Setting up an FSoE application with TwinCAT

By default, the STO and the SS1 are enabled on the drive. Unless they are configured correctly and released simultaneously, the drive will not allow any movement.

This guide gives you an example on how to configure the TwinCAT main device in order to operate the STO and the SS1 correctly.

Page contents:

Background

This guide provides step-by-step instructions for creating a basic Safety Application with DEN-S-NET using TwinCAT. The goal of the application is to activate the Safe Torque Off (STO) and the Safe Stop 1 (SS1) when a pushbutton is pressed.

The example is using the following parts:

• EtherCAT master: Computer with TwinCAT pre-installed

• Safety drive: DEN-S-NET with a communication board

• Safety master with safety inputs: EL1918

• Network parts: EK110 and EL9011

Basic Setup

Video configuring STO

The video below is showing the configuration of the STO only.

The SS1 configuration is described in the steps () below.

Note. Be careful the first time to run TwinCAT XAE shell. The TwinCAT Realtime Ethernet driver must be installed on the corresponding network adapter to enable connection to ethernet cards. To open a corresponding installation dialog, click in menu TWINCAT > Show Realtime Ethernet Compatible Devices… in Application TcRteInstall > yes. Search ethernet adapter > install Ethernet TwinCAT ethernet adapter.

Procedure to configure STO and SS1

1. Copy the ESI file of the DEN-S-NET in the device descriptors folder (C:\TwinCAT\3.1\Config\Io\EtherCAT).

2. Set up the basic project

   1. Create a new TwinCAT XAE Project.

   2. Scan the network (you can follow the procedure here: Connecting TwinCAT to Novanta EtherCAT Servo Drive

   3. Check that all the devices are being identified. Please refer to the following Troubleshooting page if you cannot see the drive: TwinCAT shows "BOX" instead of "Drive"

      

3. Configure the EL1918 module.

   1. Navigate to I/O → Devices → Term 1 (EK1100) → Term 2 (EL1918).

      

   2. Right click on Term 2 (EL1918) and Remove it.

   3. Right click on Term 4 (EL9011) and Remove it.

   4. Right click on Term 1 (EK1100) and press Add New Item.

   5. Use the Search box to find EL1918. Click on Extended Information and Show Hidden Devices. Select EL1918, 8Ch, Safety Input 24V, TwinSAFE (EL1918-0000-0016).

      

   6. Press Save

      

4. Add the Safety Application project.

   1. In the Solution Explorer, right-click the SAFETY block and select Add New Item.

      

   2. Choose TwinCAT Safety Project Preconfigured Inputs in the newly opened window. It is a good idea to rename it (i.e. “Safety Master”). Press Add.

      

      .

   3. In the following window, select Hardware Safety PLC as Target System and press Ok.

5. Configure the safety master.

   1. Right-click on Safety Master Project and select Properties.

      

   2. In the Safety Master window, go to Target System and select EL1918 in the drop-down menu.

   3. Click the icon next to the Physical Device field.

      

   4. Choose EL1918 in the newly opened window and press OK. Data in Target System should now show the actual configuration of the device (software version, serial number…).

   5. Press on the icons next to Hardware Address in the order presented in the graph below to copy them to the Safe Address.

      

   6. Press Save

      

6. Create two variables for running the project and error acknowledgement

   1. In the solution explorer, right-click in SYSTEM/Tasks and select Add New Item.

      

   2. Insert a TwinCAT Task With Image.

   3. Right-click in the Outputs section of the newly created task and select Add New Item.

      

   4. Select Insert a new variable. Change the name to RUN with type BIT and size 1 bit.

      

   5. Create another variable with a name ERR_ACK with type BIT and size 1 bit.

6. Add the safety drive.

   1. In the Solution Explorer, locate the Alias Devices subfolder inside Safety Master Project.

   2. Right-click on the icon and select Add/New Item.

   3. In the newly opened window, click on Safety/EtherCAT/Ingenia in the tree view menu, choose 0x00000010 - Safety drive (FSoE). It is a good idea to rename it (i.e. Safety Drive). Press Add.

7. Configure the safety drive.

   1. Double click on the newly created Safety Drive entry in the Solution Explorer.

      

   2. In the Safety Drive window, click the icon next to the Physical Device field.

   3. Choose Module 1 (FSoE) the newly opened window and press OK. The Inputs and outputs should appear now in the Linked to field.

