Rockwell Automation Safety Guidelines for the Application, Installation, and Maintenance of Solid-State Control User Manual

Publication SGI-1.1 - August 2009

8

Section 3: Application Guidelines

Section 3: Application Guidelines

3.1 General Application
Precautions

3.1.1 Circuit Considerations

The consequences of some malfunctions such as those caused by shorted
output devices, alteration, loss of memory, or failure of isolation within
components or logic devices, require that the user be concerned with the
safety of personnel and the protection of the electronics.

It is recommended that circuits which the user considers to be critical to
personnel safety, such as “end of travel” circuits and “emergency stop”
circuits, should directly control their appropriate functions through an
electromechanical device independent of the solid-state logic. Such circuits
should initiate the stop function through deenergization rather than
energization of the control device. This provides a means of circuit control
that is independent of system failure.

Comments: 3.1.1 —Circuit Considerations

The predominant failure mode of solid-state devices is in the ON

condition. This failure mode and the other types of failures mentioned in

the NEMA Standard are the reasons for the precautions that are

recommended for safetycritical circuits on systems that control potentially

hazardous processes or machine operations. Alternatively, if solid-state is

used for circuits designated as safety-critical, the circuits should be

designed to provide safety equivalent to the recommended “hard-wired”

electromechanical circuits. In such cases consideration should be given to

techniques such as: redundancy, feedback loops, diagnostics, interlocking

and read-only memory for critical parts of a program.

De-energization rather than energization of the control device should be

specified for STOP circuits so broken wires or corroded contacts do not

go undetected. E-stop push buttons or pull cords should be installed at

appropriate locations on a machine to provide operators with a rapid and

convenient means for removing power from devices that control machine

motion.

3.1.2 Power Up/Power Down Considerations

Consideration should be given to system design so that unsafe operation does
not occur under these conditions since solid-state outputs may operate
erratically for a short period of time after applying or removing power.

Comments: 3.1.2 Power Up/Power Down Considerations

Response of a system during power up/power down can create hazards

not encountered during normal operation. Erratic operation of solid-state

outputs due to the changing voltage of DC power supplies during start up

is one example. To avoid unpredictable outputs, many power supplies

incorporate a power turn-on time delay circuit. This allows power supply

output voltage to reach its specified value before being applied to