HEIDENHAIN Functional Safet Technical Manual
Technical Manual
Functional Safety (FS)
NC Software
606 420-01 SP 05
606 421-01 SP 05
July 2011
Subject
1 Update Information
1.1 General Information............................................................................7
1 Update Information No. 01 –
Functional Safety
1.1 Overview..............................................................................................9
1.1.1 Released service packs ...........................................................9
1.2 NC Software 606 42x-01 SP 05 ........................................................10
1.2.1 Important notes.....................................................................10
1.3 New Safety Functions ......................................................................11
2Introduction
2.1 Meaning of the Symbols Used in this Manual...............................13
2.2 Warnings............................................................................................14
2.3 Proper Operation...............................................................................17
2.4 Trained Personnel .............................................................................17
2.5 General Information..........................................................................18
2.6 Overview of FS Components...........................................................23
2.6.1 List of approved control components....................................24
2.6.2 List of approved inverter components...................................27
2.6.3 Differences between systems with and without
functional safety (FS)...........................................................29
3 Directives and Standards
3.1 Applicable Directives ........................................................................31
3.2 Basis for Testing................................................................................32
3.3 Requirements on Safety Integrity...................................................35
3.4 SIL and Target Failure Measures.....................................................35
3.5 Storage and Operating Temperatures............................................35
3.6 Limit Values for EM Noise Immunity..............................................35
3.7 Mission Time .....................................................................................35
July 2011 3
4 Realization and Safety Functions
4.1 Glossary .............................................................................................37
4.2 Realization of the HEIDENHAIN Safety System.............................41
4.3 Activation of Functional Safety (FS) ...............................................41
4.4 (S)PLC Programs ...............................................................................42
4.5 SPLC ...................................................................................................43
4.6 SKERN................................................................................................45
4.7 Cross Comparison.............................................................................46
4.8 Description of the Safety/Monitoring Functions...........................47
4.8.1 Overview of the safety functions ..........................................47
4.8.2 Overview of monitoring functions .........................................49
4.8.3 Safe stop 0 (SS0)...................................................................50
4.8.4 Safe stop 1 (SS1) – Fastest possible stopping ......................51
4.8.5 Safe stop 1D (SS1D) – Delayed SS1......................................54
4.8.6 Safe stop 1F (SS1F) – Fastest possible stopping ..................54
4.8.7 Safe stop 2 (SS2) – Controlled stopping ................................55
4.8.8 Summary of the stop reactions .............................................58
4.8.9 Safe torque off (STO).............................................................60
4.8.10 Safe operating stop (SOS) .....................................................62
4.8.11 Safely limited speed (SLS).....................................................63
4.8.12 Safely limited position (SLP)..................................................64
4.8.13 Safe brake control (SBC)........................................................66
4.8.14 Safely limited increment (SLI)................................................67
4.8.15 Nominal-actual value comparison..........................................67
4.8.16 Nominal-actual value comparison of position values .............68
4.8.17 Nominal-actual value comparison of speed values................68
4.8.18 Protection against unexpected start-up.................................69
4.8.19 dv/dt monitoring of the braking processes............................69
4.8.20 Response times, definitions, demand rates ..........................70
4.8.21 Safe status bits......................................................................75
4.8.22 Fault reaction to safe status bits ...........................................78
4.8.23 Behavior when a fault is detected.........................................80
4.8.24 Stop reactions depending on the fault situations ..................82
4.9 Special Features of Software Version 606 42x-01 .........................88
4.10 Requirements the Application Must Meet .....................................92
4.11 Remaining Risks................................................................................94
5 Safety-Related MPs and Signals
5.1 Safety-Related Machine Parameters (SMPs)..................................95
5.2 SMP Commissioning ......................................................................112
5.3 Acceptance Test..............................................................................119
5.4 Safety-Related Hardware Signals..................................................120
5.5 Entries in the OEM.SYS File...........................................................124
4 HEIDENHAIN Technical Manual Functional Safety
6 Safety-Related Operating Modes and
Interfaces
6.1 Operating Modes (SOM Safe Operating Modes).........................125
6.1.1 Operating mode 1 (SOM_1) ................................................126
6.1.2 Operating mode 2 (SOM_2) ................................................127
6.1.3 Operating mode 3 (SOM_3) ................................................129
6.1.4 Operating mode 4 (SOM_4) ................................................131
