SI funktions uk

Prévia do material em texto

Safety Integrated for 
Sinumerik
SI function overview
Safety Integrated for 
Sinumerik
Drive based functions on 840D sl
Motion Monitoring functions on 840D sl
General Information
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 3/41
Sinumerik Safety Integrated
Safety technology in change Î towards software and electronics
E
External
External
safety technology
External
safety technology
Drive control
unit
M
CNC
M E
Integrated
PLC
Drive control
unit
Safety
Integrated
Safe 
communication
Motion Monitoring
General information
SINAMICS S120 SI 
basic functions
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 4/41
Sinumerik Safety Integrated
Safety Integrated on 840D sl
ƒ Drive based Safety (Drive Integrated) 
ƒ System based Safety (Motion Monitoring)
Safe Standstill
on MoMo
Safe Standstill 
on NCU7x0
P24
P24
SH / SBC
Wiring via 
terminals 
necessary
Controlled
via
Hardware
Detected and controlled 
by Profisafe and SPL
SINAMICS S120 SI 
basic functions
Motion Monitoring
General information
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 5/41
Sinumerik Safety Integrated
Differences between 840D Powerline and Solutionline
Wiring
ƒ no need to wire pulses enable on the MoMo (EP terminal) 
ƒ no need to wire NCK Onboard Output to 663 (“Reissleine”, Pullcord)
ƒ no need to wire AUS 3
Safe Brake Management (SBM)
ƒ no need to use a SGA to control the motor brake
ƒ Motor brake internal controlled 
ƒ no SPL-Logic for the brake necessary anymore
ƒ SI Interface signal to close the motor brake (AxisDB.DBx23.5)
ƒ SI Feedback signal motor brake opened (AxisDB.DBx92.5)
Connecting Sensors / Actuators 
ƒ Periphery connection via PROFIsafe only
ET200S, ET200pro, ET200eco, DP/ASI-F Link 
Motion Monitoring
General information
SINAMICS S120 SI 
basic functions
Safety Integrated for 
Sinumerik
Drive based functions on 840D sl
Motion Monitoring functions on 840D sl
General Information
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 7/41
Sinumerik Safety Integrated
Safety Integrated on 840D sl
- Motion Monitoring
ƒ System based Safety (Motion Monitoring)
PROFIsafe Master PROFIsafe SlavesMotion Monitoring
General information
PROFIsafe on X126 only
SINAMICS S120 SI 
basic functions
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 8/41
Sinumerik Safety Integrated
Sensing Evaluation Response
I/O
I/O
Bus
Bus
Cross-
monitoring
PLC 
Controller
Type 3
Feedback signals
Feedback signals
Cross-
monitoring
encoder
Drive 
Controller
Type 2
Shutdown paths
incremental
or absolute
Drive 
power 
section
NC 
Controller
Type 1
Two kinds of cross monitoring
- Existing computers form a two-channel, diverse system structure
Motion Monitoring
General information
SINAMICS S120 SI 
basic functions
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒThe two-channel system structure, used for the basic safety functions, comprising an NC 
and drive controller, has been expanded, as far as the safety functionality is involved, for 
"safe programmable logic" (SPL) by the integrated PLC processor.
ƒIn this case, an additional cross monitoring data and result comparison is made between the 
NC and PLC. This compares the external safety-related signals of the sensors and actuators 
as well as the internal flags.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 9/41
Sinumerik Safety Integrated
Safety Integrated on 840D sl
- Overview shutdown paths
Controlled through two channels (independent shutdown 
paths with internal monitoring).NCU
NCK
Motion
Monitor
Motion Monitoring
General information
SINAMICS S120 SI 
basic functions
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
SPL
Sensor / Actuator
Drive
Motion
Monitor
CDC
Motor Module
Channel 2
Diagnose
M
Driver stages
DC 
supply
V
Power electronicsController
Channel 1
V
>=1
>=1
DI on NCU EP terminal
DRIVE(MM) 
SI drive 
based
Monitoring
DRIVE (CU)
SI drive 
based
CDC
ƒ.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 10/41
Sinumerik Safety Integrated
Safety Integrated for Sinumerik
- Option packages
ƒ SI - Basic 6FC5800-0AM63-0YB0
up to 4 INSE/OUTSE,
inclusive 1 Axis /Spindle
ƒ SI - Comfort 6FC5800-0AM64-0YB0
up to 64 INSE/OUTSE,
inclusive 1 Axis /Spindle
ƒ SI - Axis/Spindle 6FC5800-0AC70-0YB0
each additional Axis/Spindle
ƒ SI - Axes/Spindles-Package 6FC5800-0AC60-0YB0
for additional 15 Axes/Spindles
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 11/41
Sinumerik Safety Integrated
Sinumerik Safety Integrated Overview Safety functions
IEC61800-5-2 
ƒ Safe Standstill SH (STO)
ƒ Safe Operation Stop SBH (SOS)
ƒ Safe Stopping process (Safe Stops A,B,C,D,E*(F))
ƒ Safe Braking Ramp SBR
ƒ Safe Brake Control SBC (SBC)
ƒ Safe Brake Test SBT
ƒ Safe Reduced Speed SG (SLS)
ƒ (SG Override, SG setpoint speed limiting)
ƒ Safe Speed Limit (n<nx) (SSM)
ƒ Safe Software Limit Switches SE (SLP)
ƒ Safe Software Cams SN (SCA)
ƒ Safe Input-/ Output signals SGE/SGA
ƒ Safe programmable Logic SPL
ƒ Integrated Acceptance Test with Sinucom NC
ƒ Safe Communication via Profibus (available in version 1.6/ 2.6)
STO: Safe Torque off; SOS: Safe Operation Stop; SBC: Safe Brake Control; SLS: Safely Limit Speed; 
SSM: Safe Speed Monitor; SLP: Safely Limited Position; SCA: Safe Cam
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
*In preparation for 840D sl
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 12/41
Sinumerik Safety Integrated
Safe standstill (SH / STO), Safe Operating Stop (SBH /SOS) 
- Protection against unexpected starts of drives
1. Safe standstill (SH) / Safe torque off (STO)
ƒ The drive pulses are cancelled
ƒ The power supply is electronically disconnected
ƒ The drive is safe torque off
ƒ Safe operating stop (SBH) / Safe operating stop (SOS)
ƒ The drive is still in the position control mode
ƒ Standstill monitoring is active
ƒ The drive still has the full torque
Expected: Drive stationary
Effect: Protection against unexpected starts of drives
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGAƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒSafe standstill (SH)
ƒIn case of fault resp. in combination with a machine function, the safe standstill“ function is 
used to safely disconnect the power supply to the motor. This is performed for specific axes 
and contact-free. The “safe standstill“ function is based on the safe pulse suppression 
function integrated in the SIMODRIVE 611 D drive modules. The machine manufacturers has 
to adopt the relevant measures in order to prevent motor movements after disconnecting the 
power supply (e.g. against the sagging of hanging axes).
ƒFeatures:
ƒMotor cannot be started up involuntarily
ƒThe motor power supply is safely interrupted
ƒThe motor is not galvanic ally separated from the drive module
ƒSafe operating stop (SBH)
ƒThis function is used to safely monitor the zero speed position of an axis / spindle. The 
drives are fully functionally position-controlled resp. speed-controlled. With active monitoring, 
it is possible to enter, for example, safety areas during setup mode without deactivating the 
machine. An incremental motor measuring system is sufficient for this function. Monitoring is 
started each time the actual position value is changed.
ƒFeatures:
ƒAxis is controlled
ƒParameterize able zero speed tolerance window
ƒConfigurable stop response upon monitor response
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 13/41
Sinumerik Safety Integrated
Safe standstill (SH / STO), Safe Operating Stop (SBH /SOS) 
- Suitable for the field Ö wide acceptance
ƒ checking
ƒ measuring
ƒ cleaning
ƒ aligning
ƒ removing chips
ƒ changing 
work pieces
ƒ changing tools
ƒ ...
Drives in closed-
loop pos. control
ƒ hanging axes
ƒ non-symmetrical 
work pieces
ƒ axes “without“
friction
Working with open 
protective door
ƒ spindle can be 
rotated manually
ƒ EMERG. STOP
Drives, safe pulse 
suppression
ƒ Fast restart
ƒ No loss of accuracy
ƒ Less brake wear
ƒ ....
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 14/41
Sinumerik Safety Integrated
Safe stopping process
- Different stop conditions based on different stop reactions
ƒ Stop versions are activated
ƒ The braking phase is monitored (SBR), 
for Stop B and C
ƒ Interlocked against restart
by activating SH or SBH
ƒ External holding or operating brakes energized
Expected: Axes decelerate, stop and locked against restart
Effect: Protection against hazardous movements
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 15/41
Sinumerik Safety Integrated
Safe stopping process
- Flexible Ö Focused on the real process
ƒ active immediately
Öhigh degree of
personal safety
Light barrier
ƒ No program abort
Öfast contour 
re-approach
Open protection 
door
ƒ Controlled transition 
to mechanical 
clamping
Öno slippage
Hanging axisClosed protectiondoor
ƒ Contour path related 
Öto protect the 
machine components
ƒ To minimize running on
ƒ Fast re-approach
ƒ Reduced brake wear
ƒ ....
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 16/41
Sinumerik Safety Integrated
For Emergency Stop, a drive can be stopped in various ways.
This is the reason that IEC 60204-1 (2005) defines three stop categories:
Stop category 0:
ƒ The power supply is immediately disconnected
ƒ Either electromechanical or electronic shutdown
ƒ Electrical isolation is not required
Stop category 1
ƒ The drive is electrically braked down to standstill 
ƒ At standstill, the power supply is disconnected
ƒ Either electromechanical or electronic shutdown
ƒ Electrical isolation is not required
Stop category 2
ƒ The drive is electrically braked down to standstill
ƒ At standstill, the power supply is maintained
n
t
Braking Uncontrolled
t
Braking Controlled
n
Coast down Uncontrolled
n
t
Power off
Power
off
Power
remains
Power remains
Safe stopping process
- Stop categories according to IEC 60204-1
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒSafety of machines – electrical equipment installed on machines –
ƒPart 1: General requirements
ƒ(IEC 60204-1:2005, modified);
ƒGerman Edition EN 60204-1:2006
ƒStop cat. 0: Stopping by immediate disconnection of the power supply to the machines / 
drive elements; this does not necessarily have to be performed electro-mechanically; i.e. 
electrical isolation is not mandatory. 
ƒStop cat. 1: Controlled shutdown, whereby the power supply to the machines / drive 
elements is maintained in order to stop the machine;
the power supply is interrupted once the machine has come to a standstill. 
Controlled shutdown: Machine motion is stopped with power supply to the machines / drive 
elements, which is maintained while the machine is coming to a standstill.
ƒStop cat. 2: Controlled shutdown during which the power supply to the machine / drive 
elements is maintained.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 17/41
Sinumerik Safety Integrated
Safe stopping process
- Different stop conditions causes different stop reactions
Power
section
Internal 
stop
Light barriers,
pressure mats,
EMERGENCY 
STOP,
....
External
stop
HW -
SGE' s
HW -
SGA' s
Limit values 
exceeded
or system 
faults/errors 
recognised
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒThe drives can be safely stopped either using an external signal or, if a limit value is 
exceeded, using an internal response.
ƒInternal stopping
An "internal stop" is realized when the limit value is exceeded or after a system fault/error 
has been recognized. For instance, if the active SG (safely reduced speed) is exceeded or 
an encoder fault recognized, an "internal shutdown" is issued.
The "internal stop" always initiates an alarm which must be acknowledged with POWER ON 
or RESET. This means, that a program active at this time, is always exited.
ƒExternal stopping
The "external stop" can only be used in conjunction with the "safe programmable logic". 
