Application planning
6.5 Failure scenarios
S7-1500R/H redundant system
System Manual, 01/2024, A5E41814787-AF
217
Failure scenario
① Primary CPU (CPU 1518HF-4 PN) → Data corruption in the safety program due to incorrect pro-
Backup CPU (CPU 1518HF-4 PN)
Two fiber-optic cables (redundancy connections)
ET 200MP IO device with fail-safe modules
ET 200SP IO device with fail-safe modules
PROFINET cables (PROFINET ring)
Figure 6-56 Failure of the redundant system through safe state of the 1518HF-4 PN CPUs
Sequence of events
1. Data corruption in the safety program of the primary CPU occurs due to incorrect
programming (DIV instruction = 0 if enable output ENO is not connected).
2. The error response state switches all fail-safe inputs/outputs to the safe state. The HF-system
then switches to STOP system state.
3. System redundancy has failed. The process is no longer controlled by the redundant system.
To Next Page
Loading...
Need help?
General
