BS EN 61 784-3-1 8:201 +A1 :201 BSI Standards Publication I nd u stri al commu ni cati on networks — Profi l es Part 3-1 8: Functional safety fieldbuses Additional specifications for CPF — (I E C 84-3 -1 8: 1 ) BS EN 61 784-3-1 8:201 +A1 :201 BRITISH STANDARD National foreword This British Standard is the UK implementation of EN 61 784-3-1 8:201 +A1 :201 It is identical to IEC 61 784-3-1 8:201 incorporating amendment :201 It supersedes BS EN 61 784-3-1 8:201 , which is withdrawn The start and fnish o f text introduced or altered by amendment is indicated in the text by tags Tags indicating changes to IEC text carry the number o f the IEC amendment For example, text altered by IEC amendment is indicated by The UK participation in its preparation was entrusted to Technical Committee AMT/7, Industrial communications: process measurement and control, including feldbus A list o f organizations represented on this committee can be obtained on request to its secretary This publication does not purport to include all the necessary provisions o f a contract Users are responsible for its correct application © The British Standards Institution 201 Published by BSI Standards Limited 201 ISBN 978 580 94721 ICS 3.1 0, 25.040.40, 35.1 00.05 Compliance with a British Standard cannot confer immunity from legal obligations This British Standard was published under the authority o f the Standards Policy and Strategy Committee on 31 July 201 Amendments issued since publication Date Text a ffected 31 March 201 Implementation o f IEC amendment :201 with CENELEC endorsement A1 :201 EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM EN 61 784-3-1 8:2011 +A1 February 01 ICS 3.1 0; 25.040.40; 35.1 00.05 English version Industrial communication networks Profiles Part 3-1 8: Functional safety fieldbuses Additional specifications for CPF (IEC 61 784-3-1 8:201 ) Réseaux de communication industriels Profils Partie 3-1 8: Bus de terrain sécurité fonctionnelle Spécifications supplémentaires pour le CPF (CEI 61 784-3-1 8:201 ) Industrielle Kommunikationsnetze Profile Teil 3-1 8: Funktional sichere Übertragung bei Feldbussen Zusätzliche Festlegungen für die Kommunikationsprofilfamilie (IEC 61 784-3-1 8:201 ) This European Standard was approved by CENELEC on 201 -05-25 CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the Central Secretariat or to any CENELEC member This European Standard exists in three official versions (English, French, German) A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to the Central Secretariat has the same status as the official versions CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom CENELEC European Committee for Electrotechnical Standardization Comité Européen de Normalisation Electrotechnique Europäisches Komitee für Elektrotechnische Normung Management Centre: Avenue Marnix 7, B - 000 Brussels © 201 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members Ref No EN 61 784-3-1 8:201 E BS EN 61 784-3-1 8:201 +A1 :201 EN 61 784-3-1 8:201 +A11 :201 BS EN 61 784-3-1 8:201 –2– EN 61 784-3-1 8:201 Foreword The text of document 65C/639/FDIS, future edition of IEC 61 784-3-1 8, prepared by SC 65C, Industrial networks, of IEC TC 65, Industrial-process measurement, control and automation, was submitted to the IEC-CENELEC parallel vote and was approved by CENELEC as EN 61 784-3-1 on 201 -05-25 Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights CEN and CENELEC shall not be held responsible for identifying any or all such patent rights The following dates were fixed: – latest date by which the EN has to be implemented at national level by publication of an identical national standard or by endorsement (dop) 201 2-02-25 – latest date by which the national standards conflicting with the EN have to be withdrawn (dow) 201 4-05-25 Annex ZA has been added by CENELEC Endorsement notice The text of the International Standard IEC 61 784-3-1 8:201 was approved by CENELEC as a European Standard without any modification In the official version, for Bibliography, the following notes have to be added for the standards indicated: 1) IEC 60204-1 NOTE Harmonized as EN 60204-1 IEC 61 31 -6 NOTE Harmonized as EN 61 31 -6 ) IEC 61 58 series NOTE Harmonized in EN 61 58 series IEC 61 326-3-1 NOTE Harmonized as EN 61 326-3-1 IEC 61 326-3-2 NOTE Harmonized as EN 61 326-3-2 IEC 61 496 series NOTE Harmonized in EN 61 496 series IEC 61 508-1 :201 NOTE Harmonized as EN 61 508-1 :201 IEC 61 508-4:201 NOTE Harmonized as EN 61 508-4:201 IEC 61 508-5:201 NOTE Harmonized as EN 61 508-5:201 IEC 61 51 series NOTE Harmonized in EN 61 51 series IEC 61 784-1 NOTE Harmonized as EN 61 784-1 IEC 61 784-5 series NOTE Harmonized in EN 61 784-5 series IEC 61 800-5-2 NOTE Harmonized as EN 61 800-5-2 IEC 62061 NOTE Harmonized as EN 62061 ISO 021 8-1 NOTE Harmonized as EN ISO 021 8-1 ISO 21 00-1 NOTE Harmonized as EN ISO 21 00-1 ISO 3849-1 NOTE Harmonized as EN ISO 3849-1 At draft stage BS EN 61 784-3-1 8:2011 +A1 :201 EN 61 784-3-1 8:2011 +A1 :201 –3– ISO 3849-2 BS EN 61 784-3-1 8:201 NOTE Harmonized as EN ISO 3849-2 ISO 41 218:201 /A1 NOTE EN 61 784-3-1 :201 7Harmonized as EN ISO 41 21 European F orewo rd foreword to am en d m en t A1 This document (EN 61 784-3-1 8:201 /A1 :201 7) consists of the text of IEC 61 784-3-1 8:201 /A1 :201 prepared by SC 65C “Industrial networks” of IEC/TC 65 “Industrial process measurement, control and automation” The following dates are fixed: • • (dop) 201 8-01 -1 latest date by which the national standards conflicting (dow) with the document have to be withdrawn 2020-01 -1 latest date by which the document has to be implemented at national level by publication of an identical national standard or by endorsement Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights CENELEC [and/or CEN] shall not be held responsible for identifying any or all such patent rights Endorsement notice The text of the International Standard IEC 61 784-3-1 8:201 /A1 :201 was approved by CENELEC as a European Standard without any modification BS EN 61 784-3-1 8:201 +A1 :201 EN 61 784-3-1 8:201 +A11 :201 BS EN 61 784-3-1 8:201 –4– EN 61 784-3-1 8:201 Annex ZA (normative) Normative references to international publications with their corresponding European publications The following referenced documents are indispensable for the application of this document For dated references, only the edition