stan ardized device prof ile section 5

9 Sy tem req irements 5

9.1 In icators an switc es 5

9.1.1 In icator states an f las rates 5

9.1.2 In icators 5

9.1.3 Switc es 5

9.2 In tal ation g idel nes 5

9.3 Saf ety f un tion resp n e time 5

9.3.1 General 5

9.3.2 Determination of FSCP 18/1 time exp ctation b havior 5

9.3.3 Calc lation of the worst case safety fun tion resp n e time 5

9.4 Duration of deman s 5

9.5 Con traints for calc lation of s stem c aracteristic 5

9.5.1 Saf ety related con traints 5

9.5.2 Pro a i stic con ideration 5

9.6 Maintenan e 5

9.7 Saf ety man al 5

10 As es ment 5

An ex A (informative) Ad itional information for f un tional saf ety commu ication prof iles of CPF 18 5

An ex B (informative) Inf ormation f or as es ment of the fun tional safety commu ication profiles of CPF 18 6

Bibl ogra h 61

Fig re 1 – Relation hips of IEC 617 4-3 with other stan ard (mac inery) 7

Fig re 2 – Relation hips of IEC 617 4-3 with other stan ard (proces ) 8

Fig re 3 – FSCP 18/1 s stem 19 Fig re 4 – FSCP 18/1 sof tware arc itecture 21

Fig re 5 – SPDO interaction model 2

Fig re 6 – SHB interaction model 2

Fig re 7 – Saf ety proces data o ject stru ture 2

Fig re 8 – Saf ety he rtb at req est stru ture 2

Fig re 9 – Saf ety he rtb at resp n e stru ture 2

Fig re 10 – Saf ety PDU f or FSCP 18/1 emb d ed in a Typ 2 CDC data section 2

Fig re 1 – SALMT state mac ine 3

Fig re 12 – RxSPDO state mac ine 3

Fig re 13 – He rtb at proced re 3

Fig re 14 – Delay me s rement prin iple 3

Fig re 15 – Parameter han ln 3

Fig re 16 – Saf ety resp n e time comp nents 5

Fig re 17 – Con idered data f ield f or mes age size calc lation 5

Fig re 18 – Resid al er or rate 5

Ta le 1 – Object def i ition 18

Ta le 2 – Saf ety PDU element def i ition 18

Ta le 3 – Commu ication er ors an detection me s res 21

Ta le 4 – SPDO PDU stru ture 2

Ta le 5 – SHB req est PDU stru ture 2

Ta le 6 – SHB resp n e PDU stru ture 2

Ta le 7 – SHB saf ety commu ication layer state en oding 2

Ta le 8 – SALMT comman s 3

Ta le 9 – Sy tem states of SALMT state mac ine 31

Ta le 10 – State tran ition SALMT state mac ine 31

Ta le 1 – Sy tem states of RxSPDO state mac ine 3

Ta le 12 – State tran ition RxSPDO state mac ine 3

Ta le 13 – Time uts 3

Ta le 14 – Saf ety o ject dictionary stru ture 3

Ta le 15 – Objects of commu ication section 3

Ta le 16 – Device typ 3

Ta le 17 – Saf ety ID 3

Ta le 18 – Saf ety con umer he rtb at entry 3

Ta le 19 – Saf ety con umer he rtb at 4

Ta le 2 – Saf ety prod cer he rtb at p rameter 41

Ta le 21 – Saf ety bu c cle times 4

Ta le 2 – SPDO time ut toleran e 4

Ta le 2 – Receive SPDO commu ication p rameter 4

Ta le 2 – Tran mit SPDO commu ication p rameter 4

Ta le 2 – Ma pin f ormat 51

Ta le 2 – Receive SPDO ma pin p rameter 51

Ta le 2 – Tran mit SPDO ma pin p rameter 5

Ta le 2 – In icator states def i iton 5

Ta le 2 – STATUS in icator states 5

INTERNATIONAL ELECTROTECHNICAL COMMISSION

1 Th Intern tio al Ele trote h ic l Commis io (IEC) is a worldwid org niz tio for sta d rdiz tio c mprisin

al n tio al ele trote h ic l c mmite s (IEC Natio al Commite s) Th o je t of IEC is to promote

intern tio al c -o eratio o al q e tio s c n ernin sta d rdiz tio in th ele tric l a d ele tro ic field To

this e d a d in a ditio to oth r a tivitie , IEC p bls e Intern tio al Sta d rd , Te h ic l Sp cif i atio s,

Te h ic l Re orts, Pu lcly Av ia le Sp cific tio s (PAS) a d Guid s (h re f ter refere to a “IEC

Pu lc tio (s)”) Th ir pre aratio is e tru te to te h ic l c mmite s; a y IEC Natio al Commite intere te

in th s bje t d alt with ma p rticip te in this pre aratory work Intern tio al g v rnme tal a d n

n-g v rnme tal org niz tio s laisin with th IEC als p rticip te in this pre aratio IEC c la orate clo ely

with th Intern tio al Org niz tio for Sta d rdiz tio (ISO) in a c rd n e with c n itio s d termin d b

a re me t b twe n th two org niz tio s

2) Th formal d cisio s or a re me ts of IEC o te h ic l maters e pre s, a n arly a p s ible, a intern tio al

c n e s s of o inio o th rele a t s bje ts sin e e c te h ic l c mmite h s re re e tatio f rom al

intere te IEC Natio al Commite s

3) IEC Pu lc tio s h v th form of re omme d tio s f or intern tio al u e a d are a c pte b IEC Natio al

Commite s in th t s n e Whie al re s n ble eforts are ma e to e s re th t th te h ic l c nte t of IEC

Pu lc tio s is a c rate, IEC c n ot b h ld re p n ible for th wa in whic th y are u e or for a y

misinterpretatio b a y e d u er

4) In ord r to promote intern tio al u iformity, IEC Natio al Commite s u d rta e to a ply IEC Pu lc tio s

tra s are tly to th ma imum e te t p s ible in th ir n tio al a d re io al p blc tio s An div rg n e

b twe n a y IEC Pu lc tio a d th c r e p n in n tio al or re io al p blc tio s al b cle rly in ic te in

th later

5) IEC its lf d e n t pro id a y ate tatio of c nformity In e e d nt c rtific tio b die pro id c nformity

a s s me t s rvic s a d, in s me are s, a c s to IEC mark of c nformity IEC is n t re p n ible for a y

s rvic s c rie o t b in e e d nt c rtific tio b die

6) Al u ers s o ld e s re th t th y h v th late t e itio of this p blc tio

7) No la i ty s al ata h to IEC or its dire tors, emplo e s, s rv nts or a e ts in lu in in ivid al e p rts a d

memb rs of its te h ic l c mmite s a d IEC Natio al Commite s for a y p rs n l injury, pro erty d ma e or

oth r d ma e of a y n ture wh ts e er, wh th r dire t or in ire t, or for c sts (in lu in le al fe s) a d

e p n e arisin o t of th p blc tio , u e of, or rela c u o , this IEC Pu lc tio or a y oth r IEC

Pu lc tio s

8) Ate tio is drawn to th Normativ refere c s cite in this p blc tio Us of th refere c d p blc tio s is

in is e s ble f or th c re t a plc tio of this p blc tio

DISCLAIMER

This Con ol d te v rsion is not a of f icial IEC Sta dard a d ha be n prepare f or

us r conv nie c Only the c r e t v rsion of the sta dard a d its ame dme t s)

are to be considere the of ficial doc me ts

This Consol date v rsion of IEC 617 4-3-18 be rs the e ition number 1.1 It consists of

the first e ition (2 1 -0 ) [doc me ts 6 C/6 9/FDIS a d 6 C/6 9/RVD] a d its

ame dme t 1 (2 16-0 ) [doc me ts 6 C/8 1/FDIS a d 6 C/8 4/RVD] The te h ic l

conte t is ide tic l to the ba e e ition a d its ame dme t

In this Re l ne v rsion, a v rtic l l n in the margin s ows where th te h ic l conte t

is modif ie by ame dme t 1 Addition are in gre n te t, deletions are in strik through

re te t A s parate Fin l v rsion with al c a ge a c pte is a ai able in this

publ c tion

International Stan ard IEC 617 4-3-18 has b en pre ared by s bcommite 6 C: In u trial

network , of IEC tec nical commit e 6 : In u trial proces me s rement, control an

automation

This publ cation has b en draf ted in ac ordan e with the ISO/IEC Directives, Part 2

A l st of al p rts of the IEC 617 4-3 series, publs ed u der the general title I ndustrial

c mmu ic tio n twork – P rofiles – Fu ctio al s fety fieldb s s, can b f ou d on the IEC

we site

The commit e has decided that the contents of the b se publ cation an its amen ment wi

"ht p:/we store.iec.c " in the data related to the sp cifi publcation At this date, the

IMPORTANT – Th 'colour in ide' logo on the cov r pa e of this publ c tion indic te

that it contains colours whic are consid re to be us f ul f or the cor e t

understa ding of its conte ts Us rs s ould theref ore print this doc me t using a

colour printer

0 Introduction

The IEC 61 5 f ieldbu stan ard together with its comp nion stan ard IEC 617 4-1 an

IEC 617 4-2 def i es a set of commu ication protocols that ena le distributed control of

automation a pl cation Fieldbu tec nolog is now con idered wel ac e ted an wel

proven Th s man f ieldbu en an ements are emergin , ad res in not yet stan ardized

are s s c as re l time, saf ety- elated an sec rity- elated a pl cation

This stan ard explain the relevant prin iples for f un tional saf ety commu ication with

ref eren e to IEC 615 8 series an sp cif ies several safety commu ication layers (prof iles an

cor esp n in protocols) b sed on the commu ication prof iles an protocol layers of

IEC 617 4-1, IEC 617 4-2 an the IEC 61 5 series It do s not cover electrical saf ety an

intrin ic saf ety asp cts

Fig re 1 s ows the relation hips b twe n this stan ard an relevant safety an f ieldbu

stan ard in a mac inery en ironment

IEC 610 0-1-2

Meth dolo y EMC & FSIEC 610 0-1-2

Meth dolo y EMC & FS

Des ig of sa fety -relatede lec tric al eletro ic nd pro

ram-ma le le tro icc ontrols y stems (SR ECS) formac hin ry

ISO 1210 -1 a d ISO 14121

Sa fetyo f mac hin ry Princ ip lesfor

desig a d risk s es me tISO 1210 -1 a d ISO 14121

Sa fetyo f mac hin ry Princ ip lesfor

Sa fetyo f elec tric al

(inc lu in EMCfor

ind s triale viro me t )

IEC 6 0 1

Func tio a lsafe ty

f ormac hin ry

(SR ECS)

(inc lu in EMCfor

ind s triale viro me t

Func tio a lsaf e ty ( FS)

(b sicsta dard)

Func tio a l s afety

c ommunic a tio

profies

IEC 617 4-3

Func tio al saf e ty

c ommunic a tio

Instalatio guide

(profie-s pec ific)IEC 617 4-5

Ins talatio guide

(profie-sp c ific )

IEC 61918

Instalatio guide

(c ommo p rtIEC 61918

Ins talatio guide

Safetyfunc tio s

fordriv sProd c tsta d rd

Safetyreq ireme ts

for o ots

K ey

(y elow) safet y -relat ed st an ards

(blu ) field us-relat ed st an ards

(d sh d y elow) t his st an ard

NOT Su cla s s 6.7.6.4 (hig c mple ity) a d 6.7.8.1.6 (low c mple ity) of IEC 6 0 1 s e ify th relatio s ip

b twe n PL (Cate ory) a d SIL

Figure 1 – Relations ips of IEC 617 4-3 with other sta dards (ma hinery)

IEC 78 /1

Fig re 2 s ows the relation hips b twe n this stan ard an relevant safety an f ieldbu

stan ard in a proces en ironment

F nc tio als afe ty (FS)

(b s ics ta d rd)

IEC 61 5 s rie /

IEC 617 4-1, -2

Fie ld us forusein

in ustria lc ontro ls y ste ms

IEC 61 5 s rie /

IEC 617 4-1, -2

Fie ld us forusein

in ustria lc ontro ls y ste ms

Part 1-4

IEC 614 6

Sa f e tyf e g

lg tc urta insIEC 614 6

Safe tyre uireme ts

for o o ts

K ey

(y elow) safet y -relat ed st an ards

(blu ) field us-relate st an ards

Figure 2 – Relation hips of IEC 617 4-3 with other sta d rds (proc s )