      

   4. Press on the icons in the order below to make sure that the address is copied correctly.

      

   5. Open the Safety parameters. You will also notice that there is a register 0x6651 - SS1 Time to STO. Expand using the arrow to open the subindex and add the time (in ms) that you would like to use for enabling the STO.

      

   6. Press on the Save button to auto-fill the linking parameters. It is normal if you get error messages.

      

8. Add and configure the safety inputs.

   1. Repeat the same process in step 6a and 6b to add the safety inputs. Navigate to Safety/EtherCAT/Beckhoff Automation GmbH & Co. and add EL1918, 8 digital inputs.

      

   2. Double click on the newly created EL1918, 8 digital inputs_1.sds device and change the Linking mode to Local.

      

      

9. Create the safety application.

   1. Double-click on TwinSafeGroup1.sal in the Solution Explorer.

   2. In the newly opened window, drag a safeDecouple block from the Toolbox window into the top box of Network 1. If you cannot see the toolbox, you can add it from the View menu.

      

   3. Right-click in the DecIn1 terminal of the safeDecouple block and select Add New Variable.

      

   4. Name the new variable SafeInput.

   5. Repeat for DecOut1 with a new variable named SafeOutput.

   6. Link the safety application with actual inputs and outputs.

      1. Go to the Variable mapping tab and click on the 3 dots for the Assignment of the SafeInput.

         

      2. Choose the signal coming from the Channel 1 of the EL1918.

         

      3. In the same area, click on the three dots for the Usages of the SafeOutput.

      4. Choose as output for the SafeOutput the STO command of the Safety Drive.

         

         

      5. The same procedure is used to configure the SS1.

      6. In the example below, the SS1 is configured to a second button, different to the STO one. The input selected is the Input Channel 2 and the output is FSOE SSI command.

         

      7. Alternatively, one button can be connected to both STO and SS1. In order to do that, please select “Used and unused” in the Mapping window:

         

10. Link the RUN and ERR_ACK variables.

    1. Double click in Run.sds in the Solution Explorer.

       

    2. In the Linked to field, select the previously created RUN variable.

       

       

    3. Repeat for ErrorAcknowledgement.sds with the ERR_ACK variable.

    4. Press Save

       

11. Validate the Safety Project.

    1. Go to TwinSAFE/Verify Safety Project and check that no errors are being reported and a Verification Process successful message appears on the bottom of the window.

       

12. Download the Safety Project to the Safety Master

    1. Go to TwinSAFE/Multi-Download Safety Project(s) and follow the steps of the guide.

       

The user is Administrator and the password TwinSAFE.

You will have to enter it twice.

13. Run the Safety Project.

    1. Click on Activate configuration and accept to Restart in Run Mode.

    2. Select the view of the TwinSafeGroup1.sal and click TwinSAFE/Show Online Data.

    3. The group should be in STOP state and the Safety Drive in Data state.

       

14. Enable the safe logic.

    1. Right-click on the RUN variable and select Online Write “1”.

       

    2. The group should be in RUN state and the Variable Mapping tab should show real-time data.

Check that the STO and the SS1 now responds to the pushbutton state.

Keep in mind that both STO and SS1 have to be released at the same time to allow movement.

Additional Features

Safe Input

The drive has implemented a physical input. This can be linked to an STO or SS1 instead of a pushbutton.

This feature also allows you to add data from another component to the safe system.

The mapping procedure is the same as above and the menu can be found within the mapping option of the decoupler:

Error Management

The following error registers have been implemented:

• 0x464C - Error Queue CPU Select - This register selects the CPU from which the error queue is being read

• 0x464D - Error Total Number - This register contains the number of errors in the queue. It resets at power up.

• 0x464E - Error List Index Request - This register is used to request an error code by its index on the error queue.

• 0x464F - Error List Requested Code - This register show the error code requested in the 0x464E register

The error queue cannot be read in Operational mode. In order to read it, you must transition to Pre-operational mode.

Safe Input Mapping

Safe input of the drive can be used to link to a safety function. This allows the drive to execute the STO and SS1 safety requirements directly without going through the safety master. This is done through configuring the register 0x46D2 - Safe Inputs Map .

If a safety function (STO or SS1) is configured through the master and through the 0x46D2 register, it will have to be released from both sides. It is not sufficient to only release it from the drive or through the master.