Functional safety definitions for inverter drives

ABB Drives published a white paper addressing (inverter) drive-based functional safety and part one includes the basic definitions for industrial systems. This addresses the replacement of electro-mechanical safety systems with electronic safety built into the drive’s safety logic. The white paper also addresses the EU Machinery Directive and harmonized standards, and ABB drives safety offering.

In any industrial process it is important that when something goes wrong the machinery is quickly and safely brought to a safe state, which usually means stopped. Once stopped it must not start unexpectedly. Depending on the application and its work cycles, machines may also need to operate at reduced speed during specific times. Drive-based functional safety simplifies these tasks.

When sensing a hazardous situation, a drive based functional safety system can react in several ways. It might, for example, initiate an emergency stop based on user input. Or if it detects an out of control situation such as system overspeed, it can stop a process in a controlled and orderly way.

Typical drive-based functional safety functions

Safe torque off (STO)

STO is the required foundation for drive-based functional safety since it brings a drive safely to a no-torque state. STO is typically for prevention of an unexpected start up (EN 1037/ISO 14118) of machinery or for an emergency stop, fulfilling stop category 0 (EN/IEC 60204-1).

Inverter drives and functional safety definitions

Figure 1. Upon activation STO immediately switches off the drive output to the motor. Motor speed then coasts to a stop.

Safe stop 1 (SS1)

SS1 stops the motor safely, using a controlled ramp stop and then activates the STO function. SS1 is typically used in applications like rolling mills for stopping motion in a controlled manner before switching to a no torque state. In addition to a safe process stop, SS1 can also implement an Emergency stop, fulfilling stop category 1 (EN 60204-1).

Inverter drives and functional safety definitions

Figure 2. When activated, SS1 will ramp motor speed down to a standstill and then activate the STO function.

Safe stop emergency (SSE)

SSE is a safety function specifically for emergency stops. Configuring SSE to execute either STO or SS1 depends on which emergency stop is suitable for the system. For examples of this functionality see Fig. 1 or 2.

Safely limited speed (SLS)

SSL prevents motors from exceeding a defined speed limit. Uses for the SLS safety function include applications like decanters, mixers, conveyors, or paper machines where excess speed can be hazardous during i.e. maintenance or cleaning operations.

Inverter drives and functional safety definitions

Figure 3. Upon activation, SLS will monitor that motor speed does not exceed a defined level. If it does, SLS will activate STO or SSE to stop the drive.

Safe maximum speed (SMS)

SMS is a variant of the SLS-safety function. It provides continuous protection against a motor exceeding a defined maximum speed limit.

Inverter drives and functional safety definitions

Figure 4. When using SMS, it is always active and ensures that the set speed limit is not exceeded (i.e. maximum allowed speed).

Safe brake control (SBC)

SBC provides a safe output signal to control a mechanical holding brake. Drills, cranes, winches, hoists, vertical conveyors, and elevators that need external brake solutions require this type of safety function. Typical use for SBC is when a drive is switched off with STO function and there is an active load affecting the motor (e.g. a hanging load on a crane/winder).

Inverter drives and functional safety definitions

Figure 5. SBC provides a safe control signal to operate the mechanical brake.

Drives based functional safety

Functional safety is simple to achieve with safety devices that are, themselves, already certified to the most relevant functional safety standards. ABB drives include many certified safety functions either as standard, or are offered as options. A good example is the TÜV-certified safety functions module (the FSO-12 or FSO-21 variant) which is compatible with ABB’s ACS880 drive series.


Recent blog posts