User Manual
Original Instructions
Safe Torque Off Option (Series B) for PowerFlex 40P and PowerFlex 70 Enhanced Control AC Drives
Catalog Number 20A-DG01
Top ic Pa ge
General Description 3
What Is the DriveGuard Safe Torque Off Option? 3
Certifications and Compliance 4
CE Certification 5
Certified Equipment 6
Important Safety Considerations 6
Safe State 7
Safety Category 3 / PL (d) Performance Definition 7
Stop Category Definitions 8
Performance Level and Safety Integrity Level (SIL) CL2 8
PFDavg and PFH Definitions 8
PFDavg and PFH Data 9
Functional Proof Tests 10
Contact Information if Safety Option Failure Occurs 10
Installation and Wiring 11
Pre-Installation Instructions 11
EMC Considerations 12
DriveGuard Safe Torque Off Option Installation 13
Wiring 16
Verify Operation 17
Description of Operation 19
PowerFlex 40P Safe Torque Off Operation 19
PowerFlex 70 Safe Torque Off Operation 20
Connection Examples 21
Summary of Changes
Summary of Changes
Change See Page…
Updated Certifications and Compliance 4
Regrouped Certifications and Compliance to be under the proper headings 4…5
Updated CE Certification LV Directive and Machinery Directive 5
Added last bullet under Important Safety Considerations 6
Updated IMPORTANT statement to include description of Stop Category 1 8
Changed PFD to PFDavg 8…10
Added introduction to Installation and Wiring chapter 11
Changed title of Example 2 and figure to describe Stop Category 1 22
Added paragraph to Fault Detection to further describe Safe Stop 1 22
2 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
General Description
IMPORTANT
General Description
The DriveGuard® Safe Torque Off option, when used with PowerFlex® 40P or
PowerFlex 70 drives together with other safety components, provides a safety
function which inhibits torque generation in the motor(s) powered by the drive. When
used with PowerFlex 40P or PowerFlex 70 drive, the DriveGuard Safe Torque Off option
has been certified to meet the requirements for SIL 2 according to EN/IEC 61800-5-2
and IEC 61508, and PL (d) and Category 3 according to EN ISO 13849-1. The DriveGuard
Safe Torque Off option is just one component in a safety control system. Components
in the system must be chosen and applied appropriately to achieve the desired level
of safeguarding.
What Is the DriveGuard Safe Torque Off Option?
The DriveGuard Safe Torque Off option:
• Provides the “Safe torque off (STO)” function defined in EN/IEC 61800-5-2.
• Blocks gate firing signals from reaching the IGBT output power devices of the
drive. This prevents the IGBT’s from switching in the sequence necessary to
generate torque in the connected motor.
• Can be used in combination with other safety devices to fulfill the requirements
of a system “safe torque off” function which satisfies Category 3 / PL (d)
according to EN ISO 13849-1 and SIL CL 2 according to EN/IEC 62061, IEC 61508,
and EN/IEC 61800-5-2.
This option is suitable for performing only mechanical work on the drive
system or affected area of a machine. It does NOT disconnect or isolate the
drive power output to the motor.
This option should not be used as a control for normal starting and/or
stopping the drive.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 3
General Description
Certifications and Compliance
TUV Rheinland EC Type Examination Certification
TUV Rheinland has certified the DriveGuard Safe Torque Off option, when used in a
PowerFlex 70 or PowerFlex 40P drive, is compliant with the requirements for
machines defined in Annex I of the EC Directive 2006/42/EC, and that it complies with
the requirements of the relevant standards listed below.
ATTENTION: Electrical Shock Hazard. Verify that all sources of AC and DC
power are de-energized and locked out or tagged out in accordance with the
requirements of ANSI/NFPA 70E, Part II.
ATTENTION: To avoid an electric shock hazard, verify that the voltage on the
bus capacitors has discharged before performing any work on the drive.
Measure the DC bus voltage at the +DC and -DC terminals or test points (refer
to your drive User Manual for locations). The voltage must be zero.
ATTENTION: In Safe Torque Off mode, hazardous voltages may still be present
at the motor. To avoid an electric shock hazard, disconnect power to the motor
and verify that the voltage is zero before performing any work on the motor.
ATTENTION: In the event of the failure of two output IGBT's in the drive, when
the DriveGuard Safe Torque Off option has controlled the drive outputs to the
off state, the drive may provide energy for up to 180° of rotation in a 2-pole
motor before torque production in the motor ceases.
• EN ISO 13849-1 Safety of machinery - Safety related parts of control systems Part 1: General principles for design
(DriveGuard Safe Torque Off option + drive achieves Category 3 / PL (d))
• EN/IEC 61800-5-2 Adjustable speed electrical power drive systems - Part 5-2
Safety requirements - Functional
(DriveGuard Safe Torque Off option + drive achieves SIL CL 2)
• EN/IEC 62061 Safety of machinery - Functional safety of safety-related electrical,
electronic and programmable electronic control systems
• IEC 61508 Part 1-7 Functional safety of electrical/electronic/programmable
electronic safety-related systems
TUV also certifies that the DriveGuard Safe Torque Off option may be used in
applications up to Category 3 / PL (d) according to EN ISO 13849-1 and SIL 2 according
to EN/IEC 62061 / IEC 61508 / EN/IEC 61800-5-2.
TUV Rheinland certifications may be found at rok.auto/certifications
4 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
.
General Description
UL Certification
The PowerFlex 40P, PowerFlex 70, and DriveGuard Safe Torque Off option have been
listed with UL as compliant with UL 508C.
Canadian Certification
The PowerFlex 40P, PowerFlex 70, and DriveGuard Safe Torque Off option have been
listed (cUL) as compliant with C22.2 No 14.
Australian C-tick Certification
Rockwell Automation declares the PowerFlex 40P (240V AC, 480V AC), PowerFlex 70
(240V AC, 400V AC, 480V AC), and DriveGuard Safe Torque Off option compliant with
the Australian Radiocommunications Act of 1992, the Radiocommunications
(Electromagnetic Compatibility) Standard of 2008, and the Radiocommunications
Labelling (Electromagnetic Compatibility) Notice of 2008 as demonstrated by
compliance with IEC 61800-3 Adjustable speed electrical power drive systems Part 3:
EMC requirements and specific test methods.
CE Certification
LV Directive 2006/95/EC
Rockwell Automation declares the PowerFlex 40P and PowerFlex 70 drives compliant
with the CE LV Directive as demonstrated by compliance with the requirements of
EN 61800-5-1 Adjustable speed electrical power drive systems - Part 5-1: Safety
requirements - Electrical, thermal, and energy. The DriveGuard Safe Torque Off Option
Kit is not within the scope of the Low Voltage Directive.
EMC Directive 2004/108/EC
Rockwell Automation declares the PowerFlex 40P (240V AC, 480V AC), PowerFlex 70
(240V AC, 400V AC, 480V AC), and DriveGuard Safe Torque Off option compliant with
the CE EMC Directive as demonstrated by compliance with the requirements of
EN 61800-3 Adjustable speed electrical power drive systems Part 3: EMC requirements
and specific test methods.
Machinery Directive 2006/42/EC
TUV Rheinland, Notified Body Identification Number 0035, certifies the DriveGuard
Safe Torque Off option compliant with the CE Machinery Directive as demonstrated by
compliance with the requirements of EN ISO 13849-1, EN/IEC 61800-5-2, and
EN/IEC 62061.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 5
General Description
IMPORTANT
Certified Equipment
Drive Rating (AC) TUV Certified
PowerFlex 40P 240V Yes Series B or greater
480V Yes Series B or greater
PowerFlex 70
Enhanced Control
ATTENTION: Hazard of injury exists due to electric shock. Only install a Series
B or greater DriveGuard Safe Torque Off option in a PowerFlex 40P Drive.
240V Yes Series A or greater
400V Yes Series A or greater
480V Yes Series A or greater
DriveGuard Safe Torque
Off Function
Certifications Online
See the Product Certifications link at rok.auto/certifications. for Declarations of
Conformity, Certificates, and other certifications details.
Important Safety Considerations
The system user is responsible for:
• The set-up, safety rating, and validation of any sensors or actuators connected to
the system.
• Completing a system-level risk assessment and reassessing the system any time
a change is made.
• Certification of the system to the desired safety performance level.
• Project management and proof testing.
• Programming the application software and the safety option configurations in
accordance with the information in this manual.
• Access control to the system, including password handling.
• Analyzing all configuration settings and choosing the proper setting to achieve
the required safety rating.
• In circumstances where external influences (for example falling or suspended
loads) are present, additional measures (for example mechanical brakes) can be
necessary to prevent any hazard.
When applying Functional Safety, restrict access to qualified, authorized
personnel who are trained and experienced.
ATTENTION: When designing your system, consider how personnel will exit the
machine if the door locks while they are in the machine. Additional
safeguarding devices may be required for your specific application.
6 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
General Description
Safe State
The DriveGuard Safe Torque Off option is intended for use in safety-related
applications where the de-energized state is the safe state. All of the examples in the
Description of Operation section are based on achieving the de-energization as the
safe state.
Safety Category 3 / PL (d) Performance Definition
To achieve Safety Category 3 / PL (d) according to EN ISO 13849-1, the safety-related
parts have to be designed such that:
• The safety-related parts of machine control systems and/or their protective
equipment, as well as their components, shall be designed, constructed, selected,
assembled, and combined in accordance with relevant standards so that they can
withstand expected conditions.
• Well tried safety principles shall be applied.
• A single fault in any of its parts does not lead to a loss of safety function.
• Some but not all faults will be detected.
• The accumulation of undetected faults can lead to loss of safety function.
• Short circuits in the external wiring of the safety inputs is not one of the faults
that can be detected by the system, therefore, according to EN ISO 13849-2, these
cables must be installed so as to be protected against external damage by cable
ducting or armor.
• Whenever reasonably practical a single fault shall be detected at or before the
next demand of the safety function.
• The average diagnostic coverage of the safety-related parts of the control
system shall be low.
• The mean time to dangerous failure of each of the redundant channels shall be
low to high.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 7
General Description
IMPORTANT
Stop Category Definitions
The selection of a stop category for each stop function must be determined by a risk
assessment.
• Stop Category 0 is achieved with immediate removal of power to the actuator,
resulting in an uncontrolled coast to stop. See “Description of Operation” Example
1 on page 21
• Stop Category 1 is achieved with power available to the machine actuators to
achieve the stop. Power is removed from the actuators when the stop is
achieved. See “Description of Operation” Example 2 on page 22
Performance Level and Safety Integrity Level (SIL) CL2
.
.
When designing the machine application, timing and distance should be
considered for a coast to stop:
• Stop Category 0 or Safe Torque Off
• Stop Category 1 or Safe Stop 1 - Time Controlled
For more information regarding stop categories, refer to EN/IEC 60204-1 or
IEC 61800-5-2.
For safety-related control systems, Performance Level (PL), according to
EN ISO 13849-1, and SIL levels, according to IEC 61508 and EN/IEC 62061, include a
rating of the system’s ability to perform its safety functions. All of the safety-related
components of the control system must be included in both a risk assessment and
the determination of the achieved levels.
Refer to the EN ISO 13849-1, IEC 61508, and EN/IEC 62061 standards for complete
information on requirements for PL and SIL determination.
PFDavg and PFH Definitions
Safety-related systems can be classified as operating in either a Low Demand mode,
or in a High Demand/Continuous mode.
• Low Demand mode: where the frequency of demands for operation made on a
safety-related system is no greater than one per year or no greater than twice
the proof-test frequency.
• High Demand/Continuous mode: where the frequency of demands for operation
made on a safety-related system is greater than once per year or greater than
twice the proof test interval.
8 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
General Description
The SIL value for a low demand safety-related system is directly related to
order-of-magnitude ranges of its average probability of failure to satisfactorily
perform its safety function on demand or, simply, average probability of failure on
demand (PFDavg). The SIL value for a High Demand/Continuous mode safety-related
system is directly related to the probability of a dangerous failure occurring per hour
(PFH).
PFDavg and PFH Data
These PFDavg and PFH calculations are based on the equations from Part 6 of
IEC 61508 and show worst-case values.
This table provides data for a 20-year proof test interval and demonstrates the
worst-case effect of various configuration changes on the data.
PowerFlex 40P PFDavg and PFH for 20-year Proof Test Interval
Attribute Test Result
PFDavg 1.74E-05
PFH 2.0E-10
SFF 81%
PowerFlex 70 PFDavg and PFH for 20-year Proof Test Interval
Attribute Test Result
PFDavg 3.4E-05
PFH 3.9E-10
SFF 81%
Terminology
Abbreviation Full Term Definition
PFDavg Probability of
PFH Probability of
SFF Safe Failure
Failure on
Demand
Failure per Hour
Fracti on
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 9
The average probability of a system to fail to perform
its design function on demand.
The probability of a system to have a dangerous failure
occur per hour.
The sum of safe failures plus the sum of dangerous
detected failures divided by the sum of all failures.
General Description
IMPORTANT
Functional Proof Tests
The functional safety standards require that functional proof tests be performed on
the equipment used in the system. Proof tests are performed at user-defined
intervals and are dependent upon PFDavg and PFH values.
Contact Information if Safety Option Failure Occurs
If you experience a failure with any safety-certified device, contact your local
Rockwell Automation distributor. With this contact, you can:
• Return the device to Rockwell Automation so the failure is appropriately logged
for the catalog number affected and a record is made of the failure.
• Request a failure analysis (if necessary) to determine the probable cause of the
failure.
Your specific application determines the time frame for the proof test
interval.
10 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Installation and Wiring
Installation and Wiring
Care should be taken to follow drive instructions for EMC and environmental
compliance. Refer to the following list of manuals for specific instructions:
• PowerFlex 70 Adjustable Frequency AC Drive User Manual, publication
20A-UM001
• PowerFlex 70 Adjustable Frequency AC Drive Installation Instructions,
publication 20A-IN009
• PowerFlex 40P User Manual, FRN 3, publication 22D-UM001
• PowerFlex 40P AC Drive Technical Data, publication 22D-TD001
Pre-Installation Instructions
Installation must be in accordance with the following steps and must be carried out
by competent personnel. The DriveGuard Safe Torque Off option is intended to be part
of the safety related control system of a machine. Before installation, a risk
assessment should be performed that compares the DriveGuard Safe Torque Off
option specifications and all foreseeable operational and environmental
characteristics of the machine to which it is to be fitted.
In no case should be DriveGuard Safe Torque Off option be used in a PowerFlex 40P or
PowerFlex 70 drive where the maximum surrounding air temperature, shock, or
vibration specifications of the drive are exceeded.
PowerFlex 70 Maximum Surrounding Air
PowerFlex 40P Maximum Surrounding Air
Both Drives Shock: 15 g peak for 11 ms duration (1.0 ms)
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 11
Temperature without derating:
IP20, NEMA/UL Type 1:
Flange Mount:
IP66, NEMA/UL Type 4X/12:
Temperature without derating:
IP20, Open Type:
IP30, NEMA 1, UL Type 1:
Flange and Plate Mount:
Vibration: 0.152 mm (0.006 in.) displacement, 1 g
0…50 °C (32…122 °F)
0…50 °C (32…122 °F)
0…40 °C (32…104 °F)
-10…50 °C (14…122 °F)
-10…40 °C (14…104 °F)
Heatsink: -10…40 °C (14…104 °F)
Drive: -10…50 °C (14…122 °F)
peak
Installation and Wiring
A safety analysis of the machine section controlled by the drive is required to
determine how often the safety function should be tested for proper operation during
the life of the machine.
ATTENTION: The following information is merely a guide for proper
installation. Rockwell Automation, Inc. cannot assume responsibility for the
compliance or the noncompliance to any code, national, local or otherwise for
the proper installation of this equipment. A hazard of personal injury and/or
equipment damage exists if codes are ignored during installation.
EMC Considerations
The DriveGuard Safe Torque Off option and PowerFlex 40P and PowerFlex 70 drives
may be installed in an industrial electromagnetic environment which is consistent
with the “Second Environment” described in IEC 61800-3 and where the EMC
requirements documented in the PowerFlex 40P and PowerFlex 70 Installation
manuals have been satisfied. Important installation requirements include:
• All motor output, control (I/O) and signal wiring for the drive and DriveGuard Safe
Torque Off option must be shielded cable.
• Grounding (earthing) must conform to the requirements described in the drive
user manuals.
12 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Installation and Wiring
DriveGuard Safe Torque Off Option Installation
PowerFlex 40P Drives
1. Remove all power to the drive.
ATTENTION: To avoid an electric shock hazard, verify that the voltage on the
bus capacitors has discharged before performing any work on the drive.
Measure the DC bus voltage at the +DC and -DC terminals or test points, the
voltage must be zero. Refer to the PowerFlex 40P User Manual, publication
22D-UM001
2. Remove the protective plug covering the PowerFlex 40P Safe Torque Off
Figure 1 - PowerFlex 40P Protective Plug
for additional information.
connector shown in Figure 1.
3. Remove the PowerFlex 40P Safe Torque Off connection jumper shown in
.
Figure 2
Figure 2 - PowerFlex 40P Safe Torque Off Connection Jumper Location
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 13
Installation and Wiring
IMPORTANT
4. Remove the PowerFlex 40P Hardware Enable jumper shown in Figure 3.
Figure 3 - PowerFlex 40P Hardware Enable Jumper Location
5. Plug the DriveGuard Safe Torque Off option (Series B or greater) into the
Figure 4 - PowerFlex 40P Safe Torque Off Connector
The PowerFlex 40P hardware enable jumper must be removed when using
the DriveGuard Safe Torque Off option. Failure to remove the jumper will
cause the drive to fault when a start command is issued.
PowerFlex 40P four pin Safe Torque Off connector as shown in Figure 4.
6. Tighten screw to 0.8…1.1 N•m (7…10 lb•in).
14 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
0.8…1.1 N•m
(7…10 lb•in)
Installation and Wiring
IMPORTANT
PowerFlex 70 Enhanced Control Drives
1. Remove the PowerFlex 70 Safe Torque Off Connection jumper as shown in
Figure 5.
Figure 5 - PowerFlex 70 Safe Torque Off Connection Jumper Location (Typical)
2. Remove the PowerFlex 70 Hardware Enable jumper as shown in Figure 6
Figure 6 - PowerFlex 70 Hardware Enable Jumper Location (Typical)
The PowerFlex 70 hardware enable jumper must be removed when using
the DriveGuard Safe Torque Off option. Failure to remove the jumper will
cause the drive to fault when a start command is issued.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 15
.
Installation and Wiring
0.8…1.1 N•m
(7…10 lb•in)
3. Plug the DriveGuard Safe Torque Off option (Series A or greater) into the
Figure 7 - PowerFlex 70 Safe Torque Off Connector
4. Tighten screw to 0.8…1.1 N•m (7…10 lb•in).
Wiring
PowerFlex 70 four-pin connector as shown in Figure 7.
Important points to remember about wiring:
• Always use copper wire.
• Wire with an insulation rating of 600V or greater is recommended.
• Control wires should be separated from power wires by at least 0.3 m (1 ft).
DriveGuard Safe Torque Off Option Terminal Block Specifications
Wire Size Range
Maximum Minimum Maximum Recommended
1.5 mm
(16 AWG)
(1) Maximum / minimum that the terminal block will accept - these are not recommendations.
(1)
2
0.14 mm
(26 AWG)
2
Tor que
0.25 N•m
(2.2 lb•in)
0.22 N•m
(1.9 lb•in)
Wire Types
Wire Type(s) Description
Unshielded Per US NEC or applicable national
Shielded Multi-conductor shielded cable
or local code
such as Belden 8770(or equiv.)
—300V,
2
(18AWG),
0.750 mm
3 conductor, shielded.
16 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Minimum Insulation
Rating
60 °C
(140 °F)
Installation and Wiring
1234
DriveGuard Safe Torque Off Option Terminal Description
No. Signal Description
1 Monitor - N.C. Normally closed contacts for monitoring
2Common - N.C.
3 +24V DC Connections for user supplied power to
4 24V Common
relay status.
Maximum Resistive Load:
250V AC / 30V DC / 50 VA / 60 Watts
Maximum Inductive Load:
250V AC / 30V DC / 25 VA / 30 Watts
energize coil.
33.3 mA typical, 55 mA maximum.
Verify Operation
Test the safety function for proper operation after the initial installation of the
DriveGuard Safe Torque Off option. Retest the safety function at the intervals
determined by the safety analysis described on page 11
Verify that both safety channels are functioning according to the PowerFlex 40P
Channel Operation and Verification or PowerFlex 70 Channel Operation and
Verifi cati on on page -18.
.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 17
Installation and Wiring
PowerFlex 40P Channel Operation and Verification
Safety Function
Status
Safety Channel Operation
Safe Torque Off
Option
Terminals 3 and 4
PowerFlex 40P
Enable Input
Description For Verification
Safe Torque Off
Option
Monitor Contact
Terminals 1 and 2
PowerFlex 40P
[Control In Status]
Parameter 13, Bit 2
PowerFlex 40P
Comms Status Word
8448, Bit 0
Safe Torque Off
(1)
Output
Relay N.O.
Dig Output States
(1) Must set A055 [Relay Out Sel], A058 or A061 [Opto Outx Sel] to option 25 “Safe-Off”.
Drive In
Safe State
No Power Applied Power Applied No Power Applied Power Applied
No Power Applied No Power Applied Power Applied Power Applied
Closed Open Closed Open
Value = 0 Value = 0 Value = 1 Value = 1
Value = 0 Value = 0 Value = 0 Value = 1
Closed Open Open Open
Drive In
Stopped State
Drive In
Stopped State
Drive Able
To R un
PowerFlex 70 Channel Operation and Verification
(1)
Safety Function
Status
Safety Channel Operation
Safe Torque Off
Option
Terminals 3 and 4
PowerFlex 70
Enable Input
Description For Verification
Safe Torque Off
Option
Monitor Contact
Terminals 1 and 2
PowerFlex 70
Drive Inhibits
Parameter 214, Bit 2
(1) A Start/Run command will cause an F111 “Enable Hardware” fault.
Drive In
Safe State
No Power Applied Power Applied No Power Applied Power Applied
No Power Applied No Power Applied Power Applied Power Applied
Closed Open Closed Open
Value = 1 Value = 1 Value = 0 Value = 0
Drive In
Stopped State
Drive In
Stopped State
18 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Drive Able
To R un
Description of Operation
IMPORTANT
+24V DC
PowerFlex 40P
AC Drive
Stop
Start
AC Line
Input Power
Common
Enable
M
Gate Control
From Microcontroller
Gate Control
Circuit
Safety
Channel
Safety
Channel
1
2
3
4
Safe Off Option
Description of Operation
PowerFlex 40P Safe Torque Off Operation
The DriveGuard Safe Torque Off option for PowerFlex 40P (see Figure 8) disables the
drive’s output IGBT’s by breaking the link with the drive microcontroller. When used in
combination with a second safety channel (the Enable input), the system satisfies the
requirements of EN ISO 13849-1, Category 3 / PL (d) for Safe Torque Off and helps
protect against restart.
