Pilz Intern PMC SR6 User manual
Pilz
PMC SR6 safety module
Manual-1005344-en-US-01
Intern
Table of contents
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | ii
Table of contents
1 Foreword ..........................................................................................................................................................4
2 User information ..............................................................................................................................................5
2.1 Storage and transfer ..........................................................................................................................................5
2.2 Described product..............................................................................................................................................5
2.3 Timeliness..........................................................................................................................................................5
2.4 Original language...............................................................................................................................................5
2.5 Limitation of liability............................................................................................................................................5
2.6 Formatting conventions .....................................................................................................................................6
2.6.1 Use of symbols ..................................................................................................................................................6
2.6.2 Markup of text elements ....................................................................................................................................7
2.6.3 Mathematics and formulas.................................................................................................................................7
3 General safety instructions ............................................................................................................................8
3.1 Standards ..........................................................................................................................................................8
3.2 Qualified personnel............................................................................................................................................8
3.3 Intended use ......................................................................................................................................................9
3.4 Decommissioning ..............................................................................................................................................9
4 Safety module PMC SR6 ...............................................................................................................................10
5 System design and function.........................................................................................................................11
6 Technical data................................................................................................................................................13
6.1 Safety-related variables ...................................................................................................................................13
6.2 System times ...................................................................................................................................................14
6.3 Interface classification .....................................................................................................................................15
7 Connection .....................................................................................................................................................16
7.1 Connection compliant with EMC......................................................................................................................16
7.2 X12 terminal.....................................................................................................................................................16
7.3 Parallel connection ..........................................................................................................................................19
8 Commissioning..............................................................................................................................................20
8.1 Putting the safety module and drive controller into operation..........................................................................20
8.2 Activating STO.................................................................................................................................................21
8.3 Deactivating STO.............................................................................................................................................21
9 PMC SR6 and SS1 .........................................................................................................................................22
10 Diagnostics ....................................................................................................................................................23
10.1 Parameters ......................................................................................................................................................23
10.1.1 E53 | Required safety module | G6 | V3 ..........................................................................................................23
10.1.2 E54 | Information safety module | G6 | V0 .......................................................................................................23
10.1.3 E67 | STO active | G6 | V0...............................................................................................................................23
10.2 Events..............................................................................................................................................................24
10.2.1 Event 50: Safety module..................................................................................................................................24
Intern
Table of contents
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | iii
11 More on safety technology and PMC SR6?.................................................................................................25
11.1 SRP/CS: Processing a typical safety function .................................................................................................25
11.2 Monitoring the connection wiring .....................................................................................................................26
11.2.1 Monitoring by a safety relay.............................................................................................................................26
11.2.2 Fault exclusion for lines/connections in accordance with DINEN13849 ........................................................27
11.2.3 Monitoring by means of plausibility check of the signals ................................................................................27
11.2.3.1 STO function test .............................................................................................................................................28
11.3 Calculation of suitable protective measures – Examples ................................................................................30
11.3.1 STO – Creating schematic and block diagrams ..............................................................................................31
11.3.1.1 Generating a schematic diagram.....................................................................................................................31
11.3.1.2 Creating block diagrams ..................................................................................................................................32
11.3.2 SS1 – Creating schematic and block diagrams ...............................................................................................34
11.3.2.1 Generating a schematic diagram.....................................................................................................................34
11.3.2.2 Creating block diagrams ..................................................................................................................................35
11.3.3 Determining the safety figures .........................................................................................................................37
11.3.3.1 Subsystem SB1 ...............................................................................................................................................37
11.3.3.2 Subsystem SB2 ...............................................................................................................................................38
11.3.3.3 Subsystem SB3 ...............................................................................................................................................39
11.3.3.4 Wiring the subsystems.....................................................................................................................................39
11.3.3.5 Safety figures for the entire system .................................................................................................................39
11.4 PMC SR6 in accordance with interface classification (ZVEI) ..........................................................................40
12 Appendix ........................................................................................................................................................42
12.1 Detailed information.........................................................................................................................................42
12.2 Formula symbols .............................................................................................................................................44
12.3 Abbreviations ...................................................................................................................................................45
Glossary .........................................................................................................................................................46
List of figures .................................................................................................................................................48
List of tables...................................................................................................................................................49
Intern
Foreword
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 4
1 Foreword
The PMC SR6 safety module adds the Safe Torque Off (STO) safety function (described as standard
in DIN EN 61800-5-2) to Pilz drive controllers of the PMC SC6 or PMC SI6 series.
