beautypg.com

Rockwell Automation AADvance Controller Safety Manual User Manual

Page 94

background image

4-38

Document: 553630

ICSTT-RM446K-EN-P Issue: 10

_C

Safety Manual (AADvance Controller)


The fewer the number of inputs, outputs and signal paths, the fewer the
number of permutations that require testing. However, a single safety function

should not be split into separate blocks; such a division is likely to lead to the
introduction of errors during maintenance activities.
The interaction between the individual software blocks shall be minimized.

Where interaction is necessary, it should be kept as simple as possible, for
example a single shutdown initiation signal.
Each safety function shall be responsible for the control of the corresponding

outputs. Sharing of outputs between functions shall not be permitted.

The use of these function blocks in a safety certified system is only

permitted once they have been tested for correct operation.
The new or previously untested function may be:

a generic function block, which forms part of the Workbench, but has not

previously been subject to the level of testing defined herein, or

a project-specific function block, which is written to meet the needs of a
particular feature within an application program, and may comprise a

number of generic function blocks or other program functions.

Individual Safety Related Functions

The AADvance Workbench allows the definition of up to 250 individual
programs within a single project. This facility should be exploited to enable the

allocation of individual safety related functions to separate programs. Where

such programs contain independent logic paths, these should be investigated to

determine if they are separate safety functions. Where they are separate, it is
recommended that these be further allocated to their own program, subject to

conforming to the recommendation to minimizing the coupling between

programs.
Cases should be looked for that allow the creation of individual logic paths by

repeating small sections of logic rather than fanning out the resultant signal(s).

See also other documents in the category Rockwell Automation Equipment: