BSI 13/30294110 DC:2013 Edition
$54.81
BS EN 61784-3. Industrial communication networks. Profiles. Part 3-2. Functional safety fieldbuses. Additional specifications for CPF 2. Part 3-3. Functional safety fieldbuses. Additional specifications for CPF 3. Part 3-8. Functional safety fieldbuses. Additional specifications for CPF 8. Part 3-13. Functional safety fieldbuses. Additional specifications for CPF 13. Part 3-17. Functional safety fieldbuses. Additional specifications for CPF 17. Part 3-18. Functional safety fieldbuses. Additiona”
| Published By | Publication Date | Number of Pages |
| BSI | 2013 | 716 |
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 20 | 1 Scope 2 Normative references |
| 21 | 3 Terms, definitions, symbols, abbreviated terms and conventions 3.1 Terms and definitions |
| 22 | 3.1.1 Common terms and definitions |
| 25 | 3.1.2 CPF 2: Additional terms and definitions |
| 26 | 3.2 Symbols and abbreviated terms 3.2.1 Common symbols and abbreviated terms 3.2.2 CPF 2: Additional symbols and abbreviated terms |
| 27 | 3.3 Conventions 4 Overview of FSCP 2/1 (CIP Safety™) 4.1 General |
| 28 | 4.2 FSCP 2/1 |
| 29 | 5 General 5.1 External documents providing specifications for the profile 5.2 Safety functional requirements 5.3 Safety measures |
| 30 | 5.4 Safety communication layer structure |
| 31 | 5.5 Relationships with FAL (and DLL, PhL) 5.5.1 General 5.5.2 Data types 6 Safety communication layer services 6.1 Introduction 6.2 Connection object 6.2.1 General 6.2.2 Class attribute extensions |
| 32 | 6.2.3 Service extensions |
| 33 | 6.2.4 Explicit message response format for SafetyOpen and SafetyClose 6.3 Connection Manager object 6.3.1 General |
| 34 | 6.3.2 ForwardOpen for safety 6.3.2.1 ForwardOpen for safety contents |
| 35 | 6.3.2.2 ForwardOpen for safety for Extended Format |
| 36 | 6.3.3 Safety network segment 6.3.3.1 Common format 6.3.3.2 Safety network segment: target format (00hex) |
| 37 | 6.3.3.3 Safety network segment: router format (01hex) |
| 38 | 6.3.3.4 Safety network segment: Extended Format (0x02) |
| 39 | 6.3.4 Originator rules for calculating the connection parameter CRC 6.3.5 SafetyOpen processing flowcharts |
| 42 | 6.3.6 Checks required by Multipoint producers with existing connections |
| 43 | 6.3.7 Electronic key usage for safety 6.3.8 RPI vs. API in safety connections 6.3.9 Application path construction for safety |
| 44 | 6.3.10 Safety Validator connection types |
| 46 | 6.3.11 Application reply data in a successful SafetyOpen response |
| 48 | 6.3.12 Unsuccessful SafetyOpen response |
| 50 | 6.3.13 ForwardClose for safety 6.4 Identity object 6.4.1 General 6.4.2 Changes to common services |
| 51 | 6.4.3 Extensions for CP 16/3 devices 6.5 Link objects 6.5.1 DeviceNet object changes 6.5.1.1 Additional attribute for safety |
| 52 | 6.5.1.2 Quick Connect restriction for safety 6.5.2 TCP/IP Interface object changes 6.5.3 SERCOS III Link object 6.5.3.1 General 6.5.3.2 Class attributes 6.5.3.3 Instance Attributes |
| 53 | 6.5.3.4 Common services 6.6 Safety Supervisor object 6.6.1 General |
| 54 | 6.6.2 Safety Supervisor class attributes 6.6.3 Subclasses 6.6.4 Safety Supervisor instance attributes |
| 57 | 6.6.5 Semantics 6.6.5.1 Manufacturer name |
| 58 | 6.6.5.2 Software revision level 6.6.5.3 Hardware revision level 6.6.5.4 Manufacturer’s serial number 6.6.5.5 Device status 6.6.5.6 Exception status |
| 59 | 6.6.5.7 Exception detail alarm and exception detail warning 6.6.5.8 Common exception detail |
| 60 | 6.6.5.9 Common exception detail attribute values 6.6.5.10 Device exception detail 6.6.5.11 Manufacturer exception detail |
| 61 | 6.6.5.12 Alarm enable and warning enable 6.6.5.13 Time 6.6.5.14 Scheduled maintenance expiration timer |
| 62 | 6.6.5.15 Scheduled maintenance expiration warning enable 6.6.5.16 Configuration lock 6.6.5.17 Configuration UNID (CFUNID) |
| 63 | 6.6.5.18 Safety Configuration Identifier (SCID) 6.6.5.19 Target UNID (TUNID) 6.6.5.20 Proposed TUNID (OUNID) 6.6.5.21 Output Connection Owner (OCPUNID) |
| 64 | 6.6.6 Subclasses 6.6.7 Safety Supervisor common services 6.6.7.1 Common services overview |
| 65 | 6.6.7.2 Recover service 6.6.7.3 Perform_Diagnostics service |
| 66 | 6.6.7.4 Configure_Request service 6.6.7.5 Validate_Configuration service |
| 69 | 6.6.7.6 Set_Password service |
| 70 | 6.6.7.7 Reset_Password service 6.6.7.8 Configuration_Lock/Unlock service |
| 71 | 6.6.7.9 Mode Change service 6.6.7.10 Safety_Reset service |
| 72 | 6.6.7.11 Propose_TUNID service |
| 73 | 6.6.7.12 Apply_TUNID service |
| 75 | 6.6.8 Safety Supervisor behavior 6.6.8.1 Safety Supervisor object states |
| 76 | 6.6.8.2 Safety Supervisor state event matrix |
| 79 | 6.6.8.3 Effect of locking on device behavior 6.6.8.4 State mapping of Safety Supervisor object to Identity object |
| 80 | 6.6.8.5 Safety Supervisor object event to Identity object event mapping 6.6.8.6 Identity object event to Safety Supervisor event mapping |
| 81 | 6.7 Safety Validator object 6.7.1 General 6.7.2 Class attributes |
| 82 | 6.7.3 Instance attributes 6.7.3.1 Instance attributes overview |
| 84 | 6.7.3.2 Safety Validator state 6.7.3.3 Safety Validator type |
| 85 | 6.7.3.4 Ping interval EPI multiplier 6.7.3.5 Time Coord Msg min multiplier |
| 86 | 6.7.3.6 Network time expectation multiplier 6.7.3.7 Timeout multiplier 6.7.3.8 Max consumer number 6.7.3.9 Data connection instance 6.7.3.10 Coordination connection instance 6.7.3.11 Correction connection instance 6.7.3.12 CCO binding |
| 87 | 6.7.3.13 Max data age 6.7.3.14 Producer/Consumer Fault Counter 6.7.4 Class services 6.7.5 Instance services 6.7.5.1 Instance services overview 6.7.5.2 Get_Attributes_All Response |
| 88 | 6.7.6 Object behavior 6.7.6.1 State transition diagram |
| 89 | 6.7.6.2 IDLE 6.7.6.3 Initializing 6.7.6.4 Established 6.7.6.5 Connection_Failed |
| 90 | 6.7.6.6 State event matrix |
| 91 | 6.8 Connection Configuration Object 6.8.1 General 6.8.2 Class attribute extensions 6.8.3 Instance attributes, additions and extensions. |
