How it Works
Beckhoff
Loading...
AX8911
Documentation
47 pgs2.05 Mb0
Table of contents
Loading...

Beckhoff AX8911 Documentation

Documentation for
AX8911 - TwinSAFE Drive Option
TwinSAFE Drive Option for AX8xxx-x1xx Servo Drives
Version: Date:
1.0.0 2017-10-26

Table of contents

Table of contents
1 Foreword ....................................................................................................................................................5
1.1 Notes on the documentation........................................................................................................... 5
1.2 Safety instructions .......................................................................................................................... 6
1.2.1 Delivery state .....................................................................................................................6
1.2.2 Operator's obligation to exercise diligence ........................................................................6
1.2.3 Description of safety symbols ............................................................................................7
1.3 Documentation issue status............................................................................................................ 7
2 References .................................................................................................................................................8
3 System description ...................................................................................................................................9
3.1 The AX8000 multi-axis servo system ............................................................................................. 9
4 Product description.................................................................................................................................10
4.1 General description....................................................................................................................... 10
4.1.1 AX8911 with STO function (AX8xxx-x1xx).......................................................................10
4.1.2 AX8911 with Safe Motion functions (AX8xxx-x2xx) .........................................................11
4.2 Intended use ................................................................................................................................. 11
4.3 Technical data .............................................................................................................................. 14
4.4 Safety parameters ........................................................................................................................ 15
4.5 Project design limits for AX8911 (AX8xxx-x1xx)........................................................................... 16
5 Operation..................................................................................................................................................17
5.1 Environmental conditions.............................................................................................................. 17
5.2 Installation..................................................................................................................................... 17
5.2.1 Safety instructions............................................................................................................17
5.2.2 Transport / storage...........................................................................................................17
5.2.3 Mechanical installation.....................................................................................................17
5.2.4 Electrical installation.........................................................................................................18
5.3 Configuration of the option in TwinCAT ........................................................................................ 20
5.3.1 Adding an axis module.....................................................................................................20
5.3.2 Using the AX8911 with the default project .......................................................................20
5.3.3 Use of the AX8911 with a fail-safe user program ............................................................24
5.3.4 Creation of safety functions .............................................................................................30
6 Use of the STO function..........................................................................................................................31
6.1 Default STO function in the AX8911............................................................................................. 33
6.1.1 Process image of the AX8xxx-x1xx .................................................................................35
6.1.2 Error reaction ...................................................................................................................35
7 Implementation of Safe Motion functions .............................................................................................36
7.1 Safe inputs and outputs ................................................................................................................ 36
7.2 Safety function STO...................................................................................................................... 36
7.3 Safety function SS1 ...................................................................................................................... 36
7.4 Safety function SS2 ...................................................................................................................... 36
7.5 Safety function SOS ..................................................................................................................... 36
7.6 Safety functions SLS, SSM, SSR ................................................................................................. 36
7.7 Safety function SAR...................................................................................................................... 36
7.8 Safety functions SDIp, SDIn ......................................................................................................... 36
7.9 Safety function SLI........................................................................................................................ 36
7.10 Safety functions SLP, SCA ........................................................................................................... 36
Table of contents
8 Diagnostics ..............................................................................................................................................37
8.1 Diagnostic display of the AX8xxx axis module ............................................................................. 37
8.2 AX8xxx Diag history tab................................................................................................................ 37
8.3 Diagnosis History.......................................................................................................................... 38
9 Maintenance.............................................................................................................................................41
10 Service life................................................................................................................................................42
11 Decommissioning....................................................................................................................................43
12 Appendix ..................................................................................................................................................44
12.1 Support and Service ..................................................................................................................... 44
12.2 Certificates.................................................................................................................................... 45
AX8911 - TwinSAFE Drive Option4 Version: 1.0.0
Foreword

1 Foreword

1.1 Notes on the documentation

Intended audience
This description is only intended for the use of trained specialists in control and automation engineering who are familiar with the applicable national standards.
It is essential that the following notes and explanations are followed when installing and commissioning these components.
The responsible staff must ensure that the application or use of the products described satisfy all the requirements for safety, including all the relevant laws, regulations, guidelines and standards.
Origin of the document
This documentation was originally written in German. All other languages are derived from the German original.
Currentness
Please check whether you are using the current and valid version of this document. The current version can be downloaded from the Beckhoff homepage at http://www.beckhoff.com/english/download/twinsafe.htm. In case of doubt, please contact Technical Support [}44].
Product features
Only the product features specified in the current user documentation are valid. Further information given on the product pages of the Beckhoff homepage, in emails or in other publications is not authoritative.
Disclaimer
The documentation has been prepared with care. The products described are subject to cyclical revision. For that reason the documentation is not in every case checked for consistency with performance data, standards or other characteristics. We reserve the right to revise and change the documentation at any time and without prior announcement. No claims for the modification of products that have already been supplied may be made on the basis of the data, diagrams and descriptions in this documentation.
Trademarks
Beckhoff®, TwinCAT®, EtherCAT®, Safety over EtherCAT®, TwinSAFE®, XFC® and XTS® are registered trademarks of and licensed by Beckhoff Automation GmbH. Other designations used in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owners.
Patent Pending
The EtherCAT Technology is covered, including but not limited to the following patent applications and patents: EP1590927, EP1789857, DE102004044764, DE102007017835 with corresponding applications or registrations in various other countries.
The TwinCAT Technology is covered, including but not limited to the following patent applications and patents: EP0851348, US6167425 with corresponding applications or registrations in various other countries.
Foreword
EtherCAT® is registered trademark and patented technology, licensed by Beckhoff Automation GmbH, Germany
Copyright
© Beckhoff Automation GmbH & Co. KG, Germany. The reproduction, distribution and utilization of this document as well as the communication of its contents to others without express authorization are prohibited. Offenders will be held liable for the payment of damages. All rights reserved in the event of the grant of a patent, utility model or design.
Delivery conditions
In addition, the general delivery conditions of the company Beckhoff Automation GmbH & Co. KG apply.

1.2 Safety instructions

1.2.1 Delivery state

All the components are supplied in particular hardware and software configurations appropriate for the application. Modifications to hardware or software configurations other than those described in the documentation are not permitted, and nullify the liability of Beckhoff Automation GmbH & Co. KG.

1.2.2 Operator's obligation to exercise diligence

The operator must ensure that
• the TwinSAFE products are only used as intended (see chapter Product description);
• the TwinSAFE products are only operated in sound condition and in working order.
• the TwinSAFE products are operated only by suitably qualified and authorized personnel.
• the personnel is instructed regularly about relevant occupational safety and environmental protection aspects, and is familiar with the operating instructions and in particular the safety instructions contained herein.
• the operating instructions are in good condition and complete, and always available for reference at the location where the TwinSAFE products are used.
• none of the safety and warning notes attached to the TwinSAFE products are removed, and all notes remain legible.
AX8911 - TwinSAFE Drive Option6 Version: 1.0.0
Foreword

1.2.3 Description of safety symbols

In these operating instructions the following symbols are used with an accompanying safety instruction or note. The safety instructions must be read carefully and followed without fail!
Serious risk of injury!
Failure to follow the safety instructions associated with this symbol directly endangers the
DANGER
WARNING
CAUTION
Attention
life and health of persons.
Risk of injury!
Failure to follow the safety instructions associated with this symbol endangers the life and
health of persons.
Personal injuries!
Failure to follow the safety instructions associated with this symbol can lead to injuries to
persons.
Damage to the environment or devices
Failure to follow the instructions associated with this symbol can lead to damage to the en-
vironment or equipment.
Tip or pointer
This symbol indicates information that contributes to better understanding.
Note

1.3 Documentation issue status

Version Comment
1.0.0 • Certificate added
• Description of the safe inputs and outputs added
0.4.0 • Safety parameters for the STO and SS1 functions added
0.3.0 • Description of the Safe Motion functions updated
0.2.0 • Preliminary (internal only)
0.1.0 • Preliminary (internal only)
References

2 References

No Version Title / description
[1] 1.4.0 or newer AX8000 StartUp
This documentation contains the description of the assembly, installation and operation of an AX8000.
[2] 1.4.1 or newer Operating instructions for EL6910 TwinSAFE logic module
The document contains a description of the logic functions of the EL6910, and thus also of the AX8911, and their programming
[3] 3.1.0 or newer Documentation – TwinSAFE Logic FB
The document describes the safety function blocks that are available in the EL6910, and thus also in the AX8911, and form the safety application.
[4] 1.0 or newer AX8000 system manual
Description of the mechanical and electrical parameters as well as all information necessary for the use of the AX8000 multi-axis servo system.
[5] 1.8.0 or newer TwinSAFE application guide
The application guide provides the user with examples for the calculation of safety parameters for safety functions according to the standards DIN EN ISO 13849-1 and EN 62061 or EN 61508:2010, such as are typically used on machines.
AX8911 - TwinSAFE Drive Option8 Version: 1.0.0
System description

