SINUMERIK 828 Safety Integrated Safe machines with a high productivity. Unrestricted Siemens AG 2018

Transcription

1 SINUMERIK 828 Safety Integrated Safe machines with a high productivity siemens.com/sinumerik

2 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 2

3 Safety Integrated - State-of-the-art and in conformance with the relevant directives Standards and regulations relating to safe machines to protect people are becoming increasingly more stringent. The Machinery Directive 2006/42/EC is mandatory when operating machines in the European Union. Machine OEMs must not only design and build "safe" machines, but they must also prove their safety. In classic designs, additional components (contactors, safety relays, etc.) and complex wiring are required to achieve safe machines. In spite of these challenges, reducing costs and increasing productivity and quality are the decisive drivers when it comes to manufacturing and operating safe machines Page 3

4 Machine safety general Machinery Directive 2006/42/EC The Machinery Directive must be transposed into domestic legislation in the Member States This especially addresses manufacturers and importers The Machinery Directive is applicable when placing in the market machines and safety components in the European Economic Area (EEA) "Placing on the market" means: Making available for the first time in the European Community machinery or partly completed machinery with a view to distribution or use, whether for payment or free of charge. The machine is manufactured in Europe or underwent significant changes and modifications in Europe The machine is imported into Europe All machines placed in the market in the European Economic Area (EEA) since December 29, 2009 must meet the requirements of the Machinery Directive (2006/42/EC)! Page 4

5 Machine safety general Machinery Directive 2006/42/EC Machinery imported into these countries must meet the requirements of the European Machinery Directive Page 5

6 How can the requirements of the European Machinery Directive be complied with? Without applying harmonized standards The machinery manufacturer must demonstrate in detail that it has met the requirements of the Machinery Directive. Applying harmonized standards The machinery manufacturer need only demonstrate that it has met the requirements of the harmonized standards. This means increased effort and costs in validating the machinery when compared to applying the harmonized standards. Then the presumption of conformity applies! We recommend that harmonized standards are applied Page 6

7 Machine safety general EN safety standards are hierarchically classified in 3 groups Basic standard (type A standards), e.g.: EN Functional safety of safety-related electrical/electronic/programmable electronic systems EN14121 Safety of machinery risk assessment Group standard (type B standards), e.g.: EN Safety of machinery functional safety of safety-related electrical, electronic and programmable electronic control systems. EN ISO Safety of machinery safety-related parts of controls EN Safety of machinery electrical equipment of machines Technical standards (type C standards), e.g.: EN ISO Machine tools safety of turning machines EN ISO Machine tools, safety machining centers, milling machines, transfer machines TYPE A Basic design Guidelines and basic terminology for machinery B1 Standards General Safety aspects TYPE B B2 Standards Reference to special Protective devices TYPE C Specific safety features for individual machinery groups Page 7

8 EN ISO Safety of machinery safety-related parts of controls Field of application Safety-related parts of control systems, irrespective of the technology Electrical, hydraulic, pneumatic, mechanical,... Based on the previous Standard EN However, a quantitative analysis of the safety function is also required. The probability of failure (PFH) of a safety function must be calculated The probability of failure (PFH) is defined by the Performance Level The Performance Level is calculated based on safety-related parameters The following safety-related parameters are required Category (structural requirement) Performance Level (PL) Mean Time to Dangerous Failure (MTTF D ) Diagnostic Coverage (DC) Common Cause Fault (CCF) Page 8

9 EN ISO Categories Category B Category 1 Category 2 Category 3 Category 4 I L O I L O I L O I1 L1 O1 I1 L1 O1 Single-channel structure. Single-channel structure. TE OTE I2 L2 O2 I2 L2 O2 The occurrence of a fault can result in the loss of the safety function. I = sensor L = logic O = actuator TE = test equipment OTE = output of the TE The occurrence of a fault can result in the loss of the safety function. The probability of a fault occurring is less than in Category B. Well-proven components and well-proven safety principles must be applied. Single-channel structure with test channel The safety function must be tested at regular intervals by the machine control system. Two-channel structure When a single fault occurs, the safety function is maintained. Two-channel structure Single faults must be detected at or before the request for the safety function. If this is not possible, it is not permissible that an accumulation of undetected faults results in the loss of the safety function. Page 9

