Not only in automation technology, but also in many areas of working life, there is a growing awareness of the need to take precautions for the safety of people, machines and the environment. Thanks to safety rules and regulations, the number of occupational accidents is steadily declining, especially in the working area. While 39 people (per 1,000 workers) were injured on the job in 2000, fortunately only 18 (per 1,000 workers) were injured in 2020. (source: statista.com)
While such a service saves companies time and money, it also comes with risks. This is especially critical when it comes to data that can be manipulated or affect a device in the field, and most of all when the data producer While the focus on safe working conditions used to be treated rather stepmotherly, it is nowadays considered one of the most important building blocks in the industry. In this blog post, we shed light on the topic of safety software, its application and functions. We also explore the question of whether it’s really that easy to buy security software via the App Store and what tips there are for choosing the right provider.
Let´s start with some basics
The demand to achieve the highest possible safety level results in increasingly complex requirements for the necessary safety-oriented application software within the PLC. The corresponding safety functions can be created in the familiar development environments and made available as a safety library via an add-in.
Complex calculations for flexible room monitoring or the integration of drive safety functions in the safety-related control often require an extension of the safety-related firmware. In mechanical engineering, controllers are often used that are designed for simple programming of safety functions and comply with a safety level. They are subject to the machinery directive or DIN EN ISO 13849. However, both standards considerably restrict the language and function expansion, which is why the term Low Variability Language – LVL for short – is used. More complex functions are developed according to the IEC 61508 standard and included as a fixed component in the firmware of the safety controller. However, the replacement of the firmware is associated with a high level of effort – both for the manufacturer of the firmware and for the user in the machines and systems.
Various suppliers offer a flexible solution in which the extension is loaded onto the safety-related controller together with the application program. The adjective “flexible” in this context means that a firmware update is not necessary for every new function.
Proven libraries in high-level language
Safety functions with complex calculations are proving necessary, especially in the robotics environment. Cartesian space monitoring, for example, requires trigonometric functions with floating point calculations. Similarly, calculations in the field of robot kinematics usually require complex arithmetic operations. Such tasks can easily be implemented in high-level language, since there are corresponding libraries that have proven themselves here.
In the C programming language, for example, the math.h library can be used, which contains a standard collection of mathematical functions. Another area of application is the implementation of proprietary security protocols. To avoid having to renew the entire network in existing applications, the security protocol used can be included as a C function and then reused. Often the C code required for this is already available and has already become established.
Safety-related controllers are often designed with two channels. This means that two independent processors execute the code and check the result in a cross comparison that ensures the correct execution of the program. In this way, the so-called common-cause errors are avoided. To meet functional safety requirements, a different compiler can be used for each channel. The diversified binary code generated in this way even runs diversitarily on the safety controllers. This is also referred to as redundant diversity. Since the functions are loaded directly as machine code on the safety-related controller, they usually prove to be more compact and significantly more efficient than IEC61131-3-based programs. Direct processing in the firmware thus leads to a performance gain.
Simple verification of the generated program
The familiar environment already used in the development process can be used to create the C functions. Thus, the developers do not have to learn a new tool. The compiled code must be in the standardized ELF format (Executable and Linking Format). This platform-independent solution is supported by many well-known programming languages. By using standard development systems and programming languages as well as standardized file formats, standard tools can also be used to support development that are not available for IEC61131-3-based programs, for example. These include software tools for measuring code coverage, software for determining test coverage or simple connections to version management systems such as GIT or Subversion.
The use of standard development systems also has the advantage that the program can be checked by simple means. However, the functions to be generated in the Full Variability Language (FVL) must be developed in accordance with the relevant standards – such as IEC 61508. For this purpose, it often makes sense to commission a suitable service provider to implement the task within the framework of a suitable development process. The developed code must then be able to be sent to the controller in the correct form with the safety-related user application.
Some software offers an additional add-in for this purpose, which allows the creator of the safety-related functions to create a self-contained library. With the right software, this is done with a few mouse clicks.
Further online distribution
To ensure that the creator of the library and the code can be identified at any time, a certificate must be attached to the library. This mechanism represents the best variant of safety protection according to today’s standard. The finished library can even be tested with the simulation of the safety controller included in PLCnext Engineer. In addition, the code can be checked and freed from errors in a user-friendly manner via the development system used – such as Visual Studio. The self-developed functions usually prove to be a differentiator from other providers. The finished libraries, which are not automatically delivered to every control user, give the manufacturer of the complex functionality a competitive advantage.
However, the service providers active in the industry can make the aforementioned libraries available online in the various software stores and build another business model for themselves in this way. In the simplest case, the libraries certified by a testing institute are offered on a digital marketplace (e.g., an industrial app store). When using the library, the user of the complex new safety function does not need to have any knowledge of the high-level language used, the development system used or the IEC 61508 standard. The library only needs to be referenced in his application. The user can then find all new functions in his function and function block catalog. To check the certificates, the information can be viewed at any time in the Safety Information Editor and compared with the manufacturer’s specifications. As simple as it sounds!
Our tip: Some software provider automatically checks the validity of the certificates! When choosing the right provider, it is worth paying attention to who offers this service and who does not.
Conclusion
Due to growing sources of danger and increasing safety requirements, it makes sense to think about a well-thought-out safety concept. Especially with new acquisitions, the aspect of security should be comprehensively considered and considered. If a suitable security application is planned right from the start, this not only saves time and money, but above all gives users a safe and good feeling.
The options presented therefore offer not only the user but also the manufacturers of safety-related functions a wide range of advantages, which can, however, only be realized by a flexibly expandable safety control system.