3 System description

3.1 The AX8000 multi-axis servo system

Multi-channel drive solutions can be constructed with the AX8000 multi-axis servo system. The required number of single-channel or two-channel axis modules are attached to the central supply module. The modules are connected without screws or tools using the built-in AX-Bridge quick connection system, which is based on spring-loaded terminals. The single-axis and dual-axis modules can optionally be equipped with STO or Safe Motion (AX8xxx-x1xx or AX8xxx-x2xx).
eXtreme Fast Control in the drive
The EtherCAT-based AX8000 multi-axis servo system combines powerful FPGA technology with multi-core ARM processors. The new multi-channel current control technology makes extremely short sampling and reaction times possible. The entirely hardware-implemented current controller combines the advantages of analog and digital control technology: reaction to a deviation of the current from the setpoint value is possible within 1 µs; the velocity controller cycle time is around 16 µs at a switching frequency of 32 kHz. The processing of the EtherCAT process data (actual and setpoint values) can take place without a processor almost without delay in the hardware, so that the minimum EtherCAT cycle time is only 62.5 µs.
One Cable Technology (OCT)
The AX8000 multi-axis servo system supports OCT, the one-cable solution for power and feedback. In connection with the servo motors from the AM8000 (standard), AM8500 (increased inertia) and AM8800 (stainless steel) series, the wiring is reduced to the obligatory motor cable, via which the feedback signals are then also directly transmitted. As in sensorless control, the user no longer has to use an additional feedback cable. All the information required for control purposes is transferred reliably and fail-safe via a digital interface.
Product description

4 Product description

4.1 General description

AX8911 - TwinSAFE drive option for AX8000 series servo drives
The AX8911 TwinSAFE drive option is an optional extension of the Beckhoff AX8000 servo drive series. There are two versions of the AX8911 option. The first version provides only the STO function via the digital inputs of the AX8000 axis module or via a TwinSAFE (FSoE) connection. The second version provides STO and additionally the Safe Motion functions such as Safe Limited Speed.
The AX8911 meets the requirements of IEC 61508:2010 SIL3, EN62061:2005/A1:2013/A2:2015SILCL3 and ENISO13849-1:2015(Cat 4, PL e).
The AX8911 is intended for use in a servo drive from the AX8000 series, in which it is permanently installed.

4.1.1 AX8911 with STO function (AX8xxx-x1xx)

Through the integration of the AX8911 drive option in the AX8000, the STO safety function can be enabled via two digital inputs per channel of the servo drive or via Safety-over-EtherCAT (FSoE). The digital inputs and the signals via FSoE are equivalent and are logically ORed internally. It is therefore sufficient to enable the axis via either one of the two ways.
The respective axis is enabled if both of its digital inputs are logic 1 (24VDC). If at least one of the two digital inputs is logic 0, then the STO safety function is active and the motor is switched torque-free.
Alternatively, the STO function of the axis can be accessed via Safety-over-EtherCAT (FSoE). The respective axis is enabled if the STO signal via FSoE is logic 1. If the STO signal via FSoE is logic 0, the STO safety function is active and the motor is switched torque-free.
The AX8911 drive option is typically addressed via FSoE. The digital inputs are intended for the commissioning of the AX8000. It is also possible via the digital inputs to operate the AX8911 drive option with a safety controller that doesn't support the FSoE protocol.
Digital inputs and Safety-over-EtherCAT (FSoE)
If you use the FSoE connection for accessing the AX8911 drive option and additionally the
Attention
digital inputs of the AX8000 on X15 or X25 during the commissioning of the axis, make sure that the wiring to the digital inputs is removed after the commissioning of the axis.
STO function
If the STO function described above is not suitable for the application, it must be changed
Note
by the user or by loading a user-defined safety project into the AX8911.
AX8911 - TwinSAFE Drive Option10 Version: 1.0.0
Product description

4.1.2 AX8911 with Safe Motion functions (AX8xxx-x2xx)

Through the integration of the AX8911 into the AX8000, the user can implement safety functions in accordance with the following list:
• Stop functions such as STO, SOS, SS1, SS2
• Speed functions such as SLS, SSM, SSR
• Acceleration functions such as SAR
• Direction of rotation functions such as SDIp, SDIn
• Position functions such as SLP, SCA, SLI (however, SLP and SCA are possible only if an appropriate safe feedback system is used)
Like the programming or configuration of the safety application, the entire parameterization of the AX8911 option card is performed from the TwinCAT software. All system-specific settings are stored together with the application in the AX8911. The backup/restore mechanism familiar from the EL69x0 can be used for the exchange of the AX8911. Further information on this can be found in the EL6910 user documentation (see
References [}8]).

4.2 Intended use

The AX8911 TwinSAFE drive option card extends the field of use of the Beckhoff AX8000 servo drive by safety functions that allow it to also be used in the field of machine safety.
Observe the intended use!
Use of the TwinSAFE drive option card other than for the intended purpose as described
WARNING
The AX8911 card can be addressed as a TwinSAFE drive option card via the TwinSAFE inputs X15 or X25 or via an FSoE or TwinSAFE connection. Depending on which of these variants is used, the error reactions of the TwinSAFE drive option card described below may be different.
The following safety measures and safety instructions must be observed when using the TwinSAFE drive option card
General notes
below is not permitted!
Power supply from SELV/PELV power supply unit!
The TwinSAFE components must be supplied with 24VDC by an SELV/PELV power supply
WARNING
unit with an output voltage limit U safety.
of 36VDC. Failure to observe this can result in a loss of
max
Caution - Risk of injury!
Basically, electronic devices are not fail-safe. The machine manufacturer is responsible for
WARNING
ensuring that the connected motors and the machine are brought into a safe state in the event of a voltage outage in the drive system
Follow the machinery directive!
The TwinSAFE Drive option cards may be used in machines only as defined in the machine
CAUTION
directive.
Ensure traceability!
The buyer has to ensure the traceability of the device via the serial number.
CAUTION
Product description
Parameterization
Check the parameterization of the TwinSAFE drive option card!
The TwinSAFE drive option card determines errors in the parameterization, but no logical
WARNING
testing of the parameters or the loaded safety program can take place. Hence, you must ensure by means of an acceptance test that the parameterization and the safety program are correct for the application. This test must be performed by the machine manufacturer.
The combination of AX8000 and AX8911 may be used in production only when this test has produced a positive result for all safety-relevant functions.
Avoid incorrect parameterization of the servo drive!
Incorrect parameterization of the servo drive (e.g. current controller oscillates or is too
WARNING
lethargic) can lead to switch-off. The AX8911 switches the motors of the AX8000 servo drive torque-free. Any motors that are still moving coast to a halt. With suspended or pulling loads the motors may also accelerate. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
Avoid incorrect dimensioning of the servo drive!
Loads that cannot be braked by the AX8000 servo drive (e.g. if the AX8000 servo drive is
WARNING
under-dimensioned) can lead to switch-off. The AX8911 switches the motors of the AX8000 servo drive torque-free. Any motors that are still moving coast to a halt. With suspended or pulling loads the motors may also accelerate. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
External safety measures
Provide for external safety measures for the STO function of the TwinSAFE drive option card!
WARNING
If the STO safety function is executed, the connected motors are not braked, but are switched torque-free. This leads to the motors coasting to a halt. The duration of this coast­ing depends on how much kinetic energy is present in the system. With suspended or pulling loads the motors may also accelerate. The user must provide appropriate external safety measures (e.g. mechanical service brakes) to prevent this.
Provide for external safety measures for the error reactions of the TwinSAFE drive option card!
WARNING
The STO error reaction is executed if the TwinSAFE drive option card determines an error. If the STO error reaction is executed, the connected motors are not braked, but are directly
switched torque-free. This leads to the motors coasting to a halt. The duration of this coast­ing depends on how much kinetic energy is present in the system. With suspended or pulling loads the motors may also accelerate. The user must provide appropriate external safety measures (e.g. mechanical service brakes) to prevent this.
AX8911 - TwinSAFE Drive Option12 Version: 1.0.0
Diagnostics / faults
Avoid line interruptions!
Line interruptions can lead to switch-off. The AX8911 can switch the motors of the AX8000
WARNING
servo drive torque-free according to the safety project used on it. Any motors that are still moving coast to a halt. With suspended or pulling loads the motors may also accelerate. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
Avoid faults and interruptions in the EtherCAT communication!
Faults and interruptions in the EtherCAT communication lead to switch-off. The AX8911
WARNING
can switch the motors of the AX8000 servo drive torque-free according to the safety project used on it. Any motors that are still moving coast to a halt. With suspended loads the mo­tors may even be accelerated. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
Activation or restart of a project in TwinCAT
The activation or restart of a project in TwinCAT can lead to switch-off. The AX8911 can
WARNING
switch the motors of the AX8000 servo drive torque-free according to the safety project used on it. Any motors that are still moving coast to a halt. With suspended loads the mo­tors may even be accelerated. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
Product description
WARNING
Downloading the safety project to the TwinSAFE logic or the AX8911 can lead to switch-off!
Downloading the safety project to the TwinSAFE logic or the AX8911 can lead to switch-off. The AX8911 switches the motors of the AX8000 servo drive torque-free. Any motors that are still moving coast to a halt. With suspended or pulling loads the motors may also accel­erate. External safety measures (e.g. mechanical service brakes) are to be provided by the user to avoid unwanted movements.
Product description

4.3 Technical data

Product designation AX8911 (AX8xxx-x1xx)
Number of inputs 2 digital inputs per channel (X15, X25) Status display "S" display on the AX8000 Minimum/maximum cycle time approx. 1 ms / according the project size Fault response time ≤ watchdog times Watchdog time min. 2 ms, max. 60000 ms Supply voltage (SELV/PELV) 24VDC (–10% /+10%)
refer also to the AX8000 Startup manual (References
[}8]) Dimensions (W x H x D) integrated in the AX8xxx-x1xx Weight approx. 25g Permissible ambient temperature (operation) 0 °C to +55 °C Permissible ambient temperature (transport/storage) -25 °C to +70 °C Permissible air humidity 5% to 95%, non-condensing Permissible air pressure (operation/storage/transport) 750hPa to 1100hPa
(this corresponds to an altitude of approx. -690m to
2450m above sea level, assuming an international
standard atmosphere) Climate category according to EN 60721-3-3 3K3
(the deviation from 3K3 is possible only with optimal
environmental conditions and also applies only to the
technical data which are specified differently in this
documentation) Permissible level of contamination according to
EN60664-1 Inadmissible operating conditions TwinSAFE drive option cards may not be used under
Correct installation position
Approvals CE, TÜV SÜD
level of contamination 2
the following operating conditions:
• under the influence of ionizing radiation (exceeding the natural background radiation)
• in corrosive environments
• in an environment that leads to impermissible contamination of the option card
refer also to the AX8000 Startup manual (References [}8])
AX8911 - TwinSAFE Drive Option14 Version: 1.0.0

4.4 Safety parameters

Safety functions STO, SS1
Characteristic numbers AX8911 - STO, SS1 (AX8xxx-x1xx)
Lifetime [a] 20 Proof test interval [a] not required PFH
D
%SIL3 of PFH PFD
avg
%SIL3 of PFD MTTF
D
D
avg
3.04E-09 3% of SIL3
9.20E-05 9% of SIL3
high DC high, 99.5% SFF >99% Performance level PL e Category 4 HFT 1 Classification element
2)
Type B
1)
Product description
1. Special proof tests are not required during the entire service life of the AX8911 TwinSAFE drive option card.
2. Classification according to IEC61508-2:2010 (see chapters 7.4.4.1.2 and 7.4.4.1.3)
The AX8911 TwinSAFE drive option card can be used for safety-related applications within the meaning of IEC61508:2010 up to SIL3, EN62061:2005/A1:2013/A2:2015 up to SILCL3 and ENISO13849-1:2015 up to PL e (Cat.4).
Further information on calculating or estimating the MTTFD value from the PFHD value can be found in the TwinSAFE application guide or in ENISO13849-1:2015, TableK.1.
In terms of safety-related parameters, the Safety-over-EtherCAT communication is already considered with 1% of SIL3 according to the protocol specification.
Safe Motion functions SS2, SOS, SLS, SLP
The safety parameters for the Safe Motion functions are inserted here as soon as the AX8xxx-x2xx devices with AX891x safety option card are enabled.
Loading...
+ 32 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use