STO prevents an electrical rotating magnetic field, needed for the operation of synchronous or
asynchronous motors, from being generated in a drive controller. Additional safety functions can be
built upon the STO function with the suitable external wiring, such as Safe Stop 1 (SS1-t).
Different interfaces are available for activating STO in a drive controller, including the terminal-based
PMC SR6 safety module.
PMC SR6 is a fast and wear-free fully electronic solution. In addition, the safety module is designed
so that regular system tests that interrupt operation are eliminated.
In practical terms, this means increased availability of machines and systems. The often complex
planning and documentation of function tests are also eliminated.
Drive controllers with an integrated safety module can be used in systems with high safety
requirements up to SIL 3, PL e, category 4. Compliance with standard requirements is ensured by an
external testing institute as part of type testing.
Intern
User information
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 5
2 User information
This documentation provides all information on the intended use of the drive controller in combination
with the PMC SR6 safety module.
2.1 Storage and transfer
As this documentation contains important information for handling the product safely and efficiently, it
must be stored in the immediate vicinity of the product until product disposal and be accessible to
qualified personnel at all times.
Also pass on this documentation if the product is transferred or sold to a third party.
2.2 Described product
This documentation is binding for:
Drive controllers of the PMC SC6 or PMC SI6 series in combination with the PMC SR6 safety module
and DriveControlSuite (DS6) software in V 6.4-E or later and associated firmware in V 6.4-E or later.
2.3 Timeliness
Check whether this document is the most up-to-date version of the documentation. We make the
latest document versions for our products available for download on our website:
https://www.pilz.com/en-INT.
2.4 Original language
The original language of this documentation is German; all other language versions are derived from
the original language.
2.5 Limitation of liability
This documentation was created taking into account the applicable standards and regulations as well
as the current state of technology.
No warranty or liability claims for damage shall result from failure to comply with the documentation or
from use that deviates from the intended use of the product. This is especially true for damage
caused by individual technical modifications to the product or the project configuration and operation
of the product by unqualified personnel.
Intern
User information
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 6
2.6 Formatting conventions
Orientation guides in the form of signal words, symbols and special text markups are used to
emphasize specific information so that you are able identify it in this documentation quickly.
2.6.1 Use of symbols
Safety instructions are identified with the following symbols. They indicate special risks when handling
the product and are accompanied by relevant signal words that express the extent of the risk.
Furthermore, useful tips and recommendations for efficient, error-free operation are specially
highlighted.
ATTENTION!
Notice indicates that damage to property may occur
▪ if the stated precautionary measures are not taken.
CAUTION!
Caution with a warning triangle indicates that minor personal injury may occur
▪ if the stated precautionary measures are not taken.
WARNING!
Warning with a warning triangle means there may be a considerable risk of fatal
injury
▪ if the stated precautionary measures are not taken.
DANGER!
Danger with a warning triangle indicates that there is a considerable risk of fatal
injury
▪ if the stated precautionary measures are not taken.
Information
Information indicates important information about the product or serves to
emphasize a section in the documentation that deserves special attention from the
reader.
Intern
User information
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 7
2.6.2 Markup of text elements
Certain elements of the continuous text are distinguished as follows.
Important information Words or expressions with a special meaning
Interpolated position mode Optional: File or product name or other name
Detailed information Internal cross-reference
http://www.samplelink.com External cross-reference
Interpretation of parameter identification
Parameter identification consists of the following elements, where short forms are also possible,
i.e. only specifying a coordinate or the combination of coordinate and name.
E50 V0
Coordinate Name Version
Drive controller G6
Drive controller
generation/series
2.6.3 Mathematics and formulas
The following signs are used to represent mathematical relationships and formulas.
- Subtraction
+ Addition
× Multiplication
÷ Division
| | Amount
Intern
General safety instructions
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 8
3 General safety instructions
There are risks associated with the product described in this documentation that can be prevented by
complying with the described warning and safety instructions as well as the included technical rules
and regulations.
3.1 Standards
The following standards are relevant to the product specified in this documentation:
}DIN EN ISO 13849-1:2016
}DIN EN ISO 13849-2:2013
}DIN EN 61800-5-2:2017-11
}DIN EN 61508-x:2011
}DIN EN 60204-1:2007
}DIN EN 62061:2016
Subsequent references to the standards do not specify the respective year in order to improve
readability.
3.2 Qualified personnel
In order to be able to perform the tasks described in this documentation, the persons instructed to
perform them must have the appropriate professional qualification and be able to assess the risks and
residual hazards when handling the products. For this reason, all work on the products as well as
their operation and disposal may be performed only by professionally qualified personnel.
Qualified personal are persons who have acquired authorization to perform these tasks either through
training to become a specialist and/or instruction by specialists.
Furthermore, valid regulations, legal requirements, applicable basic rules, this documentation and the
safety instructions included in it must be carefully read, understood and observed.
Intern
General safety instructions
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 9
3.3 Intended use
The PMC SR6 safety module can be combined with Pilz drive controllers of the PMC SC6 or PMC
SI6 series. The module must be wired compliant for EMC.
If a drive controller with the integrated PMC SR6 safety module is used in a safety-related application,
the safety module must be activated by a safety relay or a safety controller.
DANGER!
Electrical voltage! Risk of fatal injury due to electric shock!
An active STO safety function only means that generation of the rotating magnetic
field at the motor has been interrupted. The motor may still be energized with
dangerous high voltages.
▪ Make sure that persons cannot come into contact with conductive parts.
▪If the supply voltage must be switched off, observe the requirements of
DIN EN 60204-1.
Improper use
The safety module may not be operated outside of the drive controller or operated not in compliance
with the applicable technical specifications.
Information
An emergency off in accordance with DINEN60204-1 is not possible with the
PMC SR6 safety module!
Observe this standard regarding the difference between emergency off and
emergency stop in conjunction with Safe Torque Off.
Modification
As the user, you may not make any technical or electrical modifications to the PMC SR6 safety
module.
Maintenance
The safety module does not require maintenance.
Take appropriate measures to detect or prevent possible errors in the connecting wiring (see the
chapter Monitoring the connection wiring).
Product life span
A drive controller with integrated safety module must be taken out of operation 20 years after the
production date. The production date of the drive controller is found on the accompanying nameplate.
3.4 Decommissioning
In safety-oriented applications, note the mission time TM = 20 years in the safety-relevant key
performance indicators.
Intern
Safety module PMC SR6
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 10
4 Safety module PMC SR6
The PMC SR6 safety module adds the STO (Safe Torque Off) safety function to the drive controller .
In the event of an error or by external request, STO prevents the formation of a rotating magnetic field
in the power unit of the drive controller. The safety module switches the drive controller to the STO
state.
Additional safety functions can be built upon the STO function with suitable external wiring, such as
SS1-t (Safe Stop 1).
