BS EN 61 784-3-1 8:201 1 +A1 :201 7

BSI Standards Publication
I nd u stri al commu ni cati on
networks — Profi l es

Part 3-1 8: Functional safety fieldbuses
Additional specifications for CPF 1 8

—

(I E C 6 1 7 84-3 -1 8: 2 0 1 1 )


BS EN 61 784-3-1 8:201 1 +A1 :201 7

BRITISH STANDARD

National foreword
This British Standard is the UK implementation of
EN 61 784-3-1 8:201 1 +A1 :201 7. It is identical to IEC 61 784-3-1 8:201 1
incorporating amendment 1 :201 6. It supersedes BS EN 61 784-3-1 8:201 1 ,
which is withdrawn.
The start and fnish o f text introduced or altered by amendment is
indicated in the text by tags. Tags indicating changes to IEC text carry
the number o f the IEC amendment. For example, text altered by IEC
.
amendment 1 is indicated by



The UK participation in its preparation was entrusted to Technical
Committee AMT/7, Industrial communications: process measurement and
control, including feldbus.
A list o f organizations represented on this committee can be obtained
on request to its secretary.
This publication does not purport to include all the necessary provisions
o f a contract. Users are responsible for its correct application.
© The British Standards Institution 201 7.
Published by BSI Standards Limited 201 7
ISBN 978 0 580 94721 6
ICS 1 3.1 1 0, 25.040.40, 35.1 00.05

Compliance with a British Standard cannot confer immunity from
legal obligations.
This British Standard was published under the authority o f the Standards
Policy and Strategy Committee on 31 July 201 1 .

Amendments issued since publication
Date

Text a ffected

31 March 201 7

Implementation o f IEC amendment 1 :201 6 with
CENELEC endorsement A1 :201 7


EUROPEAN STANDARD
NORME EUROPÉENNE

EUROPÄISCHE NORM

EN 61 784-3-1 8:2011
+A1
8
February 2 01 7

ICS 1 3.1 1 0; 25.040.40; 35.1 00.05

English version

Industrial communication networks Profiles Part 3-1 8: Functional safety fieldbuses Additional specifications for CPF 1 8
(IEC 61 784-3-1 8:201 1 )
Réseaux de communication industriels Profils Partie 3-1 8: Bus de terrain à sécurité
fonctionnelle Spécifications supplémentaires pour le
CPF 1 8
(CEI 61 784-3-1 8:201 1 )

Industrielle Kommunikationsnetze Profile Teil 3-1 8: Funktional sichere Übertragung
bei Feldbussen Zusätzliche Festlegungen für die
Kommunikationsprofilfamilie 1 8
(IEC 61 784-3-1 8:201 1 )

This European Standard was approved by CENELEC on 201 1 -05-25. CENELEC members are bound to comply
with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard
the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on
application to the Central Secretariat or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and notified

to the Central Secretariat has the same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,
the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,
Spain, Sweden, Switzerland and the United Kingdom.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

Management Centre: Avenue Marnix 1 7, B - 1 000 Brussels
© 201 1 CENELEC -

All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Ref. No. EN 61 784-3-1 8:201 1 E


BS EN 61 784-3-1 8:201 1 +A1 :201 7
EN
61 784-3-1
8:201
1 +A11 :201 7
BS EN
61 784-3-1
8:201

–2–

EN 61 784-3-1 8:201 1


Foreword
The text of document 65C/639/FDIS, future edition 1 of IEC 61 784-3-1 8, prepared by SC 65C, Industrial
networks, of IEC TC 65, Industrial-process measurement, control and automation, was submitted to the
IEC-CENELEC parallel vote and was approved by CENELEC as EN 61 784-3-1 8 on 201 1 -05-25.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent
rights.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
national standard or by endorsement

(dop)

201 2-02-25

– latest date by which the national standards conflicting
with the EN have to be withdrawn

(dow)

201 4-05-25

Annex ZA has been added by CENELEC.
__________

Endorsement notice
The text of the International Standard IEC 61 784-3-1 8:201 1 was approved by CENELEC as a European
Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards indicated:

1)

IEC 60204-1

NOTE Harmonized as EN 60204-1 .

IEC 61 1 31 -6

NOTE Harmonized as EN 61 1 31 -6 1 ).

IEC 61 1 58 series

NOTE Harmonized in EN 61 1 58 series.

IEC 61 326-3-1

NOTE Harmonized as EN 61 326-3-1 .

IEC 61 326-3-2

NOTE Harmonized as EN 61 326-3-2.

IEC 61 496 series

NOTE Harmonized in EN 61 496 series.

IEC 61 508-1 :201 0


NOTE Harmonized as EN 61 508-1 :201 0.

IEC 61 508-4:201 0

NOTE Harmonized as EN 61 508-4:201 0.

IEC 61 508-5:201 0

NOTE Harmonized as EN 61 508-5:201 0.

IEC 61 51 1 series

NOTE Harmonized in EN 61 51 1 series.

IEC 61 784-1

NOTE Harmonized as EN 61 784-1 .

IEC 61 784-5 series

NOTE Harmonized in EN 61 784-5 series.

IEC 61 800-5-2

NOTE Harmonized as EN 61 800-5-2.

IEC 62061

NOTE Harmonized as EN 62061 .


ISO 1 021 8-1

NOTE Harmonized as EN ISO 1 021 8-1 .

ISO 1 21 00-1

NOTE Harmonized as EN ISO 1 21 00-1 .

ISO 1 3849-1

NOTE Harmonized as EN ISO 1 3849-1 .

At draft stage .


BS EN 61 784-3-1 8:2011 +A1 :201 7
EN 61 784-3-1 8:2011 +A1 :201 7

–3–

ISO 1 3849-2

BS EN 61 784-3-1 8:201 1

NOTE Harmonized as EN ISO 1 3849-2.

ISO 1 41 218:201 1 /A1 NOTE
EN 61 784-3-1
:201 7Harmonized as EN ISO 1 41 21 .


__________

European
F
orewo rd foreword
to am en d m en t A1
This document (EN 61 784-3-1 8:201 1 /A1 :201 7) consists of the text of IEC 61 784-3-1 8:201 1 /A1 :201 6
prepared by SC 65C “Industrial networks” of IEC/TC 65 “Industrial process measurement, control and
automation”.
The following dates are fixed:
•

•

(dop)

201 8-01 -1 6

latest date by which the national standards conflicting (dow)
with the document have to be withdrawn

2020-01 -1 6

latest date by which the document has to be
implemented
at national level by publication of an identical
national standard or by endorsement

Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC [and/or CEN] shall not be held responsible for identifying any or all such

patent rights.

Endorsement notice
The text of the International Standard IEC 61 784-3-1 8:201 1 /A1 :201 6 was approved by CENELEC as
a European Standard without any modification.


BS EN 61 784-3-1 8:201 1 +A1 :201 7
EN
61 784-3-1
8:201
1 +A11 :201 7
BS EN
61 784-3-1
8:201

–4–

EN 61 784-3-1 8:201 1

Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
NOTE When an international publication has been modified by common modifications, indicated by
(mod), the relevant EN/HD applies.
Publication

IEC 61 1 58-3-22

IEC 61 1 58-4-22

IEC 61 1 58-5-22

IEC 61 1 58-6-22

IEC 61 508
IEC 61 508-2

IEC 61 784-2

IEC 61 784-3

IEC 61 91 8
ISO/IEC 1 0731

Year
-

Title
EN/HD
Industrial communication networks - Fieldbus specifications Part 3-22: Data-link layer service definition Type 22 elements
Industrial communication networks - Fieldbus specifications Part 4-22: Data-link layer protocol
specification - Type 22 elements
Industrial communication networks - Fieldbus specifications Part 5-22: Application layer service definition Type 22 elements
Industrial communication networks - Fieldbus specifications Part 6-22: Application layer protocol
specification - Type 22 elements
Series Functional safety of

EN 61 508
electrical/electronic/programmable electronic
safety-related systems
201 0 Functional safety of
EN 61 508-2
electrical/electronic/programmable electronic
safety-related systems Part 2: Requirements for
electrical/electronic/programmable electronic
safety-related systems
201 0 Industrial communication networks EN 61 784-2
Profiles Part 2: Additional fieldbus profiles for real-time
networks based on ISO/IEC 8802-3
EN 61 784-3
201 0 Industrial communication networks Profiles Part 3: Functional safety fieldbuses - General
rules and profile definitions
Industrial communication networks EN 61 91 8
Installation of communication networks in
industrial premises
Information technology - Open Systems
Interconnection - Basic reference model Conventions for the definition of OSI services

Year
-

-

-

-


Series
201 0

201 0

201 0

-


–5–

BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

CON TEN TS
0

1
2
3

4

5

6

7


8

I ntroduction � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 8
0� 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 8
0� 2 Patent declaration � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 0
Scope � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 1
N ormative references � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 1
Terms, definitions, symbols, abbreviated terms and conventions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 2
3� 1 Terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 2
3� 1 � 1 Common terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 2
3� 1 � 2 CPF 1 8: Additional terms and definitions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 6
3� 2 Symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 7
3� 2� 1 Common symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 7
3� 2� 2 CPF 1 8: Additional symbols and abbreviated terms � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 8
3� 3 Conventions � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 8
Overview of FSCP 1 8/1 (SafetyN ET p™ ) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20
4� 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20
4� 2 FSCP 1 8/1 � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20
General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21
5� 1 External documents providing specifications for the profile � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21
5� 2 Safety functional requirements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 21
5� 3 Safety measures � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22
5� 4 Safety communication layer structure� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22
5� 5 Relationships with FAL (and DLL, PhL) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
5� 5� 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
5� 5� 2 Data Types � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
Safety communication layer services � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
6� 1 General elements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
6� 1 � 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
6� 1 � 2 Safety object dictionary � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23

6� 1 � 3 Safety process data object (SPDO) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
6� 1 � 4 Safety heartbeat (SH B) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 23
6� 1 � 5 Safety delay monitoring (SDM ) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24
6� 2 Communication relation � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24
Safety communication layer protocol � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25
7� 1 Safety PDU format � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25
7� 1 � 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25
7� 1 � 2 Safety process data objects (SPDO) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25
7� 1 � 3 Safety heartbeat (SH B) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27
7� 1 � 4 Safety PDU s embedded in a Type 22 PDU � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 29
7� 2 Safety communication layer management (SALMT) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 30
7� 3 Safety process data communication � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 32
7� 4 Safety heartbeat � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34
7� 5 Delay monitoring � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 35
Safety communication layer management � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36
8� 1 Parameter handling � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36
8� 2 Safety object dictionary � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

–6–

8� 2� 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36
8� 2� 2 Communication profile section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 37
8� 2� 3 Standardized d evice profile section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53
9 System requirements � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53
9� 1 I ndicators and switches � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53
9� 1 � 1 I ndicator states and flash rates � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53

9� 1 � 2 I ndicators � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53
9� 1 � 3 Switches � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54
9� 2 I nstallation guidelines � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54
9� 3 Safety function response time � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54
9� 3� 1 General � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54
9� 3� 2 Determination of FSCP 1 8/1 time expectation behavior � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55
9� 3� 3 Calculation of the worst case safety function response time � � � � � � � � � � � � � � � � � � � � � � � 55
9� 4 Duration of demands � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55
9� 5 Constraints for calculation of system characteristics � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55
9� 5� 1 Safety related constraints � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 55
9� 5� 2 Probabilistic considerations � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57
9� 6 M aintenance � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57
9� 7 Safety manual � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57
1 0 Assessment � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 58
Annex A (informative) Additional information for functional safety communication
profiles of CPF 1 8 � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 59
Annex B (informative) I nformation for assessment of the functional safety communication
profiles of CPF 1 8 � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 60
Bibliography � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 61
Table
Table
Table
Table
Table
Table
Table
Table
Table
Table
Table

Table
Table
Table
Table
Table
Table
Table
Table
Table

1 – Object d efinition � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 9
2 – Safety PDU element definition � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 1 9
3 – Communication errors and detection measures � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22
4 – SPDO PDU structure� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 26
5 – SH B request PDU structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27
6 – SH B response PDU structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 28
7 – SH B safety communication layer state encoding � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 29
8 – SALMT command s � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 30
9 – System states of SALMT state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 31
1 0 – State transitions SALMT state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 32
1 1 – System states of RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33
1 2 – State transitions RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33
1 3 – Timeouts � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34
1 4 – Safety object dictionary structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36
1 5 – Objects of communication section � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 37
1 6 – Device type � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 38
1 7 – Safety I D� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 39
1 8 – Safety consumer heartbeat entry � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 39
1 9 – Safety consumer heartbeat � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 40
20 – Safety producer heartbeat parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 41



–7–

Table
Table
Table
Table
Table
Table
Table
Table
Table

21
22
23
24
25
26
27
28
29

Figure
Figure
Figure
Figure
Figure
Figure

Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure
Figure

BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

– Safety bus cycle times � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 44
– SPDO timeout tolerance � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 45
– Receive SPDO communication parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 45
– Transmit SPDO communication parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 48
– M apping format � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 51
– Receive SPDO mapping parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 51
– Transmit SPDO mapping parameter � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 52
– I ndicator states definiton � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53
– STATU S indicator states � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 53

1 – Relationships of I EC 61 784-3 with other standards (machinery) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 8
2 – Relationships of I EC 61 784-3 with other standards (process) � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 9
3 – FSCP 1 8/1 system � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 20
4 – FSCP 1 8/1 software architecture � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 22

5 – SPDO interaction model � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24
6 – SH B interaction mod el � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 24
7 – Safety process data object structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 25
8 – Safety heartbeat request structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 27
9 – Safety heartbeat response structure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 28
1 0 – Safety PDU for FSCP 1 8/1 embedded in a Type 22 CDC d ata section � � � � � � � � � � � � � � � � � 30
1 1 – SALM T state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 31
1 2 – RxSPDO state machine � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 33
1 3 – H eartbeat procedure � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 34
1 4 – Delay measurement principle � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 35
1 5 – Parameter handling � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 36
1 6 – Safety response time components � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 54
1 7 – Considered data field s for message size calculation � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 56
1 8 – Residual error rate � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � 57


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

–8–

BS EN 61 784-3-1 8:201 1
61 784-3-1 8

0

 I EC: 201 1

–7–


Introducti on

0. 1

Gen eral

Th e I EC 61 1 58 fi el d bu s stan d ard tog eth er wi th i ts com pan i on stand ard s I EC 61 784-1 an d
I EC 61 784-2 d efi n es a set of com m u nicati on protocol s th at en abl e d istri bu ted control of
au tom ati on appl icati ons. Fi eld bu s tech n ol og y is now con si d ered wel l accepted an d wel l
proven. Thu s m an y fi el d bu s en h ancem en ts are em erg in g , ad d ressin g n ot yet stan d ard i zed
areas su ch as real tim e, safety-rel ated an d secu rity-rel ated applicati ons.
Th is stand ard expl ains th e relevan t prin ci pl es for fu ncti on al safety com m u nication s wi th
reference to I EC 61 508 series and specifies several safety com m u nicati on l ayers (profi l es an d
correspond i ng protocol s) based on th e com m u n icati on profi l es an d protocol l ayers of
I EC 61 784-1 , I EC 61 784-2 an d th e I EC 61 1 58 seri es. I t d oes n ot cover el ectrical safety an d
i n tri nsic safety aspects.
Fi gu re 1 sh ows th e rel ati onsh i ps between th is stan d ard an d rel evan t safety an d fi el d bu s
stan d ard s i n a m ach in ery en vironm en t.
Product standards

IEC
IEC 61
61496
496

Safety
Safety f.f. e.g.
e.g.
light
light curtains

curtains

IEC
IEC 61
61800-5-2
800-5-2

IEC
IEC 61
611131
31-6
-6
Safety
Safety for
for PLC
PLC

((under
underconsideration
consideration))

IEC
IEC 61
61784-4
784-4

Security
Security
(profile-specific)
(profile-specific)


IEC
IEC 61
61784-5
784-5

Installation
Installation guide
guide
(profile-specific)
(profile-specific)

