Functional safety is easily integrated
Safety technology: For the protection of man and machine
At Lenze, we address the issue of safety technology with Centralized/Decentralized Safety. Dangers for operating and maintenance personnel also emanate from the moving parts of the machines. It is essential to protect employees from these risks at all times - the most effective way to do this is to intervene at the point in the machine where the hazardous movement occurs - directly in the inverter.
Since the safety functions integrated in the drive already have EC type approval, acceptance of the entire machine (e.g. by TÜV or the employers' liability insurance association) is simplified. The safety modules are certified according to EN ISO 13849-1, EN IEC 61508 and EN IEC 62061 and achieve the highest performance level PL e.
For the integration of Centralized/Decentralized Safety into the safety chain of your machine, safely executed inputs are available for the safety sensor technology. The connection to a higher-level PLC, which processes both standard and safety logic, is made via bus systems that can simultaneously transmit safe and unsafe data on a physical bus system - e.g. PROFIsafe or FSoE.
We support you in implementing your safety requirements with the safety technology that can be integrated as an option. All functions are developed according to IEC 61508, SIL 3 and meet the requirements of EN ISO 13849-1 PL e as well as EN IEC 62061 SIL 3. This simplifies the acceptance of your entire machine.
Functional safety in the inverter means that safety topologies can be implemented with very little wiring effort. The PLC Designer engineering tool, which can be used throughout, allows the safety aspects to be integrated very conveniently into the machine's stand-alone application. No system change is necessary, since standards (PLCopen) are used. The programming, setup and operation of the system can be created consistently with the tool. Operation and diagnosis is done directly or via a bus system.
Safety topologies EtherCAT
A very high-quality solution is a safety topology via EtherCAT with its extension FSoE (Functional Safety over EtherCAT). This solution is a very modern and high-performance bus system. By using EtherCAT, the inverters can be controlled quite easily and further peripheral components can be connected.
Third party components
In many applications, it is necessary to integrate not only the drives into the safety topology, but also other components, so-called "third party components". When using EtherCAT/FSoE, Lenze has consistently adhered to the associated standards. This means that integration is possible without any problems. These components can be integrated without system breaks and contribute to the implementation of the machine's safety functions.
Guidelines and standards
The application of the Machinery Directive is a legal requirement in all countries that are part of the European Union. It does not contain specifications as to technical details, but defines the essential requirements that machines must meet, such as the results that must be achieved or the dangers that must be prevented. It does not specify what the technical solution should look like in concrete terms.
The Machinery Directive (2006/42/EC) applies to:
- Safety components
- Incomplete machines (partial machines)
Once the machine has been manufactured, the manufacturer will confirm that all essential requirements have been taken into account and the machine therefore conforms by applying the CE mark and drawing up the Declaration of Conformity.
The uniform standards offer guidance in meeting essential requirements. If a uniform standard covers all the risks associated with the machine, you may assume the machine conforms to it. In this case, we talk about the presumption of conformity.
Five steps to a safe machine
The Machinery Directive comprises the following elements:
Carrying out a risk assessment: This enables you to identify applicable safety and health protection requirements.
- Design and construction of the machine that takes into account the results of the risk assessment.
- Following the risk assessment, you will know what measures you need to implement to reduce the risks.
If you cannot implement these measures in the design phase, then it will be necessary to integrate them into the control technology and set them down in writing in the specifications for the safety functions.
When using a control system, the Performance Level (PL) determines the requirements that the measures will need to meet in order to reduce risk. Following the implementation of safety functions, the real achieved PL will be checked and must be at least the same or greater than that worked out in theory beforehand.
The first step to a safe machine is establishing the limits of the machine and in particular its application as directed. This includes, for example, its application area, operating modes, service life and the interface between people and machine.
Using these specifications, you can identify points of danger and evaluate the risk of each individual danger. If it turns out that the risk would be too great without implementing additional measures, then the said risk must be reduced to an acceptable level.
The measures taken should prevent the danger entirely or reduce it by using an inherently safe design. Only if these measures do not lead to sufficient reduction of the risk should you rely on technical protective measures and - as a last resort - the documentation.
If the technical protective measures require the use of a control system, then the safety functions to be controlled by the control system should be described in precise detail. The required Performance Level (PL) for each safety function will then be established according to the DIN EN ISO 13849-1 graphs.
Following selection of the control system and all components that influence the safety function, checks will be carried out to see if the identified Performance Level is adhered to during implementation and verification.
Following selection of the control system and components, you will plan the validation.
In doing so, you will need to specify the following:
- How are documents identified and updated?
- In which ambient conditions should the validation take place?
- Which checks and measuring tools are to be used?
- Which standards should be used (e.g. DIN EN ISO 13849-2 for control systems)?
- Who are the people responsible?
The implementation of the planned measures must then be carried out e.g. the safety control should be programmed and the safe drive parameterized.
As part of verification, you should check whether the planned measures have been correctly implemented. If they have, it should be confirmed that the Performance Level of the implemented safety functions is better or equal to the Performance Level identified when drawing up the safety concept.
Validation is carried out according to the specified planning. If checks are not passed, rectification will be required.
All validation activities must be documented. Successful validation is concluded with a validation report.