Safe Communications via PROFIBUS DP with the PROFIsafe Profile

safety INTEGRATED

You cant get any safer PROFIsafe sets new standards

PROFIsafe permits safety-related communications using the standard PROFIBUS DP fieldbus. This means that communication errors are immediately detected in the system. PROFIsafe technology has already proven itself: Fail-safe PROFIsafe components from Siemens have established themselves in many safety technology applications. A seamless program: From the sensor systems through the evaluation equipment up to safe shutdown of the machines our SIGUARD, SIMATIC and SINUMERIK/SIMODRIVE product groups from the Safety Integrated program offer a high degree of integrated safety.

Coexistence of standard and safety-related communications

S7-300F CPU

Emergency Stop F I/O DP slave

Standard CPU DP master

PROFIBUS DP Repeater

PG/ES with access e. g. firewall TCP/IP Engineering Tool

F = Fail-safe

F sensor DP slave

Standard I/O DP slave

F gateway of other safety busses

Just what does PROFIsafe do? PROFIsafe was the first communications standard in compliance with IEC 61508, which permits standard and safety-related communications on one and the same bus. With SIL 3 (Safety Integrity Level), Category 4 (EN 954-1), it fulfills the highest requirements in the production and process industries. And, not only this, but with the PA data transmission version (IEC 1158-2), PROFIBUS DP extends the degree of integration of distributed automation down to the process environment. PROFIsafe supports the various communication requirements in the production and process industries: On the one hand as a result of the extremely fast and on the other hand the extremely complex data transfer. And, all of this is mastered using a unified, integrated solution. Aligned to safety: The telegram structure PROFIsafe uses the PROFIBUS utilities for safe communications. In addition to the net data, status and control data are also exchanged between a fail-safe CPU (F CPU) and a fail-safe slave (F slave). The F slave can flag erroneous telegrams to the F CPU. With PROFIsafe, one byte is provided at the end of the useful data for data transfer. An additional byte contains the already written consecutive number, which the telegram sender enters (source-based counter). Production and process technology place different requirements on a safety system. PROFIsafe therefore offers two different net data lengths. One of these is a maximum of 12 bytes and requires a 2byte CRC at the end of the consecutive number. The other is a maximum of 122 bytes and requires a 4byte CRC.

I am
PROCESS FIELD BUS

Safety-related telegram structure

fe

ProfiSafe

PR

OF I sa

Standard Telegram Frame

F net data

Status / Consecutive CRC2 control byte number

Standard net data

Sourcebased counter Max. 12 or 122 bytes 1 byte 1 byte

Via F net data and F parameter

2/4 bytes *) 240/238 F net

Max. 244 bytes DP net data

*)2 bytes up to max. 12 bytes net data 4 bytes up to max. 122 bytes net data

This is how PROFIsafe works PROFIsafe counters possible errors when transferring messages, such as address corruption, loss, delay etc., with four distinct measures: PROFIsafe data is consecutively numbered, the time is monitored authenticity is monitored using passwords and an optimized CRC security mechanism. Safety-related transmitter signals of a PROFIBUS station reach the safetyrelated CPU via PROFIBUS slave nodes. After interlocking, an appropriate output signal is sent to a fail-safe PROFIBUS slave. The slave doesnt use a redundant path anywhere along its complete communications route, which means that data is transferred through a single channel.

Fail-safe data

Standard data

Fail-safe data

Standard data

PROFIsafe Standard PROFIBUS DP Protocol

PROFIsafe Standard PROFIBUS DP Protocol

PROFIsafe layer Black channel = Standard PROFIBUS

PROFIBUS DP

Open solution for more possibilities PROFIsafe is an open solution for safety-related communications using standard fieldbuses. Many manufacturers of safety components and end users from safety technology participated in generating the Standard. The result: The defined interfaces and techniques allow a continually increasing number of safety devices (F CPUs and F slaves) and systems to be used in a flexible architecture. Your advantage: The safety-related and standard communications run on one and the same bus cable. This not only significantly reduces the cabling costs and variety of parts and components, but also offers some significant advantages when retrofitting. PROFIsafe uses existing standard communication components such as cables, ASICs and standard software packages. You have the following benefits when standard components are used: Standard mounting and installation guidelines are used unchanged, e. g. for routing, connecting shields and lightning protection Fail-safe, redundant systems can be implemented The number of bus stations and communications performance are not affected It is no longer necessary to stock two different sets of cabling components PROFIsafe was developed in compliance with the IEC 61508 safety Standard. Additional relevant Standards were also taken into account. SIL 3 (Safety Integrity Level), Category 4 (EN 954-1) and AK6 (DIN V 19250) are the safety levels which are achieved.

Error-free data transfer In seldom cases, errors occur in the data transfer which however cannot be tolerated in fail-safe plants. Telegrams are lost, are repeated or are additionally inserted, are received in the incorrect sequence or contain corrupted data. PROFIsafe quickly and clearly detects these errors: This is realized using appropriate measures such as continuous numbering, watchdog, ID between the sender and receiver and additional data security (CRC). In this case, an additional Cyclic Redundancy Check (CRC) detects corrupted data bits of a telegram (process signals and values or parameters deposited in the slave) which plays a key role. This means that each time a communication error occurs, in conjunction with the user program of the F CPU, the plant or system is brought into a safe condition.

FAX order +49/911/978-3321 Info Service CD/Z0951-E

More information about our seamless safety: (Simply fill out the form and order by fax)
Safety Integrated an overview Application Manual 4th Edition

Safety-related low-voltage switching devices and sensors

The info CD-ROM on safety technology

Controller: Fail-safe control systems

Please send me more information on the following subject:

Please send the selected information to the following address:

Company/Department

Industry sector

Name

Telephone

Function

Fax

Street

E-mail

Postal code/City

I would like to meet my regional contact partner

www.siemens.com/safety
Siemens AG Automation and Drives Postfach 32 40 D-91050 Erlangen

Subject to change without prior notice 01/03 | Order No. E20001-A160-M103-X-7600 | Dispostelle 27610 | 21C7759 WS 01035.0 | Printed in Germany