9
Functional safety
General information
Operating Instructions – MOVIDRIVE
®
modular
249
9 Functional safety
9.1 General information
9.1.1 Underlying standards
The safety assessment of the application inverter is based on the following standards
and safety classes:
Underlying standards
Safety class/underlying standard
• Performance level (PL) according to
ENISO13849‑1:2008
• Safety Integrity Level (SIL) according to
EN61800‑5‑2:2007
• Safety Integrity Level Claim Limit (SIL
CL
) ac-
cording to EN62061:2005/A1:2013
9.2 Integrated Safety Technology
The safety technology of the application inverter described below has been developed
and tested in accordance with the following safety requirements:
• Safety Integrity Level 3 according to EN61800-5-2:2007, EN61508:2010.
• PL e according to ENISO13849-1: 2008.
This was certified by TÜV Rheinland. Copies of the TÜV certificate and the corres-
ponding report are available from SEW‑EURODRIVE on request.
9.2.1 Safe condition
For safety-related operation of the application inverter, Safe Torque Off is defined as
safe state (see STO drive safety function). The safety concept is based on this defini-
tion.
9.2.2 Safety concept
The application inverter is supposed to be able to perform the drive safety function
"Safe Torque Off" according to EN61800‑5‑2:
• The application inverter is characterized by the optional connection of a safety re-
lay/external safety controller. This external safety controller/safety relay discon-
nects the safety-related STO input via a 2-pole 24 V switching signal (sourcing/
sinking) when a connected command device (e.g. emergency stop button with
latching function) is activated. This activates the STO function of the application in-
verter.
• An internal, dual-channel structure with diagnostics prevents the generation of
pulse trains at the power output stage (IGBT).
• Instead of galvanic isolation of the drive from the supply system by means of con-
tactors or switches, the disconnection of the STO input described here safely pre-
vents the control of the power semiconductors in the output stage. The rotary-field
generation for the respective motor is deactivated even though the line voltage is
still present.
• When the STO drive safety function is activated, the PWM signals generated by
the application inverter are interrupted and not transmitted to the IGBTs.
24748536/EN – 11/2017
To Next Page
Loading...