| 93 | 6.8.4 Instance attribute semantics extensions or restrictions for safety 6.8.4.1 Connection flags – (Attribute 2) 6.8.4.2 CS Data Index Number – (Attribute 4) 6.8.4.3 Connection Timeout Multiplier – (part of Attribute 5) |
| 94 | 6.8.4.4 Transport Class and Trigger – (part of Attribute 5) 6.8.4.5 O-to-T RPI – (part of Attribute 5) 6.8.4.6 O-to-T connection parameters – (part of Attribute 5) |
| 95 | 6.8.4.7 T-to-O RPI – (part of Attribute 5) 6.8.4.8 T-to-O Connection parameters – (part of Attribute 5) 6.8.4.9 Connection Path (Attribute 6) 6.8.4.9.1 Connection Path size 6.8.4.9.2 Connection Path 6.8.4.9.3 Bridge Path 6.8.4.9.4 Configuration Path |
| 96 | 6.8.4.9.5 Target Consumption Path 6.8.4.9.6 Target Production Path 6.8.4.10 Config # 1 Data Size (part of Attribute 7) 6.8.4.11 Config # 1 Data (part of Attribute 7) 6.8.4.12 Config # 2 Data Size (part of Attribute 10) 6.8.4.13 Config # 2 Data (part of Attribute 10) 6.8.4.14 Data Map (Attribute 9) 6.8.4.14.1 Map format allocation 6.8.4.14.2 Format 0 usage for safety scanners |
| 97 | 6.8.4.14.3 Format 1 usage for safety scanners 6.8.4.15 Proxy Device ID 6.8.4.16 Connection Disable (Attribute 12) 6.8.5 Special Safety Related Parameters – (Attribute 13) 6.8.5.1 Ping Interval EPI Multiplier |
| 98 | 6.8.5.2 Time Coord Msg Min Multiplier 6.8.5.3 Network Time Expectation Multiplier 6.8.5.4 Timeout Multiplier 6.8.5.5 Max Consumer Number |
| 99 | 6.8.5.6 Target Connection UNID 6.8.5.7 Safety Configuration CRC (SCCRC) 6.8.5.8 Safety Configuration Signature (Time Stamp) 6.8.5.9 Time Correction EPI |
| 100 | 6.8.5.10 Time Correction Connection Parameters 6.8.5.11 Connection Parameter CRC (CPCRC) – (Attribute 14) 6.8.5.12 Configuration Instance – (Attribute 15) 6.8.5.13 Id Allocation 6.8.5.14 Format Type |
| 101 | 6.8.5.15 Format Status |
| 102 | 6.8.6 Object-specific services 6.8.7 Common service extensions for safety 6.8.7.1 Get Attribute All (Service Code 01hex) |
| 103 | 6.8.7.2 Set_Attribute_All (Service Code 02hex) |
| 104 | 6.8.7.3 Restore (Service Code 15hex) 6.8.8 Object behavior |
| 105 | 7 Safety communication layer protocol 7.1 Safety PDU format 7.1.1 Safety PDU encoding 7.1.1.1 General encoding rules |
| 106 | 7.1.1.2 Mode octet |
| 107 | 7.1.1.3 Mode octet CRC processing for Base Format 7.1.1.4 1 or 2 octet data section, Base Format |
| 108 | 7.1.1.5 1 or 2 octet data section, Extended Format 7.1.1.6 3 to 250 octet data section, Base Format |
| 109 | 7.1.1.7 3 to 250 octet data section, Extended Format 7.1.1.8 Time Stamp section, Base Format |
| 110 | 7.1.1.9 Time Coordination section |
| 112 | 7.1.1.10 Time Coordination CRC calculation 7.1.1.11 Time Correction section |
| 113 | 7.1.1.12 Time Correction CRC calculation 7.1.1.13 1 or 2 Octet, point-to-point, safety connection format |
| 114 | 7.1.1.14 1 or 2 Octet, multipoint, Format 1 connection format 7.1.1.15 1 or 2 Octet, multipoint, Format 2, safety connection format |
| 115 | 7.1.1.16 3 to 250 octet, point-to-point, safety connection format 7.1.1.17 3 to 248 Octet, multipoint, Format 1 Safety PDU format |
| 116 | 7.1.1.18 3 to 248 Octet, multipoint, Format 2, safety PDU format 7.1.1.19 Calculation order for Extended Format CRC calculations |
| 117 | 7.1.2 Safety CRC 7.1.2.1 Safety CRC overview 7.1.2.2 CRC polynomials 7.1.2.3 CRC usage specifications |
| 118 | 7.2 Communication protocol behavior 7.2.1 Sequence of safety checks 7.2.2 Connection termination 7.2.3 Cross checking error |
| 119 | 7.3 Time stamp operation 7.4 Rollover counts in the EF |
| 120 | 7.5 Protocol sequence diagrams 7.5.1 General 7.5.2 Normal safety transmission |
| 121 | 7.5.3 Lost, corrupted and delayed message transmission |
| 123 | 7.5.4 Lost, corrupted or delayed message transmission with production repeated |
| 125 | 7.5.5 Point-to-point ping |
| 126 | 7.5.6 Multipoint ping on CP 2/3 Safety |
| 127 | 7.5.7 Multipoint ping on CP 2/2 safety networks |
| 128 | 7.5.8 Multipoint ping – retry with success |
| 129 | 7.5.9 Multipoint ping – retry with timeout 7.6 Safety protocol definition 7.6.1 General 7.6.2 High level view of a safety device |
| 130 | 7.6.3 Safety Validator object 7.6.4 Relationship between SafetyValidatorServer and SafetyValidatorClient |
| 131 | 7.6.5 Extended Format time stamp rollover handling 7.6.5.1 General 7.6.5.2 Point-to-point, originator consumer, target producer |
| 132 | 7.6.5.3 Point-to-point, originator producer, target consumer |
| 133 | 7.6.5.4 Multi-point, originator consumer, target producer |
| 135 | 7.6.6 SafetyValidatorClient function definition 7.6.6.1 General 7.6.6.2 Safety production 7.6.6.3 Producing application interface 7.6.6.4 Safety data production logic 7.6.6.5 Example safety data production cold start logic |
| 137 | 7.6.6.6 Example safety data production multipoint consumer re-start logic 7.6.6.7 Example combined data production |
| 140 | 7.6.6.8 Example time coordination message reception logic |
| 143 | 7.6.7 SafetyValidatorServer function definition 7.6.7.1 General 7.6.7.2 Safety consumption |
| 144 | 7.6.7.3 SafetyValidatorServer – link triggered |
| 145 | 7.6.7.4 SafetyValidatorServer – application triggered 7.6.7.5 Safety data reception logic |
| 147 | 7.6.7.6 Ping count checking 7.6.7.7 Data and network time expectation checking maximum interval 7.6.7.8 Example cold start initialization |
| 148 | 7.6.7.9 SafetyValidatorServer – link triggered logic 7.6.7.10 Example combined reception logic – link triggered logic |
| 154 | 7.6.7.11 Example time correction message reception – link triggered logic |
| 155 | 7.6.7.12 SafetyValidatorServer – application triggered logic 7.6.7.13 Example time coordination message production logic |
| 156 | 7.7 Safety message and protocol data specifications 7.7.1 Mode octet 7.7.1.1 Mode_Octet.Run_Idle 7.7.1.2 Mode_Octet.N_Run_Idle 7.7.1.3 Mode_Octet TBD_2_Bit 7.7.1.4 Mode_Octet.TBD_2_Copy 7.7.1.5 Mode_Octet.Ping_Count 7.7.1.6 Mode_Octet.TBD_Bit 7.7.1.7 Mode_Octet.N_TBD_Bit 7.7.2 Time Stamp Section 7.7.3 Time Coordination Message 7.7.3.1 Ack_Octet.Ping_Response bit |
| 157 | 7.7.3.2 Ack_Octet.Consumer_Time_Value 7.7.3.3 Ack_Octet.Ping_Count_Reply 7.7.3.4 Ack_Octet.Time Coordination Reserved bits 7.7.4 Time correction message 7.7.4.1 Mcast_Octet.Consumer_# 7.7.4.2 Time_Correction_Section.Consumer_Time_Correction_Value 7.7.4.3 Mcast_Octet.Multi_Cast_Active_Idle 7.7.4.4 Mcast_octet.time correction reserved bits |
| 158 | 7.7.5 Safety data production 7.7.5.1 Producing connection status 7.7.5.2 Consumer_Open 7.7.5.3 Application_Run_Idle 7.7.5.4 Consumer_Active_Idle [per consumer] |
| 159 | 7.7.5.5 S_Connection_Fault [per consumer] 7.7.5.6 Producer input static variables 7.7.5.7 EPI 7.7.5.8 Timeout_Multiplier [per consumer] |
| 160 | 7.7.5.9 Connection_Type 7.7.5.10 Ping_Interval_EPI_Multiplier |
| 162 | 7.7.5.11 Max_Consumer_Number 7.7.5.12 Time_Coord_Msg_Min_Multiplier [per consumer] 7.7.5.13 Producer connection derived static variables 7.7.5.14 Time_Drift_Per_Ping_Interval [per consumer] |
| 163 | 7.7.5.15 Connection_Correction_Constant [per consumer] 7.7.5.16 Time_Coord_Response_EPI_Limit [per consumer] |
| 164 | 7.7.6 Producer dynamic variables 7.7.6.1 Producer_Clk_Count 7.7.6.2 Producer_Safe_Data_TS 7.7.6.3 Data_Time_Stamp 7.7.6.4 Ping_Interval_EPI_Count |
| 165 | 7.7.6.5 RR_Con_Num_Index_Pntr 7.7.6.6 Time_Drift_Since_Last_Time_Coord [per consumer] |
| 166 | 7.7.6.7 Worst_Case_Consumer_Time_Correction_Value 7.7.7 Producer per consumer dynamic variables 7.7.7.1 General 7.7.7.2 Consumer_Time_Value[per consumer] 7.7.7.3 Producer_Rcved_Time_Value[per consumer] 7.7.7.4 Consumer_Time_Correction_Value[per consumer] |
| 167 | 7.7.7.5 Ping_Int_Since_Last_Time_Coord_Msg_Count [per consumer] 7.7.7.6 Producer_Fault_Counter 7.7.8 Consumer data variables 7.7.8.1 General 7.7.8.2 Consuming connection status |
| 168 | 7.7.8.3 S_Con_Flt_C_Out 7.7.8.4 S_Run_Idle_Out 7.7.8.5 Init_Complete_Out |
| 169 | 7.7.9 Consumer input static variables 7.7.9.1 Connection_Type 7.7.9.2 Consumer_Num 7.7.9.3 Network_Time_Expectation_Multiplier 7.7.9.4 Timeout_Multiplier 7.7.9.5 Ping_Interval_EPI_Multiplier 7.7.9.6 Consumer connection derived static variables 7.7.10 Consumer dynamic variables 7.7.10.1 Consumer_Clk_Count |
| 170 | 7.7.10.2 Last_Ping_Count 7.7.10.3 Time_Coordination_Count_Down 7.7.10.4 Corrected_Data_Time_Stamp 7.7.10.5 Last_Data_Time_Stamp 7.7.10.6 Last_Rcved_Multi_Cast_Active_Idle 7.7.10.7 Last_Rcved_Time_Correction_Value |
| 171 | 7.7.10.8 Time_Correction_Ping_Interval_Count 7.7.10.9 Time_Correction_Received_Flag 7.7.10.10 Data_Age 7.7.10.11 Max_Data_Age 7.7.10.12 Consumer_Fault_Counter 8 Safety communication layer management 8.1 Overview |
| 172 | 8.2 Definition of the measures used during connection establishment |
| 175 | 8.3 Originator-Target relationship validation |
| 176 | 8.4 Detection of mis-routed connection requests 8.5 SafetyOpen processing 8.6 Ownership management |
| 177 | 8.7 Bridging different physical layers |
| 178 | 8.8 Safety connection establishment 8.8.1 Overview |
| 179 | 8.8.2 Basic facts for connection establishment 8.8.3 Configuring safety connections |
| 180 | 8.8.4 Network time expectation multiplier |
| 182 | 8.8.5 Establishing connections |
| 185 | 8.8.6 Recommendations for consumer number allocation |
| 186 | 8.8.7 Recommendations for connection establishment 8.8.8 Ownership establishment |
| 187 | 8.8.9 Ownership use cases 8.8.9.1 General 8.8.9.2 The user-designated owner connects and configures an un-owned, un-configured input device – (OUNID assigned at first connection) 8.8.9.3 The user-designated owner connects and configures an un-owned, un-configured output device – (OUNID assigned at first connection) 8.8.9.4 Owner connects and configures an owned, un-configured input device – (OUNID assigned by tool) 8.8.9.5 Owner connects and configures an owned, unconfigured output device – (OUNID assigned by tool) 8.8.9.6 Owner connects and attempts to re-configure a tool-owned, configured device – (Configuration Lock set) |
| 188 | 8.8.9.7 Device reconfiguration – Input Device 8.8.9.8 Device reconfiguration – Output Device |
| 189 | 8.8.9.9 Connection establishment to a previously owned device (Changing OUNID) 8.8.10 PID/CID usage and establishment |
| 190 | 8.8.11 Proper PID/CID usage in multipoint and point-to-point connections |
| 192 | 8.8.12 Network supported services |
| 193 | 8.8.13 FSCP 2/1 safety device type 8.8.13.1 General 8.8.13.2 Safety connection category 8.8.13.3 Safety connection services |
| 194 | 8.8.13.4 Services supported for each category |
| 196 | 8.9 Safety configuration process 8.9.1 Introduction to safety configuration 8.9.2 Configuration goals |
| 197 | 8.9.3 Configuration overview |
| 198 | 8.9.4 User configuration guidelines |
| 199 | 8.9.5 Configuration process SIL3 justification 8.9.6 Device functions for tool configuration |
| 200 | 8.9.7 Password security 8.9.8 SNCT interface services 8.9.9 Configuration lock |
| 201 | 8.9.10 Effect of configuration lock on device behavior |
| 202 | 8.9.11 Configuration ownership 8.9.12 Configuration mode 8.9.13 Measures used to ensure integrity of configuration process 8.9.13.1 Safety Configuration Identifier (SCID) |
| 203 | 8.9.13.2 Originator and Target SCID coverage 8.9.13.3 Safety Configuration CRC (SCCRC) 8.9.13.4 Safety Configuration Timestamp (SCTS) 8.9.13.5 System-wide unique “Safety Network Number” (SNN) 8.9.13.6 System-wide “Unique Node Identifier” (UNID) |
| 204 | 8.9.13.7 Connection Parameters CRC (CPCRC) 8.9.14 Download process 8.9.14.1 Overview 8.9.14.2 SNCT download to originators and targets |
| 205 | 8.9.14.3 SNCT to device download process steps |
| 206 | 8.9.14.4 SNCT downloads to originators which do Form 1 target configuration 8.9.14.5 SNCT downloads to originators that perform Form 1 configuration |
| 207 | 8.9.15 Verification process 8.9.15.1 Verification process overview |
| 208 | 8.9.15.2 User configuration verification and alternatives 8.9.15.2.1 Overview 8.9.15.2.2 Alternative 1 – immediate read back and diverse comparison |
| 209 | 8.9.15.2.3 Alternative 2 – local diverse display 8.9.16 Verification process |
| 210 | 8.9.17 Configuration error analysis 8.9.17.1 Configuration errors and detection measures relationships |
| 211 | 8.9.17.2 Configuration errors 8.9.17.2.1 User misdirects configuration 8.9.17.2.2 System misroutes configuration |
| 212 | 8.9.17.2.3 Lost configuration message 8.9.17.2.4 The configuration is corrupted 8.9.17.2.5 Configuration at an inappropriate time 8.9.17.2.6 User loads the wrong configuration 8.9.17.2.7 Configuration process is interrupted 8.9.17.3 Detection measures 8.9.17.3.1 User authentication 8.9.17.3.2 Identification of configuration file 8.9.17.3.3 Identification of target to be configured 8.9.17.3.4 CRC protection on configuration 8.9.17.3.5 Configuration ownership 8.9.17.3.6 Configuration session control |
| 213 | 8.9.17.3.7 User functional testing 8.9.17.3.8 Configuration protection 8.9.17.3.9 Diagnostic software protections (not safety related) 8.9.17.4 Device memory architecture considerations |
| 214 | 8.10 Electronic Data Sheets extensions for safety 8.10.1 General rules for EDS based safety devices 8.10.1.1 General 8.10.1.2 Safety configuration assembly definition 8.10.1.3 Configuration CRC 8.10.1.4 Password encryption for EDS devices 8.10.2 EDS extensions for safety 8.10.2.1 Additional Object Class sections |
| 215 | 8.10.2.2 Extension to [File] section for safety 8.10.2.3 Extension to [Device Classification] section for safety |
| 216 | 8.10.2.4 Extension to [ParamClass] section for Safety 8.10.2.5 Extension to [Connection Manager] section for safety 8.10.2.5.1 General 8.10.2.5.2 Max safety connections |
| 217 | 8.10.2.5.3 Default safety connections 8.10.2.5.4 Safety Format Support 8.10.2.5.5 Changes and additions to Connection Manager fields 8.10.2.5.5.1 Overview of changes and additions |
| 218 | 8.10.2.5.5.2 Trigger and Transport field 8.10.2.5.5.3 Connection Parameter field |
| 219 | 8.10.2.5.5.4 Data Path field 8.10.2.5.5.5 ASYNC field 8.11 Requirements for CP 2/2 8.11.1 EPI rules for safety messages that travel over CP 2/2 8.11.2 Default safety I/O service 8.11.3 Duplicate IP detection |
| 220 | 8.11.4 Priority for safety connections 8.12 Requirements for CP 2/3 8.12.1 Allocation of CP 2/3 identifiers 8.12.1.1 General 8.12.1.2 Basic CP 2/3 algorithm (general model) |
| 221 | 8.12.1.3 Case 1 (target allocates identifiers) 8.12.1.4 Case 2 (target cannot allocate identifiers) 8.12.1.5 Case 3 (originator allocates identifiers) 8.12.1.6 Order of MSGID Allocation 8.12.1.7 Rules for connection ID assignment |
| 222 | 8.12.1.8 Point to point message connections 8.12.1.9 Multipoint message connections 8.12.1.10 CP 2/3 ID quarantining requirements 8.12.2 Additional requirements 8.13 CP 16/3 requirements 8.13.1 General architecture for CPF 2 on CP 16/3 |
| 223 | 8.13.2 Baseline FSCP 2/1 on CP 16/3 device 8.13.3 Supported objects and services in CP 16/3 devices 8.13.3.1 General 8.13.3.2 Identity object (class code 0x01) |
| 224 | 8.13.3.3 Connection Manager object (class code 0x06) 8.13.3.4 Connection Configuration object (class code 0xF3) 8.13.3.5 Message Router object (class code 0x02) 8.13.3.6 Safety Supervisor object (class code 0x39) 8.13.3.7 Safety Validator object (class code 0x3A) 8.13.3.8 SERCOS III Link object (class code 0x4C) 8.13.4 Transport layer requirements 8.13.4.1 General 8.13.4.2 Transport layer considerations |
| 225 | 8.13.4.3 Multicast connections 8.13.4.4 FSCP 2/1 Adaptation Layer for CIP Services |
| 226 | 8.13.5 FSCP 2/1 and the CP 16/3 device model |
| 227 | 8.13.6 UNID assignment on CP 16/3 8.13.6.1 General 8.13.6.2 CP 16/3 Safety Device ID |
| 229 | 8.13.6.3 Safety Network Number assignment 9 System requirements 9.1 Indicators and switches 9.1.1 General indicator requirements 9.1.2 LED indications for setting the device UNID 9.1.3 Module Status LED |
| 230 | 9.1.4 Indicator warning 9.1.5 Network Status LED |
| 231 | 9.1.6 Switches 9.1.6.1 Node ID switches 9.1.6.2 NodeID determination |
| 233 | 9.1.6.3 Reset switch 9.2 Installation guidelines 9.3 Safety function response time 9.3.1 Overview |
| 234 | 9.3.2 Network time expectation |
| 235 | 9.3.3 Equations for calculating network reaction times |
| 237 | 9.4 Duration of demands 9.5 Constraints for calculation of system characteristics 9.5.1 Number of nodes 9.5.2 Network PFH |
| 239 | 9.5.3 Bit Error Rate (BER) 9.5.3.1 General 9.5.3.2 CP 2/3 BER 9.5.3.3 CP 2/2 BER |
| 240 | 9.5.3.4 Summary 9.6 Maintenance 9.7 Safety manual 10 Assessment |
| 270 | 1 Scope 2 Normative references |
| 272 | 3 Terms, definitions, symbols, abbreviated terms and conventions 3.1 Terms and definitions 3.1.1 Common terms and definitions |
| 276 | 3.1.2 CPF 3: Additional terms and definitions |
| 279 | 3.2 Symbols and abbreviated terms 3.2.1 Common symbols and abbreviated terms |
| 280 | 3.2.2 CPF 3: Additional symbols and abbreviated terms |
| 281 | 3.3 Conventions 4 Overview of FSCP 3/1 (PROFIsafe™) |
| 284 | 5 General 5.1 External documents providing specifications for the profile 5.2 Safety functional requirements 5.3 Safety measures |
| 285 | 5.4 Safety communication layer structure 5.4.1 Principle of FSCP 3/1 safety communications |
| 286 | 5.4.2 CPF 3 communication structures |
| 288 | 5.5 Relationships with FAL (and DLL, PhL) 5.5.1 Device model |
| 289 | 5.5.2 Application and communication relationships 5.5.3 Data types 6 Safety communication layer services 6.1 F-Host services |
| 293 | 6.2 F-Device services |
| 295 | 6.3 Diagnosis 6.3.1 Safety alarm generation 6.3.2 F-Device safety layer diagnosis including the iPar-Server |
| 296 | 7 Safety communication layer protocol 7.1 Safety PDU format 7.1.1 Safety PDU structure 7.1.2 Safety IO data 7.1.3 Status and Control Byte |
| 298 | 7.1.4 (Virtual) MonitoringNumber |
| 299 | 7.1.5 (Virtual) MNR mechanism (F_CRC_Seed=0) 7.1.6 (Virtual) MNR mechanism (F_CRC_Seed=1) |
| 300 | 7.1.7 CRC2 Signature (F_CRC_Seed=0) |
| 302 | 7.1.8 CRC2 Signature (F_CRC_Seed=1) 7.1.9 Non-safety IO data |
| 303 | 7.2 FSCP 3/1 behavior 7.2.1 General 7.2.2 F-Host state diagram |
| 306 | 7.2.3 F-Device state diagram |
| 310 | 7.2.4 Sequence diagrams |
