Академический Документы
Профессиональный Документы
Культура Документы
KUKA.SafeOperation 3.1
Issued: 31.03.2011
© Copyright 2011
KUKA Roboter GmbH
Zugspitzstraße 140
D-86165 Augsburg
Germany
This documentation or excerpts therefrom may not be reproduced or disclosed to third parties without
the express permission of KUKA Roboter GmbH.
Other functions not described in this documentation may be operable in the controller. The user has
no claims to these functions, however, in the case of a replacement or service work.
We have checked the content of this documentation for conformity with the hardware and software
described. Nevertheless, discrepancies cannot be precluded, for which reason we are not able to
guarantee total conformity. The information in this documentation is checked on a regular basis, how-
ever, and necessary corrections will be incorporated in the subsequent edition.
Subject to technical alterations without an effect on the function.
Translation of the original documentation
KIM-PS5-DOC
Contents
1 Introduction .................................................................................................. 7
1.1 Target group .............................................................................................................. 7
1.2 Industrial robot documentation ................................................................................... 7
1.3 Representation of warnings and notes ...................................................................... 7
1.4 Terms used ................................................................................................................ 8
4 Safety ............................................................................................................ 35
4.1 General ...................................................................................................................... 35
4.1.1 Liability .................................................................................................................. 35
4.1.2 Intended use of the industrial robot ...................................................................... 35
4.1.3 EC declaration of conformity and declaration of incorporation ............................. 36
4.1.4 Terms used ........................................................................................................... 36
4.2 Personnel ................................................................................................................... 38
4.3 Workspace, safety zone and danger zone ................................................................. 39
4.4 Triggers for stop reactions ......................................................................................... 40
4.5 Safety functions ......................................................................................................... 41
4.5.1 Overview of the safety functions ........................................................................... 41
4.5.2 Safety controller .................................................................................................... 41
5 Installation ................................................................................................... 59
5.1 System requirements ................................................................................................. 59
5.2 Installing or updating SafeOperation ......................................................................... 59
5.3 Uninstalling SafeOperation ........................................................................................ 59
6 Operation ...................................................................................................... 61
6.1 User groups ............................................................................................................... 61
6.2 Opening the safety configuration ............................................................................... 61
6.3 Overview of buttons ................................................................................................... 61
6.4 Monitor functions ....................................................................................................... 62
6.4.1 Displaying information about the safety configuration .......................................... 62
6.4.2 Displaying the change log .................................................................................... 63
6.4.3 Displaying machine data ...................................................................................... 63
8 Programming ............................................................................................... 97
8.1 Programs for the mastering test ................................................................................. 97
8.2 Programming a mastering test ................................................................................... 97
1 Introduction
This documentation is aimed at users with the following knowledge and skills:
Advanced knowledge of the robot controller system
Advanced KRL programming skills
Hints These hints serve to make your work easier or contain references to further
information.
Term Description
Axis range Range, in degrees or millimeters, within which an
axis may move. The axis range is defined by a lower
and an upper axis limit.
Axis limit An axis has 2 axis limits which define the axis range.
There is an upper axis limit and a lower axis limit.
Stopping distance Stopping distance = reaction distance + braking dis-
tance
The stopping distance is part of the danger zone.
Workspace Monitoring space that the defined axes or the safe
tool must not leave. The axes or the safe tool must
always move within the limits of the workspace.
(>>> 2.2.5 "Axis-specific workspaces" Page 19)
(>>> 2.2.3 "Cartesian workspaces" Page 17)
Danger zone The danger zone consists of the workspace and the
stopping distances.
Mastering test The mastering test is used to check whether the cur-
rent position of the robot and the external axes cor-
responds to a reference position.
(>>> 2.9 "Mastering test" Page 26)
KL KUKA linear unit
CRR Controlled robot retraction
Operating mode for retracting the robot in the case
of a workspace violation.
Alarm space An alarm space signals a workspace violation by
setting an output. The alarm spaces are perma-
nently assigned to the configurable outputs of the
interface options PROFIsafe and X13
(SIB Extended).
Monitoring time During the monitoring time, the user is prompted to
perform a mastering test.
Polygon, convex A convex polygon is a polygon consisting of at least
3 different corners. Triangles and squares are exam-
ples of convex polygons.
(>>> 2.2.2 "Cell area" Page 16)
PROFIsafe PROFIsafe is a PROFINET-based safe interface for
connecting a safety PLC to the robot controller.
(PLC = master, robot controller = slave)
(>>> 10.1 "SafeOperation via PROFIsafe
(optional)" Page 101)
Reference group A reference group contains the axes of a kinematic
system that are required for moving to a reference
position and are to be subjected to safe monitoring.
Reference position The reference position is a Cartesian position to
which the robot moves during the mastering test.
(>>> 2.9.1 "Reference position" Page 27)
Term Description
Reference stop Safety stop that is triggered if the mastering test has
not been carried out. The reference stop can be acti-
vated for monitoring spaces.
(>>> 2.2.8 "Reference stop" Page 22)
Reference switch A reference switch is necessary for carrying out the
mastering test. The reference switch confirms the
reference position.
(>>> 3.2 "Reference switch" Page 31)
Protected space Monitoring space that the defined axes or the safe
tool must not enter. The axes or the safe tool must
always move outside the limits of the protected
space.
(>>> 2.2.6 "Axis-specific protected spaces"
Page 20)
(>>> 2.2.4 "Cartesian protected spaces" Page 18)
SIB Safety Interface Board
Safety STOP 0 A stop that is triggered and executed by the safety
controller. The safety controller immediately
switches off the drives and the power supply to the
brakes.
Note: This stop is called safety STOP 0 in this docu-
ment.
Safety STOP 1 A stop that is triggered and monitored by the safety
controller. The braking process is performed by the
non-safety-oriented part of the robot controller and
monitored by the safety controller. As soon as the
manipulator is at a standstill, the safety controller
switches off the drives and the power supply to the
brakes.
Note: This stop is called safety STOP 1 in this docu-
ment.
Safety STOP 2 A stop that is triggered and monitored by the safety
controller. The braking process is performed by the
non-safety-oriented part of the robot controller and
monitored by the safety controller. The drives remain
activated and the brakes released.
Note: This stop is called safety STOP 2 in this docu-
ment.
Safe operational In the case of a safe operational stop, the standstill
stop of the axes for which it has been configured is moni-
tored. When the axes are at a monitored standstill,
they may move within the configured axis angle or
distance tolerances.
(>>> 2.5 "Safe operational stop" Page 24)
Safe tool Tool with up to 6 spheres modeled around it. These
spheres are monitored against the limits of the Car-
tesian monitoring spaces. Each safe tool has a safe
TCP which is monitored against the configured
velocity limits.
(>>> 2.3 "Safe tools" Page 23)
Term Description
Monitoring space A monitoring space can be Cartesian or axis-specific
and can be defined as a workspace or protected
space.
(>>> 2.2 "Monitoring spaces" Page 12)
Cell area Cartesian workspace with 3 to 10 corners forming a
convex polygon and limited in the ±Z direction. The
cell area is the maximum permissible workspace of
the robot.
(>>> 2.2.2 "Cell area" Page 16)
2 Product description
Functions SafeOperation is an option with software and hardware components and the
following functions:
Safe monitoring of a maximum of 16 user-defined, axis-specific or Carte-
sian monitoring spaces
Safe monitoring of a user-defined cell area
Safe monitoring of axis-specific velocities
Safe monitoring of space-specific velocities
Safe monitoring of Cartesian velocities
Modeling of up to 16 safe tools with safe TCP
Safe stop via safety controller
Safe operational stop
Connection to a higher-level controller, e.g. to a safety PLC
Safe inputs for activation of the monitoring functions
Safe outputs for status messages of the monitoring functions
Creation and editing of the safety configuration on the robot controller or
in WorkVisual.
Functional The components of the industrial robot move within the limits that have been
principle configured and activated. The actual positions are continuously calculated and
monitored against the safety parameters that have been set.
The safety controller monitors the industrial robot by means of the safety pa-
rameters that have been set. If a component of the industrial robot violates a
monitoring limit or a safety parameter, the robot and external axes (optional)
are stopped.
Interfaces Various interfaces are available for connection to a higher-level controller. The
safe I/Os of these interfaces can be used, for example, to activate safety mon-
itoring functions or signal a violation of safety monitoring functions.
PROFINET/PROFIsafe
Interface X13 via SIB Extended
Monitoring space A monitoring space can be defined as a Cartesian cuboid or by means of indi-
vidual axis ranges. Each monitoring space can be set as a workspace or pro-
tected space.
(>>> 2.2.3 "Cartesian workspaces" Page 17)
Cell area The cell area is a Cartesian workspace in the form of a convex polygon with 3
to 10 corners and is limited in the ±Z direction.
(>>> 2.2.2 "Cell area" Page 16)
The cell area is permanently monitored and always active. The corners can be
configured, activated and deactivated individually.
A safety stop 0 is always triggered at the space limit.
Stop reactions
Overview The following Cartesian coordinate systems are defined in the robot controller:
WORLD
ROBROOT
BASE
TOOL
Description WORLD
The WORLD coordinate system is a permanently defined Cartesian coordi-
nate system. It is the root coordinate system for the ROBROOT and BASE co-
ordinate systems.
By default, the WORLD coordinate system is located at the robot base.
ROBROOT
The ROBROOT coordinate system is a Cartesian coordinate system, which is
always located at the robot base. It defines the position of the robot relative to
the WORLD coordinate system.
By default, the ROBROOT coordinate system is identical to the WORLD coor-
dinate system. $ROBROOT allows the definition of an offset of the robot rela-
tive to the WORLD coordinate system.
BASE
The BASE coordinate system is a Cartesian coordinate system that defines
the position of the workpiece. It is relative to the WORLD coordinate system.
By default, the BASE coordinate system is identical to the WORLD coordinate
system. It is offset to the workpiece by the user.
TOOL
In the case of Jet robots, the ROBROOT coordinate system is fixed. They do
not move with the robot.
In the case of a KL, the relationship between the ROBROOT coordinate sys-
tem and the WORLD coordinate system changes. The ROBROOT coordinate
system moves with the robot on the KL.
Description The cell area is a Cartesian monitoring space that is limited in the ±Z direction.
Up to 6 user-configured spheres are modeled around the safe tool on the
mounting flange of the robot; when the robot moves, these spheres move with
it. These spheres are monitored against the cell area and must only move
within this cell area. If a sphere violates the limits of the cell area, the robot
stops with a safety stop 0.
The cell area is configured in the WORLD coordinate system as a convex poly-
gon with 3 to 10 corners.
A convex polygon is a polygon consisting of at least 3 different corners. The
individual line segments of the vertices must not be outside the polygon. Tri-
angles and squares are examples of convex polygons.
Fig. 2-5
1 Cell area
2 Spheres on safe tool
3 Robot
Description Up to 6 user-configured spheres are modeled around the safe tool on the
mounting flange of the robot; when the robot moves, these spheres move with
it. These spheres are simultaneously monitored against the activated Carte-
sian workspaces and must move within the workspaces.
If a sphere violates the limit of a workspace, the following reactions can occur:
A safe output is set (alarm space).
If interface X13 is used, safe outputs are only available for monitoring
spaces 1 … 6.
The robot is stopped (configurable).
1 Workspace
2 Spheres on safe tool
3 Robot
Description Up to 6 user-configured spheres are modeled around the safe tool on the
mounting flange of the robot; when the robot moves, these spheres move with
it. These spheres are simultaneously monitored against the activated Carte-
sian protected spaces and must move outside the protected spaces.
If a sphere violates the limit of a protected space, the following reactions can
occur:
A safe output is set (alarm space).
If interface X13 is used, safe outputs are only available for monitoring
spaces 1 … 6.
The robot is stopped (configurable).
1 Protected space
2 Spheres on safe tool
3 Robot
Description The axis limits can be set and monitored individually for each axis via the soft-
ware. The resulting axis range is the permissible range of an axis within which
the robot may move. The individual axis ranges together make up the overall
workspace, which may consist of up to 8 axis ranges. 6 robot axes and 2 ex-
ternal axes can be defined in a workspace.
If the robot violates an axis limit, the following reactions can occur:
A safe output is set (alarm space).
If interface X13 is used, safe outputs are only available for monitoring
spaces 1 … 6.
The robot is stopped (configurable).
Description The axis limits can be set and monitored individually for each axis via the soft-
ware. The resulting axis range is the protected range of an axis within which
the robot may not move. The individual axis ranges together make up the over-
all protected space, which may consist of up to 8 axes ranges. 6 robot axes
and 2 external axes can be defined in a protected space.
If the robot violates an axis limit, the following reactions can occur:
A safe output is set (alarm space).
If interface X13 is used, safe outputs are only available for monitoring
spaces 1 … 6.
The robot is stopped (configurable).
Cartesian velocity monitoring is activated (configurable).
In the case of axes that can rotate more than 360°, e.g.
axis 1, the configured axis ranges refer to the position of
the axis (including sign) and not to the sector of a circle. Serious injury and
severe damage to the robot can be caused. If, for example, a protected
space of +90° to +270° is configured, the robot can move through the protect-
ed space in the other direction from -90° to -185°. In this case, it is advisable
to configure a workspace from -90° to +90°.
Example The diagram shows an example of an axis-specific protected space. The safe-
guarded space and the stopping distances correspond to the configured pro-
tected space. The motion range of axis 1 is limited to -185° to +185° by means
of software limit switches. The protected space is configured from -110° to
-10°. This results in 2 permissible motion ranges for the robot, separated by
the configured protected space.
Description For Cartesian and axis-specific monitoring spaces, a Cartesian velocity can be
defined which is monitored if the space is violated or not violated. A safe TCP
is defined for every safe tool. This safe TCP is monitored against a configured
velocity limit. If the safe TCP exceeds the velocity limit, the robot is stopped
safely.
Example The diagram shows an example of a Cartesian workspace. If the safe TCP on
the safe tool exceeds the velocity limit inside the workspace, the robot is
stopped with a safety stop 0.
1 Workspace
2 Spheres on safe tool
3 Robot
Description A reference stop can be activated for monitoring spaces. (= function Stop if
mastering test not yet done)
If the reference stop is activated and the following conditions are met, the robot
can only be moved in T1 mode or KRR:
Monitoring space is activated.
Mastering test is requested internally.
If the reference stop is activated and the following preconditions are met, the
robot stops with a safety stop 2:
Monitoring space is activated.
Mastering test is requested internally.
Operating mode T2, AUT or AUT EXT
To be able to move the robot again in the stop-triggering operating modes, the
following possibilities are available:
Perform mastering test in T1 mode.
Deactivate monitoring spaces.
Deactivate reference stop.
The safe TCP for the velocity monitoring can be freely configured in
the safety configuration. It is independent of the current TCP that is
set in the KUKA System Software with the variable $TOOL.
Example The diagram shows an example of a safe tool. 2 spheres and a safe TCP are
defined on the safe tool of the robot by means of the FLANGE coordinate sys-
tem.
Axis velocity The velocity of every axis can be monitored against a limit value.
Axis velocity limit value
Reduced axis velocity limit value for T1 mode
Maximum axis velocity limit value (not axis-dependent)
Cartesian velocity The Cartesian velocity at the safe TCP of the active safe tool can be moni-
tored. The velocity monitoring is always relative to $WORLD:
Limit value for the reduced velocity at the safe TCP
Limit value for the reduced velocity at the safe TCP for T1 mode
Limit value for the maximum velocity at the safe TCP and at the sphere
center points of the safe tool (not space-dependent)
Space-specific velocity
(>>> 2.2.7 "Space-specific velocity" Page 22)
Stop reactions
Description Safe operational stop can be configured for up to 6 axis groups. The axes for
which a safe operational stop is to be activated are grouped together in an axis
group. A standstill window can be configured in which an axis can still move
with the safe operational stop activated.
The axis angle or distance tolerance can be configured individually for axes 1
to 8. The axes activated for safe operational stop are not dependent on the ac-
tivated axes for axis-specific workspace monitoring.
If safe operational stop is activated, the standstill of the axes for which it has
been configured is monitored. The axes that are at a monitored standstill may
move within the configured axis angle or distance tolerances. If the safe oper-
ational stop is violated, i.e. if the tolerance is exceeded or the velocity is mini-
mally increased, a safety stop 0 is triggered. The safety stop 0 affects all axes,
not just those for which the operational stop is configured.
$SR_VEL_RED The variable $SR_VEL_RED is used to activate override reduction for the ve-
locity. The Cartesian velocity at the safe TCP of the active tool is automatically
reduced if the programmed velocity is greater than the value of the lowest ve-
locity limit that is activated and currently monitored by the safety controller.
This prevents the robot from being stopped when the Cartesian velocity limit
is exceeded.
$SR_OV_RED The variable $SR_OV_RED specifies the percentage of the lowest velocity
limit that is activated and currently monitored by the safety controller. The Car-
tesian velocity of the safe TCP of the active tool is reduced to this value.
$SR_WORKSPAC If the function Stop at boundaries is activated for a monitoring space, the ro-
E_RED bot stops before it reaches the limit of the workspace. The stopping distance
of the robot and the permissible distance between the robot and the work-
space limits depend on the velocity of the robot.
The variable $SR_WORKSPACE_RED can be used to activate override re-
duction for these monitoring spaces ($SR_WORKSPACE_RED = TRUE).
If override reduction is active and the robot approaches the limit of a work-
space, the override is continuously reduced to allow the robot to get as close
as possible to the workspace limit without being stopped by the safety control-
ler.
If override reduction is active and the robot has violated the limit of a protected
space, the robot reduces its velocity. As soon as it has reached a certain min-
imum distance from the workspace limit, the robot moves at its programmed
velocity once again.
Example The lowest velocity limit active on the safety controller is 1,000 mm/s. If
$SR_VEL_RED = TRUE and $SR_OV_RED = 95 are set, the Cartesian ve-
locity of the safe TCP of the active tool is reduced to 950 mm/s.
Description If the robot has violated a monitoring function and been stopped by the safety
controller, it can only be moved out of the violated area in CRR mode. The mo-
tion velocity in CRR mode corresponds to that in T1 mode.
In CRR mode, the robot can be moved to any position. No stop is triggered if
it passes through other monitoring limits. The velocity monitoring functions re-
main active in CRR mode.
Description Tool 1 is always active in Start-up mode. In Start-up mode, all monitoring func-
tions of the safety configuration that can be activated via safe inputs are deac-
tivated.
(>>> 10.1 "SafeOperation via PROFIsafe (optional)" Page 101)
(>>> 10.2 "SafeOperation via interface X13 (optional)" Page 107)
The following monitoring functions remain active:
Monitoring of the cell area
Monitoring of maximum Cartesian velocity
Monitoring of maximum axis velocity
Workspace monitoring functions that are configured as always active
Monitoring of the workspace-specific velocity in workspaces that are con-
figured as always active
Velocity monitoring in T1
Overview The mastering test is used to check whether the current position of the robot
and the external axes corresponds to a reference position.
If the deviation between the current position and the reference position is too
great, the mastering test has failed. The robot stops with a safety stop 1 and
can only be moved in T1 mode or KRR. If the mastering test run was success-
ful, the robot can be safely monitored using the safety controller.
The position to be monitored is not verified until a mastering test has been car-
ried out. It is advisable to perform the mastering test as quickly as possible.
If, during operation, the mastering test is requested via the external signal, the
mastering test is performed next time the program MasRef_Main.SRC is au-
tomatically called.
1 Tool
2 Actuating plate
3 Reference switch
4 Mechanical mounting fixture for the reference switch
5 Actuated reference switch
Overview The diagram shows an example of the connecting cables of the industrial robot
with connected reference switch. The reference switch is connected via the
reference cable to the robot controller. The maximum hose length is 50 m.
Item Description
1 Robot controller
2 Robot
3 Reference switch XS Ref
4 Reference cable X42 - XS Ref (maximum cable length 50 m)
5 Data cable X21
3 Technical data
Designation Values
Ambient temperature -25 °C to +70 °C
Switching function Break contact
DC operating voltage or HIGH level in the case 24 V
of pulsed operating voltage of the reference
switch
Permissible range for the DC operating voltage 20 to 33 V
or HIGH level for pulsed voltage
Required pulse duty factor T(HIGH):T(LOW) for Min. 4:1
pulsed voltage
Supported pulse duration T(LOW) for pulsed 0.1 to 20 ms
voltage
Operating current (power consumption) without 5 mA
load
Permissible load current max. 250 mA
Permissible switching frequency max. 500 Hz
Permissible switching distance at the proximity 0 to 4 mm
switch surfaces
Short circuit and overload protection, pulsed Yes
Outputs PNP
LOW-active
Dual-channel
LED function indicator Yes
Hysteresis when installed 0.2 to 1 mm
EMC conformity IEC 60947-5-2
Description
Fig. 3-1
Description
Fig. 3-2
4 Safety
4.1 General
4.1.1 Liability
Safety infor- Safety information cannot be held against KUKA Roboter GmbH. Even if all
mation safety instructions are followed, this is not a guarantee that the industrial robot
will not cause personal injuries or material damage.
No modifications may be carried out to the industrial robot without the autho-
rization of KUKA Roboter GmbH. Additional components (tools, software,
etc.), not supplied by KUKA Roboter GmbH, may be integrated into the indus-
trial robot. The user is liable for any damage these components may cause to
the industrial robot or to other material property.
In addition to the Safety chapter, this document contains further safety instruc-
tions. These must also be observed.
The industrial robot is intended exclusively for the use designated in the “Pur-
pose” chapter of the operating instructions or assembly instructions.
Using the industrial robot for any other or additional purpose is considered im-
permissible misuse. The manufacturer cannot be held liable for any damage
resulting from such use. The risk lies entirely with the user.
Operating the industrial robot and its options within the limits of its intended
use also involves observance of the operating and assembly instructions for
Misuse Any use or application deviating from the intended use is deemed to be imper-
missible misuse. This includes e.g.:
Transportation of persons and animals
Use as a climbing aid
Operation outside the permissible operating parameters
Use in potentially explosive environments
Operation without additional safeguards
Outdoor operation
Declaration of The system integrator must issue a declaration of conformity for the complete
conformity system in accordance with the Machinery Directive. The declaration of confor-
mity forms the basis for the CE mark for the system. The industrial robot must
be operated in accordance with the applicable national laws, regulations and
standards.
The robot controller is CE certified under the EMC Directive and the Low Volt-
age Directive.
Declaration of The industrial robot as partly completed machinery is supplied with a declara-
incorporation tion of incorporation in accordance with Annex II B of the EC Machinery Direc-
tive 2006/42/EC. The assembly instructions and a list of essential
requirements complied with in accordance with Annex I are integral parts of
this declaration of incorporation.
