Printed in the Federal Republic of Germany TR-Electronic GmbH 2009, All Rights Reserved
12/13/2018 TR - ECE - BA - DGB - 0070 - 17 Page 71 of 108
2.7 Safety functions of the fail-safe processing unit
The Safety Computer System (SCS), to which the measuring system is connected,
must perform the following safety checks.
So that in the event of an error the correct measures can be taken up, the following
definition is valid:
If no more data are sent by the measuring system, or if the measuring system is in
OFF condition, this is to be interpreted as safe condition.
2.7.1 General safety checks
Check by SCS SCS error reaction Necessary?
Comparison of position data of the
master system with position data of the
safety system.
The permissible tolerance window
depends on the SSI behavior and on the
system speed and must be determined by
the plant operator first.
In case of exceeding of
the tolerance window -->
STOP
yes
Cyclical consistency check of the current
master system data to the previous
STOP yes
Travel curve calculation and monitoring
by means of the master system
STOP yes
Data transmission master system and
data transmission safety system blocked
STOP yes
2.7.2 Check of the master system data
Check by SCS SCS error reaction Necessary?
Error bit 1 = 1:
Master system data not safe
Definition in the SCS yes
Error bit 2 = 1:
Safety system data not safe
Definition in the SCS yes
Data transmission master system
blocked
Definition in the SCS yes
Sign of life counter was not
incremented longer than 1 ms
STOP:
If the sign of life counter were
incremented or
the master
system data and safety system
data are within the tolerance
window, after acknowledgment
the travel can be continued.
yes
CRC check master system data
Telegram repetition, two SCS
cycles permitted
yes
To Next Page
Loading...