Sensors are connected to the SGEs, whose signals initiate a safe stop (e.g. an 
EMERGENCY STOP pushbutton). Depending on these sensors, the shutdown is then 
initiated by Stop A (pulse cancellation), Stop C (braking with nset = 0) or Stop D (braking 
along the path).Generally, "external stop" does not initiate an alarm, so that active programs are only 
interrupted. After the message has been acknowledged (e.g. stop initiated by a light barrier), 
the program can be re-started at the position where it was interrupted.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 18/41
Sinumerik Safety Integrated
Safe standstill (SH) / Safe Torque Off (STO)
(Drives are safe off, pulse disable)
Safe operating stop SBH / SOS 
(Full torque drive still in closed-loop control)
Stop
A
Stop
F
Stop
E* 
Inclusive
retraction
conditions
Stop
C
with
setpoint
input “0“
Stop Category according to EN60204-1 and NFPA 79
0 1 2
Stop
D
Deceleration
on the contour
in the group
Stop
B
*In preparation for 840D sl
Safe stopping process
- Different stop conditions causes different stop reactions
Able to be triggered external by SPL
Only under fault conditions
with
setpoint
input “0“
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒ The stop responses shall safely stop all drives according to the relevant machine 
requirements. A differentiation is made between the stop versions Stop A, B, C, D, E, F and 
the test stop.
ƒ In case of fault, the stop response type may be specified by the system resp. configured 
by the machine manufacturer. 
ƒ Stop A
The drive coasts down if no external braking mechanisms such as armature short-circuit and/or holding brake 
are initiated. The axial alarm leads to a mode group stop, that means all axes and spindles included in a mode 
group are stopped following an axis fault. “Safe standstill“ (SH) becomes active at the end of Stop A.
ƒ Stop B
The drive is decelerated in speed-controlled mode at the current limit (prompt braking) and transferred to “safe 
standstill“ (SH). 
ƒ Stop C
The drive is decelerated in speed-controlled mode at the current limit (prompt braking) and transferred to “safe 
operating stop” (SBH).
ƒ Stop D
The drive is decelerated within the system, including simultaneous axes, depending on the relevant path and 
transferred to “safe operating stop“ (SBH).
ƒ Stop E
The drive is decelerated within the system, including retraction movements, depending on the relevant path and 
transferred to “safe operating stop“ (SBH). Currently only implemented on SINUMERIK 840C.
ƒ Stop F
The Stop F response is permanently assigned to crosswise result and data comparison. This features allows to 
detect faults on the drive and controller side. Stop B resp. Stop A response is triggered according to the relevant 
configuration. Transfer to “safe standstill“ (SH)
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 19/41
Sinumerik Safety Integrated
Safe stopping process 
- Detailed action overview
Reset 
MCP
SBH /SOSSG (SLS) / 
SE
Drive is braked along
the programmed retraction 
and stopping motion (ESR) 
SBH active
Results in stopping and
retraction + timer tE
started, tE =0: 
SBH is activated
E*
Reset 
MCP
SBH /SOSSG (SLS) / 
SE
Drive is braked as part of a 
group along the path
SBH active
Motor is braked along the 
acceleration + timer
tD started tD =0: 
SBH is activated
D
Reset 
MCP
SBH /SOSSG (SLS) / 
SE
The drive is braked along 
the OFF3 ramp
SBH active
0 speed setpoint is 
immediately entered +
timer tC started, tC =0: 
SBH is activated
C
Power 
On
SH /STOSBH / 
SG (SLS)
The drive brakes along the 
OFF3 ramp – transition 
into
STOP A
0 speed setpoint is 
immediately entered +
timer tB started, tB =0 or 
nact < n shutdown:
STOP A
B
Power 
On
SH / STOSBR / 
SG (SLS)
Drive coasts downPulse disable immediatelyA
Quit 
alarm by
Changes 
to
Initiated in 
response to
EffectAction Stop
*In preparation for 840D sl
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒ The stop responses shall safely stop all drives according to the relevant machine 
requirements. A differentiation is made between the stop versions Stop A, B, C, D, E, F and 
the test stop.
ƒ In case of fault, the stop response type may be specified by the system resp. configured 
by the machine manufacturer. 
ƒ Stop A
The drive coasts down if no external braking mechanisms such as armature short-circuit and/or holding brake 
are initiated. The axial alarm leads to a mode group stop, that means all axes and spindles included in a mode 
group are stopped following an axis fault. “Safe standstill“ (SH) becomes active at the end of Stop A.
ƒ Stop B
The drive is decelerated in speed-controlled mode at the current limit (prompt braking) and transferred to “safe 
standstill“ (SH). 
ƒ Stop C
The drive is decelerated in speed-controlled mode at the current limit (prompt braking) and transferred to “safe 
operating stop” (SBH).
ƒ Stop D
The drive is decelerated within the system, including simultaneous axes, depending on the relevant path and 
transferred to “safe operating stop“ (SBH).
ƒ Stop E
The drive is decelerated within the system, including retraction movements, depending on the relevant path and 
transferred to “safe operating stop“ (SBH). Currently only implemented on SINUMERIK 840C.
ƒ Stop F
The Stop F response is permanently assigned to crosswise result and data comparison. This features allows to 
detect faults on the drive and controller side. Stop B resp. Stop A response is triggered according to the relevant 
configuration. Transfer to “safe standstill“ (SH)
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 20/41
Sinumerik Safety Integrated
Safe Brake Ramp (SBR) 
- Brake phase monitoring – Detection of “running-off drives“
t [ms]
v [m/s]
t1 ÎSTOP B or Stop C Ö SBR is activated
t2 ÎSBR exceeded
t3 ÎSTOP A is activated (SH / STO)
Without external brakes
speed / velocity acceptance through 
mechanical friction only
Safe drive pulse suppression
(electronic power supply disconnection)
t1 t3t2
Acceleration due to
fault
Prompt
fault detection
Effective with Stop B and C
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 21/41
Sinumerik Safety Integrated
Safe Brake Management SBM
- Hanging axes often entail an insufficiently secured risk potential !
Example of loader
ƒ For loading and unloading 
machining centers
ƒ Flexible manufacturing line in 
the automotive industry
Danger potential:
ƒ Falling axis
Possible cause:
ƒ Defective mechanical brake
ƒ Control error
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 22/41
Sinumerik Safety Integrated
+
Safe brake management(SBM)
Safe brake test 
(SBT)
ƒ The brake is tested with 
the electric drive
ƒ The test torque is 
monitored
ƒ The movement of the axes 
is monitored
ƒ Plus and Minus (P/M) P/M 
switching control
ƒ The control cables are 
monitored
ƒ Forced checking
procedure
Safe brake control 
(SBC)
Safe Brake Management SBM (SBT + SBC)
- The existing mechanical brake is integrated in the safety concept
°Safe brake function in control category 3 
acc. to EN 954-1
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 23/41
Sinumerik Safety Integrated
Safe Brake Management SBM: Safe Brake Control (SBC) 
- The only drive based function, which can used with Motion Monitoring 
ƒ Can only be activated in conjunction with SH / STO (is not an autonomous function)
ƒ Switches with respect to 24 V and ground
ƒ Only the brake control (wiring etc.) is safety-relevant – not the brake itself!