Safety
Safety functions
functions
for
for drives
drives

Safety
Safety requirements
requirements
for
for robots
robots

IEC
IEC 62443
62443


Security
Security
(common
(common part)
part)

IEC
IEC 61
611158
58 series
series //
IEC
IEC 61
61784-1
784-1,, -2
-2

Fieldbus
Fieldbus for
for use
use in
in
industrial
industrial control
control systems
systems

Design of safety-related electrical, electronic and programmable electronic control systems (SRECS) for machinery

SIL based


IEC
IEC 61
6191
9188

Methodology
Methodology EMC
EMC && FS
FS

IEC
IEC 61
61784-3
784-3

Safety
Safety of
of machinery
machinery –– Principles
Principles for
for
design
design and
and risk
risk assessment
assessment

Installation
Installation guide

guide
(common
(common part)
part)

IEC
IEC 61
61000-1
000-1-2
-2

Functional
Functional safety
safety
communication
communication
profiles
profiles

ISO
ISO 1121
2100-1
00-1 and
and ISO
ISO 1141
4121
21

ISO
ISO 11021

0218-1
8-1

PL based
Design objective
Applicable standards

IEC
IEC 60204-1
60204-1

Safety
Safety of
of electrical
electrical
equipment
equipment

IEC
IEC 61
61326-3-1
326-3-1

ISO
ISO 113849-1
3849-1,, -2
-2

Safety-related
Safety-related parts

parts
of
of machinery
machinery
(SRPCS)
(SRPCS)
Non-electrical
Non-electrical

Test
Test EMC
EMC && FS
FS

US:
US: NFPA
NFPA 79
79
(2006)
(2006)

Electrical
Electrical

IEC
IEC 62061
62061

IEC
IEC 61

61508
508 series
series

Functional
Functional safety
safety (FS)
(FS)
(basic
(basic standard)
standard)

Functional
Functional safety
safety
for
for machinery
machinery
(SRECS)
(SRECS)
(including
(including EMC
EMC for
for
industrial
industrial environment)
environment)

Key


(yellow) safety-related standards
(blue) fieldbus-related standards
(dashed yellow) this standard

IEC 768/11

N OTE S u bcl au s es 6. 7. 6. 4 (h i g h com pl exi ty) an d 6. 7. 8. 1 . 6 (l ow com pl exi ty) of I E C 6 20 61 speci fy th e rel ati on sh i p
between PL (Categ ory) an d SI L.

Fi g u re 1 – Rel ati on sh i ps of I EC 61 784-3 wi th oth er stan d ard s (m ach i n ery)


BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

–9–

BS EN 61 784-3-1 8:201 1

–8–

61 784-3-1 8

 I EC: 201 1

Fi gu re 2 sh ows th e rel ati onsh i ps between th is stan d ard an d rel evan t safety an d fi el d bu s
stan d ard s i n a process en vironm en t.
Product standards

IEC

IEC 61
61496
496

Safety
Safety f.f. e.g.
e.g.
light
light curtains
curtains

IEC
IEC 61
611131
31-6
-6
Safety
Safety for
for PLC
PLC

((under
underconsideration
consideration))

IEC
IEC 61
61784-4
784-4


Security
Security
(profile-specific)
(profile-specific)

IEC
IEC 61
61784-5
784-5

Installation
Installation guide
guide
(profile-specific)
(profile-specific)

IEC
IEC 61
61800-5-2
800-5-2
Safety
Safety functions
functions
for
for drives
drives

ISO
ISO 11021
0218-1

8-1

Safety
Safety requirements
requirements
for
for robots
robots

IEC
IEC 62443
62443

Security
Security
(common
(common part)
part)

IEC
IEC 61
6191
9188

See safety standards for machinery
(Figure 1 )

Installation
Installation guide
guide

(common
(common part)
part)

Valid also in process industries,
whenever applicable

IEC
IEC 61
61326-3-2
326-3-2a)a)
IEC
IEC 61
61784-3
784-3

EMC
EMC and
and
functional
functional safety
safety

Functional
Functional safety
safety
communication
communication
profiles
profiles

US:
US:

IEC
IEC 61
611158
58 series
series //
IEC
IEC 61
61784-1
784-1,, -2
-2

Fieldbus
Fieldbus for
for use
use in
in
industrial
industrial control
control systems
systems

IEC
IEC 61
6151
5111 series
seriesb)b)


IEC
IEC 61
61508
508 series
series

Functional
Functional safety
safety (FS)
(FS)
(basic
(basic standard)
standard)

Functional
Functional safety
safety ––
Safety
Safety instrumented
instrumented
systems
systems for
for the
the
process
process industry
industry sector
sector

ISA-84.00.01

ISA-84.00.01

(3
(3 parts
parts == modified
modified
IEC
IEC 61
6151
5111))
DE:
DE: VDI
VDI 21
2180
80
Part
Part 11-4
-4

Key

(yellow) safety-related standards
(blue) fieldbus-related standards
(dashed yellow) this standard
a

For speci fi ed el ectrom ag n eti c en vi ron m en ts; oth erwi se I EC 6 1 32 6-3-1 .

b


EN rati fi ed .

IEC 769/11

Fi g u re 2 – Rel ati on sh i ps of I EC 61 784-3 wi th oth er stan d ard s (process)

Safety com m u n ication l a yers wh ich are im plem ented as parts of safety-rel ated s ystem s
accord i n g to I EC 61 508 seri es provi d e th e n ecessary confi d ence i n th e transportati on of
m essag es (i n form ation) between two or m ore partici pants on a fi el d bu s i n a safety-rel ated
system , or su fficient con fi d ence of safe beh aviou r i n th e even t of fi el d bu s errors or fail u res.
Safety com m u n ication l ayers specifi ed in th is stan d ard d o th is i n su ch a way th at a fiel d bu s
can be u sed for appl icati ons req u iri n g fu n cti on al safety u p to th e Safety I ntegri ty Level (SI L)
specified by i ts correspond i n g fu ncti onal safety com m u nicati on profi l e.
Th e resu lti ng SI L claim of a system d epen d s on the im pl em en tati on of the sel ected fu nction al
safety com m u n ication profi l e with i n this s ystem – im plem en tation of a fu nction al safety
com m u nicati on profi l e i n a stan d ard d evice is n ot su ffici ent to q u al ify it as a safety d evice.


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

– 10 –

BS EN 61 784-3-1 8:201 1
61 784-3-1 8

 I EC: 201 1

–9–


This stan d ard d escri bes:

0. 2

–

basic pri ncipl es for im pl em enti n g the req u irem en ts of I EC 61 508 seri es for safetyrelated d ata com m u n i cati ons, i nclu d in g possi bl e transm ission fau l ts, rem ed i al
m easu res an d consid erati ons affecti n g d ata i ntegri ty;

–

i nd i vi d u al d escription of fu nction al safety profi les for several com m u nicati on profil e
fam ili es i n I EC 61 784-1 and I EC 61 784-2;

–

safety l a yer exten si on s to th e com m u n ication service an d protocol s secti on s of th e
I EC 61 1 58 seri es.
Paten t d ecl arati on

The I ntern ation al El ectrotechn ical Com m ission (I EC) d raws atten ti on to th e fact th at it is
cl aim ed th at com pl i ance wi th th is d ocu m ent m ay in vol ve th e u se of a paten t concern i n g th e
fu n cti onal safety com m u n ication profi l es for fam i l y 1 8 as fol lows, wh ere the [xx] notati on
in d icates the h ol d er of th e paten t ri g ht:
DE 1 0 2008 007 672. 4-31

[PI ]

Verfahren u n d Vorrich tu n g zu m Ü bertrag en von
Daten i n ei n em N etzwerk


I EC takes n o positi on concern i ng th e evid ence, val i d ity an d scope of th is paten t ri gh t.
The hol d er of th is patent ri gh t has assu red th e I EC th at h e/sh e is wi l l i ng to neg oti ate l icences
either free of charg e or u n d er reason able an d n on-d iscrim in atory term s an d con d iti on s wi th
appl ican ts throu gh ou t th e worl d . I n this respect, th e statem en t of th e h ol d er of th is patent
ri gh t is reg istered wi th I EC. I nform ation m ay be obtai n ed from :
I nform ati on m ay be obtai ned from :
[PI ]

Pi l z Gm bH & Co. KG
Fel ix-Wankel -Str. 2
73760 Ostfi l d ern
GERM AN Y

Atten tion is d rawn to th e possibi l i ty th at som e of th e el em ents of th is d ocu m ent m ay be th e
su bj ect of patent rig h ts other th an th ose i d entified above. I EC sh al l n ot be h el d responsi bl e for
id entifyi n g an y or al l su ch paten t ri g hts.
I SO (www. i so. org /paten ts) and I EC (h ttp: //www. i ec. ch/tctool s/paten t_d ecl . h tm ) m ai ntain on l in e d ata bases of paten ts rel evan t to their stan d ard s. U sers are en cou raged to consu l t th e
data bases for th e m ost u p to d ate i nform ati on concern i ng paten ts.


