Activating the Safety Integrated Extended Functions of the CU320-2 via PROFIsafe with PROFINET
SINAMICS S120
Application Description October 2010
Applications & Tools
Answers for industry.
2 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Industry Automation and Drives Technologies Service & Support Portal
This article originates from the Internet service portal of Siemens AG, Industry Automation and Drives Technologies. You can directly access the download page of this document via the following link.
http://support.automation.siemens.com/WW/view/en/42939347
If you have any questions regarding this article, please send us an e-mail:
Safety Integrated V1.1, Article ID: 42939347 3
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
1s Automation Task
2 Automation Solution
3 Fundamentals
4Installation SINAMICS S120 Safety Integrated 5Configuration and Design
Activating the Safety Integrated Extended Functions Application
Commissioning 6of the CU320-2 via PROFIsafe with PROFINET
7Application Operation
8 References
9 History
Warranty and liability
4 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Warranty and liability Note The Application Examples are not binding and do not claim to be complete
regarding the circuits shown, equipping and any eventuality. The Application Examples do not represent customer-specific solutions. They are only intended to provide support for typical applications. You are responsible for ensuring that the described products are correctly used. These Application Examples do not relieve you of the responsibility in safely and professionally using, installing, operating and servicing equipment. When using these Application Examples, you recognize that Siemens cannot be made liable for any damage/claims beyond the liability clause described. We reserve the right to make changes to these Application Examples at any time without prior notice. If there are any deviations between the recommendations provided in these Application Examples and other Siemens publications - e.g. Catalogs - then the contents of the other documents have priority.
We do not accept any liability for the information contained in this document.
Any claims against us - based on whatever legal reason - resulting from the use of the examples, information, programs, engineering and performance data etc., described in these Application Examples shall be excluded. Such an exclusion shall not apply in the case of mandatory liability, e.g. under the German Product Liability Act (“Produkthaftungsgesetz”), in case of intent, gross negligence, or injury of life, body or health, guarantee for the quality of a product, fraudulent concealment of a deficiency or breach of a condition which goes to the root of the contract (“wesentliche Vertragspflichten”). However, claims arising from a breach of a condition which goes to the root of the contract shall be limited to the foreseeable damage which is intrinsic to the contract, unless caused by intent or gross negligence or based on mandatory liability for injury of life, body or health. The above provisions do not imply a change in the burden of proof to your detriment.
The reproduction or transmission of these standard applications or excerpts of them is not permitted without the express written permission of Siemens Industry Sector.
Contents
Safety Integrated V1.1, Article ID: 42939347 5
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Contents Warranty and liability................................................................................................... 4 1 Automation Task................................................................................................ 6
1.1 Introduction........................................................................................... 6 1.2 Overview of the automation task.......................................................... 7
2 Automation Solution ......................................................................................... 8 2.1 Overview of the overall solution ........................................................... 8 2.2 Description of the core functionality ................................................... 10 2.3 Hardware and software components used......................................... 11
3 Fundamentals .................................................................................................. 12 3.1 PROFINET communication................................................................ 12 3.2 PROFIsafe communication ................................................................ 13
4 Installation........................................................................................................ 14 5 Configuration and Design............................................................................... 16
5.1 Passwords.......................................................................................... 16 5.2 Preparation......................................................................................... 16 5.3 Hardware configuration ...................................................................... 19 5.4 Configuring the basic drive functions ................................................. 24 5.5 PROFIsafe configuration for activating the drive-integrated safety
functions ............................................................................................. 33 5.6 Parameterizing the drive-integrated safety functions......................... 35 5.7 Configuring the F-CPU....................................................................... 42 5.8 Acceptance test.................................................................................. 47
6 Application Commissioning ........................................................................... 48 6.1 Prerequisites ...................................................................................... 48 6.2 Preparation......................................................................................... 48 6.3 Commissioning................................................................................... 48
7 Application Operation ..................................................................................... 50 7.1 Overview ............................................................................................ 50 7.2 Description ......................................................................................... 51
8 References ....................................................................................................... 52 8.1 References ......................................................................................... 52 8.2 Internet link data................................................................................. 52
9 History............................................................................................................... 53
1 Automation Task
1.1 Introduction
6 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
1 Automation Task
1.1 Introduction
At present, the following safety functions are integrated in SINAMICS S120 drives according to IEC 61800-5-2:
Table 1-1: Overview of the safety functions integrated in SINAMICS S120
Name Function Description
STO Safe Torque Off Safe separation of the torque-forming energy supply to the motor.
Restart is disabled via the power-on disable (stop function of Category 0 according to EN 60204-1).
SBC Safe Brake Control
SBC is only used with existing motor brake, the motor brake is connected to the performance connector via the outputs.
SBC always reacts in combination with STO or responding internal safety monitoring with failsafe pulse suppression.
SS1 Safe Stop 1 Fast and safely monitored drive stopping along the OFF3 ramp.
Upon expiry of a delay time or reaching the creep speed, transition to STO (stop function of Category 1 according to EN 60204-1).
Braking is not monitored with basic safety functions. In addition, the transition to STO only depends on the expiry of the delay time.
SS2 Safe Stop 2 Fast and safely monitored drive stopping along the OFF3 ramp.
Upon expiry of a delay time, transition to SOS; the drive remains under control (stop function of Category 2 according to EN 60204-1).
SOS Safe Operating Stop
This function is used to safely monitor the standstill position of a drive; the drive remains under control.
SLS Safely-Limited Speed
Safe drive speed monitoring. Parameterizable cut-off reaction in case of limit
value violation.
SSM Safe Speed Monitor
Safe display of speed limit violation (n < nx).
These extended safety functions can be activated both via PROFIsafe with PROFIBUS or PROFINET and via a terminal extension module TM54F.
In the present example, the safety functions are activated from a SIMATIC F-CPU via the PROFIsafe telegram with PROFINET.
1 Automation Task
1.2 Overview of the automation task
Safety Integrated V1.1, Article ID: 42939347 7
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
1.2 Overview of the automation task
Fig. 1-1: Safety function concept
Further considerations are based on the following safety functions.
Table 1-2: Safety functions of the application example
E. stop button -S1
Safety function
Description Reaction
SF1 Actuation of emergency stop button
Fast stopping of drive 1 and drive 2 (SS1) subsequent pulse suppression
SF2 With open protective door 1, the drive 1 may not exceed a maximum speed
Speed monitoring at drive 1 (SLS)
SF2 With open protective door 2, the drive 2 may not exceed a maximum speed
Speed monitoring at drive 2 (SLS)
The extended safety functions integrated in the SINAMICS S120 drives shall be activated via PROFIsafe with PROFINET.
M
Drive 1
Prot. door 1
- S2
M
Drive 2
Prot. door 2
-S3
2 Automation Solution
2.1 Overview of the overall solution
8 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
2 Automation Solution
2.1 Overview of the overall solution
Scheme
The following figure shows a schematic of the key solution components:
Fig. 2-1: Relevant safety function components
E.stopProt.door 1
ResetProt.door 2
This application example shows how to activate the safety functions SS1 and SLS via PROFIsafe with PROFINET within a SINAMICS S120 drive group.
The drive group of the booksize format comprises an infeed unit and a Double Motor Module (DMM). The motor is controlled via a Control Unit CU320-2. The extended setpoint channel is used to specify the speed. The two mutually independent servomotors are controlled via the Double Motor Module. A Smart Line Module (SLM) is used as infeed unit.
Both drives use different safety functions. The safety-related signals are sensed via the failsafe inputs of a F-CPU and evaluated in the F-CPU. The drive-integrated safety functions are individually activated in each drive belonging to the SINAMICS S120 drive group via failsafe PROFIsafe communication. The F-CPU serves both as F-Host and as PROFINET IO-Controller.
2 Automation Solution
2.1 Overview of the overall solution
Safety Integrated V1.1, Article ID: 42939347 9
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Configuration
This application example is based on the SINAMICS S120 training case (6ZB2 480-0BA00) + CU320-2 with CBE20 and the safety training case.
Distinction
This application does not include any description regarding
the safety functions of the SINAMICS S120,
the general drive functions of the SINAMICS S120 and
the hardware interfaces of the CU320-2.
It is a precondition that you have already acquired basic knowledge regarding these topics.
Information on these issues is provided in the documents listed under References.
Knowledge required
Basic knowledge regarding the configuration of SINAMICS S120 drives with STARTER engineering software resp. SIMOTION SCOUT is absolutely required.
2 Automation Solution
2.2 Description of the core functionality
10 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
2.2 Description of the core functionality
Overview and description of the core functionality
Fig. 2-2: Safety + SINAMICS S120 training case
If emergency stop (-S1) is requested, both drives are stopped by the drive-integrated safety function SS1.
A protective door (-S2 and -S3) is assigned to each drive. When the respective protective door is opened, the speed of the relevant motor is safely monitored with regard to the preset speed limit (SLS). The speed is reduced by the unsafe setpoint channel. The other drive is not influenced. STOP C (SS2) is triggered on the relevant drive as an error reaction by SLS when exceeding the safe speed.
Other possibilities to activate the drive-integrated safety functions using the terminal extension module TM54F and the activation via PROFIsafe with PROFIBUS are described in further application examples.
Advantages of this solution
The solution described here provides the following advantages:
Convenient activation of the drive-integrated safety functions
Convenient setup due to standardized technology
The existing system can be quickly and conveniently extended
Space-saving and cost-efficient setup through integrated safety functions – no additional hardware is required
This allows to implement highly complex safety concepts.
2 Automation Solution
2.3 Hardware and software components used
Safety Integrated V1.1, Article ID: 42939347 11
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
2.3 Hardware and software components used
The application comprises the following components:
Hardware components
Table 2-1: Hardware components
Component Qty. MLFB/Order number Note
SITOP SMART 120W 1 6EP1 333-2AA01
Safety training case 1
SINAMICS training case 1 6ZB2 480-0BA00
CU320-2 1 6SL3040-1MA00-0AA0
CompactFlash Card 1 6SL3054-0ED00-1BA0 Firmware V4.3 SP1
CBE20 1 6SL3055-0AA00-2EB0
Note The application example was tested using the listed hardware components. Alternatively, you can also use other components providing the same functionality. In such a case, it might be necessary to parameterize and wire the components differently.
