Safety function for SI6 or SC6 servo drive
- STO and SS1 via FSoE according to EN 61800-5-2
- PLe (Cat.4) according to EN ISO 13849-1
- Integrated in SI6 or SC6 servo drive
The SY6 safety function is an extension of the SI6 or SC6 servo controller. With the SY6 option, the servo inverter can be included in the safety circuit as a safety related part of the control system (SRP / CS) for the redundant disconnection of the motor / actuator torque (STO).
The safety function has a two channel design. Both channels STOa and STOb are independent and must both be inactive in order to enable the motor torque (STO function not active). With the STO function active, the PWM signal to the power stage of the servo controller is switched off redundantly by the SY6 module so that the motor can no longer supply torque.
The SY6 security module implements an FSoE (Fale Safe over EtherCAT) slave. This exchanges control and status information with the FSoE master via the EtherCAT master according to the "black channel" principle (security protocol over a standard network channel). The FSoE slave receives safety-related data, checks for plausibility and switches the two safety channels to the power stage.
The SY6 safety module supports the Safe Torque Off (STO) and Safe Stop 1 (SS1-t) safety functions in accordance with EN 61800-5-2. The safety control (safety PLC) must activate both the STO and the SS1 output of the SI6 / SC6 servo inverter to allow the servomotor to deliver torque. If only one of the outputs is configured, the SI6 / SC6 servo inverter remains in a safe state (STO active).
The signal flow of the STO function according to stop category 0 in accordance with EN 60204-1 is shown in the diagram below.
SS1 corresponds to stop category 1 in accordance with EN 60204-1.
The SS1-t safety function ensures the time-controlled standstill of a motor with subsequent coupling-free status (STO is activated after a time delay), regardless of whether the motor has already come to a standstill.
The SS1 delay time T_SS1 is a safety-related parameter defined from the safety control (safety PLC).
The safety functions STO and SS1-t relate to the complete SI6 or SC6 module and are not asspecific. On dual axis controllers, both axles are brought into a safe state at the same time. An activated SS1 can not be interrupted.