| 316 | 7.2.5 Timing diagram for a MonitoringNumber reset 7.2.6 Monitoring of safety times 7.2.6.1 Normal operation |
| 319 | 7.2.6.2 Extended watchdog time on request after user interaction 7.3 Reaction in the event of a malfunction 7.3.1 Repetition 7.3.2 Loss |
| 320 | 7.3.3 Insertion 7.3.4 Incorrect sequence 7.3.5 Corruption of safety data 7.3.6 Delay 7.3.7 Masquerade 7.3.8 Addressing |
| 321 | 7.3.9 Memory failures within switches 7.3.10 Loop-back |
| 322 | 7.3.11 Network boundaries and router 7.4 F-Startup and parameter change at runtime 7.4.1 Standard startup procedure 7.4.2 iParameter assignment deblocking |
| 323 | 8 Safety communication layer management 8.1 F-Parameter 8.1.1 Summary 8.1.2 F_Source/Destination_Address (Codename) |
| 324 | 8.1.3 F_WD_Time (F-Watchdog time) 8.1.4 F_WD_Time_2 (secondary F-Watchdog time) |
| 325 | 8.1.5 F_Prm_Flag1 (Parameters for the safety layer management) 8.1.5.1 Structure of F_Prm_Flag1 8.1.5.2 F_Check_SeqNr (MNR in CRC2) 8.1.5.3 F_Check_iPar 8.1.5.4 F_SIL (SIL stage) |
| 326 | 8.1.5.5 F_CRC_Length (length of the CRC2 signature) 8.1.5.6 F_CRC_Seed (Seed value for CRC2) 8.1.6 F_Prm_Flag2 (Parameters for the safety layer management) 8.1.6.1 Structure of F_Prm_Flag2 |
| 327 | 8.1.6.2 F_Passivation 8.1.6.3 F_Block_ID (type identification of parameters) 8.1.6.4 F_Par_Version (version number of the F-Parameter set) |
| 328 | 8.1.7 F_iPar_CRC (value of iPar_CRC across iParameters) 8.1.8 F_Par_CRC calculation (across F-Parameters) 8.1.9 Structure of the F-Parameter record data object |
| 329 | 8.2 iParameter and iPar_CRC 8.3 Safety parameterization 8.3.1 Objectives |
| 330 | 8.3.2 GSDL and GSDML safety extensions 8.3.2.1 GSDL extensions |
| 331 | 8.3.2.2 GSDML extensions |
| 332 | 8.3.3 Securing safety parameters and GSD data 8.3.3.1 General 8.3.3.2 F_Par_CRC and iPar_CRC across safety parameters 8.3.3.3 CRC0 across GSD data |
| 336 | 8.4 Safety configuration 8.4.1 Securing the safety IO data description (CRC7) |
| 337 | 8.4.2 DataItem data type section examples 8.4.2.1 Approach 8.4.2.2 F_IN_OUT_1 8.4.2.3 F_IN_OUT_2 |
| 338 | 8.4.2.4 F_IN_OUT_5 |
| 339 | 8.4.2.5 F_IN_OUT_6 8.5 Data type information usage 8.5.1 F-Channel driver |
| 340 | 8.5.2 Rules for standard F-Channel drivers |
| 341 | 8.5.3 Recommendations for F-Channel drivers |
| 342 | 8.6 Safety parameter assignment mechanisms 8.6.1 F-Parameter assignment 8.6.2 General iParameter assignment |
| 343 | 8.6.3 System integration requirements for iParameterization tools |
| 344 | 8.6.4 iPar-Server 8.6.4.1 General description and constraints |
| 346 | 8.6.4.2 Notification |
| 349 | 8.6.4.3 Services |
| 351 | 8.6.4.4 Protocol |
| 353 | 8.6.4.5 iPar-Server management |
| 354 | 8.6.4.6 iParameter size in GSD 9 System requirements 9.1 Indicators and switches 9.2 Installation guidelines 9.3 Safety function response time 9.3.1 Model |
| 356 | 9.3.2 Calculation and optimization |
| 357 | 9.3.3 Adjustment of watchdog times for FSCP 3/1 |
| 358 | 9.3.4 Engineering tool support 9.3.5 Retries (repetition of messages) |
| 360 | 9.4 Duration of demands 9.5 Constraints for the calculation of system characteristics 9.5.1 Probabilistic considerations |
| 362 | 9.5.2 Safety related assumptions |
| 363 | 9.5.3 Non safety related constraints (availability) 9.6 Maintenance 9.6.1 F-Module commissioning / replacement 9.6.2 Identification and maintenance functions 9.7 Safety manual |
| 365 | 9.8 Wireless transmission channels 9.8.1 Black channel approach 9.8.2 Availability 9.8.3 Security measures |
| 368 | 9.8.4 Stationary and mobile applications 9.9 Conformance classes |
| 370 | 10 Assessment 10.1 Safety policy 10.2 Obligations |
| 391 | 1 Scope 2 Normative references |
| 392 | 3 Terms, definitions, symbols, abbreviated terms and conventions 3.1 Terms and definitions 3.1.1 Common terms and definitions |
| 396 | 3.1.2 CPF 8: Additional terms and definitions |
| 397 | 3.2 Symbols and abbreviated terms 3.2.1 Common symbols and abbreviated terms 3.2.2 CPF 8: Additional symbols and abbreviated terms |
| 398 | 3.3 Conventions 4 Overview 5 General 6 Safety communication layer services 7 Safety communication layer protocol 8 Safety communication layer management 9 System requirements 10 Assessment 11 FSCP 8/1 11.1 Scope — FSCP 8/1 11.2 Normative references — FSCP 8/1 11.3 Terms, definitions, symbols, abbreviated terms and conventions — FSCP 8/1 |
| 399 | 11.4 Overview of FSCP 8/1 (CC-Link Safety™) 11.5 General – FSCP 8/1 11.5.1 External documents providing specifications for the profile 11.5.2 Safety functional requirements |
| 400 | 11.5.3 Safety measures 11.5.3.1 General 11.5.3.2 Sequence number 11.5.3.3 Time expectation |
| 401 | 11.5.3.4 Connection authentication 11.5.3.5 Feedback message 11.5.3.6 Different data integrity assurance system 11.5.4 Safety communication layer structure |
| 402 | 11.5.5 Relationships with FAL (and DLL, PhL) 11.5.5.1 Overview 11.5.5.2 Data types 11.6 Safety communication layer services for FSCP 8/1 11.6.1 General 11.6.2 SASEs 11.6.2.1 M1 safety device manager class specification |
| 403 | 11.6.2.2 S1 safety device manager class specification 11.6.3 SARs 11.6.3.1 M1 safety connection manager class 11.6.3.2 S1 safety connection manager class |
| 404 | 11.6.4 Process data SAR ASEs 11.6.4.1 M1 safety cyclic transmission class specification 11.6.4.2 S1 safety cyclic transmission class specification |
| 405 | 11.7 Safety communication layer protocol for FSCP 8/1 11.7.1 Safety PDU format 11.7.1.1 General 11.7.1.2 Abstract syntax 11.7.1.2.1 M1 safety device manager PDU abstract syntax 11.7.1.2.2 S1 safety device manager PDU abstract syntax 11.7.1.2.3 M1 safety connection manager PDU abstract syntax 11.7.1.2.4 S1 safety connection manager PDU abstract syntax |
| 406 | 11.7.1.2.5 M1 safety cyclic transmission PDU abstract syntax 11.7.1.2.6 S1 safety cyclic transmission PDU abstract syntax |
| 407 | 11.7.1.3 Transfer syntax 11.7.1.3.1 M1 safety device manager PDU encoding 11.7.1.3.2 S1 safety device manager PDU encoding 11.7.1.3.3 M1 safety connection manager PDU encoding |
| 408 | 11.7.1.3.4 S1 safety connection manager PDU encoding 11.7.1.3.5 M1 safety cyclic transmission PDU encoding |
| 409 | 11.7.1.3.6 S1 safety cyclic transmission PDU encoding |
| 411 | 11.7.2 State description 11.7.2.1 Overview 11.7.2.2 Idle 11.7.2.2.1 Overview |
| 412 | 11.7.2.2.2 Transition 11.7.2.3 FAL running 11.7.2.3.1 Overview 11.7.2.3.2 Transition 11.7.2.4 SCL running 11.7.2.4.1 Overview 11.7.2.4.2 Transition 11.7.2.5 Fail safe 11.7.2.5.1 Overview 11.7.2.5.2 Transition 11.7.2.6 Safety data transmission and processing 11.7.2.6.1 Overview |
| 413 | 11.7.2.6.2 Sequence number 11.7.2.6.3 Time expectation |
| 414 | 11.7.2.6.4 Connection authentication 11.7.2.6.5 Feedback message 11.7.2.6.6 Data integrity 11.7.2.6.7 Different data integrity assurance system 11.7.2.7 Forced termination 11.8 Safety communication layer management for FSCP 8/1 11.8.1 General |
| 415 | 11.8.2 Connection establishment and confirmation processing 11.8.3 Safety slave verification 11.8.3.1 General 11.8.3.2 Safety slave information verification process 11.8.3.3 Safety slave parameter transmission |
| 416 | 11.9 System requirements for FSCP 8/1 11.9.1 Indicators and switches 11.9.1.1 Switches 11.9.1.2 Indicators |
| 417 | 11.9.2 Installation guidelines 11.9.3 Safety function response time 11.9.3.1 General 11.9.3.2 Time calculation |
| 418 | 11.9.4 Duration of demands 11.9.5 Constraints for calculation of system characteristics 11.9.5.1 System characteristics 11.9.5.2 Residual error rate (Λ) |
| 420 | 11.9.6 Maintenance 11.9.7 Safety manual 11.10 Assessment for FSCP 8/1 12 FSCP 8/2 12.1 Scope — FSCP 8/2 12.2 Normative references — FSCP 8/2 12.3 Terms, definitions, symbols, abbreviated terms and conventions — FSCP 8/2 12.4 Overview of FSCP 8/2 (CC-Link IE™ Safety communication function) |
| 421 | 12.5 General – FSCP 8/2 12.5.1 External documents providing specifications for the profile 12.5.2 Safety functional requirements 12.5.3 Safety measures 12.5.3.1 General |
| 422 | 12.5.3.2 Corruption 12.5.3.3 Unintended repetition |
| 423 | 12.5.3.4 Incorrect sequence 12.5.3.5 Loss |
| 424 | 12.5.3.6 Unacceptable delay |
| 425 | 12.5.3.7 Insertion 12.5.3.8 Masquerade |
| 426 | 12.5.3.9 Addressing 12.5.4 Safety communication layer structure 12.5.5 Relationships with FAL (and DLL, PhL) 12.5.5.1 Data types 12.6 Safety communication layer services for FSCP 8/2 12.6.1 General 12.6.2 Connection reestablishment services 12.6.2.1 SSStart |
| 427 | 12.6.2.2 SSRestart 12.6.2.3 SSInvokeFunc 12.6.3 Data transmission services 12.6.3.1 SSRead |
| 428 | 12.6.3.2 SS-Write 12.6.4 Connection termination notification services 12.6.4.1 SSTerminate |
| 429 | 12.7 Safety communication layer protocol for FSCP 8/2 12.7.1 Safety PDU format 12.7.1.1 Safety PDU structure 12.7.1.2 CTRL |
| 431 | 12.7.1.3 CID 12.7.1.4 TS |
| 432 | 12.7.1.5 OBL 12.7.1.6 SData 12.7.1.6.1 Structure |
| 433 | 12.7.1.6.2 Fragmentation 12.7.1.7 CRC32 |
| 434 | 12.7.2 Safety FAL service protocol machine (SFSPM) 12.7.2.1 Overview |
| 435 | 12.7.2.2 Behaviour 12.7.2.2.1 Safety initialization |
| 436 | 12.7.2.2.2 Safety refresh |
| 437 | 12.7.2.2.3 Safety connection termination 12.7.2.3 SFSPMM 12.7.2.3.1 State transitions |
| 441 | 12.7.2.3.2 Operation other than during safety refresh 12.7.2.3.3 SData syntax 12.7.2.3.3.1 SConnectreq |
| 442 | 12.7.2.3.3.2 SInitConfirmNetPrmreq |
| 443 | 12.7.2.3.3.3 SInitVerifyStnPrmreq 12.7.2.3.3.4 SInvokeFuncreq 12.7.2.3.3.5 SRefreshReadyreq 12.7.2.3.3.6 SReadErrorInforeq |
| 444 | 12.7.2.3.3.7 SWriteErrorInforeq |
| 445 | 12.7.2.3.3.8 SRefreshMOreq 12.7.2.3.3.9 SRefreshGOreq 12.7.2.3.3.10 SRefreshreq 12.7.2.4 SFSPMS 12.7.2.4.1 State transistions |
| 450 | 12.7.2.4.2 Operation other than during safety refresh 12.7.2.4.3 SData syntax 12.7.2.4.3.1 SConnectrsp |
| 451 | 12.7.2.4.3.2 SInitConfirmNetPrmrsp 12.7.2.4.3.3 SInitVerifyStnPrmrsp 12.7.2.4.3.4 SInvokeFuncrsp |
| 452 | 12.7.2.4.3.5 SRefreshReadyrsp 12.7.2.4.3.6 SReadErrorInforsp 12.7.2.4.3.7 SWriteErrorInforsp 12.7.2.4.3.8 SRefreshMOrsp 12.7.2.4.3.9 SRefreshGOrsp 12.7.2.4.3.10 SRefreshreq 12.7.2.5 Correcting the clock offset |
| 454 | 12.7.2.6 Calculating the reception time 12.7.2.7 Operating carry_counter |
| 455 | 12.8 Safety communication layer management for FSCP 8/2 12.8.1 Parameter Definitions 12.8.1.1 Parameter list 12.8.1.2 connection_id 12.8.1.3 transmission_interval |
| 456 | 12.8.1.4 allowable_refresh_interval |
| 458 | 12.8.1.5 allowable_delay |
| 459 | 12.8.1.6 allowable_roundtrip_delay 12.8.2 Parameter Setup 12.8.3 Management Services 12.8.3.1 SMSetSafetyStationInfo 12.8.3.2 SMSetSafetyNetworkParameter |
| 460 | 12.8.3.3 SMGetSafetyStationInfo |
| 461 | 12.8.3.4 SMGetSafetyNetworkParameter |
| 462 | 12.9 System requirements for FSCP 8/2 12.9.1 Indicators and switches 12.9.1.1 Switches 12.9.1.2 Indicators |
| 463 | 12.9.2 Installation guidelines 12.9.3 Safety function response time |
| 464 | 12.9.4 Duration of demands 12.9.5 Constraints for calculation of system characteristics 12.9.5.1 Number of stations 12.9.5.2 Probability considerations |
| 466 | 12.9.6 Maintenance 12.9.7 Safety manual |
| 467 | 12.10 Assessment for FSCP 8/2 |
| 489 | 1 Scope 2 Normative references |
| 490 | 3 Terms, definitions, symbols, abbreviated terms and conventions 3.1 Terms and definitions 3.1.1 Common terms and definitions |
| 493 | 3.1.2 CPF 13: Additional terms and definitions |
| 494 | 3.2 Symbols and abbreviated terms 3.2.1 Common symbols and abbreviated terms |
| 496 | 3.2.2 CPF 13: Additional symbols and abbreviated terms 3.3 Conventions 3.3.1 Hexadecimal values |
| 497 | 3.3.2 Binary values 3.3.3 Wildcard digits 3.3.4 Diagrams 4 Overview of FSCP 13/1 (openSAFETY) 4.1 Functional Safety Communication Profile 13/1 4.2 Technical overview |
| 498 | 5 General 5.1 External documents providing specifications for the profile 5.2 Safety functional requirements |
| 499 | 5.3 Safety measures |
| 500 | 5.4 Safety communication layer structure |
