3HAC066559 AM Functional Safety and SafeMove For OmniCore-en
3HAC066559 AM Functional Safety and SafeMove For OmniCore-en
3HAC066559 AM Functional Safety and SafeMove For OmniCore-en
Application manual
Functional safety and SafeMove
Trace back information:
Workspace 22A version a15
Checked in 2022-03-11
Skribenta version 5.4.005
Application manual
Functional safety and SafeMove
RobotWare 7.6
Table of contents
Overview of this manual ................................................................................................................... 9
Product documentation .................................................................................................................... 12
Safety ................................................................................................................................................ 14
1 Introduction 15
1.1 Overview of functional safety ............................................................................... 15
1.2 Safety ............................................................................................................. 18
1.2.1 Safety aspects for the safety module and SafeMove ...................................... 18
1.2.2 Standards conformance ........................................................................... 19
1.2.3 Specific safety requirements ..................................................................... 20
1.2.4 Safe design of SafeMove .......................................................................... 21
1.2.5 Certifications .......................................................................................... 23
1.2.6 Conclusion ............................................................................................. 24
1.3 Limitations ....................................................................................................... 25
1.4 Terminology ..................................................................................................... 29
1.5 Abbreviations and acronyms ............................................................................... 30
2 SafeMove functions 31
2.1 Overview of SafeMove functions .......................................................................... 31
2.2 General functions .............................................................................................. 34
2.2.1 Manual Operation Supervision ................................................................... 34
2.2.2 Contact Application Tolerance (CAP) .......................................................... 35
2.2.3 SafeMove Assistant ................................................................................. 37
2.3 Synchronization functions ................................................................................... 39
2.3.1 Software synchronization .......................................................................... 39
2.3.2 Hardware synchronization ........................................................................ 41
2.4 Supporting functions .......................................................................................... 43
2.4.1 Safe Brake Ramp .................................................................................... 43
2.4.2 Human Contact Supervision ...................................................................... 45
2.5 Supervision functions ........................................................................................ 46
2.5.1 Stand Still Supervision (SST) ..................................................................... 46
2.5.2 Axis Speed Supervision (ASP) ................................................................... 48
2.5.3 Tool Speed Supervision (TSP) ................................................................... 49
2.5.4 Axis Position Supervision (APO) ................................................................ 51
2.5.5 Tool Position Supervision (TPO) ................................................................ 53
2.5.6 Tool Orientation Supervision (TOR) ............................................................ 54
2.5.7 Tool Force Supervision (TFO) .................................................................... 55
2.5.8 Control Error Supervision ......................................................................... 58
3 Installation 59
3.1 Hardware ......................................................................................................... 59
3.1.1 Safety module ........................................................................................ 59
3.1.2 Sync switch ............................................................................................ 60
3.2 Software .......................................................................................................... 61
3.3 About safe fieldbuses ........................................................................................ 62
8 Maintenance 173
8.1 Required maintenance activities .......................................................................... 173
Index 211
Note
It is the responsibility of the integrator to provide safety and user guides for the
robot system.
Note
Usage
This manual should be used during installation and configuration of the safety
module, SafeMove, and the functional safety options.
Note
Before any work on or with the robot is performed, the safety information in the
product manual for the controller and manipulator must be read.
Prerequisites
The reader should have the required knowledge of:
• mechanical installation work
• electrical installation work
• working with industrial robots
• using RobotStudio
• personal safety
References
Reference Document ID
Application manual - PROFINET Controller/Device 3HAC066558-001
Application manual - EtherNet/IP Scanner/Adapter 3HAC066565-001
Operating manual - RobotStudio 3HAC032104-001
Safety manual for robot - Manipulator and IRC5 or OmniCore 3HAC031045-001
controller
Product manual - OmniCore C30 3HAC060860-001
Product manual - OmniCore C90XT 3HAC073706-001
Product manual - OmniCore V250XT 3HAC073447-001
Product manual - OmniCore C30 3HAC060860-001
Product manual - OmniCore C90XT 3HAC073706-001
Product manual - OmniCore V250XT Document.ID-1
Technical reference manual - RAPID Instructions, Functions and 3HAC065038-001
Data types
Product specification - Robot stopping distances according to 3HAC048645-001
ISO 10218-1
Technical reference manual - System parameters 3HAC065041-001
Tip
Revisions
Revision Description
A Released with RobotWare 7.0.2.
B Released with RobotWare 7.1.
• Stand Still Supervision is now possible in manual mode, see Configuring
Stand Still Supervision on page 146.
• The service mode is updated, see The Mode tab on page 104.
• Changes regarding Basic joint supervision made in section Limitations
on page 25, Overview of SafeMove functions on page 31, Manual Op-
eration Supervision on page 34, Safe Brake Ramp on page 43 and The
Visual SafeMove browser on page 78.
• Added support for PROFISafe Device.
C Released with RobotWare 7.2.
• Added sections Tool Force Supervision (TFO) on page 55 and Human
Contact Supervision on page 45.
• Added information about the SafeMove configuration application on
FlexPendant, see The SafeMove configurator app on FlexPendant on
page 106.
Revision Description
D Released with RobotWare 7.2.2 and RobotWare 7.3.
• Added guidelines for Human Contact Supervision, available for the
GoFa robot.
• Updated information about SafeMove configurator app on FlexPendant.
• Updated the overview of the SafeMove options, see Functional safety
options on page 16.
• Added support for IRB 910INV.
E Released with RobotWare 7.3.
• Added Guidelines for the option Extended working range on page 210.
F Released with RobotWare 7.4.
• Added information which robot controllers are supported, Supported
robot controllers on page 25.
• Added notes in section Tool Force Supervision (TFO) on page 55.
• Updated some sections regarding I/O Engineering Tool.
• Added updates to The Visual SafeMove user interface in RobotStudio
• Removed the reference section Connection of external emergency
stop, as this is not specific for the functional safety options.
• Added information about the SafeMove Assistant functionality.
• The title of this document is changed to Application manual - Functional
safety and SafeMove.
G Released with RobotWare 7.5.
• Added information for commissioning mode.
• Added more functionality for the SafeMove configurator app.
H Released with RobotWare 7.6.
• The functionality SafeMove Assistant is only active in automatic mode.
• Updated information for the SafeMove function Human Contact Super-
vision.
• Updated information for the SafeMove function Tool Force Supervision,
see Limitations on page 56.
• The signal names for safety stop configuration are corrected, see The
Stop Configuration button on page 74.
• Added information about response time to external stops, see Reaction
time on page 169.
• Added information about gravity parameters for GoFa.
• Information about online user guide added in section The SafeMove
configurator app on FlexPendant on page 106.
Product documentation
Categories for user documentation from ABB Robotics
The user documentation from ABB Robotics is divided into a number of categories.
This listing is based on the type of information in the documents, regardless of
whether the products are standard or optional.
Tip
Product manuals
Manipulators, controllers, DressPack/SpotPack, and most other hardware is
delivered with a Product manual that generally contains:
• Safety information.
• Installation and commissioning (descriptions of mechanical installation or
electrical connections).
• Maintenance (descriptions of all required preventive maintenance procedures
including intervals and expected life time of parts).
• Repair (descriptions of all recommended repair procedures including spare
parts).
• Calibration.
• Decommissioning.
• Reference information (safety standards, unit conversions, screw joints, lists
of tools).
• Spare parts list with corresponding figures (or references to separate spare
parts lists).
• References to circuit diagrams.
Application manuals
Specific applications (for example software or hardware options) are described in
Application manuals. An application manual can describe one or several
applications.
An application manual generally contains information about:
• The purpose of the application (what it does and when it is useful).
• What is included (for example cables, I/O boards, RAPID instructions, system
parameters, software).
• How to install included or required hardware.
• How to use the application.
• Examples of how to use the application.
Operating manuals
The operating manuals describe hands-on handling of the products. The manuals
are aimed at those having first-hand operational contact with the product, that is
production cell operators, programmers, and troubleshooters.
Safety
Safety regulations
Before beginning mechanical and/or electrical installations, ensure you are familiar
with the safety information in the product manuals for the robot.
The integrator of the robot system is responsible for the safety of the robot system.
1 Introduction
1.1 Overview of functional safety
Purpose
The purpose of the safety module and the functional safety options is to provide
a robust and easy-to-use safety controller in the robot system. Functional safety
includes a complete software and hardware solution that is fully integrated with
the robot controller and the RobotStudio programming environment.
SafeMove is the main functional safety option, but the safety module can also be
used in various applications without the SafeMove option. For example to
communicate with a safety PLC through safe fieldbus communication.
SafeMove functions
When using SafeMove, the safety controller ensures a high safety level in the robot
system by using supervision functions that can stop the robot. Note that the safety
module and the functional safety options is one component in the safety system
of a complete robot cell, normally complemented by other equipment (for example
light barriers) for detecting the whereabouts of the operator.
Function Description
Tool supervision Protects the operator and enhances machine and equipment safety
functions by supervising the position (Tool Position Supervision), speed (Tool
Speed Supervision) and orientation (Tool Orientation Supervision)
of the tool.
For some robots, the tool force can also be supervised (Tool Force
Supervision). This function also includes supervision of the axis
torque.
Axis supervision Protects the surroundings by supervising the axis position (Axis
functions Position Supervision) and the axis speed (Axis Speed Supervision).
Stand Still Supervi- Supervises the stand-still of robot axes without having to switch the
sion robot to Motors Off. It enables operators to perform tasks in the
immediate vicinity of the robot.
Contact application Allows the robot to be in contact with the work-piece in limited areas.
tolerance This can for example be used in applications where the robot is
used for grinding or during tool change.
Cyclic brake check Supervises that the brakes are checked with a cyclic interval.
Stop functions Triggers stop of the robot using safe fieldbus inputs from the safety
PLC.
Visual SafeMove
The safety module option gives you access to the Visual SafeMove configurator
in RobotStudio. With Visual SafeMove you can:
• configure and visualize supervision functions in a 3D environment.
• configure stop functions, such as automatic stop.
• configure Cyclic Brake Check.
• configure safe signals (safe Ethernet communication and I/Os are configured
in I/O Engineering Tool).
• configure signal logics.
• configure system status outputs.
There is also a SafeMove application on the FlexPendant. It has much of the same
functionality but the RobotStudio environment has more capabilities.
Basic approach
This is the general approach for setting up the safety module and SafeMove.
This can be done in RobotStudio or on the FlexPendant.
1 Connect the safety controller to other safety hardware and configure the safe
I/O connections.
2 Configure the settings for the SafeMove functions.
3 Download the configuration to the the safety controller. Restart the controller.
4 Synchronize the safety controller.
5 Make sure the activation input signals are activating the desired supervision
functions.
6 Validate the configuration.
7 Lock the configuration.
For more detailed instructions, see sections Installation on page 59 and Configuring
SafeMove on page 115.
Requirements
Robust supervision functionality in SafeMove requires correct settings of payload
and additional axes, since this will affect the calculated accepted servo lag. Also
note that external forces applied on the manipulator can cause a negative influence
on the supervision functions, since the servo lag might differ from the calculated
values, due to such external forces.
DANGER
1.2 Safety
Overview
The safety module is an integrated safety controller in the robot controller, with
the purpose of providing safety functionality for the robot. Safe output and input
signals are typically connected to cell safety circuitry by safe communication with
a safety PLC. The safety PLC can take care of interlocking in the robot cell, for
example, in order to prevent robot and operator to enter a the same area at the
same time.
In this chapter we describe how the safety module and SafeMove comply with
relevant safety standards and regulations.
Note
The safety module and SafeMove is only a part of the robot system, it is the
responsibility of the user to do a risk assessment of the robot system. It is also
the responsibility of the user of SafeMove to ensure that the robot system is
designed and installed in accordance with the safety requirements set forth in
the standards and regulations of the country where the robot system is installed.
Standards
The safety module and SafeMove has been designed to fulfill applicable parts of
the following standards.
• EN ISO 12100:2010 Safety of machinery - General principles for design -
Risk assessment and risk reduction
• EN 60204-1:2006/A1:2009 Safety of machinery - Electrical equipment of
machines - Part 1: General requirements
• EN ISO 10218-1:2011, Robots for industrial environments - Safety
requirements - Part 1: Robot
• EN 61000-6-2:2005 EMC, Generic immunity
• EN 61000-6-4:2007/A1:2011 EMC, Generic emission
• EN ISO 13849-1:2015 Safety of machinery - Electrical equipment of machines
- Part 1: General requirements
EN ISO 13849-2:2012 Safety of machinery - Safety-related parts of control
systems - Part 2: Validation
Note
Note
Overview
SafeMove has two important types of supervision functionality.
The first one being to ensure that the drive system is working correctly, making
the robot follow the ordered value from the main computer as expected.
The second being to supervise the robot position and speed and stopping the robot
or setting output signals to indicate a hazard.
Category 3 supervision
The supervision complies with category 3, that is, two separate channels shall
always give the same result. One channel consists of the drive system, motors,
resolvers, and measurement system. The second channel consists of the ordered
value from the main computer. These channels are compared using the SafeMove
evaluation circuits, which in itself is dual channel.
1.2.5 Certifications
Overview
The safety module and SafeMove has been certified by external organizations as
described below.
Certifications by UL
The safety controller DSQC1015, and included software, is approved by UL
according to the following standards:
• UL 1740, Standard for Robots and Robotic Equipment
• ANSI/RIA R15.06, Industrial Robots and Robotic Systems
• CAN/CSA Z434-14, Industrial Robots and Robot Systems - General Safety
Requirements
• CAN/CSA C22.2 No. 73-1953, Test of Electrically Operated Machine Tools
1.2.6 Conclusion
Conclusion
As has been shown above and confirmed by third party certifications, the safety
module and SafeMove fulfills all relevant current safety standards globally.
1.3 Limitations
Note
YuMi robots with SafeMove requires using the enabling device to enable the
motors in manual mode. For more information, see:
Product manual - IRB 14050
Note
WARNING
Supported tracks
SafeMove supports all ABB track motion units.
Supported positioners
SafeMove supports positioners that are single axis mechanical units. Positioners
with several axes are treated as multiple single axes, for example two axes
positioners will be treated by SafeMove as two single axes and can be monitored
as such using axis supervision.
Positioners that are used with activation/deactivation feature, is not supported.
The axes of the positioner must be active at all times.
In Basic joint supervision mode, no safe zones or tool supervision functions are
allowed. In addition, there are changes to some internal SafeMove supervision
functions:
• The manual mode speed supervision of the TCP, wrist center point, and
elbow are disabled. Instead, axis speed limits are set to approximate a
Cartesian speed limit. The user is responsible for validating that this speed
limit satisfies the requirements for safe manual mode operation.
• The Safe Brake Ramp supervision for the robot during a category 1 stop is
changed, so that SafeMove supervises that all robot axes will stop within 1
second.
Tool changer
SafeMove Pro supports up to 16 different tools. All included tools must have their
appropriate settings in the configuration file. The selection of tool must be
supervised using a safe fieldbus.
No deactivation
Additional axes that are used with activation/deactivation feature are not supported.
If additional axes are to be used, they must also be active at all times.
Independent joint
Independent joint cannot be monitored by SafeMove.
Responsive jogging
Category 1 stop is deactivated in manual mode when responsive jogging is active.
This is because a robot that is stopped with a category 1 stop follows its
programmed path while decelerating. When using responsive jogging there is no
defined path available.
Note
SoftMove
When SafeMove is used together with SoftMove there is a risk for servo lag
problems. The recommended action is to add a Contact Application Tolerance
(CAP) in the area where SoftMove is active.
For more information about SoftMove, see Application manual - SoftMove.
1.4 Terminology
Term list
Term Definition
Category 0 stop Stop by immediate removal of power to the actuators. Mechan-
ical brakes are applied.
A robot that is stopped with a category 0 stop does not follow
its programmed path while decelerating.
Category 1 stop Controlled stop with power available to the actuators to achieve
the stop. Power is removed from the actuators when the stop
is achieved.
A robot that is stopped with a category 1 stop follows its pro-
grammed path while decelerating.
Checksum A checksum is a unique identifier created during the safety
configuration.
Occupationally safe Safe for a person to be in an area.
Operationally safe Safe for the machinery but not safe for persons to enter the
area.
Safe input Dual monitored digital input.
Safe output Dual monitored digital output.
Safety controller A safety board used with the robot controller, handling Safe-
Move functionality.
Overview
This section specifies typical abbreviations and acronyms used in this manual.
Abbreviatons/acronyms list
Abbreviation/acronym Description
APO Axis Position Supervision
ASP Axis Speed Supervision
CAP Contact Application Tolerance
SST Stand Still Supervision
TOR Tool Orientation Supervision
TPO Tool Position Supervision
TSP Tool Speed Supervision
2 SafeMove functions
2.1 Overview of SafeMove functions
Overview
The SafeMove functions can be divided into the following categories:
• General functions, see:
- Manual Operation Supervision on page 34
- Contact Application Tolerance (CAP) on page 35
• Synchronization functions, see:
- Software synchronization on page 39
- Hardware synchronization on page 41
• Supporting functions, for example verification of brakes, see:
- Safe Brake Ramp on page 43
- Cyclic Brake Check guidelines on page 180
- Human Contact Supervision on page 45
• Supervision functions, can stop the robot or set a safe output signal, see:
- Stand Still Supervision (SST) on page 46
- Axis Speed Supervision (ASP) on page 48
- Tool Speed Supervision (TSP) on page 49
- Axis Position Supervision (APO) on page 51
- Tool Position Supervision (TPO) on page 53
- Tool Orientation Supervision (TOR) on page 54
- Tool Force Supervision (TFO) on page 55
- Control Error Supervision on page 58
Combining functions
The supervision functions can be used separately or in a variety of combinations.
When excluding the safety supervision from the configuration, the robot behaves
as if no safety module is installed. That means:
• Instead of Safe Brake Ramp a one second delay is used between the request
of a category 1 stop and the completing category 0 stop.
• No safety supervision of manual reduced speed.
• No safety supervision on the position data received from the serial
measurement board, SMB, and the drive system, (resolver input and
revolution counter).
• No need to synchronize and lock the configuration.
For information on how to exclude a robot from the safety configuration, see Robot
parameters node on page 78.
DANGER
Functionality
While Manual Operation Supervision is active, a supervision makes sure that the
tool center point (TCP), wrist center point (WCP), and elbow speed does not exceed
250 mm/s (unless a lower value is configured).
Manual Operation Supervision overrides safety functions by muting stops from
the safety controller due to supervision functions.
Note
DANGER
If Basic joint supervision mode is used, the supervision of the TCP, WCP, and
elbow speed is disabled.
Instead, axis speeds are supervised with limits set to approximate a Cartesian
speed limit, corresponding to the parameter Max speed in manual mode.
The user is responsible for validating that this speed limit satisfies the
requirements for safe manual mode operation.
If the speed in manual mode is determined to be too high, decrease the parameter
Max speed in manual mode.
Settings
The following parameters can to be configured for Manual Operation Supervision:
• Max speed in manual mode.
See Configure Manual Operation Supervision on page 122.
Function activation
Manual Operation Supervision is activated by switching to manual mode.
Functionality
Contact Application Tolerance relaxes the Control Error Supervision (servo lag)
to a higher value if all configured axes are within the defined axis range, or the
TCP is within the defined zone, and the activation signal is 0 (if used).
Contact Application Tolerance can be used, for instance, in machine tending, when
the servo loop gain is reduced (soft servo), or during Force Control. It is also useful
when external forces are applied to the robot, for example during tool change.
If the robot is within the defined range/zone, then the safety level is considered to
be operationally safe rather than occupationally safe. That means it is not safe for
personnel to be in the range/zone defined for Contact Application Tolerance.
For axis ranges, both reference value and measured value for all axes must be
within the defined range to be able to activate the relaxed control error. For zones,
both reference value and measured value for the TCP must be within the defined
zone to be able to activate the relaxed control error.
Up to 9 axes can be supervised simultaneously.
WARNING
When the Contact Application Tolerance is active then the dual channel safety
tolerance is reduced with the configured value. This must be considered in the
design of the robot application.
Settings
The following settings can be configured for Contact Application Tolerance:
• An axis range or a zone to apply Contact Application Tolerance for.
• Permissible control error for each axis, in degrees or mm on arm side.
• Set an output signal if a violation occurs.
• Set a status signal when the function is active.
How to define these settings is described in Configuring Contact Application
Tolerance on page 145.
Contact Application Tolerance can be used in combination with all other SafeMove
functions.
Limitations
Contact Application Tolerance is not considered to be active if the run chain is
open.
Related information
Control Error Supervision on page 58.
Purpose
SafeMove Assistant is a functionality in RobotWare that helps users to program
their application when there is an active SafeMove configuration. The assistant
will read the active configuration and plan the trajectories according to the limits
and settings in that configuration. It will set the speed so that SafeMove will not
trigger violations etc. It will also stop with error message in case the robot is
programmed to enter a forbidden zone etc.
SafeMove Assistant will automatically adjust robot behavior to adopt to the active
SafeMove configuration, the robot will adopt to speed limited zones and stop before
entering forbidden zones.
Note
Description
SafeMove Assistant will check if any SafeMove speed limit is active for any
Cartesian speed checkpoint (TCP, tool points, and elbow). If this is the case, a
corresponding speed limit is applied in the path planner. For technical reasons,
only the speed of the TCP, the wrist center point (WCP), and the elbow are limited
by the path planner. Therefore, in cases where other tool points move faster than
the TCP, SafeMove may trigger a Tool Speed violation. To avoid this, change the
program or decrease the value of the parameter SafeMove assistance speed factor
(see below).
SafeMove Assistant is not active in manual mode.
SafeMove Assistant does not take path corrections generated at lower level into
account. It is therefore an increased risk of SafeMove violations when running
applications like Externally Guided Motion or conveyor tracking.
System parameters
SafeMove Assistant can be disabled for the SafeMove validation etc. This is done
with the parameter Disable SafeMove Assistance, in the type in Motion System.
There are some parameters that can be changed in case robot system has minor
overshoot or in any other way triggers SafeMove violations.
Parameter Description
SafeMove Assist- That has a default setting of 0.96 which corresponds to 96% of speed
ance Speed supervision will be the speed that path planner will use. This parameter
Factor can be decreased to reduce that risk but can in most cases be left at
default value.
SafeMove assist- When robot is running on a zone border there is a small risk that Safe-
ance zone mar- Move can trigger violations when going in and out of the zone. This
gin parameter can be increased to reduce that risk but can in most cases
be left at default value.
For more information, see the parameters in the type Motion System described in
Technical reference manual - System parameters.
Software synchronization
Software synchronization is a function that makes sure that the safety controller
has the correct information regarding robot position.
Unsynchronized state can, for example, occur:
• If one or more axes were moving during shutdown or power off.
• After a failed synchronization.
Note
Note
Functionality
Software synchronization is initiated from the FlexPendant. How to execute a
software synchronization is described in section Performing a synchronization on
page 177.
If the synchronization attempt is unsuccessful, the synchronization procedure must
be executed again until successful.
Note
Settings
The following settings need to be configured for software synchronization:
• Status signal.
• Angles and positions of robot (and additional axes) at the synchronization
position.
Related information
Configure the synchronization position on page 126
Software synchronization guidelines on page 177.
Recovery after safety violation on page 171.
Hardware synchronization
Hardware synchronization is a function that makes sure that the robot calibration
is correct by using a physical synchronization switch.
Unsynchronized state can, for example, occur:
• If one or more axes were moving during shutdown or power off.
• After a failed synchronization.
Note
Functionality
The robot must move to a safe synchronization position to ensure that the safety
controller and the robot controller are synchronized. The safe synchronization
position is defined during configuration and stored in the safety controller.
The robot must move to the safe synchronization position and activate a switch.
When the switch is activated, the safety controller assumes that the robot revolution
counters are correct. It also calculates the arm position from the motor positions,
the gear ratio, and its internal revolution counter. If the position matches the stored
synchronization position within half a motor revolution, then the synchronization
is assumed to be correct.
If the synchronization is correct, the safety controller then sends a message to the
robot controller, confirming that the safety controller is synchronized to its
mechanical units, and continues with its regular operation.
Note
Settings
The following settings need to be configured for hardware synchronization:
• Synchronization signal.
• Angles and positions of robot (and additional axes) at the synchronization
position.
Limitations
• The safe sync position must be within reach for the robot. It must not be a
singularity, that is all six axis must have unique positions.
Related information
Configure the synchronization position on page 126
Hardware synchronization guidelines on page 179.
Recovery after safety violation on page 171.
Functionality
When a category 1 stop is triggered by the safety controller, the motors are used
for a controlled deceleration along the planned motion path. Safe Brake Ramp
supervises this deceleration. If the deceleration is too slow, a category 0 stop is
triggered. After 1 second, a category 0 stop is always triggered regardless.
A category 1 stop usually stops faster than the margins for Safe Brake Ramp, so
under normal circumstances Safe Brake Ramp does not trigger.
Note
Depending on the application, Safe Brake Ramp may trigger more often, for
example for tilted robot or heavy load. This results in a category 0 stop.
Note
If Basic joint supervision mode is used, the Safe Brake Ramp supervision is
changed to supervise that all robot axes will stop within exactly 1 second.
Settings
For track motions and other additional axes, the parameters Brake Ramp Limit
and Ramp Delay have to be set. The parameter Start Speed Offset is used for
both manipulator and all additional axes.
Function activation
Safe Brake Ramp cannot be dynamically activated/deactivated. If it is configured
to be active, it is always active.
Limitations
• Safe Brake Ramp only supervises category 1 stops initiated by the safety
controller. Stops initiated elsewhere, e.g. by the robot controller, are not
supervised.
Related information
Category 1 stop (see Terminology on page 29)
CAUTION
Functionality
Human Contact Supervision calculates the maximum allowed tool speed and
maximum allowed tool force and torque, for the functions Tool Speed Supervision
and Tool Force Supervision. The calculation can be done for transient contact or
quasi-static contact.
The speed, force, and applied torque on the tool and each joint shall be below the
limit for injuring the operator.
See ISO/TS 15066 for more information.
Settings
The following parameters can be configured for Human Contact Supervision:
• The mass of the tooling and workpiece.
• The surface area of the workpiece.
How to define these settings is described in Configuring Human Contact Supervision
on page 137. See also Guidelines for transient and quasi-static contact, CRB 15000
on page 187.
Note
This function is implemented for the reducing the risk in a clamping situation.
The speed must be taken into consideration for not causing injury in case of a
collision.
Limitations
• Human Contact Supervision is only available for CRB 15000 (GoFa).
• The calculation cannot be used for surface areas smaller than 1 cm 2 .
Functionality
Stand Still Supervision can supervise that a robot is standing still even if the servo
and drive system are in regulation. If any supervised axis starts to move, Stand
Still Supervision will cause a category 0 stop.
When Stand Still Supervision is active for all axes (including all additional axes),
the operator is safe from harm related by robot motion when entering the working
space of the robot.
8 different sets of up to 9 axes can be defined. When Stand Still Supervision is
activated for a set, all axes in that set are supervised.
