6.4 Diagnostics
6.4.1 General
Diagnostics according to this document may be implemented in a non-safety-related way. This allows for categorization and localization of safety communication errors.
This document provides two types of diagnostics:
Diagnostics messages generated by the SafetyConsumer and provided in a vendor-specific way.
The Method ReadSafetyDiagnostics, defined in the OPC UA Information Model (see 6.2.2.4 and 6.4.3).
6.4.2 Diagnostics messages of the SafetyConsumer
[RQ6.17] Every time the macro <Set Diag(SD_IDerrOA, isPermanent)> is executed within the SafetyConsumer, the textual representation shown in Table 28 shall be presented. The details and location of this representation (display, logfile, etc.) are vendor-specific.
Internal identifier (as used in the state-machines) | General error type (String) | Extended error type (String) | Error code (offset)1 | Classification *) (optional) | Mandatory |
|---|---|---|---|---|---|
| SD_IDerrIgn | The SafetyConsumer has discarded a message due to an incorrect ID. | 0x01 | A | Yes | |
| SD_IDerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect ID. Operator acknowledgment is required. | Mismatch of SafetyBaseID.2 | 0x11 | B, E | Yes |
| SD_IDerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect ID. Operator acknowledgment is required. | Mismatch of SafetyProviderID. | 0x12 | B, E | Yes |
| SD_IDerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect ID. Operator acknowledgment is required. | Mismatch of SafetyData structure or identifier.3 | 0x13 | B, E | Yes |
| SD_IDerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect ID. Operator acknowledgment is required. | Mismatch of SafetyProviderLevel.4 | 0x14 | B, E | Yes |
| CRCerrIgn | The SafetyConsumer has discarded a message due to a CRC error (data corruption). | 0x05 | A | Yes | |
| CRCerrOA | The SafetyConsumer has switched to fail-safe substitute values due to a CRC error (data corruption). Operator acknowledgment is required. | 0x15 | B, C | Yes | |
| CoIDerrIgn | The SafetyConsumer has discarded a message due to an incorrect ConsumerID. | 0x06 | A | Yes | |
| CoIDerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect SafetyConsumerID. Operator acknowledgment is required. | 0x16 | B | Yes | |
| MNRerrIgn | The SafetyConsumer has discarded a message due to an incorrect MonitoringNumber. | 0x07 | A | Yes | |
| MNRerrOA | The SafetyConsumer has switched to fail-safe substitute values due to an incorrect monitoring number. Operator acknowledgment is required. | 0x17 | B, C | Yes | |
| CommErrTO | The SafetyConsumer has switched to fail-safe substitute values due to timeout. | 0x08 | B | Yes | |
| ApplErrTO | The SafetyConsumer has switched to fail-safe substitute values at the request of the safety application. | 0x09 | D | No | |
| ParametersInvalid | The SafetyConsumer has been configured with invalid parameters. | 0x0A | B, E | Yes | |
| FSV_Requested | The SafetyConsumer has switched to fail-safe substitute values at the request of the SafetyProvider. Operator acknowledgment is required.5 | 0x20 | F | Yes | |
1 An offset of 0x10 or larger indicates an error requiring operator acknowledgment. 2 This text may also be shown when the error in the SPDU_ID is due to an incorrect SafetyBaseID. 3 This text may also be shown when the error in the SPDU_ID is due to an incorrect SafetyStructureID. 4 This text may also be shown when the error in the SPDU_ID is due to an incorrect SafetyProviderLevel. 5 A diagnostic message is generated only if the parameter SPI.SafetyOperatorAckNecessary is true, see transition T22 in Table 35. | |||||
*) The following classification is specified: A) Transient communication error B) Permanent communication error C) Transmission quality seems not to be sufficient D) Application error E) Parameter error F) Error does not affect communication itself. | |||||
To avoid a flood of diagnostic messages in case of transmission errors, only up to two messages are shown even if multiple communication errors occur in sequence. This is ensured by the behaviour defined in the SafetyConsumer’s state machine.
Optional features (vendor-specific):
Extend diagnostic data by expected value and received value, e.g.:
Mismatch of SafetyProviderID:
Expected SafetyProviderID: 0x00000005
Received SafetyProviderID: 0x00000007Extend diagnostic data if a parameter of the SafetyConsumer is invalid.
Example 1:
The SafetyConsumer has been configured with invalid parameters.
The value 0x00000000 is an invalid SafetyProviderID.
6.4.3 Method ReadSafetyDiagnostics of the SafetyProvider
This Method (as part of the OPC UA Mapper) serves as a Diagnostic Interface and exists for each SafetyProvider. For time series observation, this interface can be polled, e.g. by a diagnostic device. For details, refer to the OPC UA Information Model described, see 6.2.2.4.
The Diagnostic Interface Method does not take any input parameters and returns both the input and output parameters of the last call of the Method ReadSafetyData.
Additionally, a 2-octet sequence number is added to the Diagnostic Interface, allowing for a detection of missed calls due to polling. The sequence number counts the number of accesses to ReadSafetyData.
A best practice recommendation is to store all input and output parameters if SComErr_diag is <> 0.