Siemens 277IWLAN-V200 User Manual
SIMATIC HMI
Fail-safe operation of the
Mobile Panel 277F IWLAN
Function Manual
The following supplement is part of this documentation:
|
|
|
|
|
|
|
|
|
|
No. |
|
Designation |
|
Drawing number |
|
Edition |
|
|
|
|
|
|
|
|
|
|
|
1 |
|
Product Information |
|
A5E01005059-01 |
|
09/2008 |
|
|
|
|
|
|
|
|
|
|
|
2 |
|
Product Information |
|
A5E01004934-02 |
|
10/2008 |
|
|
|
|
|
|
|
|
|
|
Version 1.04
Order No. 6AV6691-1FQ01-2AB0
08/2008
Preface
Overview and definition of |
|
|
1 |
||
terms |
||
Safety instructions, |
|
|
2 |
||
standards and notes |
||
|
|
|
Application Planning |
3 |
|
|
|
|
Configuration |
4 |
|
|
|
|
System commissioning |
5 |
|
|
|
|
Operation |
6 |
|
|
|
|
Diagnostics |
7 |
|
|
|
|
Maintenance |
8 |
|
|
|
|
Technical data |
9 |
|
Application example: Safety |
|
|
A |
||
Functions |
||
|
|
A5E01003779-01
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
with a safety alert symbol, indicates that minor personal injury can result if proper precautions are not taken.
CAUTION
without a safety alert symbol, indicates that property damage can result if proper precautions are not taken.
NOTICE
indicates that an unintended result or situation can occur if the corresponding information is not taken into account.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.
Qualified Personnel
The device/system may only be set up and used in conjunction with this documentation. Commissioning and operation of a device/system may only be performed by qualified personnel. Within the context of the safety notes in this documentation qualified persons are defined as persons who are authorized to commission, ground and label devices, systems and circuits in accordance with established safety practices and standards.
Prescribed Usage
Note the following:
WARNING
This device may only be used for the applications described in the catalog or the technical description and only in connection with devices or components from other manufacturers which have been approved or recommended by Siemens. Correct, reliable operation of the product requires proper transport, storage, positioning and assembly as well as careful operation and maintenance.
Trademarks
All names identified by ® are registered trademarks of the Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.
Siemens AG |
Order-No.: 6AV6691-1FQ01-2AB0 |
Copyright © Siemens AG 2008. |
Industry Sector |
08/2008 |
Technical data subject to change |
Postfach 48 48 |
|
|
90026 NÜRNBERG |
|
|
GERMANY |
|
|
Preface
Purpose of the function manual
This function manual provides all information required for operation of the Mobile Panel 277F IWLAN in fail-safe systems.
Readership of this function manual:
●Plant designers
●Project engineers
●Commissioning engineers
●Users
●Service technicians
●Maintenance technicians
Please pay particular attention to the "Safety instructions, standards and notes" chapter.
Basic knowledge required
General knowledge in the field of automation technology, safety technology, and process communication is a prerequisite for comprehension of this function manual.
It is also assumed that those using the manual have experience in using personal computers and knowledge of Microsoft operating systems.
Valid scope of the function manual
The function manual covers the Mobile Panel 277F IWLAN HMI device in combination with the software packages STEP 7 V5.4 SP2 or higher, S7 Distributed Safety V5.4 SP3 and WinCC flexible 2007 with HSP Mobile Panel 277 Wireless.
Position in the information landscape
This function manual is part of the SIMATIC HMI documentation. The section below provides an overview of the documentation which is relevant to applications with Mobile
Panel 277F IWLAN.
Additional documentation for Mobile Panel 277F IWLAN
●Operating instructions for Mobile Panel 277F IWLAN
●Mobile Panel IWLAN Getting Started
Fail-safe operation of the Mobile Panel 277F IWLAN |
3 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Preface
Documentation for fail-safe systems
●System description "Safety technology in SIMATIC S7"
–Provides general information on the use, structure, and mode of operation of the failsafe automation systems S7 Distributed Safety and S7 F/FH Systems
–Contains detailed technical information which can be represented for the fail-safe technology both in S7-300 and S7-400.
–Contains information about the calculation of monitoring and reaction times of the failsafe systems S7 Distributed Safety and of S7 F/FH Systems.
●"S7 Distributed Safety, Configuring and Programming" Manual / Online Help
Describes the configuration of the F-CPU and of the fail-safe I/O and the programming of the F-CPU in F-FBD or F-LAD
●"Automation System S7-400, CPU Data" Reference Manual
Describes the standard functions of CPU 416F-3 PN/DP, CPU 414-3 PN/DP and CPU 416-3 PN/DP
●"Automation System S7-300, CPU Data" Reference Manual
Describes the standard functions of CPU 315F-2 PN/DP, CPU 317F-2 PN/DP, CPU 315-2 PN/DP and CPU 317-2 PN/DP
User manuals
●WinCC flexible Compact/ Standard/ Advanced
Describes basic principles of configuration using the WinCC flexible Compact Engineering System/WinCC flexible Standard/WinCC flexible Advanced.
●WinCC flexible Runtime
Describes how to commission and operate your runtime project on a PC.
●Communication
–Communication Part 1 describes the connection of the HMI device to SIMATIC PLCs.
–Communication Part 2 describes the connection of the HMI device to third-party PLCs.
Getting started
●WinCC flexible for first time users
Based on an example project, this is a step-by-step introduction to the basics of configuring screens, alarms, recipes and screen navigation.
●WinCC flexible for power users
Based on an example project, this is a step-by-step introduction to the basics of configuring logs, project reports, scripts, user management, multilingual projects and integration in STEP 7.
●WinCC flexible options
Based on an example project, this is a step-by-step introduction to the basics of configuring the WinCC flexible Sm@rtServices, Sm@rtAccess and OPC server options.
4 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Preface
Online availability
The link below guides you to the multilingual technical documentation offered for the SIMATIC products and systems.
"http://www.automation.siemens.com/simatic/portal/html_76/techdoku.htm"
Screens
The HMI device is sometimes represented in the form of photographs in this function manual. The photographs of the HMI device may differ slightly from the factory state of the HMI device.
Conventions
Configuration and runtime software differ with regard to their names as follows:
●"WinCC flexible 2007" for example, refers to the configuration software.
The term "WinCC flexible" is used in a general context. The full name, for example "WinCC flexible 2007", is always used when it is necessary to differentiate between different versions of the configuration software.
●"WinCC flexible Runtime" refers to the runtime software that can run on HMI devices. The following text notation facilitates the reading of this function manual:
Notation |
Scope |
"Add screen" |
• Terminology that appears in the user interface, for example |
|
dialog names, tabs, buttons, menu commands |
|
• Inputs required, for example limit values, tag values |
|
• Path information |
|
|
"File > Edit" |
Operational sequences, for example menu commands, shortcut |
|
menu commands. |
<F1>, <Alt+P> |
Keyboard operation |
Please observe notes labeled as follows:
Note
Notes contain important information concerning the product, its use or a specific section of the documentation to which you should pay particular attention.
Trademarks
Names labeled with a ® symbol are registered trademarks of the Siemens AG. Other names used in this documentation may be trademarks, the use of which by third parties for their own purposes could violate the rights of the owner.
●HMI®
●SIMATIC®
●SIMATIC HMI®
●SIMATIC ProTool®
●SIMATIC WinCC®
Fail-safe operation of the Mobile Panel 277F IWLAN |
5 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Preface
Representatives and offices
If you have any further questions relating to the products described in this manual, please contact your local representative at the Siemens branch nearest you.
Your Siemens representative can be found at "http://www.automation.siemens.com/partner".
Training center
Siemens AG offers a variety of training courses to familiarize you with automation systems. Please contact your regional training center, or our central training center in 90327 Nuremberg, Germany, for details.
Internet: "http://www.sitrain.com"
Technical support
You can contact Technical Support as follows:
Using the support request form on the web at: "http://www.siemens.com/automation/support-request"
Further information about our technical support is available on the Internet at "http://www.siemens.com/automation/service".
Service & Support on the Internet
Service & Support provides additional comprehensive information on SIMATIC products through online services at "http://www.siemens.com/automation/support":
●The newsletter offers you the latest information about your products
●A large document base is available using our Service & Support search engine
●A forum for global exchange of information by users and experts
●Current product information, FAQs and downloads
●Your local Automation & Drives representative
●Information about on-site services, repairs, spare parts, and more
6 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Table of contents
|
Preface |
...................................................................................................................................................... |
3 |
1 |
Overview ..............................................................................................................and definition of terms |
11 |
|
|
1.1 .......................................................................................... |
Using the Mobile Panel 277F IWLAN |
11 |
|
1.2 ......................................................................................................................... |
Areas in the plant |
12 |
|
1.3 ...................................................................................................................... |
Switch - off behavior |
16 |
|
1.4 ......................................................................................................... |
Integration and segregation |
18 |
|
1.5 ..................................................................................... |
Log on and log off at the effective range |
19 |
|
1.6 ................................................................................................. |
Safety - oriented operator controls |
20 |
|
1.6.1 ................................................................................................................ |
Emergency stop button |
20 |
|
1.6.2 ............................................................................................................................ |
Enabling button |
22 |
|
1.7 ........................................................................................................................... |
"Override" mode |
24 |
2 |
Safety instructions, .................................................................................................standards and notes |
27 |
|
|
2.1 ........................................................................................................................ |
Safety instructions |
27 |
|
2.2 ....................................................................... |
Guidelines, standards, certificates and approvals |
30 |
|
2.3 ........................................................................................................................... |
Operating safety |
33 |
|
2.4 ................................................................................................................................ |
Power supply |
34 |
|
2.5 ....................................................................................................................... |
Notes about usage |
36 |
|
2.6 ................................................................................................................................ |
Risk analysis |
37 |
|
2.7 ............................................................................ |
Safety functions of the emergency stop button |
37 |
|