cited applies For undated references, the latest edition of the referenced document (including any amendments) applies NOTE When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD applies Publication IEC 61 58-3-22 IEC 61 58-4-22 IEC 61 58-5-22 IEC 61 58-6-22 IEC 61 508 IEC 61 508-2 IEC 61 784-2 IEC 61 784-3 IEC 61 91 ISO/IEC 0731 Year - Title EN/HD Industrial communication networks - Fieldbus specifications Part 3-22: Data-link layer service definition Type 22 elements Industrial communication networks - Fieldbus specifications Part 4-22: Data-link layer protocol specification - Type 22 elements Industrial communication networks - Fieldbus specifications Part 5-22: Application layer service definition Type 22 elements Industrial communication networks - Fieldbus specifications Part 6-22: Application layer protocol specification - Type 22 elements Series Functional safety of EN 61 508 electrical/electronic/programmable electronic safety-related systems 201 Functional safety of EN 61 508-2 electrical/electronic/programmable electronic safety-related systems Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems 201 Industrial communication networks EN 61 784-2 Profiles Part 2: Additional fieldbus profiles for real-time networks based on ISO/IEC 8802-3 EN 61 784-3 201 Industrial communication networks Profiles Part 3: Functional safety fieldbuses - General rules and profile definitions Industrial communication networks EN 61 91 Installation of communication networks in industrial premises Information technology - Open Systems Interconnection - Basic reference model Conventions for the definition of OSI services Year - - - - Series 201 201 201 - –5– BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 CON TEN TS I ntroduction � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 0� General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 0� Patent declaration � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Scope � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 N ormative references � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 Terms, definitions, symbols, abbreviated terms and conventions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� Terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� � Common terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� � CPF 8: Additional terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� Symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� 2� Common symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� 2� CPF 8: Additional symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 3� Conventions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Overview of FSCP 8/1 (SafetyN ET p™ ) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20 4� General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20 4� FSCP 8/1 � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21 5� External documents providing specifications for the profile � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21 5� Safety functional requirements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21 5� Safety measures � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22 5� Safety communication layer structure� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22 5� Relationships with FAL (and DLL, PhL) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 5� 5� General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 5� 5� Data Types � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 Safety communication layer services � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� General elements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� � General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� � Safety object dictionary � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� � Safety process data object (SPDO) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� � Safety heartbeat (SH B) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23 6� � Safety delay monitoring (SDM ) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24 6� Communication relation � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24 Safety communication layer protocol � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25 7� Safety PDU format � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25 7� � General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25 7� � Safety process data objects (SPDO) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25 7� � Safety heartbeat (SH B) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27 7� � Safety PDU s embedded in a Type 22 PDU � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 29 7� Safety communication layer management (SALMT) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 30 7� Safety process data communication � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 32 7� Safety heartbeat � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34 7� Delay monitoring � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 35 Safety communication layer management � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 8� Parameter handling � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 8� Safety object dictionary � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 –6– 8� 2� General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 8� 2� Communication profile section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 37 8� 2� Standardized d evice profile section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 System requirements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 9� I ndicators and switches � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 9� � I ndicator states and flash rates � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 9� � I ndicators � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 9� � Switches � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54 9� I nstallation guidelines � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54 9� Safety function response time � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54 9� 3� General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54 9� 3� Determination of FSCP 8/1 time expectation behavior � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55 9� 3� Calculation of the worst case safety function response time � � � � � � � � � � � � � � � � � � � � � � � 55 9� Duration of demands � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55 9� Constraints for calculation of system characteristics � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55 9� 5� Safety related constraints � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55 9� 5� Probabilistic considerations � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57 9� M aintenance � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57 9� Safety manual � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57 Assessment � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 58 Annex A (informative) Additional information for functional safety communication profiles of CPF � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 59 Annex B (informative) I nformation for assessment of the functional safety communication profiles of CPF � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 60 Bibliography � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 61 Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table Table – Object d efinition � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � – Safety PDU element definition � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � – Communication errors and detection measures � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22 – SPDO PDU structure� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 26 – SH B request PDU structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27 – SH B response PDU structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 28 – SH B safety communication layer state encoding � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 29 – SALMT command s � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 30 – System states of SALMT state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 31 – State transitions SALMT state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 32 1 – System states of RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33 – State transitions RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33 – Timeouts � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34 – Safety object dictionary structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 – Objects of communication section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 37 – Device type � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 38 – Safety I D� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 39 – Safety consumer heartbeat entry � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 39 – Safety consumer heartbeat � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 40 20 – Safety producer heartbeat parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 41 –7– Table Table Table Table Table Table Table Table Table 21 22 23 24 25 26 27 28 29 Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – Safety bus cycle times � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 44 – SPDO timeout tolerance � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 45 – Receive SPDO communication parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 45 – Transmit SPDO communication parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 48 – M apping format � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 51 – Receive SPDO mapping parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 51 – Transmit SPDO mapping parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 52 – I ndicator states definiton � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 – STATU S indicator states � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53 – Relationships of I EC 61 784-3 with other standards (machinery) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � – Relationships of I EC 61 784-3 with other standards (process) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � – FSCP 8/1 system � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20 – FSCP 8/1 software architecture � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22 – SPDO interaction model � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24 – SH B interaction mod el � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24 – Safety process data object structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25 – Safety heartbeat request structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27 – Safety heartbeat response structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 28 – Safety PDU for FSCP 8/1 embedded in a Type 22 CDC d ata section � � � � � � � � � � � � � � � � � 30 1 – SALM T state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 31 – RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33 – H eartbeat procedure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34 – Delay measurement principle � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 35 – Parameter handling � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36 – Safety response time components � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54 – Considered data field s for message size calculation � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 56 – Residual error rate � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57 BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 –8– BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 –7– Introducti on Gen eral Th e I EC 61 58 fi el d bu s stan d ard tog eth er wi th i ts com pan i on stand ard s I EC 61 784-1 an d I EC 61 784-2 d efi n es a set of com m u nicati on protocol s th at en abl e d istri bu ted control of au tom ati on appl icati ons Fi eld bu s tech n ol og y is now si d ered wel l accepted an d wel l proven Thu s m an y fi el d bu s en h ancem en ts are em erg in g , ad d ressin g n ot yet stan d ard i zed areas su ch as real tim e, safety-rel ated an d secu rity-rel ated applicati ons Th is stand ard expl ains th e relevan t prin ci pl es for fu ncti on al safety com m u nication s wi th reference to I EC 61 508 series and specifies several safety com m u nicati on l ayers (profi l es an d correspond i ng protocol s) based on th e com m u n icati on profi l es an d protocol l ayers of I EC 61 784-1 , I EC 61 784-2 an d th e I EC 61 58 seri es I t d oes n ot cover el ectrical safety an d i n tri nsic safety aspects Fi gu re sh ows th e rel ati onsh i ps between th is stan d