DANGER
Working under an axis affected by gravity which has no balancing may require
a safety performance level (PL) "e", which is not provided by SafeMove. If this
kind of work is intended, the risk must be added to the risk analysis of the
installation and eliminated by other means (for example additional mechanical
stops).
DANGER
It is not allowed to enter the working space of the robot if a Contact Application
Tolerance function is active, even if a Stand Still Supervision function is active
at the same time.
DANGER
Note
If the robot tries to move due to an error during active Stand Still Supervision,
SafeMove will detect this and initiate a stop. Since there is a certain reaction
time involved a slight jerk may occur.
Settings
The following parameters can be configured for Stand Still Supervision:
• Assignment of safe inputs for activation of Stand Still Supervision.
Function activation
Stand Still Supervision is activated by a safe input signal, or is permanently active
if only output signal and no stop is used.
Note
If SafeMove becomes unsynchronized, the robot will stop and the Stand Still
Supervision function will be deactivated. A movement with reduced speed is
possible.
Limitations
• Stand Still Supervision is only available for SafeMove Pro, see Functional
safety options on page 16.
Functionality
Supervision of the speed for up to 9 axes (robot axes and additional axes). Up to
8 sets can be configured.
If any of the supervised axes is outside its allowed speed, the safety controller
triggers. This violation will cause a category 0 stop, a category 1 stop, and set an
output signal, depending on the configuration.
WARNING
Axis Speed Supervision is not active in manual operating mode and shall therefore
not be used to guarantee operator safety in that mode.
Settings
The following parameters can be configured for Axis Speed Supervision:
• An optional axis range or a zone for which the Axis Speed Supervision is
applied.
• Which axes to supervise.
• Maximum speed and minimum speed, defined per axis.
• Category 0 stop, category 1 stop, or no stop if a violation occurs.
• Set an output signal if a violation occurs.
• Set a status signal when the function is active.
• Assignment of safe input for activation of Axis Speed Supervision.
How to define these settings is described in Configuring Axis Speed Supervision
on page 140.
Function activation
Axis Speed Supervision is activated by a safe input signal, or is permanently active.
Limitations
• Axis Speed Supervision is only available for SafeMove Pro, see Functional
safety options on page 16.
• The highest speed limit that can be configured is 600 degrees/s for rotational
axes and 10000 mm/s for linear axes.
Functionality
Tool Speed Supervision supervises the linear speed (in mm/s) for:
• TCP for the active safety tool.
• Arm check point, "elbow".
(The position is depending on robot type and can be user defined, but is
located around axis 3).
• Wrist center point (WCP), in manual mode only.
• A number of configurable speed supervised points on the current tool.
If any of these points exceed the maximum speed, the safety controller triggers.
If the TCP moves slower than the minimum speed, the safety controller will also
trigger. The speed violation will cause a category 0 stop, a category 1 stop, or set
an output signal, depending on the configuration.
There can be up to 8 global sets of Tool Speed Supervision plus one for each zone
and axis range (up to 16 zones and 8 axis ranges).
WARNING
Tool Speed Supervision is not active in manual operating mode and shall therefore
not be used to guarantee operator safety in that mode.
CAUTION
Since the TCP speed is determined by the programmed speed it is very important
that the TCP of the active tool in SafeMove corresponds to the active tool of the
robot program.
Note
The resultant robot TCP speed can in some situations be higher than the
programmed TCP speed. This could happen for some robot types if the move
instructions are of type MoveJ or MoveAbsJ. If this occurs, either increase the
Max Speed for Tool Speed Supervision, or try to add intermediate robot targets
in the RAPID program.
Note
When the robot is running in manual mode, neither the elbow point nor the TCP
point will exceed 250 mm/s. When the robot is running in auto mode, the robot
controller will not consider the elbow speed when generating the path, only the
defined TCP speed and reorientation speed. (If additional axis exists in the
system, the speed data for this will also be considered.)
The result from this is that the elbow speed is sometimes higher than the
programmed TCP speed. Since Tool Speed Supervision supervises the TCP,
the elbow, and the speed supervision points on the tool, the speed of these points
must be taken into account when creating the RAPID program.
Note
Settings
The following parameters can be configured for each set of Tool Speed Supervision:
• An optional axis range or a zone for which the Tool Speed Supervision is
applied.
• Maximum allowed speed (in mm/s) for TCP, elbow, and speed supervised
points.
• An optional minimum speed for the TCP.
• Category 0 stop, category 1 stop, or no stop if a violation occurs.
• Set an output signal if a violation occurs.
• Set a status signal when the function is active.
• Assignment of a safe input for activation, or set as permanently active.
How to define these settings is described in Configuring Tool Speed Supervision
on page 138.
Function activation
Tool Speed Supervision is activated by a safe input signal, or is permanently active.
Limitations
• Tool Speed Supervision is only available for SafeMove Pro, see Functional
safety options on page 16.
• The highest speed limit that can be configured is 600 degrees/s for rotational
axes and 10000 mm/s for linear axes.
Functionality
Supervision of up to 9 axes (robot axes and additional axes) in each set. Up to 8
sets can be configured, one for each safe axis range.
If an axis in an active set exceeds its allowed range, the safety controller triggers.
This violation will cause a category 0 stop, a category 1 stop, and/or set an output
signal, depending on the configuration.
Settings
The following parameters can be configured for Axis Position Supervision:
• A safe range to which it should be applied.
• Category 0 stop, category 1 stop, or no stop if an axis is outside its range.
• Set an output signal if an axis is outside its range.
• Set a status signal when the function is active.
• Assignment of safe inputs for activation of each set of axis ranges, or set as
permanently activated.
How to define these settings is described in Configuring Axis Position Supervision
on page 144.
Function activation
Axis Position Supervision is activated by a safe input signal, or is permanently
active.
Examples
This example shows a robot with defined axis ranges for axes 2 and 3 in three
different positions. The function Axis Position Supervision supervises that axis 2
is within range x2 and that axis 3 is within range x3.
In positions A and B, all supervised axes are within the allowed ranges. In position
C, axis 3 is not within the defined range.
xx0600003331
Note
The ranges define axis angles, not the position of the TCP. In robot position C,
the TCP is still within what seems to be a safe range, but axis 3 is outside its
defined range.
Limitations
WARNING
Be aware of that the braking starts when the axis exceeds the configured limit
value.
The braking distance depends on robot type, load, position and speed, and
therefore an additional stopping distance may sometimes be required to achieve
the desired safety.
Functionality
Tool Position Supervision supervises that the robot and the active safety tool (and
any configured encapsulation around them) are within the defined zone. Up to 32
sets can be configured, max two per safe zone.
If the robot is outside its allowed zone, the safety controller triggers. This violation
will cause a category 0 stop, a category 1 stop, and/or set an output signal,
depending on the configuration.
Settings
The following parameters can be configured for Tool Position Supervision:
• A safe zone to which it should be applied.
• Assignment of a safe input for activation, or set as permanently active.
• Category 0 stop, category 1 stop, or no stop if the robot violates its zone
limits.
• Set an output signal if the robot violates its zone limits.
• Set a status signal when the function is active.
• If the upper arm should be included in the supervision, or only the tool.
• If the robot should be allowed only inside or only outside of the zone.
How to define these settings is described in Configuring Tool Position Supervision
on page 137.
Function activation
Tool Position Supervision is activated by a safe input signal, or is permanently
active.
Limitations
• Tool Position Supervision is only available for SafeMove Pro, see Functional
safety options on page 16.
WARNING
Be aware of that the braking starts when the tool or robot exceeds the configured
limit value.
The braking distance depends on robot type, load, position and speed, and
therefore an additional stopping distance may sometimes be required to achieve
the desired safety.
Functionality
Tool Orientation Supervision supervises the tool orientation. If the tool orientation
is outside its allowed tolerance, the safety controller triggers. This violation will
cause a category 0 stop, a category 1 stop, or set an output signal, depending on
the configuration.
Up to 8 sets can be configured.
CAUTION
Settings
The following parameters can be configured for Tool Orientation Supervision:
• An optional axis range or a zone for which the Tool Orientation Supervision
is applied.
• Allowed orientation of the tool in x and z directions including a tolerance.
• Assignment of a safe input for activation, or set as permanently active.
• Category 0 stop, category 1 stop, or no stop if a violation occurs.
• Set an output signal if the tool orientation violates its limits.
• Set a status signal when the function is active.
How to define these settings is described in Configuring Tool Orientation
Supervision on page 141.
Function activation
Tool Orientation Supervision is activated by a safe input signal, or is permanently
active.
Limitations
• Tool Orientation Supervision is only available for SafeMove Pro, see
Functional safety options on page 16.
Functionality
Tool Force Supervision supervises that the tool force and the joint torques are
below the specified limits.
Up to 8 sets can be configured.
If the force or torque exceed the allowed limit, the safety controller triggers. This
violation will cause a category 1 stop, and/or set an output signal, depending on
the configuration.
Note
Settings
The following parameters can be configured for Tool Force Supervision:
• The limit of the external force applied on the tool.
• An optional limit for the external torque applied on each joint.
• Assignment of a safe input for activation, or set as permanently active.
• Category 1 stop, or no stop if the force/torque limits are exceeded.
• Set an output signal if the force/torque limits are exceeded.
• Set a status signal when the function is active.
• If the axis torque supervision should be included.
How to define these settings is described in Configuring Tool Force Supervision
on page 143.
Note
When calculating the forces and torques, the Tool Force Supervision safety
function can account for the tool mass (see Configure the supervision functions
on page 137) but not any load held by the tool. Proper margins should therefore
be included when setting the limits for the function, to compensate for any
possible payload held by the tool.
Note
This function is implemented for the reducing the risk in a clamping situation.
The speed must be taken into consideration to prevent injury in case of a collision.
This can be set up with assistance of the supporting function Human Contact
Supervision on page 45.
Note
The external force on the tool is calculated from the torques at each joint using
a dynamic model of the robot. The accuracy of the calculated tool force depends
on the current position of each robot joint, as well as the movement and dynamics
of the robot.
Note
Note
Due to the robot stopping distance, the tool force and axis torques will increase
after TFO has triggered a stop. This must be taken into account when setting
the limits for the function. Proper speed limits can be used to limit the increase
in force/torque during the stop.
Note
In the presence of external forces acting on the robot arm, the accuracy of the
calculated tool force is reduced.
To avoid external forces exceeding the configured tool force limit, the user must
ensure that all external forces act exclusively on the tool, or use properly defined
axis torque limits to limit the forces acting on the robot arm.
Function activation
Tool Force Supervision is activated by a safe input signal, or is permanently active.
Limitations
• Tool Force Supervision is only available for SafeMove Collaborative, see
Functional safety options on page 16.
• Near-singular configurations should be avoided.
• Positions where axis 4 and axis 6 are aligned and the robot pushes in flange-z
direction should be avoided.
Continues on next page
56 Application manual - Functional safety and SafeMove
3HAC066559-001 Revision: H
© Copyright 2020-2022 ABB. All rights reserved.
2 SafeMove functions
2.5.7 Tool Force Supervision (TFO)
Continued
• A global Tool Force Supervision (TFO) has a high risk of causing false
triggers. TFO should only be set up in zones where clamping can occur.
Functionality
The control error (servo lag) is the absolute value of the difference between the
reference value and the measured value of the motor position of each axis.
Control Error Supervision is activated automatically after the safety controller has
been synchronized with the robot position.
When Control Error Supervision triggers, the following happens:
• The robot is stopped with a category 1 stop.
• An event log message (90511) is sent to the robot controller.
en0700000723
Function activation
Control Error Supervision is always active. It can only be relaxed by Contact
Application Tolerance.
3 Installation
3.1 Hardware
Safety module
The safety module is installed at delivery inside the main computer of the robot
controller. For more information, see the product manual for the controller.
Robot Controller
xx1600000249
3.2 Software
Install RobotStudio
The configuration environment, Visual SafeMove is included in the standard
installation of RobotStudio.
Action
1 Install RobotStudio.
Visual SafeMove is included in both the Minimal and Full version of RobotStudio.
2 Start RobotStudio.
3 Start Visual SafeMove by going to the Controller tab on the ribbon, click Safety and
select Visual SafeMove.
Note
RobotStudio must be of the same version or later than the RobotWare used.
Introduction
A safe fieldbus must be used for all I/O communication with the safety module.
The following safe fieldbus configurations are supported by the safety module:
• PROFIsafe F-Device
For information on the corresponding options numbers, see Functional safety
options on page 16.
DANGER
An emergency stop on the controller will not be forwarded to the safety PLC or
any other equipment if the robot controller is disconnected.
DANGER
CAUTION
Connections
The safe fieldbuses are connected directly to the Ethernet ports WAN.
The following figure illustrates where the Ethernet ports, connectors, are placed.
A B C D
xx1800000409
Label Description
A Local I/O Eth- Ethernet connection that can host a private industrial net-
ernet port work.
B Ethernet Ethernet connections that can host a private industrial net-
switch work.
C WAN Wide Area Network that can host a public industrial network.
D LAN Local Area Network that can host a public industrial network.
Note
The WAN and LAN ports are the public network interfaces to the controller,
typically connected to the factory network with a public IP address provided by
the network administrator.
The local I/O and the Ethernet switch can only be configured as private networks
to the OmniCore controller.
Configuration
For more information, see Application manual - PROFINET Controller/Device or
Application manual - EtherNet/IP Scanner/Adapter.
Action
1 Start RobotStudio with a virtual controller (with or without a station) or connect a real
controller.
2 In the Controller tab, click Online Monitor.
(Not needed when running a RobotStudio station.)
3 In the Controller tab, click Safety, then select Visual SafeMove.
Prerequisites
• Some functionality is only available for SafeMove Pro, see Functional safety
options on page 16.
• Only a user with the grant Safety Services is allowed to download a
configuration. See Set up safety user grants on page 119.
Limitations
The simulation functions are only available when running a RobotStudio station.
xx2000001847
Parts Description
A The Visual Safe- Displays groups of icons organized in a logical sequence of
Move ribbon function.
The Modify tab Is used by some functions in the Visual SafeMove ribbon to
display additional functionality.
B Visual SafeMove Displays all available SafeMove functions.
browser
C Visual SafeMove Displays all available properties and settings of the selected
Properties browser SafeMove function.
D Graphics window Is used to to visualize and configure safety zones in the Robot-
Studio station.
When not running a RobotStudio station, Online Monitor is
used to visualize the robot.
E Output window The output window displays information about events that occur
in RobotStudio, both general events and Visual SafeMove
events.
SafeMove Viola- Displays all violations that has occurred since the last restart.
tions window Click a violation in the list to show a detailed view of all geo-
metries that are related to the violation. The geometries that
are not related are automatically hidden.
The violations window can also be used to view a violation
when RobotStudio is connected to a real robot.
The tabs
The Visual SafeMove tab and the Modify tab contains groups of commands
organized in a logical sequence of functions that simplifies the configuration of
SafeMove, see The Visual SafeMove tab on page 68 and The Modify tab on page 75.
The browsers
The configured safety functions are available from the Visual SafeMove browser.
When a function is selected by clicking the node in the browser, the properties and
settings are displayed in the Visual SafeMove Properties browser, see The Visual
SafeMove browser on page 78.
Use the Visual SafeMove browser, or standard keyboard shortcuts, to cut, copy,
and paste zones both between zone types and between robots.
Tip
Robot number Upper arm in- Zone minim- Zone maxim- Robot allowed Robot not al-
cluded in Tool um speed lim- um speed lim- inside zone lowed inside
Position Su- it it zone
pervision
xx2000001831
Note
Tip
Most commands in the ribbon are also available from the Visual SafeMove
browser by right-clicking the nodes in the tree.
Configuration group
The Configuration group is used when creating, saving and loading SafeMove
configurations.
The safety configuration in RobotStudio that has not yet been written to the
controller is referred to as "local configuration". The safety configuration on the
controller is referred to as "controller configuration".
Button Description
New / Create a new controller configuration.
Controller Configuration
New / Create a new drive module configuration.
Drive Module Configuration The new configuration will be in the latest format version.
Open configuration Open a controller configuration.
The format version of the opened configuration will be kept.
Save configuration as Save the safety or geometry configuration to file.
For more information about the geometry configuration file,
see SafeMove geometry configuration file on page 192.
Import geometries Imports safety geometries such as zones, tools and robot
upper arm geometry from a safety configuration file or a
simplified configuration file generated by an external tool.
Geometries with the same name will be overwritten.
Import protected elements Imports the protected elements from the selected file. All
currently protected elements will be unprotected and the
protected elements in the selected file will be imported to
the local configuration. The protected elements checksum
of the local configuration will be the same as the selected
files protected checksum after this operation.
Button Description
Read from controller Reads the configuration from the safety controller.
Write to controller Writes the configuration to the safety controller.
Upgrade configuration to Upgrades the safety configuration to the latest format ver-
latest version sion. The checksums will be updated.
Reset to factory settings Resets the configuration in the safety controller to default
settings.
See also Reset safety controller to factory settings on
page 166.
Restore configuration Restores the configuration from file.
The file is restored as it is. It is not opened in RobotStudio.
Options group
The Options group contains display options for the Visual SafeMove user interface.
Checkbox Description
Show Labels Displays labels in the graphics window.
Tip
Most commands in the ribbon are also available from the Visual SafeMove
browser, by right-clicking the nodes in the tree.
Button Description
New Create a new tool.
Encapsulate Creates a geometry that encapsulates the selected tool.
Up to four different geometries can be used to create a more accur-
ate encapsulation of the tool.
Settings
The following settings are available in the Visual SafeMove Properties browser
after the tool has been created.
Setting Description
Make default Tool If more than one tool is configured, one of them must be selected
as default tool. The default tool will be used at startup of the control-
ler when no tool is selected by input signals. The last selected tool
will still be active if the signal combination becomes faulty.
The tool that already is the default tool has a greyed out button with
the text Is default Tool.
Activation Specifies the safety signal that activates the selected tool.
The setting Permanently active is used for a tool that is always
active. This setting needs to be deactivated to be able to create
more than one tool.
Function active Specifies a safety signal that indicates that the selected tool is active.
status The setting No signal is used for a tool that is always active.
Tool data Modify the tool data, or load a tool data from the RobotStudio station.
CAUTION
Speed supervised The tool can use up to eight points to supervise the speed of the
points tool.
By default all eight points are created. It is recommended to reduce
the number of points if all points are not required depending on the
shape of the tool.
After a zone has been created, the next step is to add safety functions to the zone.
This is described in section The Modify tab on page 75.
Tip
It is recommended to change the default name of the safe zone in the Visual
SafeMove browser to a name that better corresponds to the current installation.
Settings
The following settings are available in the Visual SafeMove Properties browser
after the zone has been created.
Setting Description
Tool Speed Supervi- Used to set the priority for overlapping zones. The zone with the
sion Priority highest priority will set the speed limit for the overlapping space.
• BASE - lowest priority.
• NORMAL - normal priority.
• OVERRIDE - highest priority.
For more information, see Configure the zones on page 132.
Tip
Create a BASE zone with a low speed limit that covers the entire
robot cell. This zone is then used to protect the fence. Add NORMAL
zones for the areas where the robot performs most of the work.
Additionally, add OVERRIDE zones for any areas where the robot
is allowed to move fast.
Note
Setting Description
Vertices Displays the vertices of the safe zone. It is possible to add or delete
vertices from the Visual SafeMove Properties.
Tip
Settings
The following settings are available in the Visual SafeMove Properties browser
after the range has been created.
Setting Description
Joint The joints of the robot.
Enabled Safe range is enabled for the joint.
Lower bound The lower bound limit in degrees.
Upper bound The upper bound limit in degrees.
Invert If selected, the supervised angles for that axis will be below the
Lower bound and above the Upper bound.
Settings
The settings for the global safety functions are the same as for the safe zones and
safe ranges. For information about the settings see The Add Safety Function group
on page 75.
Setting Description
Warning only, no If this checkbox is selected, the robot will not stop if a cyclic brake
stop check has not been performed on time. Only a warning will be written
to the event log and presented on the FlexPendant.
Max CBC test interval The maximum allowed time between cyclic brake checks.
Pre warning time The warning time before a cyclic brake check must be performed.
Standstill tolerance The maximum allowed movement during a cyclic brake check.
Supervision The minimum servo lag used for detecting that the cyclic brake
threshold check is performed.
ROB1 If a checkbox is deactivated, then cyclic brake check is deactivated
for that joint.
xx2000001830
Tip
Most commands in the ribbon are also available from the Visual SafeMove
browser, by right-clicking the nodes in the tree.
Note
For information about global functions, see The Global Functions button on
page 73.
Settings
The following settings are available in the Visual SafeMove Properties browser,
and are common for all safety functions.
Setting Description
Activation Specifies the safety signal that activates the supervision. The signal
is set to 0 for activation.
The setting Permanently active is used for a supervision that is
always active.
Function active status Specifies a safety signal that indicates that the selected safety
function is active. The signal is set to 1 when active.
The setting No signal is used if no signal should be used.
Violation action • Category0Stop - Stop by immediate removal of power to the
• Stop type actuators. Mechanical brakes are applied.
A robot that is stopped with a category 0 stop does not follow
its programmed path while decelerating.
• Category1Stop - Controlled stop with power available to the
actuators to achieve the stop. Power is removed from the
actuators when the stop is achieved.
A robot that is stopped with a category 1 stop follows its
programmed path while decelerating.
• NoStop - Passive monitoring with signaling function only.
Violation action Specifies a safety signal that indicates that the the axis speed su-
• Signal pervision is violated. The signal is set to 0 at violation.
The setting No signal is used if no violation signal should be used.
Note
The following settings are available in the Visual SafeMove Properties browser,
and are individual for each safety function.
Function Setting Description
ASP Speed limits The minimum and maximum speed for each robot joint.
TSP Speed limits The minimum and maximum speed for the tool.
SST Tolerances Specifies if Stand Still Supervision is enabled and the toler-
ance for each robot joint.
Setting Description
Max speed in manual mode The max speed cannot be higher than the default value of
250 mm/s, but a lower value can be set.
Note
If reducing the max speed that SafeMove allows in manual mode, the jogging
speed of the robot has to be reduced to the same value. Change the parameter
Teach Mode Max Speed, topic Motion and type Motion Planner. See Technical
reference manual - System parameters.
Setting Description
Elbow offset If any extra equipment is attached to the upper arm, a point
• Position X, Y, Z on this equipment can be defined as a check point. The robot
will then monitor the speed of this point so that it does not
exceed 250 mm/s in manual reduced speed mode.
See Explanation of Elbow offset on page 79.
Safe Brake Ramp Data A speed offset for the Safe Brake Ramp function.
• Start Speed Offset For track motions and other additional axes, the parameters
Brake Ramp Limit and Ramp Delay have to be set. The
parameter Start Speed Offset is used for both manipulator
and all additional axes, see Explanation of Safe Brake Ramp
on page 83.
The following settings are available when right-clicking the robot parameters node:
Setting Description
Basic joint supervision mode Set Basic joint supervision mode for the robot.
This setting is used with some combinations of robots and
external axes that are normally not supported by SafeMove,
such as robots mounted on a gantry or other non-track ex-
ternal axes.
In Basic joint supervision mode, no safe zones or tool super-
vision functions are allowed.
See Overview of SafeMove functions on page 31.
Setting Description
Exclude from configuration Excludes the robot from the safety configuration.
This setting must be used when configuring a safe fieldbus
on robots that are not supported by SafeMove. This setting
can also be used to exclude supported robots, for example
individual robots in a MultiMove application and robots run-
ning only a safe fieldbus.
See Overview of SafeMove functions on page 31.
DANGER
z3 zb
A A
x3 y3
yb
xx1300002628
A Elbow point
x3, y3, z3 Axis 3
yb, zb Robot base
Note
The values that are entered into Elbow Offset should also be entered into the
parameter Arm Check Point, topic Motion. This is to avoid different speed
calculations between the robot controller and SafeMove in manual reduced speed
mode.
For more information, see Technical reference manual - System parameters.
xx2000002721
A device, module or signal that is created in the I/O Engineering tool and written
to the controller I/O configuration will not be visible in the Visual SafeMove
automatically. A mismatch can occur when there is a change in the I/O configuration.
Since changes in the I/O Engineering tool does not get changed in the Visual
SafeMove automatically, when the user writes to the robot controller in I/O
Engineering tool, the Safe I/O node in Visual SafeMove indicates any mismatch
between the robot controller and Visual SafeMove. The Visual SafeMove Properties
browser will indicate any mismatch between the Visual SafeMove and the robot
controller I/O configurations.
xx2000002719
The differences between the two configurations can be visualized or the Visual
SafeMove safety configuration can be updated according to the System Parameters.
To view the difference between these configurations, click the Show diff button
and to update the Visual SafeMove configuration, click the Update button.
xx2000002720
Use the following procedures to remove mismatches to ensure that the robot
controller configuration and the Safety Controller configuration are synchronized.
Update Visual SafeMove according to robot controller I/O configuration
1 In the Visual SafeMove browser, select the Safe I/O node to open the Visual
SafeMove Properties window.
2 In the Visual SafeMove Properties window, click the Update button to update
the safety configuration according to the controller I/O configuration.
3 In the Configuration group, in the Controller drop-down menu, click Write
to controller.
Update robot controller I/O configuration according to Visual SafeMove
1 In the Visual SafeMove browser, select the Safe I/O node to open the Visual
SafeMove Properties window.
2 In the Visual SafeMove Properties window, click Show diff to view the
differences between the controller I/O configuration and Visual SafeMove.
3 Open the I/O Engineering Tool and manually update the configuration
according to the Differences between Robot Controller and Visual SafeMove
window.
4 In the Access group, click Write config to write the changes to the robot
controller.
Joint parameters
Setting Description
Servo lag Servo lag is the estimated lag (in radians on motor side) for the
additional axis.
For more information, see Servo Delay Factor and Servo Lag on
page 190.
Servo delay factor Estimated delay factor between reference position and measured
position (number of 4 ms units) when moving the additional axis.
(See TuneMaster, signal number 17 and 18.)
For more information, see Servo Delay Factor and Servo Lag on
page 190.
Max speed manual The maximum speed in manual mode.
mode
Setting Description
Safe brake ramp enabled Selects if safe brake ramp should be used for the additional
(check box) axis.
Ramp delay Delays the Safe Brake Ramp function. See figure below.
Default value: 200 ms.
Brake ramp limit If the actual deceleration is lower than the specified Brake
Ramp Limit, then Safe Brake Ramp will cause a category 0
stop. The value is specified for the arm side.
Start speed offset A speed offset for the Safe Brake Ramp function.
en0700000724
Synchronization node
Setting Description
Activation To use software synchronization, select Software synchron-
ization.
To use hardware synchronization, select the input signal
from the sync switch.
Synchronization status Specifies a safety signal that indicates that the safety con-
troller is synchronized The signal is set to 1 when synchron-
ized.
The setting No signal is used if no signal should be used.
ROB1 The axis position values of the robot.
• Joint
• Position
Additional axis The axis position value of the additional axis.
• Joint
• Position
4.6.1 Introduction
For instructions on how to perform the configuration, see Configure safe I/O on
page 130. For information on general rules and limitations see Safe I/O system rules
and limitations on page 99.
Introduction
The Signals view contains configuration of global safety signals (virtual signals)
to be used internally in RAPID and in the safety controller, see Global signals on
page 85.
The safety signals can be read from RAPID, but they can only be set from the
safety controller, see Accessing safe signals and feedback signals on page 85.
For more information on how to configure safe I/O, see Configure safe I/O on
page 130.
Global signals
The global signals are virtual signals that are to be used internally in RAPID and
in the safety controller. The user can create up to 2048 global signals. The signals
can be read from RAPID, but they can only be set from the safety controller, see
Accessing safe signals and feedback signals on page 85.
There is a set of predefined global signals that corresponds to safety functions
with the same names. It is allowed to change the names of these signals as long
as the signal is still mapped to the corresponding safety function. It is also allowed
to delete them as long as the function is replaced by another signal.
The global signals are made available in RAPID as feedback signals. The feedback
signals are inputs located on the simulated I/O device SC_Feedback_Dev on the
simulated bus SC_Feedback_Net.
Signal The signal that is currently mapped to the function (input, output,
or global).
Source The source gives information on which part of the system writes
value to the signal. This can be either Safe local I/O, Safety system,
or user defined.
The source also gives information on when a signal/alias gets its
value updated, i.e. Safe local I/O is first and Safety system is after
the pre-logic.
Mandatory True or false.
Some mappings are mandatory since they are used by the safety
controller.
Description See Description of safety functions on page 87.
Errors Displays error, for example when the mapping for a mandatory
function is missing.
Note
Function Description
ConfigurationLocked i True if configuration is locked.
Can, for example, be used as extra precaution by connecting
to a PLC that disables robot operation in automatic mode
when the configuration is unlocked.
DriveEnable True if power is enabled to the actuators.
DriveEnable is the safety controllers way of ensuring that
there is only power enabled to the actuators when there are
no safety violations. This is done through the superior stop
input on the panel board.
EmergencyStopActivated False if any emergency stop has been triggered. This can
be used to send the local emergency stop status to other
devices.
EnableSwitch The status of the connected three-position enabling switch.
ExternalEmergencyStop- The status of the emergency stop input on the front panel.
Status False indicates that emergency stop is active.
ExtComShutdownReq ii Set to True when the safe external communication is about
to be terminated, beginning in no less than 1 second. This
will happen in case of controlled shutdown, for example
during robot controller shutdown.
ExtComShutdownAck ii Only used only with ExtComShutdownReq. If True, the safety
controller is allowed to shut down before 1 second has
passed after the ExtComShutdownReq was set. For example,
this can be set to True by the PLC when preparations have
been made after ExtComShutdownReq is set to True.
LocalEmergencyStopStatus False if the emergency stop on the FlexPendant is pressed.
This can be used to send local emergency stop status to
other devices.
ManualMode True if manual mode is selected.
ManualFullSpeedMode True if manual full speed mode is selected.
DriveEnableFeedback True if the power to the motors is enabled.
SafetyEnable The SafetyEnable function should, when possible, be con-
nected to a safe input signal from, for example, a PLC. This
signal shall be set to True as soon as communication is up
and running.
When False, all signal activated supervision functions, such
as stop configurations, will be deactivated, and DriveEnable
will be set to False, disabling robot motion.
ServiceModeActive i True if Service mode is activated.
Stop0Status False if a category 0 stop is active.
Stop1Status False if a category 1 stop is active.
Note that this will be a very brief indication since a category
1 stop is converted to a category 0 stop when all robot motion
has ceased.
Function Description
SafetyControllerOperational True if the safety controller is running without errors.
It is False during start-up before SafetyEnable is set to True,
during shutdown of the controller or if there is a critical failure
of the safety controller.
CAUTION
Creating statements
Operators can be combined into complex statements.
Global signals can automatically be created from the statements by clicking Create
signals.
xx1600000054
Note
Signals between blocks are created internally and will not be available to the
user. For example the signal between the OR and the AND block in the above
picture.
Tip
First use the button Create signals to automatically create global signals from
the statement, then use cut and paste to move signals to safe inputs or outputs.
Tip
When viewing large statements, press the left mouse button to pan and use the
scroll wheel to zoom.
Note
<, <=, ==, >, Compares two integer values and Destination := Source1 < Source2
>=, != produces a Boolean result. Destination := Source1 != Source2
(smaller than, smaller/equal, equal, ...
larger than, larger/equal, not
equal)
ABS Absolute value of integer. Destination := ABS Source
COPY Copy integer value. COPY(Source, Destination1, Destina-
Copy integer value from source to tion2,...,Destination8)
up to eight destination signals.
Complex operators
These operators use a mix of bool and INT32 actuators and resultants. For a
more detailed description, see Description of the complex operators on page 93.
Operator Description
COUNT Counts number of pulses.
DELAY Timer
DECODE4LOW Integer to Boolean converter.
Decodes the binary value when for example selecting a tool.
DECODE4HIGH Integer to Boolean converter.
Decodes the binary value when for example selecting a tool.
DIV Divides two integer values with boolean error flag when dividing with
zero.
Note
Operator COUNT
This operator counts pulses on an actuator. If the Boolean actuator enable is
inactive then this operator does nothing. The integer resultant count retains its
current value.
If enable is active then count counts the number of inactive-to-active transitions
of the Boolean actuator pulse since the last active-to-inactive transition of clear.
The integer resultant count is limited by the value of the integer actuator limit.
When count reaches limit, then count will restart from 0 (zero) on the next
activation of the Boolean actuator pulse. When the resultant count is restarted
from zero the rollover resultant is activated and then deactivated on the following
execution.
xx1800002598
Operator DELAY
The delay operator is similar to the count operator, but instead of counting pulses
on an actuator it counts execution loops.
If the Boolean actuator enable is inactive then this operator does nothing. The
integer resultant count retains its current value.
If the Boolean actuator reset is activated (and enable is active) then the integer
resultant count is set to 0 (zero).
While enable is active, and reset is inactive, then the integer resultant count
counts the number of executions loops since the last active-to-inactive transition
of reset.
The integer resultant count is limited by the value of the integer actuator period.
When count reaches period, then count will restart from 0 (zero) on the next
execution. When the resultant count is restarted from zero and rollover is
activated until the next execution.
xx1800002599
Operator DECODE4LOW
Decodes the thee least significant bits of an integer actuator into eight individual
Boolean resultants if the fourth least significant bit of the integer actuator input
is low. I.e. for integer values between 0 and 7, (0xxx).
Maximum one output will ever be activated at the same time.
DECODE4LOW works in conjunction with the DECODE4HIGH operator to create
a 4 bits-to-16 decoder.
xx1800002600
Operator DECODE4HIGH
Decodes the thee least significant bits of an integer actuator into eight individual
Boolean resultants, if the fourth least significant bit of the integer actuator input
is high. I.e. for integer values between 8 and 15, (1xxx).
Maximum one output will ever be activated at the same time.
xx1800002601
Operator DIV
This operator divides two integer actuators and produces the quotient as an integer
resultant. If the denominator act2 is zero, then error is set and res1 keeps its
current value.
xx1800002602
Operator EDGE
The EDGE operator has two Boolean actuators, trigg and reset, and one Boolean
resultant result. When trigg is inactive then result is also inactive. When
trigg is active then the EDGE operator sets result to active upon a transition,
from inactive to active, on reset.
xx1800002603
xx1700000469
Operator MUX
The MUX operator has two integer actuators, input1 and input2, one Boolean
actuator select, and one integer resultant result. When select is inactive then
result obtains the value of input1. When select is active then result obtains
the value of input2.
xx1800002604
Operator REM
This operator divides two integer actuators and produces the remainder, modulo,
as an integer resultant. If the denominator act2 is zero, then error is set and
res1 keeps its current value.
xx1800002605
Feedback coupling
The feedback coupling feature refers to using the resultant integer output as an
input to the same operator.
xx2000001823
Note
The simulation functions are only available when running a RobotStudio station.
Introduction
When configuring a large number of robot systems in a factory or a large production
line, it is often desired to make the signal configurations similar or identical.
If every system has different signal names and different setups, then it will be very
difficult for the operator to understand the systems.
Therefore it is possible to create a basic configuration that can be used as a
template when configuring a new system. It is also possible to protect elements
in the configuration.
Note
There is not any automatic check of the protected elements checksum in the
robot system, this must be implemented by the customer.
Action Note/illustration
4 Save the controller configuration.
Note
Introduction
This section gives an overview of the Safety Controller control panel on the
FlexPendant. Views, buttons, and other parts of the user interface are described
in respect to their content and how they are accessed.
For more information on how to use the FlexPendant in general, see Operating
manual - OmniCore.
The safety configuration can be viewed from the Settings app.
xx1900000976
Tip
DANGER
Mode Description
Service Mode Service mode is intended to be used during service and
commissioning. In service mode all safety supervision is
deactivated, so it is possible to jog and run the robot without
limitations. The violation output signals are set high, indicat-
ing no violation. The communication to the safety PLC is
active so the configured safety stops are active.
Service mode is only allowed in manual mode. If the operat-
ing modes manual full speed or automatic mode is selected,
then service mode is deactivated and safety supervision
mode is activated by the safety controller.
The status bar on the FlexPendant displays that the safety
controller is in service mode.
Introduction
The application SafeMove on the FlexPendant offers an intuitive way to visualize
and configure a safety configuration for systems with the option SafeMove
Collaborative. This includes stop functions and Cyclic Brake Check. To get started,
see Use cases on page 109.
Tip
Use the online user guide tool, included in the SafeMove configurator app, for
help with the SafeMove configuration setup process.
Note
The SafeMove configurator app is currently only available for CRB 1100 and
CRB 15000.
The configuration follows the same principles as when using Visual SafeMove in
RobotStudio but the functionality is not as extensive. For full configuration of
SafeMove, see Configuring SafeMove on page 115.
For more information about transient contact, quasi-static contact, and body areas,
see Guidelines for transient and quasi-static contact, CRB 15000 on page 187.
Prerequisites
• The option SafeMove Collaborative is required.
Template configurations
The template configuration is adapted for the specific manipulator, and typically
contains one or two encapsulations of the arm, one encapsulation of the wrist
(intended for the tool), one or two safe zones, and a Cyclic Brake Check setting.
This configuration is typically a good start for a generic application with a smaller
tool.
The factory setting is an empty safety configuration. A loaded configuration can
be removed and the system is then reset to the factory setting.
Encapsulations
The encapsulations are geometries that can be in the shape of a sphere, capsule,
or lozenge. A sphere or capsule encapsulation can be modified in dimension and
position. A lozenge capsule can be modified in dimension, position, and rotation.
xx2100000712
Safe zones
The default safe zone is a rectangular box with four vertices. The vertices defines
the shape of the safe zone, and the position in space. More vertices can be added
to define the safe zone. The minimum number of vertices is 4, and the maximum
is 24.
Each vertex can be edited in x and y values.
xx2100000714
Each vertex is numbered, from 1 and up. When a new vertex is added between
two existing vertices the vertex numbers will be automatically adjusted so that they
come in order. For example, if a new vertex is added between vertices 2 and 3, the
vertex with index 3 will change to 4 and the new vertex will be indexed 3.
Use cases
Starting the SafeMove configurator app
The SafeMove configurator app is available on the home screen of the FlexPendant
for systems with the option SafeMove Collaborative. If the app is not shown, then
review the system settings in RobotStudio Installation Manager and add the option.
The first time that the app is opened, a default factory setting is loaded. This
contains only the manipulator with Cyclic Brake Check activated. There are no
encapsulations, safe zones, or tool data defined.
The factory setting can always be resumed, if needed.
To continue and create a safety configuration, see Use the template configuration
on page 109.
xx2100000715
3 Review that the template configuration is suitable for the intended application.
Note
Modify a configuration
Use the following procedure to modify a loaded configuration and apply it to the
robot controller.
1 Select Enable Edit Mode to edit the safety configuration.
2 If no configuration is loaded, load an empty configuration or a template
configuration.
3 To add or modify an encapsulation, tap Add and select a geometry for Robot
Encapsulation or Tool Encapsulation.
To modify the encapsulation, select it and modify the attributes.
4 To add or modify a zone, tap Add and Add Zone.
Select the safe zone and modify the attributes. See Modify a safe zone on
page 111.
5 To add or modify a global setting, tap Add and select Standstill Supervision
or Cyclic Brake Check. See Modify the Standstill Supervision settings on
page 113 and Modify the Cyclic Brake Check settings on page 114.
For a detailed description of global settings, see Configuring SafeMove on
page 115.
6 When the configuration is done, select Write to controller.
The safety report is presented on the screen.
Note
7 Save the safety report. Print out and sign this safety report.
See Validate the configuration on page 152.
8 Apply the configuration to the controller.
The controller is automatically restarted when applying the configuration.
xx2100000710
4 To add a supervision to a safe zone, tap to select the safe zone in the 3D
view, then tap Add.
5 Select a supervision function or guide.
xx2100000713
6 For supervision functions, select stop category, signal, and any other available
setting applicable for the function.
The functionality is described in detail in section SafeMove functions on
page 31.
7 For the guide Human Contact Supervision, select contact type, tooling
properties, and body contact areas.
See Use the Human Contact Supervision settings on page 112.
xx2100000251
xx2100000717
6 Configuring SafeMove
6.1 Recommended working procedure
General
This section describes the recommended working procedure when configuring
SafeMove for the first time. The working procedure helps to understand the
dependencies between the different steps. A good approach when creating a new
configuration is to start with the basic functionality. When that works as expected,
expand the application.
