IEC 61784-3:2021 explains some common principles that can be used in the transmission of safety-relevant messages among participants within a distributed network which use fieldbus technology in accordance with the requirements of IEC 61508 (all parts) for functional safety. These principles are based on the black channel approach. They can be used in various industrial applications such as process control, manufacturing automation and machinery.<\/p>\n
| PDF Pages<\/th>\n | PDF Title<\/th>\n<\/tr>\n | ||||||
|---|---|---|---|---|---|---|---|
| 2<\/td>\n | undefined <\/td>\n<\/tr>\n | ||||||
| 6<\/td>\n | Annex ZA(normative)Normative references to international publicationswith their corresponding European publications <\/td>\n<\/tr>\n | ||||||
| 9<\/td>\n | English CONTENTS <\/td>\n<\/tr>\n | ||||||
| 14<\/td>\n | FOREWORD <\/td>\n<\/tr>\n | ||||||
| 16<\/td>\n | 0 Introduction 0.1 General Figures Figure 1 \u2013 Relationships of IEC 61784-3 with other standards (machinery) <\/td>\n<\/tr>\n | ||||||
| 17<\/td>\n | Figure 2 \u2013 Relationships of IEC 61784-3 with other standards (process) <\/td>\n<\/tr>\n | ||||||
| 18<\/td>\n | 0.2 Use of extended assessment methods in Edition 4 0.3 Patent declaration Figure 3 \u2013 Transitions from Ed. 2 to Ed. 4 and future Ed. 5 assessment methods <\/td>\n<\/tr>\n | ||||||
| 19<\/td>\n | 1 Scope 2 Normative references <\/td>\n<\/tr>\n | ||||||
| 21<\/td>\n | 3 Terms, definitions, symbols, abbreviated terms and conventions 3.1 Terms and definitions <\/td>\n<\/tr>\n | ||||||
| 28<\/td>\n | 3.2 Symbols and abbreviated terms 3.2.1 Abbreviated terms <\/td>\n<\/tr>\n | ||||||
| 29<\/td>\n | 3.2.2 Symbols 4 Conformance <\/td>\n<\/tr>\n | ||||||
| 30<\/td>\n | 5 Basics of safety-related fieldbus systems 5.1 Safety function decomposition 5.2 Communication system 5.2.1 General Figure 4 \u2013 Safety communication as a part of a safety function <\/td>\n<\/tr>\n | ||||||
| 31<\/td>\n | 5.2.2 IEC 61158 fieldbuses 5.2.3 Communication channel types Figure 5 \u2013 Example model of a functional safety communication system <\/td>\n<\/tr>\n | ||||||
| 32<\/td>\n | 5.2.4 Safety function response time 5.3 Communication errors 5.3.1 General 5.3.2 Corruption Figure 6 \u2013 Example of safety function response time components <\/td>\n<\/tr>\n | ||||||
| 33<\/td>\n | 5.3.3 Unintended repetition 5.3.4 Incorrect sequence 5.3.5 Loss 5.3.6 Unacceptable delay 5.3.7 Insertion 5.3.8 Masquerade 5.3.9 Addressing <\/td>\n<\/tr>\n | ||||||
| 34<\/td>\n | 5.4 Deterministic remedial measures 5.4.1 General 5.4.2 Sequence number 5.4.3 Time stamp 5.4.4 Time expectation 5.4.5 Connection authentication 5.4.6 Feedback message 5.4.7 Data integrity assurance <\/td>\n<\/tr>\n | ||||||
| 35<\/td>\n | 5.4.8 Redundancy with cross checking 5.4.9 Different data integrity assurance systems 5.5 Typical relationships between errors and safety measures <\/td>\n<\/tr>\n | ||||||
| 36<\/td>\n | 5.6 Communication phases Tables Table 1 \u2013 Overview of the effectiveness ofthe various measures on the possible errors <\/td>\n<\/tr>\n | ||||||
| 37<\/td>\n | 5.7 FSCP implementation aspects 5.8 Models for estimation of the total residual error rate 5.8.1 Applicability Figure 7 \u2013 Conceptual FSCP protocol model Figure 8 \u2013 FSCP implementation aspects <\/td>\n<\/tr>\n | ||||||
| 38<\/td>\n | 5.8.2 General models for black channel communications 5.8.3 Identification of generic safety properties Figure 9 \u2013 Black channel from an FSCP perspective <\/td>\n<\/tr>\n | ||||||
| 39<\/td>\n | 5.8.4 Assumptions for residual error rate calculations <\/td>\n<\/tr>\n | ||||||
| 40<\/td>\n | 5.8.5 Residual error rates <\/td>\n<\/tr>\n | ||||||
| 42<\/td>\n | 5.8.6 Data integrity <\/td>\n<\/tr>\n | ||||||
| 43<\/td>\n | 5.8.7 Authenticity Figure 10 \u2013 Model for authentication considerations <\/td>\n<\/tr>\n | ||||||
| 44<\/td>\n | Figure 11 \u2013 Fieldbus and internal address errors <\/td>\n<\/tr>\n | ||||||
| 45<\/td>\n | 5.8.8 Timeliness <\/td>\n<\/tr>\n | ||||||
| 46<\/td>\n | Figure 12 \u2013 Example of slowly increasing message latency <\/td>\n<\/tr>\n | ||||||
| 47<\/td>\n | Figure 13 \u2013 Example of an active network element failure <\/td>\n<\/tr>\n | ||||||
| 48<\/td>\n | 5.8.9 Masquerade 5.8.10 Calculation of the total residual error rates <\/td>\n<\/tr>\n | ||||||
| 49<\/td>\n | Figure 14 \u2013 Example application 1 (m = 4) Figure 15 \u2013 Example application 2 (m = 2) <\/td>\n<\/tr>\n | ||||||
| 50<\/td>\n | 5.8.11 Total residual error rate and SIL 5.8.12 Configuration and parameterization for an FSCP Table 2 \u2013 Typical relationship of residual error rate to SIL Table 3 \u2013 Typical relationship of residual error on demand to SIL <\/td>\n<\/tr>\n | ||||||
| 51<\/td>\n | Figure 16 \u2013 Example of configuration and parameterization procedures for FSCP <\/td>\n<\/tr>\n | ||||||
| 52<\/td>\n | 5.9 Relationship between functional safety and security 5.10 Boundary conditions and constraints 5.10.1 Electrical safety <\/td>\n<\/tr>\n | ||||||
| 53<\/td>\n | 5.10.2 Electromagnetic compatibility (EMC) 5.11 Installation guidelines 5.12 Safety manual 5.13 Safety policy <\/td>\n<\/tr>\n | ||||||
| 54<\/td>\n | 6 Communication Profile Family 1 (Foundation\u2122 Fieldbus) \u2013 Profiles for functional safety 7 Communication Profile Family 2 (CIP\u2122) and Family 16 (SERCOS\u00ae) \u2013 Profiles for functional safety <\/td>\n<\/tr>\n | ||||||
| 55<\/td>\n | 8 Communication Profile Family 3 (PROFIBUS\u2122, PROFINET\u2122) \u2013 Profiles for functional safety 9 Communication Profile Family 6 (INTERBUS\u00ae) \u2013 Profiles for functional safety Table 4 \u2013 Overview of profile identifier usable for FSCP 6\/7 <\/td>\n<\/tr>\n | ||||||
| 56<\/td>\n | 10 Communication Profile Family 8 (CC-Link\u2122) \u2013 Profiles for functional safety 10.1 Functional Safety Communication Profile 8\/1 10.2 Functional Safety Communication Profile 8\/2 11 Communication Profile Family 12 (EtherCAT\u2122) \u2013 Profiles for functional safety <\/td>\n<\/tr>\n | ||||||
| 57<\/td>\n | 12 Communication Profile Family 13 (Ethernet POWERLINK\u2122) \u2013 Profiles for functional safety 13 Communication Profile Family 14 (EPA\u00ae) \u2013 Profiles for functional safety 14 Communication Profile Family 17 (RAPIEnet\u2122) \u2013 Profiles for functional safety <\/td>\n<\/tr>\n | ||||||
| 58<\/td>\n | 15 Communication Profile Family 18 (SafetyNET p\u2122 Fieldbus) \u2013 Profiles for functional safety <\/td>\n<\/tr>\n | ||||||
| 59<\/td>\n | Annexes Annex A (informative)Example functional safety communication models A.1 General A.2 Model A (single message, channel and FAL, redundant SCLs) A.3 Model B (full redundancy) Figure A.1 \u2013 Model A <\/td>\n<\/tr>\n | ||||||
| 60<\/td>\n | A.4 Model C (redundant messages, FALs and SCLs, single channel) A.5 Model D (redundant messages and SCLs, single channel and FAL) Figure A.2 \u2013 Model B Figure A.3 \u2013 Model C <\/td>\n<\/tr>\n | ||||||
| 61<\/td>\n | Figure A.4 \u2013 Model D <\/td>\n<\/tr>\n | ||||||
| 62<\/td>\n | Annex B (normative)Safety communication channel modelusing CRC-based error checking B.1 Overview B.2 Channel model for calculations Figure B.1 \u2013 Binary symmetric channel (BSC) <\/td>\n<\/tr>\n | ||||||
| 63<\/td>\n | B.3 Bit error probability Pe Figure B.2 \u2013 Block codes for error detection Table B.1 \u2013 Example dependency dmin and block bit length n <\/td>\n<\/tr>\n | ||||||
| 64<\/td>\n | B.4 Cyclic redundancy checking B.4.1 General B.4.2 Requirements for methods to calculate RCRC Figure B.3 \u2013 Example of a block with a message part and a CRC signature <\/td>\n<\/tr>\n | ||||||
| 65<\/td>\n | Figure B.4 \u2013 Proper and improper CRC polynomials <\/td>\n<\/tr>\n | ||||||
| 66<\/td>\n | Annex C (informative)Structure of technology-specific parts Table C.1 \u2013 Common subclause structure for technology-specific parts <\/td>\n<\/tr>\n | ||||||
| 69<\/td>\n | Annex D (informative)Assessment guideline D.1 Overview D.2 Channel types D.2.1 General D.2.2 Black channel D.2.3 White channel <\/td>\n<\/tr>\n | ||||||
| 70<\/td>\n | D.3 Data integrity considerations for white channel approaches D.3.1 General D.3.2 Models B and C <\/td>\n<\/tr>\n | ||||||
| 71<\/td>\n | D.3.3 Models A and D D.4 Verification of safety measures D.4.1 General Figure D.1 \u2013 Basic Markov model <\/td>\n<\/tr>\n | ||||||
| 72<\/td>\n | D.4.2 Implementation D.4.3 Default safety action D.4.4 Safe state D.4.5 Transmission errors D.4.6 Safety reaction and response times D.4.7 Combination of measures <\/td>\n<\/tr>\n | ||||||
| 73<\/td>\n | D.4.8 Absence of interference D.4.9 Additional fault causes (white channel) D.4.10 Reference test beds and operational conditions D.4.11 Conformance tester <\/td>\n<\/tr>\n | ||||||
| 74<\/td>\n | Annex E (informative)Examples of implicit vs. explicit FSCP safety measures E.1 General E.2 Example fieldbus message with safety PDUs E.3 Model with completely explicit safety measures Figure E.1 \u2013 Example safety PDUs embedded in a fieldbus message Figure E.2 \u2013 Model with completely explicit safety measures <\/td>\n<\/tr>\n | ||||||
| 75<\/td>\n | E.4 Model with explicit A-code and implicit T-code safety measures E.5 Model with explicit T-code and implicit A-code safety measures Figure E.3 \u2013 Model with explicit A-code and implicit T-code safety measures <\/td>\n<\/tr>\n | ||||||
| 76<\/td>\n | E.6 Model with split explicit and implicit safety measures Figure E.4 \u2013 Model with explicit T-code and implicit A-code safety measures Figure E.5 \u2013 Model with split explicit and implicit safety measures <\/td>\n<\/tr>\n | ||||||
| 77<\/td>\n | E.7 Model with completely implicit safety measures E.8 Addition to Annex B \u2013 impact of implicit codes on properness Figure E.6 \u2013 Model with completely implicit safety measures <\/td>\n<\/tr>\n | ||||||
| 78<\/td>\n | Annex F (informative)Legacy models for estimation of the total residual error rate F.1 General F.2 Calculation of the residual error rate <\/td>\n<\/tr>\n | ||||||
| 79<\/td>\n | Figure F.1 \u2013 Example application 1 (m = 4) Table F.1 \u2013 Definition of items used for calculation of the residual error rates <\/td>\n<\/tr>\n | ||||||
| 80<\/td>\n | F.3 Total residual error rate and SIL Figure F.2 \u2013 Example application 2 (m = 2) Table F.2 \u2013 Typical relationship of residual error rate to SIL Table F.3 \u2013 Typical relationship of residual error on demand to SIL <\/td>\n<\/tr>\n | ||||||
| 81<\/td>\n | Annex G (informative)Implicit data safety mechanisms for IEC 61784\ufffd3 functionalsafety communication profiles (FSCPs) G.1 Overview G.2 Basic principles <\/td>\n<\/tr>\n | ||||||
| 82<\/td>\n | G.3 Problem statement: constant values for implicit data Figure G.1 \u2013 FSCP with implicit transmission of authenticityand\/or timeliness codes <\/td>\n<\/tr>\n | ||||||
| 83<\/td>\n | Figure G.2 \u2013 Example of an incorrect transmission with multiple error causes <\/td>\n<\/tr>\n | ||||||
| 84<\/td>\n | Figure G.3 \u2013 Impact of errors in implicit data on the residual error probability <\/td>\n<\/tr>\n | ||||||
| 85<\/td>\n | G.4 RP for FSCPs with random, uniformly distributed errimpl G.4.1 General <\/td>\n<\/tr>\n | ||||||
| 86<\/td>\n | G.4.2 Uniform distribution within the interval [0;2i-1], i \u2265 r <\/td>\n<\/tr>\n | ||||||
| 88<\/td>\n | G.4.3 Uniform distribution in the interval [1;2r-1], i = r <\/td>\n<\/tr>\n | ||||||
| 90<\/td>\n | G.5 General case G.6 Calculation of PID <\/td>\n<\/tr>\n | ||||||
| 92<\/td>\n | Annex H (informative)Residual error probability for example CRC codes(tables for verification of calculation methods) H.1 Overview H.2 Example of a 32-bit CRC <\/td>\n<\/tr>\n | ||||||
| 93<\/td>\n | Table H.1 \u2013 Residual error probabilities (RCRC1) for example CRC32 polynomial <\/td>\n<\/tr>\n | ||||||
| 94<\/td>\n | Figure H.1 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 1) Figure H.2 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 2) <\/td>\n<\/tr>\n | ||||||
| 95<\/td>\n | Figure H.3 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 3) Figure H.4 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 4) <\/td>\n<\/tr>\n | ||||||
| 96<\/td>\n | Figure H.5 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 5) Figure H.6 \u2013 Residual error probabilities (example of a 32-bit CRC \u2013 result 6) <\/td>\n<\/tr>\n | ||||||
| 97<\/td>\n | H.3 Example of a 16-bit CRC <\/td>\n<\/tr>\n | ||||||
| 98<\/td>\n | Table H.2 \u2013 Residual error probabilities (RCRC2) for example CRC16 polynomial <\/td>\n<\/tr>\n | ||||||
| 99<\/td>\n | Figure H.7 \u2013 Residual error probabilities (example of a 16-bit CRC \u2013 result 1) Figure H.8 \u2013 Residual error probabilities (example of a 16-bit CRC \u2013 result 2) <\/td>\n<\/tr>\n | ||||||
| 100<\/td>\n | Figure H.9 \u2013 Residual error probabilities (example of a 16-bit CRC \u2013 result 3) Figure H.10 \u2013 Residual error probabilities (example of a 16-bit CRC \u2013 result 4) <\/td>\n<\/tr>\n | ||||||
| 101<\/td>\n | H.4 Conclusion Figure H.11 \u2013 Residual error probabilities (example of a 16-bit CRC \u2013 result 5) Figure H.12 \u2013 Example 1 of improper polynomial <\/td>\n<\/tr>\n | ||||||
| 102<\/td>\n | Figure H.13 \u2013 Example 2 of improper polynomial <\/td>\n<\/tr>\n | ||||||
| 103<\/td>\n | Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Industrial communication networks. Profiles – Functional safety fieldbuses. General rules and profile definitions<\/b><\/p>\n |