|
US$2014.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 36006-2018: Control and communication network -- Safety-over-Ether CAT specification
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 36006-2018 | English | 2014 |
Add to Cart
|
7 days [Need to translate]
|
Control and communication network -- Safety-over-Ether CAT specification
| Valid |
GB/T 36006-2018
|
PDF similar to GB/T 36006-2018
Basic data | Standard ID | GB/T 36006-2018 (GB/T36006-2018) | | Description (Translated English) | Control and communication network -- Safety-over-Ether CAT specification | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | N10 | | Classification of International Standard | 25.040 | | Word Count Estimation | 106,153 | | Date of Issue | 2018-03-15 | | Date of Implementation | 2018-10-01 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 36006-2018: Control and communication network -- Safety-over-Ether CAT specification---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Control and communicatoin network--Safety-over-EtherCAT specification
ICS 25.040
N10
National Standards of People's Republic of China
Control and communication network
Safety-over-EtherCAT specification
(IEC 61784-3-12.2010, Industrialcommunicationnetworks-Profiles-
Part 3-12. Functional safety fieldbuses-Additional specifications for CPF12, IDT)
Published on.2018-03-15
2018-10-01 implementation
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
China National Standardization Administration issued
Content
Foreword III
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms, definitions, symbols, abbreviations and conventions 2
3.1 Terms and Definitions 2
3.1.1 General terms and definitions 2
3.1.2 Additional terms and definitions 6
3.2 Symbols and abbreviations 7
3.2.1 General symbols and abbreviations 7
3.2.2 Additional symbols and abbreviations 7
3.3 Convention 7
4 FSCP12/1 (Safety-over-EtherCAT) Overview 8
5 Overview 9
5.1 External documents providing profile specifications 9
5.2 Security function requirements 9
5.3 Security measures 9
5.4 Secure Communication Layer Structure 10
5.5 Relationship with FAL (and DLL, PhL) 10
5.5.1 Overview 10
5.5.2 Data Type 10
6 Secure Communication Layer Service 11
6.1 FSoE connection 11
6.2 FsoE Cycle 11
6.3 FsoE Service 12
7 Secure Communication Layer Protocol 12
7.1 Security PDU Format 12
7.1.1 Security PDU Structure 12
7.1.2 Security PDU Command 13
7.1.3 Security PDUCRC 14
7.2 FSCP12/1 communication procedures 17
7.2.1 Message period 17
7.2.2 FSCP12/1 Node Status 17
7.3 Response to communication errors 27
7.4 Status Table of the FsoE Master Station 28
7.4.1 FsoE Master Station State Machine 28
7.4.2 Reset Status 32
7.4.3 Session Status 34
7.4.4 Connection Status 38
7.4.5 Parameter Status 43
7.4.6 Data Status 48
7.5 FsoE Slave Status Table 52
7.5.1 FsoE Slave State Machine 52
7.5.2 Reset Status 56
7.5.3 Session Status 59
7.5.4 Connection Status 64
7.5.5 Parameter Status 70
7.5.6 Data Status 76
8 Secure Communication Layer Management 82
8.1 FSCP12/1 Parameter Processing 82
8.2 FsoE communication parameters 82
9 System Requirements 82
9.1 Indicators and Switches 82
9.1.1 Indicator status and flashing frequency 82
9.1.2 Indicators 83
9.2 Installation Guide 84
9.3 Security function response time 84
9.3.1 Overview 84
9.3.2 Determination of FsoE watchdog time 85
9.3.3 Calculation of worst case safety function response time 86
9.4 Duration of the request 87
9.5 Constraints for System Feature Value Calculation 87
9.5.1 Overview 87
9.5.2 Probability considerations 87
9.6 Maintenance 88
9.7 Safety Manual 88
10 Evaluation 89
Appendix A (informative) Additional information on the functional safety communication profile of CPF12 90
Appendix B (informative) CPF12 functional safety profile assessment information 97
Reference 98
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
This standard uses the translation method equivalent to IEC 61784-3-12.2010 "Industrial Communication Network Profiles Part 3-12. Functional Safety
Additional Specifications for Fieldbus CPF12.
The documents of our country that have a consistent correspondence with the international documents referenced in this standard are as follows.
--- GB 5226.1-2008 Mechanical electrical safety machinery and electrical equipment - Part 1. General technical conditions (IEC 602041.
2005, IDT)
--- GB/T 15969.2-2008 Programmable controllers - Part 2. Equipment requirements and testing (IEC 61131-2.2007,
IDT)
--- GB/T 16657.2-2008 Industrial Communication Network Fieldbus Specification Part 2. Physical Layer Specification and Service Definition
(IEC 61158-2.2007, IDT)
---GB/T 17799.2-2003 Electromagnetic compatibility general standard immunity test in industrial environment (IEC 61000-6-2.
1999, IDT)
---GB/T 20438 (all parts) Functional safety of electrical/electronic/programmable electronic safety related systems [IEC 61508
There are some)]
This standard has made the following editorial changes.
--- Change the standard name to "Control and Communication Network Safety-over-EtherCAT Specification";
--- Modified some formatting formats according to Chinese habits;
--- Replace "IEC 61508" with "IEC 61508 series standard", delete the description of the trademark, and the unpublished standard
The quasi-current has been released, so delete the footnote content in the original text.
This standard was proposed by the China Machinery Industry Federation.
This standard is under the jurisdiction of the National Industrial Process Measurement Control and Automation Standardization Technical Committee (SAC/TC124).
This standard was drafted. Institute of Mechanical Industry Instrumentation and Instrumentation, Institute of Automation, Chinese Academy of Sciences, Shenyang Institute of Automation, Tsinghua University
Xue, Southwest University, Beijing University of Aeronautics and Astronautics, Beijing Heli System Engineering Co., Ltd., Shanghai Automation Instrument Co., Ltd., Shenyang Machine Tool
(Group) Design and Research Institute Co., Ltd., Haitian Drive Co., Ltd., Omron Automation (China) Co., Ltd., EtherCAT Technology Association,
Germany Beckhoff Automation Co., Ltd.
The main drafters of this standard. Wang Shuo, Ding Lu, Gao Jingmei, Wang Chunxi, Yang Zhijia, Wang Xue, Liu Feng, Liu Yanqiang, Luo An, Bao Weihua, Qiao Xiaotong,
Yu Shilei, Li Jianri, Yue Wei, Guan Peng, Li Tianbing, Fan Bin, Cheng Geng.
Introduction
The IEC 61158 fieldbus standard and its companion standards IEC 61784-1 and IEC 61784-2 define a set of communication protocols.
Implement distributed control of automated applications. Fieldbus technology is now generally accepted and proven to be viable. Therefore, many fieldbus technologies
The technology continues to improve, covering areas that have not been standardized, such as real-time, functional safety-related and information security-related applications.
This standard is based on the IEC 61508 series of standards, describes the principles of functional safety communication, and is standardized based on IEC 61784-1, IEC
61784-2 and the IEC 61158 series of standards for communication profiles and protocol layers of several secure communication layers (profiles and corresponding protocols), but excluding electricity
Gas safety and intrinsic safety aspects.
Figure 1 shows the relationship between this standard and the relevant safety and fieldbus standards in the mechanical environment.
Note. 6.7.6.4 (high complexity) and 6.7.8.1.6 (low complexity) in GB 28526 specify the relationship between PL (category) and SIL.
Figure 1 Relationship between IEC 61784-3 and other standards (mechanical)
Figure 2 shows the relationship between this standard and the relevant safety and fieldbus standards in the process environment.
a For the specified electromagnetic environment, otherwise see IEC 61326-3-1.
Figure 2 Relationship between IEC 61784-3 and other standards (processes)
In a safety-related system built according to the IEC 61508 series of standards, the secure communication layer is implemented as part of this layer.
The transmission of messages (information) between fieldbus participants of two or more safety-related systems provides the necessary credibility; or on the fieldbus
Provides sufficient credibility for safe behavior in fault or failure events.
The secure communication layer specified in this standard enables fieldbus to be used for functional safety to achieve safety integrity level (SIL) applications.
The SIL level is specified by its corresponding functional safety communication profile.
The final SIL of a system is determined by the implementation of the selected functional safety communication profile in the system - functional safety
The implementation of the letter profile in standard equipment in accordance with this standard is not sufficient to certify that the device is a security device.
This standard describes.
--- Implement the basic principles of the IEC 61508 series of standards for safety-related data communication requirements, including possible transmission failures, remediation measures
Considerations that affect data integrity;
--- Separate descriptions of the functional safety profiles of multiple communication profiles in IEC 61784-1 and IEC 61784-2;
--- Security layer extension to the communication services and protocols part of the IEC 61158 series of standards.