6.1.5 Operating mode – restricted spindle operation (SOM_S)....133
6.1.6 Operating mode selection – inputs......................................134
6.1.7 Configuration of axis groups................................................136
6.1.8 Magazine axes.....................................................................138
6.1.9 Non-safe axes and spindles.................................................139
6.1.10 Electronic handwheel ..........................................................140
6.1.11 Use of several operating units.............................................142
6.2 Safety-Related Hardware Interfaces .............................................143
6.2.1 Interfaces of the SPL...........................................................143
6.2.2 Interfaces of the SMOP.......................................................152
6.2.2.1 Interfaces of the handwheel (HR)........................................155
7 Safety-Related Tests and Forced
Dynamic Sampling
7.1 Safety Self-Test...............................................................................157
7.2 Self-Test Sequence .........................................................................159
7.3 Test of the Cut-Out Channels ........................................................162
7.4 Test of Machine Control Voltage...................................................162
7.5 Test of the Chain of Normally Closed Contacts...........................163
7.6 Test of the Guard Doors.................................................................163
7.7 Test of the Motor Brake Control....................................................164
7.8 Motor Brake Test ............................................................................166
7.8.1 Brake test for synchronized axes ........................................168
7.9 Test of the Machine Configuration................................................175
7.10 Test of the Machine Keys and Permissive Buttons/Keys............175
7.11 Test of the Emergency-Stop Circuit..............................................175
July 2011 5
8 SPLC – Safety-Related PLC
8.1 General Information........................................................................177
8.2 Safe Software Structure.................................................................178
8.3 Software Structure of PLC / SPLC.................................................178
8.4 Glossary ...........................................................................................179
8.5 SPLC Development Tool.................................................................181
8.6 PLC and SPLC Programs.................................................................182
8.7 Safety of the SPLC Program ..........................................................183
8.8 Requirements to Be Met by the SPLC Program...........................184
8.8.1 Axis groups / working spaces for an example milling
machine.............................................................................184
8.8.2 Moving the axes with open guard doors .............................184
8.9 Interfaces of the SPLC ....................................................................185
8.9.1 The splcapimarker.def definition file....................................185
8.9.2 Safety-related inputs, FS inputs...........................................187
8.9.3 Safety-related outputs, FS outputs......................................188
8.9.4 SKERN --> SPLC programming interface ............................190
8.9.5 SPLC --> SKERN programming interface ............................193
8.9.6 PLC --> SPLC programming interface .................................194
8.9.7 SPLC --> PLC programming interface .................................195
8.9.8 Diagnosis of the SPLC operands.........................................195
8.10 Tasks of the SPLC Program............................................................196
8.10.1 Operation with open guard door..........................................196
8.10.2 Selecting a safety-related operating mode (SOM)...............197
8.10.3 Requirements to be met by SPLC outputs..........................197
8.10.4 Requirements on the data of the ApiToSafety structure.....200
8.10.5 Filtering of inputs.................................................................219
8.11 Sample Cases ..................................................................................221
8.11.1 Movement of NC axes and spindle .....................................221
8.11.2 Movement of the axes of the tool magazine.......................228
6 HEIDENHAIN Technical Manual Functional Safety
1 Update Information
1.1 General Information
Update Information for the Functional Safety Technical Manual appears at
irregular intervals, often as part of a new software version. This is preliminary
information in PDF format, containing brief descriptions of new software
functions as well as new hardware components. After the Update Information
has been published, the new items are included in the Functional Safety
Technical Manual.
The Technical Manual and each Update Information are saved in the
HEIDENHAIN FileBase on the Internet, where registered users can access
them at http://portal.heidenhain.de.
Registered users of the HEIDENHAIN FileBase on the Internet receive an
e-mail notification when a new Update Information appears.
This version of the Technical Manual includes all Update Information
notifications up to and including number 01, meaning that the contents of this
Functional Safety (FS) Technical Manual correspond to the scope of functions
of software version 606 42x-01 with Service Pack 05.
July 2011 1.1 General Information 7
8 HEIDENHAIN Functional Safety Technical Manual
1 Update Information No. 01 – Functional Safety
1.1 Overview
1.1.1 Released service packs
The following service packs were released for 606 42x-01:
Service pack 01: August 2010
Service pack 02: December 2010
Service pack 03: February 2011
Service pack 04: March 2011 (not for functional safety)
Service pack 05: May 2011 (full version)
July 2011 1.1 Overview 9
1.2 NC Software 606 42x-01 SP 05
Attention
1.2.1 Important notes
New test of the safe outputs:
Service pack 05 expands the safety selftest as regards the safe outputs. This
new safety test for safe PL outputs is necessary for certification of the
functional safety.
During the test all safe, dual-channel PL outputs are specifically switched off.
This state is checked to ensure that all dual-channel outputs assume this state
(= 0) and remain in it.