Features
}Two one-pole digital inputs for activating the safety functions:
• Safe Torque Off – STO in accordance with DIN EN 61800-5-2
• Stop category 0 in accordance with DIN EN 60204-1
}STO switch-off time <20ms
}Wear-free
Certifications in accordance with DIN EN61800-5-2 and DIN ENISO13849-1
}Safety Integrity Level (SIL) (SIL) 3
}Performance Level (PL) (PL) e
}Category 4
Intern
System design and function
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 11
5 System design and function
STOb
STOa
STO
X12
NOR
I/O
M
IGBT
X2
PWM
PWM
PWM
PWM
Controller
+
fieldbus
master
Safety
relay
status
Fieldbus
Power unit
Application Motion
core
Control
cascade
Diagnosti
cs
Drive controller
with integrated safety technology – PDS(SR)
PMC SR6
Fig.1: Drive controller and safety module (PDS(SR) – System design
Function
The control unit of the drive controller generates pulse patterns (PWM) to produce a rotating magnetic
field at the IGBT module in the power unit. This rotating magnetic field is necessary for operating
synchronous and asynchronous motors.
If the safety function is not active, the PMC SR6 safety module allows for the generation of a rotating
magnetic field in the power unit; the connected motor can create a rotating magnetic field. If the safety
function is active, PMC SR6 disables the generation of the rotating magnetic field in the power unit
and the drive controller cannot generate any torque in the connected motor.
The immediate switch-off after an emergency stop corresponds to the STO safety function in
accordance with DINEN61800-5-2. In DINEN60204-1, this type of switch-off is defined as stop
category0.
A time-delayed switch-off after an emergency stop corresponds to the SS1-t safety function in
accordance with DIN EN 61800-5-2. In DINEN60204-1, this type of switch-off is defined as stop
category1.
Intern
System design and function
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 12
WARNING!
Increased overrun distance! Residual motion!
The safety module cannot prevent a failure of the functional part of the drive
controller (e.g. during a controlled stop) while the SS1-t safety function is executed.
Therefore, SS1-t cannot be used if this failure could cause a dangerous situation in
the end application. Observe this during project configuration.
In the event of an error in the power unit of the drive controller, static energization of
the motor is possible despite active STO. In this case, the motor shaft can move by
an angle of up to 360° ÷ (p × 2).
PMC SR6 – Design
The PMC SR6 safety module is designed with two channels. Both safety channels are independent of
one another and must be activated at the corresponding STOa (safety channel 1) and STOb (safety
channel 2) inputs at the same time, either directly via floating contacts with 24VDC or alternately via
24VDC semiconductor outputs with layered testing.
Using both the STOa and STOb inputs, rotating magnetic field generation in the drive controller is
enabled or disabled.
Monitoring the connection wiring
Status signals are provided for checking the status of the connecting wiring and the function of the
safety channels:
}Using the STOstatus signal via terminal X12
STOstatus is the result of a NOR gate of the two STOa and STOb inputs, meaning that the STOstatus
output is always 1 (high level) if the STOa input equals 0 (low level) and the STOb input equals 0
(low level). The signal is output on the X12 terminal of the drive controller.
}Using parameter E67
Parameter E67 is an array parameter that visualizes the state of both safety channels in detail.
Information
If both STO inputs are controlled via outputs with test pulses, e.g. interface type C or
D, the monitoring of the connecting wiring is taken over by the signal-generating
controller. Potential faults are detected directly, eliminating the need to evaluate the
STO status signals.
Intern
Technical data
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 13
6 Technical data
The transport, storage and operating conditions of the safety module can be found in the technical
data of the drive controller (see the chapter Detailed information).
6.1 Safety-related variables
The table includes the variables for the PMC SR6 module relevant for safety equipment.
SIL CL 3
SIL 3
PL e
Category 4
PFH 5 × 10-9 [1/h]
Mission time 20 years
PMC SR6 – Safety-related variables
Intern
Technical data
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 14
6.2 System times
The following diagram visualizes the temporal relationships in the event of STO activation and
execution; the associated values for the drive controller in combination with the PMC SR6 safety
module are found in the subsequent table.
STO
t1
t
t
t
t
t4
t2
t4
t3
1
0
1
0
1
0
STOa
n
b
STO
STOstatus
Fig.2: STO – Temporal relationships (detailed representation)
t1STO triggering
t2Maximum reaction time
t3Maximum time difference
t4Maximum response time
Be aware that the reaction times of the individual part systems must be taken into account to
calculate an application-specific total reaction time (see the chapter SRP/CS: Processing a typical
safety function [ 25]).