Standard software components
Table 2-2: Engineering software
Component MLFB/Order number Version
STEP 7 6ES7810-4CC08-0YA5 V5.4 SP5
S7 Distributed Safety 6ES7833-1FC02-0YA5 V5.4 SP5
S7 F Configuration Pack V5.5 SP5
STARTER 6SL3072-0AA00-0AG0 V4.1 SP5
Drive ES Basic 6SW1700-5JA00-4AA0 V5.4 SP4
SIMOTION SCOUT (alternatively) 6AU1810-1BA41-1XA0 V4.1 SP5
Note SIMOTION SCOUT can be used as an alternative to the STARTER & DRIVE ES Basic software.
Licenses
Table 2-3: Licenses
License MLFB/Order number Note
SINAMICS LICENSE SAFETY INTEGRATED EXTENDED FUNCTIONS
6SL3074-0AA10-0AA0 per axis
Sample files and projects
Table 2-4: Default setting of the application example
Component Note
MC_FE_I_013_V10.zip Packed STEP 7 project
42939347_MC_FE_I_013_V11_en.pdf This document
3 Fundamentals
3.1 PROFINET communication
12 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
3 Fundamentals
3.1 PROFINET communication
Besides the MAC and IP address, PROFINET uses additionally a communication name to identify the PROFINET devices. This communication name must be unambiguous within the PROFINET network. During commissioning, each PROFINET device is assigned once a communication name by means of the HW Config which is remanently stored in the PROFINET device (so-called node initialization).
If a device is replaced, for example due to a defect, the new device has another MAC address. If it is assigned the communication name of the replaced device (e.g. by replugging a removable medium that remanently stores the communication name), it can take over the function of the replaced unit without modifying the configuration.
Rules for assigning a name:
The letters a-z and digits 0-9 are permissible
Do not use special characters ! " § $ % & / ( ) = ? * ' _ : ; > < , # + | ~ \ } ] [ {
Do not use blanks
The maximum length of a name is 240 characters.
Reserved names "port-xyz" or "port-xyz-abcde“ a,b,c,d,e, x, y, z = 0...9
The name may only include lower case letters. Upper case letters are replaced by the engineering system through lower case letters.
Do not use the minus sign on a SIMOTION controller.
Impermissible signs are replaced by the engineering system through “x“.
3 Fundamentals
3.2 PROFIsafe communication
Safety Integrated V1.1, Article ID: 42939347 13
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
3.2 PROFIsafe communication
Each drive with configured PROFIsafe slot in the drive device represents a F-device with failsafe communication to the F-Host via PROFINET.
A separate PROFIsafe telegram is created for each drive (PROFIsafe slot). This telegram has a length of 6 bytes for each drive. The first two bytes include the useful safety data.
F-CPU Drive
Fig. 3-1: The F-CPU sends the following control signals to the drive.
PROFIdrive Safety Block 1 (F Process Data)
Byte 0 Byte 1
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
STO SS1 SS2 SOS SLS Res. Res. Int. Ev.
ACK Res.
SLS Limit sel.
SLS Limit sel.
Res. Res. Res. Res. Res.
Drive F-CPU
Fig. 3-2: The drive returns the status of the safety functions to the F-CPU.
PROFIdrive Safety Block 1 (F Process Data)
Byte 0 Byte 1
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
Power rem.
SS1 act.
SS2 act.
SOS act.
SLS act.
Res. Res. Int. Ev.
Res. SLS- Limit
SLS- Limit
SOS sele-cted
Res. Res. Res. SSM
Note Non-used drive-integrated safety functions must be deselected via a high signal.
4 Installation
3.2 PROFIsafe communication
14 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
4 Installation
Hardware installation
The following pictures show the hardware configuration of the application.
Fig. 4-1: Overview of the hardware configuration
E. stopProt.door 1
ResetProt.door 2
Fig. 4-2: DRIVE-CLiQ wiring of the SINAMICS components
Encoder 1
Encoder 2
4 Installation
3.2 PROFIsafe communication
Safety Integrated V1.1, Article ID: 42939347 15
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Fig. 4-3: Wiring of the control voltage on the safety training case
E. stop
Prot. door 1
Prot. door 2
5 Configuration and Design
5.1 Passwords
16 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
5 Configuration and Design This chapter describes how to parameterize the individual components. Both STARTER & DRIVE ES Basic and SIMOTION SCOUT can be used as engineering software for the SINAMICS S120. SIMOTION SCOUT was used to create this sample project. STEP 7 and Distributed Safety are required to program the F-CPU.
Note In the following, the English language setting was used in the SIMATIC Manager. Other names may result with the German setting.
5.1 Passwords
For reasons of simplicity, a common program and hardware safety password is used within the project for the SIMATIC components. A common password is also used for the drives with the safety configuration of the SINAMICS components.
Safety password for F-CPU: "0"
Safety password for SINAMICS: "1"
These passwords should not be used in a real application!