2.8 ........................................................................................ |
Safety functions of the enabling button |
39 |
3 |
Application ................................................................................................................................Planning |
41 |
|
|
3.1 ............................................................................................. |
Check list: Planning the application |
41 |
|
3.2 ............................................................................................. |
Application and ambient conditions |
42 |
|
3.3 ................................................................................................... |
Check list: Planning the system |
45 |
|
3.4 ............................................................................................................. |
Planning effective ranges |
46 |
|
3.5 .......................................................... |
For the "Override" mode: Planning the protective devices |
49 |
|
3.6 .............................................................................................................. |
Check list: Data security |
50 |
4 |
Configuration........................................................................................................................................... |
53 |
|
|
4.1 .............................................................................................................. |
Check list: Configuration |
53 |
|
4.2 .......................................................................................................... |
Procedure for configuration |
53 |
|
4.3 ..................................................................................................................... |
STEP 7: HW Config |
55 |
|
4.3.1 .............................................................................................. |
Integrating the GSD file in STEP 7 |
55 |
|
4.3.2 ............... |
Assigning parameters for communication between the HMI device and the controller |
55 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
7 |
||
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
|||
Table of contents
4.4 |
S7 Distributed Safety .................................................................................................................. |
58 |
4.4.1 |
Checklist: Creation of the safety program................................................................................... |
59 |
4.4.2 |
Using F-FBs................................................................................................................................ |
60 |
4.4.3 |
FB161: Mobile Panel Status (F_FB_MP).................................................................................... |
63 |
4.4.4FB162: Effective range for 4 Mobile Panel (F_FB_RNG_4) / FB 163 Effective range for 16
|
|
Mobile Panel (F_FB_RNG_16).................................................................................................... |
|
67 |
|
4.5 |
WinCC flexible............................................................................................................................. |
|
72 |
|
4.5.1 |
Configuration overview................................................................................................................ |
|
72 |
|
4.5.2 |
Effective ranges editor ................................................................................................................ |
|
73 |
|
4.5.3 |
Objects for the Mobile Panel 277F IWLAN................................................................................. |
|
73 |
5 |
System commissioning............................................................................................................................ |
|
77 |
|
|
5.1 |
Acceptance of the system........................................................................................................... |
|
77 |
|
5.2 |
Accepting effective ranges and transponders............................................................................. |
|
79 |
6 |
Operation................................................................................................................................................. |
|
83 |
|
|
6.1 |
Organizational measures............................................................................................................ |
|
83 |
|
6.2 |
Typical applications..................................................................................................................... |
|
84 |
|
6.2.1 |
Overview..................................................................................................................................... |
|
84 |
|
6.2.2 |
Switch on the HMI device............................................................................................................ |
|
85 |
|
6.2.3 |
Integrating and segregating the HMI device............................................................................... |
|
86 |
|
6.2.3.1 |
Integrating the HMI device (start project).................................................................................... |
|
86 |
|
6.2.3.2 |
Communication error for the integrated HMI device................................................................... |
|
87 |
|
6.2.3.3 |
Discrepancy error during enabling.............................................................................................. |
|
88 |
|
6.2.3.4 |
Segregate.................................................................................................................................... |
|
90 |
|
6.2.4 |
Log on and log off at the effective range..................................................................................... |
|
91 |
|
6.2.4.1 |
Detecting the effective range...................................................................................................... |
|
91 |
|
6.2.4.2 |
Log on at the effective range ...................................................................................................... |
|
92 |
|
6.2.4.3 |
Log off at the effective range ...................................................................................................... |
|
93 |
|
6.2.5 |
Behavior in the effective rage ..................................................................................................... |
|
94 |
|
6.2.5.1 |
Exiting the effective range without log off ................................................................................... |
|
94 |
|
6.2.6 |
"Override" mode.......................................................................................................................... |
|
95 |
|
6.2.6.1 |
Activating "override" mode.......................................................................................................... |
|
95 |
|
6.2.6.2 |
Terminating "override" mode....................................................................................................... |
|
96 |
|
6.2.7 |
Special operating conditions....................................................................................................... |
|
97 |
|
6.2.7.1 |
Internal error................................................................................................................................ |
|
97 |
|
6.2.7.2 Communication error with the HMI device logged on in the effective range |