Saf ety commu ication layers whic are implemented as p rts of saf ety- elated s stems

ac ordin to IEC 615 8 series provide the neces ary con den e in the tran p rtation of

mes ages (inf ormation) b twe n two or more p rticip nts on a fieldbu in a safety- elated

s stem, or s f f icient con den e of saf e b haviour in the event of fieldbu er ors or fai ures

Saf ety commu ication layers sp cified in this stan ard do this in s c a way that a f ieldbu

can b u ed f or a plcation req irin f un tional saf ety up to the Saf ety Integrity L vel (SIL)

sp cif ied by its cor esp n in fun tional safety commu ication prof ile

The res ltin SIL claim of a s stem de en s on the implementation of the selected fun tional

saf ety commu ication prof ile within this s stem – implementation of a fun tional safety

commu ication prof ile in a stan ard device is not s f f icient to q al f y it as a saf ety device

IEC 79 /1

This stan ard des rib s:

– b sic prin iples f or implementin the req irements of IEC 615 8 series f or sa

fety-related data commu ication , in lu in p s ible tran mis ion faults, remedial

me s res an con ideration af fectin data integrity;

– in ivid al des ription of f un tional saf ety prof iles f or several commu ication profile

f ami es in IEC 617 4-1 an IEC 617 4-2;

– saf ety layer exten ion to the commu ication service an protocols section of the

IEC 61 5 series

0.2 Pate t de laration

The International Electrotec nical Commis ion (IEC) draws atention to the fact that it is

claimed that complan e with this doc ment may in olve the u e of a p tent con ernin the

f un tional saf ety commu ication prof iles f or f ami y 18 as f ol ows, where the [x ] notation

in icates the holder of the p tent rig t:

Daten in einem Netzwerk

IEC takes no p sition con ernin the eviden e, val dity an s o e of this p tent rig t

The holder of this p tent rig t has as ured the IEC that he/s e is wi in to negotiate l cen es

either fre of c arge or u der re sona le an non-dis riminatory terms an con ition with

a pl cants throu hout the world In this resp ct, the statement of the holder of this p tent

rig t is registered with IEC Inf ormation may b o tained f rom:

Inf ormation may b o tained from:

[PI Pi z GmbH & Co KG

Fel x-Wan el-Str 2

7 7 0 Ostf ildern

GERMANY

Atention is drawn to the p s ibi ty that some of the elements of this doc ment may b the

s bject of p tent rig ts other than those identif ied a ove IEC s al not b held resp n ible f or

identif yin an or al s c p tent rig ts

ISO (www.iso.org/p tents) an IEC (ht p:/www.iec.c /cto ls/p tent_decl.htm) maintain on

-l ne data b ses of p tents relevant to their stan ard Users are en ouraged to con ult the

data b ses for the most up to date inf ormation con ernin p tents

INDUSTRIAL COMMUNICATION NETWORKS –

Part 3-18: Functional saf ety f ieldbuses –

Additional specif ications f or CPF 18

This p rt of the IEC 617 4-3 series sp cif ies a saf ety commu ication layer (services an

protocol) b sed on CPF 18 of IEC 617 4-2 an IEC 61 5 Typ 2 It identif ies the prin iples

f or f un tional saf ety commu ication defi ed in IEC 617 4-3 that are relevant for this saf ety

commu ication layer

NOT 1 It d e n t c v r ele tric l s fety a d intrin ic s fety a p cts Ele tric l s fety relate to h z rd s c

a ele tric l s o k Intrin ic s fety relate to h z rd a s ciate with p te tialy e plo iv atmo p ere

This p rt def i es mec anisms f or the tran mis ion of saf ety- elevant mes ages amon

p rticip nts within a distributed network u in f ieldbu tec nolog in ac ordan e with the

req irements of IEC 615 8 series

2

f or f un tional safety These mec anisms may b u ed in

variou in u trial a pl cation s c as proces control, man f acturin automation an

mac inery

This p rt provides g idel nes f or b th develo ers an as es ors of compl ant devices an

s stems

NOT 2 Th re ultin SIL claim of a s stem d p n s o th impleme tatio of th s le te fu ctio al s fety

c mmu ic tio profie within this s stem– impleme tatio of a fu ctio al s fety c mmu ic tio pro le a c rdin to

this p rt in a sta d rd d vic is n t s ff i ie t to q alfy it a a s fety d vic

2 Normative ref erenc s

The folowin referen ed doc ments are in isp n a le f or the a pl cation of this doc ment

For dated ref eren es, only the edition cited a pl es For u dated referen es, the latest edition

of the ref eren ed doc ment (in lu in an amen ments) a pl es

IEC 61 5 -3-2 , I nd ustrial c mmu ic tio n twork – Field bu s e ific tio s – P art 3-2 :

Data-link lay r s rvic definitio – Ty e 2 eleme ts

IEC 61 5 -4-2 , I nd ustrial c mmu ic tio n twork – Fieldbu s e ific tio s – P art 4-2 :

Data-link lay r protoc l s e ific tio – Ty e 2 eleme ts

IEC 61 5 -5-2 , I nd ustrial c mmu ic tio n twork – Field bu s e ific tio s – P art 5-2 :

Ap li atio lay r s rvic d efinitio – Ty e 2 eleme ts

IEC 61 5 -6-2 , I nd ustrial c mmu ic tio n twork – Fieldbu s e ific tio s – P art 6-2 :

Ap li atio la er proto ol s e ific tio – Ty e 2 eleme ts

IEC 615 8 (al p rts), Fun tio al s fety of electric l/electro ic/pro ramma le electro ic

IEC 615 8-2:2 10, Fu ction l s fety of electric l/ele tro ic/pro ramma le electro ic s

fety-related s stems – P art 2: Re uireme ts for electric l/electro ic/pro ramma le ele tro ic

s fety-related s stems

IEC 617 4-2:2 10, I ndu trial c mmu ic tio n twork – P rofiles – P art 2: Add ition l fieldbu

profiles for re l-time n twork b s d o I SO/I EC 8 0 -3

IEC 617 4-3:2 10, I ndu trial c mmu ic tio n twork – P rofiles – P art 3: Fu ctio al s fety

fieldbu e – Ge eral rule a d profile definitio s

IEC 61918, Indu trial c mmu ic tion n twork – In ta atio of c mmu ic tio n twork in

ind ustrial premis s

ISO/IEC 10 31, I nformatio tec n lo y – Op n s stem interc n e tio – Ba ic refere c

mod el – Co v ntio s for the definitio ofOSI s rvic s

3 Terms, def initions, symbols, abbreviated terms a d conventions

pro a i ty for an automated s stem that for a given p riod of time there are no u satisfactory

s stem con ition s c as los of prod ction

communic tion s stem

ar an ement of hardware, sof tware an pro agation media to al ow the tran fer of me s g s

