Danfoss Safe Torque Off Operating guide
Operating Guide
Safe Torque Off
VLT® Frequency Converters
vlt-drives.danfoss.com 
Safe Torque Off |
|
Operating Guide |
Contents |
Contents
1 Introduction |
5 |
|
1.1 |
Purpose of this Operating Guide |
5 |
1.2 |
Additional Resources |
5 |
1.3 |
Functional Overview |
5 |
|
1.3.1 Introduction |
5 |
|
1.3.2 Products Covered and Identification |
5 |
1.4 |
Applied Standards and Compliance |
6 |
2 Safety |
7 |
|
2.1 |
Safety Symbols |
7 |
2.2 |
Qualified Personnel |
7 |
2.3 |
Responsibilities of Users of Safety-related Power Drive Systems PDS(SR) |
7 |
2.4 |
Protective Measures |
7 |
2.5 |
Safety Precautions |
7 |
3 Installation |
10 |
|
3.1 |
Safety Instructions |
10 |
3.2 |
Installing STO |
10 |
3.3 |
Installation in Combination with VLT® PTC Thermistor Card MCB 112 |
11 |
4 Commissioning |
13 |
|
4.1 |
Safety Instructions |
10 |
4.2 |
Activating STO |
13 |
4.3 |
Parameter Settings for STO Used With VLT® PTC Thermistor Card MCB 112 |
13 |
4.4 |
Automatic/Manual Restart Behavior |
13 |
4.5 |
STO Commissioning Test |
14 |
|
4.5.1 Restart Prevention for STO Application |
14 |
|
4.5.2 Automatic Restart of STO Application |
14 |
4.6 |
System Configuration Security |
14 |
4.7 |
Service and Maintenance |
14 |
|
4.7.1 Performing Functional Tests |
15 |
5 Application Examples |
|
16 |
|
5.1 |
SISTEMA Data |
|
16 |
5.2 |
Emergency Stop of Drive with STO - Category 1, PL c, SIL1 |
|
16 |
5.3 |
Emergency Stop of Drive with STO Using Safety Relay - Category 3, PL d, SIL2 |
|
17 |
5.4 |
Emergency Stop of Drive with STO, Safety Relay, and Output Contactor - Category 4, PL e, SIL3 |
18 |
|
5.5 |
Emergency Stop of Multiple Drives - Category 3, PL d, SIL2 |
|
19 |
|
|
||
Danfoss A/S © 2021.09 |
AQ313340186453en-000201/130R0544 | 3 |
||
Safe Torque Off |
|
Operating Guide |
Contents |
6 STO Technical Data |
21 |
|
6.1 |
Notices Regarding Technical Data |
21 |
6.2 |
European Directives |
21 |
6.3 |
Safety Standards |
21 |
6.4 |
Safety Function |
21 |
6.5 |
Safety Performance |
21 |
7 Appendix |
22 |
|
7.1 |
Abbreviations |
22 |
7.2 |
Conventions |
22 |
4 | Danfoss A/S © 2021.09 |
AQ313340186453en-000201/130R0544 |
Safe Torque Off
Operating Guide |
Introduction |
|
|
1 Introduction
1.1 Purpose of this Operating Guide
This Operating Guide provides information for use of Danfoss VLT® FC Series drives in functional safety applications. The manual includes information about functional safety standards, Danfoss VLT® FC Series Safe Torque Off (STO) function, the related installation and commissioning, and service and maintenance for STO.
VLT® is a registered trademark for Danfoss A/S.
1.2 Additional Resources
This manual is targeted at users already familiar with the VLT® drives. It is intended as a supplement to the manuals and instructions available for download at www.danfoss.com. Read the instructions shipped with the drive and/or drive option before installing the unit, and observe the instructions for safe installation.
1.3 Functional Overview
1.3.1 Introduction
The Safe Torque Off (STO) function is a component in a safety control system. STO prevents the unit from generating the power required to rotate the motor.
N O T I C E
Select and apply the components in the safety control system appropriately to achieve the required level of operational safety. Before integrating and using STO in an installation, carry out a thorough risk analysis on the installation to determine whether the STO functionality and safety levels are appropriate and sufficient.
The VLT® drive is available with:
•Safe Torque Off (STO), as defined by EN IEC 61800-5-2.
•Stop category 0, as defined in EN 60204-1.
The drive integrates the STO functionality via control terminal 37.
The VLT® drive with STO functionality is designed and approved suitable for the requirements of:
•Category 3 in EN ISO 13849-1.
•Performance Level "d" in EN ISO 13849-1.
•SIL 2 in IEC 61508 and EN 61800-5-2.
•SILCL 2 in EN 62061.
1.3.2 Products Covered and Identification
The STO function is available for the following drive types:
•VLT® HVAC Drive FC 102.
•VLT® Refrigeration Drive FC 103.
•VLT® AQUA Drive FC 202.
•VLT® AutomationDrive FC 301, enclosure size A1.
•VLT® AutomationDrive FC 302.
•VLT® Decentral Drive FCD 302.
•VLT® Parallel Drive Modules. Identification
•Confirm that the drive is configured with the STO function by checking the unit type code on the nameplate.
Danfoss A/S © 2021.09 |
AQ313340186453en-000201 / 130R0544 | 5 |
Safe Torque Off |
|
Operating Guide |
Introduction |
|
|
Table 1: Type Code Identification |
|
|
|
Product |
Type code |
|
|
VLT® HVAC Drive FC 102 |
T or U at digit 18 of the type code. |
|
|
VLT® Refrigeration Drive FC 103 |
T at digit 18 of the type code. |
|
|
VLT® AQUA Drive FC 202 |
T or U at digit 18 of the type code. |
|
|
VLT® AutomationDrive FC 301, enclosure size A1 |
T at digit 18 of the type code. |
|
|
VLT® AutomationDrive FC 302 |
X, B, or R at digit 18 of the type code. |
|
|
VLT® Decentral Drive FCD 302 |
X, B, or R at digit 18 of the type code. |
|
|
VLT® Parallel Drive Modules |
T or U at digit 18 of the type code. |
|
|
1.4 Applied Standards and Compliance
Using the STO on terminal 37 requires that the user fulfills all provisions for safety, including relevant laws, regulations, and guidelines.
The integrated STO function complies with the following standards:
•IEC/EN 60204-1: 2016 Stop category 0 - uncontrolled stop.
•IEC/EN 61508: 2010 SIL2.
•IEC/EN 61800-5-2: 2016.
•IEC/EN 62601: 2015 SIL CL2.
•EN ISO 13849-1: 2015 Category 3 PL d.
6 | Danfoss A/S © 2021.09 |
AQ313340186453en-000201 / 130R0544 |
Safe Torque Off
Operating Guide |
Safety |
|
|
2 Safety
2.1 Safety Symbols
The following symbols are used in this manual:
D A N G E R 
Indicates a hazardous situation which, if not avoided, will result in death or serious injury.
W A R N I N G 
Indicates a hazardous situation which, if not avoided, could result in death or serious injury.
C A U T I O N 
Indicates a hazardous situation which, if not avoided, could result in minor or moderate injury.
N O T I C E
Indicates information considered important, but not hazard-related (for example, messages relating to property damage).
2.2 Qualified Personnel
The products must only be assembled, installed, programmed, commissioned, maintained, and decommissioned by persons with proven skills. Persons with proven skills:
•Are qualified electrical engineers, or persons who have received training from qualified electrical engineers and are suitably experienced to operate devices, systems, plant, and machinery in accordance with the general standards and guidelines for safety technology.
•Are familiar with the basic regulations concerning health and safety/accident prevention.
•Have read and understood the safety guidelines given in this manual and also the instructions given in the operating guide of the drive.