A prerequisite is that all steps in the hardware and software installation procedures
must have been performed, see chapter Installation on page 59.
For more information on what can be done with the configuration tool, see chapter
The Visual SafeMove user interface in RobotStudio on page 65.
Note
For systems with the option SafeMove Collaborative, much of the configuration
can also be done in the SafeMove configurator application on FlexPendant, but
the RobotStudio version is more capable. The descriptions in this section is
based on RobotStudio, but can be used also on the FlexPendant for the functions
that are available there. See The SafeMove configurator app on FlexPendant on
page 106.
Note
Basic steps
Use this procedure when configuring SafeMove.
Action See
1 Make some initial preparations. Preparations on page 117
2 Configure system parameters. Configure system parameters on page 118
3 Set the input and output size and name Application manual - PROFINET Control-
of the PROFINET internal device. ler/Device
4 Set up safety user grants. Set up safety user grants on page 119
5 Configure robot properties. Configure the robot on page 123
6 Configure the synchronization position. Configure the synchronization position on
page 126
7 Configure the SafeMove tool defini- Configure the tools on page 127
tions.
8 Configure safe I/O signals. Configure safe I/O on page 130
See also Application manual - PROFINET
Controller/Device
Action See
9 Configure zones and/or ranges. Configure the zones on page 132
Configure the ranges on page 134
10 Configure the supervision functions. Configure the supervision functions on
page 137
11 Configure other functions. Configure other functions on page 149
12 Load the configuration to the safety Load the configuration to the safety controller
controller. on page 151
13 Restart the robot controller.
14 Validate the configuration. Use the Validate the configuration on page 152
checksum to verify that the right config-
uration is used.
15 Set the safety configuration to validated Setting the configuration to validated on
and lock it. page 163
Setting the configuration to locked on page 163
6.2 Preparations
Preparations
Experience shows that when starting with a clean system it is good to first configure
the robot system and make some initial preparations before configuring SafeMove.
• Create a robot system with the option SafeMove Basic, or SafeMove Pro,
or SafeMove Collaborative.
• Define the coordinate systems that should be used in the robot system.
• Create tool data for all needed tools, and define the TCPs, tool loads,
payloads, and arm loads.
• Create work object data for all needed fixtures and define them.
Note
Type Arm
If an axis should be excluded from Cyclic Brake Check, set the parameter Deactivate
Cyclic Brake Check for axis to On.
The maximum working area for additional axes has to be limited according to
limitations specified in section Work area for additional axes on page 26. This must
be taken into consideration when entering the parameters Upper Joint Bound and
Lower Joint Bound. (The parameter values in radians or meters on arm side.)
Type Brake
If Cyclic Brake Check is executed on an additional axis, a lowest safe brake torque
must be defined. A 5% margin is added during the test for setting the fail limit. The
parameter used is Max Static Arm Torque defined in Nm on motor side. A warning
limit is set with a higher torque value (depending on the brake).
Note
Tip
WARNING
Users must be educated appropriately before given any grants related to safety
configuration or operation.
Action
1 Start RobotStudio with a virtual controller (with or without a station) or connect a real
controller.
2 In the Controller tab, click Online Monitor.
(Not needed when running a RobotStudio station.)
3 In the Controller tab, click Safety, then select Visual SafeMove.
Action Note/illustration
1 Click on ROB_1 (1) in the SafeMove.
2 In the SafeMove Properties browser, set The max speed cannot be higher than the
Max speed in manual mode. default value of 250 mm/s, but a lower value
can be set.
See also system parameters Teach Mode
Max Speed and Use checkpoint limitation
in world in section Configure system para-
meters on page 118.
xx2000001832
Action Note/illustration
1 Click on ROB_1 in the SafeMove browser
to specify the robot properties in the
SafeMove Properties browser.
2 Under Elbow offset, set the X, Y and Z See Explanation of Elbow offset on page 79.
values for the elbow point.
3 Under Safe Brake Ramp Data, set the See Explanation of Safe Brake Ramp on
Start Speed Offset. page 83.
4 Under Base frame, select reference co- See Explanation of Base Frame on page 80.
ordinate system.
xx1500000538
Action Note/illustration
1 In the Visual SafeMove browser, select
the robot (for example ROB_1).
2 In the Visual SafeMove ribbon, click on
the Capsule.
3 Click on the shape you have just created
to select it.
4 Fill in the parameters for the shape to
specify the position and size of the shape.
xx1600000129
Action Note/illustration
1 In the Visual SafeMove ribbon, click Stop
Configuration.
2 In Trigger signal, select the signal that Trigger signal definitions:
should trigger the stop. 0 = activate stop
1 = deactivate stop
3 If a status signal should be set when the Stop trigger status is a status signal telling
functionality is active, select the signal to if the configured stop has triggered.
use in Stop trigger status. Signal definitions:
If no output signal should be used, select 0 = stop triggered
No signal.
1 = stop not triggered
4 In Mode, select if it should be:
• Auto - puts the robot controller in
auto stop mode (AS).
• General - puts the robot controller
in general stop mode (GS).
• EmergencyStop - puts the robot
controller in emergency stop mode
(ES).
5 In Stop category, select if the function
should stop the robot with category 0 stop
or category 1 stop.
Action Note/illustration
1 If the axis should be part of the SafeMove
supervision, in the Visual SafeMove
browser right-click the axis and then se-
lect Include in configuration.
2 Specify Servo lag. Servo lag is the estimated lag (in radians
on motor side) for the additional axis.
For more information, see Servo Delay
Factor and Servo Lag on page 190.
3 Specify Servo delay factor. Estimated delay factor between reference
position and measured position (number of
4 ms units) when moving the additional axis.
(See TuneMaster, signal number 17 and 18.)
For more information, see Servo Delay
Factor and Servo Lag on page 190.
4 If safe brake ramp should be used for the See Explanation of Safe Brake Ramp on
axis, select the check box Safe brake page 83.
ramp enabled. Set the values for Ramp
delay, Brake ramp limit and Start speed
offset.
Some information about the additional axis is shown, but cannot be changed. This
includes joint limits, transmission gear ratio and measurement channel information.
xx2000001834
Action Note/illustration
1 Click on Synchronization in the Visual
SafeMove browser.
2 Select Activation. Software synchronization is always available
To use software synchronization only, even if hardware synchronization is con-
select Software synchronization. figured.
To also use hardware synchronization,
select the input signal from the sync
switch.
3 If a status signal should be set when the Signal definitions:
safety controller is synchronized, select 0 = not synchronized
the signal to use in Synchronization
status. 1 = synchronized
If no output signal should be used, select
No signal.
4 Jog the robot to the synchronization pos- It is also possible to specify the axis position
ition. values manually.
In the Visual SafeMove Properties
browser, click on Read current values.
Note
The tool must be correctly defined in RobotStudio for the automatic encapsulation
to work.
Action Note/illustration
1 In the SafeMove ribbon, click on the Tool
menu and select New.
Action Note/illustration
2 Select Activation. Tool signal definitions:
If no tool changer is used, select Perman- 0 = deactivate tool
ently active. 1 = activate tool
If a tool changer is used, select which in-
put signal should be used to activate this Note
SafeMove tool.
One, and only one, tool must be active at all
times.
xx1500000237
Action Note/illustration
8 Fill in the parameters for the shape to
specify the position and size of the geo-
metry.
xx1500000238
Note
Copying a tool
Action Note/illustration
1 Right-click on a tool and select Copy.
2 Right-click on the tool again and select A new tool is created with exactly the same
Paste. data as the first tool. The parameter values
can then be adjusted.
Deleting a tool
Action
1 Right-click on a tool and select Delete object.
Note
Note that Input signals and Output signals for PROFIsafe are handled in I/O
Engineering Tool, see Application manual - PROFINET Controller/Device.
Action
1 In the SafeMove ribbon, click on the Safe IO Configurator.
2 Select the Signals view.
3 Expand Global signals.
4 Click on an empty line and type the signal name.
5 Set Default value.
Note
The usage of a signal cannot be changed from the Safe IO Configuration, but
in the column Signal uses it is shown what functions use each signal.
Tip
xx2100002332
xx1600000139
Action Note/illustration
1 Select the Pre Logic or Post Logic view
in Safe IO Configuration.
2 Click on New expression.
3 At the bottom of the Safe IO Configura- If the result signal is not already configured,
tion, type the logical expression. click Create signal to automatically define
it as a global signal.
Tip
Creating a zone
DANGER
When setting zone limits, brake distances must be taken into consideration, so
that the SafeMove functions are configured with enough margin. If the robot hits
the zone limit, it starts to brake and needs the brake distance to stop. This occurs
outside the allowed zone.
Note that if the robot starts accelerating strongly just before reaching a configured
zone limit, there will occur a speed overshoot before decelerating. This may
result in a somewhat increased speed and extended braking distance compared
to a smoother speed situation.
Action Note/illustration
1 In the Visual SafeMove ribbon, click on A zone of default size is shown in the
Safe Zone. graphics window. The minimum size shall
be 40mm.
2 Specify Tool Speed Supervision Priority
for the zone. Tip
If two zones are overlapping, the zone
with the highest priority will set the speed If there is a small zone with higher allowed
limits for the overlapping space. speed (e.g. 1000 mm/s) inside a larger zone
If two overlapping zones have the same with lower allowed speed (e.g. 250 mm/s),
priority, the most restrictive values will be use higher priority for the small zone.
used in the overlapping space (lowest
max speed and highest min speed).
Note
3 Fill in the height of the box and the X and If you want to state the coordinates in anoth-
Y values for each corner. er coordinate system, select it in the field
Reference.
If the zone base should have another shape
than square, add a corner point by clicking
on a + button. For example, to add a new
point between point 2 and 3, click on the +
button at point 2.
An alternative to writing coordinates in the
Visual SafeMove Properties browser, is to
click and drag on the corners or sides. By
pressing the key X while dragging, the
dragging is done along the X-axis while the
Y value remains unchanged. By pressing
the key Y while dragging, the dragging is
done along the Y-axis while the X value re-
mains unchanged.
xx2000001846
Tip
To change the name of a zone, right-click on the zone in the Visual SafeMove
browser, select Rename and type the desired name.
Action Note
1 In the Visual SafeMove browser, click on
the zone to select it.
2 In the Visual SafeMove ribbon, click on
the function to create.
3 Configure the function according to Con-
figure the supervision functions on
page 137.
Creating a range
DANGER
When setting range limits, brake distances must be taken into consideration, so
that the SafeMove functions are configured with enough margin. If the robot hits
the range limit, it starts to brake and needs the brake distance to stop. This occurs
outside the allowed range.
Note that if the robot starts accelerating strongly just before reaching a configured
range limit, there will occur a speed overshoot before decelerating. This may
result in a somewhat increased speed and extended braking distance compared
to a smoother speed situation.
Action Note/illustration
1 In the Visual SafeMove ribbon, click on A range of default size is shown for each
Safe Range. axis in the graphics window.
2 Specify Upper bound and Lower bound
for each axis.
3 If an axis should be excluded from the
safe range, clear the check box Enabled
for that axis.
4 To supervise the inverted range for an
axis (below Lower bound and above Up-
per bound) select the check box Inverted
for that axis.
xx2000001835
Tip
To change the name of a range, right-click on the range in the Visual SafeMove
browser, select Rename and type the desired name.
Action Note
1 In the Visual SafeMove browser, click on
the range to select it.
2 In the Visual SafeMove ribbon, click on
the function to create.
3 Configure the function according to the
descriptions in section Configure the su-
pervision functions on page 137.
Action Note
1 In the Visual SafeMove browser, make
sure that no zone or range is selected.
2 In the Visual SafeMove ribbon, click
Global Functions and select function.
3 Configure the function according to Con-
figure the supervision functions on
page 137.
See Guidelines for transient and quasi-static contact, CRB 15000 on page 187.
Action Note
4 Select Signal to be set at violation. Note that if Stop category is NoStop, then
If no signal should be set at violation, se- Signal cannot be No signal.
lect No signal. Signal definitions:
0 = violation
CAUTION 1 = no violation
xx2100000234
xx2000001836
xx2100000234
5 Specify the maximum allowed speed in The maximum speed limit must always be
Max speed. larger than the minimum speed limit.
6 If a minimum TCP speed is going to be If a minimum TCP speed shall be used, the
used, specify the minimum allowed speed function cannot be both permanently active
in Min speed. and stopping the robot.
The minimum speed limit has a lower super-
vision limit of 2 mm/s. The minimum speed
limit supervision is disabled by entering a
limit of 0 mm/s.
xx2000001837
Action Note/illustration
4 Select Signal to be set at violation. Note that if Stop category is NoStop, then
If no signal should be set at violation, se- Signal cannot be No signal.
lect No signal. Signal definitions:
0 = violation
CAUTION 1 = no violation
xx2100000234
5 For each axis, specify the minimum If minimum axis speeds shall be used, the
speed, Min Speed, and maximum speed, function cannot be both permanently active
Max Speed. The values are given for arm and stopping the robot.
side in deg/s for rotating axes and mm/s
for linear axes.
xx2000001838
xx2100000234
5 Jog the robot so that the tool is in desired To exclude supervision for either X vector
orientation and click on Get vectors for or Z vector, clear the check box Enable
active tool. This will set both X and Z vector.
vector for the tool orientation.
or CAUTION
Manually specify the tool's X and Z vec-
tors in the world coordinate system. Since the tool data is determined by the
programmed tool, it is very important that
the active tool in SafeMove corresponds to
the active tool of the robot program.
6 Specify the Tolerance for both the X vec- The allowed orientation of X and Z are
tor and the Z vector. shown as cones in the graphics window.
xx2000001840
Note
If only torque limits are required, the force limit can be set to a high value.
