AS-Interface: A Historical Overview
The Early Days: When the first AS-Interface components were introduced, AS-i was quickly accepted as a fast and low-cost method of transmitting binary I/O data from the field to the PLC. With 32 I/O nodes, the system handled a total of 124 inputs and 124 outputs (4 I/O per each I/O node.) Designed to be fast and deterministic, it takes each node only about 150 ms to update its I/O. This translates into a worst-case system update time of approximately 5ms. In addition to processing speed, the developing consortium (AS-i since then has been turned over to the nonprofit AS-International and several local member organizations, like the AS-Interface Trade Organization in the U.S.) also saw the need for a system with superior noise immunity and unparalleled ease of use. As a result, AS-Interface offers a topology-free structure and time-saving features such as automatic single node replacement and node insertion/removal under power.
The Next Step: Based on specification 2.04, the installed base quickly approached 1 million installed nodes (for 2003, the number of installed nodes was estimated at well over 600,000) and the growing user base asked AS-Interface to do more and more things that were originally reserved for complex and expensive upper level bus systems. Naturally, a fundamental requirement was that all new features had to be implemented without compromising forward and backward compatibility. First, the need for analog data over AS-i was addressed. This was immediately followed by a system extension to allow 62 I/O nodes (up from 31.) The new specification 2.11 addressed these issues while allowing I/O nodes and scanner cards or gateways to be mixed freely. The details of how forward and backward compatibility was accomplished are beyond the scope of this article, but can be read elsewhere (AS-Interface The Automation Solution, published by AS-International, distributed in the U.S. by the AS-i Trade Organization).
The Safety Revolution: Due to its success as an industrial networking solution, AS-Interface was quickly identified as an ideal candidate for the next paradigm shift in automation. Users were ready to apply AS-i to the "holy grail of hardwired applications." In 2001 AS-Interface Safety at Work (SaW) was released in Europe, with the U.S. following in 2002. As before, a core requirement for SaW was to be compatible with all applications in the field, irrespective of how old. Again, a feat that sounds impossible to accomplish; but so was the extension from 31 to 62 nodes or the inclusion of analog data.
Un-wiring Safety Devices
When the safety of operators (first and foremost) and machines (second) is involved, every conceivable effort must be taken to develop a solution that functions reliably under the most adverse conditions. While such a system must always err on the side of safety, no user can afford a system that is prone to frequent erroneous shutdowns. Consequently, a network approach to functional safety must be based on the most stable networking concept available. Since network stability is a prime benefit of AS-Interface the choice is simple. In fact, AS-Interface is designed to detect 100% of all noise-based, single-bit errors (i.e. situations where noise alters exactly one bit in the data packet), 100% of all 2-bit errors and 99.9999% of higher order 3- and 4-bit errors. Combined with a differential data signal and signal filtering, extensive simulation and field-testing has shown that the likelihood for a substation error is extremely low. For details please see AS-Interface The Automation Solution, published by AS-International, distributed in the U.S. by the AS-i Trade Organization.
But in order to satisfy the strict requirements for safety systems, additional steps were taken.
The Hardware: AS-Interface Safety at Work utilizes a standard AS-i system, including an AS-i power supply and AS-i Gateway or Scanner. Only two new components are needed to bring functional safety to ANY existing AS-i system -- irrespective of how old the installation is. These are the SafetyNodes and the SafetyMonitor. SafetyNodes are I/O nodes constructed to satisfy the strict rules set forth by safety regulations, and offer inputs for typical safety devices like e-stops, pressure mats, key switches, and door interlocks. The SafetyMonitor is a monitoring device that contains the OSSDs, replacing safety relays in traditional hard-wired installations. As the name "monitor" implies, it is only monitoring the SafetyNodes. To understand how a SafetyNode interacts with the SafetyMonitor requires one additional concept: the dynamic SafetyCode.
The Dynamic SafetyCode: Since SaW, like any other safety system, transmits data over an inherently unsafe medium (it is quite simple to cut a wire), additional steps must be taken to guarantee that safety data from e-stops, light curtains, key switches, and other safety rated input devices will result in reliable and fast opening of the OSSDs. The approach taken is conceptually as simple as it is ingenious.
Each AS-Interface node, irrespective of what kind of node one is talking about, receives 4 bits of output data from the gateway/scanner and replies with 4 bits of input data. Standard nodes (i.e. non-safe nodes) transmit four bits representing the states of four connected sensors. As long as the states of the sensors do not change, the data from such a node is "static" over time.
Not so with SafetyNodes. SafetyNodes do not transmit "e-stop pushed" but rather "e-stop NOT pushed." This seems like a trivial difference, but is quite important for SaW. As long as a safety input connected to the SafetyNode has not been activated, it transmits a unique SafetyCode sequence. It is this dynamic code sequence that can now be evaluated. The SafetyMonitor performs this evaluation. As long as safe inputs on the SafetyNodes are not activated, the SafetyCode sequence is transmitted. The SafetyMonitor compares the received code sequence with an expected sequence. As long as no difference exists, the OSSDs remain closed. As soon as a difference is detected the SafetyMonitor goes into the safe state, opening the OSSDs.
