Anybody outside of the machine safety world may be unfamiliar with an OSSD (output signal switching device). In this blog I will explain
- What is an OSSD
- OSSD logic
- Replacing an OSSD with a network connection
- Standards related to OSSD
Hopefully, even if you a hard-core machine safety person, you will find something useful in this. Hopefully if you are not a hard-core machine safety person, you will still find it interesting and it provokes some thinking.
Let’s start with a definition.
Figure 1 OSSD definition from IEC 61496 series
The definition is found in the IEC 61496 series of standards, which covers laser scanner, light curtains, 3D TOF, stereoscopic cameras and their use in safety systems. So a typical OSSD is found on a laser scanner output and signals that someone has entered an area, may be in danger, and so the dangerous machine should be stopped.
The OSSD may be implemented with relays or solid-state logic. These days solid state solutions are preferred for their reliability and testability and their logic values are given in IEC 61131-2 which is part of the PLC (programmable logic controller) series of standards which makes sense as often OSSD go from a sensor to a PLC.
Figure 2 OSSD signal levels from IEC 61131-2
If the OSSD is on a sensor to detect someone approaching a robot, then it is ON (+11 to +30V output) when nobody is approaching and off (-3V to +2V) when a person is detected. The fact that off includes 0V ensures that in the event of a power failure in the sensor the robot will be stopped.
If thinking in terms of logic gates you would therefore combine the outputs of two sensors with an AND function rather than an OR function. The output of an AND gate goes low if either of the inputs are low. The output of an OR gate would high if either of the sensors is in its permissive mode.
Note – in my head I always mix this up. I want the robot to stop if sensor 1 or sensor 2 detect a person. 0V or 24V combined with an OR gate however gives 24V which would not stop the robot.
Since an OSSD can fail they are often two OSSD outputs in parallel and we need to discuss the possible failure modes. The failure modes are various combinations of the usual DC fault model and include stuck open, shorted including failure modes related to the redundant OSSD shorted together.
Figure 3 Fault model for an OSSD
Narrow offset in time test pulses to low can test for most of the above – offset means a slight delay between the off pulses so that both OSSD are not low together. If both go low together, they are detected as shorted, if they can’t go low, they are shorted high, if they can’t go high they are shorted low. For such a test mode to work correctly the control system needs to ignore very narrow pulses.
Figure 4 - OSSD diagnostics
A single networked connection can be used to replace two OSSD. Obviously, this adds a lot of complexity, and you also have to worry about worst case response times of the network. Many sensors have both a networked and OSSD outputs for this reason. It also allows a given sensor to be easily integrated with all kinds of logic blocks.
Figure 5 - IEC 61496 series distinguishes between a point-to-point network connection and a routed connection
For reasons I don’t understand, the IEC 61496 series of standards interposes the safety related data interface between the sensor and the communications interface. The communications interface will then be according to the black channel or white channel principle from IEC 61508-2. Either way the diagnostics are now a lot more complex than OSSD outputs.
As I said an OSSD is a lot simpler than a networked connection, and this is captured in the warning below from a standard I cannot remember.
Figure 6 - a warning from an unknown standard on using a communications interface instead of a simpler OSSD wired connection
Since ADI acquired Maxim we have a portfolio of IO-link parts which I must study in more detail. The signaling levels for IO-link are also according to IEC 61131-2 but IO-link can transmit actual digital data. A colleague recently blogged on IO-link, see here.
Figure 7 - signal levels and baud rates for IO-link
We also have an even simpler range of digital I/O devices which I admit I have not studied in detail, see here. These generate IEC 61131-2 compliant type 1,2 and 3 output signals.
The full set of blogs in this series can be seen here.