10 EN ISO Risk graph F1 P1 Low risk a Severity of the injury S1 slight (usually reversible) injury S1 S2 F2 F1 P2 P1 P2 P1 P2 P1 b c d Required Performance Level PL S2 serious (usually irreversible) injury including death Frequency and/or duration of the exposure to danger F1 infrequent up to more often and/or short exposure F2 frequent up to continuous and/or long exposure Possibility of avoiding the danger P1 possible under certain conditions F2 P2 e P2 hardly possible High risk The Performance Level of each safety function must first be determined with the help of the risk graph Page 10

11 EN ISO Performance Level Performance Level PFH value (Probabillity of dangerous failure per hour) a >/= to > b >/= 3 x to > c >/= to > 3 x d >/= to e >/= to For EN ISO 13849, the result of a risk assessment is indicated by the Performance Level for the respective safety function Page 11

12 IEC Functional safety of safety-related electrical, electronic and programmable electronic control systems IEC is a sector-specific standard, positioned below IEC It describes the implementation of safetyrelated electrical control systems of machines, and takes into account the complete lifecycle from the conceptual phase to de-commissioning. The standard is based on the quantitative and qualitative analyses of safety functions. Sector-specific standards should use the basic approaches of IEC 61508, and apply them for the respective area of application. For example machine sector, power plant sector, medical sector,... Standard IEC describes the risk to be minimized and the ability of the control system to minimize this risk in the sense of the Safety Integrated Level (SIL). Three SILs are used in the machine sector, whereby SIL 1 is the lowest and SIL 3 is the highest Safety Integrity Level. Page 12

13 IEC Safety Integrity Level Safety Integrity Level (SIL) (IEC 62061) PFH value (Probabillity of dangerous failure per hour) - >/= to > >/= 3 x to > >/= to > 3 x >/= to >/= to For IEC 62061, the result of a risk assessment is indicated by the Safety Integrity Level for the respective safety function. Page 13

14 Relationship between SIL, PL and PFH value The following table shows the relationship between Performance Level, PFH value and Safety Integrated Level: Performance Level (PL) (EN ISO 13849) PFH value (Probability of dangerous failure per hour) Safety Integrity Level (SIL) (IEC 62061) a >/= to > b >/= 3 x to > c >/= to > 3 x d >/= to e >/= to Page 14

15 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 15

16 Safety Integrated plus SINUMERIK Safety in the TIA Portal SINUMERIK 808D Entry-level class Compact class SINUMERIK 828D SINUMERIK 840D sl Premium class Panel-based compact CNC Technologies: Turning and milling Up to 5 axes/spindles 1 machining channel 7.5"/8.4" color display S7-200-based PLC Panel-based compact CNC Technologies: Turning, milling, grinding Up to 10 axes/spindles / 2 auxiliary axes 2 machining channels 10.4"/15.6" color display S7-200-based PLC Drive-based modular CNC Multi-technology CNC Up to 93 axes/spindles Up to 30 machining channels Modular panel concept up to 19" color display SIMATIC S7-300 PLC 317/319-3PN/DP Page 16

17 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 17

18 Controlling the safety functions via TM54F and SIRIUS 3SK PROFINET DRIVE-CLiQ DRIVE-CLiQ K1 K2 SINUMERIK 828 TM54F SINAMICS S120 Drive-based safety Drive-based safety e.g. CU320 SINAMICS S120 SIRIUS safety relay 3SK Extended Functions Basic Functions n<nx K1 K2 Safety-related sensors and actuators Page 18

19 Controlling the safety functions via the TM54F and the modular 3RK3 safety system PROFINET DRIVE-CLiQ DRIVE-CLiQ SINUMERIK 828 TM54F SINAMICS S120 e.g. CU320 SINAMICS S120 Modular safety system 3RK3 Drive-based safety Extended Functions Drive-based safety Basic Functions n<nx Safety-related sensors and actuators Page 19