.............................. 98 |
||
7 |
Diagnostics.............................................................................................................................................. |
|
99 |
|
|
7.1 |
Alarm messages ......................................................................................................................... |
|
99 |
|
7.2 |
Diagnostics................................................................................................................................ |
|
101 |
8 |
Maintenance.......................................................................................................................................... |
|
105 |
|
|
8.1 |
Function tests............................................................................................................................ |
|
105 |
|
8.2 |
Maintenance cycles................................................................................................................... |
|
105 |
|
8.3 |
Cleaning, repairs and spare parts............................................................................................. |
|
106 |
9 |
Technical data....................................................................................................................................... |
|
109 |
|
|
9.1 |
Technical data for fail-safe operation........................................................................................ |
|
109 |
|
9.2 |
HMI device................................................................................................................................ |
|
111 |
|
9.3 |
Charging station........................................................................................................................ |
|
112 |
8 |
|
|
Fail-safe operation of the Mobile Panel 277F IWLAN |
|
|
|
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
||
|
|
|
Table of contents |
A |
Application example: Safety Functions.................................................................................................. |
113 |
|
|
A.1 |
Configuration and operation....................................................................................................... |
113 |
|
A.2 |
Components and settings used ................................................................................................. |
116 |
|
A.3 |
Safety program S7 Distributed Safety ....................................................................................... |
121 |
|
Index |
...................................................................................................................................................... |
127 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
9 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Table of contents
10 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms |
1 |
1.1Using the Mobile Panel 277F IWLAN
Use
The Mobile Panel 277F IWLAN offers the possibility of having the mobile safety functions of emergency stop and enable available at any point of a machine or plant. An effective range limit has been implemented for the Mobile Panel 277F IWLAN. Depending on his location, the operator obtains a safe, electronically monitored operator control enable.
The HMI device communicates with an access point via WLAN. Thus the operator can operate the various machines or process cells without bothersome cable. The HMI device is connected via the access point with a PROFINET network in which it communicates with an F-CPU via the PROFIsafe protocol.
Sample installation - F-system with Mobile Panel 277F IWLAN
6,0$7,& 6 ) 31 '3 DV
352),1(7 ,2 FRQWUROOHU
6
352),1(7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6&$/$1&( |
|
|
|||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||
|
|
|
|
|
|
|
|
|
|
|
$FFHVV 3RLQW |
|
|
|||||||
|
(7 6 |
|
)DLO VDIH , 2 DV |
|
|
|
|
|
|
|
|
|
|
|||||||
|
|
|
352),1(7 ,2 GHYLFH |
|
|
|
|
|
|
|
|
|
|
|||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
0RELOH 3DQHO ) ,:/$1
In the depicted configuration, each PROFINET IO device communicates with a single PROFINET IO controller. In this example the Mobile Panel 277F IWLAN communicates exclusively with the F-CPU as F-PROFINET IO controller.
Basic terms
In the following chapters several basic terms are explained that you must learn before you use the HMI device.
Fail-safe operation of the Mobile Panel 277F IWLAN |
11 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.2 Areas in the plant
1.2Areas in the plant
WLAN area
The WLAN area is the area in the plant where the HMI device communicates with other communication nodes over a wireless local area network.
352),VDIH |
|
Access point is the network transition from WLAN to LAN
WLAN area in which communication with the access point is possible
Mobile panel in the WLAN area; the emergency stop button is active, the enabling buttons are without function.
When the PROFIsafe communication between the controller and operator panel is established in the WLAN area, the emergency stop button on the HMI device becomes active.
Safe operation of the plant with the enabling buttons only becomes possible when the HMI device is logged on in an effective range within the WLAN area.
Fail-safe operation of the Mobile Panel 277F IWLAN
12 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.2 Areas in the plant
Effective range
An effective range is the range in which sections of the plant, e.g. a machine can be operated with the enabling buttons of the HMI device. An effective range is formed physically with transponders that are mounted in the vicinity of the machine. Each transponder has a unique ID. The transponder emits this ID in a lobe-shaped area. The ID is received by the HMI device, which enables the HMI device to determine its distance from the transponder. Additional information about the transponders is provided in the chapter Planning effective ranges (Page 46) and in the operating instructions for the HMI device.
352),VDIH |
Effective range 1, formed by a transponder
Effective range 2, formed by two transponders
The mobile panel is located in effective range 3. The emergency stop button is active The enabling buttons are active after logon in the effective range.
When the HMI device detects that it is within an effective range the operator can log the HMI device on at the effective range. Safe operation of the plant unit delimited by the effective range is only possible after successful connection.
Effective ranges should not overlap.
All effective ranges available in the plant are stored in the project. The effective ranges are verified in the acceptance procedure for the plant.
Fail-safe operation of the Mobile Panel 277F IWLAN
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
13 |
Overview and definition of terms 1.2 Areas in the plant
Note
In addition to the effective ranges you can define zones in your project. The zones are not relevant for fail-safe operation. They are used merely to control the project depending on the location of the operator. For example a picture change can be configured for zone entry or zone exit.
Zones and effective range are independent of each other.
Additional information on zones is provided in the Operating instructions for the HMI device.
