Safety PLCs

Jokab, Siemens, Pilz and Allen-Bradley Safety PLCs
Jokab, Siemens, Pilz and Allen-Bradley Safety PLCs

As safety systems become more and more complex (primarily because of the influence of European safety standards), the cost-effectiveness of safety PLCs has improved. I first noticed Safety PLCs being used only about five or six years ago, though according to this Automation World article, they have been around for almost as long as standard programmable controllers.

As with my earlier evaluation of DeviceNet in the late 1990s, it was difficult for me to justify the use of safety PLCs during project design. The hardware cost was quite high compared to the cost of labor and the safety devices typically used. Don’t get me wrong – safety relays and redundant (dual-channel) wiring is still a more expensive proposition compared to when we used to simply put e-stop buttons and guard switches in a simple circuit (see below).

The project I am currently working on at a local machine-builder is a large robot cell that handles large metal frames. Because operators have to interface with much of the access points of the cell a fairly elaborate – and conditional – safety circuit had to be designed. What I mean by conditional is this: in the loading area it is OK for the operator to enter the load area while the robot is operating. The robot can’t reach the loading area, which is protected by a light curtain, floor scanner and a pop-up pneumatic gate. When the operator is in this load area the load conveyor has to be stopped using these safety devices, but the rest of the cell continues to operate.

If the pneumatic gate fails to operate correctly the operator would be able to enter the robot’s operational area where a major injury or death could easily occur. So even though the pop-up gate is not in itself designed as a safety device, it is monitored as one with a dual-channel safety switch. If the gate is not raised when the operator enters the area covered by the floor scanner, the entire cell is stopped just as if the emergency stop was activated.

This same condition is also applied to the unload area. It also has a floor scanner, light curtain and pop-up barrier. In addition, one of the robots interfaces with a press. The press has its own safety circuit that stops it from operating while the light curtain at the operator side is blocked, but the robot is very fast and could easily enter the back side of the press before the operator could escape. Because of this possible occurrence the robot’s position is monitored with a dual-channel safety switch known as a “DLD ring”. If the robot rotates to this position while the light curtain is blocked, the robot is immediately stopped, though the rest of the cell can continue operating.

There are also two locking safety doors which allow access to the cell after the system is cycle stopped. Everything moves to a safe position, the doors are unlocked and if the door is opened, the cell is prevented from operating. The conditional part of this scenario is that the robots can still be operated with the pendant while the doors are open.

If this safety system had to be designed without the safety PLC a full sized enclosure would have to be added just to contain the 40+ safety relays. By using the safety PLC over $10,000 in hardware and hundreds of hours of labor were saved. The safety devices remained the same, but all of the dual-channel light curtain, floorscanner, safety and guard switch devices were eliminated. All devices are simply wired into one of the five DeviceNet nodes spread throughout the cell and a FBD (Function-Block Diagram) type program was written to describe all of the conditional safety logic.

Yes, the system is on DeviceNet… this was not my choice, but the customer has several similar systems in their plant already and they wanted to stick with what was familiar. Spare parts are always a consideration in these cases also. I would have much rather implemented this via Ethernet/IP or even Profibus, but it is still much cleaner than if I had designed it using separate safety devices.

So count me as a new convert to the idea of using Safety PLCs… under the appropriate conditions. As systems become more complex I am sure we will be seeing more of these in use.


Electrical Engineer and business owner from the Nashville, Tennessee area. I also play music, Chess and Go.