Two safety relays wired in series

kallileo

Lifetime Supporting Member
K
Join Date
Jun 2008
Location
Thessaloniki, Macedonia, Hellas
Posts
353
I have panel which controls a batch pasteurizer. The panel has an E-Stop and a safety relay (Schneider XPSAC5121) which cuts power from all DOs of the PLC and the STO contacts of and ac drive which drives an agitation motor.

Now there a special application where I also need to add a Fail-safe inductive sensor (IFM GI505S) to monitor the lid and stop the agitator (STO) when it's opened during operation so I have to add second safety relay (IFM G1501S) just for the prox sensor.

I was thinking about how to wire the safety relays properly.

First option is to wire the safety contacts of both safety relays and the STO signal in series. This way when the E-Stop is pressed or the lid is open the agitation stops.

Second option is to use the safety contact of the E-Stop safety relay to cut the power to lid monitoring safety relay (IFM). So when E-stop is pressed everything stops but when the lid is open on the agitation process stops.

What do you think?

XPSAC5121.png
 
I have seen and used both options to combine different safety functions, like E-Stops, gate switches, light curtains, etc.

I don't know about "properly", but I usually use option 1 because that was my company's standard when I first learned to design safety circuits.
I also prefer to debug my safety circuits with the E-Stop circuit deenergized to reduce the chance of unintended motion during commissioning.

I don't see any functional difference between the options.

Attached is a circuit I used recently for an Allen Bradley PowerFlex 525 with STO. The first relay contact is the E-Stop and the second is the safety gate relay.

I'm curious to see how other designers handle this.

VFD STO.PNG
 
It is quite common to use the lid safety after the main safety especially in a vessel that is say guarded with a grate so lifting the lid operates only the lid safety relay & any equipment that it affects, this means for example the agitator stops but a heating jacket does not, in other words the secondary safety only isolates certain equipment & often auto resets after the lid is shut, this differs from an E-Stop that will stop everything & should be reset by a physical press of a reset button to re-initiate the process. It will depend on the process and the risk assessments of the safety system.
So in short the lid safety is a slave off the main safety.
 
I work on a laminating system where every press and station has 3 safety relays in each control panel. The main one is local to that machine, one of the others is controlled by the safety relay in the operator station, and the third is from a loop of all other panel safety relays - any E-stop will shut down the entire operation from any where in the room.



The first safety relay is the main one and only it cuts power to the system, the others are tied into the pushbuttons dual loop of the first one (Y1 - Y2 of your diagram, but a dual loop would also have Y11 - Y12)
 
kallileo said:
I would also like to know how it's handled.
Is it allowed to have single reset button for both safety relays?
Click to expand...


On this setup a single reset button on the operator station resets all safety relays if all E-stop buttons are clear. None of the individual machines or local control panels have any reset button.
 
You should also consider the feedback monitoring and make sure that every safety function also causes the monitoring to occur. There are several ways to do that. If you have the contacts of one safety relay open the the second, then the second will always be what actually controls the load(s) and can therefore be the only one monitoring the load(s). If, however, you wire the contacts of the two safety relays in series so that power to the load(s) passes through both relays and either relay can de-energize the load(s) without dropping out the other relay, then both safety relays will need to monitor the load(s).
 
parky said:
It is quite common to use the lid safety after the main safety especially in a vessel that is say guarded with a grate so lifting the lid operates only the lid safety relay & any equipment that it affects, this means for example the agitator stops but a heating jacket does not, in other words the secondary safety only isolates certain equipment & often auto resets after the lid is shut, this differs from an E-Stop that will stop everything & should be reset by a physical press of a reset button to re-initiate the process. It will depend on the process and the risk assessments of the safety system.
So in short the lid safety is a slave off the main safety.
Click to expand...

A great example of this is a top load washing machine. Open the lid mid cycle the drum motor is disengaged. But water can still flow if it were called.
 
kallileo said:
I have panel which controls a batch pasteurizer. The panel has an E-Stop and a safety relay (Schneider XPSAC5121) which cuts power from all DOs of the PLC and the STO contacts of and ac drive which drives an agitation motor.

Now there a special application where I also need to add a Fail-safe inductive sensor (IFM GI505S) to monitor the lid and stop the agitator (STO) when it's opened during operation so I have to add second safety relay (IFM G1501S) just for the prox sensor.

I was thinking about how to wire the safety relays properly.

First option is to wire the safety contacts of both safety relays and the STO signal in series. This way when the E-Stop is pressed or the lid is open the agitation stops.

Second option is to use the safety contact of the E-Stop safety relay to cut the power to lid monitoring safety relay (IFM). So when E-stop is pressed everything stops but when the lid is open on the agitation process stops.

What do you think?
Click to expand...

I have used both ways.

Just use the aux relay on the VFD to monitor if it is running/enabled or not.
 
I_Automation said:
Almost every drive has 1 or 2 programmable relay outputs. They usually can be configure for Fault(none), At Speed, MinnFreq, Stopped, and other settings.
Click to expand...

That's correct but the auxiliary contacts of the contactor that are used as feedback to safety relay are mirror/mechanically linked with power contacts so their are safe to use. I don't think the same applies to the relay outputs on the AC drive.


A mirror auxiliary contact is a NC auxiliary contact, which reflects the state of the NO main contact.
It means that if a main contact remains closed (welded contact for example), the mirror contact can not close.
The mirror contacts are used in safety applications, particularly with the safety relays PREVENTA.
The notion of mirror contacts concerns power contactors, IEC60947-4-1 standard.

https://www.se.com/uk/en/faqs/FA142116/
 

Similar Topics

D
"Swapping" safety relays, question about the wiring changes (if any)
Hey guys, the scenario is: I have already completed the drawing package for my system utilizing an A-B 440R-N23126 (Minotaur) safety relay. SoS...
Replies
0
Views
149
DzL9
D
P
Safety relays for pressure transmitters
This is not exactly PLC question. I have application, where SIL 2 pressure sensors need to be used. I was not able to find any SIL 2 pressure...
Replies
6
Views
1,787
muusic_man
M
J
Contactor Relays on Pulsed Safety Outputs
Hi all, has anyone ever had any issues with premature failure, etc. when using contactor relays on pulse monitored safety outputs? We are...
Replies
0
Views
776
Jieve
J
D
Safety relays/AS-interface
Hello everyone, I have some problems with safety relays and AS-i. I need to draw project for my final exam, but I don't know how to use/wire them...
Replies
3
Views
1,637
parky
P
J
Compact Guardlogix vs Safety Relays
At what point does one jump ship from the standard Guardmaster safety relays within a panel to a Compact Guardlogix or other safety PLC? Im sure...
Replies
13
Views
3,449
Rson
R
Back
Top Bottom