Distance measurement between HMI device and transponder
The transmitting range of the transponder and the receiving range of the HMI device have the approximate shape of a lobe with a range of approximately 8 m.
The detailed representation of the radiation characteristics of HMI device and transponder is provided in the appendix of the Operating instructions.
A distance measurement between HMI device and transponder is only possible if both devices are in range of each other. The following table shows when a distance measurement is successful.
14 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.2 Areas in the plant
In the figures the HMI device and transponder are represented as follows:
●The HMI device as circle
●The transponder as square
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
HMI device in the |
Yes |
Yes |
No |
||||||
transmitting range of |
|
|
|
|
|
|
|
|
|
the transponder |
|
|
|
|
|
|
|
|
|
Transponder in the |
Yes |
No |
Yes |
||||||
receiving range of the |
|
|
|
|
|
|
|
|
|
HMI device |
|
|
|
|
|
|
|
|
|
Result |
Successful distance |
Distance measurement |
Distance measurement |
||||||
|
measurement |
not possible |
not possible |
||||||
The distance measurement is executed in the following manner:
●The HMI device emits signals in the current project.
●The transponder reacts to the signal from the HMI device and transmits its ID to the HMI device.
●The HMI device evaluates the ID and only measures the distance to the configured transponders.
See also
Integration and segregation (Page 18)
Planning effective ranges (Page 46)
Fail-safe operation of the Mobile Panel 277F IWLAN |
15 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.3 Switch-off behavior
1.3Switch-off behavior
Introduction
Different switch-off behavior is possible depending on the situation in the plant:
●Emergency stop
●Shutdown
●Local rampdown.
●Global rampdown
Plant switch-off differs in its triggers and effects.
DANGER
No switch off triggering
In the plant the described switch-off behavior is only triggered if the F-CPU has been programmed accordingly.
Emergency stop
The operator triggers the emergency stop by pressing the emergency stop button.
Emergency stop is a procedure in response to an emergency that is intended to stop a process or movement that could result in danger (from EN 60204-1 Appendix D).
The emergency stop immediately stops all machines that are assigned to the F-CPU via the safety program.
The emergency stop depends on the effective ranges.
The emergency stop button is always active if there is PROFIsafe communication between HMI device and F-CPU, i.e. if the HMI device is integrated in the PROFIsafe communication.
Shutdown
Shutdown is triggered if the F-CPU detects a communication error on an HMI device which is logged on in the effective range.
Shutdown is the immediate stopping of the machines which belong to the effective range. The shutdown is always specific to the effective range.
Local rampdown.
Local rampdown is triggered if the HMI device is logged on at the effective range and if it is removed from the effective range for longer than 30 seconds.
Local rampdown is the defined shutdown of the machines belonging to the effective range within a defined time period.
Local rampdown is always specific to the effective range.
16 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.3 Switch-off behavior
Global rampdown
Global rampdown is triggered if the F-CPU detects a communication error on an HMI device which is integrated in the PROFIsafe communication.
Global rampdown is the defined shutdown of the machines assigned in the safety program within a defined time period.
Global rampdown is independent of the effective ranges.
In the safety program of the F-CPU, ensure that global rampdown is available in the event that a communication error occurs on an HMI device which is integrated in the PROFIsafe communication.
Trigger
The switch off can have the following triggers:
●The operator presses the emergency stop button.
●A communication error occurs.
●Timeout: The HMI device is logged on at the effective range and the operator leaves the effective range with his HMI device for longer than 30 seconds.
Triggering the switch off
The following table shows the effect of the different triggers depending on the operating situation:
Operating situation |
|
Trigger |
|
|
|
|
|
|
Emergency stop |
Communication |
Timeout |
|
|
|
pressed |
error |
|
HMI not integrated |
|
--- |
--- |
--- |
|
HMI |
HMI device logged on |
HMI device is in the |
Emergency stop |
Shutdown |
--- |
integrated |
at the effective range |
effective range |
|
|
|
|
|
HMI device is outside of the |
Emergency stop |
Shutdown |
--- |
|
|
effective range for less than |
|
|
|
|
|
30 seconds |
|
|
|
|
|
HMI device is outside of the |
Emergency stop |
Shutdown |
Local |
|
|
effective range for longer |
|
|
rampdown. |
|
|
than 30 seconds |
|
|
|
|
HMI device is logged off from the effective range |
Emergency stop |
Global |
--- |
|
|
|
|
|
rampdown |
|
Fail-safe operation of the Mobile Panel 277F IWLAN |
17 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.4 Integration and segregation
1.4Integration and segregation
Introduction
In fail-safe operation a safety program runs in the F-CPU. This safety program communicates with the HMI device. The F-CPU monitors this communication for errors and analyzes the signals. The terms "integrate" and "segregate" refer to the integration and segregation of the HMI device in/from the safety program of the F-CPU.
