HIMax Safety Manual - Tuv-fs.com
HIMax Safety Manual - Tuv-fs.com HIMax Safety Manual - Tuv-fs.com
10 User program HIMax10.2.10 Checklist for Creating a User ProgramTo comply with all safety-related aspects during the programming phase, HIMArecommends using the following checklist prior to and after loading a new or modifiedprogram.CompanyHIMaxChecklist for Creating a User ProgramV.1.0LocationObjectiveFile/ArchiveChecks Yes No RemarkWhile creating the program / Before modifying the programAre the user program and PES configurations based on asafety analysis? Are programming guidelines usedwhile creating the user program? Are functionally independent parts of the programencapsulated in functions and function blocks? Are only safe signals used for all safety functions? Does each safety-related signal source properly reach theuser program (also through communication)? Is each safety-related signal drain properly written (alsothrough communication)? After modifying the program – Before loading the programDid a person not involved in creating the program check thatthe user program complies with the mandatory system specifications?Is the test result documented and released (date/signature)? Was the user program compiled twice and were the tworesulting configuration CRCs compared upon completion? Has a copy of the entire project been archived? After modifying the program – After loading the programWas a sufficient number of tests performed for all safetyrelevantlogic operations (including I/O) and for all mathematic operations?Was all force information reset before starting safe operation? Do the enable switches "Readonly in Run" and "Reloaddeactivation" correspond to the settings for the maximum / defined protection?Were the versions (CRCs) of the operating systems of themodules officially approved and certified by the TÜV? Page 58 of 70HI 801 003 D Rev.2.0
HIMax11 Configuring Communication11 Configuring CommunicationIn addition to using the physical input and output variables, variables can also beexchanged with other system through a data connection. In this case, the variables aredeclared with the programming system SILworX , from within the Protocols area of thecorresponding resource.11.1 Standard ProtocolsMany communication protocols only ensure a non-safety-related data transmission. Theseprotocols can be used for the non-safety-related aspects of an automation task.DANGERPersonal injury due to usage of unsafe import dataDo not use any data imported from unsafe sources for safety functions in the userprogram.The following standard protocols are available:• On the Ethernet interfaces on the communication module- Modbus TCP (master/slave)- SNTP- Send/Receive TCP• On the fieldbus interfaces (RS 485) of the communication module according to thedevice model- Modbus (master/slave)- PROFIBUS DP (master/slave)11.2 Safety-Related Protocol (safeethernet)Use the safeethernet Editor to configure how safety-related communication is monitored.To do this, enter the monitoring time "ReceiveTMO“. If no variables are written within thedefined time period, they are set in the PES according to the Freeze Values on LostConnection [ms].For safety-related functions implemented via safeethernet, only the Use Initial Data settingmay be used.NOTICEUnintentional transition to the safe state possible!ReceiveTMO is a safety-related parameter!If all of the values must be transferred, the value of a given signal must be present forlonger than the "ReceiveTMO“ or it must be monitored using a loop-back function.ReceiveTMO is the monitoring time of PES 1 within which a correct response from PES 2must be received.HI 801 003 D Rev.2.0 Page 59 of 70
- Page 8: 1 Safety Manual HIMax1.5 GlossaryTe
- Page 12 and 13: 2 Intended Use HIMaxStandardEC/EN 6
- Page 14 and 15: 2 Intended Use HIMax2.3.4 Power Sup
- Page 16 and 17: 3 Safety Concept for Using the PES
- Page 18 and 19: 3 Safety Concept for Using the PES
- Page 20 and 21: 3 Safety Concept for Using the PES
- Page 22 and 23: 3 Safety Concept for Using the PES
- Page 24 and 25: 4 Processor Modules HIMaxNOTESystem
- Page 26 and 27: 5 System Bus Module HIMaxWARNINGPhy
- Page 28 and 29: 6 Communication Module HIMax6 Commu
- Page 30 and 31: 7 Input Modules HIMaxNOTICESystem m
- Page 32 and 33: 7 Input Modules HIMax7.6 Checklists
- Page 34 and 35: 7 Input Modules HIMax7.6.3 Checklis
- Page 36 and 37: 7 Input Modules HIMax7.7 Safety-Rel
- Page 38 and 39: 7 Input Modules HIMax7.8 Checklist
- Page 40 and 41: 8 Output Modules HIMax8 Output Modu
- Page 42 and 43: 8 Output Modules HIMaxIn this state
- Page 44 and 45: 8 Output Modules HIMax8.7 Checklist
- Page 46 and 47: 9 Software HIMax9 SoftwareThe softw
- Page 48 and 49: 9 Software HIMax9.4 Resource Parame
- Page 50 and 51: 9 Software HIMaxExample: A key swit
- Page 52 and 53: 9 Software HIMaxThe user only need
- Page 54 and 55: 10 User program HIMaxSensors (digit
- Page 56 and 57: 10 User program HIMax10.2.5 Downloa
- Page 60 and 61: 11 Configuring Communication HIMaxN
- Page 62 and 63: 11 Configuring Communication HIMaxF
- Page 64 and 65: 11 Configuring Communication HIMaxP
- Page 66 and 67: AppendixHIMaxIndex of FiguresFigure
- Page 68: AppendixHIMaxIndexanalog inputsuse
10 User program <strong>HIMax</strong>10.2.10 Checklist for Creating a User ProgramTo <strong>com</strong>ply with all safety-related aspects during the programming phase, HIMAre<strong>com</strong>mends using the following checklist prior to and after loading a new or modifiedprogram.Company<strong>HIMax</strong>Checklist for Creating a User ProgramV.1.0LocationObjectiveFile/ArchiveChecks Yes No RemarkWhile creating the program / Before modifying the programAre the user program and PES configurations based on asafety analysis? Are programming guidelines usedwhile creating the user program? Are functionally independent parts of the programencapsulated in functions and function blocks? Are only safe signals used for all safety functions? Does each safety-related signal source properly reach theuser program (also through <strong>com</strong>munication)? Is each safety-related signal drain properly written (alsothrough <strong>com</strong>munication)? After modifying the program – Before loading the programDid a person not involved in creating the program check thatthe user program <strong>com</strong>plies with the mandatory system specifications?Is the test result documented and released (date/signature)? Was the user program <strong>com</strong>piled twice and were the tworesulting configuration CRCs <strong>com</strong>pared upon <strong>com</strong>pletion? Has a copy of the entire project been archived? After modifying the program – After loading the programWas a sufficient number of tests performed for all safetyrelevantlogic operations (including I/O) and for all mathematic operations?Was all force information reset before starting safe operation? Do the enable switches "Readonly in Run" and "Reloaddeactivation" correspond to the settings for the maximum / defined protection?Were the versions (CRCs) of the operating systems of themodules officially approved and certified by the TÜV? Page 58 of 70HI 801 003 D Rev.2.0