20 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 20

21 Safety Integrated functions Overview SINAMICS Safety Integrated (Basic Functions) 1) Safety Integrated (Extended Functions) 2) Safe Torque Off (STO) Stop A Stop B (Safe Stop 1; SS1) Stop C (Safe Stop 2; SS2) - Stop D (Safe Stop 2e; SS2e) - Stop E - Stop F Safe Operating Stop (SOS) - Safe Brake Control (SBC) Safe Speed Monitor (SSM) (n<nx) - Safely Limited Speed (SLS) - Safe Acceleration Monitor (SAM) - Safely Limited Position (SLP) - Safe Direction (SDI) - 1) No license required 2) License required Page 21

22 Safety Integrated plus functions Safe Torque Off (STO) Prevents unexpected starting Selecting STO The drive pulses are suppressed The power feed is electronically disconnected The drive is safely in a no-torque condition Applications Always active after Emergency Stop Manually rotating a spindle with the protective door open Page 22

23 Safety Integrated plus functions Safe Stop 1 (SS1) Safe stopping process Selecting SS1 The drive is brought to a standstill in accordance with stop category 1 (EN ) Braking along an adjustable ramp (OFF3) Transition into STO after an adjustable time Applications Protection of persons Stopping for Emergency Stop Page 23

24 Safety Integrated plus functions Safe Brake Control (SBC) Safety controlling a brake Two-channel output at the SINAMICS Motor Module Is initiated in conjunction with STO Brake winding short-circuit and wire breakage are detected Applications Controlling a brake for axes that can fall due to gravity Page 24

25 Safety Integrated plus functions Safe Stop 2 (SS2) Safe stopping process Selecting SS2 The drive is brought to a standstill in accordance with stop category 2 (EN ) Braking along an adjustable ramp (OFF3) Transition into SOS after an adjustable time or when a configurable speed is fallen below Applications Protection of persons Page 25

26 Safety Integrated plus functions Safe Stop 2 (SS2e; Stop D) Interpolatory stopping process Braking a drive along a contour During the delay time (p9553) the speed follows the setpoint provided by the higher-level control system During this delay time (p9553) it is not permissible that persons are in the hazardous area Transition into SOS after the delay time has elapsed (p9553) Selecting SS2e p9553 Applications Machine protection Page 26

27 Safety Integrated plus functions Safe Operating Stop (SOS) Safe position monitoring Selecting SOS The drive remains in position control It is monitored that the drive remains at standstill The drive can develop the full torque Applications Working in a hazard area with protective doors open Axes with asymmetrical tools are held in position Axes that can fall due to gravity are maintained at a certain position Page 27

28 Safety Integrated plus functions Safe Speed Monitor (SSM; n<n x ) Safe speed monitoring SSM is a signaling function It outputs a safety-related output signal once the speed limit value has been reached Processing the safe output signal in the safe logic Applications The protective door is only released after all of the drives have come to a standstill (zero speed) Page 28

29 Safety Integrated plus functions Safely Limited Speed (SLS) Safely limited speed Selecting SLS Safety-related monitoring of the load-side speed 4 different speed values per drive can be parameterized SLS encoderless for induction motors Applications Traversing axes or spindle with the protective door open Protection for persons Burst protection, e.g. for grinding wheels and lathe chucks Machine protection Page 29

30 Safety Integrated plus functions Safe Acceleration Monitor (SAM) / Safe Brake Ramp (SBR) Safe acceleration monitoring / Safe Brake Ramp Active for SS1 and SS2 The function monitors as to whether the speed increases while braking STO is immediately triggered once the monitoring responds Applications Monitoring the braking operation Page 30

31 Safety Integrated plus functions Safely Limited Position (SLP) Safe traversing range limits Selecting SLP Switching over SLP Two traversing range limits can be parameterized The two limits can be toggled between Adjustable stop response Substitute/replacement for hardware limit switches Applications Traversing range limits for axes Page 31

32 Safety Integrated plus functions Safe Direction (SDI) Safe monitoring of the direction of motion Selecting SDI Using two fail-safe signals, the positive or negative direction can be inhibited. Applications Expensive tools, which may only be used for machining in one direction of rotation Traversing from an end position in the appropriate direction Page 32

33 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 33

34 Safety Integrated function Brake management Brake management Safe Brake Test (diagnostic function) + Safe Brake Control Automatic test of the holding torque Monitoring of the test torque Monitoring of the axis movement Plus and minus (P/M) switching control Monitoring of the control cables Forced checking procedure as background test Page 34

35 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 35

36 Safety Integrated System requirements Designation Article number Remark SI Basic Functions - SINAMICS always has these functions as standard feature SI Extended Functions 6FC5800-0AC50-0YB0 This option is required for each axis that is to be monitored using "SI Extended Functions" TM54F 6SL3055-0AA00-3BA0 A TM54F is required for each Control Unit Page 36

37 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 37

38 Safety Integrated Commissioning A function description for Safety Integrated is available at the following link: ps&pnid=14590&lc=en-ww The actual function description for Safety Integrated can be found by entering the search term "Safety Integrated". Graphic commissioning with SINUMERIK Operate Safety Integrated Basic Functions Safety Integrated Extended Functions Page 38

39 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 39

40 Safety Integrated Acceptance test Partially automated test of safety functions Logging of measured data Operator-controlled test sequence Creation of machine-specific templates For testing Individual machines / special machines Machinery parts as partial test Series machines Page 40

41 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 41

42 Risk evaluation/risk assessment The machine manufacturer must ensure that a risk evaluation is made (excerpt from the Machinery Directive 2006/42/EC) Start The risk evaluation should be performed according to EN The risk evaluation comprises the following elements: The risk analysis with the definition of the machine limits The identification of potential hazards The risk estimate The risk analysis supplies the information required for the risk assessment Measures to minimize the risk are made based on the risk assessment Definition of the machine limits Identification of the hazards Risk estimation Risk assessment Risk analysis A safety function has to be specified for each identified hazard. The risk analysis must be performed by the machine manufacturer. Was the risk adequately reduced? Yes End No Risk evaluation Risk minimization (see ) Page 42

43 EN ISO Definition of the Performance Level F1 P1 Low risk a Severity of the injury S1 slight (usually reversible) injury S1 S2 F2 F1 P2 P1 P2 P1 P2 P1 b c d Required Performance Level PL S2 serious (usually irreversible) injury including death Frequency and/or duration of the exposure to danger F1 infrequent up to more often and/or short exposure F2 frequent up to continuous and/or long exposure Possibility of avoiding the danger P1 possible under certain conditions F2 P2 e P2 hardly possible High risk A safety function with the associated Performance Level has to be specified for each identified hazard. Page 43

44 Structure of a safety function Detecting Sensors and operating devices: Commands, mode, status of the machine and protective devices Evaluating Signal evaluation, safe logic: Detection of the hazardous situation and determination of the correct response Reacting Actuators: Execution of the correct response Buttons and sensors Relay or control Contactors, signaling units, power controllers, etc. Page 44

45 Example for calculating the "Emergency Stop" safety function Task: For a lathe with two axes and one spindle, when pressing the Emergency Stop pushbutton, all drives are to be stopped with SS1. Block diagram Detecting Evaluating Reacting HT8 Emergency Stop pushbutton PPU SK safety relay TM54F Motor Modules Encoder interface I1 L1 L3 L2 C1 C2 C3 R1 R2 R3 Spindle X axis Z axis Spindle X axis Z axis PFH PFH PFH PFH PFH PFH PFH PFH PFH PFH 1.01 x x x x x x x x x x The total PFH value of the safety function is obtained from the sum of the individual PFH values. In this particular example, 2.39 x This corresponds to a Performance Level d Page 45

46 Tools for calculating the PFH value Safety Evaluation Tool SISTEMA Page 46

47 Agenda Machinery directive and standards Overview of the SINUMERIK portfolio Safety Integrated concepts for SINUMERIK 828 Safety functions Brake test System requirements and software licenses Commissioning Acceptance test Safety functions on machines according to ISO Additional information Page 47

48 Additional information You can find a collection of links across a wide range of topics for SINUMERIK Safety Integrated at the following link: Page 48

49 Thank you for your attention! Subject to changes and errors. The information given in this document only contains general descriptions and/or performance features which may not always specifically reflect those described, or which may undergo modification in the course of further development of the products. The requested performance features are binding only when they are expressly agreed upon in the concluded contract. All product designations, product names, etc. may contain trademarks or other rights of Siemens AG, its affiliated companies or third parties. Their unauthorized use may infringe the rights of the respective owner. siemens.com/sinumerik Page 49