Torque limits are relative an expected value.
See also Limitations on page 56.
Action Note/illustration
3 Select Signal to be set at violation. Note that if Stop category is NoStop, then
If no signal should be set at violation, se- Signal cannot be No signal.
lect No signal. Signal definitions:
0 = violation
CAUTION 1 = no violation
xx2100000234
4 Select the Force limit to the maximum The force applied by the work object needs
allowed force applied to the tool. to be taken into account when setting the
limit.
5 Select Enable Axis Torque if there are
possible contact points between the robot
arm and the operator.
6 Select Torque Limits for each joint.
Action Note
4 Select Signal to be set at violation. Note that if Stop category is NoStop, then
If no signal should be set at violation, se- Signal cannot be No signal.
lect No signal. Signal definitions:
0 = violation
CAUTION 1 = no violation
xx2100000234
xx2000001841
Action Note/illustration
2 If a status signal should be set when all Function active status is a status signal
violation functionality is active, select the telling if all configured violation actions (for
signal to use in Function active status. example, stop and output signal) will be ac-
If no output signal should be used, select tivated at violation.
No signal. Signal definitions:
0 = at least one violation action is disabled
1 = all violation actions are enabled
3 In Stop category, select if violation of the
function should stop the robot with cat-
egory 0 stop or category 1 stop.
4 Select Signal to be set at violation. Signal definitions:
If no signal should be set at violation, se- 0 = violation
lect No signal. 1 = no violation
CAUTION
xx2100000234
5 Under Tolerances, specify how much Set as low tolerances as the applications
deviation from ordered position that is permit, to keep the deviations as small as
tolerated for each axis. possible.
xx2000001842
xx2100000234
xx2000001843
Action Note/illustration
1 In the Visual SafeMove ribbon, click
Cyclic Brake Check.
2 If the robot should not be stopped when
the test interval has elapsed, select the
check box Warning only, no stop.
3 In Max CBC test interval, set the maxim- A value between 2 and 720 hours.
um allowed time (in hours) between brake
checks.
4 In Pre warning time, set how long before A value between 1 and 11 hours.
the end of the interval a warning should
be shown on the FlexPendant.
5 Do not change the default value for Standstill tolerance is used for Stand Still
Standstill tolerance unless absolutely Supervision during brake test. The motor is
necessary. in regulation during brake test, and a small
movement may be allowed. The size of the
allowed movement is specified in Standstill
tolerance (in radians on motor side). Typical
value is 2 radians.
6 Do not change the default value for Super- Supervision threshold defines the threshold
vision threshold unless absolutely neces- to verify that a brake check has been made.
sary.
7 If one axis should be excluded from the This must correspond with the axes that has
Cyclic Brake Check, clear the check box the system parameter Deactivate Cyclic
Enabled for that axis. Brake Check for axis set to On.
For axes not included in SafeMove, deactiv-
ation of the axes must be done by setting
the parameter Deactivate Cyclic Brake
Check for axis to On via RobotStudio for all
axes not included.
For more information, see Cyclic Brake Check guidelines on page 180.
Action Note/illustration
1 In the Visual SafeMove ribbon, click on
File and then select Save configuration
as.
xx1500000802
Action
1 In the Visual SafeMove ribbon, click on File and then select Open configuration.
2 Browse and select a file.
Click on Open.
Note
The configuration file can only be edited using RobotStudio. Changing the
configuration file in any other way will make the file invalid and it is not possible
to run the robot if this file is loaded.
Action Note/illustration
1 Log in as a user with the grant Safety See Set up safety user grants on page 119.
Services.
2 In the Visual SafeMove ribbon, click on
Controller and then select Write to con-
troller.
xx1500000801
DANGER
Note
Depending on the combination of functions and how they are activated, the
validation procedures described below may have to be modified for the specific
configuration.
Tip
Use RAPID programs in order to perform testing faster and to be able to repeat
them.
3 Turn off the SafeMove Assistant functionality, with the system parameter
Disable SafeMove Assistant.
4 Start the validation procedure.
Tip
To validate that the ranges have enough margins, let the robot move with
maximum allowed speed when reaching the range limits. Verify that the limits
are set with enough margin with respect to the breaking distance.
Validate the range limits for all configured ranges. It is enough to validate the limits
of each range for one function, since the range limits are treated equally for all
functions in the range. Perform the range limits validation using one of the following
functions (preferably Axis Position Supervision).
Tip
To validate that the zones have enough margins, let the robot move with maximum
allowed speed when reaching the zone limits. Verify that the limits are set with
enough margin with respect to the braking distance.
Validate the zone limits for all configured zones. It is enough to validate the limits
of each zone for one function and one tool, since the zone limits are treated equally
for all functions and tools in the zone. Perform the zone limits validation using one
of the following functions (preferably Tool Position Supervision).
Note
It is not necessary to validate each tool with each range/zone. It is enough if all
ranges/zones are validated with one tool and all tools are validated with one
range/zone.
Note
The TCP for the SafeMove tool must correspond with the TCP of the active tool
for jogging and RAPID instructions.
xx0700000696
Tip
Running the robot in auto mode with the configuration unlocked will result in a
warning message.
1 Log in as a user with the grant Lock Safety Controller Configuration.
2 In the Settings app, select the Safety Controller, and then Configuration.
3 Select the check box Locked.
For more information, see Locked safety configurations on page 167.
Concluding steps
After the validation is concluded, turn on the the SafeMove Assistant functionality,
with the system parameter Disable SafeMove Assistant.
xx1500000533
Introduction
The function Reset safety controller to factory settings clears all user settings
and loads a default configuration. The firmware of the safety controller is not
affected.
In rare cases the safety controller can get locked in safety state, for example when
loading an incompatible or poorly configured safety configuration or replacing the
robot controller. Then it is not possible to load another safety configuration without
first resetting the safety controller to factory settings.
Note
Upgrading RobotWare
If an upgrade of RobotWare is done by using the Installation Manager, the safety
configuration is kept as it is. A restore of the safety configuration is not needed.
Since the configuration is kept as it is, the checksum is the same and the
configuration is automatically locked after upgrade.
Downgrading RobotWare
SafeMove is not forward compatible. A safety configuration from a newer system
is not possible to use in an older system.
7 Running in production
7.1 Reaction time
Note
The time depends on the cycle time on the communication with the PLC. 24 ms
is the case when the cycle time is set to 8 ms.
Note
When a signal is set to 0 at violation, it will remain 0 for at least 250 ms even
after the violation has ended.
Restart modes
None of the restart modes Restart, Reset RAPID, or Reset system will affect the
safety configuration.
For more information about restart procedures, see Operating manual - Integrator's
guide OmniCore.
DANGER
Tip
Set up the User Authorization System so that only the safety user is allowed to
administrate installed systems.
Action
1 Switch to Manual mode on the robot controller.
2 Jog the robot back to a position that does not trigger any supervision function.
Action
1 Release and activate the three-position enabling device on the FlexPendant.
2 Jog the robot back to a position that does not trigger any supervision function.
Action Note
1 Press the motors on button on the robot controller. This allows the robot to be moved
at reduced speed.
2 Perform a synchronization.
Perform synchronization
If any of the following is done, a new synchronization is required:
• Revolution counter update
• Fine calibration
• Axis calibration
8 Maintenance
8.1 Required maintenance activities
9 RAPID components
About the RAPID components
This is an overview of all instructions, functions, and data types for functional safety
and SafeMove.
For more information, see Technical reference manual - RAPID Instructions,
Functions and Data types.
Instructions
Instructions Description
SafetyControllerSyncRe- SafetyControllerSyncRequest is used to initiate the hard-
quest ware synchronization procedure.
Functions
Functions Description
SafetyControllerGetCheck- SafetyControllerGetChecksum is used to get the safety
sum controller checksum for the user configuration file.
SafetyControllerGetSWVer- SafetyControllerGetSWVersion is used to get the safety
sion controller firmware version.
SafetyControllerGetUser- SafetyControllerGetUserChecksum is used to get the
Checksum safety controller checksum for the area with protected
parameters in the user configuration file.
Data types
There are no RAPID data types for functional safety and SafeMove.
10 Reference information
10.1 Synchronization guidelines
Note
Note
Performing a synchronization
WARNING
If the robot position is not visually verified, to make sure all robot axes are in
correct position, the synchronization can jeopardize the safety.
Note
Action
1 Move the robot to its sync position
(for example with MoveAbsJ).
Action
2 Visually verify that the robot is in If an axis is in wrong position, the revolution coun-
its sync position (all axes must be ters are most likely incorrect.
in correct position).
3 Go to the Safety Controller view.
4 On the tab Synchronization, tap
Synchronize.
Note
Note
Performing a synchronization
Action Note
1 Run a RAPID program with the This will make the controller responsive to the syn-
instruction chronization input signal for 30 seconds.
SafetyControllerSyncRequest.
2 Move the robot to a position close If an axis is in wrong position, the revolution coun-
to the sync switch. ters are most likely incorrect.
3 Slowly press the sync switch from If the approach is too fast, the accuracy of the robot
the desired direction. position may be too low.
Note
Note
Note
If Cyclic Brake Check is called together with the below combinations, then Cyclic
Brake Check will be executed for all axes and the safety controller will not take
any actions when the Cyclic Brake Check interval has passed or if the Cyclic
Brake Check fails:
• SafeMove system with an empty safety configuration.
• SafeMove system with a safety configuration, but without a configured Cyclic
Brake Check.
Action Note/illustration
1 Move the robot to a safe brake
check position.
2 On the FlexPendant, open the
Safety Controller view.
Continues on next page
180 Application manual - Functional safety and SafeMove
3HAC066559-001 Revision: H
© Copyright 2020-2022 ABB. All rights reserved.
10 Reference information
10.2 Cyclic Brake Check guidelines
Continued
Action Note/illustration
3 On the tab CBC, tap Execute.
M*g
Arm (3)
xx1600001289
To calculate the parameter for an axis that has no gravity, for example a track, the
below formula may be used:
Max Static Arm Torque = Tbrake min/1.35
Tbrake min for ABB motor units can be found in the product specification for the
specific motor unit, see Product specification - Motor Units and Gear Units.
Note
Note that the calculated value should be entered in [Nm] and calculated to the
motor side.
Brake maintenance
Brake maintenance is a feature in the CyclicBrakeCheck functionality.
CyclicBrakeCheck automatically detects if maintenance of the mechanical brakes
is needed and activates the Brake maintenance functionality during execution.
Brake maintenance applies the brake and turns the motor shaft 1 radian five times,
which gives a movement of the robot arm of less than 1 degree.
There are event logs that tell if Brake maintenance is needed, and if it has been
run.
For more information see parameter Brake Maintenance, type General Rapid, topic
Controller, in Technical reference manual - System parameters.
Introduction
Description of different signal states for Cyclic Brake Check (CBC).
Beginning of CBC
The following signals are set in the beginning of the CBC.
Signal Set to
SC1CBCOK 0
SC1CBCACT 1
SC1CBCERR 0
SC1CBCWAR 0
End of CBC
The following signals are set in the end of the CBC.
Signal CBC test OK CBC test WARNING CBC test ERROR
Set to Set to Set to
SC1CBCOK 1 0 0
SC1CBCREQ 0 0 1
SC1CBCERR 0 0 1
SC1CBCWAR 0 1 0
SC1CBCACT 0 0 0
SC1CBCPREWARN 0 0 No change
xx2100000711
Body model
As defined in ISO/TS 15066, the body model is a representation of the human body
consisting of individual body segments characterized by biomechanical properties.
The segments of the body model has different sensitivity. In general, the application
should be designed so that the human head and neck is never exposed to hazards.
xx2100000709
Conclusion
The values calculated in the Human Contact Supervision function are conservative.
However, if the risk analysis for the final application shows that these values can
be changed to a higher value, for example, by using padding on the arm, then the
values can be changed in the settings for the tool force supervision and tool speed
supervision.
CAUTION
In graph (b) in the figure below, the Servo Lag parameter is illustrated when the
measured signal is shifted with the Servo Delay Time. The measured position
should now be within a distance of +/- Servo Lag from the reference at every time
instance. If the measured position is outside the specified region the SafeMove
position supervision is triggered.
Servo Delay Time
angle angle
Servo Lag
me me
(a) (b)
en1100000626
Figure 10.1: Illustration of Servo Delay Time (a) and Servo Lag (b). Solid line is motor angular position
reference (test signal 17) and dashed is the corresponding measured motor angular position (test signal
18). In (b) the measured motor angular position signal is shifted Servo Delay Time in order to illustrate
that it is the time shifted signal (samples) that should lie within +/- Servo Lag radians from the reference.
Note
The signals in the figure are only for illustrative purpose. The Servo Delay Time
in a real system is small, typically in the range 12-16 ms, which means a Servo
Delay Factor in the range 3-4. If the Servo Delay Factor is incorrect the Servo
Lag has to compensate this since the difference between reference and measured
motor angular position will be large when the axis accelerates, runs at high speed,
or decelerates.
WARNING
The system is unstable and therefore dangerous during the tuning process, since
bad parameters or parameter combinations may be used! The safety procedures
of the robot system must be carefully followed throughout the tuning process.
10.5.1 Introduction
Overview
This section describes the SafeMove geometry configuration file that can be used
to import and export safety zones and related geometry to and from Visual
SafeMove.
The intended use of the file is to provide means to define and analyze the geometry
related part of a safety configuration in a tool external to RobotStudio and Visual
SafeMove.
The illustration below shows how the safety related geometry information can be
read from a file and written to a robot controller via Visual SafeMove. Vice versa,
the safety-related geometry information can be read from the controller by Visual
SafeMove and exported to a geometry configuration file.
Robot
controller
SafeMove geometry
Write to Read from
configuration file (public)
controller controller
xx1700000702
Unsupported functions
The following functions must be configured using Visual SafeMove in RobotStudio
and cannot be configured through the geometry configuration file.
• Contact Application Tolerance
• Stand Still Supervision
• Axis Speed Supervision
• Axis Position Supervision
• Tool Orientation Supervision
• External Power Supply
4 Import the SafeMove geometry configuration file into the external planning
tool so that the nominal safety zones are updated with the values from the
real robot.
10.5.3.1 Introduction
Overview
The purpose of the SafeMove geometry configuration file is to support data related
to the supervision functions:
• Tool Position Supervision
• Tool Speed Supervision
• Tool Orientation Supervision
The file can contain the tool encapsulation, speed supervision points, and the zone
definitions. This data is necessary, but not sufficient, to specify the functions. To
completely specify the functions then also activation signals, speed limits, and
whether a zone is an inside or an outside zone must be specified and added in
Visual SafeMove.
Summary
XML-tag Description
DriveModuleConfiguration 1-2 per controller
Robot 0-1 per DriveModuleConfiguration
Baseframe 0-1 per Robot
ElbowOffset 0-1 per Robot
UpperArmGeometry 0-2 per Robot
ExternalAxis 0-3 per DriveModuleConfiguration
BaseFrame 1 per ExternalAxis
Tool 0-16 per DriveModuleConfiguration
TCP 1 per Tool
ToolOrientation 1 per Tool
ToolGeometry 0-4 per Tool
SpeedSupervisionPoint 0-8 points per Tool
Name 1 per Tool
SafeZone 0-16 per DriveModuleConfiguration
Point 4-24 per SafeZone
Name 1 per SafeZone
XML schema
There is an XML schema available that defines the exact syntax and content of the
interface file. This is stored in an xsd-file and can be used to validate the content
of the xml-file.
The template file SimplifiedSafetyControllerSchema.xsd can be obtained from the
PC or the robot controller.
• In the RobotWare installation folder in RobotStudio: ...\RobotPackages\
RobotWare_RPK_<version>\utility\SafeMove2\
Note
Navigate to the RobotWare installation folder from the RobotStudio Add-Ins tab,
by right-clicking on the installed RobotWare version in the Add-Ins browser and
selecting Open Package Folder.
Overview
The DriveModuleConfiguration tag contains information about the motion
task.
There is a drive module configuration for each motion task of a controller system
monitored by SafeMove.
ID
The driveModuleId tag contains the ID of the motion task.
Each motion task must have a unique ID between 1 and 4. The ID is not visible to
the user.
Overview
The Robot tag contains information about the robot.
Name
The name tag is ROB_1 for a controller with only one manipulator. For a MultiMove
system the subsequent robot is called ROB_2.
Robot moved by
For track mounted robots, the movedBy tag specifies the name of the external axis
that moves the robot.
Base frame
The Baseframe tag specifies the robot mounting position relative to the controller
world coordinate system.
When importing a SafeMove geometry configuration file into Visual SafeMove, the
base frame values contained in the file will be replaced by the base frame of the
connected controller when creating the complete safety configuration. When
exporting the file, the Baseframe tag will contain the values of the actual base
frame of the connected robot.
Elbow offset
The ElbowOffset tag defines the point on the robot elbow that is speed monitored.
It should be the top-most point of the upper arm including any cable packages or
additional equipment.
reference point of the upper arm geometry is the same as the elbow offset of the
motion configuration file of the controller, moc.cfg.
xx1700000703
Overview
The ExternalAxis tag contains information about external axes.
Name
The name tag contains the name of the external axis. For example TRACK_1.
Axis type
The axisType tag must be Track for a track motion.
Base frame
The Baseframe tag specifies the position and orientation of the track motion.
10.5.3.5 Tool
Overview
The Tool tag contains information about the tools.
A tool consists of a set of shapes and a set of points. The shapes are used by the
function Tool Position Supervision and the points by the function Tool Speed
Supervision.
Up to 16 tools can be defined.
ID
The id tag contains the ID of the tool.
Each tool must have a unique ID between 1 and 16. The ID is not visible to the
user.
Name
The name tag contains the name of the tool.
Tool geometry
The ToolGeometry tag defines the number of shapes.
A tool consists of up to four shapes, so called sphere-swept volumes. A shape can
be a sphere, a capsule, or a rounded box (lozenge).
xx1700000705
The shapes are generated by a sphere with a certain radius in combination with a
point, a line, or a plane, respectively.
The sphere is trivially generated by placing the generating sphere on a point. A
capsule is generated by letting the center of the generating sphere travel along a
line. A rounded box is generated by letting the center point of the generating sphere
travel along a plane.
The below figure shows an example of a tool encapsulation with an ABB FlexGun
covered by a capsule and a rounded box.
xx1700000706
xx1700000707
xx1700000708
Overview
The SafeZone tag contains information about the safe zones.
The functions Tool Position Supervision, Tool Orientation Supervision, and Tool
Speed Supervision are based on zones. Up to 16 safe zones can be defined.
ID
The id tag contains the ID of the zone.
Each zone must have a unique ID between 1 and 16. The ID is not visible to the
user.
Name
The name tag contains the name of the zone.
The name will be visible to the user and presented in the controller event log in
case of a safety violation.
Points
The Point tag defines the points of the zone.
A zone is defined by minimum 4 up to 24 points in the X-Y plane of the controller
world coordinate system in addition to the bottom and top in the Z direction.
Limitations
Any of the coordinates must not exceed ± 1000 meters. The edges of a zone must
be at least 0.1 m and they must not intersect. The zone must be wider than 0.1 m.
A corner of a zone must have an angle between 30 and 330 degrees.
The below illustration shows the constraints that must be met by any zone definition.
xx1700000704
10.5.4 Example
Overview
This section contains an example of an XML-file for a MultiMove systems with two
robots. The first robot, ROB_1, is mounted on a track motion, TRACK_1, whereas
the second, ROB_2 is mounted on the floor.
The example file defines the zones in the below illustration.
xx1700000709
Example file
<SimplifiedSafetyConfiguration
xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
xmlns="urn:abb-robotics-simplified-safety-controller-configuration">
<DriveModuleConfiguration DriveModuleId="1"
maxSpeedManualMode="0.25">
<Robot name="ROB_1" startSpeedOffset="0.1" movedBy="TRACK_1">
<Baseframe>
<Translation x="0" y="0" z="0" />
<Quaternion q1="0.707107" q2="0" q3="0" q4="0.707107" />
</Baseframe>
<ElbowOffset x="-0.252" y="0" z="0.342" />
<UpperArmGeometry xs:type="Capsule" name="UpperArm"
radius="0.357727">
<Start x="-0.268245" y="-0.017373" z="0.190867" />
<End x="1.03026" y="-0.096637" z="0.167713" />
</UpperArmGeometry>
<UpperArmGeometry xs:type="Sphere" name="HosePackage"
radius="0.5">
<Center x="-0.084216" y="-0" z="0.305324" />
</UpperArmGeometry>
</Robot>
<ExternalAxis name="TRACK_1" axisType="Track">
<Baseframe>
<Translation x="0" y="0" z="0" />
<Quaternion q1="1" q2="0" q3="0" q4="0" />
</Baseframe>
</ExternalAxis>
<Tool id="1" name="tFlexGun">
<TCP x="0" y="0.1485" z="0.8015" />
<ToolOrientation q1="0.5" q2="0.5" q3="-0.5" q4="0.5" />
<ToolGeometry xs:type="Lozenge" name="GunBody" radius="0.183332"
width="0.542759" height="0.5">
<Pose>
<Translation x="0.063143" y="0" z="0.377878" />
<Quaternion q1="0.707107" q2="0" q3="-0.707107" q4="0" />
</Pose>
</ToolGeometry>
<ToolGeometry xs:type="Capsule" name="BodyRight"
radius="0.181797">
<Start x="0.2" y="0.2" z="0.15" />
<End x="0.2" y="-0.3" z="0.15" />
</ToolGeometry>
<ToolGeometry xs:type="Sphere" name="Electrode"
radius="0.144212">
<Center x="0" y="0.162418" z="0.78145" />
</ToolGeometry>
<ToolGeometry xs:type="Capsule" name="BodyLeft"
radius="0.181797">
<Start x="-0.2" y="0.2" z="0.15" />
<End x="-0.2" y="-0.3" z="0.15" />
</ToolGeometry>
<SpeedSupervisionPoint x="-0.212" y="-0.499717" z="-0.005" />
<SpeedSupervisionPoint x="-0.212" y="0.3855" z="-0.005" />
<SpeedSupervisionPoint x="-0.212" y="0.3855" z="0.8515" />
<SpeedSupervisionPoint x="-0.212" y="-0.499717" z="0.8515" />
<SpeedSupervisionPoint x="0.15799" y="-0.499717" z="-0.005" />
<SpeedSupervisionPoint x="0.15799" y="0.3855" z="-0.005" />
<SpeedSupervisionPoint x="0.15799" y="0.3855" z="0.8515" />
<SpeedSupervisionPoint x="0.15799" y="-0.499717" z="0.8515" />
</Tool>
<SafeZone id="1" name="RobotZone1" top="2.889806" bottom="-0.5"
speedLimitPriority="NORMAL">
<Point x="3.181233" y="3.743311" />
<Point x="2.13778" y="3.552878" />
<Point x="2.042189" y="2.624328" />
<Point x="-0.430474" y="2.750736" />
<Point x="-0.359415" y="-0.735027" />
<Point x="8.319961" y="-0.790136" />
<Point x="8.181677" y="2.193857" />
<Point x="6.422987" y="2.805629" />
Introduction
The option Extended work range enables an extension of the working range for
axis 1, through a software configuration. With this option installed, the working
range can exceed the range limited by the mechanical stop on axis 1. The working
range shall be limited through the option SafeMove.
A risk analysis must be done to ensure that no risks remain when using option
Extended work range, to limit the working range, and before removing the
mechanical stops.
For information about the option SafeMove, see Application manual - Functional
safety and SafeMove.
If the mechanical stop is removed, then the manipulator should have a marking
for this, for example, a label. If the robot is delivered with the option Extended work
range, then such a label is included on delivery.
The working limit of axis 1 must be restricted to ensure that the stopping position
is not outside the maximum allowed axis angle for the selected manipulator, for
example, 220°. This can be done using a physical limitation or using SafeMove.
Note
The limits for safe range and Axis Speed Supervision must be tested case by
case using the highest possible speed, highest used payload, and longest
possible axis reach. The speed and axis range for the supervision must be defined
for ensuring that the robot, in all cases can stop inside the maximum allowed
working range of axis 1. The working range depends on the robot, for example
on an IRB 7600, the maximum extended working range is +/-220°.
Index installing
RobotStudio, 61
RobotWare, 61
A software, 61
additional axes, 26
integrator responsibility, 14
work area limitations, 26
IsBrakeCheckActive, 180
APO, 30, 51
ISO 10218, 23
ASP, 30, 48
ISO 13849-1, 23
axis calibration, 172
Axis Position Supervision, 30, 51 L
description, 51 limitations, 25
axis range, 52 load configuration, 150
Axis Speed Supervision, 30, 48 locked configuration file, 163, 167
description, 48
M
B maintenance, 173
base coordinate system changed, 172 Manual Operation
Basic joint supervision mode, 78 using, 171
brake check Manual Operation Supervision
guidelines, 180 description, 34
MoveAbsJ, 177, 179
C
CAP, 30, 35 N
category 0 stop, 29 non ABB additional axes, 26
category 1 stop, 29
Certifications, 23 O
checksum, 29 occupationally safe, 29
compatibility, 25 open configuration, 150
Configuring SafeMove, 115 operationally safe, 29
Contact Application Tolerance, 30, 35 option
description, 35 Extended working range, 210
Control Error Supervision
description, 58 Q
Cyclic Brake Check quasi-static contact
guidelines, 180 definition, 187
signal description, 183
R
D range, 52
deactivation, 27 RAPID components, 175
download configuration, 151 RAPID non motion execution, 28
reaction time, 169
E rebuilt robot cell, 172
electronically linked motors, 27 recovery, 171
exclude from configuration, 32, 79 replaced robot part, 172
extended working range, 210 replaced tool, 172
external axes, combined, 26 response time, 169
restarting controller, 170
F revolution counter updated, 172
factory settings for SafeMove, 107 ribbon, 66, 68, 75
fine calibration, 172 robot controllers supported by SafeMove, 25
FlexPendant application, 106 Robot Encapsulation
floor plan, 153 FlexPendant application, 106
robots supported by SafeMove, 25
G
gantry, 26 S
Global Settings Safe Brake Ramp, 83
FlexPendant application, 106 description, 43
grants, 119 safe input, 29
SafeMove application, 106
H SafeMove Assistant, 37
hardware synchronization
safe output, 29
description, 41
safety, 14
Human Contact Supervision, 45
safety configuration report, 153
description, 45
safety controller, 15, 29
I SafetyControllerGetChecksum, 175
include safety settings, 165 SafetyControllerGetSWVersion, 175
independent joint, 27 SafetyControllerGetUserChecksum, 175
ABB AS
Robotics & Discrete Automation
Nordlysvegen 7, N-4340 BRYNE, Norway
Box 265, N-4349 BRYNE, Norway
Telephone: +47 22 87 2000
ABB Inc.
Robotics & Discrete Automation
1250 Brown Road
Auburn Hills, MI 48326
USA
Telephone: +1 248 391 9000
abb.com/robotics
3HAC066559-001, Rev H, en