The declaration of incorporation declares that the start-up of the partly com-
pleted machinery remains impermissible until the partly completed machinery
has been incorporated into machinery, or has been assembled with other parts
to form machinery, and this machinery complies with the terms of the EC Ma-
chinery Directive, and the EC declaration of conformity is present in accor-
dance with Annex II A.
The declaration of incorporation, together with its annexes, remains with the
system integrator as an integral part of the technical documentation of the
complete machinery.
STOP 0, STOP 1 and STOP 2 are the stop definitions according to EN 60204-
1:2006.
Term Description
Axis range Range of each axis, in degrees or millimeters, within which it may move.
The axis range must be defined for each axis.
Stopping distance Stopping distance = reaction distance + braking distance
The stopping distance is part of the danger zone.
Workspace The manipulator is allowed to move within its workspace. The work-
space is derived from the individual axis ranges.
Operator The user of the industrial robot can be the management, employer or
(User) delegated person responsible for use of the industrial robot.
Danger zone The danger zone consists of the workspace and the stopping distances.
KCP The KCP (KUKA Control Panel) teach pendant has all the operator con-
trol and display functions required for operating and programming the
industrial robot.
The KCP variant for the KR C4 is called KUKA smartPAD. The general
term “KCP”, however, is generally used in this documentation.
Manipulator The robot arm and the associated electrical installations
Safety zone The safety zone is situated outside the danger zone.
Safe operational stop The safe operational stop is a standstill monitoring function. It does not
stop the robot motion, but monitors whether the robot axes are station-
ary. If these are moved during the safe operational stop, a safety stop
STOP 0 is triggered.
The safe operational stop can also be triggered externally.
When a safe operational stop is triggered, the robot controller sets an
output to the field bus. The output is set even if not all the axes were sta-
tionary at the time of triggering, thereby causing a safety stop STOP 0 to
be triggered.
Safety STOP 0 A stop that is triggered and executed by the safety controller. The safety
controller immediately switches off the drives and the power supply to
the brakes.
Note: This stop is called safety STOP 0 in this document.
Safety STOP 1 A stop that is triggered and monitored by the safety controller. The brak-
ing process is performed by the non-safety-oriented part of the robot
controller and monitored by the safety controller. As soon as the manip-
ulator is at a standstill, the safety controller switches off the drives and
the power supply to the brakes.
When a safety STOP 1 is triggered, the robot controller sets an output to
the field bus.
The safety STOP 1 can also be triggered externally.
Note: This stop is called safety STOP 1 in this document.
Safety STOP 2 A stop that is triggered and monitored by the safety controller. The brak-
ing process is performed by the non-safety-oriented part of the robot
controller and monitored by the safety controller. The drives remain acti-
vated and the brakes released. As soon as the manipulator is at a stand-
still, a safe operational stop is triggered.
When a safety STOP 2 is triggered, the robot controller sets an output to
the field bus.
The safety STOP 2 can also be triggered externally.
Note: This stop is called safety STOP 2 in this document.
Term Description
Stop category 0 The drives are deactivated immediately and the brakes are applied. The
manipulator and any external axes (optional) perform path-oriented
braking.
Note: This stop category is called STOP 0 in this document.
Stop category 1 The manipulator and any external axes (optional) perform path-main-
taining braking. The drives are deactivated after 1 s and the brakes are
applied.
Note: This stop category is called STOP 1 in this document.
Stop category 2 The drives are not deactivated and the brakes are not applied. The
manipulator and any external axes (optional) are braked with a path-
maintaining braking ramp.
Note: This stop category is called STOP 2 in this document.
System integrator System integrators are people who safely integrate the industrial robot
(plant integrator) into a complete system and commission it.
T1 Test mode, Manual Reduced Velocity (<= 250 mm/s)
T2 Test mode, Manual High Velocity (> 250 mm/s permissible)
External axis Motion axis which is not part of the manipulator but which is controlled
using the robot controller, e.g. KUKA linear unit, turn-tilt table, Posiflex.
4.2 Personnel
The following persons or groups of persons are defined for the industrial robot:
User
Personnel
All persons working with the industrial robot must have read and un-
derstood the industrial robot documentation, including the safety
chapter.
User The user must observe the labor laws and regulations. This includes e.g.:
The user must comply with his monitoring obligations.
The user must carry out instruction at defined intervals.
Personnel Personnel must be instructed, before any work is commenced, in the type of
work involved and what exactly it entails as well as any hazards which may ex-
ist. Instruction must be carried out regularly. Instruction is also required after
particular incidents or technical modifications.
Personnel includes:
System integrator
Operators, subdivided into:
Start-up, maintenance and service personnel
Operating personnel
Cleaning personnel
System integrator The industrial robot is safely integrated into a complete system by the system
integrator.
System
Tasks Operator Programmer
integrator
Switch robot controller
x x x
on/off
Start program x x x
Select program x x x
Select operating mode x x x
Calibration
x x
(tool, base)
Master the manipulator x x
Configuration x x
Programming x x
Start-up x
Maintenance x
Repair x
Decommissioning x
Transportation x
The danger zone consists of the workspace and the stopping distances of the
manipulator and external axes (optional). It must be safeguarded by means of
physical safeguards to prevent danger to persons or the risk of material dam-
age.
Stop reactions of the industrial robot are triggered in response to operator ac-
tions or as a reaction to monitoring functions and error messages. The follow-
ing tables show the different stop reactions according to the operating mode
that has been set.
The safety controller is a unit inside the control PC. It links safety-relevant sig-
nals and safety-relevant monitoring functions.
Operatin
Use Velocities
g mode
Program verification:
Programmed velocity, maxi-
For test operation, pro- mum 250 mm/s
T1 gramming and teach-
ing Jog mode:
Jog velocity, maximum 250 mm/
s
Program verification:
T2 For test operation Programmed velocity
Jog mode: Not possible
For industrial robots Program mode:
AUT without higher-level Programmed velocity
controllers Jog mode: Not possible
For industrial robots Program mode:
AUT EXT with higher-level con- Programmed velocity
trollers, e.g. PLC Jog mode: Not possible
The operator safety signal is used for interlocking physical safeguards, e.g.
safety gates. Automatic operation is not possible without this signal. In the
event of a loss of signal during automatic operation (e.g. safety gate is
opened), the manipulator stops with a safety stop 1.
Operator safety is not active in the test modes T1 (Manual Reduced Velocity)
and T2 (Manual High Velocity).
The EMERGENCY STOP device for the industrial robot is the EMERGENCY
STOP button on the KCP. The button must be pressed in the event of a haz-
ardous situation or emergency.
Reactions of the industrial robot if the EMERGENCY STOP button is pressed:
The manipulator and any external axes (optional) are stopped with a safe-
ty stop 1.
Before operation can be resumed, the EMERGENCY STOP button must be
turned to release it.
There must always be at least one external EMERGENCY STOP device in-
stalled. This ensures that an EMERGENCY STOP device is available even
when the KCP is disconnected.
(>>> 4.5.7 "External EMERGENCY STOP device" Page 44)
The enabling devices of the industrial robot are the enabling switches on the
KCP.
There are 3 enabling switches installed on the KCP. The enabling switches
have 3 positions:
Not pressed
Center position
Panic position
In the test modes, the manipulator can only be moved if one of the enabling
switches is held in the central position.
Releasing the enabling switch triggers a safety stop 2.
Pressing the enabling switch down fully (panic position) triggers a safety
stop 1.
It is possible, for a short time, to hold 2 enabling switches in the center po-
sition simultaneously. This makes it possible to adjust grip from one en-
abling switch to another one. If 2 enabling switches are held
simultaneously in the center position for a longer period of time, this trig-
gers a safety stop after several seconds.
If an enabling switch malfunctions (jams), the industrial robot can be stopped
using the following methods:
Press the enabling switch down fully
Actuate the EMERGENCY STOP system
Release the Start key
External enabling devices are required if it is necessary for more than one per-
son to be in the danger zone of the industrial robot. They are connected to the
robot controller via the customer interface.
External enabling devices are not included in the scope of supply of the indus-
trial robot.
The safe operational stop can be triggered via an input on the customer inter-
face. The state is maintained as long as the external signal is FALSE. If the
external signal is TRUE, the manipulator can be moved again. No acknowl-
edgement is required.
Safety stop 1 and safety stop 2 can be triggered via an input on the customer
interface. The state is maintained as long as the external signal is FALSE. If
the external signal is TRUE, the manipulator can be moved again. No ac-
knowledgement is required.
The velocity at the TCP is monitored in T1 mode. If, due to an error, the veloc-
ity exceeds 250 mm/s, a safety stop 0 is triggered.
The axis ranges of all manipulator and positioner axes are limited by means of
adjustable software limit switches. These software limit switches only serve as
machine protection and must be adjusted in such a way that the manipulator/
positioner cannot hit the mechanical end stops.
The software limit switches are set during commissioning of an industrial ro-
bot.
The axis ranges of main axes A1 to A3 and wrist axis A5 of the manipulator
are limited by means of mechanical end stops with buffers.
Additional mechanical end stops can be installed on the external axes.
Some manipulators can be fitted with mechanical axis range limitation in axes
A1 to A3. The adjustable axis range limitation systems restrict the working
range to the required minimum. This increases personal safety and protection
of the system.
In the case of manipulators that are not designed to be fitted with mechanical
axis range limitation, the workspace must be laid out in such a way that there
is no danger to persons or material property, even in the absence of mechan-
ical axis range limitation.
If this is not possible, the workspace must be limited by means of photoelectric
barriers, photoelectric curtains or obstacles on the system side. There must be
no shearing or crushing hazards at the loading and transfer areas.
This option is not available for all robot models. Information on spe-
cific robot models can be obtained from KUKA Roboter GmbH.
Some manipulators can be fitted with dual-channel axis range monitoring sys-
tems in main axes A1 to A3. The positioner axes may be fitted with additional
axis range monitoring systems. The safety zone for an axis can be adjusted
and monitored using an axis range monitoring system. This increases person-
al safety and protection of the system.
This option is not available for all robot models. Information on spe-
cific robot models can be obtained from KUKA Roboter GmbH.
Description The release device can be used to move the manipulator manually after an ac-
cident or malfunction. The release device can be used for the main axis drive
motors and, depending on the robot variant, also for the wrist axis drive mo-
tors. It is only for use in exceptional circumstances and emergencies (e.g. for
freeing people).
Procedure 1. Switch off the robot controller and secure it (e.g. with a padlock) to prevent
unauthorized persons from switching it on again.
2. Remove the protective cap from the motor.
3. Push the release device onto the corresponding motor and move the axis
in the desired direction.
The directions are indicated with arrows on the motors. It is necessary to
overcome the resistance of the mechanical motor brake and any other
loads acting on the axis.
All plates, labels, symbols and marks constitute safety-relevant parts of the in-
dustrial robot. They must not be modified or removed.
Labeling on the industrial robot consists of:
Identification plates
Warning labels
Safety symbols
Designation labels
Cable markings
Rating plates
The access of persons to the danger zone of the industrial robot must be pre-
vented by means of safeguards. It is the responsibility of the system integrator
to ensure this.
Physical safeguards must meet the following requirements:
They meet the requirements of EN 953.
They prevent access of persons to the danger zone and cannot be easily
circumvented.
They are sufficiently fastened and can withstand all forces that are likely
to occur in the course of operation, whether from inside or outside the en-
closure.
They do not, themselves, represent a hazard or potential hazard.
The prescribed minimum clearance from the danger zone is maintained.
Safety gates (maintenance gates) must meet the following requirements:
They are reduced to an absolute minimum.
The interlocks (e.g. safety gate switches) are linked to the operator safety
input of the robot controller via safety gate switching devices or safety
PLC.
Switching devices, switches and the type of switching conform to the re-
quirements of Performance Level d and category 3 according to EN ISO
13849-1.
Depending on the risk situation: the safety gate is additionally safeguarded
by means of a locking mechanism that only allows the gate to be opened
if the manipulator is safely at a standstill.
The button for acknowledging the safety gate is located outside the space
limited by the safeguards.
Other safety Other safety equipment must be integrated into the system in accordance with
equipment the corresponding standards and regulations.
The following table indicates the operating modes in which the safety functions
are active.
The industrial robot may only be used in perfect technical condition in accor-
dance with its intended use and only by safety-conscious persons. Operator
errors can result in personal injury and damage to property.
It is important to be prepared for possible movements of the industrial robot
even after the robot controller has been switched off and locked. Incorrect in-
stallation (e.g. overload) or mechanical defects (e.g. brake defect) can cause
the manipulator or external axes to sag. If work is to be carried out on a
switched-off industrial robot, the manipulator and external axes must first be
moved into a position in which they are unable to move on their own, whether
the payload is mounted or not. If this is not possible, the manipulator and ex-
ternal axes must be secured by appropriate means.
KCP The user must ensure that the industrial robot is only operated with the KCP
by authorized persons.
If more than one KCP is used in the overall system, it must be ensured that
each KCP is unambiguously assigned to the corresponding industrial robot.
They must not be interchanged.
External An external keyboard and/or external mouse may only be used if the following
keyboard, conditions are met:
external mouse Start-up or maintenance work is being carried out.
The drives are switched off.
There are no persons in the danger zone.
The KCP must not be used as long as an external keyboard and/or external
mouse are connected.
The external keyboard and/or external mouse must be removed as soon as
the start-up or maintenance work is completed or the KCP is connected.
Faults The following tasks must be carried out in the case of faults in the industrial
robot:
Switch off the robot controller and secure it (e.g. with a padlock) to prevent
unauthorized persons from switching it on again.
Indicate the fault by means of a label with a corresponding warning (tag-
out).
Keep a record of the faults.
Eliminate the fault and carry out a function test.
Modifications After modifications to the industrial robot, checks must be carried out to ensure
the required safety level. The valid national or regional work safety regulations
must be observed for this check. The correct functioning of all safety circuits
must also be tested.
New or modified programs must always be tested first in Manual Reduced Ve-
locity mode (T1).
4.8.2 Transportation
Manipulator The prescribed transport position of the manipulator must be observed. Trans-
portation must be carried out in accordance with the operating instructions or
assembly instructions of the manipulator.
Robot controller The robot controller must be transported and installed in an upright position.
Avoid vibrations and impacts during transportation in order to prevent damage
to the robot controller.
Transportation must be carried out in accordance with the operating instruc-
tions or assembly instructions of the robot controller.
External axis The prescribed transport position of the external axis (e.g. KUKA linear unit,
(optional) turn-tilt table, etc.) must be observed. Transportation must be carried out in ac-
cordance with the operating instructions or assembly instructions of the exter-
nal axis.
Before starting up systems and devices for the first time, a check must be car-
ried out to ensure that the systems and devices are complete and operational,
that they can be operated safely and that any damage is detected.
The valid national or regional work safety regulations must be observed for this
check. The correct functioning of all safety circuits must also be tested.
The passwords for logging onto the KUKA System Software as “Ex-
pert” and “Administrator” must be changed before start-up and must
only be communicated to authorized personnel.
If additional components (e.g. cables), which are not part of the scope
of supply of KUKA Roboter GmbH, are integrated into the industrial
robot, the user is responsible for ensuring that these components do
not adversely affect or disable safety functions.
Function test The following tests must be carried out before start-up and recommissioning:
General test:
4. Calculate the velocity from the length of the path and the time measured
for execution of the motion.
Control of reduced velocity is functioning correctly if the following results are
achieved:
The calculated velocity does not exceed 250 mm/s.
The manipulator executes the path as programmed (i.e. in a straight line,
without deviations).
Machine data It must be ensured that the rating plate on the robot controller has the same
machine data as those entered in the declaration of incorporation. The ma-
chine data on the rating plate of the manipulator and the external axes (option-
al) must be entered during start-up.
Description The industrial robot can be set to Start-up mode via the smartHMI user inter-
face. In this mode, the manipulator can be moved in T1 in the absence of the
safety periphery.
If a connection to a higher-level safety system exists or is established, the ro-
bot controller prevents or terminates Start-up mode.
Misuse Any use or application deviating from the designated use is deemed to be im-
permissible misuse. This includes, for example, use by any other personnel.
KUKA Roboter GmbH accepts no liability for damage or injury caused thereby.
The risk lies entirely with the user.
Manual mode is the mode for setup work. Setup work is all the tasks that have
to be carried out on the industrial robot to enable automatic operation. Setup
work includes:
Jog mode
Teaching
Programming
Program verification
The following must be taken into consideration in manual mode:
If the drives are not required, they must be switched off to prevent the ma-
nipulator or the external axes (optional) from being moved unintentionally.
New or modified programs must always be tested first in Manual Reduced
Velocity mode (T1).
The manipulator, tooling or external axes (optional) must never touch or
project beyond the safety fence.
Workpieces, tooling and other objects must not become jammed as a re-
sult of the industrial robot motion, nor must they lead to short-circuits or be
liable to fall off.
All setup work must be carried out, where possible, from outside the safe-
guarded area.
If the setup work has to be carried out inside the safeguarded area, the follow-
ing must be taken into consideration:
In Manual Reduced Velocity mode (T1):
If it can be avoided, there must be no other persons inside the safeguard-
ed area.
If it is necessary for there to be several persons inside the safeguarded ar-
ea, the following must be observed:
Each person must have an enabling device.
All persons must have an unimpeded view of the industrial robot.
Eye-contact between all persons must be possible at all times.
The operator must be so positioned that he can see into the danger area
and get out of harm’s way.
In Manual High Velocity mode (T2):
This mode may only be used if the application requires a test at a velocity
higher than Manual Reduced Velocity.
Teaching and programming are not permissible in this operating mode.
Before commencing the test, the operator must ensure that the enabling
devices are operational.
The operator must be positioned outside the danger zone.
There must be no other persons inside the safeguarded area. It is the re-
sponsibility of the operator to ensure this.
4.8.5 Simulation
After maintenance and repair work, checks must be carried out to ensure the
required safety level. The valid national or regional work safety regulations
must be observed for this check. The correct functioning of all safety circuits
must also be tested.
The purpose of maintenance and repair work is to ensure that the system is
kept operational or, in the event of a fault, to return the system to an operation-
al state. Repair work includes troubleshooting in addition to the actual repair
itself.
The following safety measures must be carried out when working on the indus-
trial robot:
Carry out work outside the danger zone. If work inside the danger zone is
necessary, the user must define additional safety measures to ensure the
safe protection of personnel.
Switch off the industrial robot and secure it (e.g. with a padlock) to prevent
it from being switched on again. If it is necessary to carry out work with the
robot controller switched on, the user must define additional safety mea-
sures to ensure the safe protection of personnel.
If it is necessary to carry out work with the robot controller switched on, this
may only be done in operating mode T1.
Label the system with a sign indicating that work is in progress. This sign
must remain in place, even during temporary interruptions to the work.
The EMERGENCY STOP systems must remain active. If safety functions
or safeguards are deactivated during maintenance or repair work, they
must be reactivated immediately after the work is completed.
Faulty components must be replaced using new components with the same
article numbers or equivalent components approved by KUKA Roboter GmbH
for this purpose.
Cleaning and preventive maintenance work is to be carried out in accordance
with the operating instructions.
Robot controller Even when the robot controller is switched off, parts connected to peripheral
devices may still carry voltage. The external power sources must therefore be
switched off if work is to be carried out on the robot controller.
The ESD regulations must be adhered to when working on components in the
robot controller.
Voltages in excess of 50 V (up to 780 V) can be present in various components
for several minutes after the robot controller has been switched off! To prevent
life-threatening injuries, no work may be carried out on the industrial robot in
this time.
Water and dust must be prevented from entering the robot controller.
Counterbal- Some robot variants are equipped with a hydropneumatic, spring or gas cylin-
ancing system der counterbalancing system.
Hazardous The following safety measures must be carried out when handling hazardous
substances substances:
Avoid prolonged and repeated intensive contact with the skin.
Avoid breathing in oil spray or vapors.
Clean skin and apply skin cream.
Overview If certain components in the industrial robot are operated, safety measures
must be taken to ensure complete implementation of the principle of “single
point of control” (SPOC).
Components:
Submit interpreter
PLC
OPC Server
Remote control tools
Tools for configuration of bus systems with online functionality
KUKA.RobotSensorInterface
External keyboard/mouse
Since only the system integrator knows the safe states of actuators in the pe-
riphery of the robot controller, it is his task to set these actuators to a safe
state, e.g. in the event of an EMERGENCY STOP.
T1, T2 In the test modes, the components referred to above (with the exception of the
external keyboard/mouse) may only access the industrial robot if the following
signals have the following states:
Submit inter- If motions, (e.g. drives or grippers) are controlled with the Submit interpreter
preter, PLC or the PLC via the I/O system, and if they are not safeguarded by other means,
then this control will take effect even in T1 and T2 modes or while an EMER-
GENCY STOP is active.
If variables that affect the robot motion (e.g. override) are modified with the
Submit interpreter or the PLC, this takes effect even in T1 and T2 modes or
while an EMERGENCY STOP is active.
Safety measures:
In the test modes, the system variable $OV_PRO must not be written to
by the Submit interpreter or the PLC.
Do not modify safety-relevant signals and variables (e.g. operating mode,
EMERGENCY STOP, safety gate contact) via the Submit interpreter or
PLC.
If modifications are nonetheless required, all safety-relevant signals and
variables must be linked in such a way that they cannot be set to a dan-
gerous state by the Submit interpreter or PLC.
OPC server, These components can be used with write access to modify programs, outputs
remote control or other parameters of the robot controller, without this being noticed by any
tools persons located inside the system.
Safety measures:
KUKA stipulates that these components are to be used exclusively for di-
agnosis and visualization.
Programs, outputs or other parameters of the robot controller must not be
modified using these components.
If these components are used, outputs that could cause a hazard must be
determined in a risk assessment. These outputs must be designed in such
a way that they cannot be set without being enabled. This can be done us-
ing an external enabling device, for example.
Tools for configu- If these components have an online functionality, they can be used with write
ration of bus access to modify programs, outputs or other parameters of the robot control-
systems ler, without this being noticed by any persons located inside the system.
WorkVisual from KUKA
Tools from other manufacturers
Safety measures:
In the test modes, programs, outputs or other parameters of the robot con-
troller must not be modified using these components.
External These components can be used to modify programs, outputs or other param-
keyboard/mouse eters of the robot controller, without this being noticed by any persons located
inside the system.
Safety measures:
Only use one operator console at each robot controller.
If the KCP is being used for work inside the system, remove any keyboard
and mouse from the robot controller beforehand.
5 Installation
Hardware KR C4
Procedure 1. Select Start-up > Install additional software in the main menu. All addi-
tional programs installed are displayed.
2. Select the entry SafeOperation and press Uninstall. Reply to the request
for confirmation with Yes. Uninstallation is prepared.
3. Reboot the robot controller. Uninstallation is resumed and completed.
6 Operation
Different functions are available in the KSS, depending on the user group. The
following user groups are relevant for the safety configuration of the robot:
Safety recovery
This user can activate an existing safety configuration of the robot using
an activation code. If no safe option, e.g. KUKA.SafeOperation or KU-
KA.SafeRangeMonitoring, is being used, the safety recovery technician
has more extensive rights. In this case he is authorized, for example, to
configure the standard safety functions.
This user group is protected by means of a password.
Safety maintenance
User group for the start-up technician. This user can edit the safety config-
uration and make safety-relevant changes.
This user group is protected by means of a password.
The safety maintenance technician must be specially trained in the configura-
tion of safety functions. For this, we recommend training courses at KUKA Col-
lege. Information about the training program can be found at www.kuka.com
or can be obtained directly from our subsidiaries.
Button Description
Reset all to default Resets all parameters of the safety configuration
values to the default values.
Reset changes Resets all changes since the last time the config-
uration was saved.
Change log The log of changes to the safety configuration is
displayed.
View The safety-relevant machine data are displayed.
Button Description
Properties The properties of a monitoring space or safe tool
can be defined.
Device management The safety ID of the PROFINET device can be
changed.
Note: Further information is contained in the
Operating and Programming Instructions for
System Integrators.
Global parameters The global parameters of the safety configura-
tion can be defined.
Hardware options The hardware settings can be defined.
Note: Further information is contained in the
Operating and Programming Instructions for
System Integrators.
Check machine data It is possible to check whether the machine data
of the safety configuration are up to date.
Safe operational stop The safe operational stop can be defined.
Save Saves and activates the safety configuration for
the robot.
Touch-up Saves the current robot position as a corner of a
cell area.
OR
Saves the current axis angle as the lower limit or
upper limit of the axis-specific monitoring space.
Touch-up reference Saves the current robot flange position or the
position for group position of the axes of a reference group as a
reference position.
Cell configuration The cell area can be defined.
Back Back to the tab
Parameter Description
Robot Serial number of the robot
Safety controller Version of SafeOperation
Safety controller version (internal)
Parameter data set Checksum of the safety configuration
Time stamp of the safety configuration (date
and time last saved)
Safety configuration version
Activation code of the safety configuration
Parameter Description
Machine data Time stamp of the safety-relevant machine data
(date and time last saved)
Current configuration State of the safe monitoring (activated or de-
activated)
Name of the active bus system
Checksum of the brake test configuration
Number of velocity-monitored axes
Number of monitoring spaces
Number of protected spaces
Number of safe tools
Step Description
1 Set up brake test.
Installing SafeOperation activates the brake test for the robot
controller. The brake test serves as a diagnostic measure for
the robot axis and external axis brakes. The brakes are acti-
vated for the stop reactions safety stop 0 and safety stop 1.
Note: Detailed information is contained in the Operating and
Programming Instructions for System Integrators.
2 Install reference switch and actuating plate.
(>>> 7.3 "Installing the reference switch and actuating plate"
Page 67)
3 Connect the reference switch.
(>>> 7.4 "Connecting a reference switch" Page 67)
4 Only if a safety PLC is being used: configure communication via
the interface.
(>>> 10 "Interfaces to the higher-level controller" Page 101)
5 Master the robot.
Note: Detailed information is contained in the operating and
programming instructions.
6 Activate safe monitoring.
(>>> 7.5 "Activating safe monitoring" Page 68)
7 Define global parameters.
Mastering test input
Cartesian velocity monitoring functions
(>>> 7.6 "Defining global parameters" Page 68)
8 Define monitoring spaces.
(>>> 7.7 "Defining a cell area" Page 70)
(>>> 7.8 "Defining Cartesian monitoring spaces" Page 72)
(>>> 7.9 "Defining axis-specific monitoring spaces" Page 75)
9 Define axis-specific velocity monitoring.
(>>> 7.10 "Defining axis-specific velocity monitoring" Page 79)
(>>> 7.11 "Defining the safe operational stop" Page 82)
10 Define safe tools.
(>>> 7.12 "Defining safe tools" Page 84)
11 Program mastering test.
(>>> 8.2 "Programming a mastering test" Page 97)
12 Define reference position.
(>>> 7.13 "Defining the reference position" Page 87)
13 Only if the reference switch is actuated by the tool: Check refer-
ence position.
(>>> 7.14 "Checking the reference position (actuation with
tool)" Page 89)
Step Description
14 Save safety configuration.
(>>> 7.15 "Saving the safety configuration" Page 90)
15 Perform mastering test.
(>>> 7.16 "Performing a mastering test manually" Page 91)
16 Carry out safety acceptance.
(>>> 7.18 "Safety acceptance overview" Page 94)
(>>> 7.17 "Testing safety parameters" Page 91)
17 Archive safety configuration.
Note: Detailed information is contained in the operating and
programming instructions.
18 Only if a new safety configuration is being activated: compare
the displayed checksum with the expected checksum in the
checklist for safe functions.
(>>> 7.19 "Activating a new safety configuration" Page 95)
Precondition The robot controller is switched off and secured to prevent unauthorized
persons from switching it on again.
The position of the reference switch is within the motion range of the robot.
The position of the reference switch and actuating plate does not interfere
with the work sequence of the robot.
Procedure 1. Prepare a mechanical mounting fixture for mounting the reference switch.
(>>> 3.3 "Reference switch hole pattern" Page 32)
2. Attach the reference switch to the mounting fixture.
3. If the actuating plate is being used, fasten the actuating plate to the robot
flange or tool.
Example
1 Robot
2 Actuating plate on tool
3 Tool
4 Reference switch on mounting fixture
Precondition The robot controller is switched off and secured to prevent unauthorized
persons from switching it on again.
Reference switch is installed.
Reference cable X42 - XS Ref (maximum cable length 50 m)
Description
Parameter Description
Safe monitoring Check box activated = safe monitoring is acti-
vated.
Check box deactivated = safe monitoring is
deactivated.
Default: Check box deactivated
Mastering test input at cabinet = reference switch is connected to
the robot controller.
via ProfiSafe = reference switch is connected
via PROFIsafe.
Default: at cabinet
Cartesian maximum Limit value for maximum Cartesian velocity (not
velocity space-dependent)
0.5 … 30,000 mm/s
Default: 10,000 mm/s
Parameter Description
Reduced Cartesian Limit value for safely reduced Cartesian velocity
velocity
0.5 … 30,000 mm/s
Default: 30,000 mm/s
Reduced Cartesian Limit value for safely reduced Cartesian velocity
velocity T1 in T1 mode
0.5 … 250 mm/s
Default: 250 mm/s
Procedure 1. Select the Monitoring spaces tab and press Cell area configuration.
The Cell area configuration window is opened.
2. Enter the upper and lower bounds of the cell area.
3. Select a corner from the list.
The parameters of the corner are displayed.
4. If required, activate the corner by means of the check box (set the check
mark).
The taught point refers to $WORLD and the tool $TOOL that is being
used.
Description
Parameter Description
Reference system Reference coordinate system
$WORLD
Z min Lower limit of the cell area
-30,000 mm … +30,000 mm
Default: -30,000 mm
Z max Upper limit of the cell area
-30,000 mm … +30,000 mm
Default: 30,000 mm
Parameter Description
Activated Check box activated = corner of cell area is
activated.
(corner)
Check box deactivated = corner of cell area is
deactivated.
Default corner 1 to 4: Check box active
Default corner 5 to 10: Check box deactivated
X, Y X, Y coordinate of corner 1 to 10 relative to the
WORLD coordinate system
(corner)
-30,000 mm … +30,000 mm
Default corner 1 or 4: +30,000 mm
Default corner 2 or 3: -30,000 mm
Default corner 5 to 10: 0 mm
Procedure 1. Select the Monitoring spaces tab and select the monitoring space from
the list.
