According to ODVA the CIP Safety on Ethernet/IP technology has been enhanced to allow for the use of Concurrent Connections for applications requiring both high availability and functional safety.
Concurrent Connections allow for communication redundancy between multiple producing and consuming devices for the most critical automation processes. CIP Safety provides fail-safe communication between nodes such as safety I/O blocks, safety interlock switches, safety light curtains and safety controllers in both machine and process automation safety applications up to Safety Integrity Level (SIL) 3 according to IEC 61508 standards. The use of Concurrent Connections with CIP Safety on Ethernet/IP allows for redundancy and functional safety to be integrated to ensure the best uptime and worker safety.
What are Concurrent Connections?
Concurrent Connections are CIP connections that support fault tolerance via redundant devices. Concurrent Connections enable many CIP connection paths, which allows data to be sent multiple times over multiple paths between the producing and consuming devices, independent of how the devices are physically interconnected. Originators, routers, and targets can all have multiple devices participating, and the Concurrent Connection and any of the duplicated device pairs can fulfill the role and the connection. This reduces time that would otherwise be needed to detect failures and eliminates the time that would have to be spent switching between paired devices. The redundant pair send and receive data continuously, so even if a failure is detected in one of the devices, the control process can continue uninterrupted.
What‘s the role of CIP Safety?
CIP Safety mitigates common errors that can result in hazardous situations via various techniques as described in IEC 61784–3–2. Time stamps are used with time expectation to detect if packets are lost, delayed, repeated or transmitted out of order. Unique device identifiers are used to authenticate the communication between two safety devices. Additional diagnostics and checks are included to validate that the messages are not corrupted in transit and all these features are separate from standard communication methods. When these mitigations are put together as CIP Safety, a single connection between two devices (wired or wireless) can be used for communications certified up to SIL 3 per IEC 61508 and up to Category 4/PLe per ISO 13849–1.
“The availability of Concurrent Connections for CIP Safety on Ethernet/IP creates a whole new level of assurance that industrial networks will be both resilient and safe in the face of device failure or communication errors,” according to Dr. Al Beydoun, President and Executive Director of ODVA. “Concurrent Connections for CIP Safety is a win-win that offers the highest availability and functional safety together to enable the toughest applications to be handled while reducing injuries and increasing output.”
CIP Safety and Concurrent Connections have been available separately to provide industrial network functional safety and redundancy in the case of device errors or failure. The purpose of Concurrent Connections for CIP Safety is to provide automation network designers with a way to leverage both the higher system availability advantages offered by standard Concurrent Connections while maintaining the safety integrity offered by CIP Safety connections.