•Have good knowledge of the generic and specialist standards applicable to the specific application.
2.3 Responsibilities of Users of Safety-related Power Drive Systems PDS(SR)
Users of safety-related Power Drive Systems (PDS(SR)) are responsible for:
•Hazard and risk analysis of the application.
•Identifying safety functions required and allocating SIL or PLr to each of the functions.
•Other subsystems and the validity of signals and commands from these subsystems.
•Designing appropriate safety-related control systems (hardware, software, parameterization, and so on).
2.4 Protective Measures
Qualified and skilled personnel must be available for installing and commissioning the safety engineering systems.
Procedure
1.Install the drive in an IP54 cabinet as per IEC 60529, or in an equivalent environment. In special applications, a higher IP rating may be necessary.
2.Ensure short-circuit protection of the cable between terminal 37 and the external safety device according to ISO 13849-2 table D.4.
3.Install additional measures (for example, a safety holding brake) if external forces influence the motor axis (for example suspended loads).
2.5Safety Precautions
See the Safety chapter in the relevant operating guides for general safety precautions.
Danfoss A/S © 2021.09 |
AQ313340186453en-000201 / 130R0544 | 7 |
Safe Torque Off
Operating Guide |
Safety |
|
|
W A R N I N G 
FALL PROTECTION REQUIRED
External forces acting on the motor, for example suspended loads, and unintended movements, for example caused by gravity, can cause hazards. Not taking any measures to protect against falling loads can lead to death or serious injury.
-Equip the motor with extra measures for fall protection, for example, install extra mechanical brakes.
W A R N I N G 
NO ELECTRICAL SAFETY
STO (that is, removal of 24 V DC voltage supply to terminal 37) does not provide electrical safety. The STO function itself is not sufficient to implement the Emergency-Off function as defined by EN 60204-1. Using the STO function to implement EmergencyOff may lead to personal injury.
-Emergency-Off requires measures of electrical isolation, for example, by switching off mains via an extra contactor.
W A R N I N G 
RISK OF ELECTRICAL SHOCK
The STO function does NOT isolate mains voltage to the drive or auxiliary circuits. Only perform work on electrical parts of the drive or the motor after isolating the mains voltage supply and waiting for the discharge time to elapse, as specified in the Safety chapter in the Operating Guide of the relevant drive. Failure to isolate the mains voltage supply from the unit and waiting the time specified could result in death or serious injury.
-Do not stop the drive by using the STO function. If a running drive is stopped by using the function, the unit trips and stops by coasting. If this limitation is not acceptable, for example because it causes danger, use the appropriate stopping mode to stop the drive and machinery before using the STO function. Depending on the application, a mechanical brake may be required.
-STO is suitable for performing mechanical work on the drive system or affected area of a machine only. It does not provide electrical safety. STO must not be used as a control for starting and/or stopping the drive.
W A R N I N G 
RESIDUAL ROTATION
The STO function can be used for asynchronous, synchronous, and permanent magnet motors. Two faults can occur in the power semiconductor of the drive. When using synchronous or permanent magnet motors, a residual rotation can result from the faults. The rotation can be calculated to angle = 360/(number of poles). The application using synchronous or permanent magnet motors must consider this residual rotation and ensure that it does not pose a safety risk. The situation is not relevant for asynchronous motors.
C A U T I O N 
After installing STO, perform a commissioning test. A passed commissioning test is mandatory after the 1st installation and after each change to the safety installation.
C A U T I O N 
AUTOMATIC RESTART
Automatic restart behavior is only allowed in 1 of the 2 situations:
-The unintended restart prevention is implemented by other parts of the STO installation.
-A presence in the dangerous zone can be physically excluded when STO is not activated. In particular, observe paragraph 6.3.3.2.5 of ISO 12100:2010.
8 | Danfoss A/S © 2021.09 |
AQ313340186453en-000201 / 130R0544 |
Loading...