ƒ SBC uses the same control channel as the holding brake or operating brake. With 
activated SBC and selection of SH / STO, the brake is closed irrespective of the 
operational brake control (similar to F-DO).
LoadPower connector
Motor with
integrated
brake
Motor Module
+24 V
M
BR+
BR-
Control and
monitoring
Channel 1
Channel 2
Monitoring
24 V supply
Motor
Module
U2 
V2 
W2
Diagnostics
24 V
M
Power cable
Connector 
for the 
brake
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒThe diagram only applies to booksize units; a Safe Brake Relay is required for blocksize
units.
ƒSBC is always activated together with STO, if SBC is parameterized.
ƒIt is used, e.g. for hanging/suspended loads.
ƒOne channel switches BR+ and the other BR-. With defined switching operations, short-
circuit or wire breakage can be diagnosed via BR-.
ƒOnly the control itself is safety-relevant, the brake is not safety relevant.
ƒSBC only functions for brakes connected at X12/X2.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 24/41
Sinumerik Safety Integrated
Safe Brake Management SBM: Safe Brake Control (SBC)
- SINAMICS integrated Safe Brake Control for the motor brake
Safe
brake control
SINAMICS
Motormodule 
24V
M
Conventional
brake control
24V
M
PLC
Drive 
The brake remains fully 
functional !
A vertical axis is safely held in 
its position
External brake no longer 
functional.
Vertical axis crashes
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 25/41
Sinumerik Safety Integrated
Safe Brake Management SBM: Safe Brake Control (SBC) 
- SINAMICS integrated Safe Brake Control for the motor brake
Safe
brake control
24V
M
Conventional
brake control
24V
M
PLC
Drive 
ƒ Decelerate drives as soon as possible
ƒ Close motor brake
ƒ Pulse disable
SINAMICS
Motormodule 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 26/41
Sinumerik Safety Integrated
Safe Brake Management SBM: Safe Brake Control (SBC) 
- Safe brake management of an “external brake” (via F – DO)
Safe
brake control
24V
M
Safe
I/O 
Conventional
brake control
24V
M
PLC
Drive 
ƒ Decelerate drives as soon as possible
ƒ Close motor brake
ƒ Pulse disable
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 27/41
Sinumerik Safety Integrated
Safe Brake Management SBM: Safe Brake Test (SBT) 
- Brake test – Principle of operation
FB 07.02 - 8.3 (8-393f)
Step 1:
The holding torque is measured with the 
controller active
refer to p1509 DESIRED_TORQUE
Step 2:
The brake is closed via S120 
(DBAXIS.DBX23.5), or via F-DOZ2
Actual holding torque mact
Step 3:
Position monitoring is activated
MD 36967 SAFE_BRAKETEST_POS_TOL
The torque limit value is changed-over
MD 36966 SAFE_BRAKETEST_TORQUE
Step 4:
Traversing command in the same direction as the weight acts: The motor acts 
(in addition) with a resulting torque against the brake
Resulting torque mDrive
Step 5:
Brake ok => The monitoring functions are de-activated and the 
brake is released
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 28/41
Sinumerik Safety Integrated
Safe Brake Management SBM
- Features and customer benefits
Significantly reduced risk
ƒ "Safe brake management" allows to safely perform all brake applications within a 
uniform process.
ƒ Data measured and test results incl. records are taken from trace functions
Less machine damage
ƒ The direct, electronic control allows to achieve minimum response times and 
reduces axis sagging. This prevents production failures following machine crash 
and increases plant availability.
Reduced brake wear
ƒ On account of the "safe operating stop" function, the vertical axis may be
transferred to the mechanical clamping device in exceptional cases only 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 29/41
Sinumerik Safety Integrated
ƒ The configurable speed limit values are 
monitored
ƒ A stop version can be assigned to each of 
the SG stage 1-4
Safely reduced speed (SG) / Safe Limited Speed (SLS)
- Reduced / Monitored speeds, to protect operator and machine 
Expected: Axes move with safely reduced speed only
Effect: Protection against high speed movements
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVEn
t
unexpected fault
scenario
Safe Stop reaction
SG 
Limit
value
speed
monitoringSG fault 
detection
ƒSafely reduced speed (SG)
ƒThe SG function is used to safely monitor the load-side speed of a drive. The actual drive 
speed is compared with the speed limit values, selected via SGEs, cyclically in the 
monitoring clock cycle. The speed limit values are defined in machine data. Various 
applications and operating statuses at the machine can be monitored using the speed limit 
values for SG1, SG2, SG3 or SG4.
A specific stop response can be configured for limit values SG1 to SG4. For instance, for 
fastest possible stopping in the setting-up mode, Stop C and in the automatic mode, Stop D 
in order to prevent, as far as possible, tool breakage/workpiece damage.
ƒIn addition, limit values SG2 and SG4 can be graduated in 16 steps (4 bits) via safety-
related inputs" (SGE). The entry is made as a % (1% to 100%) and is saved in a machine 
data table. This means, that overall, 34 freely-selectable speed limit values are available per 
drive - and personnel and machine protection can be implemented both in the setting-up 
mode and in the automatic mode.
ƒComment: For changeover gearboxes, the correct gear ratio must be selected!
ƒFeatures
ƒ The load-side speed limit values are safely monitored. 
ƒ The monitoring limit values are adapted to the various operating statuses (e.g. test, 
setting-up, automatic mode)
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 30/41
Sinumerik Safety Integrated
Safely reduced speed (SG) / Safe Limited Speed (SLS)
- with SG override - up to 34 safe limited speeds are available
ƒ The configurable speed limit values are monitored
ƒ A stop version can be assigned to each of the SG’s 1-4
SG3
SG1
SG4
SG2
SG selection
Index
[0 ... 3]
1 m/min
20 m/min
10 m/min
2 m/minSGE
SGE
SG Override
Index
[0 ...15]
1%
2%
5%
10%
...