ard an d rel evan t safety an d fi el d bu s stan d ard s i n a m ach in ery en vironm en t Product standards IEC IEC 61 61496 496 Safety Safety f.f e.g e.g light light curtains curtains IEC IEC 61 61800-5-2 800-5-2 IEC IEC 61 611131 31-6 -6 Safety Safety for for PLC PLC ((under underconsideration consideration)) IEC IEC 61 61784-4 784-4 Security Security (profile-specific) (profile-specific) IEC IEC 61 61784-5 784-5 Installation Installation guide guide (profile-specific) (profile-specific) Safety Safety functions functions for for drives drives Safety Safety requirements requirements for for robots robots IEC IEC 62443 62443 Security Security (common (common part) part) IEC IEC 61 611158 58 series series // IEC IEC 61 61784-1 784-1,, -2 -2 Fieldbus Fieldbus for for use use in in industrial industrial control control systems systems Design of safety-related electrical, electronic and programmable electronic control systems (SRECS) for machinery SIL based IEC IEC 61 6191 9188 Methodology Methodology EMC EMC && FS FS IEC IEC 61 61784-3 784-3 Safety Safety of of machinery machinery –– Principles Principles for for design design and and risk risk assessment assessment Installation Installation guide guide (common (common part) part) IEC IEC 61 61000-1 000-1-2 -2 Functional Functional safety safety communication communication profiles profiles ISO ISO 1121 2100-1 00-1 and and ISO ISO 1141 4121 21 ISO ISO 11021 0218-1 8-1 PL based Design objective Applicable standards IEC IEC 60204-1 60204-1 Safety Safety of of electrical electrical equipment equipment IEC IEC 61 61326-3-1 326-3-1 ISO ISO 113849-1 3849-1,, -2 -2 Safety-related Safety-related parts parts of of machinery machinery (SRPCS) (SRPCS) Non-electrical Non-electrical Test Test EMC EMC && FS FS US: US: NFPA NFPA 79 79 (2006) (2006) Electrical Electrical IEC IEC 62061 62061 IEC IEC 61 61508 508 series series Functional Functional safety safety (FS) (FS) (basic (basic standard) standard) Functional Functional safety safety for for machinery machinery (SRECS) (SRECS) (including (including EMC EMC for for industrial industrial environment) environment) Key (yellow) safety-related standards (blue) fieldbus-related standards (dashed yellow) this standard IEC 768/11 N OTE S u bcl au s es (h i g h com pl exi ty) an d (l ow com pl exi ty) of I E C 20 61 speci fy th e rel ati on sh i p between PL (Categ ory) an d SI L Fi g u re – Rel ati on sh i ps of I EC 61 784-3 wi th oth er stan d ard s (m ach i n ery) BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 – 52 – BS EN 61 784-3-1 8:201 – 50 – Attri bu te 61 784-3-1 Val u e N am e N u m ber of m apped safety appl i cati on obj ects Data type U n si g n ed Categ ory M an d atory Access attri bu te FS F SPDO m appi n g No Val u e ran g e x0 to xFE Val u e No Su b-i n d ex x0 to xFE N am e SPDO m appi n g for th e n th safety appl i cati on obj ect to be m apped Descri pti on Speci fi ed i n Tabl e Data type U n si g n ed 32 Categ ory Con d i ti on al d epen d i n g on th e n u m ber an d si ze of obj ects to be m apped Access attri bu te FS F SPDO m appi n g No Val u e ran g e No Val u e No 2 TxSPDO m appi n g param eter The tran sm it SPDO m appin g param eter obj ect is specified i n Tabl e 27 Tabl e 27 – Tran sm i t SPDO m appi n g param eter Attri bu te Val u e I n d ex x1 E 00 to x1 EFF N am e Tran sm i t S PDO m appi n g param eter Descri pti on M aps obj ect from safety obj ect d i cti on ary to safety PDU S ee Tabl e 25 Obj ect type RECORD Data type PDO_M APPI N G Categ ory Con d i ti on al ; M an d atory for each su pported TxSPD O Su b-i n d ex x0 N am e N u m ber of m apped safety appl i cati on obj ects Data type U n si g n ed Categ ory M an d atory Access attri bu te FS F SPDO m appi n g No Val u e ran g e x0 to xFE Val u e No Su b-i n d ex x0 to xFE N am e SPDO m appi n g for th e n th safety appl i cati on obj ect to be m apped Descri pti on Speci fi ed i n Tabl e Data type U n si g n ed 32 Categ ory Con d i ti on al d epen d i n g on th e n u m ber an d si ze of obj ects to be m apped I EC: 201 BS EN 61 784-3-1 8:201 I EC: 201 61 784-3-1 – 51 – At t ri b u t e BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 53 – Va l u e Access attri bu te FS F SPDO m appi n g No Val u e ran g e No Val u e No S t a n d a rd i z e d d e v i c e p ro fi l e s e c t i o n Safety appl icati on obj ects can be m apped with i n SPDOs Safety appl i cati on obj ects are l ocated in th e safety obj ect d icti onary area from 0x8000 to 0x9FFF These obj ects are m anu factu rer an d appl icati on specific S ys t e m re q u i re m e n t s 9 I n d i c a t o rs a n d s wi tch es I n d i c a to r s tat e s a n d fl a s h t e s Th e in d icator states an d flash rates are d efin ed i n Tabl e 28 Th e tim es l isted shal l be m et wi th a tol erance of l ess th an ± 25 % T a b l e – I n d i c a t o r s t a t e s d e fi n i t o n I n d i ca to r s ta te D e fi n i t i o n OFF Th e i n d i cator sh al l be stan tl y off ON Th e i n d i cator sh al l be stan tl y on B LI N KI N G H z Th e i n d i cator sh al l tu rn on an d off wi th a freq u en cy of H z B LI N KI N G H z Th e i n d i cator sh al l tu rn on an d off wi th a freq u en cy of H z I n d i c a t o rs Devices wh ich su pport FSCP 8/1 protocol sh ou l d h ave a STATU S i nd icator Th is i n d icator, typi cal l y LED, assists trou bl esh ooti ng , visu al i nspecti on, m ain ten ance an d d iag nosis of probl em s I f a d evice su pports the STATU S in d icator, th is i n d icator sh all com pl y wi th th is specification Ad d i ti onal i nd icators m ay be im pl em en ted The STATU S i n d icator shal l sh ow th e statu s of the FSCP 8/1 com m u n icati on A si ng l e bicol or i n d icator (green /red ) shal l be u sed The STATU S i n d icator sh al l be l abel ed wi th “FS SN p” The STATU S i n d icator states are specifi ed in Tabl e T a b l e – S T AT U S i n d i c a t o r s t a t e s I n d i ca to r s ta te D e fi n i t i o n OFF N o safety process d ata com m un i cati on i s acti ve G RE EN ON Al l fi g u red safety process d ata com m u n i cati on (SPDO) i s acti ve G RE EN B LI N KI N G H z At l east on e S PDO i s acti ve an d at l east on e S PDO i s n ot acti ve RED ON Con fi g u rati on i s i n val i d or i n si sten t RED BLI N KI N G H z I n tern al error BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 – 54 – BS EN 61 784-3-1 8:201 – 52 – 61 784-3-1 I EC: 201 S wi tc h e s There are n o swi tch es for FSCP 8/1 I n s t a l l ati o n gu i d eli n es Rel evan t i n stal l ati on g u id eli n es are specified by I EC 61 91 S a fe t y fu n c t i o n re s p o n s e t i m e G e n e l A safety fu ncti on m ay consist of several com pon en ts To d eterm in e th e safety fu ncti on response tim e, th e safety fu ncti on is d ecom posed i n to th e d ifferent com pon en ts shown i n Fi gu re Sen sor TS I n pu t processi ng TI Safety tran sm issi on T TOS Log ic TL Safety transm issi on Ou tpu t processi ng Actu ator TO TA T TOS T S FR IEC 783/1 F i g u re – S a fe t y re s p o n s e t i m e c o m p o n e n t s The safety fu ncti on chan nel consists of a sensor (for exam pl e l i g h t cu rtai n or em erg en cy stop bu tton ) to d etect th e actu ati on of th e safety fu ncti on Th is sensor verts th e ph ysical sig n al in an el ectrical si gn al Th is el ectrical si g nal is n ected to an i npu t d evice (for exam pl e, fu n cti onal safety i npu t m od u l e), wh i ch verts the el ectrical si gn al in l og ical i n pu t in form ation Th e l og ical i npu t i n form ati on is transm itted to the safety l ogi c trol l er vi a th e safety com m u nicati on s ystem Safety l og ic control l er com bi nes th e log ical i npu t inform ati on to l og ical ou tpu t i nform ati on, wh ich is transm itted to an ou tpu t d evice (for exam pl e fu nction al safety ou tpu t m od u l e) vi a the safety com m u nicati on s ystem Log ical ou tpu t i nform ation is verted to a ph ysical ou tpu t si g n al wh ich is n ected to an actu ator Th is actu ator perform s th e ph ysical reaction Each com pon en t is d escri bed by a characteristic tim e beh avior The fol l owi ng gen eral assu m pti ons are appl i ed for fu rth er consi d erati ons • • • • Al l com ponents of the safety fu ncti on ch ann el work asyn chron ou s Al l com pon ents of th e safety fu nction ch an n el are d escri bed by a worst case processi ng or response tim e wh ich is g u eran teed u n d er n on error d i ti ons For safety reasons, every com pon en t h as i ts su perposed tim eou t tim er (T TOi ) I n ord er to cal cu late th e safety fu ncti on response tim e one error or fai l u re sh al l be assu m ed i n th at si gn al path, wh ich contri bu tes th e m axim u m d ifference ti m e between its tim eou t an d i ts worst case processi n g or response tim e The ch aracteristic tim es of th e d evices sensor, in pu t, l og ic, ou tpu t an d actu ator are ou tsi d e th e scope of th is stand ard M ean i n gfu l i nform ation for th ese ch aracteristi c val ues sh ou ld be taken from com ponent specifications Each d evice sh al l provid e th ese val u es as part of th eir d evice properties – 55 – BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 53 – Determ in ation of FSCP 8/1 tim e expectation beh avior FSCP 8/1 d efin es a confi gu rabl e tim e expectati on behavi or (tim eou t) for th e d el i very of safety process d ata at th e recei ver sid e of a com m u nicati on rel ati on This beh avi or is im pl em ented by com m u ni cati on tim eou t T TOS For the safety fu ncti on chan nel two safety tran sm ission s are necessary The l og ic an d th e ou tpu t processi ng com pon ent operate as a recei ver an d im pl em ent th e tim e expectati on beh avior Th e cal cu l ation of T TOS is d escribed i n Eq u ati on (2) TT OS = Tcycle + ∆T (2) Th e SH B d oes n ot infl u en ce T TO S as it is on l y req u ired to syn chron i ze th e system cl ocks I n case the safety h eart beat d etects u nacceptabl e d el a ys, then th e fai l safe state is acti vated (see 3) 3 Calcu l ati on of th e worst case safety fu nction respon se tim e The basic safety fu nction ch an n el for the calcu l ati on of th e worst case safety fu ncti on is shown i n Fi g u re The safety fu n cti on response tim e can be cal cu l ated accord i n g to Eq u ation (3) To get th e worst case for the safety fu ncti on response tim e, on e error or fai l u re sh all be assu m ed i n th e safety fu nction chan nel I t contri bu tes th e m axim u m d ifference between its worst case d el a y tim e an d i ts tim eou t tim e TSFR N OTE = TS + TI + TT + TL + TT + TO + TA + imax (T − Ti ) =S,I, A TOi (3) I n d ex “i ” i d en ti fi es com pon en ts S , I , T, L, O an d A i n E q u ati on (3) S ystem m anu factu rers sh all provi d e th eir i n d i vi d u al ad apted calcu l ati on m ethod if n ecessary Du ration of dem and s Th e d u rati on of d em an d by the safety-related appl icati on to the safety com m u nicati on l ayer m ay be presen t as lon g as or l on g er th an th e process safety tim e or th e FSCP 8/1 tim eou t tim e (T TO ) Con straints for calcu l ation of system ch aracteristics 9 1 Safety related strai nts Gen eral The bou n d ary d iti ons and constrai n ts for the safety assessm ent of FS CP 8/1 an d for th e relevant calcu l ations of resid u al error rate are d escri bed wi th i n th e fol l owi n g cl au ses N u mber of inform ation sin ks Th e nu m ber of prod u cin g and su m in g d evices for a FSCP 8/1 n etwork is lim ited to 51 d evices Th e n u m ber of i nform ation si nks for a : n rel ati onsh i p is l im ited to 51 consu m in g d evices BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 – 56 – BS EN 61 784-3-1 8:201 – 54 – 61 784-3-1 I EC: 201 M essage rate l imi t The m essage rate sh al l n ot exceed 000 safety m essages per secon d Th e n u m ber of prod u cin g d evices an d the cycl e tim e h as to be consi d ered to n ot exceed th e m essag e rate l im it as sh own i n Eq u ati on (4) to (6) MRSPDO = ∑ 000 000 × NSI (4) CMI × TBC I∈ SPDO MRSHB = ∑ ∑ D1∈ devices D 2∈ devices D 2≠D1 000 000 × NSD1 CMD1 × TBC × MR = MRSPDO + MRSHB (5) (6) wh ere CMD1 is th e safety prod u cer h eartbeat param eter (I n d ex: 0x1 21 7, Su b-i n d ex: 0x07, cycl e m u l tipl i er) sent by d evice D1 (see Tabl e 20); CMI is th e Transm it SPD O com m u n ication param eter (I n d ex: 0x1 E00 0x1 EFF, Su b-i n d ex: 0x07, Cycl e m u l ti pl ier) for SPDOI (see Tabl e 24); NSD1 is th e safety prod u cer h eartbeat param eter (I n d ex: 0x1 7, Su b-i n d ex: 0x09, N u m ber of sen d s) sen t by d evice D (see Tabl e 0); NSI is th e Transm it SPD O com m u n ication param eter (I n d ex: 0x1 E00 0x1 EFF, Su b-i nd ex: 0x09, N u m ber of sen d s) for SPD OI (see