1、 IEC 61784-3 Edition 3.0 2016-05 REDLINE VERSION Industrial communication networks Profiles Part 3: Functional safety fieldbuses General rules and profile definitions IEC 61784-3:2016-05 RLV(en) colour inside THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2016 IEC, Geneva, Switzerland All rights
2、reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IECs member National Committee in the country of the requester
3、. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office Tel.: +41 22 919 02 11 3, rue de Varemb Fax: +41 22 919 0
4、3 00 CH-1211 Geneva 20 infoiec.ch Switzerland www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The techni
5、cal content of IEC publications is kept under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. IEC Catalogue - webstore.iec.ch/catalogue The stand-alone application for consulting the entire bibliographical informa
6、tion on IEC International Standards, Technical Specifications, Technical Reports and other documents. Available for PC, Mac OS, Android Tablets and iPad. IEC publications search - www.iec.ch/searchpub The advanced search enables to find IEC publications by a variety of criteria (reference number, te
7、xt, technical committee,). It also gives information on projects, replaced and withdrawn publications. IEC Just Published - webstore.iec.ch/justpublished Stay up to date on all new IEC publications. Just Published details all new publications released. Available online and also once a month by email
8、. Electropedia - www.electropedia.org The worlds leading online dictionary of electronic and electrical terms containing 20 000 terms and definitions in English and French, with equivalent terms in 15 additional languages. Also known as the International Electrotechnical Vocabulary (IEV) online. IEC
9、 Glossary - std.iec.ch/glossary 65 000 electrotechnical terminology entries in English and French extracted from the Terms and Definitions clause of IEC publications issued since 2002. Some entries have been collected from earlier publications of IEC TC 37, 77, 86 and CISPR. IEC Customer Service Cen
10、tre - webstore.iec.ch/csc If you wish to give us your feedback on this publication or need further assistance, please contact the Customer Service Centre: csciec.ch. IEC 61784-3 Edition 3.0 2016-05 REDLINE VERSION Industrial communication networks Profiles Part 3: Functional safety fieldbuses Genera
11、l rules and profile definitions INTERNATIONAL ELECTROTECHNICAL COMMISSION ICS 25.040.40; 35.100.05 ISBN 978-2-8322-3372-6 Registered trademark of the International Electrotechnical Commission Warning! Make sure that you obtained this publication from an authorized distributor. colour inside 2 IEC 61
12、784-3:2016 RLV IEC 2016 CONTENTS FOREWORD . 8 0 Introduction . 10 0.1 General . 10 0.2 Transition from Edition 2 to extended assessment methods in Edition 3 12 0.3 Patent declaration . 12 1 Scope 14 2 Normative references. 14 3 Terms, definitions, symbols, abbreviated terms and conventions. 16 3.1 T
13、erms and definitions 16 3.1.1 Common terms and definitions 3.1.2 CPF 1: Additional terms and definitions . 3.1.3 CPF 2: Additional terms and definitions . 3.1.4 CPF 3: Additional terms and definitions . 3.1.5 CPF 6: Additional terms and definitions . 3.1.6 CPF 8: Additional terms and definitions . 3
14、.1.7 CPF 12: Additional terms and definitions . 3.1.8 CPF 13: Additional terms and definitions . 3.1.9 CPF 14: Additional terms and definitions . 3.2 Symbols and abbreviated terms . 24 3.2.1 Common symbols and abbreviated terms . 3.2.2 CPF 1: Additional symbols and abbreviated terms 3.2.3 CPF 2: Add
15、itional symbols and abbreviated terms 3.2.4 CPF 3: Additional symbols and abbreviated terms 3.2.5 CPF 6: Additional symbols and abbreviated terms 3.2.6 CPF 8: Additional symbols and abbreviated terms 3.2.7 CPF 12: Additional symbols and abbreviated terms 3.2.8 CPF 13: Additional symbols and abbrevia
16、ted terms 3.2.9 CPF 14: Additional symbols and abbreviated terms 4 Conformance . 26 5 Basics of safety-related fieldbus systems . 26 5.1 Safety function decomposition . 26 5.2 Communication system . 27 5.2.1 General . 27 5.2.2 IEC 61158 fieldbuses . 27 5.2.3 Communication channel types 28 5.2.4 Safe
17、ty function response time 28 5.3 Communication errors . 29 5.3.1 General . 29 5.3.2 Corruption 29 5.3.3 Unintended repetition . 29 5.3.4 Incorrect sequence 30 5.3.5 Loss 30 5.3.6 Unacceptable delay 30 5.3.7 Insertion 30 5.3.8 Masquerade . 30 5.3.9 Addressing. 30 IEC 61784-3:2016 RLV IEC 2016 3 5.4 D