100%
SGE
SGE
SGE
SGE
Application: 
e.g. safe grinding wheel circumferential velocity 
Effective SGBinary 
codingSGE
Evaluation 
tables
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒSafely reduced speed / velocity (SG)
ƒThe safely reduced speed / velocity function is used to safely monitor the load side drive 
speed / velocity. The current drive speed / velocity is cyclically compared with the speed / 
velocity limit value selected via SGEs. The speed / velocity limit values for SG1 to SG4 allow 
to monitor the most varied machine applications resp. operating statuses.
ƒSpecific stop responses can be configured for limit values SG 1 to SG 4. You can, for 
example, configure Stop C for prompt stopping in setup mode and Stop D during automatic 
mode to prevent machine damage.
ƒIn addition, you can grade the limit values SG 2 and SG 4 via “safety-related inputs“ using 
16 steps each. Thus, 34 freely selectable speed / velocity limit values are available in total for 
each drive. This guarantees the safety of staff and machines both in setup and automatic 
mode.
ƒFeatures:
ƒSafe monitoring of load sided speed / velocity limit values
ƒAdaptation of the monitoring limit values to different operating statuses
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 31/41
Sinumerik Safety Integrated
Safely reduced speed (SG) / Safe Limited Speed (SLS)
- in combination with “SG-specific setpoint limiting”
ƒ The setpoint speed is actively limited
ƒ Single-channel monitoring in the NCK
ƒ The setpoint limit is entered by the 
active SG stage
Application: 
e.g. in the "AUTOMATIC TEST“ operation
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 32/41
Sinumerik Safety Integrated
Safely reduced speed (SG) / Safe Limited Speed (SLS)
- Suitable for the field Ö wide acceptance
ƒ improved machine control
ƒ fast restart
ƒ high flexibility
ƒ ....
ƒ axes are only 
traversed using jog 
buttons
ƒ spindle is rotated
(depending on the 
machine with enabling 
button)
ƒ programs are 
tested (depending on 
the machine with the 
enabling button)
ƒ measuring
cycles executed 
Special applications
ƒ burst/rupture 
protection for
grinding wheels
ƒ max. spindle speed 
Æ dependent on 
the active chuck
ƒ protective door is 
only released below 
a speed nMax (n>nx)
ƒ ...
Working with open 
protective door
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 33/41
Sinumerik Safety Integrated
Safety related output n<nx, Safe Speed Monitor (SSM)
- Open door, when axes standstill
ƒ SSM provides a safe output signal (H level) if the drive falls below the set speed 
limit (nx).
ƒ A 2 channel signal, one in NCK, one in drive, is available. 
ƒ The value for nx can be set via MD / drive parameter
n
t
n x
t
SSM feedback signal
Application: 
e.g. door release, when all axes standstill 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 34/41
Sinumerik Safety Integrated
- Safe software Limit switch (SE) / Safe Limit Positions (SLP)
- Safe software CAM (SN) / Safe Cam (SCA) 
DO NOT 
ENTER
Safe software limit switch (SE) /
Safe Limit Positions (SLP)
ƒ Variable traversing range limits
ƒ A stop response is initiated if the range is violated
ƒ Two pairs of limit switches are available
ƒ Used instead off hardware limit switches
Safe software cams (SN) /
Safe Cam (SCA)
ƒ Variable range detection
ƒ Provides a safe signal
ƒ Up to 30 safe cams are available 
Expected: Drive remain within permitted traversing range
Effect: Range detection and a working zone can defined 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 35/41
Sinumerik Safety Integrated
Safe software Limit switch (SE) / Safe Limit Positions (SLP) and 
Safe software CAM (SN) / Safe Cam (SCA): Flexible Ö Process-orientated
ƒ Less parts subject to wear
ƒ Less wiring
ƒ Less mechanical parts
ƒ Less idle time
ƒ Replaces hardware 
limit switches
ƒ Definition of safety 
areas
ƒ Reversible
SN / SCA:
Recognition of
travel ranges
ƒ Replaces hardware 
cams
ƒ External stops can
be triggered
(work similarly to
SEs)
ƒ Up to 30 safe cams 
for each axis 
SE / SLP:
Limitation of 
positioning range
DO NOT 
ENTER
General informationSINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 36/41
Sinumerik Safety Integrated
Safety related Inputs (SGE or SRI) / Safety related outputs (SGA or SRO)
- Control and feedback signals of each NC axis
ƒSGE are safe inputs, to 
select / deselect safety 
functions for each axis
ƒSGA are safe outputs, 
which represent the 
actual safety conditions 
of each axis
SGE’s and SGA’s
controlled
by SPL !!!
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
AXIS 1
AXIS 2
......
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 37/41
Sinumerik Safety Integrated
Safe Programmable Logic (SPL) 
- Flexible implementation of fail safe sensors and actuators
ƒ Sensors / actuators can be directly 
integrated
ƒ Cyclic execution independently of the 
user program
ƒ Effective in all operating modes
ƒ Logic is immediately activated after 
system run-up
Expected: Actuators operate as a function of the sensors
Effect: Protection against undefined actuator responses 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 38/41
Sinumerik Safety Integrated
Max. 64 safety-related 
actuators can be connected
(e.g.: protective door
interlocking, motor brakes, ...)
Max. 64 safety-related signals 
can be directly connected
(e.g.: mode switch, light
barriers, EMERGENCY OFF, ...)
SGE
SGE
Cross
monitoring
NCK -
logic
operations
PLC -
logic
operations
SGA
SGA
Safe Programmable Logic (SPL) 
- Overview of the SPL structure
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒPreviously, safety-related signals were processed in external logic circuitry.
ƒUsing SPL (safe programmable logic), comprising NCK, PLC and SPL, the scope of the 
external circuitry required is significantly reduced. The previous logic operations are replaced 
by an SPL program (comprising the NC and PLC sections).
ƒFeatures
ƒA max. of 64 safety-related sensors and max. 64 safety-related actuators can be 
connected.
ƒ The logic operations, implemented by the user, are cyclically executed.
ƒAll of the instructions are effective in all of the modes.
ƒ The instructions immediately started from the PLC after the control system runs-up.
ƒIn order to check and monitor the functioning of the two SPL programs (PLC and NCK), the 
system program organizes cyclic data comparison between the PLC and NCK. This 
monitoring function is implemented independently by the NCK - CPU and PLC - CPU. A 
cross-monitoring data comparison is made of the signals, entering the SPL, and the safety-
relevant signals, generated by the SPL, as well as the internal statuses (flags).
© Siemens AG 2008 - Änderungen vorbehalten
Industry SectorSafety Integrated for Drives
Seite 39/41
Distributed fail safe I/O’s
(F-DI / F-DO)
SPL:
SAFE.SPF / FCxx
NCK CPU
$A_OUTSIP[1..64]
DB18.DBX62.0 -
DB18.DBX69.7
Output variables SPL
NCK
SGA / SGE-Signals
$A_INSI [1...64] 
Input variables SPL
MD36980-36990
$A_OUTSI [1...64] 
Output variables SPL
MD36970-36979 
Cross comparison of data 
and results
Monitoring
DB18-Comparison 
(Monitoring 1s)
MD10099 PS Monitoring cycle = MD10070 (IPO) x MD 10098(PS Ratio); (Max. 25ms)
$A_INSIP[1..64]
DB18.DBX54.0 -
DB18.DBX61.7
Input variables SPL
NCK-SPL
INSE / OUTSE
OUTSI / INSI
PLC-SPL
INSEP / OUTSEP
OUTSIP / INSIP
Drive 
SGA / SGE-Signals
MD36980..36990
36980: SBH/SG active
36981: SBH active
36982: SG active 
36985: n < nX
36987: Axis safely ref.
36988: SN1+ to SN4+
36989: SN1- to SN4-
36990: current Stop 
Output of the SI-Function
DB31...61 (Axis/Spindle)
DBX22.0: SBH/SG - Deselected
DBX22.1: SBH - Deselected
DBX22.3..4: SG-Selection
DBX23.4: SE-Selection
DBX23.0..2: Gear selection
DBX23.7: Test stop selection
DBX32.2..4: external STOPS
DBX33.4..7: SG-Override selection 
Input of the SI-Function
DB31..61 (Axis/Spindle) 
DBX108.0: SBH/SG active
DBX108.2: Status pulses del. 
DBX110.1: SBH active
DBX110.3..4: SG active
DBX110.5: n<nx
DBX108.7: Axis safely ref.
DBB109: SN1+ to SN4+
DBB109: SN1- to SN4-
DBX111.4..6: active Stop 
Output of the SI-Function
MD 36970..36978
36970: SBH/SG-Deselected
36971: SBH-Deselected
36972: SG-Selection
36973: SE-Selection
36974: Speed ratio selection 
36977: external STOPS 
36978: SG-Override selection
Input of the SI-Function
Alarm 27090
in case of fault and SPL protection
STOP D is released
Internal Outputs NCK 
$A_OUTSI -> SGE
Internal Inputs NCK
SGA -> $A_INSI
Internal Inputs PLC 
SGA -> $A_INSIP
Internal Outputs PLC 
SGE -> $A_OUTSIP
Alarm 27001 Code X
In case of fault STOP F 
-> may STOP B/A is triggered
Cross comparison of data 
and results
SPL-System variables
PROFIsafe-Periphery: 
Sensors, Actuators, 
Light curtains….
Mapping of 
SPL Outputs
$A_OUTSEP[1...64]
DB18.DBX46.0 to 
DBX53.7
Mapping of 
SPL Inputs
$A_INSEP[1...64]
DB18.DBX38.0
to DBX45.7
Mapping of
SPL Inputs
$A_INSE[1...64] 
MD 10386/10388
Input variables SPL
Mapping of 
SPL Outputs 
$A_OUTSE [1...64]
MD10387/10389
Output variables SPL
Alarm 27254 / 27255
HW-Fault PROFIsafe
Marker_SI
PLCSIIN
PLCSIOUT
Marker_SIP
PLCSIIN
PLCSIOUT
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 40/41
Sinumerik Safety Integrated
Safe Programmable Logic (SPL) 
- SPL application example: represents a simple machine tool 
Used SI functions:
ƒSH / STO:
Safe Torque Off
ƒSBH / SOS:
Safe Operation Stop
ƒSG / SLS:
Safe Limited Speed
Safety door
closed
AUTOMATIC
selected
AUTOMATIC
selected
No SG
selected
Spindle SG2
All axes SG2 All axes SBH
Spindle SH 
All axes SG1
YES NO
YES NO YES NO
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 41/41
Sinumerik Safety Integrated
The following signals are required for implementation:
INSE[P]: + Door switch
+ Automatic selected
INSI[P]: +
OUTSI[P]: + SBH_SG_Deselect axes
+ SBH_SG_Deselect spindles
+ SBH_Deselect axes
+ SBH_Deselect spindles
+ SG_Bit0 axes
+ SG_Bit0 spindle
+ STOP_A_Deselect axes
+ STOP_A_Deselect spindles
OUTSE[P]:+
Safe Programmable Logic (SPL) 
- SPL application example: represents a simple machine tool 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoringƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒ
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 42/41
Sinumerik Safety Integrated
SPL program SAFE.SPF (The logic must be implemented in PLC and NCK):
DO MI1_MANUAL_OPEN = (NOT IE1_SAFETY_DOOR_CLOSED AND NOT 
IE2_MODE_SELECTOR_AUTOMATIC)
DO MI2_MANUAL_CLOSED = (NOT IE1_SAFETY_DOOR_CLOSED AND 
IE2_MODE_SELECTOR_AUTOMATIC)
DO MI3_AUTOMATIC_CLOSED = (IE1_SAFETY_DOOR_CLOSED AND NOT 
IE2_MODE_SELECTOR_AUTOMATIC)
; ---SBH_SG Deselect---
Do OI1_DESELECT_SBH_SG_AXIS = MI2_MANUAL_CLOSED
Do OI2_DESELECT_SBH_SG_SPINDLE = MI2_MANUAL_CLOSED
; ---SBH Deselect---
Do OI3_DESELECT_SBH_AXIS = MI1_MANUAL_OPEN OR MI3_AUTOMATIC_CLOSED
Do OI4_DESELECT_SBH_SPINDLE = MI3_AUTOMATIC_CLOSED 
; ---SG Bit0---
Do OI5_DESELECT_SG_BIT0_AXIS = MI3_AUTOMATIC_CLOSED 
Do OI6_DESELECT_SG_BIT0_SPINDLE = MI3_AUTOMATIC_CLOSED
; ---Deselect Stop A SPINDLE---
Do OI8_DESELECT_STOP_A_SPINDLE = 
Safe Programmable Logic (SPL) 
- SPL application example: represents a simple machine tool 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
ƒ
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 43/41
Sinumerik Safety Integrated
Distributed F-DI / F-DO
- Connection overview
ƒ System based Safety (Motion Monitoring)
PROFIsafe Master PROFIsafe Slaves
PROFIsafe on X126 only
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 44/41
Sinumerik Safety Integrated
Distributed F-DI / F-DO
- Protection against undefined signal statuses
ƒ Distributed fail safe I/Os via PROFIsafe on PROFIBUS 
ƒ ET 200S
ƒ 4 F-DO
ƒ 4 F-DI
ƒ 4F-DI/3 F-DO
ƒ ET 200eco
ƒ ET 200pro
ƒ DP/AS-i F link
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 45/41
Sinumerik Safety Integrated
Cost-optimized solution for collecting basic safety sensors 
(emergency stop, light curtains, ...)
