A crash course in VSD safety functions
Liam Blackshaw writes: Modern variable speed drives (VSDs) are packed full of safety features, but the sheer number of similar sounding functions, (not to mention similar sounding acronyms), can make it difficult to get a handle on what they all mean.
I thought it might therefore be a good idea with this post to gather all of the common safety features typically found in the current generation of ABB drives and demystify them all in one go.
Stopping functions
• Safe torque off (STO) is the most basic function for drive-based safety, and as such is the most commonly found. It carries out the job of a mechanical safety contactor, so that when activated it shuts off control to the motor, allowing it to coast to a complete stop and preventing any torque. STO is a more reliable solution than an external contactor (higher SIL level). It reacts faster than a contactor and cannot fail due to corrosion or lack of maintenance. It also takes up much less space than a contactor. This function is akin to the traditional Stop Category 0.
• Safe Stop 1 (SS1) provides a controlled ramp stop, and then activates the STO function. The function can be programmed to monitor the ramp time, or the ramp rate. Once the load is at rest, the load can be held in position by “holding at zero speed” for a programmed time, then eventually ending in an STO function. This is more elegant than the traditional Stop Category 1.
• Safe Stop Emergency (SSE) is a safety function specifically designed for emergency stops and can be configured to execute either STO or SS1 depending on which is more appropriate to the application and the risk assessment. It is a separate function, so the system can have an SSE and an SS1 independently.
Stop types
• Stop Category 0 immediately removes power to the drive and machine actuators causing the motor to coast to a stop. This can be used when it is acceptable to allow movement to coast stop, or if the motor stops quickly due to a low inertia load.
• Stop Category 1 is a controlled stop whereby electrical power to the machine actuators is maintained, and then removed once the machine has completely stopped. This is normally used for systems with higher inertia.
Monitoring functions
• Safely Limited Speed (SLS) performs a speed limiting function, used to ensure the machine cannot operate above a pre-determined speed, commonly used for “threading” applications. If the motor speed limit is reached, the drive will automatically activate STO or SS1.
• Safe Maximum Speed (SMS) monitors the speed of the application and intervenes if the speed operates above a set maximum speed, often used to ensure loads are not mechanically damaged. Centrifuge applications are a typical use of SMS.
• Safe Speed Monitoring (SSM) provides a minimum speed limit and triggers a safety signal if the motor speed drops below a certain threshold. Unlike SLS, this does not automatically activate a stopping function, but merely flags up to the user that action may be required.
• Safe Direction (SDI) ensures that the motor can only rotate in a certain direction, for instance to allow an operator to feed material into a machine safely. SS1 is activated by the drive in the event of a fault.
• Safely Limited Acceleration (SLA) safely limits the maximum acceleration of the motor and ensures that it cannot exceed a defined acceleration limit.
• Safe Acceleration Range (SAR) monitors the motor’s acceleration to ensure that it stays within defined limits.
• Safe Motor Temperature (SMT) is important for operating motors in potentially explosive atmospheres. It disconnects the motor from the power supply before overheating can occur, ensuring that surfaces cannot get hot enough to ignite.
Braking functions
• Safe Brake Control (SBC) is the output signal activating the mechanical braking function used in a STO or SS1 state. It prevents the movement of the motor, even due to outside forces such as gravity or hanging loads.
A lot of these functions can now be utilised using fieldbus communications from a safety PLC known as PROFIsafe technology. It includes several safety measures to minimize the effect of various transmission errors that can occur when messages are transferred in a complex network. PROFIsafe is an application layer (protocol) that describes the safety communication between fail-safe devices. It is an additional layer on top of the standard PROFIBUS and PROFINET protocols.
It is important to remember that many of these functions would ordinarily have to be carried out by separate devices, for instance safety contactors or manual brakes, or would not be carried out at all. This is why the variable speed drive lies at the heart of effective functional safety.
For a deeper dive into drive functional safety and standards, and tips to help you reduce risk, make sure you download our white paper.