However, the PLD-H 04-08-00FS modules with ID 727 219-01 do not fulfill the
requirements of this test yet, and must therefore be modified. Other PL
modules already support this test.
If PLD modules with ID 727 219-01 are in the electrical cabinet when the new
test is performed, the test is aborted with the error message "E031 error
xxxxxxxx…".
Further procedure:
HEIDENHAIN started building the PLD-H 04-08-00FS modules with the
appropriate modification in April 2011, and changed the variant to 02
(ID 727 219-02).
Starting immediately, please ship all machines with HSCI and functional safety
only with the 02 variant of PLD-H 04-08-00FS PL modules. The modules must
also be exchanged for affected machines already in the field, so that the test
can be performed. Please get in touch with your contact partner at
HEIDENHAIN first, in order to coordinate the exchange action in the best
possible manner.
The test can be deactivated via SMP560 bit 12 = 1 until the PL modules have
been exchanged. The test must be reactivated once the modules have been
exchanged!
On machines with PLD-H 04-08-00FS (ID 727 219-02) PL modules, or
without PLD-H 04-08-00FS, the test must be activated with SMP560 bit
12 = 0.
10 HEIDENHAIN Functional Safety Technical Manual
1.3 New Safety Functions
dv/dt monitoring of
the spindle
dv/dt monitoring of the spindle during SS1 reaction
dv/dt monitoring of the spindle is being introduced as a new safety function in
service pack 05. The safety function monitors braking of the spindle during an
SS1 reaction.
After an SS1 reaction has been initiated, the SKERN monitors the spindle
speed to ensure that it continually decreases. Should the monitoring
determine that the speed remains constant or even increases, an SS0 reaction
is initiated for the spindle. SS1F is initiated for all other axes. This monitoring
can be deactivated with SMP560 bit 11 for commissioning purposes.
However, this monitoring is essential to the HEIDENHAIN safety strategy, and
must be reactivated after commissioning.
Input for SMP560 bit 11:
0: dv/dt monitoring of the spindle active
1: dv/dt monitoring of the spindle inactive
July 2011 1.3 New Safety Functions 11
12 HEIDENHAIN Functional Safety Technical Manual
2 Introduction
Danger
Attention
Note
2.1 Meaning of the Symbols Used in this Manual
Failure to comply with this information could result in most serious or fatal
injuries, and/or in substantial material damage.
Failure to comply with this information could result in injuries and
interruptions of operation, including material damage.
Tips and tricks for operation as well as important information, for example
about standards and regulations as well as for better understanding of the
document.
July 2011 2.1 Meaning of the Symbols Used in this Manual 13
2.2 Warnings
Danger
The functional safety as provided by HEIDENHAIN only handles the safety
functions stated and described in this manual. Functional safety can reduce
the inherent risks of machine tools. However, it is impossible to implement
safety measures that ensure that nothing will ever go wrong with a
machine tool.
In order for functional safety to take effect, the machine manufacturer
must:
verify the theoretical and actual setup of the machine tool, the necessary
(S)PLC programs and the machine-parameter settings with a thoroughly
documented acceptance test. This acceptance test must be performed
by qualified personnel.
thoroughly understand the information contained in this manual and
other documentation for the control and other electronic components
being used (such as inverters and motors), as well as understand and
enforce the safety instructions, constraints and relevant standards.
draw up a risk analysis, as required by the EC machinery directive.
implement all measures deemed necessary based on the risk analysis of
the machine. These measures may be implemented as a part of
functional safety, or with other suitable equipment or procedures. All
measures must be validated.
14 HEIDENHAIN Technical Manual Functional Safety
Danger
Many safety-related machine parameters (SMP) and the safety-related PLC
Attention
program (SPLC program) are important for ensuring the safety of the
machine when it is controlled by an iTNC 530 with integrated safety
strategy.
Changing these safety-related machine parameters or the SPLC program
can result in loss of the machine safety as specified in the applicable
standards!
Safety-related machine parameters are therefore protected by a special
OEM password that is only known to the machine manufacturer.
Changes to the safety-related machine parameters and the SPLC program
may only be performed by trained personnel of the OEM. He is responsible
for the safety of the machine and compliance with the applicable standards,
in particular with EN 12417.
The HEIDENHAIN safety strategy cannot detect erroneous
parameterization or programming by the OEM. The necessary level of
safety can only be achieved with thorough acceptance testing of the
machine.
When exchanging a power module or motor, the same type must be used,
since otherwise the settings of the machine parameters could lead to
different reactions by the safety functions. If an encoder is exchanged, the
affected axis must be recalibrated.
Hardware components of the machine tool may only be exchanged by
trained personnel.
Prior to the initial operation or shipping of a machine tool, the
machine manufacturer must conduct a complete acceptance test.
All of the machine's safety functions must be tested. Furthermore, the
input values of the safety-related machine parameters and the entire SPLC
program must be checked for correctness.
If the SPLC program is changed subsequently, the entire acceptance
test must be repeated.
If individual machine parameters are changed subsequently, a partial
acceptance test is required.
Upon subsequent changes the safety functions affected by the respective
change must be tested. The changes and the necessary acceptance tests
may only be performed by trained personnel of the OEM.
July 2011 2.2 Warnings 15
Attention
The machine tool is not in a safe state until after it has booted completely
and the safety self-test was passed successfully!
During start-up or the reset phase, the control is not in a safe state (e.g.
installation of a service pack). Axes and spindles are without torque
during this time!
When exchanging hardware components, also use the same model. If an
encoders is exchanged, then the motor affected must be referenced and
tested again.
Depending on the changes during an exchange or update of the
software, either a partial or complete acceptance test becomes
necessary. The following must be ensured before or during an exchange
or update of the software:
• All openings (e.g. doors) to the working space must be closed
• Emergency stop must be activated
• There must be no tools in the spindle
• Vertical axes must be protected against falling
• No persons are permitted in the danger zone
The control must be shut down correctly before the machine is switched
off via the main switch. Should this not be possible due to an error, an
emergency stop is to be initiated via the man switch before removing
power from the machine.
16 HEIDENHAIN Technical Manual Functional Safety
2.3 Proper Operation
The described components may only be installed and operated as described
in this manual. Commissioning, maintenance, inspection and operation are
only to be performed by trained personnel.
HEIDENHAIN contouring controls and their accessories are designed for
integration in milling, drilling and boring machines, and machining centers.
2.4 Trained Personnel
Trained personnel in the sense of this manual means persons who are familiar
with the installation, mounting, commissioning, and operation of the
HEIDENHAIN components. Furthermore, electrical engineering work on the
system may be carried out only by trained electrical engineering technicians or
persons trained specifically for the respective application.
Basically, persons who perform work on HEIDENHAIN components must
meet the following requirements:
They must have been trained or instructed in the standards of safety
They must have appropriate safety equipment (clothing, measuring
They should be skilled in first-aid practice.
engineering.
systems).
July 2011 2.4 Trained Personnel 17
2.5 General Information
Danger
Danger
Please note the following during initial operation of your new machines
with the new HSCI hardware generation of the iTNC 530:
With the introduction of this hardware, the new functional safety (FS) is
available for the first time, featuring the following properties:
Safety category 3 (Performance Level d) in accordance with EN ISO
SIL 2 as per DIN EN 61508
Operating modes as per EN 12417
Integrated SPLC for adaptation to the machine
The enhancements regarding functional safety to the NC software are
fundamental new developments by HEIDENHAIN. This means that the
necessary software tests have been performed only partially, and that the
complete system does not yet have sufficient functional tests. This means
that special care must be taken when working with the affected new
machines, since faulty operation of the integrated safety functions of the
software cannot be ruled out.
Please inform your colleagues and employees using these machines of
these possible dangers. No persons should be within the traverse range of
the axes.
13849-1:
December 2008
Only the iTNC 530 HSCI control with NC software 606 42x may currently
be used for applications with functional safety. Other controls (e.g. the
TNC 6xx NCK-based controls) and NC software versions do not yet
support the use of functional safety!
However, NC software 606 42x has not yet been generally approved for
applications that use the integrated functional safety (FS) of the control.
Separate approval by HEIDENHAIN is required for the use of integrated
functional safety (FS) according to EN ISO 13849-1!
Every machine tool operator is exposed to certain risks.
Although protective devices (safeguards) can prevent access to dangerous
points, the operator must also be able to work with the machine without this
protection (e.g. if the guard door is open).
Several guidelines and regulations to minimize these risks have been
developed in recent years.
18 HEIDENHAIN Technical Manual Functional Safety
Machinery Directive 2006/42/EC obligates you as a machine-tool
manufacturer to perform detailed risk assessments in order to prove operator
safety during the various operating phases of the machine. The combination
of hazard analysis and risk evaluation leads to the determination of how much
risks must be reduced by design measures or control methods in order to
achieve an appropriate level of safety.
In accordance with EN 12417, the electronic controls of universal machines,
milling machines, lathes and machining centers must fulfill the requirements
of EN 13849-1 category 3 (previously EN 954-1) for their safety-related parts.
In particular this means that the control must be designed such that an
individual fault does not lead to loss of the safety function, and that any
individual fault is detectable if this is possible in an acceptable manner.