Tabl e 24); MR MRS H B MRSPD O TB C is the Total m essag e rate; is th e M essag e rate for SH Bs; is the M essag e rate for SPD Os; is th e safety bu s cycle tim es The param eter is d epend i n g if CP 8/1 (I n d ex: 0x1 21 8, Su b-i n d ex 0x02 , Safety RTFL base cycl e tim e) or CP 8/2 (I n d ex: 0x1 21 8, Su b-i n d ex: 0x01 , Safety RTFN base cycl e tim e) is u sed (see Tabl e 21 ) M essage size The m essage si ze of one safety PD U consistin g of d ata fi el d s as shown i n Fi g u re is restricted from to 28 octets PI D Len g th S afety d ata X S I D X Con s n o X M essag e si ze i n octets CRC X IEC 784/11 Fig u re – Con si dered data field s for m essag e size calcu l ati on 5 Bit error rate The m axim u m bit error rate sh al l n ot exceed 0, 01 – 57 – BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 55 – Probabi l i sti c si d erati on s The d ata in tegri ty ch ecking m echan ism of the FS CP 8/1 is total l y i n d epend ent from th e BS EN 61 784-3-1 8:201 m echan ism s of th e u n d erl yi n g com m u n icati on s ystem , which then is cal l ed a "bl ack ch an nel " 61 784-3-1 I EC: 201 – 55 – Residual error probability Residual of one error PDU probability of one PDU Fi gu re is showi n g the d i ag ram s of resid u al error probabi li ties for th e u sed 32- bit 5.yn om i Probabi siing d erati on sce 6) Th e d iag ram is for d ata l eng ths of octets as pol al (m in iml iusti m cHcon am m Distan specified in i ncl u d i n g th e CRC si g n atu re an d i ncorporati ng th e overal l safety PDU The ctu d ata in tegri ty ch ecking ism l tiof FSof CPth1e8/1com is mtotal l y ion n d epend frombeen th e stru re as d escribed i n 1m echan The resu n gthe PFH u nicati ch an nent el has -9on s ystem , which then is cal l ed a-1 "bl ack ch an nel " m echan ism s of th e u n d erl yi n g com m u n icati calcu l ated to be l ess th an or eq u al to Th is l evel eq u als to 5, 43 x for th e resi d u al error probabi l i ty of on e PDU as sh own i n Fig u re I n ord er to ach ieve these l evels, th e d ata i ntegri g m ech ismd iisagmram an ds atory (see u7.al1 1error 2) probabi li ties for th e u sed 32- bit Fi gu rety1 8ch eckin is showi n g an the of resid pol yn om i al (m in im u m H am m ing Distan ce 6) Th e d iag ram is for d ata l eng ths of octets as specified in i ncl u d i n g th e CRC si g n atu re an d i ncorporati ng th e overal l safety PDU error rate stru ctu re as d escribed i n The resu l ti n gBit PFH of th e com m u nicati on ch an n el has been -9 eq u als to 5,–243 x -1 for th0 e resi d u al calcu l ated to be l–8 ess th an or eq u –6 al to Th is l evel –4 × 10 × 10 × 10 10 × th e d ata error probabi l i ty of on e PDU as sh own i n Fig u re I n ord er to1 ×ach ieve these 1l evels, i ntegri ty ch eckin g m ech an ism is m an d atory (see 2) × 0–1 × 0–25 –8 × 10 Residual error probability limit according to SIL × 0–37 × 0–1 × 0–49 × 0–25 × 0–61 × 0–37 × 0–73 × 0–49 × 0–85 × 0–61 × 0–73 28 octets data and 32 bit CRC × 0–85 1 1 1 1 Bit error rate × –6 × –4 × –2 × 00 28 octets data and 32 bit CRC Residual error probability limit according to SIL IEC 785/1 IEC 785/1 Fi g u re – Resi d u al error rate M n ten an ce There are n o speci al m ntenance req u irem ents for th is protocol Safety m an u al Fi g u re – Resi d u al error rate mManu nfactu ten an The rerceof th e safety d evice sh al l provid e a safety m anu al accord i n g to th e req u irem ents of I EC 61 508-2 with the d evice Besi d es th e req u irem en ts li sted i n I EC 61 508-2 There m ntenance th e fol lare owi nngo ispeci nformalation shal l be g req i venu:irem ents for th is protocol •9 M anSafety u factu m rerannuam al e an d ad ress; •TheWorst case tim e T m anu factu rer ofi ; th e safety d evice sh al l provid e a safety m anu al accord i n g to th e • uTim eou t tim req irem ents ofe I T EC TOi61 508-2 with the d evice Besi d es th e req u irem en ts li sted i n I EC 61 508-2 fol l owi n g i nform ation shal l be g i ven : •th e Probability of failure on d emand PFH ; N OTE Ti m es can d epen d on th e i n d i vi d u al safety fu n cti on s an d operati n g m od es • Safety M an u factu rer n am e an integrity l evel SIdL;ad ress; Assessment Worst test caseinterval tim e T iT • Proof ; (per I EC 61 508-6) and /or M ission Tm (per I SO 3849-1 ); Timh eou e T TOi protocol 7� enters � 3� 4) unlof essFS only version is supported I•t isSupported i g h l yt tim recom m enversion(s) d ed th at (see im pl em CP protocol 8/1 obtai n verificati on from � an iNnd epen d ent com peten t bod y for al l fu nction al safety aspects of th e prod u ct for both , th e OTE Ti m es can d epen d on th e i n d i vi d u al safety fu n cti on s an d operati n g m od es Assessment • M an u factu rer n am e an d ad ress ; BS 61 784-3-1 8:201 • EN Worst case tim e T1i ;+A1 :201 IEC 61 784-3-1 8:201 +A1 :201 • Tim eou t tim e T TOi N OTE – 58 – Ti m es can d epen d on th e i n d i vi d u al safety fu n cti on s an d operati n g m od es Assessment I t is h i g hl y i nd epen d ent protocol an d proof th at a bod y BS EN 61 784-3-1 8:201 56 –of FS CP 8/1 obtai 61 I EC: recom m end ed th at im plem en–ters n 784-3-1 verificati8on from201an1 com peten t bod y for al l fu n ction al safety aspects of th e prod u ct for both , th e an y appl icati on I t is h i g h l y recom m end ed that im plem en ters of FSCP 8/1 obtai n su i tabl e conform ance test h as been perform ed by an in d epen d en t com peten t The m anu factu rer of a safety prod u ct is respon si bl e for th e correct im pl em entati on of the safety com m u nicati on layer tech nol og y, the correctn ess an d com pl eteness of th e prod u ct d ocu m en tation an d i nform ation Th e com pl ete i nform ation is avai labl e i n [46] BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 – 59 – BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 57 – Annex A (inform ati ve) Additi onal informati on for fu nctional safety commu nication profiles of CPF There is n o ad d iti onal inform ation for th is FSCP BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 – 60 – – 58 – BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 An n e x B (inform ati ve) I n fo rm a ti o n fo r a s s e s s m e n t o f th e fu n c ti o n a l s a fe t y c o m m u n i c a ti o n p ro fi l e s o f C P F I nform ati on abou t test l aboratori es wh ich test and val i d ate th e conform ance of FSCP 8/1 prod u cts wi th I EC 61 784-3-1 can be obtai n ed from th e N ation al Com m ittees of th e I EC or from the fol l owi n g org an i zati on : Safety N etwork I n tern ati on al e V Robert-Bosch-Str 30 73760 Ostfi l d ern GERM AN Y Phon e: +49 71 3409 1 Fax: +49 71 3409 449 e-m l: info@safety-n etwork d e U RL: www safety-n etwork d e BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 – 61 – BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 59 – Bi bl i og raph y [1 ] I EC 60050 (al l parts), International Electrotechnical Vocabulary N OTE S ee al so th e I E C M u l ti l i n g u al Di cti on ary – E l ectri ci ty, El ectron i cs an d Tel ecom m u n i cati on s (avai l abl e on CD-RO M an d at ) [2] I EC 60204-1 , Safety of machinery – Electrical equipment of machines – Part : General requirements [3] I EC/TS 61 000-1 -2 , Electromagnetic compatibility (EMC) – Part 1-2: General – Methodology for the achievement of the functional safety of electrical and electronic equipment with regard to electromagnetic phenomena [4] I EC 61 31 -6 5, Programmable controllers – Part 6: Functional safety [5] I EC 61 58 (al l parts), Industrial communication networks – Fieldbus specifications [6] I EC 61 32 6-3-1 , Electrical equipment for measurement, control and laboratory use – EMC [7] [8] [9] [1 0] [1 ] [1 2] [1 3] [1 4] [1 5] [1 6] [1 7] [1 8] [1 9] [20] [2 ] requirements – Part 3-1 : Immunity requirements for safety-related systems and for equipment intended to perform safety related functions (functional safety) – General industrial applications I EC 61 32 6-3-2, Electrical equipment for measurement, control and laboratory use – EMC requirements – Part 3-2: Immunity requirements for safety-related systems and for equipment intended to perform safety related functions (functional safety) – Industrial applications with specified electromagnetic environment I EC 61 496 (al l parts), Safety of machinery – Electro-sensitive protective equipment I EC 61 508-1 : 201 0, Functional safety of electrical/electronic/programmable electronic safety-related systems – Part : General requirements I EC 61 508-4: 201 0, Functional safety of electrical/electronic/programmable electronic safety-related systems – Part 4: Definitions and abbreviations I EC 61 508-5: 201 0, Functional safety of electrical/electronic/programmable electronic safety-related systems – Part 5: Examples of methods for the determination of safety integrity levels I EC 61 51 (al l parts), Functional safety – Safety instrumented systems for the process industry sector I EC 61 784-1 , Industrial communication networks – Profiles – Part : Fieldbus profiles I EC/PW I 61 784-4 , Industrial communication networks – Profiles – Part 4: Secure communications for fieldbuses I EC 61 784-5 (al l parts), Industrial communication networks – Profiles – Part 5: Installation of fieldbuses – Installation profiles for CPF x I EC 61 800-5-2, Adjustable speed electrical power drive systems – Part 5-2: Safety requirements – Functional I EC/TR 62 059-1 , Electricity metering equipment – Dependability – Part 11 : General concepts I EC 62061 , Safety of machinery – Functional safety of safety-related electrical, electronic and programmable electronic control systems I EC/TR 6221 0, Power system control and associated communications – Data and communication security I EC 622 80-1 , Railway applications – Communication, signalling and processing systems – Part : Safety-related communication in closed transmission systems I EC 62280-2, Railway applications – Communication, signalling and processing systems – Part 2: Safety-related communication in open transmission systems I EC 62443 (al l parts), Industrial communication networks – Network and system security [2 2] _ I n preparati on U n d er si d erati on BS EN 61 784-3-1 8:201 +A1 :201 IEC 61 784-3-1 8:201 +A1 :201 – 62 – – 60 – BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 [2 3] I SO/I EC G u i d e 51 : 999, Safety aspects – Guidelines for their inclusion in standards Information technology – Vocabulary – Part 14: Reliability, maintainability and availability I SO/I EC 2382-1 6, Information technology – Vocabulary – Part 6: Information theory I SO/I EC 7498 (al l parts), Information technology – Open Systems Interconnection – Basic Reference Model I SO 021 8-1 , Robots for industrial environments – Safety requirements – Part : Robot I SO 21 00-1 , Safety of machinery – Basic concepts, general principles for design – Part : Basic terminology, methodology I SO 3849-1 , Safety of machinery – Safety-related parts of control systems – Part : General principles for design I SO 3849-2 , Safety of machinery – Safety-related parts of control systems – Part 2: Validation I SO 41 21 , Safety of machinery – Principles of risk assessment AN SI /I SA-84 00 01 -2004 (al l parts), Functional Safety: Safety Instrumented Systems for the Process Industry Sector VDI /VD E 21 80 (al l parts), Safeguarding of industrial process plants by means of process control engineering GS-ET-26 , Grundsatz für die Prüfung und Zertifizierung von Bussystemen für die Übertragung sicherheitsrelevanter Nachrichten , M ay 002 H VBG , G u stav-H ei nem an nU fer 30, D-50968 Köl n (" Principles for Test and Certification of Bus Systems for Safety relevant Communication ") AN DREW S TAN EN BAU M , Computer Networks , 4th Ed iti on , Prenti ce H all , N J , [24] I SO/I EC 2382-1 4, [25] [26] [2 7] [28] [29] [30] [31 ] [32] [33] [34] [35] I SBN -1 0: 01 30661 02 3, I SBN -1 3: 978-01 30661 029 [36] W WESLEY PETERSON , Error-Correcting Codes , 2n d Ed i tion 981 , M I T-Press, I SBN 0262-1 6-039-0 [37] BRU CE P DOU G LASS, Doing Hard Time , 999, Ad d ison -Wesl ey, I SBN 0-201 -49837-5 [38] New concepts for safety-related bus systems , 3rd I nternation al S ym posi um "Program m abl e El ectroni c S ystem s in Safety Rel ated Appl icati ons ", M a y 998, from Dr M ich ael Schäfer, BG -I n stitu te for Occu pati on al Safety an d H eal th [39] DI ETER CON RAD S, Datenkommunikation , 3rd Ed iti on 996, Vieweg , I SBN 3-528-2 45891 [40] G erm an I EC su bgrou p D KE AK 767 4: EMC and Functional Safety, Sprin g 002 [41 ] N FPA79 (2 002), Electrical Standard for Industrial Machinery [42] GU Y E CASTAG N OLI , On the Minimum Distance of Long Cyclic Codes and Cyclic Redundancy-Check Codes , 989, Dissertati