Control and communication network
Safety-over-EtherCAT specification
1 Scope
This standard specifies the secure communication layer (services and protocols) of CPF12 and IEC 61158 type 12 based on IEC 61784-2, and
The principle of functional safety communication as defined in IEC 61784-3 is relevant to the secure communication layer in this standard.
Note 1. Does not include electrical safety and intrinsic safety aspects. Electrical safety is related to dangers such as electric shock. Intrinsic safety and related to potentially explosive environments
The danger is related.
This standard defines a mechanism for transmitting security-related messages between participants in a distributed network using fieldbus technology.
It meets the functional safety requirements of the IEC 61508 series of standards. These mechanisms can be used in a variety of industrial applications such as process control, manufacturing
Mobility and machinery.
This standard provides guidance to developers and evaluators of equipment and systems that comply with this standard.
Note 2. The final SIL of a system is determined by the implementation of the functional safety communication profile selected in the system---functional safety communication profile
Implementations in accordance with this standard in a quasi-device are not sufficient to certify that the device is a secure device.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article.
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
IEC 60204-1 Mechanical electrical safety machinery and electrical equipment - Part 1. General technical conditions (Safetyofmachinery-E-
Lectricalequipmentofmachines-Part 1.Generalrequirements)
IEC 61000-6-2 Electromagnetic compatibility general standard immunity test in industrial environment (Electromagneticcompatibility
(EMC)-Part 6-2. Genericstandards–Immunityforindustrialenvironments)
IEC 61131-2 Programmable Controllers Part 2. Equipment Requirements and Tests (Programmablecontrolers-Part 2.
Equipmentrequirementsandtests)
IEC 61158-2 Industrial Communication Network Fieldbus Specification Part 2. Physical Layer Specification and Service Definition (Industrialcom-
municationnetworks-Fieldbusspecifications-Part 2.Physicallayerspecificationandservicedefini-
Tion)
IEC 61158-3-12 Industrial Communication Network Fieldbus Specification Part 3-12. Data Link Layer Service Definition Type 12
Industrial communication network-Fieldbusspecifications-Part 3-12. Data-linklayerservice
definition-Type12elements)
IEC 61158-4-12 Industrial Communication Network Fieldbus Specification Part 4-12. Data Link Layer Protocol Specification Type 12
Industrial communication network-Fieldbusspecifications-Part 4-12. Data-linklayerprotocol
specification-Type12elements)
IEC 61158-5-12 Industrial Communication Network Fieldbus Specification Part 5-12. Application Layer Service Definition Type 12 Element
(Industrialcommunicationnetworks-Fieldbusspecifications-Part 5-12. Applicationlayerservice
definition-Type12elements)
IEC 61158-6-12 Industrial Communication Network Fieldbus Specification Part 6-12. Application Layer Protocol Specification Type 12 Element
(Industrialcommunicationnetworks-Fieldbusspecifications-Part 6-12. Applicationlayerprotocol
specification-Type12elements)
IEC 61326-3-1 Electrical Equipment for Measurement, Control and Laboratory Use - Part 3-1. Safety-related systems and implementation
Fully related functional (functional safety) equipment immunity requirements for general industrial applications (Electricalequipmentformeasurement, con-
trolandlaboratoryuse-EMCrequirements-Part 3-1. Immunityrequirementsforsafety-relatedsys-
Temsandforequipmentintendedtoperformsafetyrelatedfunctions(functionalsafety)-Generalin-
Dustrialapplications)
IEC 61326-3-2 Electrical Equipment for Measurement, Control and Laboratory Use - Part 3-2. Safety-related Systems and Execution
Fully related functional (functional safety) device immunity requirements for industrial applications with specific electromagnetic environments (Electricalequipmentfor
Measurement,controlandlaboratoryuse-EMCrequirements-Part 3-2.Immunityrequirementsfor
Safety-relatedsystemsandforequipmentintendedtoperformsafetyrelatedfunctions(functionalsafe-
Ty)-Industrialapplicationswithspecifiedelectromagneticenvironment)
IEC 61508 (all parts) Functional safety of electrical/electronic/programmable electronic safety related systems (Functional safety ofe-
Lectrical/electronic/programmableelectronicsafety-relatedsystems)
IEC 617842 Industrial Communication Network Profiles Part 2. Additional site totals for real-time networks based on ISO /IEC 8802-3
Line profile (Industrialcommunicationnetworks-Profiles-Part 2.Additionalfieldbusprofilesforreal-
timenetworksbasedonISO /IEC 8802-3)
IEC 61784-3.2010 Industrial Communication Network Profiles Part 3. Functional Safety Fieldbus General Rules and Profile Definitions
(Industrialcommunicationnetworks-Profiles-Part 3. Functionalsafetyfieldbuses-Generalrules
Andprofiledefinitions)
IEC 61918 communication network installation in industrial communication network industrial environment (Industrialcommunicationnetworks-
Instalationofcommunicationnetworksinindustrialpremises)
3 Terms, definitions, symbols, abbreviations and conventions
The following terms, definitions, symbols, abbreviations and conventions apply to this document.
3.1 Terms and definitions
3.1.1 General terms and definitions
3.1.1.1
Availability availability
The automation system does not have a probability of not meeting system conditions (eg, discontinued production) within a given time.
3.1.1.2
Black channel blackchannel
There is no need to obtain a communication channel for design or verification certification in accordance with the IEC 61508 series of standards.
3.1.1.3
Communication channel communicationchannel
A logical connection between two terminals within a communication system.
3.1.1.4
Communication system
It consists of hardware, software and transmission media to allow the transfer of messages (GB/T 9387 application layer) from one application to another.
3.1.1.5
Connection connection
Logical binding between two application objects within the same or different devices.
3.1.1.6
Cyclic redundancy check cyclicredundancycheck; CRC
Value --- To detect data corruption, redundant data obtained from a block of data and stored or transmitted with the block.
Method - A procedure for calculating redundant data.
Note 1. The terms “CRC code”, “CRC signature”, and symbols (such as CRC1 and CRC2) are also used in this standard to indicate redundant data.
Note 2. See [34] and [35].
3.1.1.7
Error error
The difference between a calculated or observed or measured value or condition and a true, prescribed or theoretically correct value or condition.
[IEC 61508-4.2010], [IEC 61158]
Note 1. Errors may be caused by design errors in hardware/software, and/or due to electromagnetic interference and/or other effects that result in information corruption.
Note 2. Errors do not necessarily lead to failure or failure.
3.1.1.8
Failure failure
The functional unit performs the termination of the ability to perform a function, or the operation of the functional unit in any non-required manner.
Note 1. As defined in IEC 61508-4, there are additional notes.
[IEC 61508-4.2010, modified], [GB/T 5271.14-2008, 1.11, modified]
Note 2. Failure may be caused by an error (such as hardware/software design or message corruption).
3.1.1.9
Fault fault
An abnormal condition that causes a functional unit to perform a required function or to lose its ability.
Note. IEV191-05-01 defines “fault” as a feature state that is incapable of performing the required function, does not include preventive maintenance, or other planned actions.
During the period, or the lack of external resources to produce incompetence.
[IEC 61508-4.2010, modified], [GB/T 5271.14-2008, 1.10, modified]
3.1.1.10
Fieldbus fieldbus
Communication systems based on serial data transmission and used in industrial automation or process control applications.
3.1.1.11
Fieldbus system fieldbussystem
A system that uses a fieldbus to connect devices.
3.1.1.12
Frame frame
Synonym for DLPDU.
3.1.1.13
Frame check sequence framechecksequence; FCS
To detect data corruption, a hash function is used to obtain and transmit from or to the data block within the DLPDU (frame).
Redundant data.
Note 1. FCS can be obtained by CRC or other hash function.
Note 2. See [34], [35].
3.1.1.14
Hash function hashfunction
A (mathematical) function that maps a (possibly very large) set of values to a (usually) smaller set of values.
Note 1. The hash function is used to detect data corruption.
Note 2. The general hash function includes a parity bit, a checksum or a CRC.
[IEC /T R62210, revised]
3.1.1.15
Dangerous hazard
A state or set of conditions of a system. Together with other relevant conditions, he will inevitably cause personal, property or environmental damage.
hurt.
3.1.1.16
Master station master
An active communication entity capable of initiating and scheduling communication activities of other stations, which may be primary or secondary.
3.1.1.17
Message message
An ordered octet sequence for transmitting information.
[GB/T 5271.16-2008, 2.1, modified]
3.1.1.18
Performance level performancelevel; PL
Discrete level, which is used to specify the ability of a safety-related part of a control system to perform safety functions under foreseeable conditions.
[GB/T 16855.1-2008]
3.1.1.19
Protection extra low voltage protectiveextra-low-voltage; PELV
Under normal and single fault conditions (excluding ground faults in other circuits), the circuit voltage must not exceed AC 30Vr.ms and
42.4V peak voltage, or no more than 60V DC.
Note. The PELV circuit is similar to the SELV circuit connected to the protective ground.
[IEC 61131-2-2008]
3.1.1.20
Redundant redundency
For functional units that perform a required function or for data representing information, there is nothing more than enough.
Note. Same as the definition in IEC 61508-4, with additional examples and notes.
[IEC 61508-4.2010, modified], [GB/T 5271.14-2008, 1.12, modified]
3.1.1.21
Reliability
Under given conditions, for a given time interval (t1, t2), the automation system is able to perform the required function probability.
Note 1. It is generally assumed that the automation system is in a state where the required function is performed at the beginning of the time interval.
Note 2. This term is also used to denote the reliability performance quantified by probability.
Note 3. During the MTBF or MTTF period, the possibility of the automation system performing the required function under given conditions is reduced.
Note 4. Reliability and availability are different.
[GB/T 17215.911, modified]
3.1.1.22
Risk risk
The combination of the probability of injury and the severity of the injury.
Note. See Appendix A of IEC 61508-5.2010.
[IEC 61508-4.2010], [ISO /IEC Guide 51..1999 Definition 3.2]
3.1.1.23
Secure Communication Layer (SCL) safetycommunicationlayer (SCL)
The communication layer, including all necessary measures to ensure the secure transmission of data in accordance with the IEC 61508 series of standards.
3.1.1.24
Safety data safetydata
Data transmitted over a secure network using a secure protocol.
Note. The secure communication layer cannot guarantee the security of the data itself, and only guarantees that the data is transmitted securely.
3.1.1.25
Security device safetydevice
Equipment designed and implemented in accordance with the IEC 61508 series of standards for functional safety communication profiles.
3.1.1.26
Safety extra low voltage safetyextra-low-voltage; SELV
Under normal and single fault conditions (including ground faults in other circuits), the circuit voltage must not exceed AC 30Vr.ms and
42.4V peak voltage, or no more than 60V DC.
Note. The SELV circuit is not connected to the protective ground.
[IEC 61131-2]
3.1.1.27
Safety function safetyfunction
E/E/PE safety related systems, other technical safety for achieving or maintaining the safety status of EUC for specific hazardous events
The functionality implemented by the associated system or external risk reduction facility.
Note. Same as the definition in IEC 61508-4, with additional examples and notes.
[IEC 61508-4.2010, modified]
3.1.1.28
Safety function response time safetyfunctionresponsetime
When an error or malfunction occurs in the safety function channel, it is activated from the safety sensor connected to the fieldbus to its safety actuator
Before the safe state, the worst case lasts.
Note. This definition is given in 5.2.4 of IEC 61784-3.2010 and is described by the functional safety communication profile defined in this standard.
3.1.1.29
Safety integrity level safetyintegritylevel; SIL
A discrete level (one of the four possible levels) corresponding to the range of safety integrity values. Among them, the safety integrity level 4 is safety
The highest level of full integrity, 1 is the lowest level.
Note 1. Target failure measures for four safety integrity levels (see IEC 61508-4.2010, 3.5.17) in Tables 2 and 3 of IEC 61508-1.2010
Provisions.
Note 2. The Safety Integrity Level is used to specify the safety integrity requirements for safety functions assigned to E/E/PE safety related systems.
Note 3. SIL is not a property of a system, subsystem, component or component. The correct interpretation of "SILn safety-related systems" (n is 1, 2, 3 or 4) is that the system has
The potential for a safety function with a safety integrity level of n.
[IEC 61508-4.2010]
3.1.1.30
Safety measure safetymeasure
(In this standard) measures to control possible communication errors, the design and implementation of which are in accordance with the requirements of the IEC 61508 series of standards.
Note 1. In fact, a combination of several safety measures can achieve the required level of safety integrity.
Note 2. Communication errors and related safety measures are detailed in 5.3 and 5.4 of IEC 61784-3.2010.
3.1.1.31
Safety related application safety-related application
To meet the SIL requirements of the application.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 36006-2018_English be delivered?Answer: Upon your order, we will start to translate GB/T 36006-2018_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 36006-2018_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 36006-2018_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|