According to EN ISO 12100-1/2 (Safety of Machinery), it is important for safe
operation of the machine that the safety measures permit simple and
continuous use of the machine and that they do not impair its correct and
intended operation. If this is not the case, then this can lead to the safety
measures being circumvented in order to attain the simplest possible
operation of the machine.
The HEIDENHAIN safety strategy integrated in the iTNC 530 HSCI complies
with Category 3 as per EN 13849-1 and SIL 2 as per IEC 61508, features
safety-related operating modes in accordance with EN 12417, and assures
extensive operator protection.
The basis of the HEIDENHAIN safety strategy is the dual-channel processor
structure, which consists of the main computer (MC) and one or more CC
drive controller modules (CC = control computing unit).
All monitoring mechanisms are designed redundantly in the control systems.
Safety-related system data is subject to a mutual cyclic data comparison, see
page 4–46.
Safety-related errors always lead to safe stopping of all drives through defined
stop reactions.
Defined safety reactions are triggered and safe operating statuses are
achieved via safety-related inputs and outputs (in two channels) which have an
influence on the process in all operating modes.
July 2011 2.5 General Information 19
Additional
Note
Note
Note
information
Documentation
This manual is a supplement to the Technical Manual of your control, and
describes the functions of the functional safety (FS) and the SPLC from
HEIDENHAIN. Therefore, please also refer to the following documentation:
• Technical Manual of your control
• "Inverter Systems and Motors" Technical Manual
• Online help of the PLCdesignNT development environment for (S)PLC
programming
Documentation for NC software 606 42x-01
For the documentation of the new iTNC 530 HSCI hardware generation,
please refer to the iTNC 530 HSCI Technical Manual.
Update Information No. 25 loses its validity as soon as the iTNC 530 HSCI
Technical Manual for NC software 606 42x becomes available.
You can download manuals, other documentation and PC software tools for
machine manufacturers from the HEIDENHAIN FileBase.
Specifics and constraints
The first software versions for functional safety of the iTNC 530 HSCI do not
include the full range of features necessary to provide functional safety for
all machine models. Please see page 4–88. Your contact person at
HEIDENHAIN will be glad to answer any questions concerning the iTNC 530
HSCI with functional safety.
Before planning a machine with functional safety, please inform yourself of
whether the current scope of functional safety features suffices for your
machine design.
In practice, and in the sense of this document, a HEIDENHAIN control system
for a machine tool consists of:
a HEIDENHAIN NC control with integrated safety and HSCI, an MC main
computer and CC controller units
peripheral units such as screen, keyboard, machine operating panel and
handwheel
the SPL or PL assemblies with their I/O modules for connecting safety and
standard inputs and outputs
synchronous and asynchronous feed and spindle motors
position and speed encoders
supply modules and inverters
20 HEIDENHAIN Technical Manual Functional Safety
A prerequisite for the functional safety of HEIDENHAIN controls is the
USB
HR xxx FS
MB 620 FS
TE 6xx
PL 62xx FS
MC 6xxx
HDL
HSCI
BF 2xx
Cabinet
Panel
PSL
Inverter
CC 6110
X79
(X112)
UVW
POWER MODULE
READY
RESET
UVW
Permissive Buttons,
Key Switches
Emergency Stop,
Door Contacts,
Relais
connection of the actual control components via the common HSCI
connection (HSCI = HEIDENHAIN Serial Controller Interface).
Figure 3.1: Possible setup of an HSCI system
July 2011 2.5 General Information 21
HEIDENHAIN control components for setting up a system with functional
safety:
Series Component of the control system
MC 6xxx MC main computer with HSCI interface for the
HEIDENHAIN NC control
CC 6xxx CC controller units with HSCI interface and
support for a variable number of control loops
PLB 6xxx FS Functional safety (FS) version of a bus module,
serves as carrier for several PLD-H xx-xx-xx (FS)
I/O modules. Designated SPL in this document.
PLD-H xx-xx-xx FS Functional safety (FS) version of an I/O module.
Designated SPLD in this document.
MB 6xx FS Functional safety (FS) version of a machine
operating panel. Designated SMOP in this
document.
TE 6xx Keyboard unit (ASCII keyboard, keys for
supporting the operator) without safety-relevant
tasks.
TE 6xx FS Functional safety (FS) version of a keyboard unit
with an integrated MB 6xx FS machine operating
panel. The MB is designated SMOP in this
document.
HR xxx FS Functional safety (FS) version of an HR
handwheel.
BF xxx Screen with HDL connection.