5.2 Preparation
In this application example, the PROFINET interfaces of the F-CPU and SINAMICS S120 (CBE20) are used for programming and replacing the failsafe signals (PROFIdrive data).
Table 5-1: Set IP address and communication name
No. Action Remark
1. To go online onto the SIMATIC controller resp. the CU320-2, set the PG/PC Ethernet interface as follows. IP address: 192.168. 0 .3 Subnet mask: 255.255.255.0 Connect the PG/PC to the CBE20 of the CU320-2.
5 Configuration and Design
5.2 Preparation
Safety Integrated V1.1, Article ID: 42939347 17
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
2. Node initialization To assign the required IP address and communication name to the device, open the HW Config. Under PLC Ethernet Edit Ethernet Node, you can initialize all reachable nodes
3. Node initialization The SIMATIC controller has the following IP address and communication name: IP address: 192.168. 0 .1 Subnet mask: 255.255.255.0 Communication name: PN-IO “pn-io“
5 Configuration and Design
5.2 Preparation
18 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
4. Communication name Devices being configured in the SIMOTION SCOUT (e.g. SIMOTION, SINAMICS) may not include a “-“ in the communication name. Devices such as the S7-300 are not affected. This limitation does not apply to Step7.
5. Node initialization The CU320-2 shall have the following IP address and communication name: IP address: 192.168. 0 .2 Subnet mask: 255.255.255.0 Communication name: S120xCU320x2xDPxCBE20 “s120xcu320x2xdpxcbe20“
5 Configuration and Design
5.3 Hardware configuration
Safety Integrated V1.1, Article ID: 42939347 19
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
5.3 Hardware configuration
Table 5-2: Hardware configuration
No. Action Remark
1. In the SIMATIC Manager, insert a SIMATIC 300 station in the project.
2. In the HW Config, completely create and parameterize the station. For this, move the modules included in the Table 2-1 via Drag&Drop from the hardware catalog to the configuration screen.
3. Double-click on the PROFINET interface PN-IO (see line no. 2) to open the interface properties. The following properties are used in the sample project. IP address: 192.168. 0 .1 Subnet mask: 255.255.255.0 Communication name: PN-IO “pn-io“
5 Configuration and Design
5.3 Hardware configuration
20 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
4. Configuring the F-CPU In the Properties screen of the F-CPU,, activate the access protection for the F-CPU in the Protection tab and protect it with a password. Press "CPU contains safety program" to activate the safety program on the F-CPU. Safety password for F-CPU: "0"
5. Configuring the F-DI Activate safety mode Configure the PROFIsafe address according to the DIL switch.
5 Configuration and Design
5.3 Hardware configuration
Safety Integrated V1.1, Article ID: 42939347 21
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
6. Configuring the F-DI F-DI 0 (Channel 0, 12; -S1) F-DI 1 (Channel 1, 13; -S2) F-DI 2 (Channel 2, 14; -S3) F-DI 3 (Channel 3, 15; -S4)
7. Configuring the F-DO Configure the PROFIsafe address according to the DIL switch.
5 Configuration and Design
5.3 Hardware configuration
22 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
8. Configuring the F-DO F-DO 7 (signal lamp of -S4)
9. In the device version 4.3, add SINAMICS S120 CU320-2 to the PROFINET.
10. Configuring the CU320-2 IP address: 192.168. 0 .2 Subnet mask: 255.255.255.0
5 Configuration and Design
5.3 Hardware configuration
Safety Integrated V1.1, Article ID: 42939347 23
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
11. Configuring the CU320-2 Communication name: S120xCU320x2xDPxCBE20 “s120xcu320x2xdpxcbe20“ The setting “Assign IP address via IO Controller“ has been activated by default and should not be modified.
Note The PROFINET specification stipulates the use of DHCP. However this is currently not supported by the Siemens products for PROFINET. If a DHCP server was provided, this would assign the IP address to the device. At present, this task is assumed by the assigned controller.
12. Save and compile HW Config.
13. Load HW Config into the F-CPU.
5 Configuration and Design
5.4 Configuring the basic drive functions
24 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
5.4 Configuring the basic drive functions
First, the hardware provided must be installed in the drive system and the required motion functions must be set up.
Table 5-3: Configuring the basic functions
No. Action Remark
1. Double-click on Commissioning to open the STARTER resp. SIMOTON SCOUT program.
2. Go online
3. Restore factory settings on the SINAMICS S120.
5 Configuration and Design
5.4 Configuring the basic drive functions
Safety Integrated V1.1, Article ID: 42939347 25
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
4. Configure drive unit automatically group (first commissioning).
5. Select "Servo" as drive object type.
6. Complete the automatic configuration.
7. Save
5 Configuration and Design
5.4 Configuring the basic drive functions
26 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
8. Reconfiguring both drives In the project navigator with drive 1 (SERVO_02), open the configuration screen. “Configure DDS“ starts the menu-assisted configuration. Note The following paragraphs only describe the screens to be modified.
9. Reconfiguring both drives Under control structure, activate the "Extended setpoint channel".
5 Configuration and Design
5.4 Configuring the basic drive functions
Safety Integrated V1.1, Article ID: 42939347 27
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
10. Reconfiguring both drives Select the power unit
11. Reconfiguring both drives Configure a signal for “Infeed in operation“ (p0864). In the example, the fixed binector 1 is used. Note In a real application, you should not use the fixed binector 1 as a signal for “infeed in operation“ (p0864).
5 Configuration and Design
5.4 Configuring the basic drive functions
28 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
12. Reconfiguring drive 2 The second drive is not equipped with a DRIVE-CliQ encoder, the motor must be manually selected. The motor type 1FK7022-5AK71-1AG0 is used in the sample project.
13. Reconfiguring drive 2 Analogously to the motor, the encoder must also be selected manually. This is also performed via the type number (MLFB).
14. As the SLM 5 kW has no DRIVE-CLiQ interfaces, the infeed unit need not be parameterized.
Notice: When using a Single Line Module for 1AC 230V (SINAMICS S120 training case), adapt the dc link parameters as follows: p0210: 345V (both drives) p1244[0]: 401V (SERVO _02 only) p1248[0]: 240V (SERVO _02 only) See also the FAQ-ID: 27038754 Upgrading / replacing a Motor Module in the SINAMICS S120 training case http://support.automation.siemens.com/WW/view/de/27038754
5 Configuration and Design
5.4 Configuring the basic drive functions
Safety Integrated V1.1, Article ID: 42939347 29
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
15. Reconfiguring both drives As the function "Safely-Limited Speed" (SLS) is parameterized in the following, the speed controller of the SINAMICS training case should be set as follows. A speed controller which is set to an excessively low value may cause the Alarm 30714 “Safely-Limited Speed exceeded“! P gain = 0.3 Nms/rad Reset time = 5.0 ms
16. Reconfiguring both drives Select the “Standard telegram 1“ for both drives.
17. Reconfiguring both drives Then change to “Free telegram configuration with BICO“, which retains the links of the “Standard telegram 1“. These may be adapted later for the example.
5 Configuration and Design
5.4 Configuring the basic drive functions
30 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
18. Configuring both drives Under Control logics, link the On/Off 1 enable to the digital input 0 (CU r722.0).
19. Configuring the CU320-2 Acknowledge all DO faults / warnings with the digital input 2 (r722.2). p2102 = r722.2
20. Configuring both drives Under Setpoint channel ramp-function generator, set the OFF3 ramp-down time and the (standard) ramp-down time. Press the button to parameterize the basic ramp-function generator.
5 Configuration and Design
5.4 Configuring the basic drive functions
Safety Integrated V1.1, Article ID: 42939347 31
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
21. Configuring both drives Set the ramp-down time (p1121) such that the drive is below the SLS limit value when selecting SLS within p9551. The OFF3 ramp-down time (p1135) is used for braking with SS1.
22. Configuring drive 1 Specify the drive speeds for normal mode and for the safety function SLS. For this, open the respective setting screen under Drive Setpoint channel Fixed setpoints. Make the following interconnections: Bit0: Control Unit DI1 (r722.1) Bit1: r9720.4 (SLS deselected) Bit2: Control Unit DI4 (r722.4) Bit3: 0 Enter the following fixed values: Fixed value 1: 20 rpm Fixed value 3: 800 rpm Fixed value 5: 1000 rpm Fixed value 7: 1000 rpm The fixed setpoint effective p1024 must be connected to the p1070[0] main setpoint.
Explanation When the signal "SLS deselected" is active, the protective door is closed and the high speed is preset. With low signal, the system switches over from high speed to low speed. By actuating -S9 (DI4), a fixed speed of n = 1000 rpm is preset with running drive, independently of the status of the protective door.
5 Configuration and Design
5.4 Configuring the basic drive functions
32 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
23. Configuring drive 2 Specify the drive speeds for normal mode and for the safety function SLS. For this, open the respective setting screen under Drive Setpoint channel Fixed setpoints. Make the following interconnections: Bit0: Control Unit DI1 (r722.1) Bit1: r9720.4 (SLS deselected) Bit2: Control Unit DI4 (r722.4) Bit3: 0 Enter the following fixed values: Fixed value 1: 33 rpm Fixed value 3: 333 rpm Fixed value 5: 666 rpm Fixed value 7: 666 rpm The fixed setpoint effective p1024 must be connected to the p1070 main setpoint.
Explanation When the signal "SLS deselected" is active, the protective door is closed and the high speed is preset. With low signal, the system switches over from high speed to low speed. By actuating -S9 (DI4), a fixed speed of n = 666 rpm is preset with running drive, independently of the status of the protective door.
24. Save project
25. Go online
26. Load project into the target device
27. Copy RAM to ROM
5 Configuration and Design
5.5 PROFIsafe configuration for activating the drive-integrated safety functions
Safety Integrated V1.1, Article ID: 42939347 33
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
5.5 PROFIsafe configuration for activating the drive-integrated safety functions
Table 5-4: PROFIsafe configuration
No. Action Remark
1. For both drives, press the buttons “Insert line“ and “PROFIsafe“ to create a PROFIsafe slot (6 bytes). Then transfer the telegram configuration to the HW Config.
2. Open the HW Config The telegram selection and address assignment have been automatically entered in the HW Config. The address assignment can be modified here.
5 Configuration and Design
5.5 PROFIsafe configuration for activating the drive-integrated safety functions
34 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
3. Double-click on PROFIsafe (see line no. 2) to open the PROFIsafe properties.
4. Further settings can be made under the “PROFIsafe“ tab. Then enter the value of F_Dest_Add in the STARTER for drive 1 and 2 in the hex format. In this example, C6hex stands for drive 1 and C5hex for drive 2. Note The watchdog time (F_WD_Time = 150ms) should not be an integer multiple of the OB35 cycle. In the example, the OB35 cycle is 100ms.
5. Save and compile the hardware configuration.
6. Then download the HW Config into the target system.
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
Safety Integrated V1.1, Article ID: 42939347 35
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
5.6 Parameterizing the drive-integrated safety functions
Table 5-5: Parameterizing the drive-integrated safety functions
No. Action Remark
1. Go online with the STARTER.
2. Configuring both drives Open the “Safety integrated“ screen of drive 1 / drive 2 (SERVO_02 / SERVO_03) and press “Change settings“ to activate the commissioning mode. The password after first commissioning is “0“.
3. Configuring both drives Change the control selection to "Motion monitoring via PROFIsafe".
4. Configuring both drives Close the message
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
36 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
5. Configuring both drives Click on "configuration".
6. Configuring both drives In the example, configure the PROFIsafe addresses:
C6hex for drive 1 resp.
C5hex for drive 2 (see also Chapter 5.5, Table 5-4, No. 4). Drive type: Rotary axis / spindle Connect the signal source for test stop selection to the DI3 (r722.3) of the CU320-2.
7. Configuring both drives The drive encoder data are entered in the "Encoder parameterization" screen (see line no. 6). In this example, this need not be changed.
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
Safety Integrated V1.1, Article ID: 42939347 37
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
8. Configuring both drives Copy parameters Click on "Activate settings".
9. Configuring both drives Upon first commissioning, you are requested to change the safety password. The password preset for first commissioning is "0". The new password in the example has the value “1“.
10. Configuring both drives Click on "Entire project" to save the changes made in the drive.
11. Configuring both drives Confirm the following message with "Yes". The data are copied from RAM to ROM.
12. Go offline
13. Then perform a Power On reset of the Control Unit.
POWER OFF/ON
14. Go online
15. Load the configuration into the PG
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
38 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
16. Save the project
From now on, “rpm” instead of “mm/min” will be displayed as the speed in the safety parameterization screens.
17. Checksum errors occur after POWER ON. These errors are caused by the modified data structure when toggling from linear axis to rotary axis. These errors can be eliminated by triggering parameter copying once more in the “Safety Integrated“ screen. In this example, parameters are copied when setting further parameters.
18. Configuring both drives Press “Change settings “ to activate input screens. Password: “1“
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
Safety Integrated V1.1, Article ID: 42939347 39
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
19. Configuring both drives In the "Safe stops" screen, enter the following values for the example: Delay time STOP B / SS1 STO = 400 ms Delay time STOP C / SS2 SOS = 400 ms Creep speed SS1 = 0 rpm Standstill tolerance SOS = 1.0°
20. Configuring both drives In the screen "Acceleration monitoring", enter the following value for the example: Acceleration monitoring = 300 rpm
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
40 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
21. Configuring both drives Enter the max. limit speed in the screen "Safety reduced speed (SLS)". Only stage 1 is used for speed monitoring t, nmax with stage 1: 25 rpm for drive 1 40 rpm for drive 2 In addition, select the stop reaction initiated upon limit value violation. STOP C = internal SS2 Delay time SLS -> SLS active = 500 ms
Note Max. limit speed = still just permissible speed with open protective door. Within the delay time "selection SLS SLS active" (p9551), the drive speed must remain below the limit value nmax.
22. Configuring both drives Activate safety functions
23. Configuring both drives Copy parameters Click on "Activate settings"
5 Configuration and Design
5.6 Parameterizing the drive-integrated safety functions
Safety Integrated V1.1, Article ID: 42939347 41
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
24. Configuring both drives Click on "Entire project" to save the changes made in the drive.
25. Configuring both drives Confirm the following message with "Yes". The data are copied from RAM to ROM.
26. Acknowledge all messages regarding the acceptance test Notice An acceptance test must be performed on a real machine (see also Chapter Fehler! Verweisquelle konnte nicht gefunden werden.).
27. Go offline
28. Then perform a Power On reset of the Control Unit.
POWER OFF/ON
29. Go online
30. Load the configuration into the PG
31. Save the project
5 Configuration and Design
5.7 Configuring the F-CPU
42 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
32. After performing the safety commissioning for all drives, you can traverse the drives with deselected emergency stop. The use of the drive-integrated safety functions is selected. These can be activated resp. deactivated via the control elements on the F-CPU. Only the following messages shall be displayed.
Note These messages do not influence the functionality described above. They only indicate that a test stop must be performed for the drive safety functions (A1697). These are warnings, that means the drives can be activated and traversed as soon as the configuration of the SIMATIC S7 has been completed. In this example, the test stop can be performed via the switch -S9 (DI3).