SIRIUS 
Position
switch
SIRIUS
Safety
Monitor
Emergency
StopEmergency
Stop
SIMATIC 
Light curtain
ASisafe Module
DP/AS-i
F-Link Optional: 
Conventional 
"ASIsafe island"
Safety Integrated for 
Sinumerik with 
PROFIsafe
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 46/41
Sinumerik Safety Integrated
Integrated Acceptance Test
- Software tool for machine manufacturers
Machines are verified in accordance with the EU Machinery Directive
ƒ Safety functions are tested (semi-automated)
within the scope of machine acceptance
ƒ Data measured and test results incl. records are taken from
trace functions
The following are tested
ƒ Single machines / special-purpose machines
ƒ Partial test of machine parts
ƒ Series commissioning of series machines 
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 47/41
Sinumerik Safety Integrated
Integrated Acceptance Test
- with easy-to-read interactive screen forms
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 48/41
Sinumerik Safety Integrated
Integrated Acceptance Test
- with interactive user guidance 
Systematizes the acceptance sequence
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 49/41
Sinumerik Safety Integrated
Integrated Acceptance Test 
- One screen contains all significant tests
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 50/41
Sinumerik Safety Integrated
Integrated Acceptance Test 
- Trace function: automatic configured
Convenient operation and time saving
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 51/41
Sinumerik Safety Integrated
Integrated Acceptance Test Wizard
- Final quality report located on the machine
Transfers the test results 
automatically into the acceptance test 
protocol
Quality report of the used Safety functions
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 52/41
Sinumerik Safety Integrated
F_SEND/F_RECEIVE (available in version 1.6/2.6)
- Safe CPU – CPU Communication
PROFIsafe – CPU 
Master
PROFIsafe – CPU 
Slave
Safe CPU – CPU Communication 
(F_SENDDP, F_RECVDP)
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒF_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 53/41
Sinumerik Safety Integrated
F_SEND/F_RECEIVE (available version 1.6/2.6) 
- Safe CPU – CPU Communication
Slave
F_RECVDP (Receiver)
I/O Range
Master
F_SENDDP (Sender)
I/O Range
F-Nutzdatentelegramm
6 Byte 
F-User data
2 Byte 
Control/Status
2 Byte 
Sequence number
2 Byte CRC
Out address: 288
Length: 12 Byte
In address: 298
Length: 12 Byte
In address: 288
Length: 6 Byte
F-Quit Telegram
2 Byte 
Control/Status
2 Byte 
Sequence number
2 Byte CRC
Out address: 298
Length: 6 Byte
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 54/41
Sinumerik Safety Integrated
F_SEND/F_RECEIVE (available in version 1.6/2.6)
- Safe CPU – CPU Communication
ƒ Static protection defined during the configuration
ƒ Connection ID (An ID, which exists once in the whole network and 
describes the communication path between sender and receiver)
ƒ Monitoring time (time, within the receiver has to acknowledge to the 
sender, that the telegram reached the receiver)
ƒ Dynamic protection inside the f-telegram
ƒ CRC (Checksum calculated with Connection - ID, send F–user data and 
control/status data)
ƒ Sequencenumber (numbered consecutively)
General information
SINAMICS S120 SI 
basic functions
Motion Monitoring
ƒ SH / STO
ƒ Function overview
ƒ Safe Stopping process
ƒ SBH / SOS
ƒ SBR
ƒ SG / SLS 
ƒ SBM (SBC, SBT)
ƒ n<nX / SSM
ƒ SN / SCA
ƒ SE / SLP
ƒ SGE SGA
ƒ Distributed F-DI / F-DO
ƒ SPL
ƒ Acceptance Test
ƒ F_SEND/F_RECEIVE
Safety Integrated for 
Sinumerik
Sinamics S120 SI basic functions
Sinumerik Motion Monitoring
General Information
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 56/41
Sinumerik Safety Integrated
Safety Integrated on 840D sl
ƒ Drive based Safety (Drive Integrated) 
Safe Standstill
on MoMo
Safe Standstill 
on NCU7x0
P24
P24
SH / SBC
Wiring via 
terminals 
necessary
Controlled
via
Hardware
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Sinumerik 
Motion Monitoring
General Information
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 57/41
Sinumerik Safety Integrated
Basic functions: Overview
Safety functions for drives
according to IEC 61800-5-2
Safe Stop 1 (SS1)
Safe Torque Off (STO)
Safe Brake Control (SBC)
Control 
via
EP terminals + 
DI on 
NCU7xx.x 
Safety Integrated basic functions for SINAMICS S120:
ƒ Control is performed via the EP terminals and a digital input of the control unit
ƒ Basic functions are contained as standard (license not required)
ƒ Basic functions do not require an encoder
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Sinumerik 
Motion Monitoring
General Information
ƒThe basic functions do not require a license
ƒThey do not require a sin/cos encoder
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 58/41
Sinumerik Safety Integrated
Safe Torque Off
Mode of operation (1)
ƒ The IGBT gating pulses are immediately cancelled after STO has been activated.
