Safe Torque Off (Sto) - Emerson Powerdrive F300 User Manual

Universal variable speed ac drive for induction and permanent magnet motors

Hide thumbs Also See for Powerdrive F300:

Reference manual (342 pages)

Getting started manual (111 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

Table Of Contents

289

page of 289

/ 289
Contents
Table of Contents

Table of Contents

Safety

Product

Mechanical

information

installation

4.13

Safe Torque Off (STO)

NOTE

The F300 STO input uses the same circuitry as an existing approved

product. The F300 STO Function (sizes 3 to 10) have been approved by

TUV, however at the time of writing frame 11 is still under review.

The Safe Torque Off function provides a means for preventing the drive

from generating torque in the motor, with a very high level of integrity. It

is suitable for incorporation into a safety system for a machine. It is also

suitable for use as a conventional drive enable input.

The safety function is active when the STO input is in the logic-low state

as specified in the control terminal specification. The function is defined

according to EN 61800-5-2 and IEC 61800-5-2 as follows. (In these

standards a drive offering safety-related functions is referred to as a

PDS(SR)):

'Power, that can cause rotation (or motion in the case of a linear motor),

is not applied to the motor. The PDS(SR) will not provide energy to the

motor which can generate torque (or force in the case of a linear motor)'.

This safety function corresponds to an uncontrolled stop in accordance

with stop category 0 of IEC 60204-1.

The Safe Torque Off function makes use of the special property of an

inverter drive with an induction motor, which is that torque cannot be

generated without the continuous correct active behavior of the inverter

circuit. All credible faults in the inverter power circuit cause a loss of

torque generation.

The Safe Torque Off function is fail-safe, so when the Safe Torque Off

input is disconnected the drive will not operate the motor, even if a

combination of components within the drive has failed. Most component

failures are revealed by the drive failing to operate. Safe Torque Off is

also independent of the drive firmware. This meets the requirements of

the following standards, for the prevention of operation of the motor.

Data as verified by TÜV Rheinland:

According to EN ISO 13849-1:

PL = e

Category = 4

MTTF

= High

Mission Time and Proof Test Interval = 20 years

The calculated MTTF

for the complete STO function is:

STO1 2574 yr

According to EN 61800-5-2:

SIL = 3

-11

-1

PFH = 4.21 x 10

The Safe Torque Off input also meets the requirements of EN 81-1

(clause 12.7.3 b) as part of a system for preventing unwanted operation

of the motor in a lift (elevator).

Safe Torque OfF can be used to eliminate electro-mechanical

contactors, including special safety contactors, which would otherwise

be required for safety applications.

The function can be used in safety-related machines or systems which

have been designed according to IEC 62061 or IEC 61508, or other

standards which are compatible with IEC 61508, since the analysis and

the integrity metrics used in EN 61800-5-2 are the same.

Note on response time of Safe Torque Off, and use with safety

controllers with self-testing outputs.

Safe Torque Off has been designed to have a response time of greater

than 1 ms, so that it is compatible with safety controllers whose outputs

are subject to a dynamic test with a pulse width not exceeding 1 ms.

Note on the use of servo motors, other permanent-magnet motors,

reluctance motors and salient-pole induction motors.

102

Electrical

Getting

Basic

installation

started

parameters

Running

NV Media Card

Optimization

the motor

Operation

When the drive is disabled through Safe Torque Off, a possible (although

highly unlikely) failure mode is for two power devices in the inverter

circuit to conduct incorrectly.

This fault cannot produce a steady rotating torque in any AC motor. It

produces no torque in a conventional induction motor with a cage rotor. If

the rotor has permanent magnets and/or saliency, then a transient

alignment torque may occur. The motor may briefly try to rotate by up to

180° electrical, for a permanent magnet motor, or 90° electrical, for a

salient pole induction motor or reluctance motor. This possible failure

mode must be allowed for in the machine design.

The design of safety-related control systems must only be

done by personnel with the required training and experience.

The safe torque off function will only ensure the safety of a

machine if it is correctly incorporated into a complete safety

WARNING

system. The system must be subject to a risk assessment to

confirm that the residual risk of an unsafe event is at an

acceptable level for the application.

Safe Torque Off inhibits the operation of the drive, this

includes inhibiting braking. If the drive is required to provide

both braking and Safe Torque Off in the same operation (e.g.

for emergency stop) then a safety timer relay or similar device

WARNING

must be used to ensure that the drive is disabled a suitable

time after braking. The braking function in the drive is

provided by an electronic circuit which is not fail-safe. If

braking is a safety requirement, it must be supplemented by

an independent fail-safe braking mechanism.

Safe Torque Off does not provide electrical isolation.

The supply to the drive must be disconnected by an approved

isolation device before gaining access to power connections.

WARNING

With Safe Torque Off there are no single faults in the drive which can

permit the motor to be driven. Therefore it is not necessary to have a

second channel to interrupt the power connection, nor a fault detection

circuit.

It is important to note that a single short-circuit from the Safe Torque Off

input to a DC supply of approximately +24 V would cause the drive to be

enabled. This can be excluded under EN ISO 13849-2 by the use of

protected wiring. The wiring can be protected by either of the following

methods:

•

By placing the wiring in a segregated cable duct or other enclosure.

•

By providing the wiring with a grounded shield in a positive-logic

grounded control circuit. The shield is provided to avoid a hazard

from an electrical fault. It may be grounded by any convenient

method; no special EMC precautions are required.

It is essential to observe the maximum permitted voltage of

5 V for a safe low (disabled) state of Safe Torque Off. The

connections to the drive must be arranged so that voltage

drops in the 0 V wiring cannot exceed this value under any

WARNING

loading condition. It is strongly recommended that the Safe

Torque Off circuit be provided with a dedicated 0 V conductor

which should be connected to terminal 28 at the drive.

Safe Torque Off over-ride

The drive does not provide any facility to over-ride the Safe Torque Off

function, for example for maintenance purposes.

Onboard

Advanced

Technical

Diagnostics

PLC

parameters

data

Powerdrive F300 User Guide

UL listing

information

Issue Number: 2

Table of Contents

Show Quick Links

Quick Links:
Trip Indications

Hide quick links:

Table of Contents

Safe Torque Off (Sto) - Emerson Powerdrive F300 User Manual

Safe Torque Off (STO)

Hide quick links:

Related Manuals for Emerson Powerdrive F300

Related Content for Emerson Powerdrive F300

Table of Contents