Siemens 277IWLAN-V200 User Manual

SIMATIC HMI Fail-safe operation of the Mobile Panel 277F IWLAN

SIMATIC HMI

Fail-safe operation of the Mobile Panel 277F IWLAN

Function Manual

No. Designation Drawing number Edition

1 Product Information A5E01005059-01 09/2008

2 Product Information A5E01004934-02 10/2008

The following supplement is part of this documentation:

Preface

Overview and definition of terms

_____________

Safety instructions, standards and notes

_____________

Application Planning

_____________

Configuration

_____________

System commissioning

_____________

Operation

_____________

Diagnostics

_____________

Maintenance

_____________

Technical data

_____________

Application example: Safety Functions

_____________

Version 1.04 Order No. 6AV6691-1FQ01-2AB0

08/2008

A5E01003779-01

Legal information

Warning notice system

This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.

DANGER

indicates that death or severe personal injury will result if proper precautions are not taken.

WARNING

indicates that death or severe personal injury may result if proper precautions are not taken.

CAUTION

with a safety alert symbol, indicates that minor personal injury can result if proper precautions are not taken.

CAUTION without a safety alert symbol, indicates that property damage can result if proper precautions are not taken.

NOTICE indicates that an unintended result or situation can occur if the corresponding information is not taken into

account.

If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.

Qualified Personnel

The device/system may only be set up and used in conjunction with this documentation. Commissioning and operation of a device/system may only be performed by qualified personnel. Within the context of the safety notes in this documentation qualified persons are defined as persons who are authorized to commission, ground and label devices, systems and circuits in accordance with established safety practices and standards.

Prescribed Usage

Note the following:

WARNING

This device may only be used for the applications described in the catalog or the technical description and only in connection with devices or components from other manufacturers which have been approved or recommended by Siemens. Correct, reliable operation of the product requires proper transport, storage, positioning and assembly as well as careful operation and maintenance.

Trademarks

All names identified by ® are registered trademarks of the Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.

Disclaimer of Liability

We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.

Siemens AG

Industry Sector Postfach 48 48 90026 NÜRNBERG GERMANY

Order-No.: 6AV6691-1FQ01-2AB0 Ⓟ 08/2008

Preface

Purpose of the function manual

This function manual provides all information required for operation of the Mobile Panel 277F IWLAN in fail-safe systems.

Readership of this function manual:

● Plant designers

● Project engineers

● Commissioning engineers

● Users

● Service technicians

● Maintenance technicians Please pay particular attention to the "Safety instructions, standards and notes" chapter.

Basic knowledge required

General knowledge in the field of automation technology, safety technology, and process communication is a prerequisite for comprehension of this function manual.

It is also assumed that those using the manual have experience in using personal computers and knowledge of Microsoft operating systems.

Valid scope of the function manual

The function manual covers the Mobile Panel 277F IWLAN HMI device in combination with the software packages STEP 7 V5.4 SP2 or higher, S7 Distributed Safety V5.4 SP3 and WinCC flexible 2007 with HSP Mobile Panel 277 Wireless.

Position in the information landscape

This function manual is part of the SIMATIC HMI documentation. The section below provides an overview of the documentation which is relevant to applications with Mobile Panel 277F IWLAN.

Additional documentation for Mobile Panel 277F IWLAN

● Operating instructions for Mobile Panel 277F IWLAN

● Mobile Panel IWLAN Getting Started

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Preface

Documentation for fail-safe systems

● System description "Safety technology in SIMATIC S7" – Provides general information on the use, structure, and mode of operation of the fail-

safe automation systems S7 Distributed Safety and S7 F/FH Systems

– Contains detailed technical information which can be represented for the fail-safe

technology both in S7-300 and S7-400.

– Contains information about the calculation of monitoring and reaction times of the fail-

safe systems S7 Distributed Safety and of S7 F/FH Systems.

● "S7 Distributed Safety, Configuring and Programming" Manual / Online Help Describes the configuration of the F-CPU and of the fail-safe I/O and the programming of

the F-CPU in F-FBD or F-LAD

● "Automation System S7-400, CPU Data" Reference Manual Describes the standard functions of CPU 416F-3 PN/DP, CPU 414-3 PN/DP and

CPU 416-3 PN/DP

● "Automation System S7-300, CPU Data" Reference Manual Describes the standard functions of CPU 315F-2 PN/DP, CPU 317F-2 PN/DP,

CPU 315-2 PN/DP and CPU 317-2 PN/DP

User manuals

Getting started

● WinCC flexible Compact/ Standard/ Advanced Describes basic principles of configuration using the WinCC flexible Compact

Engineering System/WinCC flexible Standard/WinCC flexible Advanced.

