Safety Function Block
The PLCOpen organization has defined a set of standard function blocks (FB) for safety-related functionality. The function block specifications are given as state diagrams. The example presented here realizes the equivalent function block.
According to the PLCopen specification this function block converts two equivalent SAFEBOOL inputs to one SAFEBOOL output with discrepancy time monitoring. If one channel signal changes from TRUE to FALSE the output immediately switches off (FALSE) for safety reasons. Discrepancy time monitoring: The discrepancy time is the maximum period during which both inputs may have different states without the function block detecting an error. Discrepancy time monitoring starts when the status of an input changes. The function block detects an error when both inputs do not have the same status once the discrepancy time has elapsed.
The machine presented below is a sample realization of the state diagram specified in the PLCopen document. In opposite to the original PLCopen specification all states - which set the READY output to TRUE - are sub-states of the superstate called ACTIVE. As soon as the ENABLE input becomes inactive the ACTIVE state is left and IDLE will be entered. Using sub-states reduces the number of required transitions in the diagram a lot.
The class diagram below shows how the sample implementation is designed. The class io_interface
provides a hardware abstraction layer to the inputs and outputs required by the function block. The timer
class provides general timer functions. Please note that it is only good enough to test the state machine. Classes are realized as C/H-Files. The class diagram shows two comments using the action and header keywords which are supported from the code generator. C-code in the „action comment“ is copied into the C-file just before the state-chart code. The listed C-code reads and stores the function block inputs in local variables for faster processing. These variables as well as some required headers etc. are defined in the other comment. Code following the header keyword is simply copied to the beginning of the generated C-file.
The attached example implementation shows how the generated code can be used. The inputs come from a test vector. The code is built with cygwin and gcc but can be also compiled on Linux or Mac OS X for example. Main is the starting point of the code and initializes everything. A number of test cases are implemented wich can be commented in as needed.
Generated Files: