Fault Handling - Best Practice?

More
02 Oct 2021 15:32 #222024 by spumco
What is the best practice for reacting to machine component faults?  Should a drive fault trigger an ESTOP or a less dramatic 'stop all motion' signal of some sort that doesn't de-power the components?

I'm asking as this needs to be sorted out before I move on to getting my ESTOP signals/logic connected together. And do I separate the drive faults from the ESTOP scheme?

Assumptions:
  • ESTOP relay drops power to drive/VFD contactors
    • Sensors/switches and Mesa board(s) stay powered
    • Relay is set up as holding relay, using momentary RESET to re-energize (unlatching mushroom doesn't clear ESTOP)
  • ESTOP relay signals LCNC (through Mesa) of ESTOP condition
  • ESTOP switch (NC) signals LCNC (through Mesa) of ESTOP condition (in case relay contacts fail closed)
  • LCNC can de-energize ESTOP relay, but cannot re-energize (operator and LCNC must agree, i.e. 2-out-of-2 voting)
  • Drives/VFD have native fault signal capability (don't have to use external relays or whatever to signal LCNC)
I know this might be a loaded question as there will likely be multiple opinions, but I'm not clear on the exact functions within LCNC - specifically if there is a 'stop-all-motion' function and if so, what exactly it does.

Thanks all,
Ralph

Please Log in or Create an account to join the conversation.

More
02 Oct 2021 17:14 #222035 by tommylight
AMp-fault will stop all motion and disable the drives.
The following user(s) said Thank You: spumco

Please Log in or Create an account to join the conversation.

More
02 Oct 2021 17:20 #222036 by chris@cnc
I use two safety circuits. One  E-stop chain and wired to e-stop buttons and safety relay power. He ends in hal E-stop chain.

If machine ready this signal power on my safety relay.
net machine-is-enabled  =>    hm2_7i76e.0.7i76.0.0.output-00
This relay is switch all amplifire  enable inputs. For safe you can use two. In case over 750W power could be useful to cut amplifirepower by electromagnetic contactor. Not the life power. 

All amplifire alarms or probe input faults are connect to his own input. E.G.
net alarm-servo-X    <=  hm2_7i76e.0.7i76.0.0.input-26-not =>  joint.0.amp-fault-in
Linuxcnc switch off signal machine-is-enable in case of alarm and give a message what input hurts. Second is the safety relay down, no servo has enable signal anymore.  And if the amplifere still alive could you read alarm message on drive.
That is the reason wy i decide to use two chains. Basicaly you could wired all over e-stop chain. But i think thats a little overkill and you not see what happens. 
The following user(s) said Thank You: spumco

Please Log in or Create an account to join the conversation.

More
02 Oct 2021 17:30 #222037 by spumco
That's two votes separating the fault signals from the estop chain - I'm sold.

Now for a new thread on estop loop setup.

-R
The following user(s) said Thank You: tommylight

Please Log in or Create an account to join the conversation.

Time to create page: 0.078 seconds
Powered by Kunena Forum