Safe stop 1 (SS1)
Properties
- Safety function according to DIN EN 61800-5-2:2008-04
- Controlled stop according to EN 60204-1, stop category 1
- Automatic or user-controlled deceleration procedure
- Safe monitoring of the deceleration procedure (2-channel actual speed value monitoring)
- Protection against restart
Description
The safety function is started by the corresponding bit in the control data.
The acknowledgement is fed back by status data.
The initialised SS1 safety function monitors the deceleration procedure of the drive and subsequently transfers the drive into 'Safe torque off (STO)'.
|
|
|
|
|
Danger to life due to unexpected movements! The drive will be torque-free in the status 'Safe torque off (STO)', in case of mains failure or in case of faulty drive controller. External application of force on the drive axis may result in life-threatening movements (e.g. hanging axes can fall down). Steps to prevent:
|
The deceleration procedure is automatically initiated by the safety function or by the user controller.
- Safety function initiates deceleration procedure
- SS1 withdraws 'controller enable' RF:
Drive controlled braking with ID32782 'Deceleration ramp RF inactive' - ...
- SS1 withdraws 'controller enable' RF:
- User control unit initiates deceleration procedure
- Speed setpoint = 0:
Deceleration ramp with ID32781 'Deceleration ramp' - Withdrawal of 'controller enable' RF:
Drive controlled braking with ID32782 'Deceleration ramp RF inactive' - Control unit interpolates a movement profile and sends cyclical setpoints to the drive
- ...
- Speed setpoint = 0:
Example 1: Drive movement meets the permissible range of movement
|
Time t |
Explanation |
|---|---|
|
t = t0 |
The safety function is started by a 1-0 edge and cannot be interrupted. |
|
t0 < t < t1 |
During the transition period, the actual speed value of the drive must be adjusted to the parameterised limits of the started safety function. The parameterised limits are not monitored yet. |
|
t1 ≤ t < t2 |
The safety function monitors the parameterised ramp and checks whether the actual speed value meets the permissible range of movement. |
|
t ≥ t2 |
The safety function switches the drive into the STO state and sets the STO acknowledgement bit. In the STO state, drive movements are no longer monitored since no further error reaction is possible. |
|
t = t3 |
STO acknowledgement at maximum speed |
Reaction in case of an error
As soon as the safety function detects a deviation from the limits of the monitored values, the drive is set to the safe state 'Safe torque off (STO)' (example 2).
|
|
|
|
|
Danger to life due to unexpected movements! The drive will be torque-free in the status 'Safe torque off (STO)', in case of mains failure or in case of faulty drive controller. External application of force on the drive axis may result in life-threatening movements (e.g. hanging axes can fall down). Steps to prevent:
|
Example 2: Drive movement deviates from the parameterised ramp
|
Time t |
Explanation |
|---|---|
|
t = t0 |
The safety function is started by a 1-0 edge and cannot be interrupted. |
|
t0 < t < t1 |
During the transition period, the actual speed value of the drive must be adjusted to the parameterised limits of the started safety function. The parameterised limits are not monitored yet. |
|
t1 ≤ t < t2 |
The safety function monitors the parameterised ramp and checks whether the actual speed value meets the permissible range of movement. |
|
t = t2 |
The safety function detects an error, switches the drive into the STO state and sets the error bit. |
|
t ≥ t2 |
In the STO state, drive movements are no longer monitored since no further error reaction is possible. |
Acknowledge an error with "Clear error"
As soon as an active safety function detects a deviation from the limits of the monitored values, the drive is set to the intended stop function. The error bit (FSoE status bit 7) is set and the acknowledgment of the safe status is withdrawn.
With the 'Clear error' signal (FSoE control bit 7 or the 'Clear error' command in the drive controller) the
error status ist acknowledged (deleted). If during and after the 'Clear error' the start signal from a previous safety function is still active and no other changes to the settings of the safety function have been made, the safety function restarts and also transition times (if available) work again.
Parameters
Safe parameters
|
Parameter |
Name |
Code |
Unit |
Min |
Max |
|
'SS1 transition period' |
T(d,SS1) |
ms |
0 |
65535 |
|
'SS1 brake ramp time' |
T(SS1) |
ms |
0 |
65535 |
|
'SS1 safe speed standstill window' |
N(zero,SS1) |
U/min |
0 |
60000 |
|
'SMS safe maximum speed' |
N(max,SMS) |
rpm |
0 |
60000 |
