The H41q System Family
8
3.2 Concepts of the Safety Switch-Off at H41q
In the system descriptions of the safety-related PES H41q-MS, -HS, -HRS the ways for shut-
down if a fault occurs are shown. Depending on the fault location the reactions of the systems
are fixed or they can be defined in the user program.
Parameters are set
– in the resource properties I/O parameter
– by activating of a system variable for emergency shutdown
– via function block H8-STA-3.
An overview of the system variables including the corresponding error code you will find in the
operating system manual.
Reaction to faults of safety related digital I/O modules during operation:
Definition:
Double fault = fault within an output channel and the switch-off electronic part of this testable
output module.
Abbreviations used in the table:
CU Central Module
I/O bus Input/output bus
WD Watchdog signal
More explanations on the following page.
Location of fault
I/O parameter in the pro-
perties of the resource
Reaction of the system
Output modules
Single error
(also voltage failure)
- display only or
- normal operation
Module switch-off
- normal operation and
one function block
H8-STA-3 per group
Group shutdown
- Emergency off WD switch-off of the
appertaining CU
I/O bus or
double fault of
output modules
- display only Slot with error code in I/O
bus display of the CPU,
WD is still switched on
- normal operation or
- Emergency off
WD switch-off of the
appertaining CU
Central modules independent of the I/O
parameter
WD switch-off of the
appertaining CU
Input modules independent of the I/O
parameter
Operation of 0-signal for all
inputs of this module
Independent of a fault of the
output module
System variable for emer-
gency switch-off activated,
independent of the I/O
parameter
WD switch-off of the
appertaining CU
Table 3: Concepts of the Safety Switch-Off at H41q
To Next Page
Loading...