18、eterministic remedial measures . 31 5.4.1 General . 31 5.4.2 Sequence number 31 5.4.3 Time stamp 31 5.4.4 Time expectation 31 5.4.5 Connection authentication 31 5.4.6 Feedback message 31 5.4.7 Data integrity assurance . 32 5.4.8 Redundancy with cross checking 32 5.4.9 Different data integrity assura
19、nce systems 32 5.5 Typical relationships between errors and safety measures . 32 5.6 Communication phases . 33 5.7 FSCP implementation aspects . 34 5.8 Data integrity considerations . 34 5.8.1 Calculation of the residual error rate . 34 5.8.2 Total residual error rate and SIL . 37 5.9 Relationship b
20、etween functional safety and security . 38 5.10 Boundary conditions and constraints 39 5.10.1 Electrical safety . 39 5.10.2 Electromagnetic compatibility (EMC) 39 5.11 Installation guidelines 40 5.12 Safety manual . 40 5.13 Safety policy . 40 6 Communication Profile Family 1 (FOUNDATION Fieldbus) Pr
21、ofiles for functional safety 41 6.1 Functional Safety Communication Profile 1/1 6.2 Technical overview . 7 Communication Profile Family 2 (CIP) and Family 16 (SERCOS) Profiles for functional safety 42 7.1 Functional Safety Communication Profile 2/1 7.2 Technical overview . 8 Communication Profile Fa
22、mily 3 (PROFIBUS, PROFINET) Profiles for functional safety 44 8.1 Functional Safety Communication Profile 3/1 8.2 Technical overview . 9 Communication Profile Family 6 (INTERBUS) Profiles for functional safety 46 9.1 Functional Safety Communication Profile 6/7 9.2 Technical overview . 10 Communicati
23、on Profile Family 8 (CC-Link) Profiles for functional safety 48 10.1 Functional Safety Communication Profile 8/1 . 48 10.2 Technical overview Functional Safety Communication Profile 8/2 . 48 11 Communication Profile Family 12 (EtherCAT) Profiles for functional safety . 49 11.1 Functional Safety Comm
24、unication Profile 12/1 11.2 Technical overview . 12 Communication Profile Family 13 (Ethernet POWERLINK) Profiles for functional safety 50 12.1 Functional Safety Communication Profile 13/1 12.2 Technical overview . 4 IEC 61784-3:2016 RLV IEC 2016 13 Communication Profile Family 14 (EPA) Profiles for
25、 functional safety 52 13.1 Functional Safety Communication Profile 14/1 13.2 Technical overview . 14 Communication Profile Family 17 (RAPIEnet) Profiles for functional safety . 53 15 Communication Profile Family 18 (SafetyNET p Fieldbus) Profiles for functional safety 53 Annex A (informative) Exampl
26、e functional safety communication models . 54 A.1 General . 54 A.2 Model A (single message, channel and FAL, redundant SCLs) . 54 A.3 Model B (full redundancy) 54 A.4 Model C (redundant messages, FALs and SCLs, single channel) 55 A.5 Model D (redundant messages and SCLs, single channel and FAL) 55 A
27、nnex B (informative normative) Safety communication channel model using CRC- based error checking 57 B.1 Overview. 57 B.2 Channel model for calculations 57 B.3 Bit error probability Pe. 58 B.4 Cyclic redundancy checking 59 B.4.1 General . 59 B.4.2 Considerations concerning CRC polynomials 60 Annex C
28、 (informative) Structure of technology-specific parts . 62 Annex D (informative) Assessment guideline 64 D.1 Overview. 64 D.2 Channel types . 64 D.2.1 General . 64 D.2.2 Black channel 64 D.2.3 White channel 64 D.3 Data integrity considerations for white channel approaches 65 D.3.1 General . 65 D.3.2
29、 Models B and C . 65 D.3.3 Models A and D . 66 D.4 Verification of safety measures 67 D.4.1 General . 67 D.4.2 Implementation 67 D.4.3 “De-energize to trip“ principle . 67 D.4.4 Safe state 67 D.4.5 Transmission errors . 67 D.4.6 Safety reaction and response times 67 D.4.7 Combination of measures . 6
30、8 D.4.8 Absence of interference . 68 D.4.9 Additional fault causes (white channel) . 68 D.4.10 Reference test beds and operational conditions 68 D.4.11 Conformance tester 69 Annex E (informative) Examples of implicit vs. explicit FSCP safety measures 70 E.1 General . 70 E.2 Example fieldbus message
31、with safety PDUs . 70 E.3 Model with completely explicit safety measures . 70 E.4 Model with explicit A-code and implicit T-code safety measures . 71 IEC 61784-3:2016 RLV IEC 2016 5 E.5 Model with explicit T-code and implicit A-code safety measures . 71 E.6 Model with split explicit and implicit saf
32、ety measures . 72 E.7 Model with completely implicit safety measures . 73 E.8 Addition to Annex B impact of implicit codes on properness 73 Annex F (informative) Extended models for estimation of the total residual error rate 74 F.1 Applicability 74 F.2 General models for black channel communication
33、s 74 F.3 Identification of generic safety properties . 75 F.4 Assumptions for residual error rate calculations . 75 F.5 Residual error rates. 76 F.5.1 Explicit and implicit mechanisms 76 F.5.2 Residual error rate calculations 76 F.6 Data integrity 78 F.6.1 Probabilistic considerations 78 F.6.2 Deter