Under normal drive operation, the Safe Torque Off relay is energized, the enable input
is energized, and the drive is able to run. If either inputs is de-energized, the gate
control circuit is disabled. To meet EN ISO 13849-1, Category 3 / PL (d) operation, both
safety channels must be de-energized. Refer to the following examples for details.
By itself, the Safe Torque Off option initiates a coast-to-stop action.
Additional protective measures will need to be applied when an application
requires a change to the stop action.
Figure 8 - PowerFlex 40P Drive Safe Torque Off Circuitry
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 19
Description of Operation
IMPORTANT
+24V DC
PowerFlex 70
AC Drive
Stop
Start
AC Line
Input Power
Common
Enable
M
Gate Control
Power Supply
Gate Control
Circuit
Safety
Channel
Safety
Channel
1
2
3
4
Safe Off Option
PowerFlex 70 Safe Torque Off Operation
The PowerFlex 70 DriveGuard Safe Torque Off option (see Figure 9) disables the drive’s
output IGBT’s by disconnecting the gate control power supply. When used in
combination with a second safety channel (the Enable input), the system satisfies the
requirements of EN ISO 13849-1, Category 3 / PL (d) for Safe Torque Off and helps
protect against restart.
Under normal drive operation, the Safe Torque Off relay is energized, the enable input
is energized, and gate control power is available to the gate control circuit. If either of
these inputs is de-energized, the gate control circuit is disabled. To meet EN ISO
13849-1, Category 3 / PL (d) operation, both safety channels must be de-energized.
Refer to the following examples for details.
Figure 9 - PowerFlex 70 Drive Safe Torque Off Circuitry
By itself, the Safe Torque Off option initiates a coast-to-stop action.
Additional protective measures will need to be applied when an application
requires a change to the stop action.
20 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Description of Operation
Stop
Start
A1
S21 S13 31 13 23 X1
A2
+24V DC
Common
+24V DC
S22 S14 32 14 24 X2
Minotaur
MSR9T
GuardMaster
Trojan
Gate
+24V DC
PowerFlex
AC Drive
Stop
Start
AC Line
Input Power
Common
Enable *
M
1
2
3
4
Safe Off Option
IMPORTANT
The drive Enable digital input is a solid
state circuit. The safety outputs on safety
module must not be configured for
Pulsed/Safety Pulse Test.
Connection Examples
Example 1 - Safe Torque Off Connection with Coast-to-Stop Action, Dual Channel
Figure 10 - Stop Category 0 – Coast
Circuit Status
Circuit shown with guard door closed and system ready for normal drive operation.
Operating Principle
This is a dual channel system with monitoring of the Safe Torque Off circuit and drive.
Opening the guard door will switch the input circuits (S13…S14 and S21…S22) to the
Minotaur™ monitoring safety relay unit. The output circuits (13…14 and 23…24) will
cause the Safe Torque Off option and drive Enable circuit to trip and the motor will
coast to stop. To restart the drive, the Minotaur safety relay must first be reset
followed by a valid start command to the drive.
Fault Detection
A single fault detected on the Minotaur safety input circuits will result in the lock-out
of the system at the next operation and will not cause loss of the safety function.
If the Safe Torque Off option sticks On, the motor will stop on command due to the
enable input. The system cannot be reset when this fault condition exists.
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 21
Description of Operation
IMPORTANT
The drive Enable digital input is a solid
state circuit. The safety outputs on safety
module must not be configured for
Pulsed/Safety Pulse Test.
Example 2 - Safe Torque Off Connection with Time Controlled Stop Action, Dual Channel
Figure 11 - Stop Category 1 - Time Controlled
GuardMaster
Trojan
Gate
+24V DC
A1 S21 S11 S52 S12
Minotaur
MSR138DP
A2 X1 X2
+24V DC
Common
S22
Y39 Y40
37 47 57
38 48 58X4
13 23
14 24
S33Y2S34
Stop
Y1X3
Circuit Status
Circuit shown with guard door closed and system ready for normal drive operation.
Operating Principle
This is a dual channel system with monitoring of the Safe Torque Off circuit and drive.
Opening the guard door will switch the input circuits (S11…S12 and S21…S22) to the
Minotaur monitoring safety relay unit. The output circuits (13…14) issue a Stop
command to the drive and cause a controlled deceleration. After the programmed
delay, the timed output circuits (47…48 and 57…58) will cause the Safe Torque Off
option and the drive Enable circuit to trip. If the motor is rotating when the trip
occurs, it will coast to stop. To restart the drive, the Minotaur safety relay must first
be reset followed by a valid start command to the drive.
Fault Detection
A single fault detected on the Minotaur safety input circuits will result in the lock-out
of the system at the next operation and will not cause loss of the safety function. If
the Safe Torque Off option sticks On, the motor will stop on command due to the
enable input. The system cannot be reset when this fault condition exists.
The function is considered Safe Stop 1 time controlled (SS1-t per IEC 61800-5-2;
4.2.3.3). The controlled deceleration can fail undetected. The safety function will only
guarantee a coast to stop after the programmed delay. This function cannot be used
if a failure to initiate a controlled deceleration can cause a hazard in the final
application.
22 Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020
Start
PowerFlex
AC Drive
+24V DC
Stop
Start
Safe Off Option
4
3
2
1
Common
Enable *
AC Line
Input Power
M
Notes:
Description of Operation
Rockwell Automation Publication PFLEX-UM003C-EN-P - October 2020 23
*PN-594220*
PN-594220
Rockwell Automation Support
Use these resources to access support information.
Technical Support Center
Knowledgebase Access Knowledgebase articles. rok.auto/knowledgebase
Local Technical Support
Phone Numbers
Literature Library
Product Compatibility and
Download Center (PCDC)
Find help with how-to videos, FAQs, chat, user forums,
and product notification updates.
Locate the telephone number for your country. rok.auto/phonesupport
Find installation instructions, manuals, brochures, and
technical data publications.
Download firmware, associated files (such as AOP, EDS,
and DTM), and access product
release notes.
rok.auto/support
rok.auto/literature
rok.auto/pcdc
Documentation Feedback
Your comments help us serve your documentation needs better. If you have any suggestions on how to
improve our content, complete the form at rok.auto/docfeedback
Waste Electrical and Electronic Equipment (WEEE)
At the end of life, this equipment should be collected separately from any unsorted municipal
waste.
.
Rockwell Automation maintains current product environmental compliance information on its website at rok.auto/pec. Your
comments help us serve your documentation needs better.
If you have any suggestions on how to improve our content, complete the form at rok.auto/docfeedback
For technical support, visit rok.auto/support
Rockwell Otomasyon Ticaret A.Ş. Kar Plaza İş Merkezi E Blok Kat:6 34752, İçerenköy, İstanbul, Tel: +90 (216) 5698400 EEE Yönetmeliğine Uygundur
Allen-Bradley, DriveGuard, expanding human possibility, Minotaur, PowerFlex, and Rockwell Automation are trademarks of Rockwell Automation, Inc.
Trademarks not belonging to Rockwell Automation are property of their respective companies.
Publication PFLEX-UM003C-EN-P - October 2020 | Supersedes Publication PFLEX-UM003B-EN-P - July 2012
Copyright © 2020 Rockwell Automation, Inc. All rights reserved. Printed in the U.S.A.
.
.
Loading...