Hello, I’m trying to get an understanding of safety PLC function, specifically Siemens. So far, what I understand is this:
The user-programmed safety program runs alongside the main program cycle and is not called automatically, but must be called in the main program cycle (preferentially as a cyclic interrupt OB).
Safety devices such as light barriers, e-stop pushbuttons, etc. can be wired in single and dual channel into safety inputs. The safety I/O modules perform regular functional checks, such as reading inputs more than once, heartbeat checks, etc. to ensure the input signals are accurate and the module is functioning properly.
When the safety program is called, the peripheral inputs from the safety input modules are read. The program is processed, and at the end, the outputs are written to the safety output modules, similar to the standard program cycle. But afterwards, the main program picks up where it left off.
I also understand that regular I/O modules can be used in the same rack as failsafe I/O modules.
My questions:
1) I understand that the safety program runs without direct interaction with the normal program cycle (except for being called). Am I correct that it is not possible to use input or output addresses of safety I/O modules in the main program cycle?
2) Is it possible to use input and output addresses of non-safety modules within the safety program? Say, for example, I want to retract a pneumatic cylinder upon E-Stop. Is this done within the safety program? Or is the safety program only reserved for dealing with safety devices? In one case, I would need access to non-safety outputs in the safety program cycle (pneumatic cylinder), in the other case, I would need access to safety inputs in the main program cycle (E-Stop).
3) I read that when there is a fault in certain failsafe output modules, the module is shut off but in a safe state. What does that mean? The outputs can either be 0/1, does it fail to a guaranteed pre-determined value or something?
4) Would main power contactors be examples of safety outputs (as would normally be controlled as outputs from a safety relay)? And I guess failsafe output modules also do regular checks of the output function? (I thought I read that they flash the outputs on for a very short time to test function, but not long enough to affect the program or actuators).
5) Hardware question: Is it common to use standard sensors such as standard limit switches as safety inputs, or more common to use positive-action limit switches with 2 channels specifically for safety gates and such purposes?
If someone had an example of a simple system setup/schematic with failsafe PLC and the wiring, or just a system description along with the involved devices to help understand this better, I would really appreciate it.
Thanks!
The user-programmed safety program runs alongside the main program cycle and is not called automatically, but must be called in the main program cycle (preferentially as a cyclic interrupt OB).
Safety devices such as light barriers, e-stop pushbuttons, etc. can be wired in single and dual channel into safety inputs. The safety I/O modules perform regular functional checks, such as reading inputs more than once, heartbeat checks, etc. to ensure the input signals are accurate and the module is functioning properly.
When the safety program is called, the peripheral inputs from the safety input modules are read. The program is processed, and at the end, the outputs are written to the safety output modules, similar to the standard program cycle. But afterwards, the main program picks up where it left off.
I also understand that regular I/O modules can be used in the same rack as failsafe I/O modules.
My questions:
1) I understand that the safety program runs without direct interaction with the normal program cycle (except for being called). Am I correct that it is not possible to use input or output addresses of safety I/O modules in the main program cycle?
2) Is it possible to use input and output addresses of non-safety modules within the safety program? Say, for example, I want to retract a pneumatic cylinder upon E-Stop. Is this done within the safety program? Or is the safety program only reserved for dealing with safety devices? In one case, I would need access to non-safety outputs in the safety program cycle (pneumatic cylinder), in the other case, I would need access to safety inputs in the main program cycle (E-Stop).
3) I read that when there is a fault in certain failsafe output modules, the module is shut off but in a safe state. What does that mean? The outputs can either be 0/1, does it fail to a guaranteed pre-determined value or something?
4) Would main power contactors be examples of safety outputs (as would normally be controlled as outputs from a safety relay)? And I guess failsafe output modules also do regular checks of the output function? (I thought I read that they flash the outputs on for a very short time to test function, but not long enough to affect the program or actuators).
5) Hardware question: Is it common to use standard sensors such as standard limit switches as safety inputs, or more common to use positive-action limit switches with 2 channels specifically for safety gates and such purposes?
If someone had an example of a simple system setup/schematic with failsafe PLC and the wiring, or just a system description along with the involved devices to help understand this better, I would really appreciate it.
Thanks!