Maximum reaction time 20ms
Maximum time difference 500ms
Maximum response time 20ms
STO – System times
Intern
Technical data
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 15
6.3 Interface classification
According to the 24VDC interface classification from ZVEI, the PMC SR6 safety module can be used
as a data sink (sink) for interface types C and D and activated by data sources (sources) of the same
interface types.
The values contained in the table apply to the PMC SR6 used as a sink for interface types C and D1
Min. Typ. Max.
Class 1
Test pulse duration ti— — 1000µs
Test pulse interval Ti10ms — —
Input resistance R1300Ω — —
Input capacitance C1— — 1.5nF
Input inductance L1— — 10µH
PMC SR6 – Specific figures for the interface type C
Min. Typ. Max.
Class 1
Test pulse duration ti— — 1000µs
Test pulse interval Ti10ms — —
Input resistance R1150Ω — —
Input current I1on
in ON state
— — 60mA
Input current I1off
in OFF state
— — 1mA
Input capacitance C1— — 3nF
Input inductance L1— — 5µH
PMC SR6 – Specific figures for the interface type D
1 See ZVEI, p. 16 and p. 19ff.
Intern
Connection
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 16
7 Connection
The PMC SR6 safety module is connected via the X12 terminal of the drive controller.
More detailed information on errors in the connection wiring, their connection and an STO function
test can be found in the chapter Monitoring the connection wiring [ 26].
7.1 Connection compliant with EMC
Observe the associated recommendations in the drive controller documentation for an EMC-
compliant connection (see the chapter Detailed information [ 42]).
7.2 X12 terminal
Specification Electrical data
STOaU1max = 30VDC (PELV)
high level = 15 – 30VDC
low level = 0 – 8VDC
I1max = 100mA (typically < 30mA for 24VDC)
Imax = 4A
C1max = 10nF
STOb
STOstatus U2 = U1 − (1.5Ω * I1)
STOstatus supply U1 = +24VDC, +20%/25%
I1max = 100mA
GND —
X12 electrical data
Terminal Pin Designation Function
1|2|3|4|5|6|7|8
1 STOaInput of safety channel 1
2
3 STObInput of safety channel 2
4
5 GND Reference potential for STOa and STOb,
internally bridged with terminal 7
6 STOstatus Feedback signal of safety channels 1
and 2 for diagnostic purposes
7 GND Reference potential for STOa and STOb,
internally bridged with terminal 5
8 U1status STO supply status; recommended fuse
protection: max. 3.15AT2
X12 connection description
2 For UL-compliance, use of a 3.15A fuse (time delay) is required. The fuse must be certified for DC voltage in accor-
dance with UL 248.
Intern
Connection
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 17
Connecting wiring
Feature Line type Value
Contact spacing — 3.81mm
Nominal current at ϑamb = 40°C — CE/UL/CSA:
16A/10A/11A
Max. conductor cross-section Flexible without end sleeve 1.5mm²
Flexible with end sleeve without plastic
collar
1.0mm²
Flexible with end sleeve with plastic collar 1.0mm²
2 conductors, flexible, with double end
sleeve with plastic collar
—
AWG according to UL/CSA 16
Min. conductor cross-section Flexible without end sleeve 0.14mm²
Flexible with end sleeve without plastic
collar
0.25mm²
Flexible with end sleeve with plastic collar 0.25mm²
2 conductors, flexible, with double end
sleeve with plastic collar
—
AWG according to UL/CSA 26
Insulation stripping length — 10mm
Tightening torque — —
BCF 3.81 180 SN BK specification
Cable requirements
Feature All sizes
Max. cable length 30m
Cable length [m]
Intern
Connection
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 18
X12 wiring
The two-channel design of the PMC SR6 with shared potential reference supports various options for
connection. These depend upon whether PMC SR6 is used via contacts or as a sink for interface type
C or D from the ZVEI interface classification.
Subsequent graphics visualize the activation options using corresponding switch contacts. Activation
via the semiconductor outputs with test pulses is also permitted.
24 VDC
0 V
STO
STOb
STOa
8
7
6
5
43
2
1
GND
X12
Input
PLC
Drive controller
Fig.3: X12 wiring – PMC SR6 as sink for interface type C
Both STOa and STOb inputs are connected by two discrete channels; the GND reference potential is
permanently wired.
In the event of circuits with contacts, errors in the connection wiring can be detected only in some
cases. Short circuits to GND from STOa and STOb are identified with the aid of upstream fuse
protection; they remain undetected with 24VDC. Possible short circuits and cross circuits can be
determined only by line or output tests.
Redundant wiring in accordance with interface type C detects short circuits and cross circuits in the
connection wiring.
Intern
Connection
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 19
24 VDC
0 V
STOb
STOa
8
7
6
5
43
2
1
GND
X12
STO
PLC
Input
Drive controller
Fig.4: X12 wiring – PMC SR6 as sink for interface type D
Both STOa and STOb inputs are connected together; the GND reference potential serves as a second
independent switch-off channel.
In the event of activation with contacts, errors in the connection wiring can be detected only in some
cases. Possible short circuits and cross circuits can be determined only by line or output tests.
Wiring in accordance with interface type D detects short circuits and cross circuits in the connection
wiring.
7.3 Parallel connection
It is possible to activate STO on multiple drive controllers simultaneously using the output of a safety
relay. A parallel connection of multiple drive controllers is possible depending on the required safety
figure.
WARNING!
Property damage and injury to persons due to loss of safety function!
In parallel connection, possible wiring or activation errors can lead to the loss of
safety function for all drive controllers.
▪ Take appropriate measures to detect or exclude wiring faults (see the chapter
Monitoring the connection wiring [ 26]).
▪ Be aware that the STOstatus outputs cannot be connected in series for a shared
evaluation.
Intern
Commissioning
Manual PMC SR6 safety module
1005344-en-US-01
Pilz | 20
8 Commissioning
This chapter describes how to commission the PMC SR6 safety module and activate or deactivate
the STO safety function.
Information
The safety module is a permanently integrated component in the drive controller
where any design, technical and electrical modifications are prohibited!
Detailed information for commissioning the drive controller can be found in the accompanying
commissioning instructions (see the chapter ).
8.1 Putting the safety module and drive controller into operation
Proceed as follows to put a drive controller with integrated PMC SR6 safety module into operation.
1. Check whether the planned safety equipment is sufficient for the safety requirements of your
entire system.
2. Wire the safety-related X12 terminal in accordance with the data contained in chapter X12
terminal [ 16] and exclude any potential wiring faults (optional).
3. Connect and start up the drive controller. The accompanying commissioning instructions contain
detailed information on this process and all relevant safety instructions associated with this.
4. Start by performing an STO function test. Proceed as described in chapter Monitoring the
connection wiring [ 26], along with all related subsections. Document your test results.
Information
Be aware that the listed steps must also be performed and documented every time
before putting the drive controller and integrated PMC SR6 safety module back into
operation after a replacement!
Intern
Table of contents
Other Pilz Computer Hardware manuals
Pilz
Pilz PNOZ mc3p User manual
Pilz
Pilz PNOZ m EF 8DI4DO User manual
Pilz
Pilz PNOZ po3.2p User manual
Pilz
Pilz PNOZ m EF PDP Link User manual
Pilz
Pilz PNOZ m ES EtherNet/IP User manual
Pilz
Pilz PNOZ mc5p User manual
Pilz
Pilz PNOZ m ES RS232 User manual
Pilz
Pilz PNOZ mo3p User manual
Pilz
Pilz PNOZ mc4p User manual
Pilz
Pilz PNOZ ma1p User manual