Position and speed
encoders
UM 1xxD, UVR 1x0D,
UV 130D, UR 2xxD,
UE 2xxD and UE 1xx
SIEMENSSIMODRIVE 611
HEIDENHAIN encoders with analog, EnDat 2.1
and EnDat 2.2 interface.
HEIDENHAIN power modules (UM), supply
modules (UV), regenerative supply modules
(UVR), inverter units (UE) and regenerative
inverters (UR).
The use of modules from Siemens'
SIMODRIVE 611 power module product family or
other non-HEIDENHAIN inverters has not been
approved for the integrated functional safety!
22 HEIDENHAIN Technical Manual Functional Safety
The HEIDENHAIN safety strategy enables you to implement the protection
Note
objectives defined in Directive 2006/42/EC easily and enjoy economic benefits
at the same time.
The following items may no longer be required:
Safety contactor combinations for emergency stop and guard door control
Time delay relays and auxiliary relays
Limit switches
Wiring effort
2.6 Overview of FS Components
One of the priorities of software release 606 42x-01 is the support of the new
digital real-time bus system HSCI (HEIDENHAIN Serial Controller Interface)
from HEIDENHAIN. HSCI combines the communication between axis system
and automation into one bus system between control components. Along
with simplifying the connection technology, HSCI is also the basis for safe,
dual-channel, digital communication, which is the technical prerequisite for
future integrated safety functions, referred to as "functional safety." The
official release of HSCI with integrated functional safety will be announced in
a separate Update Information once the FS system has been certified.
The following tables give an overview of the HSCI, FS and inverter
components of the iTNC 530 HSCI. The individual HEIDENHAIN components
are described in the iTNC 530 HSCI Technical Manual and the Inverters and
Motors Technical Manual.
In systems with functional safety, certain hardware components assume
safety-relevant tasks. Approval for these components must be granted for
each variant individually by HEIDENHAIN. In the following tables you will find
the basic ID number and variant for those hardware components that have
safety-relevant tasks.
The following lists, consisting of hardware components and their variants,
contain all hardware components that may be used in systems with
functional safety.
In HSCI systems with integrated functional safety (FS) you may use only
devices or variants that have been certified for use in such systems.
Please take the following lists into account when configuring your machine
and in case servicing is required. The right-most table column contains the
approved ID numbers of these components.
July 2011 2.6 Overview of FS Components 23
2.6.1 List of approved control components
Note
In systems with functional safety, certain hardware components assume
safety-relevant tasks. Approval for these components must be granted for
each variant individually by HEIDENHAIN. In the following tables you will find
the basic ID number and variant for those hardware components that have
safety-relevant tasks.
Systems with FS may consist of only those safety-relevant components for
which the variant is listed in the table below (e.g. xxx xxx-03).
Components indicated in this list with -xx do not assume any safety-relevant
task in the sense of functional safety (FS). You can use any variant of these
components.
Components indicated in this list with "Not yet approved for FS" are not
approved for use in systems with functional safety.
The list will be expanded or revised correspondingly when new components
are approved for use in systems with functional safety (FS). Should a
component you wish to use not be listed, please ask your contact person at
HEIDENHAIN if the component may be used.
Hardware component ID
MC 6241 Main computer 1.8 GHz with HDR, electrical cabinet version,
without Profibus
MC 6241 Main computer 1.8 GHz with HDR, electrical cabinet version,
with Profibus
MC 6222 Main computer with 15-inch TFT display, 1.8 GHz with SSDR,
operating-panel version, without Profibus
MC 6222 Main computer with 15-inch TFT display, 1.8 GHz with SSDR,
operating-panel version, with Profibus
MC 6341 Main computer with 15-inch TFT display, 2.2 GHz dual core with
HDR, electrical-cabinet version
MC 6341 Main computer with 15-inch TFT display, 2.2 GHz dual core with
HDR, electrical-cabinet version, with Profibus
HDR iTNC Hard disk for MC 6x41, 80 GB, NC software 606 420-01
HDR iTNC Hard disk for MC 6x41 (export version), 80 GB,
NC software 606 421-01