● WinCC flexible Runtime Describes how to commission and operate your runtime project on a PC.

● Communication – Communication Part 1 describes the connection of the HMI device to SIMATIC PLCs. – Communication Part 2 describes the connection of the HMI device to third-party PLCs.

● WinCC flexible for first time users Based on an example project, this is a step-by-step introduction to the basics of

configuring screens, alarms, recipes and screen navigation.

● WinCC flexible for power users Based on an example project, this is a step-by-step introduction to the basics of

configuring logs, project reports, scripts, user management, multilingual projects and integration in STEP 7.

● WinCC flexible options Based on an example project, this is a step-by-step introduction to the basics of

configuring the WinCC flexible Sm@rtServices, Sm@rtAccess and OPC server options.

Fail-safe operation of the Mobile Panel 277F IWLAN

4 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Preface

Online availability

The link below guides you to the multilingual technical documentation offered for the SIMATIC products and systems.

http://www.automation.siemens.com/simatic/portal/html_76/techdoku.htm"

Screens

The HMI device is sometimes represented in the form of photographs in this function manual. The photographs of the HMI device may differ slightly from the factory state of the HMI device.

Conventions

Configuration and runtime software differ with regard to their names as follows:

● "WinCC flexible 2007" for example, refers to the configuration software.

The term "WinCC flexible" is used in a general context. The full name, for example "WinCC flexible 2007", is always used when it is necessary to differentiate between different versions of the configuration software.

● "WinCC flexible Runtime" refers to the runtime software that can run on HMI devices.

Trademarks

The following text notation facilitates the reading of this function manual:

Notation Scope "Add screen"

"File > Edit" Operational sequences, for example menu commands, shortcut

<F1>, <Alt+P> Keyboard operation

• Terminology that appears in the user interface, for example dialog names, tabs, buttons, menu commands

• Inputs required, for example limit values, tag values

• Path information

menu commands.

Please observe notes labeled as follows:

Note Notes contain important information concerning the product, its use or a specific section of

the documentation to which you should pay particular attention.

Names labeled with a ® symbol are registered trademarks of the Siemens AG. Other names used in this documentation may be trademarks, the use of which by third parties for their own purposes could violate the rights of the owner.

● HMI

● SIMATIC

● SIMATIC HMI

● SIMATIC ProTool

● SIMATIC WinCC

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Preface

Representatives and offices

If you have any further questions relating to the products described in this manual, please contact your local representative at the Siemens branch nearest you.

Your Siemens representative can be found at "http://www.automation.siemens.com/partner

Training center

Siemens AG offers a variety of training courses to familiarize you with automation systems. Please contact your regional training center, or our central training center in 90327 Nuremberg, Germany, for details.

Internet: "http://www.sitrain.com

Technical support

You can contact Technical Support as follows: Using the support request form on the web at:

"http://www.siemens.com/automation/support-request Further information about our technical support is available on the Internet at

"http://www.siemens.com/automation/service

Service & Support on the Internet

Service & Support provides additional comprehensive information on SIMATIC products through online services at "http://www.siemens.com/automation/support

● The newsletter offers you the latest information about your products

● A large document base is available using our Service & Support search engine

● A forum for global exchange of information by users and experts

● Current product information, FAQs and downloads

● Your local Automation & Drives representative

● Information about on-site services, repairs, spare parts, and more

Fail-safe operation of the Mobile Panel 277F IWLAN

6 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Table of contents

Preface ......................................................................................................................................................

1 Overview and definition of terms..............................................................................................................

1.1 Using the Mobile Panel 277F IWLAN ..........................................................................................

1.2 Areas in the plant .........................................................................................................................

1.3 Switch-off behavior ......................................................................................................................

1.4 Integration and segregation .........................................................................................................

1.5 Log on and log off at the effective range .....................................................................................

1.6 Safety-oriented operator controls.................................................................................................

1.6.1 Emergency stop button................................................................................................................

1.6.2 Enabling button ............................................................................................................................

1.7 "Override" mode...........................................................................................................................

