Rockwell Automation Publication 2198-UM002L-EN-P - October 2021 285
Chapter 9 Kinetix 5700 Safe Torque-off Function
Average Frequency of a Dangerous Failure
Safety-related systems are classified as operating in a High-demand/
continuous mode. The SIL value for a High-demand/continuous mode safety-
related system is directly related to the probability of a dangerous failure per
hour (PFH).
PFH calculation is based on the equations from IEC 61508 and show worst-case
values. Table 154
provides data for a 20-year proof test interval and
demonstrates the worst-case effect of various configuration changes on the
data.
Safe Torque-off Feature
The safe torque-off (STO) circuit, when used with suitable safety components,
provides protection according to ISO 13849-1 (PL e), according to IEC 61508,
IEC 61800-5-2, and IEC 62061 (SIL CL 3). All components in the system must be
chosen and applied correctly to achieve the desired level of operator
safeguarding.
The 2198-xxxx-ERS3 and 2198-xxxx-ERS4 STO circuit is designed to turn off all
of the output-power transistors when the STO function is requested. You can
use the 2198-xxxx-ERSx STO circuit in combination with other safety devices
to achieve a Stop Category 0 stop as described in Stop Category Definition
on
page 284
, and protection-against-restart as specified in IEC 60204-1.
IMPORTANT
Determination of safety parameters is based on the assumptions that
the system operates in High-demand mode and that the safety
function is requested at least once every three months.
Table 154 - PFH for 20-year Proof Test Interval (STO function)
Attribute
2198-Sxxx-ERS3
Single-axis Inverters
2198-Dxxx-ERS3
Dual-axis Inverters
PFH (1e-9) 1.57 1.64
HFT (hardware fault tolerance)
(1)
(1) Hardware fault tolerance is the minimum number of faults that can cause a loss of the safety function as defined by
IEC 61508-2.
11
Proof test (years) 20 20
ATTENTION: The safe torque-off (STO) feature is suitable only for
performing mechanical work on the drive system or affected area of a
machine. It does not provide electrical safety.
SHOCK HAZARD: In Safe Torque-off mode, hazardous voltages can still be
present at the drive. To avoid an electric shock hazard, disconnect power to
the system and verify that the voltage is zero before performing any work
on the drive.
ATTENTION: Personnel responsible for the application of safety-related
programmable electronic systems (PES) shall be aware of the safety
requirements in the application of the system and shall be trained in using
the system.
To Next Page
Loading...