SSDR iTNC Solid State Disk for MC 6222, 32 GB,
NC software 606 420-01
SSDR iTNC Solid State Disk for MC 6222 (export version), 32 GB,
NC software 606 421-01
SIK iTNC SIK for MC 62xx, single-processor version, incl. SW option 2
SIK iTNC SIK for MC 62xx, single-processor version, incl. SW option 2
(export version)
SIK iTNC SIK for MC 63xx, single-processor version, incl. SW option 2
SIK iTNC SIK for MC 63xx, single-processor version, incl. SW option 2
(export version)
573 398-03
653 220-03
634 109-02
634 113-02
Not yet approved for FS
Not yet approved for FS
682 272-01
682 272-51
736 591-01
736 591-51
586 084-xx
586 084-xx
Not yet approved for FS
Not yet approved for FS
24 HEIDENHAIN Technical Manual Functional Safety
Hardware component ID
BF 250 15-inch TFT display with HDL connection
BF 260 19-inch TFT display with HDL connection
599 916-xx
617 978-xx
CC 6106 Controller unit for HSCI for max. 6 control loops
CC 6108 Controller unit for HSCI for max. 8 control loops
CC 6110 Controller unit for HSCI for max. 10 control loops
UEC 111 Controller unit with inverter and PLC, 4 control loops
UEC 112 Controller unit with inverter and PLC, 5 control loops
UEC 111 FS Controller unit with inverter and PLC, 4 control loops, functional
safety
UEC 112 FS Controller unit with inverter and PLC, 5 control loops, functional
safety
UMC 111 FS Controller unit with inverter and PLC for power supply via external
DC link, 4 control loops, functional safety
CMA-H 04-04-00 SPI expansion module for analog nominal-value outputs
PSL 130 Low-voltage power supply unit, 750 W, for +24 V NC and
+24 V PLC
PSL 135 Low-voltage power supply unit, 750 W, for +24 V NC, +24 V PLC
and +5 V NC
MS 110 Mounting case for multi-row configuration
MS 111 Mounting case for multi-row assembly, additional connection for
24 V supply to the fan
662 636-01
662 637-01
662 638-01
625 777-xx
625 779-xx
Not yet appro-
ved for FS
Not yet appro-
ved for FS
Not yet appro-
ved for FS
688 721-xx
575 047-xx
627 032-xx
658 132-xx
673 685-xx
TE 620 Keyboard unit without touchpad
TE 630 Keyboard unit with touchpad
TE 635Q FS TE with touchpad and integrated MB for HSCI connection,
functional safety
TE 645Q FS TE with touchpad and integrated MB for HSCI connection,
functional safety (19-inch)
MB 620 FS Machine operating panel for HSCI connection, functional safety
PLB 6001 FS HSCI adapter for OEM-specific machine operating panel,
functional safety
HR 410 FS Portable electronic handwheel with cable connection 337 159-11,
HR 520 FS Portable electronic handwheel with cable connection and display 670 304-01,
HR 550 FS Portable electronic handwheel with wireless transmission and
display
HRA 551 FS Handwheel adapter with integrated charger 731 928-01
July 2011 2.6 Overview of FS Components 25
625 806-xx
617 976-xx
662 255-01
685 394-01
660 090-01
Not yet appro-
ved for FS
578 114-03
670 305-01
598 515-02,
606 622-02
Hardware component ID
HRA 550 FS Handwheel adapter with integrated charger 633 108-02
PLB 6104 PLB for HSCI, 4 slots 591 828-xx
PLB 6106 PLB for HSCI, 6 slots 630 058-xx
PLB 6108 PLB for HSCI, 8 slots 630 059-xx
PLB 6204 PLB for HSCI, 4 slots, with system module 591 832-xx
PLB 6206 PLB for HSCI, 6 slots, with system module 630 054-xx
PLB 6208 PLB for HSCI, 8 slots, with system module 630 055-xx
PLB 6104 FS PLB for HSCI, 4 slots, functional safety 590 479-03
PLB 6106 FS PLB for HSCI, 6 slots, functional safety 804 755-01
PLB 6108 FS PLB for HSCI, 8 slots, functional safety 804 756-01
PLB 6204 FS PLB for HSCI, 4 slots, with system module, functional safety 586 789-03
PLB 6206 FS PLB for HSCI, 6 slots, with system module, functional safety 622 721-03
PLB 6208 FS PLB for HSCI, 8 slots, with system module, functional safety 620 927-03
PLD-H 16-08-00 PL for PLB 6xxx: 16 digital inputs, 8 digital outputs 594 243-xx
PLD-H 08-16-00 PL for PLB 6xxx: 8 digital inputs, 16 digital outputs 650 891-xx
PLD-H 08-04-00 FS PL for PLB 6xxx FS: 8 digital inputs, 4 digital outputs, functional
safety
PLD-H 04-08-00 FS PL for PLB 6xxx FS: 4 digital inputs, 8 digital outputs, functional
safety
PLA-H 08-04-04 PL for PLB 6xxx, eight ±10 V inputs, four ±10 V analog outputs,
four PT 100 inputs
598 905-01,
598 905-02
727 219-02
675 572-xx
If other low-voltage power supply units are used for +24 V NC and +24 V PLC,
the output voltages must fulfill the requirements for Protective Extra Low
Voltage (PELV) with double basic insulation according to EN 50 178, also see
the iTNC 530 HSCI Technical Manual, chapter 3.8.