– 11 –

BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

– 10 –

BS EN 61 784-3-1 8:201 1


61 784-3-1 8

 I EC: 201 1

I N D U S T RI AL C O M M U N I C AT I O N N E T WO RKS –
P RO F I L E S

P a rt 3 -1 8 :

F u n c ti o n a l s a fe t y fi e l d b u s e s –

Ad d i ti o n a l s p e c i fi c a ti o n s fo r C P F 1 8

1

S cop e

This part of the I EC 61 784-3 series specifi es a safety com m u nicati on l ayer (services and
protocol) based on CPF 1 8 of I EC 61 784-2 and I EC 61 1 58 Type 2 2. I t i d entifi es th e princi ples
for fu n cti onal safety com m u nicati on s d efi ned i n I EC 61 784-3 th at are rel evan t for th is safety
com m u nicati on l a yer.
N OTE 1 I t d oes n ot cover el ectri cal safety an d i n tri n si c safety as pects. E l ectri cal safety rel ates to h azard s su ch
as el ectri cal sh ock. I n tri n si c safety rel ates to h azard s associ ated wi th poten ti al l y expl osi ve atm osph eres.

This part 1 d efin es m ech an ism s for the transm issi on of safety-rel evant m essages am on g
participants wi th i n a d istri bu ted n etwork u si ng fi el d bu s tech n o log y in accord ance with th e
req u irem ents of I EC 61 508 seri es 2 for fu nction al safety. Th ese m ech an ism s m ay be u sed i n
variou s in d u stri al appli cati ons su ch as process con trol , m an u factu ri ng au tom ation an d
m achi nery.
This part provi d es g u i d el in es for both d evel opers an d assessors of com pl i ant d evices an d

system s.
N OTE 2 Th e resu l ti n g S I L cl ai m of a system d epen d s on th e i m pl em en tati on of th e sel ected fu n cti on al safety
com m u n i cati on profi l e wi th i n th i s system – im pl em en tati on of a fu n cti on al safety com m u n i cati on profi l e accord i n g to
th i s part i n a stan d ard d evi ce i s n ot su ffi ci en t to q u al i fy i t as a safety d evi ce.
2

N o rm a t i ve re fe re n c e s

The fol l owi ng referenced d ocu m ents are i n d ispen sabl e for th e appl icati on of th is d ocu m ent.
For d ated references, on l y the ed i ti on ci ted appl i es. For u n d ated referen ces, th e l atest ed i tion
of th e referenced d ocu m en t (i nclu d i ng an y am en d m ents) appl i es.
I EC 61 1 58-3-2 2, Industrial communication networks – Fieldbus specifications – Part 3-22:

Data-link layer service definition – Type 22 elements

I EC 61 1 58-4-22 , Industrial communication networks – Fieldbus specifications – Part 4-22:
Data-link layer protocol specification – Type 22 elements
I EC 61 1 58-5-2 2, Industrial communication networks – Fieldbus specifications – Part 5-22:

Application layer service definition – Type 22 elements

I EC 61 1 58-6-22, Industrial communication networks – Fieldbus specifications – Part 6-22:
Application layer protocol specification – Type 22 elements
I EC 61 508 (all parts), Functional safety of electrical/electronic/programmable electronic

safety-related systems
___________
1

I n th e fol l owi n g pag es of th i s stan d ard , “th i s part” wi l l be u sed for “th i s part of th e I E C 6 1 784-3 seri es”.


2

I n th e fol l owi n g pag es of th i s stan d ard , “I E C 6 1 50 8” wi l l be u s ed for “I E C 6 1 508 seri es”.


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

BS EN 61 784-3-1 8:201 1
61 784-3-1 8

 I EC: 201 1

– 12 –
– 11 –

I EC 61 508-2: 201 0, Functional safety of electrical/electronic/programmable electronic safetyrelated systems – Part 2: Requirements for electrical/electronic/programmable electronic
safety-related systems
I EC 61 784-2: 201 0, Industrial communication networks – Profiles – Part 2: Additional fieldbus

profiles for real-time networks based on ISO/IEC 8802-3

I EC 61 784-3: 201 0, Industrial communication networks – Profiles – Part 3: Functional safety

fieldbuses – General rules and profile definitions

I EC 61 91 8, Industrial communication networks – Installation of communication networks in

industrial premises


I SO/I EC 1 0731 , Information technology – Open system interconnection – Basic reference

model – Conventions for the definition of OSI services

3

Terms, definitions, symbols, abbrevi ated terms and conventi ons

3. 1

Term s and d efi nition s

For the pu rposes of th is d ocu m en t, th e fol l owi ng term s an d d efi n iti ons appl y.

3. 1 . 1

Com mon terms and definition s

3. 1 . 1 .1
avail abi lity

probabi l i ty for an au tom ated system that for a g i ven peri od of tim e th ere are n o u nsatisfactory
system cond i tions su ch as l oss of prod u cti on

3. 1 . 1 .2
black ch ann el
communication channel wi th ou t avai l abl e evi d ence of d esi gn or val i d ation accord i ng to

I EC 61 508


3. 1 . 1 .3
com mu n ication chann el

l og ical con n ecti on between two en d -poi n ts wi thi n a communication system

3. 1 . 1 .4
com mu n ication system

arran g em en t of hard ware, software an d propag ati on m ed i a to al l ow th e transfer of messages
(I SO/I EC 7498 appl ication l ayer) from on e appl icati on to an oth er

3. 1 . 1 .5
conn ecti on

l og ical bin d i n g between two appl icati on obj ects wi th i n th e sam e or d ifferen t d evices

3. 1 . 1 .6
Cycl i c Red u nd an cy Check (CRC)

<valu e> red u n d an t d ata d eri ved from , an d stored or transm itted tog eth er with , a block of d ata
i n ord er to d etect d ata corru pti on
<m ethod > proced u re u sed to calcu l ate th e red u n d an t d ata
N OTE 1 Term s “CRC cod e” an d " CRC si g n atu re", an d l abel s su ch as CRC1 , CRC2, m ay al so be u sed i n th i s
stan d ard to refer to th e red u n d an t d ata.


– 13 –

BS EN 61 784-3-1 8:2011 +A1 :201 7

IEC 61 784-3-1 8:2011 +A1 :201 6

– 12 –
N OTE 2

BS EN 61 784-3-1 8:201 1

61 784-3-1 8

 I EC: 201 1

S ee al so [35] , [36] 3 .

3. 1 . 1 . 7
error
d iscrepancy between a com pu ted , observed or m easu red val u e or con d iti on and th e tru e,
specified or th eoretical l y correct val u e or con d i ti on

[I EC 61 508-4: 2 01 0] , [I EC 61 1 58]
N OTE 1 E rrors m ay be d u e to d esi g n m i stakes wi th i n h ard ware/software an d /or corru pted i n form ati on d u e to
el ectrom ag n eti c i n terferen ce an d /or oth er effects.
N OTE 2

E rrors d o n ot n ecessari l y resu l t i n a failure or a fault.

3. 1 . 1 . 8
fai l u re
term i nation of th e abil i ty of a fu ncti on al u ni t to perform a req u ired fu n ction or operati on of a
fu ncti onal u n it in an y way oth er than as req u ired
N OTE 1


Th e d efi n i ti on i n I EC 61 508-4 i s th e sam e, wi th ad d i ti on al n otes.

[I EC 61 508-4: 2 01 0, m od i fied ] , [I SO/I EC 2382-1 4. 01 . 1 1 , m od ified ]
N OTE 2 Fai l u re m ay be d u e to an error (for exam pl e, probl em wi th h ard ware/software d esi g n or m essag e
d i sru pti on ).

3. 1 . 1 . 9
fau l t
abn orm al con d iti on th at m ay cau se a red u cti on in , or l oss of, th e capabil i ty of a fu ncti on al u n it
to perform a req u ired fu n cti on
N OTE I EV 1 91 -05-01 d efi n es “fau l t” as a state ch aracteri zed by th e i n abi l i ty to perform a req u i red fu n cti on ,
excl u d i n g th e i n abi l i ty d u ri n g preven ti ve m ai n ten an ce or oth er pl an n ed acti on s, or d u e to l ack of extern al
resou rces.

[I EC 61 508-4: 2 01 0, m od i fied ] , [I SO/I EC 2382-1 4. 01 . 1 0, m od ified ]
3. 1 . 1 . 1 0
fi el d bu s

communication system based on seri al d ata tran sfer and u sed in i n d u stri al au tom ati on or
process con trol appl icati ons

3. 1 . 1 . 1 1
fram e
d en i grated s yn on ym for DLPDU
3. 1 . 1 . 1 2
Fram e Ch eck Seq u en ce (FC S)
red u n d an t d ata d eri ved from a bl ock of d ata with i n a D LPD U (fram e), u si n g a h ash fu n cti on,
an d stored or transm itted tog eth er wi th the bl ock of d ata, i n ord er to d etect d ata corru ption
N OTE 1


An FCS can be d eri ved u si n g for exam pl e a CRC or oth er h ash fu n cti on .

N OTE 2

S ee al so [35] , [36] .

3. 1 . 1 . 1 3
h ash fu n cti on
(m ath em atical) fu nction th at m aps val u es from a (possibl y very) l arg e set of val u es i n to a
(u su al l y) sm al l er ran g e of val u es

___________
3

Fi g u res i n sq u are brackets refer to th e Bi bl i og raph y.


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

BS EN 61 784-3-1 8:201 1
61 784-3-1 8

 I EC: 201 1

– 14 –
– 13 –

N OTE 1


H ash fu n cti on s can be u sed to d etect d ata corru pti on .

N OTE 2

Com m on h ash fu n cti on s i n cl u d e pari ty, ch ecksu m or CRC.

[I EC/TR 6221 0, m od ifi ed ]
3. 1 . 1 . 1 4
h azard
state or set of con d iti on s of a s ystem th at, tog eth er with oth er rel ated con d i ti on s wi l l i n evi tabl y
l ead to harm to persons, property or en vironm ent
3. 1 . 1 . 1 5
m essag e
ord ered series of octets i ntend ed to con ve y i nform ati on

[I SO/I EC 2382-1 6. 02. 01 , m od ifi ed ]
3. 1 . 1 . 1 6
m essag e si n k
part of a communication system i n wh ich messages are consi d ered to be recei ved

[I SO/I EC 2382-1 6. 02. 03]
3. 1 . 1 . 1 7
m essag e sou rce
part of a communication system from wh ich messages are consid ered to ori g i n ate

[I SO/I EC 2382-1 6. 02. 02]
3. 1 . 1 . 1 8
n u i san ce tri p
spu ri ou s trip wi th n o h arm fu l effect

N OTE I n tern al abn orm al errors can be cau sed i n com m un i cati on system s su ch as wi rel ess tran sm i ssi on , for
exam pl e by too m an y retri es i n th e presen ce of i n terferen ces.

3. 1 . 1 . 1 9
perform an ce l evel (PL)
d iscrete l evel u sed to specify the abi l ity of safety-related parts of con trol system s to perform a
safety fu ncti on u n d er foreseeabl e cond i tions

[I SO 1 3849-1 ]
3. 1 . 1 . 20
red u n d an cy
existence of m eans, i n ad d i tion to th e m eans wh i ch wou l d be su ffici ent for a fu n cti on al u n it to
perform a req u ired fu ncti on or for d ata to represent inform ati on

[I EC 61 508-4: 2 01 0, m od i fied ] , [I SO/I EC 2382-1 4. 01 . 1 2, m od ified ]
3. 1 . 1 . 21
ri sk
com bi nation of th e probabil i ty of occu rrence of h arm and th e severi ty of th at h arm
N OTE

For m ore d i scu ssi on on th i s con cept see An n ex A of I E C 61 508-5: 2 01 0.

[I EC 61 508-4: 2 01 0] , [I SO/I EC G u id e 51 : 1 999, d efi n iti on 3. 2]
3. 1 . 1 . 22
safety com m u n i cati on l ayer (SCL)
com m u nicati on l a yer th at incl u d es al l the n ecessary m easu res to ensu re safe transm ission of
d ata i n accord ance wi th the req u irem ents of I EC 61 508


– 15 –


BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

BS EN 61 784-3-1 8:201 1

– 14 –

61 784-3-1 8

 I EC: 201 1

3. 1 . 1 . 23
s a fe t y d a t a

d ata tran sm itted across a safety n etwork u si n g a safety protocol
N OTE Th e S afety Com m u n i cati on Layer d oes n ot en su re safety of th e d ata i tsel f, on l y th at th e d ata i s tran sm i tted
safel y.
3. 1 . 1 . 2 4
s a fe t y d e v i c e

d evice d esig n ed i n accord ance with I EC 61 508 an d wh ich im pl em en ts the fu ncti on al safety
com m u nicati on profi l e
3. 1 . 1 . 2 5
s a fe t y fu n c t i o n

fu ncti on to be im plem ented by an E/E/PE safety-rel ated s ystem or oth er risk red u ction
m easu res, th at is i nten d ed to ach ieve or m ai ntai n a safe state for th e EU C, i n respect of a
specific hazard ou s event
N OTE


Th e d efi n i ti on i n I EC 6 1 508-4 i s th e sam e, wi th an ad d i ti on al exam pl e an d referen ce.

[I EC 61 508-4: 2 01 0, m od i fied ]
3. 1 . 1 . 2 6
s a fe t y fu n c t i o n

re s p o n s e t i m e

worst case el apsed tim e fol l owi ng an actu ation of a safety sensor con n ected to a fi eld bu s,
before th e correspon d in g safe state of i ts safety actu ator(s) is ach i eved i n th e presence of
errors or fai l u res i n th e safety fu ncti on chan nel
N OTE Th i s con cept i s i n trod u ced i n I E C 61 784 -3: 201 0 ,
com m u n i cati on profi l es d efi n ed i n th i s part.

5. 2. 4 an d ad d ressed

by th e fu n cti on al safety

3. 1 . 1 . 2 7
s a fe t y i n t e g ri t y l e v e l ( S I L )

d iscrete l evel (one ou t of a possi bl e fou r), correspon d i ng to a ran g e of safety i n tegri ty val u es,
wh ere safety i n tegri ty l evel 4 h as th e h i gh est level of safety i n tegri ty an d safety i n tegri ty l evel
1 h as th e l owest
N OTE 1 Th e targ et fai l u re m easu res (see I E C 61 508-4: 2 01 0, 3. 5. 1 7) for th e fou r safety i n teg ri ty l evel s are
speci fi ed i n Tabl es 2 an d 3 of I E C 61 508-1 : 2 01 0.
N OTE 2 Safety i n teg ri ty l evel s are u sed for speci fyi n g th e s afety i n teg ri ty req u i rem en ts of th e safety fu n cti on s to
be al l ocated to th e E /E /PE safety-rel ated system s.
N OTE 3 A safety i n teg ri ty l evel (S I L) i s n ot a property of a system , su bsystem , el em en t or com pon en t. Th e correct

i n terpretati on of th e ph rase “S I L n safety-rel ated system ” (wh ere n i s 1 , 2, 3 or 4) i s th at th e system is poten ti al l y
capabl e of su pporti n g safety fu n cti on s wi th a safety i n teg ri ty l evel u p to n .

[I EC 61 508-4: 2 01 0]
3. 1 . 1 . 2 8
s a fe t y m e a s u re

<th is stan d ard > m easu re to con trol possi bl e com m u nicati on errors th at is d esi g ned and
im pl em ented i n com pl i an ce wi th th e req u irem en ts of I EC 61 508
N OTE 1

I n practi ce, several safety m easu res are com bi n ed to ach i eve th e req u i red safety i n teg ri ty l evel .

N OTE 2

Com m u n i cati on errors an d rel ated safety m easu res are d etai l ed i n I E C 6 1 784-3: 20 1 0, 5. 3 an d 5. 4.

3. 1 . 1 . 2 9
s a fe t y - re l a t e d

ap p l i c ati o n

program s d esi gn ed i n accord ance wi th I EC 61 508 to m eet the SI L req u irem ents of th e
appl ication


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

BS EN 61 784-3-1 8:201 1

61 784-3-1 8

 I EC: 201 1

– 16 –
– 15 –

3. 1 . 1 . 30
safety-rel ated system
system perform in g safety functions accord in g to I EC 61 508
3. 1 . 1 . 31
spu ri ou s tri p
tri p cau sed by th e safety system with ou t a process d em an d
3. 1 . 2

CPF 1 8: Ad d i ti on al term s an d d efi n i ti on s

3. 1 . 2. 1
cl i en t/server rel ati on sh i p
relationsh ip wh ere th e cl i en t send s d ata to the server, wh ich repl i es wi th th e req u ested d ata
3. 1 . 2. 2
con secu ti ve n u m ber
u nsi g ned i n teg er with wrap to zero on overfl ow wh ich is u sed as m ean s to ensu re
com pl eteness an d th e ri g ht ord er of transm itted safety PDU s
N OTE

I n stan ce of "seq u en ce n u m ber" as d escri bed i n I E C 6 1 784-3.

3. 1 . 2. 3
cycl e

i nterval at wh i ch a l ist of i n stru cti on s or an acti vi ty is repetiti vel y and con ti n u ou sl y execu ted
3. 1 . 2. 4
d el ay
transm issi on tim e of PD U s wh ich is d yn am ical l y cau sed by n etwork properties like traffic,
swi tchi n g d evices an d topol og y
3. 1 . 2. 5
fai l -safe
abi l ity of a system th at, by ad eq u ate tech n ical or org an i zation al m easu res, preven ts h azard s
either d eterm in istical l y or by red u cin g th e risk to a tol erabl e m easu re
3. 1 . 2. 6
g ateway
d evice acti n g as a l i nki ng el em ent between d ifferen t protocols
3. 1 . 2. 7
l og i cal d ou bl e l i n e
seq u ence of root d evice an d al l ord i n ary d evices processi n g th e com m u n icati on fram e i n
forward an d backward d irecti on
3. 1 . 2. 8
prod u cer/con su m er rel ati on sh i p
relationsh ip wh ere th e prod u cer sen d s d ata to th e consu m er with ou t a specific req u est
3. 1 . 2. 9
real ti m e fram e l i n e (RTFL)
com m u nicati on m od el wi th d evices com m u nicati ng i n a log ical d ou bl e l i n e (see CP 1 8/2)
3. 1 . 2. 1 0
real ti m e fram e n etwork (RTFN )
com m u nicati on m od el wi th d evices com m u nicati ng i n a swi tch ed n etwork (see CP 1 8/1 )


BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6


– 17 –

BS EN 61 784-3-1 8:201 1

– 16 –

61 784-3-1 8

3. 1 . 2.1 1
SCL man ag emen t (SALM T)
m echan ism to control th e SCL state of safety d evi ces

3. 1 . 2.1 2
safety delay monitoring (SDM )

safety m ech an ism to cycl ical l y m on itor the d el a y of tran sm itted PDU s

3. 1 . 2.1 3
safety heartbeat (SH B)

m echan ism to cycl ical l y m onitor th e state of safety d evi ces

3. 1 . 2.1 4
safety process d ata obj ect (SPDO)

m echan ism to cycl ical l y exchan ge safety process d ata between d evices

3. 1 . 2.1 5
send er/receiver relation shi p


relationsh ip wh ere th e send er sen d s d ata to th e recei ver

3. 1 . 2.1 6
1 : 1 rel ationship

com m u nicati on rel ati onsh ip wi th exactl y on e sen d er and on e recei ver

3. 1 . 2.1 7
1 : n rel ation sh ip

com m u nicati on rel ati onsh ip wi th exactl y on e sen d er and on e or m an y recei vers

3. 2
3. 2. 1
CP

Symbol s and abbreviated term s
Com mon sym bol s an d abbreviated term s
Com m u n i cati on Profi l e

[I E C 61 784-1 ]
[I EC 61 784-1 ]

CPF

Com m u n i cati on Profi l e Fam i l y

CRC

Cycl i c Red u n d an cy Ch eck


DLL

Data Li n k Layer

DLPD U

Data Li n k Protocol D ata U n i t

EM C

E l ectrom ag n eti c Com pati bi l i ty

EU C

E q u i pm en t U n d er Con trol

[I E C 61 508-4: 2 01 0]

E/E /PE

E l ectri cal /E l ectron i c/Prog ram m abl e E l ectron i c

[I EC 61 508-4: 2 01 0]

FAL

Fi el d bu s Appl i cati on Layer

FCS


Fram e Ch eck S eq u en ce

FS

Fu n cti on al Safety

FS CP

Fu n cti on al Safety Com m u n i cati on Profi l e

PDU

Protocol Data U n i t

PFH

Averag e freq u en cy of d an g erou s fai l u re [h -1 ]

Ph L

Ph ysi cal Layer

PL

Perform an ce Level

PLC

Prog ram m abl e Log i c Con trol l er


SCL

S afety Com m u n i cati on Layer

SI L

S afety I n teg ri ty Level

[I SO/I E C 7498-1 ]

[I EC 61 1 58-5]

[I SO/I EC 7498-1 ]
[I E C 61 508-4]
[I S O/I EC 7498-1 ]
[I SO 1 384 9-1 ]

[I E C 61 508-4: 2 01 0]

 I EC: 201 1


BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

– 18 –

BS EN 61 784-3-1 8:201 1
61 784-3-1 8


3. 2. 2

 I EC: 201 1

– 17 –

CPF 1 8: Ad d ition al sym bol s and abbreviated term s

3. 2. 2.1

Ad di tion al abbrevi ated term s

AL

Appl i cati on l ayer

AP

Appl i cati on process

CDC

Cycl i c d ata ch an n el

FSF

Fai l -safe

ID


I d en ti fi cati on

PDO

Process d ata obj ect

PDO-I D

Process d ata obj ect I D

PI D

Packet I D

RTFL

Real ti m e fram e l i n e

RTFN

Real ti m e fram e n etwork

S ALM T

S CL m an ag em en t

S DM

S afety d el ay m on i tori n g


SHB

S afety h eartbeat

SI D

S afety I D

S PDO

Safety process d ata obj ect

3. 2. 2.2

Ad di tional symbol s

S ym bol

Defi n i ti on

Descri pti on

Unit

TA

Actu ator ti m e

Worst case respon s e ti m e of th e actu ator for con versi on

an d reacti on accord i n g to th e safety fu n cti on

µs

T cycl e

Cycl e ti m e

Cycl e ti m e of com m u n i cati on

TI

I n pu t ti m e

Worst case processi n g ti m e of th e i n pu t d evi ce

TL

Log i c processi n g ti m e

Worst case processi n g ti m e of th e safety l og i c con trol l er

TO

Ou tpu t ti m e

Worst case processi n g ti m e of th e ou tpu t d evi ce

TS


S en sor ti m e

Worst case respon se ti m e of th e sen sor from th e d etecti on
of a ph ysi cal si g n al ch an g e to val i d con versi on resu l t

µs
µs
µs
µs
µs

T SFR

S afety fu n cti on respon se ti m e

Safety fu n cti on respon se ti m e from th e ph ysi cal i n pu t si g n al
to th e reacti on on th e actu ator

µs

T TOi

Ti m eou t ti m e of com pon en t

Ti m eou t ti m e for safety com pon en t i

T TOS

Tran sm i ssi on ti m e


Worst case tran sm i ssi on ti m e of th e com m u n i cati on
n etwork. Ti m eou t ti m e for FS CP 1 8/1

µs
µs

∆T

Ti m eou t m arg i n

Ad d i ti on al m arg i n on tran sm i ssi on cycl e ti m e. Th i s val u e i s
d efi n ed by th e u ser based on th e appl i cati on req u i rem en ts.
Typi cal ran g e i s 0 % to 1 5 %

3. 3

µs

Conventions

Th e attribu tes of an obj ect are d escri bed i n th e form as sh own i n Tabl e 1 . The m ean in g of th e
attribu tes is d escri bed in th e fol l owi n g l ist.

•
•

I n d ex d escri bes th e positi on wi th i n th e safety obj ect d icti on ary of an obj ect.
Su b-i n d ex d escri bes a si ng l e el em en t of th e obj ect contain i n g the fol l owi n g d ata. I t wi l l be
repeated for each el em ent of th e obj ect.
–


N am e d en otes a n am e stri ng for th is attribu te.

–

Descri pti on is u sed for ad d i tion al inform ati on on h ow th e obj ect shal l be u sed .


BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

– 19 –

BS EN 61 784-3-1 8:201 1

– 18 –

61 784-3-1 8

 I EC: 201 1

–

Obj ect type d en otes the ch aracteri zi n g type for each obj ect as specified in
I EC 61 1 58-6-22.

–

Data Type d en otes th e d ata type of this el em en t.


–

Categ ory i n d icates whether th e el em en t is m an d atory (M ), opti onal (O) or d epen d s
u pon settin g of oth er attri bu tes (C).

–

Access attribu te shows the access ri g h t to th is el em ent. RO m eans read access ri g h t,
RW m eans read an d write access ri gh t, WO m eans wri te access ri g ht, wh il e FSF
d en otes n o access ri g hts except for the safety applicati on an d opti onal read access by
SDO services as specified i n I EC 61 1 58-5-22 an d I EC 61 1 58-6-22 .

–

SPD O m appi n g d en otes th e possi bi l ity to m ap th i s attri bu te to TxSPDO or RxSPDO or
to in d icate th at th is param eter is n ot m apabl e.

–

Val u e ran ge con tai ns th e val u e ran g e of a d ed icated el em en t or “N o” for no pred efin ed val u e ran ge.

–

Val u e con tai ns th e con stan t val u e(s) and /or th e m ean in g of the param eter or “N o” for
no pre-d efi n ed val u e.

Table 1 – Obj ect d efi niti on
Attri bu te

Val u e


I n d ex
Su b-i n d ex
N am e
Descri pti on
Obj ect type
Data type
Categ ory
Access attri bu te
SPDO m appi n g
Val u e ran g e
Val u e

The FSCP s yn tax el em ents rel ated to PDU stru ctu re are d escribed as sh own in Tabl e 2. The
m ean in g of th e tabl e col u m n s is d escribed i n th e foll owi n g l ist.

•
•
•

Octet offset d enotes th e offset of th e D LPDU part rel ati ve to the start of th e safety PDU .
Data fi eld is th e n am e of th e el em en t.
Val u e/D escri pti on contai ns th e con stant val u e or the m ean in g of th e param eter.

Table 2 – Safety PDU el em ent d efin iti on
Octet offset

Data fi el d

Descri pti on



BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

– 20 –

BS EN 61 784-3-1 8:201 1
61 784-3-1 8

4
4. 1

 I EC: 201 1

– 19 –

Overvi ew of FSCP 1 8/1 (SafetyN ET p™ )
Gen eral

Com m u nicati on Profi l e Fam il y 1 8 (com m on l y kn own as SafetyN ET p™ 4 ) d efi n es
com m u nicati on profi l es based on I EC 61 1 58-3-22, I EC 61 1 58-4-22, I EC 61 1 58-5-22 an d
I EC 61 1 58-6-2 2.
Th e basic profil es CP 1 8/1 and CP 1 8/2 are d efin ed in I EC 61 784-2: 201 0. The fu nction al
safety com m u n ication profi l e FSCP 1 8/1 (SafetyN ET p™ ) is based on th e CPF 1 8 basic
profi les in I EC 61 784-2 and th e safety com m u n icati on l a yer specifications d efi ned i n th is part.

4. 2

FSCP 1 8/1


FSCP 1 8/1 d escri bes a safety protocol for tran sferri ng safety process d ata u p to SI L 3
between FSCP 1 8/1 d evi ces. For th e tran sfer of th e safety protocol , a su bord i n ated fi eld bu s is
u sed th at is not i ncl u d ed i n th e safety consi d erati ons (bl ack ch an n el approach). Safety d ata
exch ang ed between com m u nicati ng partn ers is reg ard ed as cycl ic process d ata exchan ged
between th em by th e su bord i n ated fi el d bu s.

S afety
appl .

Stan d ard
appl .

Root
d evi ce

Ord i n ary
d evi ce

G ateway

S afety
appl .

Stan d ard
appl .

S afety
appl .


S tan d ard
appl .

Ord i n ary
d evi ce

Ord i n ary
d evi ce

Ord i n ary
d evi ce

Ord i n ary
d evi ce

CP 1 8/1
CP 1 8/2
S afety
appl .

S afety
appl .

Devi ce

Devi ce
Swi tch

S wi tch


S afety
appl .

Stan d ard
appl .

Devi ce

Devi ce

CP 1 8/1
S afety
appl .

Safety
appl .

S tan d ard
appl .

Safety
appl .

Root
d evi ce

Ord i n ary
d evi ce

Ord i n ary

d evi ce

Ord i n ary
d evi ce

S afety
appl .
G ateway

S afety com m u n i cati on rel ati on

Ord i n ary
d evi ce

IEC

770/1 1

Fig u re 3 – FSCP 1 8/1 system
___________
4

S afetyN E T p i s a trad e n am e of Pi l z G m bH & Co. KG . Th i s i n form ati on i s g i ven for th e con ven i en ce of u sers of
th i s I n tern ati on al S tan d ard an d d oes n ot con sti tu te an en d orsem en t by I E C of th e trad e n am e h ol d er or an y of
i ts prod u cts. Com pl i an ce to th i s part d oes n ot req u i re u se of th e trad e n am e S afetyN E T p. U se of th e trad e
n am e S afetyN ET p req u i res perm i ssi on of Pi l z G m bH & Co. KG .


– 21 –


BS EN 61 784-3-1 8:2011 +A1 :201 7
IEC 61 784-3-1 8:2011 +A1 :201 6

– 20 –

BS EN 61 784-3-1 8:201 1

61 784-3-1 8

 I EC: 201 1

FSCP 1 8/1 u ses a d ed icated 1 : n rel ati onsh i p of th e prod u cer/consu m er rel ationshi p type for
safety process d ata com m u nicati on an d a 1 : 1 rel ati onsh i p for th e pu rpose of safety d evice
m onitori ng . Fi g u re 3 sh ows possi bl e com m u n icati on rel ati on sh i ps based on a CP 1 8/1 an d
CP 1 8/2 network.
For the real i zati on of FSCP 1 8/1 , the fol l owi n g safety m easu res h ave been ch osen :

•
•
•
•
•
•

session n u m ber (consecu ti ve n u m ber);
tim e expectati on for com m u nicati on m on itori ng ;
u n i q u e id en tificati on of sen d ers;
cycl ic red u n d ancy ch ecki ng for d ata i n tegrity;
d ifferent d ata i n tegrity assu rance s ystem s for safety an d n on -safety com m un ication;
packet d el ay m oni tori n g for d ed icated com m u n icati on rel ati onsh i ps.


Each d evice m ain tai ns a safety com m u nicati on l ayer state m achi n e, wh ich is coord i n ated by
th e safety appl icati on . Safety is ensu red based on th e SCL swi tch i n g to th e system error state
(i. e. safe state) as soon as an error is d etected .

5
5. 1

General
Extern al d ocu m en ts providin g specifi cati on s for th e profil e

Th e fol l owi ng d ocu m en t i s u sefu l i n u nd erstan d in g the d esi gn of FSCP 1 8/1 protocol :

•
5. 2

GS-ET-26 [34]

Safety fu n cti on al req u i rem ents

The foll owi n g req u irem ents sh al l appl y to th e d evel opm ent of d evices that im pl em ent th e
FSCP 1 8/1 protocol . Th e sam e req u irem en ts were u sed i n th e d evel opm en t of FS CP 1 8/1 .

•
•

Req u irem en ts of I EC 61 508 shal l be fu l fil l ed .

•


FSCP 1 8/1 protocol is i m pl em en ted u si n g a bl ack chann el approach; th ere is n o safety
related d epen d ency on the stand ard CPF 1 8 com m u nicati on profi les. Tran sm issi on
eq u i pm ent sh al l rem ai n u nm od ifi ed .

•
•
•
•
•

•
•

The FSCP 1 8/1 protocol is d esi gn ed to su pport Safety I n teg ri ty Level 3 (SI L 3) (see
I EC 61 508).

Safety com m u nicati on an d stand ard com m u nicati on shal l be i n d epend ent. Safety d evices
an d stan d ard d evices sh all be abl e to u se the sam e com m u n icati on ch an n el.
There sh all al ways be a 1 : 1 rel ati onsh i p between com m u nicati n g d evices for d evice
m onitori n g pu rpose.
Safety com m u n icati on shal l u se a si n g l e-ch an n el com m u nicati on s ystem . Red u n d ancy
m ay on l y be u sed option al l y for i n creased avai labi l ity.
I m plem entati on of th e safety protocol shal l be restricted to th e com m u nication en d
d evices.
The transm issi on d u ration tim e sh al l be m on itored .

Devices d ocumentations shal l ind icate the Safety I ntegrity Level (SI L) they are d esign ed for�
For d evices using protocol version 2 (see 7� 1 � 3� 4) it is required to ad d 1 0 to th e PFH of the
d evice h ard ware to accou nt for the communication chan nel�
-9


N OTE I n this way, the u ser of the device will not have to accoun t for the n umber of logical conn ection s within a
safety function�

•

The use of error correction mechanisms in the black chan nel is permitted �




BS EN 61 784-3-1 8:201 1 +A1 :201 7
IEC 61 784-3-1 8:201 1 +A1 :201 6

5. 3

– 22 –

Safety m easu res

The safety m easu res u sed i n th e FSCP 1 8/1 to d etect com m u nication errors are l isted i n
61 784-3-1
 I EC:m2 01
1 res sh al l be appli ed– an
21 d–m on itored wi thi n each safety d evice.
Tabl
e 3. Al8l safety
easu

Table 3 – Com mu n icati on errors an d d etection m easu res

Safety m easu res
Sequ en ce
n u m ber

Ti m e
expectati on a

Con n ecti on
au th en ti cati on b

Data
i n teg ri ty
assu ran ce

Di ff. d ata
i n teg ri ty
assu ran ce
s ystem s

Corru pti on

—

—

—

X

—


U n i n ten d ed repeti ti on

X

—

—

—

—

I n correct seq u en ce

X

—

—

—

—

Loss

X

X


—

—

—

U n acceptabl e d el ay

—

X

—

—

—

I n serti on

X

—

X

—

—


Masq u erad e

X

—

X

—

X

Ad d ressi n g

X

—

X

—

—

Revol vi n g m em ory
fai l u res wi th i n swi tch es

X


X

X

X

—

Com m u n i cati on errors

a I n th i s stan d ard cal l ed “T
TO S ”.
b I n th i s stan d ard real i zed by “S I D” an d “PI D ”.

5. 4

Safety comm u ni cati on l ayer stru ctu re

Fi gu re 4 sh ows how th e protocol is related to CPF 1 8 and Type 22. Th e FSCP 1 8/1 safety
com m u nicati on la yer is l ocated on top of th e CPF 1 8 an d Type 22 applicati on and d ata l ink
l a yers an d u ti l i zes th e n on -safety services of CPF 1 8 an d Type 22 to tran sfer safety PDU s.
Appl icati on

Safety application

Appl icati on Obj ects

FSCP 1 8/1
Safety obj ect d icti on ary
SPD O


SH B

CPF 1 8 an d Type 2 2
Appl icati on La yer
Data l ink l ayer
Ph ysical La yer
IEC

771 /1 1

Figu re 4 – FSCP 1 8/1 software arch itectu re
A safety process d ata obj ect (SPDO) contai ni n g the safety process d ata, th e i d en tification
i nform ation an d th e req u i red error d etecti on m easu res is in cl u d ed in th e Type 22 process d ata
obj ects. The m appi ng of th e safety process d ata to SPDOs is d on e by entri es i n th e safety
obj ect d iction ary.


BS EN 61 784-3-1 8:2011 +A1 :201 7
–
23
–
IEC
Figu re 4 – FSCP 1 8/1 software arch itectu
re61 784-3-1 8:2011 +A1 :201 6
A safety process d ata obj ect (SPDO) contai ni n g the safety process d ata, th e i d en tification
i nform ation an d th e req u i red error d etecti on m easu res is incl u d ed in th e Type 22 process d ata
obj ects. The m appi ng of th e safety process d ata to SPDOs is d on e by entri es i n th e safety
obj ect d iction ary.
M on itori ng of th e tim e syn chron i zation of th e safety appl icati on is real i zed u sin g a safety

heartbeat service (SH B).
Th e cal cu l ati on of th e resi d u al error probabi l ity for th e FS CP 1 8/1 protocol takes no cred i t of
th e error d etecti on m ech an ism s of th e com m u n icati on s ystem . The protocol can also be
transferred vi a oth er com m u nicati on s ystem s.

5. 5

Relation sh ips with FAL (and DLL, PhL)

5. 5. 1

Gen eral

This safety com m u nicati on la yer is d esig n ed to be u sed i n con j u ncti on with CPF 1 8
com m u nicati on profi l es. Bu t i t is n ot restricted to th is com m u n icati on profi l e.

5. 5. 2

Data Types

Profi l es d efin ed i n th is part su pport al l th e CPF 1 8 d ata types as d efi ned i n I EC 61 1 58-5-22.
The encod in g of th ese d ata types fol l ows the encod in g ru l es d efi ned i n I EC 61 1 58-6-2 2.

6

Safety communi cation l ayer servi ces

6. 1

Gen eral el em ents


6. 1 . 1

Gen eral

Th e FSCP 1 8/1 provid es th e fol l owi n g elem en ts:
•

safety obj ect d iction ary;

•

safety process d ata obj ect (SPD O);

•

safety h eartbeat (SH B);

•

safety d el ay m on i tori n g (SD M ).

6. 1 . 2

Safety obj ect di ction ary

Th e safety obj ect d icti on ary is th e in terface between the safety appl icati on an d the
com m u nicati on s ystem . I t is a grou pin g of obj ects and specifi es u niform com m u nicati on an d
d evice param eters for th e safety-rel ated fu ncti on al i ty. Th e org an i zati on of obj ects is ad j u sted
wi th the organ i zation of CP 1 8/1 and CP 1 8/2. Access to safety obj ect d i cti onary entri es can

option al l y be real i zed by SD O services as d efi n ed i n I EC 61 1 58-5-22 and I EC 61 1 58-6-22.
This access sh al l be restricted to read on l y (RO) access.

6. 1 . 3

Safety process d ata obj ect (SPDO)

Safety process d ata obj ects sh al l provi d e th e req u ired services for safety rel ated process d ata
exch an g e between certai n com m u nicatin g d evices. Safety process d ata com m u nicati on i n
FSCP 1 8/1 is cycl ic, u si ng safety process d ata obj ects (SPDOs). The process d ata
com m u nicati on is spl i t i nto safety transm i t an d recei ve process d ata obj ects (TxSPDOs or
RxSPDO).

6. 1 . 4

Safety h eartbeat (SH B)

Devices wh ich im pl em en t FSCP 1 8/1 SCL u se SH B service for appl icati on l ayer m on i tori n g
an d appl ication m on i tori n g . Th is service is in d epen d en t of an y oth er heartbeat services that
d evices cou ld im pl em ent in paral l el . SH B m essag es are confirm ed cycl ic m essages
exch an g ed between com m u n icati ng d evices an d real i ze a 1 : 1 rel ati on sh i p between d evices.
The SH B m ech an ism is u sed to s yn ch ron i ze the system cl ocks of th e com m u nicati ng d evices.