[RQ7.3] Each SafetyProvider shall implement constants as shown in Table 12 whose values depend on the way the SafetyProvider is implemented. They never change and are therefore not writable via any of the interfaces. The constant SafetyProviderDelay has no influence on the functional behavior of the SafetyProvider. However, it will be provided in the OPC UA information model of a SafetyProvider to inform about its worst-case delay time. The value can be used during commissioning to check whether the timing behavior of the SafetyProvider is suitable to fulfill the watchdog delay of the corresponding SafetyConsumer.
|SafetyProviderDelay||UInt32||0x1 – 0xFFFFFFFF||In microseconds (µs). It can be set in the engineering phase of the SafetyProvider or set during online configuration as well.
SafetyProviderDelay is the maximum time at the SafetyProvider from receiving the RequestSPDU to start the transmission of ResponseSPDU, see Clause 10.2.
|SafetyProviderLevel||Byte||0x01 - 0x04||The maximal SIL the SafetyProvider implementation (hardware & software) is capable of, see Figure 11.
It is used to inform the SafetyConsumer to parametrize the appropriate SafetyProviderLevel and then to generate the appropriate SafetyProviderLevel_ID. NOTE: It is independent from the generation of the SafetyData at SAPI.
Figure 11 – Example combinations of SIL capabilities
The constant SafetyProviderLevel determines the value which is used for SafetyProviderLevel_ID when calculating the SPDU_ID, see Clause 188.8.131.52.
The respective SafetyConsumers (on the PLC and the actuator) need to know the SafetyProviderLevel of their providers for being able to check the SPDU_ID (see Clause 184.108.40.206).