[RQ6.1] Each server shall have a singleton folder called SafetyACSet with a fixed NodeId in the namespace of this document. Because all SafetyProviders and SafetyConsumers on this server contain a hierarchical reference from this object to themselves, it can be used to directly access all SafetyProviders and/or SafetyConsumers. SafetyACSet is intended for safety-related purposes only. It should not reference to non-safety-related items.

Table 3 – SafetyACSet definition

Attribute

Value

BrowseName

SafetyACSet

References

NodeClass

BrowseName

Comment

OrganizedBy by the Objects Folder defined in OPC 10000-5.

HasTypeDefinition

ObjectType

FolderType

Entry point for all SafetyProviders and SafetyConsumers

Conformance Units

SafetyACSet

[RQ6.2] In addition, a server shall comprise one OPC UA object derived from type SafetyProviderType for each SafetyProvider it implements, and one OPC UA object derived from type SafetyConsumerType for each SafetyConsumer it implements. The corresponding information models shown in Figure 3 and Figure 4 shall be used.

A description of the graphical notation for the different types of nodes and references (shown in Figure 3, Figure 4, and Figure 6) can be found in OPC 10000-3.

Figure 3 describes the SafetyProvider and the SafetyConsumer.

NOTE 1 This document assumes (atomic) consistent data exchange between OPC mappers of the two endpoints.

[RQ6.3a] For implementations supporting OPC UA Client/Server, the Call Service of the Method Service Set (see OPC 10000-4) shall be used. The Method "ReadSafetyData" has a set of input arguments that make up the RequestSPDU and a set of output arguments that make up the ResponseSPDU. The SafetyConsumer uses the OPC UA Client with the OPC UA Service Call.

[RQ6.3b] For implementations supporting OPC UA PubSub, the OPC UA object SafetyPDUs with its properties RequestSPDU and ResponseSPDU shall be used. RequestSPDU is published by the SafetyConsumer and subscribed by the SafetyProvider. ResponseSPDU is published by the SafetyProvider and subscribed by the SafetyConsumer.

NOTE 2 The terms “request” and “response” refer to the behavior on the layer of this document. Within the PubSub context, both requests and responses are realized by repeatedly publishing and subscribing datagrams, see Figure 14.

[RQ6.4] For diagnostic purposes, the SPDUs received and sent shall be accessible by calling the method ReadSafetyDiagnostics.

image008.png

Figure 3 – Server Objects for OPC UA Safety

NOTE For the input/output arguments of the methods ReadSafetyData and ReadSafetyDiagnostics, see 6.2.2.3 and 6.2.2.4. For the parameters of the SafetyProvider and SafetyConsumer, see Figure 6, Table 12, and Table 13. For RequestSPDU and ResponseSPDU, see Table 7, Table 18, Table 20, and 7.2.1.

Figure 4 shows the instances of server objects for this document. The ObjectType for the SafetyProviderType contains methods having outputs of the abstract data type ”Structure”. Each instance of a SafetyProvider needs its own copy of the methods which contain the concrete DataTypes for “OutSafetyData” and “OutNonSafetyData”.

image009.png

Figure 4 – Instances of server objects for this document