5.7 Configuring the F-CPU
No standard program is required for this application example as the drives are only controlled via BICO connections in the SINAMICS. In most of the real applications, a program which is independent from the safety program is to be expected, which is based on a standard telegram.
In this example, only the necessary enables are defined in the control word in OB1.
In this example, the safety program is executed in the F-CPU in the failsafe function block FB1. A basic program sequence has been selected to illustrate the functions. Please refer to the Distributed Safety manuals regarding complex safety logistics and supplementary conditions to be observed when creating the safety program.
Notice Such a program may not be used for real applications.
Start with the F-Call block which is used to call up the safety program. For this, insert a function (here FC1) in the block folder using the generation language F-Call. The alarm OB35 is required to cyclically call up the safety program.
In this example, the safety program is processed in a function block (here FB1), that means only the FB1 with the generation language F-KOP or F-FUP must be inserted.
5 Configuration and Design
5.7 Configuring the F-CPU
Safety Integrated V1.1, Article ID: 42939347 43
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
Table 5-6: Configuring the F-CPU
No. Action Remark
1. OB1 Fixed writing of all enables onto the control word
2. OB35 Call-up of the safety program
3. FB1 Network 1: Activate automatic acknowledgement
5 Configuration and Design
5.7 Configuring the F-CPU
44 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
4. FB1 Drive 1 Address 15 corresponds to byte 0 on the PROFIsafe frame. Network 2: Fixed deselection of the function STO with VKE1 on the PROFIsafe control word Network 3: -S1 (emergency stop) is connected to the PROFIsafe control word with SS1. Network 4, 5: Fixed deselection of the functions SS2 and SOS with VKE1 on the PROFIsafe control word Network 6: -S2 (protective door 1) is connected to the PROFIsafe control word with SLS. Must be inverted as -S2 has been wired as NO contact / NC contact. Network 7: -S4 (acknowledgement) is connected to the PROFIsafe control word with “Internal Event Acknowledge“.
5. FB1 Drive 1 Address 16 corresponds to byte 1 on the PROFIsafe frame. Network 8 and 9: Fixed selection of the SLS speed stage 1 on the PROFIsafe control word
5 Configuration and Design
5.7 Configuring the F-CPU
Safety Integrated V1.1, Article ID: 42939347 45
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
6. FB1 Drive 2 Address 21 corresponds to byte 0 on the PROFIsafe frame. Network 10: Fixed deselection of the function STO with VKE1 on the PROFIsafe control word Network 11: -S1 (emergency stop) is connected to the PROFIsafe control word with SS1. Network 12, 13: Fixed deselection of the functions SS2 and SOS with VKE1 on the PROFIsafe control word. Network 14: -S3 (protective door 2) is connected to the PROFIsafe control word with SLS. Network 15: -S4 (acknowledgement) is connected to the PROFIsafe control word with “Internal Event Acknowledge“.
7. FB1 Drive 2 Address 22 corresponds to byte 1 on the PROFIsafe frame. Network 16 and 17: Fixed selection of the SLS speed stage 1 on the PROFIsafe control word.
5 Configuration and Design
5.7 Configuring the F-CPU
46 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
8. FB1 Network 18: Signal lamp activation in -S4 with safe standstill detection. Network 19: -S4 is used to reintegrate the drive. (Acknowledge safety alarms)
9. Creating the F-runtime group For this, create a new function FC1 in the language F-CALL.
10. Creating the F-runtime group The safety program (FB1) is assigned to FC1, the corresponding I-DB is defined.
5 Configuration and Design
5.8 Acceptance test
Safety Integrated V1.1, Article ID: 42939347 47
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
11. Then generate the safety program and load it into the CPU. In addition, load the standard blocks into the F-CPU.
5.8 Acceptance test
An acceptance test must be performed to verify the safety-relevant parameters upon first machine commissioning and changing the safety-relevant parameters. The acceptance test must be recorded accordingly. The acceptance certificates are to be stored and archived appropriately.
The acceptance test must be performed following successful parameterization and a Power On reset.
Information regarding the acceptance test, the acceptance certificate and an example for the relevant acceptance certificate is provided in the “Function Manual SINAMICS S120 Safety Integrated" (FHS) in the chapter “Acceptance Test and Acceptance Certificate“.
6 Application Commissioning
6.1 Prerequisites
48 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
6 Application Commissioning This documents describes the creation of the application example configuration has been described step by step. If you wish to load the sample project directly onto the hardware, please observe the following steps.
Fist of all, perform a general reset of all components (S7-F-CPU and SINAMICS S120) resp. restore factory settings.
6.1 Prerequisites
The SIMATIC components have been installed and interconnected. The PROFIsafe addresses of the failsafe input and output modules must be set via DIL switches (see Chapter 5.3, Table 5-2, No. 5 and 7).
All components have been connected according to Chapter 4.
The DRIVE-CLiQ topology of the SINAMICS components has been maintained.
The motors are connected to the Motor Module via performance and encoder cables.