34、ministic considerations . 78 F.7 Authenticity . 79 F.7.1 General . 79 F.7.2 Residual error rate for authenticity (RR A ) . 80 F.8 Timeliness 81 F.8.1 General . 81 F.8.2 Residual error rate for timeliness (RR T ) 83 F.9 Masquerade 84 F.9.1 General . 84 F.9.2 Other terms used to calculate residual err
35、or rate for masquerade rejection (RR M ) 84 F.10 Calculation of the total residual error rates . 84 F.10.1 Based on the summation of the residual error rates 84 F.10.2 Based on other quantitative proofs . 85 F.11 Total residual error rate and SIL 85 F.12 Configuration and parameterization for an FSC
36、P 86 F.12.1 General . 86 F.12.2 Configuration and parameterization change rate . 88 F.12.3 Residual error rate for configuration and parameterization 88 Bibliography . 89 Figure 1 Relationships of IEC 61784-3 with other standards (machinery) . 10 Figure 2 Relationships of IEC 61784-3 with other stan
37、dards (process) 11 Figure 3 Transition from Edition 2 to Edition 3 assessment methods . 12 Figure 4 Safety communication as a part of a safety function 27 Figure 5 Example model of a functional safety communication system 28 Figure 6 Example of safety function response time components 29 Figure 7 Sc
38、ope of FSCP 1/1 Figure 7 Conceptual FSCP protocol model . 34 Figure 8 Relationship of Safety Validators . Figure 8 FSCP implementation aspects 34 Figure 9 Basic communication preconditions for FSCP 3/1 . 6 IEC 61784-3:2016 RLV IEC 2016 Figure 9 Example application 1 (m=4) 36 Figure 10 Structure of a
39、 FSCP 3/1 safety PDU . Figure 10 Example application 2 (m = 2) . 37 Figure 11 Safe communication modes . Figure 11 Zones and conduits concept for security according to IEC 62443 . 39 Figure 12 FSCP 6/7 communication preconditions . Figure 13 Basic FSCP 12/1 system . Figure 14 Producer consumer examp
40、le Figure 15 Client server example Figure 16 FSCP 14/1 safety communication architecture Figure A.1 Model A 54 Figure A.2 Model B 55 Figure A.3 Model C 55 Figure A.4 Model D 56 Figure B.1 Communication channel with perturbation 57 Figure B.2 Binary symmetric channel (BSC) . 58 Figure B.3 Example of
41、a block with a message part and a CRC bits (redundancy code) signature . 59 Figure B.4 Block codes for error detection 60 Figure B.5 Proper and improper CRC polynomials 61 Figure D.1 Basic Markov model 66 Figure E.1 Example safety PDUs embedded in a fieldbus message . 70 Figure E.2 Model with comple
42、tely explicit safety measures . 70 Figure E.3 Model with explicit A-code and implicit T-code safety measures . 71 Figure E.4 Model with explicit T-code and implicit A-code safety measures . 72 Figure E.5 Model with split explicit and implicit safety measures . 72 Figure E.6 Model with completely imp
43、licit safety measures . 73 Figure F.1 Black channel from an FSCP perspective . 74 Figure F.2 Model for authentication considerations . 79 Figure F.3 Fieldbus and internal address errors 80 Figure F.4 Example of slowly increasing message latency 82 Figure F.5 Example of an active network element fail
44、ure . 83 Figure F.6 Example application 1 (m = 4) . 85 Figure F.7 Example application 2 (m = 2) . 85 Figure F.8 Example of configuration and parameterization procedures for FSCP . 87 Table 1 Overview of the effectiveness of the various measures on the possible errors . 33 Table 2 Definition of items
45、 used for calculation of the residual error rates . 36 Table 3 Typical relationship of residual error rate to SIL level . 37 Table 4 Typical relationship of residual error on demand to SIL . 37 Table 5 Overview of profile identifier usable for FSCP 6/7 . 47 Table B.1 Example dependency d minand bloc
46、k bit length n . 60 Table C.1 Common subclause structure for technology-specific parts 62 IEC 61784-3:2016 RLV IEC 2016 7 Table F.1 Typical relationship of residual error rate to SIL 86 Table F.2 Typical relationship of residual error on demand to SIL 86 8 IEC 61784-3:2016 RLV IEC 2016 INTERNATIONAL
47、 ELECTROTECHNICAL COMMISSION _ INDUSTRIAL COMMUNICATION NETWORKS PROFILES Part 3: Functional safety fieldbuses General rules and profile definitions FOREWORD 1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising all national electrotechnica
48、l committees (IEC National Committees). The object of IEC is to promote international co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and in addition to other activities, IEC publishes International Standards, Technical Specifications, Te
49、chnical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non- governmental organizations liaising with the IEC also part