(ISO/IEC 7 9 a pl cation layer) from one a pl cation to another

<value red n ant data derived from, an stored or tran mit ed together with, a bloc of data

in order to detect data cor uption

<method> proced re u ed to calc late the red n ant data

NOT 1 Terms “C C c d ” a d "C C sig ature", a d la els s c a C C1, CR 2, ma als b u e in this

sta d rd to ref er to th re u d nt d ta

NOT 2 Se als [3 ], [3 ]

3.1.1.7

er or

dis re an y b twe n a computed, o served or me s red value or con ition an the true,

sp cif ied or the retical y cor ect value or con ition

[IEC 615 8-4:2 10] [IEC 61 5 ]

NOT 1 Erors ma b d e to d sig mista e within h rdware/s ftware a d/or c ru te informatio d e to

ele troma n tic interere c a d/or oth r eff ects

NOT 2 Erors d n t n c s ariy re ult in afai l ure or a fault

3.1.1.8

f ai ure

termination of the a i ty of a f un tional u it to p rf orm a req ired fun tion or o eration of a

f un tional u it in an way other than as req ired

NOT 1 Th d finitio in IEC 615 8-4 is th s me, with a ditio al n te

[IEC 615 8-4:2 10, modif ied] [ISO/IEC 2 8 -14.01.1 , modified]

NOT 2 Faiure ma b d e to a eror (or e ample, pro lem with h rdware/s ftware d sig or me s g

disru tio )

3.1.1.9

f ault

a normal con ition that may cau e a red ction in, or los o the ca a i ty of a f un tional u it

to p rform a req ired f un tion

NOT IEV 191 0 -01 d fin s “a lt a a state c ara teriz d b th in bi ty to p rorm a re uire fu ctio ,

e clu in th in bi ty d rin pre e tiv mainte a c or oth r pla n d a tio s, or d e to la k of e tern l

re o rc s

[IEC 615 8-4:2 10, modif ied] [ISO/IEC 2 8 -14.01.10, modified]

3.1.1.10

f ieldbus

c mmu ic tio s stem b sed on serial data tran fer an u ed in in u trial automation or

proces control a plcation

red n ant data derived f rom a bloc of data within a DLPDU (f rame), u in a has f un tion,

an stored or tran mited together with the bloc of data, in order to detect data cor uption

NOT 1 An FCS c n b d riv d u in for e ample a C C or oth r h s f un tio

NOT 2 Se als [3 ], [3 ]

3.1.1.13

ha h f unction

(mathematical) fun tion that ma s values f rom a (p s ibly very) large set of values into a

(u ual y) smal er ran e of values

NOT 1 Ha h fu ctio s c n b u e to d te t d ta c ru tio

3

Fig re in s u re bra k ts ref er to th Biblo ra h

[IEC/TR 6 210, modified]

3.1.1.14

hazard

state or set of con ition of a s stem that, together with other related con ition wi inevita ly

le d to harm to p rson , pro erty or en ironment

spuriou trip with no harmf ul ef fect

NOT Intern l a n rmal erors c n b c u e in c mmu ic tio s stems s c a wirele s tra smis io , for

e ample b to ma y retrie in th pre e c of interere c s

3.1.1.19

perf orma c le el (PL)

dis rete level u ed to sp cif y the a i ty of saf ety- elated p rts of control s stems to p rform a

saf ety fun tion u der f orese a le con ition

[ISO 13 4 -1]

3.1.1.2

existen e of me n , in ad ition to the me n whic would b s f f icient f or a fun tional u it to

p rform a req ired f un tion or for data to re resent inf ormation

[IEC 615 8-4:2 10, modif ied] [ISO/IEC 2 8 -14.01.12, modified]

3.1.1.21

ris

combination of the pro a i ty of oc ur en e of harm an the severity of that harm

NOT For more dis u sio o this c n e t s e An e A of IEC 615 8-5:2 10

[IEC 615 8-4:2 10] [ISO/IEC Guide 51:19 9, def i ition 3.2]

3.1.1.2

s f ety commu ic tion la er (SCL)

commu ication layer that in lu es al the neces ary me s res to en ure saf e tran mis ion of

data in ac ordan e with the req irements of IEC 615 8

s f ety data

data tran mit ed acros a saf ety network u in a saf ety protocol

NOT Th Safety Commu ic tio L y r d e n t e s re s fety of th d ta its lf, o ly th t th d ta is tra smite

s fely

3.1.1.2

s f ety de ic

device desig ed in ac ordan e with IEC 615 8 an whic implements the f un tional safety

commu ication profile

3.1.1.2

s f ety fun tion

f un tion to b implemented by an E/E/PE saf ety- elated s stem or other ris red ction

me s res, that is inten ed to ac ieve or maintain a saf e state f or the EUC, in resp ct of a

sp cif i hazardou event

NOT Th d finitio in IEC 615 8-4 is th s me, with a a ditio al e ample a d refere c

[IEC 615 8-4:2 10, modif ied]

3.1.1.2

s f ety f unction re pon e time

worst case ela sed time f ol owin an actuation of a saf ety sen or con ected to a f ieldbu ,

b fore the cor esp n in safe state of its safety actuator(s) is ac ieved in the presen e of

er ors or fai ures in the saf ety fun tion c an el

NOT This c n e t is intro u e in IEC 617 4-3:2 10, 5.2.4 a d a dre s d b th fu ctio al s fety

c mmu ic tio pro le d f i e in this p rt

3.1.1.2

s f ety inte rity le el (SIL)

dis rete level (one out of a p s ible four), cor esp n in to a ran e of safety integrity values,

where saf ety integrity level 4 has the hig est level of safety integrity an safety integrity level

1 has the lowest

NOT 1 Th targ t faiure me s re (s e IEC 615 8-4:2 10, 3.5.17) for th fo r s fety inte rity le els are

s e ifie in Ta le 2 a d 3 of IEC 615 8- :2 10

NOT 2 Safety inte rity le els are u e for s e ifyin th s fety inte rity re uireme ts of th s fety fu ctio s to

b alo ate to th E/E/P s f ety- elate s stems

NOT 3 A s f ety inte rity le el (SIL) is n t a pro erty of a s stem, s b y tem, eleme t or c mp n nt Th c re t

interpretatio of th p ra e “SIL s fety-elate s stem” (wh re n is 1, 2, 3 or 4) is th t th s stem is p te tialy

c p ble of s p ortin s fety fu ctio s with a s fety inte rity le el u to n

[IEC 615 8-4:2 10]

3.1.1.2

s f ety me s re

<this stan ard> me s re to control p s ible commu ication erors that is desig ed an

implemented in compl an e with the req irements of IEC 615 8

NOT 1 Inpra tic , s v ral s fety me s re are c mbin d to a hie e th re uire s fety inte rity le el

NOT 2 Commu ic tio erors a d relate s fety me s re are d taie in IEC 617 4-3:2 10, 5.3a d 5.4

3.1.1.2

s f ety-relate appl c tion

programs desig ed in ac ordan e with IEC 615 8 to me t the SIL req irements of the

a pl cation

s f ety-relate s stem

s stem p rformin s fety fu ctio s ac ordin to IEC 615 8

u sig ed integer with wra to zero on overf low whic is u ed as me n to en ure

completenes an the rig t order of tran mit ed saf ety PDUs

tran mis ion time of PDUs whic is d namical y cau ed by network pro erties l ke traf f ic,

switc in devices an to olog

3.1.2.5

f ai -s fe

a i ty of a s stem that, by adeq ate tec nical or organizational me s res, prevents hazard

either deterministical y or by red cin the ris to a tolera le me s re

seq en e of ro t device an al ordinary devices proces in the commu ication f rame in

f orward an b c ward direction

3.1.2.8

produc r/con umer relations ip

relation hip where the prod cer sen s data to the con umer without a sp cifi req est

s nder/re eiv r relations ip

relation hip where the sen er sen s data to the receiver

commu ication relation hip with exactly one sen er an one or man receivers

3.2 Symb ls a d abbre iate terms

3.2.1 Common symbols a d ab re iate terms

E/E/P Ele tric l/Ele tro ic/Pro ramma le Ele tro ic [IEC 615 8-4:2 10]

PLC Pro ramma le L gic Co troler

SCL Safety Commu ic tio L y r

3.2.2 CPF 18: Additional s mbols a d abbre iate terms

3.2.2.1 Ad itional abbre iate terms

Actu tor time Worst c s re p n e time of th a tu tor for c n ersio

a d re ctio a c rdin to th s fety fu ctio

Tra smis io time Worst c s tra smis io time of th c mmu ic tio

n twork Time ut time for F CP 18/1

• In ex des rib s the p sition within the safety o ject dictionary of an o ject

• Sub-in ex des rib s a sin le element of the o ject containin the f ol owin data It wi b

re e ted f or e c element of the o ject

– Name denotes a name strin f or this atribute

– Des ription is u ed for ad itional inf ormation on how the o ject s al b u ed

– Object typ denotes the c aracterizin typ f or e c o ject as sp cif ied in

IEC 61 5 -6-2

– Data Typ denotes the data typ of this element.

– Category in icates whether the element is man atory (M), o tional (O) or de en s

up n setin of other atributes (C)

– Value ran e contain the value ran e of a dedicated element or “No” f or no

pre-defi ed value ran e

– Value contain the con tant value(s) an /or the me nin of the p rameter or “No” for

• Octet of fset denotes the of fset of the DLPDU p rt relative to the start of the saf ety PDU

• Data f ield is the name of the element

• Value/Des ription contain the con tant value or the me nin of the p rameter

Table 2 – Saf ety PDU eleme t d finition

saf ety commu ication prof ile FSCP 18/1 (SafetyNET p™) is b sed on the CPF 18 b sic

prof iles in IEC 617 4-2 an the safety commu ication layer sp cif i ation def i ed in this p rt

4.2 FSCP 18/1

FSCP 18/1 des rib s a safety protocol for tran f er in saf ety proces data up to SIL 3

b twe n FSCP 18/1 devices F r the tran f er of the safety protocol, a s b rdinated f ieldbu is

u ed that is not in lu ed in the safety con ideration (blac c an el a pro c ) Saf ety data

ex han ed b twe n commu icatin p rtners is regarded as c cl c proces data ex han ed

b twe n them by the s b rdinated f ieldbu

Figure 3 – FSCP 18/1 s stem

4

SafetyNE p is a tra e n me of Piz GmbH & Co KG This informatio is giv n for th c n e ie c of u ers of

this Intern tio al Sta d rd a d d e n t c n titute a e d rs me t b IEC of th tra e n me h ld r or a y of

its pro u ts Compla c to this p rt d e n t re uire u e of th tra e n me SafetyNE p Us of th tra e

n me SafetyNE p re uire p rmis io of Piz GmbH & Co KG

d vic

Sta d rd

a plSafety

FSCP 18/1 u es a dedicated 1:n relation hip of the prod cer/con umer relation hip typ for

saf ety proces data commu ication an a 1:1 relation hip f or the purp se of safety device

monitorin Fig re 3 s ows p s ible commu ication relation hips b sed on a CP 18/1 an

CP 18/2 network

For the re l zation of FSCP 18/1, the f ol owin saf ety me s res have b en c osen:

• ses ion n mb r (con ec tive n mb r);

• time exp ctation for commu ication monitorin ;

• u iq e identif i ation of sen ers;

• c clc red n an y c ec in f or data integrity;

• dif f erent data integrity as uran e s stems f or saf ety an non-saf ety commu ication;

• p c et delay monitorin for dedicated commu ication relation hips

Eac device maintain a safety commu ication layer state mac ine, whic is co rdinated by

the saf ety a pl cation Saf ety is en ured b sed on the SCL switc in to the s stem er or state

(i.e saf e state) as so n as an er or is detected

5.1 Extern l doc me ts providing spe ific tions f or the profi e

The f ol owin doc ment is u ef ul in u derstan in the desig of FSCP 18/1 protocol:

5.2 Safety function l re uireme ts

The fol owin req irements s al a ply to the develo ment of devices that implement the

FSCP 18/1 protocol The same req irements were u ed in the develo ment of FSCP 18/1

• Req irements of IEC 615 8 s al b f ulf il ed

• The FSCP 18/1 protocol is desig ed to s p ort Saf ety Integrity L vel 3 (SIL 3) (see

IEC 615 8)

• FSCP 18/1 protocol is implemented u in a blac c an el a pro c ; there is no saf ety

related de en en y on the stan ard CPF 18 commu ication profiles Tran mis ion

eq ipment s al remain u modif ied

• Saf ety commu ication an stan ard commu ication s al b in e en ent Safety devices

an stan ard devices s al b a le to u e the same commu ication c an el

• There s al alway b a 1:1 relation hip b twe n commu icatin devices for device

monitorin purp se

• Saf ety commu ication s al u e a sin le-c an el commu ication s stem Red n an y

may only b u ed o tional y for in re sed avaia i ty

• Implementation of the saf ety protocol s al b restricted to the commu ication en

devices

• The tran mis ion d ration time s al b monitored

• Devices doc mentation s al in icate the Safety Integrity L vel (SIL) they are desig ed

f or

–9

5.3 Safety me s re

The safety me s res u ed in the FSCP 18/1 to detect commu ication er ors are l sted in

Ta le 3 Al saf ety me s res s al b a pl ed an monitored within e c saf ety device

Table 3 – Communic tion er ors a d dete tion me s re

Communic tio er ors

5.4 Saf ety communic tion la er stru ture

Fig re 4 s ows how the protocol is related to CPF 18 an Typ 2 The FSCP 18/1 safety

commu ication layer is located on to of the CPF 18 an Typ 2 a pl cation an data l n

layers an uti zes the non-saf ety services of CPF 18 an Typ 2 to tran fer safety PDUs

Figure 4 – FSCP 18/1 sof tware arc ite ture

Ap lcation Objects

Ph sical L yer

IEC 71 1

A saf ety proces data o ject (SPDO) containin the safety proces data, the identif i ation

inf ormation an the req ired er or detection me s res is in lu ed in the Typ 2 proces data

o jects The ma pin of the saf ety proces data to SPDOs is done by entries in the saf ety

o ject dictionary

Monitorin of the time s n hronization of the saf ety a pl cation is re l zed u in a saf ety

he rtb at service (SHB)

The calc lation of the resid al er or pro a i ty for the FSCP 18/1 protocol takes no credit of

the er or detection mec anisms of the commu ication s stem The protocol can also b

tran fer ed via other commu ication s stems

5.5 Relations ips with FAL (a d DLL, PhL)

This safety commu ication layer is desig ed to b u ed in conju ction with CPF 18

commu ication prof iles But it is not restricted to this commu ication prof ile

5.5.2 Data Type

Prof iles defi ed in this p rt s p ort al the CPF 18 data typ s as def i ed in IEC 61 5 -5-2

The en odin of these data typ s f ol ows the en odin rules defi ed in IEC 61 5 -6-2

6 Saf ety communication la er servic s

6.1.1 Ge eral

The FSCP 18/1 provides the fol owin elements:

• saf ety o ject dictionary;

• saf ety proces data o ject (SPDO);

• saf ety he rtb at (SHB);

• saf ety delay monitorin (SDM)

6.1.2 Saf ety obje t diction ry

The safety o ject dictionary is the interf ace b twe n the safety a pl cation an the

commu ication s stem It is a groupin of o jects an sp cifies u iform commu ication an

device p rameters for the saf ety- elated f un tional ty The organization of o jects is adju ted

with the organization of CP 18/1 an CP 18/2 Ac es to saf ety o ject dictionary entries can

o tional y b re l zed by SDO services as def i ed in IEC 61 5 -5-2 an IEC 61 5 -6-2

This ac es s al b restricted to re d only (RO) ac es

6.1.3 Safety proc s data obje t (SPDO)

Saf ety proces data o jects s al provide the req ired services f or saf ety related proces data

ex han e b twe n certain commu icatin devices Safety proces data commu ication in

FSCP 18/1 is c cl c, u in safety proces data o jects (SPDOs) The proces data

commu ication is spl t into saf ety tran mit an receive proces data o jects (TxSPDOs or

RxSPDO)

6.1.4 Saf ety he rtbe t (SHB)

Devices whic implement FSCP 18/1 SCL u e SHB service f or a pl cation layer monitorin

an a pl cation monitorin This service is in e en ent of an other he rtb at services that

devices could implement in paral el SHB mes ages are con rmed c cl c mes ages

ex han ed b twe n commu icatin devices an re l ze a 1:1 relation hip b twe n devices

The SHB mec anism is u ed to s n hronize the s stem cloc s of the commu icatin devices

6.1.5 Saf ety dela monitoring (SDM)

The safety delay monitorin service is u ed to monitor the delay of p c ets within a

commu ication relation hip of commu icatin devices This mec anism is b sed on a

con rmed service relation b twe n devices The service monitors that the time b twe n

prod cin the service req est an receivin the service con rmation do s not ex e d a

con g ra le maximum delay Further on, the service monitors the time b twe n two

s c es ful delay me s rements This time s al not ex e d a con g ration de en ent time in

whic it would b p s ible that the delay arises over the maximum al owed delay

6.2 Communic tion relation

FSCP 18/1 def i es a 1:n relation hip with prod cer/con umer relation hip f or saf ety proces

data commu ication Prod cers s al c cl cal y sen saf ety proces data o jects identif ied by

a u iq e PDO-ID f or p c et identifi ation an a u iq e saf ety ID for prod cer identif i ation

Saf ety proces data o ject interaction is u con rmed Fig re 5 s ows the saf ety proces data

o ject interaction model (se ISO/IEC 10 31 for explanation of seq en e c art

Fig re 5 – SPDO intera tion model

The state an presen e of commu ication p rtners (i.e prod cers an con umers) in

FSCP 18/1 is monitored in e en ently by e c p rticip tin device For al commu ication

relation from one dedicated device to one other dedicated device one he rtb at relation hip

is exec ted Th s, a 1:1 relation hip b twe n commu ication p rtners exists Safety

he rtb at commu ication fol ows the con rmed cl ent server relation hip Fig re 6 s ows

he rtb at interaction for a safety proces data o ject relation hip The c cle time of the

he rtb at service is in e en ent from other commu ication c cle times an de en s on the

saf ety f un tion resp n e time as wel as f rom the maximum al owed growth of mes age

The FSCP 18/1 commu ication c cle mainly con ists of c cl c u con rmed ex han e of

saf ety proces data o jects A time exp ctation b havior is u ed on the con umer side to

monitor saf ety proces data ex han e an to detect commu ication f ai ures Becau e of the

u con rmed interaction model an ad itional mec anism is req ired whic ena les the

detection of a fai ed device an whic also ena les the detection of an in re sed PDU

del very delay b sides the time exp ctation of the con umer This is re lzed by safety

he rtb at service Both mec anisms in combination defi e an o serve a commu ication

A safety PDU con ists of either a saf ety proces data o ject (SPDO) or a safety he rtb at

(SHB) Whi e the SPDO is u ed to commu icate the saf ety a pl cation data, the SHB is u ed

to s n hronise the commu icatin devices

7.1.1.2 Data inte rity

The receiver of a saf ety PDU s al verif y the saf ety integrity of the data by c ec in b th

co ies of the data (SPDO or SHB) again t their CRCs an by comp rin the CRCs of the two

co ies of the data

If tran mis ion re etition are con g red, then e c rece tion s al b c ec ed as sp cif ied

a ove The rece tion of the safety PDU s al b tre ted as f ai ed if al re etition fai ed the

Figure 7 – Safety proc s data obje t structure

The SPDO is c cl cal y tran fer ed via the s b rdinate f ieldbu The content of one SPDO

con ists of one or several safety a pl cation o jects out of the safety o ject dictionary The

ma pin fom the safety o ject dictionary element to the SPDO is done by the SPDO ma pin

entries in Ta le 2 an Ta le 2 Ta le 2 is u ed to identify the ma pin ta le in ex of

Ta le 2 b sed on the PID of the SPDO

In Ta le 4 the general stru ture of a SPDO is l sted

Table 4 – SPDO PDU structure

NOT 1 n is th le gth in o tets of th d ta f i ld s fety d ta 1 (s f ety d ta 2)

In order to al ow the safety PDU to b tran p rted via a blac c an el whose tran f er

c aracteristic are not in lu ed in the safety con ideration , the amou t of data is restricted

PID L n th Saf ety

d ta 1

SID 1 Co s

n 1CRC 1 Safety

d ta 2

SID 2 Co s

n 2CRC 2

IEC 74/

the data integrity as uran e s stem a pl ed by this FSCP the resid al er or rate p r hour

do s not ex e d 10

-9

as proven in 9.5.2

7.1.2.5 SPDO SID

This data f ield is a 16 bit identifier of the sen er This value s al b u iq e acros the

network Eac p rticip tin FSCP 18/1 device o tain one SID The SID of a device is stored

within the cor esp n in saf ety o ject dictionary entry with in ex 0x12 0 The SID s al not

b 0 The n mb r is generated by the network con g ration to l whic s al en ure the

u iq enes of the SPDO SID

7.1.2.6 SPDO con e utiv number

This data f ield is an 8 bit con ec tive n mb r (c cl c cou ter) for a pl cation layer l f e-sig

monitorin an p c et seq en in This n mb r is generated by the sen er of the SPDO The

Fig re 8 s ows the stru ture of a safety he rtb at req est PDU

Figure 8 – Saf ety he rtbe t re ue t structure

Table 5 – SHB re ue t PDU structure

5 to 6 (n- ) 5 to 5 n- Safety A state 1 Safety a plc tio pro e s state (impleme tatio

9 n m to 12 n m CRC 1 3 bit c clc re u d n y c e k c v rin d tafield

PID, le gth, SCL state 1, Saf ety A state 1, SID 1 a d

CRC 2 3 bit c clc re u d n y c e k c v rin d tafield

PID, le gth, SCL state 2, Saf ety A state 2, SID 2 a d

c n e utiv n mb r 2

NOT 1 n is th le gth ino tets of th d ta f i ld Safety A state

7.1.3.1.2 SHB re p ns PDU

Fig re 9 s ows the stru ture of a safety he rtb at resp n e PDU

Figure 9 – Safety he rtbe t re p ns stru ture

Ta le 6 l sts the general stru ture of this PDU

n 1

CRC 1 SID 2 Co s

n 2CRC 2

Table 6 – SHB re p ns PDU structure

This data f ield s al contain the complete p c et len th in octets

7.1.3.4 SHB s f ety commu ic tion la er state

This data field s al contain state information a out the SCL This information is interpreted by

SHB receivers Ta le 7 sp cif ies the en odin of the content of this data field

Table 7 – SHB s f ety communic tion la er state e coding

7.1.3.5 SHB s f ety AP state

This data f ield s al contain state inf ormation a out the saf ety a pl cation The content an

en odin of this data field are a pl cation de en ent an are outside the s o e of this

international stan ard The len th is restricted f rom 0 to 1 4 octets for protocol version 2 or

resp ctively 1 6 octets for protocol version 1

7.1.3.6 SHB SID

This data f ield is the 16 bit identif ier of the sen er This value s al b u iq e acros the

network Eac p rticip tin FSCP 18/1 device o tain a SID The SID of a device is stored

within the cor esp n in saf ety o ject dictionary entry with in ex 0x12 0 The SID s al not

b 0 The n mb r is generated by the network con g ration to l whic s al en ure the

u iq enes of the SHB SID

7.1.3.7 SHB cons c tiv number

This data f ield is an 8 bit con ec tive n mb r (c cl c cou ter) for a pl cation layer l f e-sig

monitorin an p c et seq en in In the event of a resp n e PDU this data f ield contain the

con ec tive n mb r of the PDU con rmed by this resp n e This n mb r is generated by the

commu ication profile For detai s a out the Typ 2 DLPDU ref er to IEC 61 5 -4-2

Fig re 10 – Saf ety PDU f or FSCP 18/1 embe de in a Type 2 CDC data s ction

7.2 Saf ety communic tion la er ma a eme t (SALMT)

By the local SALMT service it is p s ible to trig er the state mac ine of the SCL an th s to

control the b havior of the safety p rt of a device

The SALMT comman s as sp cif ied in Ta le 8 are avai a le

Table 8 – SALMT comma d

0 01 Re et c mmu ic tio

0 0 Enter pre p ratio al

Fig re 1 s ows the SALMT state mac ine Al states of the state mac ine s al b

IEC 78 /1

Table 9 – Sy tem state of SALMT state ma hine

1 Start u Virtu l state after d vic start-u

Se din a dre eivin of S DO a d SHB PD s are n t alowe

2 Initialz tio Sy tem d p n a t initials tio

Se din a dre eivin of S DO a d SHB PD s are n t alowe

3 PreOp ratio al Co fig ratio is b in p rorme or s stem awaits re u st to start o eratio al

state

Se din a dre eivin of SHB PD s are alowe S DO PD s are n t alowe

Se din a dre eivin of S DO a d SHB PD s are alowe

faie

A n n s fety rele a t eror o c re d rin initials tio

Se din a dre eivin of SHB PD s are alowe S DO PD s are n t alowe

6 Sy tem eror Safety rele a t eror h s b e d te te

Se din a dre eivin of S DO a d SHB PD s are n t alowe

Table 10 – State tra sitions SALMT state ma hine

c mma d start remote n d

fa lt d rin initialz tio

7.3 Saf ety proc s data commu ic tion

Saf ety proces data commu ication is b sed on a 1:n relation hip of the produ er/con umer