The Motor Module has been properly connected to the infeed unit (DC link and control voltage DC 24 V).
The infeed unit has been connected to the power supply.
The components are supplied with DC 24 V.
6.2 Preparation
(See Chapter Fehler! Verweisquelle konnte nicht gefunden werden.)
6.3 Commissioning
Table 6-1: Commissioning the sample application
No. Action Remark
1. Loading the F-CPU configuration Download the hardware configuration of the S7-F-CPU. Double-click on “Hardware“ to open the hardware configuration.
Note
If a safety program was previously stored on the CPU, this is password-protected. This password must be known for the download. If it is not known, delete the memory card using a suitable device (e.g. SIEMENS PG).
Notice
The card will be destroyed when being deleted resp. formatted using a card reader!
6 Application Commissioning
6.3 Commissioning
Safety Integrated V1.1, Article ID: 42939347 49
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
No. Action Remark
2. After successfully downloading the hardware configuration, the program blocks must be loaded onto the F-CPU. First, open the screen for loading the safety function via the “yellow“ button in the function bar. Press the “Load” button to start the download.
3. The remaining (non-safe) blocks are loaded as usual.
4. Loading the SINAMICS S120 configuration The project can be directly loaded into the SINAMICS S120. As the serial numbers of the encoder modules do not match those of the devices, various safety faults are output after the download. Enter the new serial numbers in the safety configuration analogously to series commissioning. This is done via “Confirm HW replacement“. The easiest way is to open the safety screens on both drives and press the button “Confirm HW replacement“.
5. Then initiate the backup from RAM to ROM for the SINAMICS and perform a restart (Power-On reset).
7 Application Operation
7.1 Overview
50 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
7 Application Operation
7.1 Overview
Fig. 7-1: Control elements of the sample application
The switches -S1 to -S4 are located on a switch box belonging to the safety training case. They are used to select the different safety functions.
The switches -S5 to -S9 are located on a switch box belonging to the SINAMICS training case. These switches are used to activate / deactivate the drives, specify different speeds, start the test function of the safety functions and acknowledge pending errors.
7 Application Operation
7.2 Description
Safety Integrated V1.1, Article ID: 42939347 51
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
7.2 Description
Reintegration
The drives must be reintegrated following Power OFF/ON. After pressing the button -S4, all alarm messages are acknowledged and the signal lamp of -S4 is lit.
Activation / deactivation
The emergency stop button -S1 must be unlocked to traverse the drives. Press the switch -S5 to activate both drives (OFF1). -S6 allows to toggle between the speed setpoints 0 and 800 rpm on the drive 1 (resp. 333 rpm on the drive 2).
Alarm acknowledgement
Pending alarms on the SINAMICS can be acknowledged with -S7. This does not refer to safety alarms which must be acknowledged in failsafe mode via -S4. The test stop of the safety functions which must be performed cyclically is activated via -S8.
Protective door 1
With closed protective door 1 (switch -S2), the drive 1 is rotated with n = 800 rpm. When opening the protective door 1, a data record is switched over in drive 1 and the setpoint speed is n = 20 rpm. With open protective door 1, the safety function SLS in drive 1 is activated. By closing the protective door 1, the speed n = 800 rpm is preset again. Drive 2 is not influenced.
Protective door 2
With a closed protective door 2 (switch -S3), setpoint speed n = 333 rpm is specified for drive 2. When opening the protective door 2, drive 2 is set to n = 33 rpm via data block switchover. With open switch -S3, the safety function SLS in drive 2 is activated. When closing the protective door 2, the speed n = 333 rpm is preset. Drive 1 is not influenced.
Error simulation
When pressing the button -S9, the drives are set to a higher setpoint independently of the protective door setting. With drive 1, this is n = 1000 rpm and with drive 2, n = 666 rpm. With open protective door, the SLS limit value is violated and the affected drive is stopped with internal SS2 (STOP C), and switched to SOS upon expiry of the delay time “STOP C SOS“ (in the example 400 ms). For further traversal, press the reset button -S4 to acknowledge the reaction triggered by the internal SS2 (STOP C).
8 References
52 Safety Integrated
V1.1, Article ID: 42939347
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
8 References
8.1 References
This list does not deem to be complete and only provides a selection of suitable references.
Table 8-1: References
Topic Title
/1/ SINAMICS S120 Function Manual 11/2009 Edition
/2/ SINAMICS S120 Equipment Manual 11/2009 Edition
/3/ SINAMICS S120 List Manual 11/2009 Edition
8.2 Internet link data
This list does not deem to be complete and only provides a selection of suitable references.
Table 8-2
Topic Title
\1\ Reference to the article
http://support.automation.siemens.com/WW/view/en/42939347
\2\ Siemens I IA/DT Customer Support
http://support.automation.siemens.com
9 History
Safety Integrated V1.1, Article ID: 42939347 53
Co
pyr
igh
t S
iem
en
s A
G C
op
yrig
ht-
Jah
r A
ll rig
hts
re
serv
ed
9 History
Table 9-1: History
Version Date Change
V1.0 July 1, 2010 First edition
V1.1 Oktober 12, 2010 Formatting