SF_OutControl block
Function block
This function block controls the output of a safe device using its enable output S_OutControl.
The safe output parameter is controlled based on a signal from the standard controller (operational start/stop) and a safe signal (monitoring of a safety function).
The safe signal typically comes from an upstream safety function (e.g. emergency switch-off).
Interface
|
I/O |
Name |
Data type |
Initial value |
Description |
|
IN |
Activate |
BOOL |
FALSE |
|
|
IN |
S_SafeControl |
SAFEBOOL |
SAFEFALSE |
Variable. Control signal of the upstream safety function block. Typical function block signals from the library (e.g. SF_EStop, SF_Guard, SF_TwoHand¬Control-TypeII and/or others). SAFEFALSE: The upstream safety function blocks are in the safe state. SAFETRUE: The upstream safety function blocks allow safety control. |
|
IN |
ProcessControl |
BOOL |
FALSE |
Variable or constant. Control signal from the standard application. FALSE: Request: Set S_OutControl to SAFEFALSE. TRUE: Request: Set S_OutControl to SAFETRUE. |
|
IN |
StaticControl |
BOOL |
FALSE |
Constant. Optional conditions for process control. FALSE: Dynamic change required for ProcessControl(FALSE → TRUE) after block activation or triggered safety function. Additional function start required. TRUE: No dynamic change required for ProcessControl(FALSE → TRUE) after function block activation or triggered safety function. |
|
IN |
S_StartReset |
SAFEBOOL |
SAFEFALSE |
|
|
IN |
S_AutoReset |
SAFEBOOL |
SAFEFALSE |
|
|
IN |
Reset |
BOOL |
FALSE |
|
|
OUT |
Ready |
BOOL |
FALSE |
|
|
OUT |
S_OutControl |
SAFEBOOL |
SAFEFALSE |
Controls connected actuators. SAFEFALSE: Disable connected actuators. SAFETRUE: Activate connected actuators. |
|
OUT |
SafetyDemand |
BOOL |
FALSE |
|
|
OUT |
ResetRequest |
BOOL |
FALSE |
|
|
OUT |
Error |
BOOL |
FALSE |
|
|
OUT |
DiagCode |
WORD |
16#0000 |
Function description
Optional additional operational stop on triggered safety function
Depending on the specification on input parameter StaticControl, an operational stop (ProcessControl = FALSE) in the standard controller is optionally required when the upstream safety function is triggered and/or the function block is disabled. For this, the signal from the standard controller is monitored by the function block (input parameter ProcessControl). An operational start (ProcessControl = TRUE) is only possible with this option if the function block is enabled and a non-triggered safety function is detected.
In must be noted that the function block can directly control a downstream safe output in the application in the event of outputs that cannot be read back. For outputs that can be read back, the function block enable output S_OutControl must be connected to the safe output in the application using function block SF_EDM.
Note
Inputs StaticControl , S_StartReset and S_AutoReset are only permitted to indicate state TRUE or SAFETRUE if it is ensured that no hazardous situation can occur when the safety controller / application is started.
Safety function no longer requested
Within the safe control system, the function block optionally (see Start interlock ) ensures that the signal on the enable output is not set to SAFETRUE solely because the safety function is no longer being requested. This requires another manual action on input parameter Reset (see Start interlock ).
Additional information
S_StartReset = SAFEFALSE
1) Start
2) Normal operation
3) Error
S_StartReset = SAFETRUE
1) Start
2) Normal operation
3) Error
Error detection
The following conditions force a transition to the error state:
Invalid static reset signal in the process.
Invalid static signal ProcessControl.
Due to a programming error, ProcessControl and Reset are connected incorrectly.
Error behavior
In the event of an error, output S_OutControl is set to SAFEFALSE and remains in this safe state.
To exit error states Reset, Init or Lock, input Reset must be set to FALSE. To leave the error state Control, input ProcessControl must be set to FALSE.
After transitioning from S_SafeControl to SAFETRUE, the optional start interlock can be reset by a rising edge on input Reset.
After block activation, the optional start interlock can be reset by a rising edge on input Reset.
Error and status messages
Function block specific error codes
|
DiagCode |
Name |
Description and output settings |
|
C001 |
Reset error 1 |
Static reset in status 8401. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = TRUE |
|
C011 |
Reset error 2 |
Static reset in status 8402. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = TRUE |
|
C010 |
Control error |
Static signal at ProcessControl in state 8006. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = TRUE |
|
C020 |
Init error |
Trigger rising simultaneously at Reset and ProcessControl in state 8401. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = TRUE |
|
C030 |
Lock error |
Trigger rising simultaneously at Reset and ProcessControl in state 8404. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = TRUE |
Function block-specific status codes (no error)
|
DiagCode |
Name |
Description and output settings |
|
0000 |
Idle |
Function block is not active (initial state). Ready = FALSE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE |
|
8401 |
Init |
Block activation start interlock is active. Reset required. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = TRUE Error = FALSE |
|
8802 |
Safe |
Triggered safety function. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = TRUE ResetRequest = FALSE Error = FALSE |
|
8404 |
Lock |
Safety function start interlock is active. Reset required. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = TRUE Error = FALSE |
|
8006 |
Output disable |
Process control is not active. Ready = TRUE S_OutControl = SAFEFALSE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE |
|
8000 |
Output enable |
Process control is active and safety is enabled. Ready = TRUE S_OutControl = SAFETRUE SafetyDemand = FALSE ResetRequest = FALSE Error = FALSE |