2 Safety instructions, standards and notes .................................................................................................

2.1 Safety instructions........................................................................................................................

2.2 Guidelines, standards, certificates and approvals .......................................................................

2.3 Operating safety...........................................................................................................................

2.4 Power supply................................................................................................................................

2.5 Notes about usage.......................................................................................................................

2.6 Risk analysis ................................................................................................................................

3 11 11 12 16 18 19 20

20 22

24 27 27 30 33 34 36 37

2.7 Safety functions of the emergency stop button............................................................................

2.8 Safety functions of the enabling button........................................................................................

3 Application Planning ................................................................................................................................

3.1 Check list: Planning the application .............................................................................................

3.2 Application and ambient conditions .............................................................................................

3.3 Check list: Planning the system ...................................................................................................

3.4 Planning effective ranges.............................................................................................................

3.5 For the "Override" mode: Planning the protective devices ..........................................................

3.6 Check list: Data security ..............................................................................................................

4 Configuration ...........................................................................................................................................

4.1 Check list: Configuration ..............................................................................................................

4.2 Procedure for configuration..........................................................................................................

4.3 STEP 7: HW Config .....................................................................................................................

4.3.1 Integrating the GSD file in STEP 7 ..............................................................................................

4.3.2 Assigning parameters for communication between the HMI device and the controller...............

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

37 39 41 41 42 45 46 49 50 53 53 53 55

55 55

Table of contents

4.4 S7 Distributed Safety .................................................................................................................. 58

4.4.1 Checklist: Creation of the safety program...................................................................................

4.4.2 Using F-FBs ................................................................................................................................

4.4.3 FB161: Mobile Panel Status (F_FB_MP) ....................................................................................

59 60 63

4.4.4 FB162: Effective range for 4 Mobile Panel (F_FB_RNG_4) / FB 163 Effective range for 16

Mobile Panel (F_FB_RNG_16)....................................................................................................

4.5 WinCC flexible.............................................................................................................................

4.5.1 Configuration overview................................................................................................................

4.5.2 Effective ranges editor ................................................................................................................

4.5.3 Objects for the Mobile Panel 277F IWLAN .................................................................................

5 System commissioning............................................................................................................................

5.1 Acceptance of the system...........................................................................................................

5.2 Accepting effective ranges and transponders.............................................................................

6 Operation.................................................................................................................................................

6.1 Organizational measures ............................................................................................................

6.2 Typical applications.....................................................................................................................

6.2.1 Overview .....................................................................................................................................

6.2.2 Switch on the HMI device............................................................................................................

6.2.3 Integrating and segregating the HMI device ...............................................................................

6.2.3.1 Integrating the HMI device (start project)....................................................................................

6.2.3.2 Communication error for the integrated HMI device ...................................................................

6.2.3.3 Discrepancy error during enabling ..............................................................................................

6.2.3.4 Segregate....................................................................................................................................

6.2.4 Log on and log off at the effective range.....................................................................................

6.2.4.1 Detecting the effective range ......................................................................................................

6.2.4.2 Log on at the effective range ......................................................................................................

6.2.4.3 Log off at the effective range ......................................................................................................

6.2.5 Behavior in the effective rage .....................................................................................................

6.2.5.1 Exiting the effective range without log off ...................................................................................

6.2.6 "Override" mode..........................................................................................................................

6.2.6.1 Activating "override" mode..........................................................................................................

6.2.6.2 Terminating "override" mode.......................................................................................................

6.2.7 Special operating conditions .......................................................................................................

6.2.7.1 Internal error................................................................................................................................

6.2.7.2 Communication error with the HMI device logged on in the effective range ..............................

72 72 73 73

77 77 79 83 83 84

84 85 86 86 87 88 90 91 91 92 93 94 94 95 95 96 97 97 98

7 Diagnostics..............................................................................................................................................

7.1 Alarm messages .........................................................................................................................

7.2 Diagnostics................................................................................................................................

8 Maintenance..........................................................................................................................................

8.1 Function tests............................................................................................................................

8.2 Maintenance cycles...................................................................................................................

8.3 Cleaning, repairs and spare parts.............................................................................................

9 Technical data .......................................................................................................................................

9.1 Technical data for fail-safe operation........................................................................................

9.2 HMI device ................................................................................................................................

9.3 Charging station ........................................................................................................................