| 502 | 5.5 Relationships with FAL (and DLL, PhL) 5.5.1 General 5.5.2 Data types 6 Safety communication layer services 6.1 Modelling 6.1.1 Reference model 6.1.1.1 General 6.1.1.2 Safety network management (SNMT) 6.1.1.3 Safety service data objects (SSDO) |
| 503 | 6.1.1.4 Safety process data objects (SPDO) 6.1.1.5 Safety object dictionary (SOD) 6.1.1.6 Safety configuration manager (SCM) 6.1.2 Communication model |
| 504 | 6.1.3 Device roles and topology 6.1.3.1 General |
| 505 | 6.1.3.2 Safety Node (SN) |
| 506 | 6.1.3.3 Safety Domain (SD) 6.1.3.3.1 General 6.1.3.3.2 Safety Domain protection 6.1.3.3.3 Safety Domain separation |
| 507 | 6.1.3.4 Safety Domain Gateway (SDG) 6.1.3.5 Configuration Manager (SCM) 6.2 Life cycle model 6.2.1 General |
| 508 | 6.2.2 Concept, planning and implementation 6.2.2.1 Application layout 6.2.2.2 Programming and parameterization 6.2.2.2.1 General 6.2.2.2.2 Automatic Configuration Mode (ACM) 6.2.2.2.3 Manual Configuration Mode (MCM) |
| 509 | 6.2.3 Commissioning 6.2.3.1 General 6.2.3.2 Installation 6.2.3.3 Configuration setup 6.2.3.3.1 Configuration setup using ACM 6.2.3.3.2 Configuration setup using MCM |
| 510 | 6.2.3.4 Verification 6.2.4 Operation terms 6.2.4.1 Transfer of safety related data 6.2.4.2 Time synchronization and validation |
| 511 | 6.2.4.3 Life guarding 6.2.4.4 Startup after power up or reset 6.2.4.5 Recover from network failure 6.2.5 Maintenance terms 6.3 Non safety communication layer 6.3.1 General 6.3.2 Requirements for data transport 6.3.2.1 General 6.3.2.2 Masquerading 6.3.2.3 Communication model |
| 512 | 6.3.2.4 Transport of SPDO |
| 513 | 6.3.2.5 Transport of SSDO |
| 514 | 6.3.2.6 Representation of diagnostic data |
| 515 | 6.3.3 Domain protection and separation 7 Safety communication layer protocol 7.1 Safety PDU format 7.1.1 Structure of Safety PDUs 7.1.1.1 General 7.1.1.2 Basic Safety PDU |
| 517 | 7.1.1.3 Slim Safety PDU |
| 518 | 7.1.2 Address field (ADR) 7.1.3 PDU identification field (ID) |
| 519 | 7.1.4 Length field (LE) 7.1.5 Consecutive Time field (CT) |
| 520 | 7.1.6 Payload data field (DB0 to DBn) 7.1.7 Cyclic Redundancy Check field (CRC-8 / CRC-16) 7.1.8 Time Request Address field (TADR) 7.1.9 Time Request Distinctive Number field (TR) 7.1.10 UDID of SCM coding (UDID of SCM) |
| 521 | 7.2 Safety Process Data Object (SPDO) 7.2.1 General 7.2.2 SPDO telegram types 7.2.3 Data Only telegram |
| 522 | 7.2.4 Data with Time Request telegram |
| 523 | 7.2.5 Data with Time Response telegram 7.3 Safety Service Data Object (SSDO) 7.3.1 General |
| 524 | 7.3.2 SSDO telegram types |
| 525 | 7.3.3 SSDO services and protocols |
| 527 | 7.3.4 SSDO Download Initiate |
| 528 | 7.3.5 SSDO Download Segment |
| 529 | 7.3.6 SSDO Block Download Initiate |
| 530 | 7.3.7 SSDO Block Download Segment |
| 531 | 7.3.8 SSDO Upload Initiate |
| 532 | 7.3.9 SSDO Upload Segment |
| 533 | 7.3.10 SSDO Block Upload Initiate |
| 534 | 7.3.11 SSDO Block Upload Segment |
| 535 | 7.3.12 SSDO Abort |
| 536 | 7.4 Safety Network Management (SNMT) 7.4.1 General 7.4.2 SNMT telegram types |
| 537 | 7.4.3 SNMT services and protocols 7.4.3.1 UDID Request / Response |
| 538 | 7.4.3.2 SADR assignment |
| 539 | 7.4.3.3 Reset Node Guarding Time |
| 540 | 7.4.3.4 SNMT Extended Services 7.4.3.5 SN set to Pre-Operational |
| 541 | 7.4.3.6 SN set to Operational |
| 543 | 7.4.3.7 SNMT SN Acknowledge |
| 544 | 7.4.3.8 SCM set to stop 7.4.3.9 SCM set to Operational |
| 545 | 7.4.3.10 Node Guarding |
| 546 | 7.4.3.11 Additional SADR Assignment |
| 547 | 7.4.3.12 UDID of SCM Assignment |
| 548 | 7.5 Safety Object dictionary (SOD) 7.5.1 General 7.5.2 Object dictionary entry definition 7.5.2.1 General |
| 549 | 7.5.2.2 Index 7.5.2.3 Object 7.5.2.4 Object type 7.5.2.5 Name 7.5.2.6 Data type |
| 550 | 7.5.2.7 Category 7.5.2.8 Access 7.5.2.9 Value range 7.5.2.10 Default value 7.5.2.11 SPDO mapping |
| 551 | 7.5.2.12 Example basic data type object definition 7.5.2.13 Example compound data type object definition 7.5.2.14 Sub index definition 7.5.2.14.1 General |
| 552 | 7.5.2.14.2 Sub index 00h – NumberOfEntries 7.5.2.14.3 Sub index 01h – FEh – Object specific data |
| 553 | 7.5.2.14.4 Sub index FFh – StructureOfObject 7.5.3 Data type entry specification 7.5.3.1 General |
| 554 | 7.5.3.2 Basic data types 7.5.3.3 Compound data types |
| 555 | 7.5.4 Object description 7.5.4.1 General |
| 558 | 7.5.4.2 Object 1001h: Error Register 7.5.4.3 Object 1002h: Manufacturer status register |
| 559 | 7.5.4.4 Object 1003h: Pre defined error field |
| 560 | 7.5.4.5 Object 100Ch: Life Guarding |
| 561 | 7.5.4.6 Object 100Dh: Refresh Interval of Reset Guarding |
| 562 | 7.5.4.7 Object 100Eh: Number of Retries for Reset Guarding 7.5.4.7.1 General 7.5.4.8 Object 1018h: Device Vendor Information |
| 565 | 7.5.4.8.1 Revision Number |
| 566 | 7.5.4.8.2 Parameter checksum 7.5.4.9 Object 1019h: Unique Device ID |
| 567 | 7.5.4.10 Object 101Ah: Parameter Download |
| 568 | 7.5.4.11 Object 101Bh: SCM Parameters 7.5.4.12 Object 1200h: Common Communication Parameter |
| 571 | 7.5.4.13 Object 1201h: SSDO Communication Parameter |
| 572 | 7.5.4.14 Object 1202h: SNMT Communication Parameter |
| 573 | 7.5.4.15 Object 1400h — 17FEh: RxSPDO Communication Parameter |
| 578 | 7.5.4.16 Object 1800h — 1BFEh: RxSPDO Mapping Parameter |
| 579 | 7.5.4.17 Object 1C00h — 1FFEh: TxSPDO Communication Parameter |
| 581 | 7.5.4.18 Object 2800h – 2FFFh: User Parameter (writeable at any time) 7.5.4.19 Object C000h — C3FEh: TxSPDO Mapping Parameter |
| 583 | 7.5.4.20 Object C400h — C7FEh: SADR-DVI List |
| 588 | 7.5.4.21 Object C801h — CBFFh: Additional SADR list |
| 590 | 7.5.4.22 Object CC01h — CFFFh: SADR-UDID List |
| 591 | 7.6 Safety related PDO mapping 7.6.1 General 7.6.2 Transmit SPDOs 7.6.3 Receive SPDOs |
| 592 | 7.6.4 SPDO mapping parameter 7.6.5 SPDO mapping example |
| 594 | 7.6.6 SPDO error handling 7.6.6.1 Non-mapable application object 7.6.6.2 Unexpected length of RxSPDO |
| 595 | 7.7 State and sequence diagrams 7.7.1 Safety Process Data Object (SPDO) 7.7.1.1 Safety Process Data Object producer (TxSPDO) |
