7 Safety communication layer services and management ToC Previous Next

7.3 SafetyProvider interfaces ToC Previous Next

7.3.3 Characteristics of SafetyProvider ToC Previous Next

[RQ7.3] Each SafetyProvider shall implement constants as shown in Table 12 whose values depend on the way the SafetyProvider is implemented. They never change and are therefore not writable via any of the interfaces. The constant SafetyProviderDelay has no influence on the functional behavior of the SafetyProvider. However, it will be provided in the OPC UA information model of a SafetyProvider to inform about its worst-case delay time. The value can be used during commissioning to check whether the timing behavior of the SafetyProvider is suitable to fulfill the watchdog delay of the corresponding SafetyConsumer.

Identifier Type Range Note
SafetyProviderDelay UInt32 0x1 – 0xFFFFFFFF In microseconds (µs). It can be set in the engineering phase of the SafetyProvider or set during online configuration as well.
SafetyProviderDelay is the maximum time at the SafetyProvider from receiving the RequestSPDU to start the transmission of ResponseSPDU, see Clause 10.2.
SafetyProviderLevel Byte 0x01 - 0x04 The maximal SIL the SafetyProvider implementation (hardware & software) is capable of, see Figure 11.
It is used to inform the SafetyConsumer to parametrize the appropriate SafetyProviderLevel and then to generate the appropriate SafetyProviderLevel_ID. NOTE: It is independent from the generation of the SafetyData at SAPI.

readme_files/image013.png Figure 11 – Example combinations of SIL capabilities

The constant SafetyProviderLevel determines the value which is used for SafetyProviderLevel_ID when calculating the SPDU_ID, see Clause 8.1.3.3.

The respective SafetyConsumers (on the PLC and the actuator) need to know the SafetyProviderLevel of their providers for being able to check the SPDU_ID (see Clause 8.1.3.2).

Previous Next