|
This is the web edition of the original ⮫ AC500-S safety user manual, version 1.3.2. This web edition is provided for quick reference only. The original safety user manual must be used to meet functional safety application requirements. |
Setting the maximum number of power dips in SM560-S safety CPU
The SF_MAX_POWER_DIP_SET function block allows users to control the safety CPU restart behaviour after power-off phases less than 1.5 s ("power dip") from power supply of non-safety CPU. To avoid repeated power dip detection on the safety CPU, make sure that the power-off phase of the power cycle lasts for at least 1.5 s before the power-on is performed.
To successfully restart the safety CPU in RUN (safety) mode after the power dip was detected, you have to follow the restart procedure. One or two power cycles may be required to prevent an uncontrolled behavior after power dip.
Without using FB SF_MAX_POWER_DIP_SET, two power cycles (or reboot command) have to be performed after power dip.
Alternatively, you can configure the restart behavior with the FB SF_MAX_POWER_DIP_SET. Define a number of tolerated power dips at input MAX_POWER_DIP_CNT. For the defined number of power dips, restart with only one power cycle (or reboot command) is accepted.
The number of occurred power dips is counted inside the safety CPU (current number is accessible via FB SF_MAX_POWER_DIP_GET⮫ “SF_MAX_POWER_DIP_GET”) and compared to the number available prior to the start of the safety application program (configured number is accessible via FB SF_MAX_POWER_DIP_GET_CFG⮫ “SF_MAX_POWER_DIP_GET_CFG”). As long as the counted number is not higher than the configured number, only one power cycle (or reboot command) is needed to restart the safety CPU. If the counted number gets higher than the configured value, two power cycles (or reboot commands) are necessary to restart the safety CPU. The current counter can be resetted by calling FB SF_MAX_POWER_DIP_SET again.
Only one function block instance must be used in the safety program, otherwise a warning is issued.
NOTICE
Each time SF_MAX_POWER_DIP_SET FB is called with EN transition from FALSE to TRUE, the internal power dip counter value is reset, which means that power dip counter will be started from 0 now. Thus, it makes sense to call SF_MAX_POWER_DIP_SET FB in safety program only once with EN transition from FALSE to TRUE as a one-time parameterization of power dip functionality.
If you do not follow the recommendation above, each time SF_MAX_POWER_DIP_SET FB is called with EN transition from FALSE to TRUE in the safety application program, the counter value for restarts after power dip in the safety CPU, which can be read from SF_MAX_POWER_DIP_GET FB, will be reset to '0'.
|
Name |
Data type |
Initial value |
Description, parameter values |
|---|---|---|---|
|
VAR_INPUT |
|||
|
EN |
BOOL |
FALSE |
The block is activated to store MAX_POWER_DIP_CNT value in the flash memory using a transition of EN input from FALSE to TRUE. The block remains active and ignores any changes on EN input until DONE output is equal to TRUE. The MAX_POWER_DIP_CNT value can be stored in the flash memory only if the transition on EN input from FALSE to TRUE is triggered. |
|
MAX_POWER_DIP_CNT |
WORD |
16#0000 |
Maximum number of tolerated safety CPU restarts with only one power cycle (or reboot command) after power dip errors. |
|
VAR_OUTPUT |
|||
|
DONE |
BOOL |
FALSE |
Output DONE indicates that the set process is finished (see also ERR output). |
|
ERR |
BOOL |
FALSE |
If TRUE, then error occurred during the set process (saving of MAX_POWER_DIP_CNT value to the flash memory). |
Call in ST
SF_MAX_POWER_DIP_SET (EN := SF_MAX_POWER_DIP_SET_EN, MAX_POWER_DIP_CNT := SF_MAX_POWER_DIP_SET_MAX_POWER_DIP_CNT, DONE => SF_MAX_POWER_DIP_SET_DONE, ERR => SF_MAX_POWER_DIP_SET_ERR);