Integrate
If the HMI device is configured for the safety program then when the HMI device starts it is automatically integrated in the safety program. The integration process is concluded as soon as the LED"SAFE" is illuminated.
The emergency stop button is active as soon as the HMI device is integrated.
Segregation
Segregation means the desired segregation of the HMI device from the safety program. The operator has the following alternatives for segregating the HMI device:
●The operator terminates the project.
●The operator presses the ON/OFF button for longer than 4 seconds. After the segregation process the HMI device switches off.
When the operator segregates the HMI device there are no side effects, e.g. a global rampdown. When the segregation process is terminated the LED "SAFE" and the emergency stop button are no longer active.
See also
Safety functions of the emergency stop button (Page 37)
18 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.5 Log on and log off at the effective range
1.5Log on and log off at the effective range
Introduction
An effective range is the range within which plant units, e.g. a machine, can be operated with the enabling buttons of the HMI device. The prerequisite for this is that the operator must log the HMI device on at the effective range.
Logging on at the effective range
If the operator enters an effective range with the HMI device the system shows that he can log the HMI device on at the effective range via the "Effective range name" object.
To log on he touches the "Effective range name" object. Then he reads the effective range ID in the plant and enters this ID in the ""Effective range logon" dialog box.
If the entered effective range ID agrees with the configured ID then the HMI device is logged on.
When the HMI device is logged on the enabling buttons are active.
The system alerts the operator that the HMI device is logged on at the effective range in the following manner:
●The LED "RNG" is illuminated.
●The "Effective range name" object is displayed in green.
●In the process cell the indicator for the effective range is active, e.g. a lamp. When the HMI device is logged on at the effective range the following rules apply:
●The operator should not leave the effective range without logging off. Local rampdown occurs if the operator leaves the effective range for longer than 30 seconds without logging off.
●No other HMI device can log on at this effective range.
Log off at the effective range
Before the operator exits the effective range at which the HMI device is logged on, he must log off from the effective range. To log off he touches the "Effective range name" object and edits the dialog box ""Effective range logoff".
When the HMI device is logged off the enabling buttons are no longer active. The LED "RNG" is not illuminated.
See also
Log on and log off at the effective range (Page 91)
Fail-safe operation of the Mobile Panel 277F IWLAN |
19 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.6 Safety-oriented operator controls
1.6Safety-oriented operator controls
Introduction
The Mobile Panel 277F IWLAN has the following elements for safe operation of a process cell:
●Emergency stop button
●Enabling button
1.6.1Emergency stop button
Introduction
The emergency stop button is designed with 2-channels and enables an emergency stop of the configured system.
The emergency stop button satisfies the requirements specified in DIN IEC 60947-5-5;1997 Annex K.
For additional safety instructions please refer to the chapter, Safety instructions, standards and notes.
When using the emergency stop button the following F-FBs must be linked in the safety program of the F-CPU:
●F_FB_MP
●F_FB_RNG_n
Fall protection
Emergency stop button
20 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.6 Safety-oriented operator controls
Due to its position, the emergency stop button is equally accessible for both left-handed and right-handed individuals.
Due to its profiled design, the emergency stop button is easily accessible. A collared enclosure is used to protect the operator controls against damage. This applies in particular to the emergency stop button The emergency stop button may still trigger if the HMI device falls and hits the floor.
Operation
The operator triggers the emergency stop by pressing the emergency stop button. The emergency stop button engages in the emergency stop position.
Releasing the emergency stop button
WARNING
If you have activated the emergency stop button and thereby brought the configured system to a standstill, the emergency stop button should only be released under the following conditions:
•The reasons for the emergency stop have been eliminated.
•A safe restart is possible.
•The restart should not be executed by releasing the emergency stop button.
The operator must strictly ensure that he executes a separate operator action to commence the restart. The safety program must ensure that release of the emergency stop button alone does not trigger an automatic restart of the system.
In order to release the emergency stop button, turn it in a clockwise direction. The emergency stop button then returns on its own to the initial position.
See also
Safety functions of the emergency stop button (Page 37)
S7 Distributed Safety (Page 58)
Fail-safe operation of the Mobile Panel 277F IWLAN |
21 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.6 Safety-oriented operator controls
1.6.2Enabling button
Introduction
The enabling device consists of the two enabling buttons mounted on both sides of the Mobile Panel 277F IWLAN. The switch setting of the two enabling buttons is determined by electrical momentary contact switches.
Note
The HMI device analyzes the switch settings of the two enabling buttons in the form of an OR gate.
Enabling button
Operation
WARNING
Unintentional enabling
Press the enabling button only until the operation you wish to enable is completed.
Enabling is a conscious operator action. It is not permissible to continuously press the enabling button or to fix it in any way.
The following happens if you leave the effective range for a period of up to 30 seconds with the enabling button pressed: Enabling is revoked 5 seconds after leaving the effective range.
If you reenter the effective range within 30 seconds, you must release the enabling button and press it again for enabling to take effect again.
The enabling button has three switch settings:
●Neutral position: The enabling button is not pressed.
●Enable: The enabling button is pressed to a mid position. This switch setting is used to allow another command, for example an input with the membrane keyboard.
22 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.6 Safety-oriented operator controls
●Panic: The "Panic" switch setting is reached as soon as one of the two enabling buttons is fully pressed. The switch setting of the other enabling button is unimportant in this case. The "Panic" switch setting has the same effect as releasing the enabling button, namely, it revokes the enable.
You only have to activate one enabling button. The PLC gets the same signal regardless as to whether one or two enabling buttons of the Mobile Panel 277F IWLAN have been pressed.
Note
The enabling button and the membrane keyboard can be operated at the same time.
When using the enabling button the following F FBs must be linked in the safety program of the F CPU:
●F_FB_MP
●F_FB_RNG_n
Switch settings
The following figure shows the switching sequence for enable.
1HXWUDO SRVLWLRQ |
[ |
|
|
(QDEOH |
\ |
|
1HXWUDO SRVLWLRQ |
|
6ZLWFK VHWWLQJ |
|
|
|
|
|
|||
(% OHIW (% ULJKW |
|
|
[ |
|
|
|
|
|
|
|
|
|
|
|
|
||
(% OHIW (% ULJKW |
|
|
|
\ |
|
|
|
(% (QDEOLQJ EXWWRQ |
|
|
|
|
|
|
|
|
|
The following figure shows the switching sequence during panic usage.
1HXWUDO SRVLWLRQ |
[ |
|
(QDEOH |
X |
3DQLF |
\ |
1HXWUDO SRVLWLRQ |
||
6ZLWFK VHWWLQJ |
|
|
|
|
|
|
|||
(% OHIW (% ULJKW |
|
[ |
|
X |
|
|
|
|
|
|
|
|
|
|
|
|
|||
(% OHIW (% ULJKW |
|
|
|
|
\ |
|
(% (QDEOLQJ EXWWRQ |
|
|
|
|
|
|
|
|
|
|
|
|
If the operator has pressed the enabling button through to the "Panic" setting, the "Enable" setting will not be evaluated when leaving the panic setting. A new enable can only be triggered by releasing the enabling button.
See also
Safety functions of the enabling button (Page 39)
S7 Distributed Safety (Page 58)
Fail-safe operation of the Mobile Panel 277F IWLAN |
23 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.7 "Override" mode
1.7"Override" mode
Introduction
The effective range functionality of the HMI device can be extended through the "override" mode.
Applications
"Override" mode can be used in the following cases:
●Use of existing protective measures instead of the effective range functionality
If protective measures, such as protective fences are already available in your plant, then you can integrate them in your safety concept with the "override" mode. Thus you achieve a consistent concept for safe plant operation.
●If plant units, which do not allow themselves transponder coverage, (such as inside a robot cell), will be operated with the enabling buttons.
In this case you must secure the plant area with additional protective measures, such as a protective fence.
Requirements
Only use "override" mode in delimited plant units that are secured by additional protective measures.
Entering and leaving the protected area must be monitored by the F-CPU.
The operator must be able to fully see the area for which "override" mode applies. The danger location must be visible from every point of the override area.
When using the "override" mode you must install a switch within an effective range that is independent of the HMI device. The operator activates "override" mode with this switch.
WARNING
Inadmissible activation of the "override" mode
The operator has to activate "override" mode through a conscious operator action, e.g. by activating a switch. The "override" mode should not be automatically activated, e.g. when the safety area is entered.
The application program in conjunction with F-FB must ensure that the "override" mode is revoked when the area is left.
24 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Overview and definition of terms 1.7 "Override" mode
Sample configuration
352),VDIH
|
|
Protective fence
Switch for activating "override" mode
Transponder for logging on at the effective rangeFoot grating for access monitoring
HMI device
Machine that will be operated
Activation of the "override" mode
The operator activates "Override" mode in the following manner:
1.The operator enters the protected area through a light barrier or across a foot grating. The protective device is activated.
2.The operator logs on at the effective range in which the override switch is located.
3.The operator activates the override switch.
"Override" mode is now active until either the operator deactivates "Override" mode with the override switch or until he leaves the protected area.
Fail-safe operation of the Mobile Panel 277F IWLAN
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
25 |
Overview and definition of terms 1.7 "Override" mode
Operating principle
In the following figure you see the plant area for which "override" mode is active.
352),VDIH
If "override" mode is activated the operator can safely operate the associated plant area with the enabling buttons. The HMI device is considered to be permanently logged on in the effective range, without analyzing the transponder signals.
Deactivation of "override" mode
The operator deactivates "override" mode in the following manner:
1.The operator activates the override switch. "Override" mode is deactivated by the safety program.
2.The operator logs off from the effective range.
Subsequent logon at this effective range is only possible if the operator has terminated "override" mode with the override switch.
3.The operator leaves the protected area.
If the operator leaves the protected area without deactivating "override" mode, "override" mode is deactivated by the safety program.
See also
For the "Override" mode: Planning the protective devices (Page 49) Configuration and operation (Page 113)
26 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Safety instructions, standards and notes |
2 |
2.1Safety instructions
Safety regulations
WARNING
Injury or material damage
Strictly observe all instructions in this document at all times. Otherwise, hazardous situations can arise or the safety functions integrated in the HMI device can be rendered ineffective.
Observe the safety and accident prevention instructions applicable to your application in addition to the safety instructions given in this manual.
Configuration requirements
WARNING
Injury or material damage
The configuration engineer for a machine or system PLC must take precautions to ensure that an interrupted program can be restarted normally after communication errors, voltage dips, or power failures.
Dangerous operating modes must not occur, not even temporarily, from the entire sequence of the user program up to troubleshooting.
Proper use
WARNING
Commissioning of the HMI device is forbidden until it has been absolutely ensured that the machine which is to be operated with the HMI device complies with Directive 98/37/EC.
Fault-free operation
WARNING
Interference with other systems
When using the HMI device in accordance with DIN EN 13557 you must ensure that the HMI device does not interfere with other systems at the site, or that other systems do not interface with the HMI device.
Fail-safe operation of the Mobile Panel 277F IWLAN |
27 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Safety instructions, standards and notes 2.1 Safety instructions
Safety measures during operation
WARNING
Non-functional emergency stop button
The emergency stop button must be checked annually for proper function.
WARNING
HMI device failure
After a hard impact to the HMI device, check the safety-relevant features for functional capability, for example in the event that the HMI device is dropped.
WARNING
Danger of injury
Manual movements controlled with the HMI should only be executed in conjunction with the enabling buttons and at reduced velocity.
WARNING
Exclusive operating right
When operating the plant with the HMI device it is not permitted to operate the plant concurrently from a different HMI device.
Prevent concurrent operation through appropriate configuration.
High frequency radiation
WARNING
Unintentional operating situations
High-frequency radiation, for example from cellular phones, can lead to undesirable operating situations.
28 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Safety instructions, standards and notes 2.1 Safety instructions
Information for handling the battery:
CAUTION
Charging and discharging the battery
In the following cases, there is a risk of fire and, in extreme cases, explosion!
•Incorrect charging and discharging of the battery
•Reverse polarity
•Short-circuit
Only charge the bridging battery in the HMI device.
Only charge the main battery in the HMI device or in the charging compartment of the charging station.
CAUTION
The battery is a lithium ion battery. The following safety notes apply to these rechargeable batteries:
•Do not crush
•Do not expose to heat and do not burn
•Do not short-circuit
•Do not take apart
•Do not immerse in liquid – the battery might crack or burst
•Store unused batteries away from the following items, which can cause the contacts to be bridged
–Paper clips
–Coins
–Keys
–Nails
–Screws or other small metal objects
CAUTION Danger of injury
If used incorrectly, fluid can leak from the battery. Avoid contact with the battery fluid. If fluid comes into contact with the skin, rinse with water.
If fluid comes into contact with the eyes, rinse with water and seek medical advice.
Fail-safe operation of the Mobile Panel 277F IWLAN |
29 |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Safety instructions, standards and notes
2.2 Guidelines, standards, certificates and approvals
Instructions for battery replacement in Mobile Panel 277F IWLAN
CAUTION
Local rampdown of logged on HMI device
If the HMI device which is logged on at the effective range no longer recognizes the transponder and, therefore, the effective range, it triggers a local rampdown.
To change the battery, rest the HMI device on its front. Align the HMI device so that it is still possible to measure the distance between the HMI device and the transponder.
If possible, log the HMI device off from the effective range.
NOTICE
Pay attention to cleanliness. Foreign bodies or liquids must not come into contact with the printed circuit board or penetrate the inside of the HMI device.
Place the HMI device with the front side facing down on a flat, clean surface to protect against damage.
CAUTION
Malfunctions
If the HMI device is resting on its front, the following can be activated:
•The emergency stop button
This can bring the system to a standstill unintentionally.
•The key-operated switch or an illuminated pushbutton This can result in malfunctions.
Components and modules endangered by electrostatic discharge (ESD)
When working in the open housing, ensure that current-carrying conductors do not come into contact with electrical circuits.
Note the ESD instructions.
2.2Guidelines, standards, certificates and approvals
Certifications
CAUTION
The following overview shows possible approvals.
The only valid approvals for the HMI device, the charging station, the power supply module, and the transponder are those shown on the label on the rear panel.
30 |
Fail-safe operation of the Mobile Panel 277F IWLAN |
Function Manual, 08/2008, 6AV6691-1FQ01-2AB0 |
Loading...