on N o 8979 of ETH Zu rich , Switzerl an d [43] G U Y E CASTAG N OLI , STEFAN BRÄU ER, an d M ARTI N H ERRM AN N , Optimization of Cyclic Redundancy-Check Codes with 24 and 32 Parity Bits , J u n e 993, I EEE Transactions On Com m un ication s, Vol u m e 41 , N o [44] SCH I LLER F and M ATTES T: An Efficient Method to Evaluate CRC-Polynomials for Safety-Critical Industrial Communication , J ou rn al of Appli ed Com pu ter Sci ence, Vol 4, N o , pp 57- 80, Techn ical U niversity Press, Łódź, Poland, 2006 an d M ATTES T: Analysis of CRC-polynomials for Safety-critical Communication by Deterministic and Stochastic Automata , th I FAC S ym posi u m on Fau lt [45] SCH I LLER F Detection , Su pervision and Safety for Techn ical Processes, SAFEPROCESS 2006, pp 003-1 008, Beij in g , Ch i n a, 2006 [46] Technical Guideline Integration , V2 0, Decem ber 2008, Safety N etwork I n tern ati on al e V Ostfi l d ern, G erm an y _ G S -ET-2 h as served as on e of th e starti n g poi n ts for th i s part I t i s cu rren tl y u n d erg oi n g a m aj or revi si on BS EN 61 784-3-1 8:201 61 784-3-1 I EC: 201 – 63 – BS EN 61 784-3-1 8:2011 +A1 :201 IEC 61 784-3-1 8:2011 +A1 :201 – 61 – [47] CANopen Application Layer and Communication Profile, CiA Draft Standard 301 , Versi on 02, Febru ary 2002, CAN i n Au tom ati on e V , N ü rn berg , G erm an y This page deliberately left blank This page deliberately left blank NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW British Standards Institution (BSI) BSI is the national body responsible for preparing British Standards and other standards-related publications, information and services BSI is incorporated by Royal Charter British Standards and other standardization products are published by BSI Standards Limited About us Reproducing extracts We bring together business, industry, government, consumers, innovators and others to shape their combined experience and expertise into standards -based solutions For permission to reproduce content from BSI publications contact the BSI Copyright & Licensing team The knowledge embodied in our standards has been carefully assembled in a dependable format and re f ned through our open consultation process Organizations of all sizes and across all sectors choose standards to help them achieve their goals Information on standards We can provide you with the knowledge that your organization needs to succeed Find out more about British Standards by visiting our website at bsigroup.com/standards or contacting our Customer Services team or Knowledge Centre Buying standards You can buy and download PDF versions of BSI publications, including British and adopted European and international standards, through our website at bsigroup.com/shop, where hard copies can also be purchased If you need international and foreign standards from other Standards Development Organizations, hard copies can be ordered from our Customer Services team Copyright in BSI publications All the content in BSI publications, including British Standards, is the property of and copyrighted by BSI or some person or entity that owns copyright in the information used (such as the international standardization bodies) and has formally licensed such information to BSI for commercial publication and use Save for the provisions below, you may not transfer, share or disseminate any portion of the standard to any other person You may not adapt, distribute, commercially exploit, or publicly display the standard or any portion thereof in any manner whatsoever without BSI’s prior written consent Storing and using standards Standards purchased in soft copy format: • A British Standard purchased in soft copy format is licensed to a sole named user for personal or internal company use only • The standard may be stored on more than device provided that it is accessible by the sole named user only and that only copy is accessed at any one time • A single paper copy may be printed for personal or internal company use only Standards purchased in hard copy format: • A British Standard purchased in hard copy format is for personal or internal company use only • It may not be further reproduced – in any format – to create an additional copy This includes scanning of the document If you need more than copy of the document, or if you wish to share the document on an internal network, you can save money by choosing a subscription product (see ‘Subscriptions’) Subscriptions Our range of subscription services are designed to make using standards easier for you For further information on our subscription products go to bsigroup.com/subscriptions With British Standards Online (BSOL) you’ll have instant access to over 55,000 British and adopted European and international standards from your desktop It’s available 24/7 and is refreshed daily so you’ll always be up to date You can keep in touch with standards developments and receive substantial discounts on the purchase price of standards, both in single copy and subscription format, by becoming a BSI Subscribing Member PLUS is an updating service exclusive to BSI Subscribing Members You will automatically receive the latest hard copy of your standards when they’re revised or replaced To f nd out more about becoming a BSI Subscribing Member and the bene f ts of membership, please visit bsigroup.com/shop With a Multi-User Network Licence (MUNL) you are able to host standards publications on your intranet Licences can cover as few or as many users as you wish With updates supplied as soon as they’re available, you can be sure your documentation is current For further information, email subscriptions@bsigroup.com Revisions Our British Standards and other publications are updated by amendment or revision We continually improve the quality of our products and services to bene f t your business If you f nd an inaccuracy or ambiguity within a British Standard or other BSI publication please inform the Knowledge Centre Useful Contacts Customer Services Tel: +44 345 086 9001 Email (orders): orders@bsigroup com Email (enquiries): cservices@bsigroup com Subscriptions Tel: +44 345 086 9001 Email: subscriptions@bsigroup com Knowledge Centre Tel: +44 20 8996 7004 Email: knowledgecentre@bsigroup com Copyright & Licensing Tel: +44 20 8996 7070 Email: copyright@bsigroup com BSI Group Headquarters 389 Chiswick H igh Road Lond on W4 4AL U K