Fail-safe operation of the Mobile Panel 277F IWLAN

99 101 105 105 105 106 109 109 111 112

8 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Table of contents

A Application example: Safety Functions.................................................................................................. 113

A.1 Configuration and operation.......................................................................................................

A.2 Components and settings used .................................................................................................

A.3 Safety program S7 Distributed Safety .......................................................................................

Index......................................................................................................................................................

113 116 121 127

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Table of contents

Fail-safe operation of the Mobile Panel 277F IWLAN

10 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.1 Using the Mobile Panel 277F IWLAN

Use

The Mobile Panel 277F IWLAN offers the possibility of having the mobile safety functions of emergency stop and enable available at any point of a machine or plant. An effective range limit has been implemented for the Mobile Panel 277F IWLAN. Depending on his location, the operator obtains a safe, electronically monitored operator control enable.

The HMI device communicates with an access point via WLAN. Thus the operator can operate the various machines or process cells without bothersome cable. The HMI device is connected via the access point with a PROFINET network in which it communicates with an F-CPU via the PROFIsafe protocol.

Sample installation - F-system with Mobile Panel 277F IWLAN

6,0$7,&6)31'3DV

352),1(7,2FRQWUROOHU

6

Basic terms

352),1(7

6&$/$1&(

(76

In the depicted configuration, each PROFINET IO device communicates with a single PROFINET IO controller. In this example the Mobile Panel 277F IWLAN communicates exclusively with the F-CPU as F-PROFINET IO controller.

In the following chapters several basic terms are explained that you must learn before you use the HMI device.

)DLOVDIH,2DV

352),1(7,2GHYLFH

$FFHVV3RLQW

0RELOH3DQHO),:/$1

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.2 Areas in the plant

WLAN area

The WLAN area is the area in the plant where the HMI device communicates with other communication nodes over a wireless local area network.

352),VDIH







① Access point is the network transition from WLAN to LAN ② WLAN area in which communication with the access point is possible ③ Mobile panel in the WLAN area; the emergency stop button is active, the enabling buttons are

without function.

When the PROFIsafe communication between the controller and operator panel is established in the WLAN area, the emergency stop button on the HMI device becomes active.

Safe operation of the plant with the enabling buttons only becomes possible when the HMI device is logged on in an effective range within the WLAN area.

Fail-safe operation of the Mobile Panel 277F IWLAN

12 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.2 Areas in the plant

Effective range

An effective range is the range in which sections of the plant, e.g. a machine can be operated with the enabling buttons of the HMI device. An effective range is formed physically with transponders that are mounted in the vicinity of the machine. Each transponder has a unique ID. The transponder emits this ID in a lobe-shaped area. The ID is received by the HMI device, which enables the HMI device to determine its distance from the transponder. Additional information about the transponders is provided in the chapter ranges (Page

46) and in the operating instructions for the HMI device.

352),VDIH



Planning effective





① Effective range 1, formed by a transponder ② Effective range 2, formed by two transponders ③ The mobile panel is located in effective range 3. The emergency stop button is active The

enabling buttons are active after logon in the effective range.

When the HMI device detects that it is within an effective range the operator can log the HMI device on at the effective range. Safe operation of the plant unit delimited by the effective range is only possible after successful connection.

Effective ranges should not overlap. All effective ranges available in the plant are stored in the project. The effective ranges are

verified in the acceptance procedure for the plant.

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.2 Areas in the plant

Note In addition to the effective ranges you can define zones in your project. The zones are not

relevant for fail-safe operation. They are used merely to control the project depending on the location of the operator. For example a picture change can be configured for zone entry or zone exit.

Zones and effective range are independent of each other. Additional information on zones is provided in the Operating instructions for the HMI device.

Distance measurement between HMI device and transponder

The transmitting range of the transponder and the receiving range of the HMI device have the approximate shape of a lobe with a range of approximately 8 m.

The detailed representation of the radiation characteristics of HMI device and transponder is provided in the appendix of the Operating instructions.

A distance measurement between HMI device and transponder is only possible if both devices are in range of each other. The following table shows when a distance measurement is successful.

Fail-safe operation of the Mobile Panel 277F IWLAN

14 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.2 Areas in the plant

In the figures the HMI device and transponder are represented as follows:

● The HMI device as circle

● The transponder as square

See also

HMI device in the transmitting range of the transponder

Transponder in the receiving range of the HMI device

Result Successful distance

Yes Yes No

Yes No Yes

measurement

Distance measurement

not possible

Distance measurement

not possible

The distance measurement is executed in the following manner:

● The HMI device emits signals in the current project.

