Function block
- Interface
Function description
Additional information
- Typical timing diagrams
Error detection
Error behavior
Error and status messages
- Function block specific codes
- Function block specific codes (no error)

Function block

This function block is a safety-related function block for monitoring an emergency switching-off control device. The function block can be used for emergency stop functionality (stop category 0) or - with additional peripheral support - as emergency stop (stop category 1 or 2).

images/download/attachments/521702451/sf_emergencystop_v1_00-version-1-modificationdate-1685613089556-api-v2.png

Interface

I/O	Name	Data type	Initial value	Description
IN	Activate	BOOL	FALSE	see General parameters
IN	S_EStopIn	SAFEBOOL	SAFEFALSE	Safety request input. Variable. SAFEFALSE: Request for safety-related feedback (e.g. emergency stop button is pressed). SAFETRUE: No request for safety-related feedback (e.g. emergency stop button not pressed).
IN	S_StartReset	SAFEBOOL	SAFEFALSE	see General parameters
IN	S_AutoReset	SAFEBOOL	SAFEFALSE	see General parameters
IN	Reset	BOOL	FALSE	see General parameters
OUT	Ready	BOOL	FALSE	see General parameters
OUT	S_EStopOut	SAFEBOOL	SAFEFALSE	Output for safety-related feedback. SAFEFALSE: Safety output disabled. Request for safety-related feedback (e.g. emergency stop button pressed, reset required or internal error active). SAFETRUE: Safety output enabled. No request for safety-related feedback (e.g. emergency stop button not pressed, no internal errors active).
OUT	SafetyDemand	BOOL	FALSE	see General parameters
OUT	ResetRequest	BOOL	FALSE	see General parameters
OUT	Error	BOOL	FALSE	see General parameters
OUT	DiagCode	WORD	16#0000	see General parameters

Function description

Release signal S_EStopOut is reset to FALSE as soon as input S_EStopIn is set to FALSE. Release signal S_EStopOut is only reset to TRUE if input S_EStopIn is set to TRUE and a reset occurs. Resetting the release depends on defined inputs S_StartReset, S_AutoReset and Reset.

If S_AutoReset = TRUE, confirmation is done automatically.

If S_StartReset = TRUE, confirmation is done automatically on the first startup of the safety-relevant application controller.

If S_AutoReset = FALSE or S_StartReset = FALSE, the release is confirmed by a rising trigger at the reset input.

Inputs S_StartReset and S_AutoReset are only permitted to be enabled if it has been ensured that no hazardous situation can occur when the safety-relevant application controller is started.

SF_EmergencyStop is used to monitor single- and dual-channel emergency stop buttons. For example, additional function block SF_Equivalent can be used for dual-channel applications to check whether the contact synchronization has been exceeded. The category classification per EN ISO 13849-1 depends on the end elements used.

SF_EmergencyStop automatically detects static TRUE at reset. Further error detection, e.g. open or short circuit, depends on the associated hardware used.

Additional information

Typical timing diagrams

SF_EmergencyStop: S_StartReset = FALSE

images/download/attachments/521702475/sf_emergencystop_zeitdiagramm1_EN-version-1-modificationdate-1695290629685-api-v2.png

1) Startup sequence

2) Normal operation with reset

SF_EmergencyStop: S_StartReset = TRUE

images/download/attachments/521702499/sf_emergencystop_zeitdiagramm2_EN-version-1-modificationdate-1695290642959-api-v2.png

1) Startup sequence with S_StartReset

2) Normal operation with reset

SF_EmergencyStop: S_StartReset = FALSE, S_AutoReset = TRUE

images/download/attachments/521702523/sf_emergencystop_zeitdiagramm3_EN-version-1-modificationdate-1695290651952-api-v2.png

1) Startup sequence

2) Normal operation with S_AutoReset

Error detection

The function block detects a static TRUE signal on the reset input.

Error behavior

S_EStopOut is set to FALSE. With a static TRUE signal on input Reset, output DiagCode displays the corresponding error code and output Error is set to TRUE.

Reset must be set to FALSE to exit the error states.

Error and status messages

Function block specific codes

DiagCode

Name

Description and output settings

C001

Reset Error 1

Reset is TRUE until S_EStopIn = TRUE.

Ready = TRUE

S_EStopOut = FALSE

SafetyDemand = FALSE

ResetRequest = FALSE

Error = TRUE

C011

Reset Error 2

Function block specific codes (no error)

DiagCode	Name	Description and output settings
0000	Idle	The function block is inactive (initial status). Ready = FALSE S_EStopOut = FALSE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE
8001	Init	Activate is TRUE. The function block has been enabled. It must be checked whether S_StartReset is required. Ready = TRUE S_EStopOut = FALSE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE
8802	Wait for S_EstopIn 1	Activate is TRUE. It must be checked whether Reset is FALSE and S_EStopIn = TRUE be waited for. Ready = TRUE S_EStopOut = FALSE SafetyDemand = TRUE ResetRequest = FALSE Error = FALSE
8402	Wait for reset 1	Activate and S_EStopIn is TRUE. It is necessary to wait for the rising reset trigger. Ready = TRUE S_EStopOut = FALSE SafetyDemand = FALSE ResetRequest = TRUE Error = FALSE
8804	Wait for S_EstopIn 2	Activate is TRUE. Safety request detected. It must be checked whether Reset = FALSE and S_EStopIn = TRUE be waited for. Ready = TRUE S_EStopOut = FALSE SafetyDemand = TRUE ResetRequest = FALSE Error = FALSE
8404	Wait for reset 2	Activate and S_EStopIn is TRUE. S_AutoReset must be checked or be waited for the rising trigger of reset. Ready = TRUE S_EStopOut = FALSE SafetyDemand = FALSE ResetRequest = TRUE Error = FALSE
8000	Safety output enabled	Activate and S_EStopIn is TRUE. Function mode with S_EStopOut = TRUE. Ready = TRUE S_EStopOut = TRUE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE