Industrial communications subsystem based on ISO 11898 (CAN) for controller-device interfaces - Part 5: Functional safety communication based on EN 50325-4

This European Standard specifies a safety-related communication layer (services and protocol) based on EN 50325 4. This European Standard applies to networks based on EN 50325 4 providing safety-related communication capabilities between devices in a safety-related system in accordance with the requirements of EN 61508 series for functional safety. The services and protocols defined in this standard are intended to extend those defined in EN 50325 4. These services and protocols may be used in various applications such as manufacturing, machinery, medical, mobile machinery and process control. NOTE 1 This European Standard does not cover the procedures for the safety-related configuration and for the safety-related setup of safety-related systems. The definition and implementation of such procedures depends on the kind of the safety-related system. For example flexible safety-related systems like operating theatres as found in medical systems require different procedures than for fixed safety-related systems like cranes in the mobile machinery. This European Standard does not cover electrical safety, intrinsic safety and security aspects. Electrical safety relates to hazards such as electrical shock. Intrinsic safety relates to hazards associated with potentially explosive atmospheres. Security relates to enforcing policies to prevent changes in the safety-related system by unauthorized personnel. NOTE 2 The resulting safety integrity level claim of a system depends on the implementation of the services and protocols within the devices and the system. The implementation of the services and protocols defined in this European Standard in a device is not sufficient to qualify the device as a safety-related device.

Industrielles Kommunikationssubsystem basierend auf ISO 11898 (CAN) - Teil 5: Funktional sichere Kommunikation basierend auf EN 50325-4

Sous-système de communications industriel basé sur l'ISO 11898 (CAN) pour les interfaces des dispositifs de commande - Partie 5: Communication de sécurité fonctionnelle basée sur EN 50325-4

Industrijski komunikacijski podsistemi, ki temeljijo na ISO 11898 (CAN) za vmesnike krmilnikov - 5. del: Funkcionalno varna komunikacija na osnovi EN 50325-4

Ta evropski standard določa komunikacijsko plast, povezano z varnostjo (storitve in protokoli), osnovano na EN 50325-4. Ta evropski standard velja za omrežja, osnovana na EN 50325-4, ter zagotavlja z varnostjo povezane komunikacijske zmogljivosti med napravami v sistemih, povezanih z varnostjo, v skladu z zahtevami serije EN 61508 za funkcionalno varnost.   Storitve in protokoli, določeni s tem standardom, so namenjeni temu, da razširijo tiste, ki so določeni v EN 50325-4. Te storitve in protokoli se lahko uporabijo na različne načine, kot je uporaba za proizvodnjo, stroje, medicino, mobilne stroje in procesni nadzor. OPOMBA 1 Ta mednarodni standard ne zajema postopkov za nastavitve, povezane z varnostjo, in za postavitev, povezano z varnostjo sistemov povezanih z varnostjo. Definicija in vpeljava teh postopkov je odvisna od vrste sistemov, povezanih z varnostjo. Na primer, prilagodljive sisteme, povezane z varnostjo, kot so operacijski bloki, ki se nahajajo v medicinskih sistemih, potrebujejo različne postopke od tistih za fiksne sisteme, povezane z varnostjo, kot so žerjavi im mobilni stroji. Ta evropski standard ne zajema električne varnosti, notranje varnosti in varnostnih vidikov. Električna varnost je povezana z nevarnostmi kot je električni šok.  Notranja varnost se nanaša na nevarnosti, ki so povezane s potencialno eksplozivnimi atmosferami.  Varnost se nanaša na uveljavljanje politik za preprečevanje sprememb v sistemih, povezanih z varnostjo, s strani nepooblaščenega osebja. OPOMBA 2 Iz tega izhajajoča celovita varnostna stopnja sistema je odvisna od vpeljave storitev in protokolov znotraj naprav in sistemov.  Vpeljava storitev in protokolov, določenih v tem evropskem standardu, v napravo ni dovolj, da naprava izpolnjuje pogoje za napravo, povezano z varnostjo.

General Information

Status
Published
Publication Date
15-Jul-2010
Technical Committee
Parallel Committee
Current Stage
6060 - Document made available
Due Date
16-Jul-2010
Completion Date
16-Jul-2010

Buy Standard

Standard
EN 50325-5:2010
English language
36 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST EN 50325-5:2010
01-september-2010
Industrijski komunikacijski podsistemi, ki temeljijo na ISO 11898 (CAN) za
vmesnike krmilnikov - 5. del: Funkcionalno varna komunikacija na osnovi EN
50325-4

Industrial communications subsystem based on ISO 11898 (CAN) for controller-device

interfaces - Part 5: Functional safety communication based on EN 50325-4
Industrielles Kommunikationssubsystem basierend auf ISO 11898 (CAN) - Teil 5:
Funktional sichere Kommunikation basierend auf EN 50325–4
Sous-système de communications industriel basé sur l'ISO 11898 (CAN) pour les
interfaces des dispositifs de commande - Partie 5: Communication de sécurité
fonctionnelle basée sur EN 50325-4
Ta slovenski standard je istoveten z: EN 50325-5:2010
ICS:
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
43.040.15 $YWRPRELOVNDLQIRUPDWLND Car informatics. On board
9JUDMHQLUDþXQDOQLãNLVLVWHPL computer systems
SIST EN 50325-5:2010 en

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN 50325-5:2010
---------------------- Page: 2 ----------------------
SIST EN 50325-5:2010
EUROPEAN STANDARD
EN 50325-5
NORME EUROPÉENNE
July 2010
EUROPÄISCHE NORM
ICS 43.040.15
English version
Industrial communications subsystem based on ISO 11898 (CAN)
for controller-device interfaces -
Part 5: Functional safety communication based on EN 50325-4
Sous-système de communications Industrielles Kommunikationssubsystem
industriel basé sur l'ISO 11898 (CAN) basierend auf ISO 11898 (CAN) -
pour les interfaces des dispositifs Teil 5: Funktional sichere Kommunikation
de commande - basierend auf EN 50325-4
Partie 5: Communication de sécurité
fonctionnelle basée sur EN 50325-4

This European Standard was approved by CENELEC on 2010-07-01. CENELEC members are bound to comply

with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard

the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on

application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other

language made by translation under the responsibility of a CENELEC member into its own language and notified

to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,

the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,

Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,

Spain, Sweden, Switzerland and the United Kingdom.
CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
Management Centre: Avenue Marnix 17, B - 1000 Brussels

© 2010 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.

Ref. No. EN 50325-5:2010 E
---------------------- Page: 3 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 2 -
Foreword

This European Standard was prepared by the Technical Committee CENELEC TC 65CX, Fieldbus.

It was submitted to the formal vote and was approved by CENELEC as EN 50535-5 on 2010-07-01.

Attention is drawn to the possibility that some of the elements of this document may be the subject of patent

rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent rights.

The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement
(dop) 2011-07-01
– latest date by which the national standards conflicting
with the EN have to be withdrawn
(dow) 2013-07-01
__________
---------------------- Page: 4 ----------------------
SIST EN 50325-5:2010
- 3 - EN 50325-5:2010
Contents

Introduction ............................................................................................................................................ 5

1 Scope ............................................................................................................................................ 8

2 Normative references .................................................................................................................. 8

3 Terms, definitions, symbols, abbreviated terms and conventions ........................................ 9

3.1 Terms and definitions .......................................................................................................... 9

3.2 Symbols and abbreviated terms.......................................................................................... 9

3.3 Conventions ...................................................................................................................... 10

4 Overview of CANopen Safety ................................................................................................... 10

5 General ....................................................................................................................................... 11

5.1 External documents providing specifications for the profile .............................................. 11

5.2 Safety functional requirements.......................................................................................... 11

5.3 Safety measures ............................................................................................................... 12

5.4 Safety communication layer structure ............................................................................... 12

5.5 Relationships with FAL ...................................................................................................... 13

6 Safety communication layer services ..................................................................................... 13

6.1 Introduction ........................................................................................................................ 13

6.2 SR data object (SRDO) ..................................................................................................... 13

6.3 Global fail-safe command (GFC) ...................................................................................... 14

6.4 SR communication objects ................................................................................................ 15

7 Safety communication layer protocol ..................................................................................... 26

7.1 SRDO ................................................................................................................................ 26

7.2 GFC ................................................................................................................................... 28

8 Safety communication layer management ............................................................................. 28

8.1 Overview ........................................................................................................................... 28

8.2 SR network initialization and system boot-up ................................................................... 28

8.3 SR device and network configuration ............................................................................... 29

9 System requirements ................................................................................................................ 29

9.1 Indicators and switches ..................................................................................................... 29

9.2 Installation guidelines ........................................................................................................ 29

9.3 Safety function response time ........................................................................................... 29

9.4 Constraints for the calculation of system characteristics .................................................. 31

9.5 Maintenance ...................................................................................................................... 31

9.6 Safety manual ................................................................................................................... 31

10 Assessment ............................................................................................................................... 31

11 Conformance ............................................................................................................................. 32

Annex A (informative) Example SR communication models ........................................................... 33

A.1 General .............................................................................................................................. 33

A.2 Model I ............................................................................................................................... 33

A.3 Model II .............................................................................................................................. 33

A.4 Model III ............................................................................................................................. 34

A.5 Model IV ............................................................................................................................ 34

Bibliography ......................................................................................................................................... 35

---------------------- Page: 5 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 4 -
Figures

Figure 1 — Safety-related definitions in this standard ............................................................................. 5

Figure 2 — Relationships of EN 50325–5 with other standards (machinery) ......................................... 6

Figure 3 — Relationships of EN 50325–5 with other standards (process) ............................................. 7

Figure 4 — Relationship of SR data objects.......................................................................................... 11

Figure 5 — Communication layers ........................................................................................................ 13

Figure 6 — Example of SRDO transmission ......................................................................................... 14

Figure 7 — Example of SCT timing ....................................................................................................... 26

Figure 8 — Example of SRVT timing ..................................................................................................... 27

Figure 9 — SRDO write ......................................................................................................................... 27

Figure 10 — GFC write .......................................................................................................................... 28

Figure 11 — Safety function response time .......................................................................................... 30

Figure A.1 — Model I ............................................................................................................................. 33

Figure A.2 —Model II ............................................................................................................................. 33

Figure A.3 — Model III ........................................................................................................................... 34

Figure A.4 — Model IV .......................................................................................................................... 34

Tables

Table 1 — Communication errors and safety measures matrix ............................................................ 12

Table 2 — SRDO write .......................................................................................................................... 14

Table 3 — SRDO communication parameter record ............................................................................. 15

Table 4 — Object definition ................................................................................................................... 16

Table 5 — Entry definition ..................................................................................................................... 17

Table 6 — Value definition .................................................................................................................... 19

Table 7 — Object definition ................................................................................................................... 19

Table 8 — Entry definition ..................................................................................................................... 20

Table 9 — SR parameter data for SRDO 1 for CRC calculation ........................................................... 23

Table 10 — Object definition ................................................................................................................. 23

Table 11 — Entry definition ................................................................................................................... 24

Table 12 — Object definition ................................................................................................................. 25

Table 13 — Entry definition ................................................................................................................... 25

Table 14 — Object definition ................................................................................................................. 26

Table 15 — Entry definition ................................................................................................................... 26

---------------------- Page: 6 ----------------------
SIST EN 50325-5:2010
- 5 - EN 50325-5:2010
Introduction

The EN 50325-4 fieldbus standard defines a communication protocol that enables distributed control of

automated applications. Fieldbus technology is now considered well accepted and well proven. Thus many

fieldbus enhancements are emerging, addressing not yet standardized areas such as real time, safety-

related and security-related applications.

This European Standard specifies a safety communication layer (profile and corresponding protocols) based

on the communication profile and protocol layer of EN 50325-4. The relevant principles for functional safety

communication with reference to EN 61508 series are explained in EN 61784–3. Differently to EN 61784–3

this standard uses a white channel approach. It does not cover electrical safety and intrinsic safety aspects.

Figure 1 shows the safety-related definitions in this standard. In implementing this standard additional

measures to ensure integrity with the requirements of EN 61508 series shall be taken care (marked blue and

dashed-blue in Figure 1).
Figure 1 — Safety-related definitions in this standard
---------------------- Page: 7 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 6 -

Figure 2 shows the relationships between this standard and relevant safety and fieldbus standards in a

machinery environment.
Product standards
EN ISO 12100–1 and EN ISO 14121
EN 61496 EN 61131–6 EN 61800–5–2 EN ISO 10218–1
Safety of machinery – Principles for
Safety f. e.g. Safety for PLC Safety functions Safety requirements
design and risk assessment
light curtains (under consideration) for drives for robots
Design of safety-related electrical, electronic and programmable
EN 61784–3
electronic control systems (SRECS) for machinery
Industrial communication networks – Profiles
Part 3: Functional safety fieldbuses (common part)
SIL based PL based
Design objective
EN 61918
Installation guide
Applicable standards
(common part)
EN 60204–1
EN ISO 13849–1, –2
Safety of electrical
Safety -related parts
equipment
EN 61000–1–2
of machinery
Methodology EMC & functional safety
(SRPCS)
EN 61326–3–1
EN 50325–5
Non-electrical
Test EMC & functional safety
Functional safety
communication based on
Electrical
EN50325–4 (CANopen Safety) US: NFPA 79
(2006)
EN 62061
Functional safety
EN 50325–4
for machinery
Industrial communication subsystem
(SRECS)
based on ISO 11898 (CAN)
EN 61508 series
(including EMI for
for controller-device interfaces
Functional safety
industrial environment)
Part 4: CANopen
(basic standard)
Key
(yellow) safety-related standards
(blue) fieldbus-related standards
(dashed yellow) this standards

NOTE Subclauses 6.7.6.4 (high complexity) and 6.7.8.1.6 (low complexity) of EN 62061 specify the relationship between PL (category)

and SIL.
Figure 2 — Relationships of EN 50325–5 with other standards (machinery)
---------------------- Page: 8 ----------------------
SIST EN 50325-5:2010
- 7 - EN 50325-5:2010

Figure 3 shows the relationships between this standard and relevant safety and fieldbus standards in a

process environment.
Product standards
EN 61496 EN 61131–6 EN 61800–5–2 EN ISO 10218–1
Safety f . e.g. Safety f or PLC Safety f unctions Saf ety requirements
light curtains (under consideration) for drives f or robots
EN 61784–3 See safety standards for machinery
Industrial communication networks – Profiles
(Figure 2)
Part 3: Functional safety f ieldbuses (common part)
Valid also in process industries,
EN 61918 whenever applicable
Installation guide
(common part)
EN 61326–3–2*
EMC and
EN 50325–5
functional safety
Functional saf ety
communication based on
EN50325–4 (CANopen Safety)
US:
ISA-84.00.01
(3 parts = modif ied
EN 61511 series
EN 50325–4
IEC 61511)
Functional safety–
Industrial communication subsystem
Safety instrumented
based on ISO 11898 (CAN)
EN 61508 series
systems f or the
for controller-device interfaces
Functional saf ety
process industry sector DE: VDI 2180
Part 4: CANopen
(basic standard)
Part 1 - 4
Key
(yellow) safety-related standards
(blue) fieldbus-related standards
(dashed yellow) this standards
For specified electromagnetic environments; otherwise EN 61326-3-1.
Figure 3 — Relationships of EN 50325–5 with other standards (process)

In other environments than machinery and process control, like for example medical devices or railway

systems, other standards instead may apply. The user of this standard has to take care that all related

standards for the corresponding environment are considered.

Safety communication layers, which are implemented as part of safety-related systems according to

EN 61508 series, provide the necessary confidence in the transportation of messages (information) between

two or more participants on a field bus in a safety-related system, or sufficient confidence of safe behaviour

in the event of fieldbus errors or failures.

The safety communication layer specified in this standard do this in such a way that a fieldbus can be used

for applications requiring functional safety up to the Safety Integrity Level (SIL) specified by its corresponding

safety communication profile.

The resulting SIL claim of a system depends on the implementation of the functional safety communication

profile within this system – implementation of the functional safety communication profile in a regular device

is not sufficient to qualify it as a safety device.
---------------------- Page: 9 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 8 -
This European Standard covers:

— individual description of the functional safety profile for the communication profile defined in

EN 50325-4;

— safety layer extensions to the communication object and object dictionary sections in EN 50325-4.

1 Scope

This European Standard specifies a safety-related communication layer (services and protocol) based on

EN 50325-4.

This European Standard applies to networks based on EN 50325-4 providing safety-related communication

capabilities between devices in a safety-related system in accordance with the requirements of EN 61508

series for functional safety. The services and protocols defined in this standard are intended to extend those

defined in EN 50325-4. These services and protocols may be used in various applications such as

manufacturing, machinery, medical, mobile machinery and process control.

NOTE 1 This European Standard does not cover the procedures for the safety-related configuration and for the safety-related setup of

safety-related systems. The definition and implementation of such procedures depends on the kind of the safety-related system. For

example flexible safety-related systems like operating theatres as found in medical systems require different procedures than for fixed

safety-related systems like cranes in the mobile machinery. This European Standard does not cover electrical safety, intrinsic safety and

security aspects. Electrical safety relates to hazards such as electrical shock. Intrinsic safety relates to hazards associated with

potentially explosive atmospheres. Security relates to enforcing policies to prevent changes in the safety-related system by

unauthorized personnel.

NOTE 2 The resulting safety integrity level claim of a system depends on the implementation of the services and protocols within the

devices and the system. The implementation of the services and protocols defined in this European Standard in a device is not sufficient

to qualify the device as a safety-related device.
2 Normative references

EN 50325-4, Industrial communications subsystem based on ISO 11898 (CAN) for controller-device

interfaces - Part 4: CANopen

EN 61000–6–2, Electromagnetic compatibility (EMC) – Part 6-2: Generic standards – Immunity for industrial

environments (IEC 61000-6-2)

EN 61326–3–1, Electrical equipment for measurement, control and laboratory use – EMC requirements –

Part 3-1: Immunity requirements for safety-related systems and for equipment intended to perform safety-

related functions (functional safety) – General industrial applications (IEC 61326-3-1)

EN 61326–3–2, Electrical equipment for measurement, control and laboratory use – EMC requirements –

Part 3-2: Immunity requirements for safety-related systems and for equipment intended to perform safety-

related functions (functional safety) – Industrial applications with specified electromagnetic environment

(IEC 61326-3-2)

EN 61508 (series), Functional safety of electrical/electronic/programmable electronic safety-related systems

(IEC 61508 series)

EN 61784–3:2008, Industrial communication networks - Profiles – Part 3: Functional safety fieldbuses -

General rules and profile definitions (IEC 61784-3:2007)

EN 61918, Industrial communication networks - Installation of communication networks in industrial premises

(IEC 61918)

EN ISO 13849-1, Safety of machinery – Safety-related parts of control systems – Part 1: General principles

for design
---------------------- Page: 10 ----------------------
SIST EN 50325-5:2010
- 9 - EN 50325-5:2010

ISO 11898-1, Road vehicles - Controller area network (CAN) – Part 1: Data link layer and physical signalling

3 Terms, definitions, symbols, abbreviated terms and conventions
For the purposes of this document, the following terms and definitions apply.
3.1 Terms and definitions

For the purposes of this document, the terms and definitions given in EN 61784–3, EN 50325-4 and the

following apply.
3.1.1
logical device

representation of a program in terms of its objects from one device profile segment (see EN 50325-4) and

behaviour as viewed through a network
3.1.2
SR application object

application object in accordance with EN 50325-4 that includes all necessary measures to ensure its integrity

with the requirements of EN 61508 series
3.1.3
SR communication profile and protocols

communication profile and protocols that include all the necessary measures to ensure safe transmission of

data and the necessary measures to ensure safe configuration with the requirements of EN 61508 series

3.1.4
SR device

composition of regular communication profile and protocols as defined in EN 50325-4, SR communication

profile and protocols, regular logical devices and SR logical devices
3.1.5
SR logical device

logical device that includes all necessary measures to ensure safe operation with the requirements of

EN 61508 series
3.2 Symbols and abbreviated terms
For the purposes of this document, the following abbreviations apply.
3.2.1 Common symbols
CAN Controller Area Network [ISO 11898-1]
CAN-ID CAN Identifier [ISO 11898-1]
COB Communication Object [EN 50325-4]
COB-ID COB Identifier [EN 50325-4]
CRC Cyclic Redundancy Check
DLL Data Link Layer [ISO/IEC 7498-1]
E/E/PE Electrical/Electronic/Programmable Electronic [EN 61508-4]
EMC Electromagnetic Compatibility
EUC Equipment Under Control [EN 61508-4]
FAL Fieldbus Application Layer [EN 61784–3]
FCS Frame Check Sequence
FSCP Functional Safety Communication Profile [EN 61784–3]
---------------------- Page: 11 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 10 -
NMT Network Management [EN 50325-4]
NSR Non-safety-related
PDU Protocol Data Unit [ISO/IEC 7498-1]
PES Programmable electronic system [EN 61508 series]
PFD Average probability of failure on demand [EN 61508-6]
PFH Probability of failure per hour [EN 61508-6]
PhL Physical Layer [ISO/IEC 7498-1]
RTR Remote Transmission Request [ISO 11898-1]
SCL Safety Communication Layer [EN 61784–3]
SFRT Safety Function Response Time [EN 61784–3]
SIL Safety Integrity Level [EN 61508 series]
SR Safety-related
3.2.2 Additional symbols
GFC Global Failsafe Command
PDO Process Data Object
SCT Safeguard Cycle Time
SDO Service Data Object
SRCP Safety-related communication profile and protocols
SRD SR device
SRDO SR Data Object
SRLD SR logical device
SRVT SR Validation Time
3.3 Conventions

The conventions used for the descriptions of objects, services and protocols are described in EN 50325-4

and EN 61784–3.
This document follows the document structure as proposed in EN 61784–3, Annex C.
As appropriate this standard uses diagrams in accordance with EN 50325-4.

“Mandatory” categorizes functionalities that shall be used or implemented; “optional” categorizes

functionalities that may be used or implemented.
4 Overview of CANopen Safety
CANopen defines communication profiles based on ISO 11898-1.

The basic profiles are defined in EN 50325-4. The SRCP (CANopen Safety) is based on the basic profiles in

EN 50325-4 and the SCL specification defined in this standard.

The SRCP is based on the producer/consumer model. The pairing of producers and consumers is an

important part of the relationship that provides the high integrity needed for SRLD.

The SCL is specified using SR data objects (SRDO). These objects are serving as the interface between the

SR application objects and the link layer connections, as shown in Figure 4. An SRDO ensures the integrity

of the safety data transfers.
---------------------- Page: 12 ----------------------
SIST EN 50325-5:2010
- 11 - EN 50325-5:2010
Producing
SRDO
SRLD
Producer
Data connection
(white channel)
Data Data
Producer Consumer
SRDO
Consuming
Consumer
SRLD
Figure 4 — Relationship of SR data objects
The safety data transfer is executed as follows:

a) the producing SRLD uses the object dictionary to pass the safe data to the SRDO producer;

b) the SRDO producer uses a link data producer to transmit the data;

c) the consuming SRLD uses the object dictionary to receive the safe data from the SRDO consumer;

d) the SRDO consumer uses a link data consumer to receive data.

The SRCP utilizes the white channel concept, which is different to the FSCP protocols defined in

EN 61784–3-X. The link data producers and consumers have no knowledge of the safety packet and

implement no safety function. The link data producers and consumers implementing data integrity check on

per frame basis (see [17]) that are utilized by the SRCP. The responsibility for high-integrity transfer and

checking of safety data lies within the SRDO.

The SRCP uses the following measures to ensure the integrity of safety messaging:

a) time expectation;
b) connection authentication;
c) redundancy with cross checking by means of two CAN messages;
d) different integrity assurance systems.

SR data is sent redundantly and cyclically. Diverse measures for producing SR messages are used to

ensure that NSR messages are not interpreted as SR messages.
5 General
5.1 External documents providing specifications for the profile

The following documents are especially useful in understanding the design of this SRCP:

— EN 61508 series;
— GS-ET-26;
— EN 50325-4;
— EN 61784–3.
5.2 Safety functional requirements

The following requirements shall apply for the implementation of SRDO and safety configuration. The same

requirements are used in the development of this SRCP.
Object Dictionary
Object Dictionary
---------------------- Page: 13 ----------------------
SIST EN 50325-5:2010
EN 50325-5:2010 - 12 -

— The SRCP is designed that SRDO and safety configuration are able to support SRD up to SIL3

(according to EN 61508 series) and up to category 4 (according to EN ISO 13849-1).

— The safe state for discrete data and analogue values shall be defined by the SRLD.

— The SRCP is implemented using the white channel approach.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.