26 HEIDENHAIN Technical Manual Functional Safety
2.6.2 List of approved inverter components
Danger
In HSCI systems with integrated functional safety (FS) you may use only
inverters or power supply modules that have been approved for use in such
systems.
Please take this into account when configuring your machine and in case
servicing is required. Suitable devices are listed below in the right column of
the table.
Components indicated in this list with "Not yet approved for FS" are not yet
approved for use in systems with functional safety.
The list will be expanded or revised correspondingly when new components
are approved for use in systems with functional safety (FS). Should a
component you wish to use not be listed, please ask your contact person at
HEIDENHAIN if the component may be used.
Below you will find an overview of the devices that—according to ISO
13849— are permitted for use in systems with FS:
Hardware component Device ID for systems
Inverter modules
UM 117DW Not yet approved for FS
UM 116D Not yet approved for FS
UM 116DW Not yet approved for FS
UM 115D 671566-01
UM 114D 671288-01
UM 113D 730435-01
UM 112D 731984-01
UM 122D 667633-01
UM 121BD 667942-01
UM 111BD 671968-01
UM 121D 667838-01
UM 111D 667945-01
Power supply modules
UVR 120D 728252-01
UV 130D Not yet approved for FS
UVR 130D 728248-01
UVR 140D 728253-01
UVR 150D 728255-01
UVR 160D 728257-01
UVR 160DW 728258-01
UVR 170DW Not yet approved for FS
with integrated FS
July 2011 2.6 Overview of FS Components 27
Hardware component Device ID for systems
with integrated FS
Non-regenerative compact inverters
UE 210D Not yet approved for FS
UE 211D Not yet approved for FS
UE 212D Not yet approved for FS
UE 230D Not yet approved for FS
UE 240D Not yet approved for FS
UE 241D Not yet approved for FS
UE 242D Not yet approved for FS
UE 110 Not yet approved for FS
UE 111 Not yet approved for FS
UE 112 Not yet approved for FS
Regenerative compact inverters
UR 242D Not yet approved for FS
UR 230D Not yet approved for FS
UR 240D Not yet approved for FS
28 HEIDENHAIN Technical Manual Functional Safety
2.6.3
Note
Differences between systems with and without functional safety (FS)
With the following HSCI control components, you must make a distinction
between those that are required in a system with functional safety and those
that can be used in a system without functional safety. Devices with FS are
listed below in the middle column:
Please refer to the lists of components approved for FS.
Device designation Device ID for systems
with integrated FS
Machine operating panels and keyboard units
In systems with FS you must use a machine operating panel for functional-
safety applications. In these operating panels, all keys have twin channels. A
movement can therefore be executed without additional permissive button/
key.
MB 620 (FS) 660 090-xx 617 973-xx
TE 635Q (FS) 662 255-xx 617 975-xx
TE 645Q(FS) 685 394-xx 682 104-xx
PLB basic modules
In FS systems, mixed use of PLB basic modules with and without FS is
possible. However, at least one PLB 62xx FS must be used in systems with
FS.
PLB 6104 (FS) 590 479-xx 591 828-xx
PLB 6106 (FS) 804 755-xx 630 058-xx
PLB 6108 (FS) 804 756-xx 630 059-xx
PLB 6204 (FS) 586 789-xx 591 832-xx
PLB 6206 (FS) 622 721-xx 630 054-xx
PLB 6208 (FS) 620 927-xx 630 055-xx
PLB 6001 (FS) Not yet available 668 792-xx
PLD-H I/O modules
In systems with FS, the mixed use of PLD-H modules with and without FS is
possible in PLB basic modules with FS. However, do not insert PLD-H modules
with FS in PLB basic modules without FS. Furthermore, the modules with FS
must always be inserted into the PLB with FS starting from the left.
PLD-H 16-08-00,
PLD-H 08-04-00FS
PLD-H 08-16-00,
PLD-H 04-08-00FS
Handwheels
In FS systems, handwheels with cross-circuit proof permissive buttons must be
used. Handwheels for which this has been implemented are identified with FS.
HR 410(FS) 337 159-xx,
HR 520 (FS) 670 304-xx,
598 905-xx 594 243
727 219-xx 650 891-xx
578 114-xx (with detent)
670 305-xx (with detent)
Device ID for systems
without integrated FS
296 469-xx,
535 220-xx (with detent)
670 302-xx,
670 303-xx (with detent)
July 2011 2.6 Overview of FS Components 29
30 HEIDENHAIN Technical Manual Functional Safety
Loading...