Scalable functional safety architecture for CNC machine builders
29 January 2013
NUM has released a scalable functional safety architecture for its CNC system, which can be applied very easily to almost any type of machine tool - regardless of complexity or number of axes. Known as NUMSafe, it includes a dedicated safety PLC, safe input and output modules, and digital servo drives with built-in safe motion monitoring.
Until relatively recently, designers wishing to implement even basic functional safety schemes on CNC machines were forced to use electromechanical safety technology such as special contactors and relays. This approach involved significant extra component and wiring costs, as well as increased machine development and build times.
By integrating safety functionality across the entire CNC platform NUMSafe minimizes the need for additional hardware and simplifies software development, to OEM's considerable advantage. Furthermore, end users benefit from a strong increase in machine productivity because it is no longer necessary to power off the complete machine every time there is an element of human interaction; instead, protection can be ensured by dedicated functions which limit the movement, speed and position of axes.
A key advantage of the NUMSafe architecture is that safe devices such as the safety PLC and I/O modules can be contained within the same standard terminal line up as other elements of the control system.
All communication between the machine's control system, operator panel and servo drives is handled via EtherCAT field bus, using a Fail Safe over EtherCAT (FSoE) protocol to ensure integrity of safety-related data.
NUMSafe complies with the EN ISO 13849-1 machinery safety standard up to PL e, and with the EN 61800-5-2 functional safety standard for variable speed drives, up to SIL 3.
To help machine builders minimise development time the application programs for the safety PLC are created using the same suite of software tools that is used to commission the entire system, including the CNC, PLC, drives and I/O modules. The logic of the safety application is programmed using function blocks such as 'E-Stop', 'Operation Mode', 'AND', 'OR, etc, linked to safe inputs and outputs.
Complex safety functions can be set up easily by chaining function blocks. For example, requesting the machine operator to perform an action requiring use of both hands - such as operating two control switches simultaneously - to prevent exposure to moving parts, and verifying this before allowing execution of any motion command, only requires a couple of instructions. The safety application is a self-contained program; as soon as the developer is satisfied with its logic it can be downloaded to the safety PLC.
NUM's latest NUMDrive X digital servo drives, which are available in mono- and bi-axes versions, can incorporate a safe motion monitoring module that operates in conjunction with the safety PLC to oversee and control all safety-related aspects of drive and motor behaviour.
By allowing safety functions to be implemented on individual machine axes, and only where required, this modular approach helps reduce system cost. Furthermore, NUM offers two versions of the module, enabling designers to match their application needs very precisely. Both versions feature redundant channel architecture and use cross-monitoring techniques to ensure data integrity.
The basic safe motion monitoring module provides a Safe Torque Off (STO) function; this is the most commonly used safety function and ensures that the drive can longer command the motor to generate torque, with continuous monitoring to prevent unexpected start-up. In addition to STO, the extended version of the module implements the EN 61800-5-2 compliant functions of Safe Operating Stop (SOS), Safe Stop 1 (SS1), Safe Stop 2 (SS2), SafelyLimited Speed (SLS) and Safely-Limited Position (SLP) either by means of safe homing and incremental encoders, or by employing certified absolute encoders such as those used with NUM's new line of innovative single-cable servo motors.
Used singly or in combination, these functions enable designers to implement a wide range of machine safety concepts. For example, SS2 safely monitors that the braking of an axis is as quick as possible in the event of an emergency. This can be followed by the SOS function to instruct the drive/motor to maintain a fixed position by generating a degree of holding torque, but not to move - the axis is monitored continuously to ensure that it remains stationary.
Another cost-saving benefit of NUM's safety architecture is that there is no need for an additional encoder on machine axes that implement safety functions. Motor feedback can be derived from safe encoders which return position and redundant position data to the drive using a secure certified protocol, or, in the case of synchronous motors, any standard sin/cos encoder.
NUM's portfolio of motors includes two ranges of brushless servomotors which only require a single cable interconnection. Developed specifically for use with NUMDrive X servo drives, these employ an innovative safe digital encoder interface scheme which carries encoder power and position feedback data (redundantly) on a two-wire link embedded within the motor's power cable. As well as reducing cabling costs, this approach further improves machine safety and reliability by reducing the number of interconnections that are needed.
Contact Details and Archive...