ET 200S Distributed I/O System - Fail-Safe Modules
Installation and Operating Manual, 08/2008, A5E00103686-07
41
Diagnostics
5
5.1 Reactions to Faults
Safe State (Safety Concept)
The basic principle behind the safety concept is the existence of a safe state for all process
variables.
Note
For digital F-modules, this safe state is the value "0". This applies to both sensors and
actuators.
Reactions to Faults and Startup of the F-System
The safety function requires that fail-safe values (safe state) be applied to the fail-safe
module instead of process values (passivation of the fail-safe module) in the following
situations:
● When the F-system is started up
● If errors are detected during safety-related communication between the F-CPU and the F-
module via the PROFIsafe safety protocol (communication error).
● If fail-safe I/O or channel faults occur (for example wire break, discrepancy error)
Faults detected are entered in the diagnostic buffer of the F-CPU and reported to the safety
program in the F-CPU.
F-modules cannot save errors as retentive data. When the system is powered down and
then restarted, any faults still existing are detected again during startup. However, you have
the option of saving faults in your safety program.
WARNING
Channel faults do not trigger any diagnostic reactions or error handling for channels that
have been set to "deactivated" in
STEP 7
, even when this channel is affected indirectly by a
channel group fault ("Channel activated/deactivated" parameter).
To Next Page
Loading...