● The transponder reacts to the signal from the HMI device and transmits its ID to the HMI device.

● The HMI device evaluates the ID and only measures the distance to the configured transponders.

Integration and segregation (Page 18) Planning effective ranges (Page 46)

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.3 Switch-off behavior

Introduction

Different switch-off behavior is possible depending on the situation in the plant:

● Emergency stop

● Shutdown

● Local rampdown.

● Global rampdown

Emergency stop

Shutdown

Plant switch-off differs in its triggers and effects.

DANGER

No switch off triggering In the plant the described switch-off behavior is only triggered if the F-CPU has been

programmed accordingly.

The operator triggers the emergency stop by pressing the emergency stop button. Emergency stop is a procedure in response to an emergency that is intended to stop a

process or movement that could result in danger (from EN 60204-1 Appendix D). The emergency stop immediately stops all machines that are assigned to the F-CPU via the

safety program. The emergency stop depends on the effective ranges. The emergency stop button is always active if there is PROFIsafe communication between

HMI device and F-CPU, i.e. if the HMI device is integrated in the PROFIsafe communication.

Shutdown is triggered if the F-CPU detects a communication error on an HMI device which is logged on in the effective range.

Shutdown is the immediate stopping of the machines which belong to the effective range. The shutdown is always specific to the effective range.

Local rampdown.

Local rampdown is triggered if the HMI device is logged on at the effective range and if it is removed from the effective range for longer than 30 seconds.

Local rampdown is the defined shutdown of the machines belonging to the effective range within a defined time period.

Local rampdown is always specific to the effective range.

Fail-safe operation of the Mobile Panel 277F IWLAN

16 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.3 Switch-off behavior

Global rampdown

Global rampdown is triggered if the F-CPU detects a communication error on an HMI device which is integrated in the PROFIsafe communication.

Global rampdown is the defined shutdown of the machines assigned in the safety program within a defined time period.

Global rampdown is independent of the effective ranges. In the safety program of the F-CPU, ensure that global rampdown is available in the event

that a communication error occurs on an HMI device which is integrated in the PROFIsafe communication.

Trigger

The switch off can have the following triggers:

● The operator presses the emergency stop button.

● A communication error occurs.

● Timeout: The HMI device is logged on at the effective range and the operator leaves the effective range with his HMI device for longer than 30 seconds.

Triggering the switch off

The following table shows the effect of the different triggers depending on the operating situation:

Trigger Operating situation Emergency stop

pressed

HMI not integrated --- --- --HMI

integrated

HMI device logged on at the effective range

HMI device is logged off from the effective range Emergency stop Global

HMI device is in the effective range

HMI device is outside of the effective range for less than 30 seconds

HMI device is outside of the effective range for longer than 30 seconds

Emergency stop Shutdown ---

Emergency stop Shutdown Local

Communication error

rampdown

Timeout

rampdown.

---

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.4 Integration and segregation

Introduction

In fail-safe operation a safety program runs in the F-CPU. This safety program communicates with the HMI device. The F-CPU monitors this communication for errors and analyzes the signals. The terms "integrate" and "segregate" refer to the integration and segregation of the HMI device in/from the safety program of the F-CPU.

Integrate

If the HMI device is configured for the safety program then when the HMI device starts it is automatically integrated in the safety program. The integration process is concluded as soon as the LED"SAFE" is illuminated.

The emergency stop button is active as soon as the HMI device is integrated.

Segregation

Segregation means the desired segregation of the HMI device from the safety program.

See also

The operator has the following alternatives for segregating the HMI device:

● The operator terminates the project.

● The operator presses the ON/OFF button for longer than 4 seconds. After the segregation process the HMI device switches off.

When the operator segregates the HMI device there are no side effects, e.g. a global rampdown. When the segregation process is terminated the LED "SAFE" and the emergency stop button are no longer active.

Safety functions of the emergency stop button (Page 37)

Fail-safe operation of the Mobile Panel 277F IWLAN

18 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.5 Log on and log off at the effective range

Introduction

An effective range is the range within which plant units, e.g. a machine, can be operated with the enabling buttons of the HMI device. The prerequisite for this is that the operator must log the HMI device on at the effective range.

Logging on at the effective range

If the operator enters an effective range with the HMI device the system shows that he can log the HMI device on at the effective range via the "Effective range name" object.

To log on he touches the "Effective range name" object. Then he reads the effective range ID in the plant and enters this ID in the ""Effective range logon" dialog box.

If the entered effective range ID agrees with the configured ID then the HMI device is logged on.

When the HMI device is logged on the enabling buttons are active. The system alerts the operator that the HMI device is logged on at the effective range in the

following manner:

● The LED "RNG" is illuminated.

● The "Effective range name" object is displayed in green.

● In the process cell the indicator for the effective range is active, e.g. a lamp. When the HMI device is logged on at the effective range the following rules apply:

● The operator should not leave the effective range without logging off. Local rampdown

occurs if the operator leaves the effective range for longer than 30 seconds without logging off.

● No other HMI device can log on at this effective range.

Log off at the effective range

Before the operator exits the effective range at which the HMI device is logged on, he must log off from the effective range. To log off he touches the "Effective range name" object and edits the dialog box ""Effective range logoff".

When the HMI device is logged off the enabling buttons are no longer active. The LED "RNG" is not illuminated.

See also

Log on and log off at the effective range (Page 91)

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.6 Safety-oriented operator controls

Introduction

The Mobile Panel 277F IWLAN has the following elements for safe operation of a process cell:

● Emergency stop button

● Enabling button

1.6.1 Emergency stop button

Introduction

The emergency stop button is designed with 2-channels and enables an emergency stop of the configured system.

The emergency stop button satisfies the requirements specified in DIN IEC 60947-5-5;1997 Annex K.

For additional safety instructions please refer to the chapter, Safety instructions, standards and notes.

When using the emergency stop button the following F-FBs must be linked in the safety program of the F-CPU:

● F_FB_MP

● F_FB_RNG_n





① Fall protection ② Emergency stop button

Fail-safe operation of the Mobile Panel 277F IWLAN

20 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.6 Safety-oriented operator controls

Due to its position, the emergency stop button is equally accessible for both left-handed and right-handed individuals.

Due to its profiled design, the emergency stop button is easily accessible. A collared enclosure is used to protect the operator controls against damage. This applies in particular to the emergency stop button The emergency stop button may still trigger if the HMI device falls and hits the floor.

Operation

The operator triggers the emergency stop by pressing the emergency stop button. The emergency stop button engages in the emergency stop position.

Releasing the emergency stop button

See also

WARNING

If you have activated the emergency stop button and thereby brought the configured system to a standstill, the emergency stop button should only be released under the following conditions:

• The reasons for the emergency stop have been eliminated.

• A safe restart is possible.

• The restart should not be executed by releasing the emergency stop button.

The operator must strictly ensure that he executes a separate operator action to commence the restart. The safety program must ensure that release of the emergency stop button alone does not trigger an automatic restart of the system.

In order to release the emergency stop button, turn it in a clockwise direction. The emergency stop button then returns on its own to the initial position.

Safety functions of the emergency stop button (Page 37) S7 Distributed Safety (Page 58)

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.6 Safety-oriented operator controls

1.6.2 Enabling button

Introduction

The enabling device consists of the two enabling buttons mounted on both sides of the Mobile Panel 277F IWLAN. The switch setting of the two enabling buttons is determined by electrical momentary contact switches.

Operation

Note The HMI device analyzes the switch settings of the two enabling buttons in the form of an

OR gate.



① Enabling button

WARNING

Unintentional enabling Press the enabling button only until the operation you wish to enable is completed.

Enabling is a conscious operator action. It is not permissible to continuously press the enabling button or to fix it in any way.

The following happens if you leave the effective range for a period of up to 30 seconds with the enabling button pressed: Enabling is revoked 5 seconds after leaving the effective range. If you reenter the effective range within 30 seconds, you must release the enabling button and press it again for enabling to take effect again.

The enabling button has three switch settings:

● Neutral position: The enabling button is not pressed.

● Enable: The enabling button is pressed to a mid position. This switch setting is used to allow another command, for example an input with the membrane keyboard.

Fail-safe operation of the Mobile Panel 277F IWLAN

22 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.6 Safety-oriented operator controls

● Panic: The "Panic" switch setting is reached as soon as one of the two enabling buttons

is fully pressed. The switch setting of the other enabling button is unimportant in this case. The "Panic" switch setting has the same effect as releasing the enabling button, namely, it revokes the enable.

You only have to activate one enabling button. The PLC gets the same signal regardless as to whether one or two enabling buttons of the Mobile Panel 277F IWLAN have been pressed.

Switch settings

Note The enabling button and the membrane keyboard can be operated at the same time.

When using the enabling button the following F FBs must be linked in the safety program of the F CPU:

● F_FB_MP

● F_FB_RNG_n

The following figure shows the switching sequence for enable.

1HXWUDOSRVLWLRQ

6ZLWFKVHWWLQJ

(%OHIW(%ULJKW

[ \

  

[

(QDEOH

\

1HXWUDOSRVLWLRQ

(%(QDEOLQJEXWWRQ

The following figure shows the switching sequence during panic usage.

1HXWUDOSRVLWLRQ

6ZLWFKVHWWLQJ

(%OHIW(%ULJKW

[ X

  

If the operator has pressed the enabling button through to the "Panic" setting, the "Enable" setting will not be evaluated when leaving the panic setting. A new enable can only be triggered by releasing the enabling button.

See also

Safety functions of the enabling button (Page 39) S7 Distributed Safety (Page 58)

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

(QDEOH

[

X

\

3DQLF 1HXWUDOSRVLWLRQ

(%(QDEOLQJEXWWRQ

\

Overview and definition of terms

1.7 "Override" mode

Introduction

The effective range functionality of the HMI device can be extended through the "override" mode.

Applications

"Override" mode can be used in the following cases:

● Use of existing protective measures instead of the effective range functionality If protective measures, such as protective fences are already available in your plant, then

you can integrate them in your safety concept with the "override" mode. Thus you achieve a consistent concept for safe plant operation.

● If plant units, which do not allow themselves transponder coverage, (such as inside a robot cell), will be operated with the enabling buttons.

In this case you must secure the plant area with additional protective measures, such as a protective fence.

Requirements

Only use "override" mode in delimited plant units that are secured by additional protective measures.

Entering and leaving the protected area must be monitored by the F-CPU. The operator must be able to fully see the area for which "override" mode applies. The

danger location must be visible from every point of the override area. When using the "override" mode you must install a switch within an effective range that is

independent of the HMI device. The operator activates "override" mode with this switch.

WARNING

Inadmissible activation of the "override" mode The operator has to activate "override" mode through a conscious operator action, e.g. by

activating a switch. The "override" mode should not be automatically activated, e.g. when the safety area is entered.

The application program in conjunction with F-FB must ensure that the "override" mode is revoked when the area is left.

Fail-safe operation of the Mobile Panel 277F IWLAN

24 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.7 "Override" mode

Sample configuration

352),VDIH







① Protective fence ② Switch for activating "override" mode ③ Transponder for logging on at the effective range ④ Foot grating for access monitoring ⑤ HMI device ⑥ Machine that will be operated

Activation of the "override" mode

The operator activates "Override" mode in the following manner:

1. The operator enters the protected area through a light barrier or across a foot grating.

The protective device is activated.

2. The operator logs on at the effective range in which the override switch is located.

3. The operator activates the override switch. "Override" mode is now active until either the operator deactivates "Override" mode with the

override switch or until he leaves the protected area.

 

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Overview and definition of terms

1.7 "Override" mode

Operating principle

In the following figure you see the plant area for which "override" mode is active.

352),VDIH

If "override" mode is activated the operator can safely operate the associated plant area with the enabling buttons. The HMI device is considered to be permanently logged on in the effective range, without analyzing the transponder signals.

Deactivation of "override" mode

The operator deactivates "override" mode in the following manner:

1. The operator activates the override switch. "Override" mode is deactivated by the safety program.

2. The operator logs off from the effective range. Subsequent logon at this effective range is only possible if the operator has terminated

"override" mode with the override switch.

3. The operator leaves the protected area.

If the operator leaves the protected area without deactivating "override" mode, "override" mode is deactivated by the safety program.

See also

For the "Override" mode: Planning the protective devices (Page 49) Configuration and operation (Page 113)

Fail-safe operation of the Mobile Panel 277F IWLAN

26 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Safety instructions, standards and notes

2.1 Safety instructions

Safety regulations

Configuration requirements

WARNING

Injury or material damage Strictly observe all instructions in this document at all times. Otherwise, hazardous

situations can arise or the safety functions integrated in the HMI device can be rendered ineffective.