relation hip typ No con rmation mes ages are u ed Commu ication relation hips are

con g red d rin s stem con g ration phase There exists no further onl ne con ection

management

A time exp ctation b havior is u ed on the con umer side to monitor saf ety proces data

ex han e an to detect commu ication fai ures The SPDO c cle time is monitored with an

a pro riate time ut mec anism Furthermore, prod cer an con umer monitor the p c et

delay to identif y an u ac e ta le in re se

Fig re 12 s ows the RxSPDO state mac ine This state mac ine is a pl ed f or e c

con g red RxSPDO Al states s al b s p orted

Figure 12 – RxSPDO state ma hine

Ta le 1 to Ta le 13 des rib the state tran ition an the related events an action

Table 1 – Sy tem state of RxSPDO state ma hine

2 Activ RxS DO re eiv d a d v ld d la me s reme t Data is

pro u e SALMT state is “Op ratio al”

3 Dela v ld Dela me s reme t s c e sful c n e tio to c mmu ic tio

p rtn r within time lmits, RxS DO n t “Activ ” b c u e n S DO

h s n t b e re eiv d y t No d ta is pro u e

4 Fai-s fe RxS DO time ut or SHB time ut o c re whie in RxS DO state

“Activ ” Data is z ro d o t a d pro u e o c Re ctiv tio is

o ly alowe b SALMT tra sitio

Table 12 – State tra sitions RxSPDO state ma hin

“Op ratio al” if d la me s reme t

(SHB) wa s c e sf ul

No e

RxS DO h s b e re eiv d

Start pro u tio of d taa d s t

SALMT to “Op ratio al”

SHB c n umer Th SHB c n umer time ut h p e s if within th c nfig re n mb r of

timo t multipler c cle n SHB fom th c n umer h s b e re eiv d

SHB time ut SHB e p cte re p n e time ut or SHBc n umer timo t

To en an e the avai a i ty of the service multiple co ies of an SPDO PDU can b sent by a

sen er This b havior de en s on the con g ration of the service The receiver monitors the

n mb r of co ies of an SPDO whic are received If to man co ies are received a tran ition

to s stem er or state is is ued to sig al a faulty con g ration of the network The time ut

mec anism at the receiver is not in uen ed by a receipt of multiple co ies The mec anism is

trig ered by the f irst received PDU

7.4 Saf ety he rtbe t

Devices whic implement a SCL s al s p ort saf ety he rtb at This he rtb at mec anism is

in e en ent of the CP 18/1 an CP 18/2 he rtb at mes ages an s al b con g red

in e en ent

Saf ety he rtb at mes ages are tran mit ed as sp cified in Fig re 13 Eac he rtb at

mes age contain the state of the SCL an the saf ety a pl cation proces

The he rtb at proced re is s own in Fig re 13

Fig re 13 – He rtbe t proc dure

7.5 Dela monitorin

The delay me s rement proced re s al b exec ted by al saf ety devices to determine the

actual delay in PDU del very an th s to determine the val dity of the received inf ormation

It is p s ible to monitor the delay of p c ets b sed on the safety he rtb at service Eac

saf ety he rtb at PDU is ac nowled ed by the receiver The sen er monitors the time b twe n

prod cin the he rtb at req est an receivin the resp n e This time s al not ex e d a

con g red maximum delay

Fig re 14 s ows the general me s rement prin iple f or delay me s rement at sen er an

2, T

3

4are not further

in estigated Based on this information, the sen er of he rtb at req est PDUs s al

determine an estimation of the delay in p c et del very The delay monitorin res lt s al b

comp red to a con g red thres old value Is an in re se of the delay detected whic ex e d

the con g red thres old value, the SCL s al initiate a tran ition to SPDO state “F i -Saf e”

an the a pl cation s al enter a safe state

The determination of the re etition rate f or the delay monitorin proced re (i.e the SHB c cle

time) s al b derived out of the maximum al owed delay (de en s on the saf ety f un tion

resp n e time), the c r ent delay an the con g red SPDO c cle times

Ad itional y, the sen er monitors the time b twe n two s c es f ul delay me s rements This

time s al not ex e d the time in whic the p s ibi ty exists that the delay rises over the

con g red delay thres old

The maximum time u ti the next delay me s rement is calc lated p r Eq ation (1)

Max

TTTT

DD

T

++

−

=

)

*(

*2

)(

The p rameter con g ration of FSCP 18/1 devices is p rt of the con g ration of the safety

a pl cation Al safety- elevant p rameters are downlo ded to the device by an a pro riate

device con g ration to l The u ed mec anism f or p rameter downlo d l es outside of the

s op of this international stan ard an de en s on the safety a plcation Fig re 15 s ows

the device con g ration seq en e

Figure 15 – Parameter ha dl n

8.2 Safety obje t diction ry

8.2.1 Ge eral

The safety o ject dictionary u es the same stru ture as the o ject dictionary u ed in CP 18/1

an CP 18/2 It contain the o ject are s l sted in Ta le 14

Table 14 – Saf ety obje t dictionary structure

0 0 01 to 0 0 1F Data ty e Ba ic d ta ty e Definitio of b sic d ta ty e

0 10 0 to 0 1F F Commu ic tio pro le — Definitio of th p rameters whic are

u e for c mmu ic tio c n g ratio

— Definitio of th p rameters d fin din a

sta d rdiz d d vic profie

0 A0 0 to 0 B F Sta d rdiz d

intera e profie

sta d rdiz d intera e profie

The saf ety a pl cation related o jects l sted in Ta le 15 s al b s p orted

Table 15 – Obje ts of commu ic tion se tion

L wer 16 bits are “De ic Pro le

Numb r”, d s ribin th u e profie

Up er 16 bits are “Ad itio al