Safety: is it time to jump?

Fieldbus continued to evolve, with further developments in the use of fieldbus for safety-related applications. Offering similar benefits to conventional fieldbus technology, safety-related fieldbus has fundamentally changed machine safety systems, and research undertaken by the National Institute for Industrial Safety in Japan using SafetyBUS p and Pilz safety controllers suggests total cost of ownership savings in excess of 50% against the traditional relay based approach.

Conventional fieldbus technology is generally prohibited for safety-related use, unless the bus system is designed to meet the requirements of a safety system. With the introduction of new standards, one of which is IEC 61508, and revision of others (IEC 60204-1 and EN 954-1, with EN 954-1 to be superseded by ISO 13849-1), safety-related systems have been able use 'state of the art' electronic, programmable, and network-based technologies in machine safety. Formerly, standards placed reliance upon hardwired electromechanical components. This is a major change and the impact is no less significant than when early PLCs replaced relay logic in standard control systems.

This pace of change, both technological and standards based, has led to a more cautious and evolutionary approach by some, in contrast to early adopters like the automotive sector which has already embraced the benefits of a safety bus. Clearly, safety-related fieldbus can offer advantages over traditional hardwired safety systems, with reduced wiring complexity and lower design, commissioning, installation and reconfiguration costs. Where intelligence is distributed down to device level, comprehensive diagnostics are available to speed up fault rectification, making maintenance faster and easier. Programmable safety controllers and a new breed of safety-related devices bring additional functionality and flexibility that makes possible integration with robots and safety-related drives. In safety-networked motion control, including start/stop, synchronisation and positioning, safety-related fieldbus brings far greater opportunities than just the replacement of parallel hardwiring and safety relays.

The question with fieldbus remains: which should you choose, or should you wait? Hesitation equals lost opportunity, since obvious benefits are being realised now. However, what are the factors to be considered?

In determining which safety system is going to be used, decisions need to be made about physical size: what maximum bus lengths are supported, what is the input/output count and how many devices and network media can be supported? Is there a need for centralised or distributed safety outputs, or are both required? Functionality, flexibility and the extent of diagnostics depend on how much intelligence there is going to be within individual networked devices, network bandwidth and the extent to which the control system is programmable. The range of current and future devices available will also be a factor as this determines how the system can be developed in the future.

Traffic and loading has performance implications for those considering the combination of non-safe devices with safety-related fieldbus. The potential for undesirable interaction between safety and non-safety devices on the same network not only has implications for network and device design, but also for installation and use under IEC 61508. Separation of safety networks from conventional fieldbus avoids performance issues that could otherwise arise because of the higher bandwidth demands of safety devices for error detection and avoidance. Additionally, stringent EMC requirements for safety-related systems may determine whether standard fieldbus devices may be used in combined systems. IEC 61508 seeks to address failures in safety-related systems that could occur throughout a system's life cycle and as these principles are implemented in other standards they will apply to all but the least complex safety systems. The justification required for compliance with IEC 61508 is likely to be assisted by clearly distinguishing between safety-related and conventional fieldbus systems, putting the higher SIL (Safety Integrity Level) functions on to the safety bus.

Safety-related fieldbus systems will allow users to choose from safety networks that are suited to small or large-scale implementations, with the benefit of separation, combination and interfacing with existing conventional fieldbus networks. As with any technology, choose carefully, ensure it is appropriate and has performance suitable for safety, and then prepare to reap the benefits.

SafetyBUS p Club
q101@industrialnetworking.co.uk