OPC 10000-15: UA Part 15: Safety

Released 1.05.03


This document is subject to the license terms described here.

The general OPC Foundation specification license agreement also applies and can be found here.

This document is a copy of the original which can be found here.

1 Scope 2 Normative references 3 Terms, definitions and conventions 3.1 Terms and definitions 3.1.1 Terms and definitions from IEC 61784-3 cyclic redundancy check (CRC) error failure fault message performance level (PL) residual error probability residual error rate safety communication layer (SCL) safety function response time safety integrity level safety measure safety PDU (SPDU) 3.1.2 Additional terms and definitions fail-safe fail-safe substitute values (FSV) flag Globally Unique Identifier MonitoringNumber (MNR) Non-safety- OPC UA Mapper process values qualifier SafetyAutomationComponent (SafetyAC) SafetyConsumer SafetyData SafetyProvider SafetyBaseID SafetyProviderID standard transmission system 3.2 Symbols and abbreviated terms 3.2.1 Abbreviated terms from IEC 61784-3 3.2.2 Additional symbols and abbreviated terms Abbreviated terms Symbols 3.3 Conventions 3.3.1 General Conventions 3.3.2 Conventions for Requirements Numbering 3.3.3 Conventions in state machines 4 Overview of OPC UA Safety 4.1 General 4.2 Implementation aspects 4.3 Features 4.4 Security policy 5 General 5.1 External documents providing specifications for the profile 5.2 Safety functional requirements 5.3 Safety measures 5.4 Safety communication layer structure 5.5 Requirements for CRC calculation 6 Safety communication layer services 6.1 General 6.2 Information Models 6.2.1 General 6.2.2 Object and ObjectType Definitions SafetyACSet Object Safety ObjectType definitions Method ReadSafetyData Method ReadSafetyDiagnostics Object SafetyPDUs Objects SafetyProviderParameters and SafetyConsumerParameters 6.2.3 Datatype Definition InFlagsType OutFlagsType RequestSPDUDataType ResponseSPDUDataType NonSafetyDataPlaceholderDataType 6.2.4 SafetyProvider Version 6.2.5 DataTypes and length of SafetyData 6.2.6 Connection establishment 6.3 Service interfaces 6.3.1 Overview 6.3.2 OPC UA Platform interface (OPC UA PI) 6.3.3 SafetyProvider interfaces General SAPI of SafetyProvider SPI of SafetyProvider 6.3.4 SafetyConsumer interfaces General SAPI of SafetyConsumer Motivation for SAPI Operator Acknowledge (OperatorAckConsumer) SPI of the SafetyConsumer Motivation for SPI SafetyOperatorAckNecessary 6.3.5 Cyclic and acyclic safety communication 6.3.6 Principle for “Application variables with qualifier” 6.4 Diagnostics 6.4.1 General 6.4.2 Diagnostics messages of the SafetyConsumer 6.4.3 Method ReadSafetyDiagnostics of the SafetyProvider 7 Safety communication layer protocol 7.1 General 7.2 SafetyProvider and SafetyConsumer 7.2.1 SPDU formats General RequestSPDU: SafetyConsumerID RequestSPDU: MonitoringNumber RequestSPDU: Flags ResponseSPDU: SafetyData ResponseSPDU: Flags ResponseSPDU: SPDU_ID ResponseSPDU: SafetyConsumerID ResponseSPDU: MonitoringNumber ResponseSPDU: CRC ResponseSPDU: NonSafetyData 7.2.2 Behavior General SafetyProvider/-Consumer Sequence diagram SafetyProvider state diagram SafetyConsumer state diagram SafetyConsumer sequence diagram for operator acknowledgment (informative) 7.2.3 Subroutines Build ResponseSPDU Calculation of the SPDU_ID_1, SPDU_ID_2, SPDU_ID_3 Coding of the SafetyProviderLevel_ID Signature over the Safety Data Structure (SafetyStructureSignature) Calculation of a CRC checksum 8 Safety communication layer management 8.1 General 8.2 Safety function response time part of communication 9 System requirements (SafetyProvider & SafetyConsumer) 9.1 Constraints on the SPDU-Parameters 9.1.1 SafetyBaseID and SafetyProviderID 9.1.2 SafetyConsumerID 9.2 Initialization of the MNR in the SafetyConsumer 9.3 Constraints on the calculation of system characteristics 9.3.1 Probabilistic considerations (informative) 9.3.2 Safety related assumptions (informative) 9.4 PFH/PFD-values of a logical safety communication link 9.5 Safety manual 9.6 Indicators and displays 10 Assessment 10.1 Safety policy 10.2 Obligations 10.3 Automated layer test for this document (informative) 10.3.1 General 10.3.2 OPC UA Safety Compliance Test Tool (UASCTT) 10.3.3 Testing principle 10.3.4 Test configuration 10.4 Index of Requirements (informative) 11 Profiles and Conformance Units 11.1 General 12 Namespaces 12.1 Namespace Metadata 12.2 Handling of OPC UA Namespaces Annex A (normative)Safety Namespace and mappings Annex B (informative)Additional information B.1 CRC-calculation using tables, for the polynomial 0xF4ACFB13 B.2 Use cases B.2.1 Unidirectional communication B.2.2 Bidirectional communication B.2.3 Safety Multicast B.3 Use cases for Operator Acknowledgment B.3.1 Explanation B.3.2 Use case 1: unidirectional comm. and OA on the SafetyConsumer side B.3.3 Use case 2: bidirectional comm. and dual OA B.3.4 Use case 3: bidirectional comm. and single, one-sided OA B.3.5 Use case 4: bidirectional comm. and single, two-sided OA