Page E–2
DuRApulse GS4 AC Drive User Manual – 1st Ed, Rev A - 10/20/2017
Appendix E: Safe Torque Off
Safe funCtion failure rate
Item Definition Standard Performance
SFF
Safe Torque Off IEC61508
Channel 1: 80�08%
Channel 2: 68�91%
HFT (Type A Subsystem)
Hardware Fault Tolerance IEC61508 1
SIL
Safe Integrity Level
IEC61508 SIL 2
IEC62061 SILCL 2
PFH
Average Frequency of Dangerous Failure [h-1] IEC61508 9�56×10
-10
PFD
av
Probability of Dangerous Failure on Demand IEC61508 4�18×10
-6
Category
Category ISO13849-1 Category 3
PL
Performance Level ISO13849-1 d
MTTF
d
Mean Time to Dangerous Failure ISO13849-1 High
DC
Diagnostic Coverage ISO13849-1 Low
For more information on the above performance levels, please refer to the appropriate standard.
Safe torque off terminal funCtion DeSCriPtion
The Safe Torque Off (STO) function turns off the power supplied to the motor through the
hardware, so that the motor cannot produce torque. This method of removing power from the
motor is considered an emergency stop, also known as "coast to stop."
The Safe Torque Off function utilizes two independent hardware circuits to control the motor
current drive signal, and thus turns off the inverter power module output in order to achieve the
status of safe stop. In normal E-stop situations, both circuits will be opened (using a dual-channel
safety relay, etc.). To restart the drive, the Reset input must be turned ON and the Run command
must be cycled from low to high. If only one of the circuits is opened during an E-stop, the
drive considers this an STL fault and power must be cycled to the drive to clear the error (see
"Method of Reset" in the chart below).
If unknown STO faults occur, the on-board +24V might be getting shorted to ground (+24V to DCM).
Operation Conditions Description
Signal Channel STO Input Status
STO
Signal
STO1~SCM1 ON (High) OFF (Low) ON (High) OFF (Low) x
STO2~SCM2 ON (High) OFF (Low) OFF (Low) ON (High) x
Driver Output Status
Ready
Normal STO Mode
(Torque Output Off)
STL2 Mode
(Torque
Output Off)
STL1 Mode
(Torque
Output Off)
STL3 Mode
(Torque
Output Off)
Method
of Reset
Step 1
n/a
Clear Fault (set both channels high)
Cannot reset;
Internal Drive
failure
Step 2 Reset button Cycle Power to Drive
Step 3 Cycle Run Command from low to high
Definitions
STO: Safe Torque Off
STL1~STL3: Alarms indicate a non-standard emergency stop. STO Losses 1 and 2 (STL1, STL2)
indicate only one channel of the safety circuit has been activated. STO Loss 3 (STL3)
indicates an internal failure of the STO monitoring circuitry.
STL3: STO1~SCM1 and STO2~SCM2 internal circuit detected abnormal.
STO1~SCM1 ON(High): STO1~SCM1 has connection to a +24VDC power supply.
STO2~SCM2 ON(High): STO2~SCM2 has connection to a +24VDC power supply.
STO1~SCM1 OFF(Low): STO1~SCM1 has no connection to a +24VDC power supply.
STO2~SCM2 OFF(Low): STO2~SCM2 has no connection to a +24VDC power supply.
STO alarm is the expected method of Emergency Stop. Both channels open at the same time.
To Next Page
Loading...