Compatibility Is a Reality: As in the past, every modification of AS-Interface was required to be fully forward and backward compatible. This is still the case with SaW. Note that the transmission of safe data between a SafeyNode and a SafetyMonitor is strictly one-way. The Monitor evaluates the SafetyCodes transmitted by SafetyNodes. The network scanner is not even considered when it comes to safety.
With regard to SaW, the scanner only facilitates the flow of SafetyCodes. Incidentally, the scanner does not even "know" that a SafetyNode is sending special data. Similarly, from the point of view of a SafetyNode, the existence of the SafetyMonitor is irrelevant. The job of the SafetyNode is to evaluate its inputs and send SafetyCodes. It makes no difference if a SafetyMonitor evaluates those SafetyCodes or not. Similar arguments can be made for the SafetyMonitor. Its job is to evaluate the data for those nodes that are identified as SafetyNodes in the configuration. If a node is not identified in the configuration as being safe, the SafetyMonitor disregards it. Putting all this together, it becomes apparent that SaW is 100% compatible with any existing AS-i installation, irrespective of how old, how new, or what kind of other nodes are used.
Configuration
Installation is simplified since only the SafetyMonitor needs to be configured. SafetyNodes are simply added to the network where needed. And the AS-i scanner (by default) requires no safety-related configuration. Using SaW is a process that is easily learned and equally fast. Once the hardware has been added to the AS-Interface network, the intuitive and powerful MS-Windows drag and drop interface ASiMON, is used to specify the configuration and logic operation of the system.
ASiMON: A user that had only marginal exposure to SaW can configure the SafetyMonitor within minutes. All that is necessary is to define which SafetyNodes are monitored, how the OSSDs are turned off (i.e. Stop Category 0 or Stop Category 1) and how the OSSDs are closed again once the e-stop has been released or the light curtain has been cleared. The configuration is then downloaded to the Monitor. After an electronic sign-off step, the system can be activated. Naturally, a configuration can be simple (e.g. any configured e-stop will immediately open the OSSD) or as advanced as needed (including timing functions, logic operations, external trigger functions, and startup tests.)
In addition to defining the configuration, ASiMON also offers a powerful diagnostics tool. Since every operation of the SafetyMonitor is represented by a graphical "function block," the status of each function block is again displayed on the diagnostics screen. Color indications are used to show if the OSSDs are open or closed, the SafeyNodes are transmitting SafetyCodes, or if the external triggers are expected.
Once the safety system has been fully configured, a log file can be uploaded from the SafetyMonitor and printed. This log file contains the parameters used for the configuration and allows a user to identify what is done, when, and how.
The Benefits
Ultimately, users are not interested in great technical detail, but rather the benefits they can derive from those implementation solutions. In the case of AS-i Safety at Work, the list of advantages over conventional hard-wire and other bus-based solutions is plentiful and significant. SaW allows users to:
- Quickly configure a safety system, offering the benefits as standard AS-Interface installations;
- Further reduce the total number of wires needed for any given installation. This finally allows machines to be truly modularized;
- Monitor both the state of any safety input and the state of the OSSDs;
- Install safety input devices and OSSDs anywhere along the network, modifying the setup anytime during the project;
- Print the safety log created by ASiMON, thus reducing the time necessary to create system documentation, while at the same time reducing possible documentation errors;
- Use a powerful visualization tool to check the behavior of the safety hardware;
- Add SafetyNodes wherever needed, even during the final phases of the project. Since no additional wiring back to the safety relays is needed, this takes only minutes; and
- Add OSSDs anytime, anywhere.
The Future
Since the first SaW products were released a few years ago, manufacturers developed a selection of safety nodes as well as safety devices with integrated safety functionality. In the near future, users can expect more field-mountable SafetyNodes with additional functionality, enclosure mounted modules that also offer non-safe outputs, SafetyNodes for light curtains, and a growing number of integrated solutions like door interlocks. Once users have experienced the flexibility, simplicity, and benefits of AS-Interface Safety at Work, it has the potential of becoming the premier safety network of choice.
Summary: AS-i Safety at Work Benefits
- Approved for Category 4 and SIL 3 safety
- No safety PLC needed
- Up to 31 SafetyNodes per AS-i network
- Compatible with existing AS-i installations, old or new
- Add SafetyNodes anywhere, anytime; configuration update takes only minutes
- Monitor state (activated/not activates) of any safe input without wiring auxiliary contacts
- Field- and enclosure-mountable safe inputs
- Safe inputs and normal outputs on one SafetyNode
- Easy configuration with MS-Windows drag and drop tool; also supports graphical configuration monitoring
- Place SafetyMonitor wherever convenient
- OSSDs can be read via AS-i
- Automatic single node replacement.
Additional information is available in .pdf format. To read the document, click here.
To obtain Adobe Acrobat Reader, click on the link below.
