Simplified Safety Increases Application Options

Configurable safety controllers provide a flexible automation safety option, making it easier for users to implement these devices in more applications.

Figure 1: Good industrial equipment safety design will incorporate the necessary sensors to protect workers by de-energizing equipment if there are any unsafe conditions.
Figure 1: Good industrial equipment safety design will incorporate the necessary sensors to protect workers by de-energizing equipment if there are any unsafe conditions.

As machines become more intelligent, there is an increasing need to integrate smart and compliant safety features. When a technology is simple to implement it is more likely to be adopted into a wider range of applications, and in the case of machine safety there are many personnel and operational benefits to be realized. In an increasingly regulated environment, safety is no longer a luxury.

Safety devices and designs have typically been a bit of a specialty subject because they work in conjunction with standard automation but are often largely standalone systems. The most basic circuits could get away with hardwired relays, while for large installations a class of safety programmable logic controllers (PLCs) evolved to support a fully integrated safety and automation solution.

But for many mid-size machine-guarding and automation applications, there was a gap in the safety products market. This gap has now been filled by configurable safety controllers (CSCs) which provide far more capability than hardwired options, offer smooth integration with modern automation, and are designed for easy and intuitive configuration. These devices are an effective way to provide flexible configuration and expansion capabilities to meet most any safety need while avoiding complex design and programming. They make it possible to expand safety design into more applications than ever before.

Figure 1: Good industrial equipment safety design will incorporate the necessary sensors to protect workers by de-energizing equipment if there are any unsafe conditions.Figure 1: Good industrial equipment safety design will incorporate the necessary sensors to protect workers by de-energizing equipment if there are any unsafe conditions.

Spectrum of Safety

Safety circuits work with the appropriate sensors to ensure machines and systems can only be energized and operated if personnel are working properly and equipment conditions are safe (Figure 1). There are many sensors such as emergency stop buttons and cords, gate switches on guards or access doors, light curtains, pressure mats, and more.

For many years, the western world has increasingly codified how to properly implement safety through standards like IEC 62061 and ISO 13849, and relevant laws. Some of these efforts have prompted increased scrutiny of how much safety must be applied, while requiring better methods, such as redundant circuitry.

Much of the world is following this increased emphasis on standardized ways to make equipment safe for workers. End users want safe equipment, but original equipment manufacturers may have struggled to keep costs and complexity down, while still providing sufficient reliable safety measures for compliance.

Certainly, the main goal of safe design is protecting workers and equipment. A lesser known but very real secondary benefit is increased productivity. When workers are more confident, there are no nuisance trips of safety systems. Automatically available detailed diagnostic data for actual safety trip situations, naturally makes operations more efficient.

In order of increasing complexity, there are generally three levels of safety implementations:

  • Hardwired safety relays
  • Configurable safety controllers
  • Distributed safety PLCs

Hardwired safety is the simplest—or at least the most straightforward—approach in some ways, but designing and installing using this method is labor intensive and difficult to expand in the future. Furthermore, hardwired devices offer little in the way of diagnostic feedback, so it can be hard for users to troubleshoot safety trips.  

At the other end of the spectrum are installations with multiple, coordinated machine ‘islands of control’, large distributed systems, high input/output (I/O) signal counts, or intricate programming requirements. Distributed safety PLCs are scalable to handle these cases, and to closely integrate automation with safety functions. These safety PLCs, however, have a high cost per I/O count, require complex programming, and are clearly overkill for smaller machines.

Modern configurable safety controllers have evolved to fill the expansive middle ground between the older solution extremes.

Configurable Safety Controllers

Configurable safety controllers are digital devices much like PLCs and also use I/O signals, but their functionality is focused on performing safety actions (Figure 2). Some key benefits of CSCs include:

  • Flexible I/O counts and types
  • Configured using an intuitive graphical interface
  • Do not require extensive training for configuration, commissioning, and operation
  • Extensive diagnostics available
  • Standard connectivity for native integration with PLCs and other smart systems


Figure 2: Emerson’s PACSafe configurable safety controllers are more flexible than hardwired safety relays, offer communications and diagnostics capabilities, and are easily configured using an intuitive graphical interface.Figure 2: Emerson’s PACSafe configurable safety controllers are more flexible than hardwired safety relays, offer communications and diagnostics capabilities, and are easily configured using an intuitive graphical interface.

Hardwired safety designs require users to design and install extensive interlock wiring between sensors, relays, and output devices like motors and solenoids. CSCs, much like PLCs, simply need each of these items wired to the appropriate I/O point. Once the signals are made available to the controller, all interlocking and functionality is handled through the configuration environment.

For the most capable CSCs, designers are presented with a graphical drag-and-drop environment with detailed built-in help (Figure 3). A fixed set of functions covers most typical safety needs, and if more complexity is necessary then a safety PLC might be warranted. This native safety function set is what enables many types of users to quickly and confidently configure safety systems, using options like:

  • Standard device support for emergency stop buttons, gate switches, two-hand controls, safety mats, and more.
  • Basic logic functions, timers, and latched resets.
  • Bypass controls.
  • Muting controls.

  Figure 3: Emerson’s PACSafe configurable safety controllers are easily configured using the drag-and-drop Studio environment to cover most any safety need.Figure 3: Emerson’s PACSafe configurable safety controllers are easily configured using the drag-and-drop Studio environment to cover most any safety need.

In operation, the configuration environment also indicates all I/O signals and safety logic conditions. Users are presented with a comprehensive set of diagnostics. Network communications, using PROFINET or another industrial Ethernet protocol, allow the CSC to be monitored by a PLC and associated human-machine interface (HMI).

Some companies offer both PLCs and safety controllers with enhanced interconnection capabilities. The PLCs include native program function blocks for communicating with CSCs, while the CSC automatically coordinates to determine which signals and variables are essential for communicating to the PLC. Using these products in conjunction provides ease of use, while delivering nearly the capability of full safety PLC, but with substantially less cost and complexity.

For example, consider an OEM offering a machine with several optional features affecting machine safety requirements. This OEM uses a standard PLC vendor, but sometimes end users require their preferred PLC vendor to be used instead. Configurable safety controllers help the OEM with both issues. First, their flexible I/O and sensor configuration allows the OEM to create a standard design, with variations to accommodate the optional safety features. Second, since the safety application is self-contained, it only needs to be configured once and then integrated with various PLC vendors via open standards Industrial Ethernet protocols, like PROFINET.

Getting Safety into More Applications

Configurable safety controllers have evolved to deliver required levels of protection, while avoiding the cost and complexity usually associated with providing this type of functionality. When users select CSC products from a complete portfolio of PLCs and other automation devices offered by an OT-focused supplier, they will find it faster, easier, and less expensive to deliver safety designs in more applications.

Darrell Halterman is the senior product manager of PACSystems controllers at Emerson.

More