Engineering:Profisafe

From HandWiki
Short description: Safety communications protocol

Profisafe (usually styled as PROFIsafe, as a portmanteau for Profinet or Profibus safety) is a standard for a communication protocol for the transmission of safety-relevant data in automation applications with functional safety. This standard was developed jointly by several automation device manufacturers in order to be able to meet the requirements of the legislator and the IFA for safe systems. The required safe function of the protocol has been tested and confirmed by TÜV Süd. The PROFIBUS Nutzerorganisation e.V. in Karlsruhe supervises the standardization for the partner companies and organizes the promotion of this common interface.

System structure

Profisafe[1][2] defines how safety-related devices (emergency stop buttons, light curtains, overfill prevention devices, ...) communicate safely with safety controllers via Profinet, Profibus or a backplane in such a way that they can be used in safety-related automation tasks up to SIL3 (Safety Integrity Level). Due to the specification of Profisafe, products of different manufacturers[3] can be combined to a safe system.

Market relevance

The first version of Profisafe was released as early as 1998.[4] A second version in 2005 also enabled use via the Ethernet-based Profinet. According to the PROFIBUS Nutzerorganisation e.V., by 2023 a total of almost 21,7 million devices with Profisafe will be placed on the market by the various manufacturers, and a further 2.8 million devices will be added each year.[5] In the database of the PROFIBUS Nutzerorganisation e.V., 106 different products from 31 different manufacturers are entered in October 2022.[6]

Operating principle

With Profisafe, secure communication is implemented via a profile, i.e., via a special format of the user data and an additional protocol.[7]

Safety-relevant data are transported with Profisafe[8][9] as F-messages between an F-Host (safety controller) and its F-Device (safety device) as payload in a telegram of an industrial network. In the case of a modular F-Device with several F-modules, the payload consists of several F-messages. In this case Profisafe has no further requirements for the transmission channel, this is considered as a black channel. Therefore different transport protocols like Profibus or Profinet can be used. Different transmission channels such as copper cable, fiber optic cable (FOC), backplane bus or wireless systems[10] such as WLAN can be used. Neither the transmission rates nor the respective error detection of the transport protocol play a role for safety.

The following figure shows the format of the payload of a "Safety Protocol Data Unit (SPDU)":[11]

transmitted data status/control byte CRC signature
1 bis 12/13 (max 123) bytes 1 byte 4 bytes

The cyclic redundancy check (CRC signature) is calculated over all local security parameters, the transmitted data and the locally stored monitoring number of the SPDU. This ensures that all information from the sender and the receiver is consistent without having to always transmit all parameters.

The monitoring number enables the recipient to check whether he has received all the messages in the correct sequence. With the acknowledgement, the monitoring number is returned to the sender for checking within a defined maximum delay time (timeout). Since some bus components, such as switches, have a buffer memory, a 32-bit monitoring number was selected for Profisafe.

The 1:1 communication relationship between F-Host and F-Device simplifies the detection of misdirected F-messages. For this purpose, the sender and receiver require a unique identifier (code name) throughout the network, which is used to verify the authenticity of F-messages. In Profisafe, the code name is also called "F-Address".

The following table shows which errors can be detected by which measure:

Error Monitoring number Timeout Code name CRC
Duplication of a message Yes
Deletion of a message Yes Yes
Inserting a message Yes Yes Yes
Changing the order of messages Yes
Change to the data Yes
Delay of a message Yes
A message masquerades as a secure message Yes Yes Yes
Transmission buffer is removed (e.g. in a switch) Yes

Specification

The international standard IEC 61508 Functional safety of electrical/electronic/programmable electronic safety-related systems. IEC 62061 Safety of machinery - Functional safety of safety-related electrical, electronic and programmable electronic control systems and ISO 13849 Safety of machinery — Safety-related parts of control systems are also the basis for Profisafe.

The international standard IEC 61784-3 [11] defines different protocols for safe systems with comparable properties. Profisafe is part 3 of this collection of standards and is thus defined as IEC 61784-3-3:2021 CPF 3.

See also

  • Functional safety
  • IEC 61784-3 Industrialcommunication networks – Profiles – Functional safety fieldbuses
  • IEC 61508 Functional safety of electrical/electronic/programmable electronic safety-related systems
  • IEC 62061 Safety of machinery - Functional safety of safety-related electrical, electronic and programmable electronic control systems
  • ISO 13849 Safety of machinery - Safety-related parts of control systems

References

  1. Stripf, Wolfgang; Barthel, Herbert (2015). Industrial Communication Technology Handbook - PROFIsafe: Functional Safety with PROFIBUS and PROFINET. CRC Press, Taylor & Francis. doi:10.1201/b17365-29. ISBN 9781315215488. https://www.taylorfrancis.com/chapters/edit/10.1201/b17365-29/profisafe-functional-safety-profibus-profinet-wolfgang-stripf-herbert-barthel. 
  2. "Marketing Flyer: PROFIsafe - Safe • Integrated • Open". Profibus and Profinet International. 2019. https://www.profibus.com/download/marketing-flyer-profisafe-safe-integrated-open. 
  3. Examples of applications with products from different manufacturers can also be found here: "Case Studies". Profibus and Profinet International. https://www.profibus.com/technology/case-studies?tx_solr%5Bfilter%5D%5B0%5D=technology:PROFIsafe. 
  4. "10 Years of PROFIsafe". Profibus and Profinet International. https://www.profibus.com/newsroom/press-news/10-years-of-profisafe. 
  5. "Record PROFINET and IO-Link numbers". PROFIBUS Nutzerorganisation e.V.. 2023-04-14. https://www.profibus.com/newsroom/press-news/record-profinet-and-io-link-numbers. 
  6. "Product Finder with selection PROFIsafe". PROFIBUS Nutzerorganisation e.V.. 2022. https://www.profibus.com/products/product-finder?tx_solr%5Bfilter%5D%5B0%5D=technology%3APROFIsafe. 
  7. "PROFIsafe System Description.". Documentation. Profinet International. 2016. https://www.profibus.com/download/profisafe-technology-and-application-system-description. 
  8. "Functional Safety". Learning Modules. Profinet University. https://profinetuniversity.com/category/functional-safety/. 
  9. Wilamowski, Bogdan; Irwin, David (2011). The Industrial Electronics Handbook - Profisafe. CRC Press, Taylor & Francis. doi:10.1201/9781315218434-56. ISBN 9781439802892. https://www.taylorfrancis.com/chapters/edit/10.1201/9781315218434-56/profisafe-bogdan-wilamowski-david-irwin. 
  10. Akerberg, Johan; Reichenbach, F.; Björkman, Mats (2010). "Enabling safety-critical wireless communication using WirelessHART and PROFIsafe". Emerging Technologies and Factory Automation (ETFA). IEEE. 10.1109/ETFA.2010.5641253. https://www.researchgate.net/publication/224196805. 
  11. 11.0 11.1 "Industrialcommunication networks – Profiles – Functional safety fieldbuses". International Electrotechnical Commission (IEC). 2021. https://webstore.iec.ch/searchform&q=61784-3.