Observe the safety and accident prevention instructions applicable to your application in addition to the safety instructions given in this manual.

Injury or material damage The configuration engineer for a machine or system PLC must take precautions to ensure

that an interrupted program can be restarted normally after communication errors, voltage dips, or power failures.

Dangerous operating modes must not occur, not even temporarily, from the entire sequence of the user program up to troubleshooting.

Proper use

Commissioning of the HMI device is forbidden until it has been absolutely ensured that the machine which is to be operated with the HMI device complies with Directive 98/37/EC.

Fault-free operation

Interference with other systems When using the HMI device in accordance with DIN EN 13557 you must ensure that the

HMI device does not interfere with other systems at the site, or that other systems do not interface with the HMI device.

WARNING

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Safety instructions, standards and notes

2.1 Safety instructions

Safety measures during operation

WARNING

Non-functional emergency stop button The emergency stop button must be checked annually for proper function.

WARNING

HMI device failure After a hard impact to the HMI device, check the safety-relevant features for functional

capability, for example in the event that the HMI device is dropped.

WARNING

Danger of injury Manual movements controlled with the HMI should only be executed in conjunction with the

enabling buttons and at reduced velocity.

WARNING

Exclusive operating right When operating the plant with the HMI device it is not permitted to operate the plant

concurrently from a different HMI device. Prevent concurrent operation through appropriate configuration.

High frequency radiation

WARNING

Unintentional operating situations High-frequency radiation, for example from cellular phones, can lead to undesirable

operating situations.

Fail-safe operation of the Mobile Panel 277F IWLAN

28 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Safety instructions, standards and notes

2.1 Safety instructions

Information for handling the battery:

CAUTION

Charging and discharging the battery In the following cases, there is a risk of fire and, in extreme cases, explosion!

• Incorrect charging and discharging of the battery

• Reverse polarity

• Short-circuit

Only charge the bridging battery in the HMI device. Only charge the main battery in the HMI device or in the charging compartment of the

charging station.

CAUTION

The battery is a lithium ion battery. The following safety notes apply to these rechargeable batteries:

• Do not crush

• Do not expose to heat and do not burn

• Do not short-circuit

• Do not take apart

• Do not immerse in liquid – the battery might crack or burst

• Store unused batteries away from the following items, which can cause the contacts to

be bridged – Paper clips – Coins – Keys – Nails – Screws or other small metal objects

CAUTION

Danger of injury If used incorrectly, fluid can leak from the battery. Avoid contact with the battery fluid. If fluid

comes into contact with the skin, rinse with water. If fluid comes into contact with the eyes, rinse with water and seek medical advice.

Fail-safe operation of the Mobile Panel 277F IWLAN Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

Safety instructions, standards and notes

2.2 Guidelines, standards, certificates and approvals

Instructions for battery replacement in Mobile Panel 277F IWLAN

CAUTION Local rampdown of logged on HMI device

If the HMI device which is logged on at the effective range no longer recognizes the transponder and, therefore, the effective range, it triggers a local rampdown.

To change the battery, rest the HMI device on its front. Align the HMI device so that it is still possible to measure the distance between the HMI device and the transponder.

If possible, log the HMI device off from the effective range.

NOTICE

Pay attention to cleanliness. Foreign bodies or liquids must not come into contact with the printed circuit board or penetrate the inside of the HMI device.

Place the HMI device with the front side facing down on a flat, clean surface to protect against damage.

CAUTION Malfunctions

If the HMI device is resting on its front, the following can be activated:

• The emergency stop button This can bring the system to a standstill unintentionally.

• The key-operated switch or an illuminated pushbutton This can result in malfunctions.

Components and modules endangered by electrostatic discharge (ESD) When working in the open housing, ensure that current-carrying conductors do not come

into contact with electrical circuits. Note the ESD instructions.

2.2 Guidelines, standards, certificates and approvals

Certifications

Fail-safe operation of the Mobile Panel 277F IWLAN

30 Function Manual, 08/2008, 6AV6691-1FQ01-2AB0

CAUTION

The following overview shows possible approvals. The only valid approvals for the HMI device, the charging station, the power supply module,

and the transponder are those shown on the label on the rear panel.

+ 100 hidden pages

Siemens 277IWLAN-V200 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual