1454-9F模块备件

1454-9F

Safety-related inputs can be used for both safety-related signals and non-safety-related signals. Non-safety-related signals, however, may not be used for safety functions! In addition to the the diagnostic LEDs, the controllers generate and save error and status messages. The PADT can read the saved diagnostic messages. Safety-related input modules automatically perform high-quality, cyclic self-tests during operation. If a fault occurs, the initial value is provided to the user program as a global variable and, if possible, a fault information is issued. The user program can read out the error code and thus evaluate this fault information. For more information on the input modules, refer to the individual module manuals. 7.2 Safety of Sensors, Encoders and Transmitters In safety-related applications, the PES and its connected sensors, encoders and transmitters must all meet the safety requirements and achieve the specified SIL. Also refer to Annex Increasing the SIL Value of Sensors and Actuators. 7 Input Modules HIMax Page 28 of 64 HI 801 003 E Rev. 4.00 7.3 Safety-Related Digital Inputs The digital input module reads its digital inputs one time per module cycle and stores the value internally. The module cyclically checks that the inputs are safely functioning. Input signals that exist for a time shorter than the time between two samplings, i.e. shorter than a cycle time of the input module, are not be detected. 7.3.1 Test Routines The online test routines check whether the input channels are able to forward both signal levels (L and H levels), regardless of the signals actually present on the input. This function test is performed each time the input signals are read. 7.3.2 Reaction in the Event of a Fault If the test routines detect a fault of a digital input, the module sets the channel value in a way that the global variable assigned to the channel assumes the following values: ƒ For diagnosable faults, the global variable assumes its configured initial value. The module sets the Channel OK status parameter to FALSE ƒ For safe, non diagnosable faults, the module cannot generate any diagnostic entry. For these faults, the global variable adopts the safe value 0. If the test routines detect a module or submodule fault, the module sets the Module OK or Submodule OK status to FALSE. Additionally, the module or submodule sets Channel OK to FALSE for all its channels. In all these cases, the module activates the Error LED on the front plate. 7.3.3 Operation in Accordance with the Energize to Trip Principle It is allowed to operate digital inputs in accordance with the energized to trip principle. In this case, the input modules must be provided with line monitoring. 7.3.4 Redundancy It is allowed to connected the digital inputs redundantly. The redundant connection is usually used to increase availability. If other connection variants, e.g., to increase the SIL value, should be used, fault states must be handled in the user program logic. 7.3.5 Surges on Digital Inputs NOTE If shielded cables are used for digital inputs, no additional precautionary measures are required to protect against surges. If shielded cables are not used, surge pulses (as defined in EN 61000-4-5) on digital inputs may be read as a temporary high level due to the short cycle time of HIMax systems. Use the channel-specific time on and time off delay the to avoid these types of faults: a signal must be present for at least a certain time period before it is evaluated. In the process, the watchdog time must not be exceeded. HIMax 7 Input Modules HI 801 003 E Rev. 4.00 Page 29 of 64 7.4 Safety-Related Analog Inputs Analog input channels convert the measured input currents to a value of type DINT (double integer), i.e., the raw value, and to a process value of type REAL. The raw value contains thr measured input signal, whereas the process value is a scaled value. The safety-related precision is the guaranteed accuracy of the analog input without module fault reaction. This value must be taken into account when configuring the safety functions. 7.4.1 Test Routines The module captures analog values in parallel along two paths and compared the results with one another. Additionally, it tests the input path function cyclically. 7.4.2 Reaction in the Event of a Fault If the test routines detect a fault on an analog input, the module sets the channel value in a way that the global variable assigned to the process value of the channel, assumes the following values: ƒ For diagnosable faults, the global variable assumes its configured initial value. ƒ For safe, non diagnosable faults, the module cannot generate any diagnostic entry. For these faults, the global variable adopts the safe value 0. The module sets the status Channel OK to FALSE The raw value of the channel does not respond to faults. If the raw value is used, the user program must perform troubleshooting. If the test routines detect a module or submodule fault, the module sets the Module OK or Submodule OK status to FALSE. Additionally, the module or submodule sets Channel OK to FALSE for all its channels. In all these cases, the module activates the Error LED on the front plate. 7.4.3 Operation in Accordance with the Energize to Trip Principle It is allowed to operate analog inputs in accordance with the energized to trip principle. In this case, line monitoring must be used. 7.4.4 Redundancy It is allowed to connected the analog inputs redundantly. The redundant connection is usually used to increase availability. If other connection variants, e.g., to increase the SIL value, should be used, fault states must be handled in the user program logic. 7.5 Safety-Related Counter Inputs Depending on its configuration, a safety-related counter input can provide the following process values: ƒ A counter reading as an integer value or as a scaled floating-point value. ƒ A rotation speed or frequency as an integer value or as a scaled floating-point value. ƒ Additional auxiliary values such as overflow. For further details, refer to the module-specific manual (HI 801 113 E). 7.5.1 Test Routines The module captures the counter values in parallel along three paths and compared the results with one another. Additionally, it tests the input path function cyclically.