| 596 | 7.7.1.2 Safety Process Data Object consumer (RxSPDO) 7.7.1.2.1 General behaviour |
| 597 | 7.7.1.2.2 Process data |
| 599 | 7.7.2 Time synchronization and validation 7.7.2.1 General 7.7.2.2 Time synchronization |
| 600 | 7.7.2.3 Time validation |
| 602 | 7.7.2.4 Time synchronization operation |
| 605 | 7.7.2.5 Time synchronization frequency 7.7.2.6 Time synchronization producer |
| 606 | 7.7.2.7 Time synchronization consumer |
| 608 | 7.7.3 Safety Service Data Object (SSDO) 7.7.3.1 SSDO client |
| 609 | 7.7.3.2 SSDO server 7.7.4 SOD access 7.7.4.1 General |
| 610 | 7.7.4.2 SOD access (expedited) 7.7.4.3 SOD download access with segmentation 7.7.4.3.1 Client state diagram |
| 612 | 7.7.4.3.2 Server state diagram |
| 614 | 7.7.4.4 SOD Block Download Access 7.7.4.4.1 Client state diagram |
| 617 | 7.7.4.4.2 Server state diagram |
| 619 | 7.7.5 Safety Network Management Object (SNMT) 7.7.5.1 SNMT master |
| 620 | 7.7.5.2 SNMT slave |
| 621 | 7.7.6 SN power up 7.7.6.1 General |
| 622 | 7.7.6.2 States and communication object relation 7.7.6.3 Pre-Operational |
| 624 | 7.7.6.4 Operational |
| 625 | 7.7.7 SN power down 7.7.8 SN recovery after Restart / Error 7.7.9 SCM power up 7.7.9.1 General |
| 626 | 7.7.9.2 States and communication object relation 7.7.9.3 Operational |
| 628 | 7.7.10 Address verification |
| 630 | 7.7.11 Commissioning mode 7.7.12 Handle single UDID mismatch 7.7.12.1 General |
| 632 | 7.7.12.2 Verify parameters |
| 634 | 7.7.13 Activate SN |
| 635 | 7.7.14 Device exchange 8 Safety communication layer management 8.1 General 8.2 Goals of parameterization 8.3 Initial configuration of a device 8.3.1 General |
| 636 | 8.3.2 SD setup by only configuring the SCM 8.3.3 SD setup configuring each SN 8.4 Avoiding of parameterizing the wrong device 8.5 Parameter check mechanism 9 System requirements 9.1 Indicators and switches 9.2 Installation guidelines 9.3 Safety function response time |
| 638 | 9.4 Duration of demands 9.5 Constraints for calculation of system characteristics 9.5.1 General 9.5.2 Number of sinks limit 9.5.3 Message rate limit 9.5.4 Message payload limit 9.5.5 Bit error rate considerations |
| 639 | 9.5.6 Residual error rate |
| 640 | 9.6 Maintenance 9.6.1 Diagnostic information 9.6.2 Replacement of safety related devices 9.6.2.1 SN replacement 9.6.2.2 Replacement of SN running the SCM 9.6.3 Modification |
| 641 | 9.6.4 Machine part changing 9.6.5 Firmware update of safety related nodes 9.6.6 Machine check due to service interval 9.7 Safety manual 10 Assessment 10.1 General |
| 642 | 10.2 CP 13/1 assessment 10.3 FSCP 13/1 conformance test 10.4 Approval of functional safety by competent assessment body |
| 659 | 1 Scope 2 Normative references |
| 660 | 3 Terms, definitions, symbols, abbreviated terms, and conventions 3.1 Terms and definitions 3.1.1 Common terms and definitions |
| 664 | 3.1.2 CPF 17: Additional terms and definitions |
| 665 | 3.2 Symbols and abbreviated terms 3.2.1 Common symbols and abbreviated terms 3.2.2 CPF 17: Additional symbols and abbreviated terms |
| 666 | 3.3 Conventions 4 Overview of FSCP 17/1 (RAPIEnet Safety™) |
| 667 | 5 General 5.1 External documents providing specifications for the profile 5.2 Safety functional requirements |
| 668 | 5.3 Safety measures 5.3.1 General 5.3.2 (Virtual) sequence number 5.3.3 Time expectation with watchdog |
| 669 | 5.3.4 Connection authentication 5.3.5 Feedback message 5.3.6 Data integrity assurance 5.4 Safety communication layer structure 5.4.1 Principle of FSCP 17/1 safety communications 5.4.2 CPF 17 communication structures |
| 670 | 5.5 Relationships with FAL (and DLL, PhL) 5.5.1 General 5.5.2 Data types 6 Safety communication layer services 6.1 Overview 6.2 Functional Safety connection 6.2.1 General 6.2.2 Initiator class specification 6.2.2.1 General |
| 671 | 6.2.2.2 Model 6.2.2.3 Attributes 6.2.3 Responder-class specification 6.2.3.1 General |
| 672 | 6.2.3.2 Model 6.2.3.3 Attributes 6.2.4 Sender class specification 6.2.4.1 General |
| 673 | 6.2.4.2 Read request service 6.2.4.2.1 Model 6.2.4.2.2 Attributes |
| 674 | 6.2.4.3 Write request service 6.2.4.3.1 Model 6.2.4.3.2 Attributes |
| 675 | 6.2.5 Receiver class specification 6.2.5.1 General 6.2.5.2 Read response service 6.2.5.2.1 Model 6.2.5.2.2 Attributes |
| 676 | 6.2.5.3 Write response service 6.2.5.3.1 Model 6.2.5.3.2 Attributes 6.3 Functional Safety data transmission service |
| 677 | 6.4 Functional Safety connection relation |
| 678 | 7 Safety communication layer protocol 7.1 Safety PDU format 7.1.1 General 7.1.2 FSPDU command |
| 679 | 7.1.3 Authentication key 7.1.4 FSPDU CRC 7.1.4.1 CRC calculation 7.1.4.2 CRC polynomial selection |
| 680 | 7.1.4.3 SUID 7.1.4.4 Sequence number 7.1.4.5 Communication error detection with CRC |
| 681 | 7.2 FSCP 17/1 communication procedure 7.2.1 FSCP 17/1 device states 7.2.1.1 General |
| 682 | 7.2.1.2 INITIALIZE state 7.2.1.3 RESET state |
| 683 | 7.2.1.4 CONNECTION state |
| 684 | 7.2.1.5 SET_PARA state |
| 686 | 7.2.1.6 WAIT_PARA state |
| 687 | 7.2.1.7 DATA state |
| 688 | 7.3 Response to communication errors 7.3.1 General |
| 689 | 7.4 State table for SCL of CPF 17 7.4.1 General |
| 690 | 7.4.2 Events |
| 691 | 7.4.3 State table for Initiator 7.4.3.1 General 7.4.3.2 RESET state |
| 692 | 7.4.3.3 CONNECTION state |
| 693 | 7.4.3.4 SET PARAMETER state |
| 694 | 7.4.3.5 DATA state |
| 696 | 7.4.3.6 FAIL-SAFE state |
| 697 | 7.4.4 State table for Responder 7.4.4.1 General 7.4.4.2 RESET state |
| 698 | 7.4.4.3 CONNECTION state |
| 699 | 7.4.4.4 WAIT PARAMETER state |
| 701 | 7.4.4.5 DATA state |
| 702 | 7.4.4.6 FAIL-SAFE state |
| 703 | 8 Safety communication layer management 8.1 FSCP 17/1 parameter handling 8.2 Functional Safety communication parameters 9 System requirements 9.1 Indicators and switches |
| 704 | 9.2 Installation guidelines 9.3 Safety function response time |
| 706 | 9.4 Duration of demands 9.5 Constraints for calculation of system characteristics 9.5.1 General 9.5.2 Number of devices 9.5.3 Probabilistic consideration |
| 707 | 9.6 Maintenance 9.7 Safety manual 10 Assessment |
