New OpenSAFETY Protocol

WithopenSAFETY,the Ethernet POWERLINK Standardization Group (EPSG) believes it has laid thefoundation for the first completely open, safety-related data communicationprotocol for all areas of automation.

With communication cycles in the microsecondrange, the TUV Rhineland certified protocol guarantees fast response times and ahigh level of machine safety suitable for use in systems rated up to SIL 3.

"The key with openSAFETY is that it offers anopen safety solution," says Robert Muehlfellner, automation director forB&R Industrial Automation. "When you look at the systems for safety in themarketplace, implementations are normally specific to manufacturers and thecommunications system that is behind it."

"Whether it is CIP Safety over EtherNet/IP orPROFIsafe over Profinet, the major manufacturers are driving safety standards withintheir systems. The idea behind openSAFETY is something that goes beyond what isavailable on the market today, and to set a trend for future interoperabilityof safety systems," he says.

Because openSAFETY is busindependent, it can be used with all fieldbus systems or industrial Ethernetsystems. In order to demonstrate the interoperability of the safety solutionwith different protocols, the EPSG presented four different openSAFETYsolutions at the 2010 Hanovertrade show, which were created using the most common implemented industrialEthernet protocols: SERCOS III, Modbus TCP, EtherNet/IP and Ethernet POWERLINK.

The potential benefits of openSAFETYimpact three specific groups: manufacturers of safety devices, OEM machinebuilders and end users. For device manufacturers, a key benefit is doing animplementation only once. Today a light curtain, e-stop or other safety deviceneeds to be hardwired to a safety I/O module instead of directly connecting toa particular network.

Because there is significant implementationto make a PROFIsafe version of the device, a CIP Safety version and so on,openSAFETY means vendors could implement the device once and automaticallyconnect with the different networks.

The main benefit for an OEM is anopen safety protocol where they are no longer forced into using a particularcontrol to satisfy end user demands for interoperability between machines inthe production line. OEMs are already moving away from hard-wired solutions tointegrated and programmable safety. OEMs can select systems without beingrestricted on using a particular brand to tie safety systems together.

For end users, it offers a standardfor adding integrated safety systems across their entire plant floor. Today,users might have individual machines with individual safety systems, and somehardware handshaking to communicate between them. Or as end users right nowdemand that you need to use Brand X because it is the only way to tie safetysystems together, users can now have those supervisory safety standards andsystems communicate across different communications platforms from differentcontrollers by using an open safety standard.

"OpenSAFETY is primarily a softwareinnovation, and part of the key is the basic telegram format that the systemuses," says Muehlfellner. "The system uses a black channel principle whichmeans that all of the information is verified, to achieve the basic goal withsafety systems which is avoidance of undetected errors."

He says what makes openSAFETY unique is thatall of the redundancy checks are done within the software itself, and it isachieved independently of the actual transportation layer. Whether the systemis implemented on an EtherNet/IP, Modbus, SERCOS or Ethernet Powerlink network,the proof of concept has shown that it can be implemented on any type ofcommunications network because the system is totally hardware independent.

The protocol itself is certified and open tocompanies to integrate hardware devices that can operate using the protocolfrom light curtains, to safety I/O modules, to drives and programmable safetycontrollers. Today many of these safety devices are still hard-wired into safeI/O modules and programmable safety systems, and devices do not sit directly onthe bus.

"Sofar, the standard has been finalized for anyone to implement," says Muehlfellner."We have done a proof of concept and shown we can have a B&R processor andsafety I/O running underneath a Rockwell system on an EtherNet/IP network."