ƒ This means that the motor is safely brought into a no-torque condition. A motor 
that is still rotating coasts to a stop. 
Notice: The motor is not developing a torque, but it is not disconnected from the 
supply!
ƒ A holding brake is recommended for hanging/suspended axes. 
Æ STO (no torque)
Uncontrolled stopping 
(OFF2)
Drive coasts to a stop
n
t
STO 
activated
n
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Motion Monitoring
Motion Monitoring
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 59/41
Sinumerik Safety Integrated
Safe Torque Off (STO)
Mode of operation (2)
Motor Module
Channel 2
Diagnose
M
Driver 
stages
DC 
supply
V
Power
electronics
EP terminal
Numeric Control Unit
DI
DRIVE-
CLiQ
ControllerController
Channel 1
V
Monitoring
Assignment 
DI Æ drive
ƒ Controlled through two channels (independent shutdown paths with internal 
monitoring).
ƒ With Motor Modules (booksize, chassis), the EP terminals are located on the 
power unit.
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Motion Monitoring
Motion Monitoring
ƒ.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 60/41
Sinumerik Safety Integrated
Safe Torque Off (STO)
STO wiring, Terminal groups 
STO selected/deselected for each drive 
using two terminals:
ƒ 1. Control Unit shutdown path
The required input terminal for Safe Torque Off 
(STO) is selected via the BICO p9620[0]. Digital 
input DI 0 ... DI 7 on the Control Unit can be 
used as a signal source (NCU). NX modules 
have DI 0 to DI 3.
ƒ 2. Motor Module shutdown path
The input terminal is the ”EP” (”Enable Pulses”) 
terminal. Both terminals must be simultaneously 
energized, otherwise a fault will be issued.
Terminal groups
ƒ It must be possible to select/deselect the Safe 
Torque Off function separately for
group 1 (drive 1 and 2) and 
group 2 (drive 3 and 4).
ƒ The configuration of terminal groups, needs to 
be done for each group on the NCU and on each 
motor module.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 61/41
Sinumerik Safety Integrated
Safe stopping process, Safe Brake Control (SBC) 
- The only drive based function, which can used with Motion Monitoring 
ƒ Can only be activated in conjunction with SH / STO (is not an autonomous function)
ƒ Switches with respect to 24 V and ground
ƒ Only the brake control (wiring etc.) is safety-relevant – not the brake itself!
ƒ SBC uses the same control channel as the holding brake or operating brake. With 
activated SBC and selection of SH / STO, the brake is closed irrespective of the 
operational brake control (similar to F-DO).ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Motion Monitoring
Motion Monitoring
LoadPower connector
Motor with
integrated
brake
Motor Module
+24 V
M
BR+
BR-
Control and
monitoring
Channel 1
Channel 2
Monitoring
24 V supply
Motor
Module
U2 
V2 
W2
Diagnostics
24 V
M
Power cable
Connector 
for the 
brake
ƒSBC is always activated together with STO, if SBC is parameterized.
ƒIt is used, e.g. for hanging/suspended loads.
ƒOne channel switches BR+ and the other BR-. With defined switching operations, short-
circuit or wire breakage can be diagnosed via BR-.
ƒOnly the control itself is safety-relevant, the brake is not safety relevant.
ƒSBC only functions for brakes connected at X12/X2.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 62/41
Sinumerik Safety Integrated
Safe Stop 1 (SS1)
Mode of operation
ƒ After SS1 has been activated, the drive is braked along the OFF3 ramp (not in a 
safety-relevant fashion). The braking ramp is not monitored.
ƒ However, the braking time Δ t (this is not identical with the OFF3 time) is 
monitored (in a safety-relevant way) on two channels.
ƒ STO is activated after this braking time has expired
Æ STO (no torque)
Controlled 
stopping (OFF3)
n
n
t
SS1
activation
Δ t
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Motion Monitoring
MotionMonitoring
ƒBasic functions and extended functions are implemented differently.
ƒThe subsequent state in both cases is STO; in both cases, the drive brakes along the OFF3 
ramp; however, different step enabling to STO and the braking ramp is not monitored with 
basic functions.
ƒBraking ramp (OFF3) and the delay time must match one another; i.e. the drive must be 
able to be braked down to standstill within the delay time.
© Siemens AG 2008 – Subject for modifications
Industry Sector
Seite 63/41
Sinumerik Safety Integrated
Location of the safety terminals
for multi-axis drives
DI0 – DI7 
on terminals X122 
and X132 
EP terminal X21 (SMM)
or EP terminals
X21/X22 (DMM)
Sinumerik NCU Motor Module 
Booksize 
EP terminal X41 on CIB
Motor Module 
Chassis 
ƒ Safety terminals
ƒ Functions
SINAMICS S120 SI 
basic functions
Basics of drive 
technology
ƒFor the basic functions, there is only one safety digital input; this comprises a DI via the 
CU320 or D4x5 and another DI via the EP terminal of the Motor Module.
ƒX122.1 -.4 = DI0 – DI3; X132.1 - .4 = DI4 – DI7
ƒX21.3 (EP+), X21.4 EP ground
ƒThe same for CX32, whereby in this case there is only X122.
ƒFor a chassis module, the safety signal is always connected to terminals X41.1 (EP+) and 
X41.2 (ground). The connection is located on the control interface board at the rear of the 
electronic module.
ƒWith option K82, the safety terminal is wired to a user terminal strip for cabinet units. Here, 
a coupling relay is also connected in between (in order to trip with 230V and/or to connect 
several Motor Modules over a longer distance).
Safety Integrated for 
Sinumerik
Name: Timo Doering
Department: Siemens AG, I DT MC CS, Safety CoCS
Phone: +49 9131 98 3184
Mail: timo.doering@siemens.com
Thank you for your 
attention