The parameters of the monitoring space are displayed.
2. Enter the name of the monitoring space (max. 24 characters).
3. Select the space type Cartesian space and set the parameters of the
monitoring space.
4. Press Properties.
The Cartesian properties of [NameMonitoringSpace] window is opened.
5. Select the reference coordinate system and enter Cartesian positions.
Monitoring space
Parameter Description
Type Type of monitoring space
Working space = monitoring space is a work-
space.
Protected space = monitoring space is a pro-
tected space.
Default: Workspace
Activation Activation of monitoring space
Inactive = monitoring space is not active.
Always active = monitoring space is always
active.
by input = monitoring space is activated by a
safe input.
If interface X13 is used, safe inputs are only
available for monitoring spaces 12 … 16.
(>>> 10.2 "SafeOperation via interface X13
(optional)" Page 107)
Default: Inactive
Space type Type of monitoring space
Cartesian space = Cartesian monitoring space
Axis space = axis-specific monitoring space
Default: Cartesian space
Stop at boundaries A stop is triggered if the space is violated.
Check box activated = robot stops if the moni-
toring space limits are exceeded.
Check box deactivated = robot does not stop if
the monitoring space limits are exceeded.
Default: Check box activated
V max Limit value of the space-specific velocity
0.5 … 30,000 mm/s
Default: 30,000 mm/s
Vmax valid if Validity of the space-specific velocity
Deactivated = space-specific velocity is not
monitored.
Space not violated = space-specific velocity is
monitored if the monitoring space is not violated.
Space violated = space-specific velocity is mon-
itored if the monitoring space is violated.
Default: Deactivated
Stop if mastering test Activation of reference stop
not yet done
Check box activated = reference stop is acti-
vated for the monitoring space.
Check box deactivated = reference stop is
deactivated for the monitoring space.
Default: Check box deactivated
Properties
Defining properties:
Parameter Description
Reference system Reference coordinate system
$WORLD
$ROBROOT
Default: $WORLD
Origin X, Y, Z Offset of the origin of the Cartesian monitoring
space in X, Y and Z relative to the selected refer-
ence coordinate system.
-30,000 mm … +30,000 mm
Default: 0 mm
Parameter Description
Origin A, B, C Orientation in A, B and C at the origin of the Car-
tesian monitoring space relative to the selected
reference coordinate system.
Origin A, C:
-180° … +180°
Origin B:
-90° … +90°
Default: 0°
Distance to origin Minimum X, Y and Z coordinates of the Carte-
sian monitoring space relative to the origin
XMin, YMin, ZMin
-30,000 mm … +30,000 mm
Default: 0 mm
Distance to origin Maximum X, Y and Z coordinates of the Carte-
sian monitoring space relative to the origin
XMax, YMax, ZMax
-30,000 mm … +30,000 mm
Default: 0 mm
Example The example shows a Cartesian monitoring space whose origin is offset in the
X, Y and Z directions (yellow arrow) relative to the $ROBROOT system. The
orientation A, B, C at the origin of the Cartesian monitoring space is identical
to the orientation at the origin of $ROBROOT.
Procedure 1. Select the Monitoring spaces tab and select the monitoring space from
the list.
The parameters of the monitoring space are displayed.
2. Enter the name of the monitoring space (max. 24 characters).
3. Select the space type Axis space and set the parameters of the monitor-
ing space.
4. Press Properties.
The Axis-specific properties of [NameMonitoringSpace] window is
opened.
5. Select axis from the list.
The axis-specific properties are displayed.
6. Activate monitoring by means of the check box (set the check mark).
7. Move the axis to the upper axis limit in axis-specific mode.
8. Press Touch-up to save the current axis position.
9. Move the axis to the lower axis limit in axis-specific mode.
10. Press Touch-up to save the current axis position.
11. Repeat steps 5 to 10 to define the axis limits for additional axis ranges.
Monitoring space
Parameter Description
Type Type of monitoring space
Working space = monitoring space is a work-
space.
Protected space = monitoring space is a pro-
tected space.
Default: Workspace
Activation Activation of monitoring space
Inactive = monitoring space is not active.
Always active = monitoring space is always
active.
by input = monitoring space is activated by a
safe input.
If interface X13 is used, safe inputs are only
available for monitoring spaces 12 … 16.
(>>> 10.2 "SafeOperation via interface X13
(optional)" Page 107)
Default: Inactive
Space type Type of monitoring space
Cartesian space = Cartesian monitoring space
Axis space = axis-specific monitoring space
Default: Cartesian space
Stop at boundaries A stop is triggered if the space is violated.
Check box activated = robot stops if the moni-
toring space limits are exceeded.
Check box deactivated = robot does not stop if
the monitoring space limits are exceeded.
Default: Check box activated
V max Limit value of the space-specific velocity
0.5 … 30,000 mm/s
Default: 30,000 mm/s
Vmax valid if Validity of the space-specific velocity
Deactivated = space-specific velocity is not
monitored.
Space not violated = space-specific velocity is
monitored if the monitoring space is not violated.
Space violated = space-specific velocity is mon-
itored if the monitoring space is violated.
Default: Deactivated
Stop if mastering test Activation of reference stop
not yet done
Check box activated = reference stop is acti-
vated for the monitoring space.
Check box deactivated = reference stop is
deactivated for the monitoring space.
Default: Check box deactivated
Properties
Icon Description
Icon for rotational and infinitely rotating axes
Defining properties:
Parameter Description
Monitoring Check box activated = axis limits are activated
for the monitoring space.
Check box deactivated = axis limits are deacti-
vated for the monitoring space.
Default: Check box deactivated
Lower limit The lower limit of an axis-specific workspace
must be at least 0.5° or 1.5 mm less than the
(lower axis limit)
upper limit.
The axis-specific protected space is dependent
on the maximum axis velocity. A defined mini-
mum size for the axis-specific protected space is
derived from the maximum axis velocity; the size
must not fall below this value. If this minimum
value is violated, a message is displayed.
Rotational axes:
-360° … +360°
Linear axes:
-30,000 mm … +30,000 mm
Default value for rotational axes: -360°
Default value for linear axes: -30,000 mm
Current position Axis-specific actual position (display only)
Red: axis position not allowed, as monitoring
space is violated
Green: axis position allowed
Upper limit The upper limit of an axis-specific workspace
must be at least 0.5° or 1.5 mm greater than the
(upper axis limit)
lower limit.
The axis-specific protected space is dependent
on the maximum axis velocity. A defined mini-
mum size for the axis-specific protected space is
derived from the maximum axis velocity; the size
must not fall below this value. If this minimum
value is violated, a message is displayed.
Rotational axes:
-360° … +360°
Linear axes:
-30,000 mm … +30,000 mm
Default value for rotational axes: 360°
Default value for linear axes: 30,000 mm
Description
Parameter Description
Monitoring Check box activated = axis is monitored.
Check box deactivated = axis is not monitored.
Default: Check box deactivated
Reduced velocity Limit value for safely reduced axis velocity
Rotational axes:
0.5 … 5,000°/s
Linear axes:
1.5 … 10,000 mm/s
Default value for rotational axes: 5,000°/s
Default value for linear axes: 10,000 mm/s
Reduced velocity T1 Limit value for safely reduced axis velocity in T1
mode
Rotational axes:
0.5 … 100°/s
Linear axes:
1.5 … 250 mm/s
Default value for rotational axes: 100°/s
Default value for linear axes: 250 mm/s
Safe operational stop Check box activated = safe operational stop is
activated.
Check box deactivated = safe operational stop
is not activated.
Default: Check box deactivated
The safe operational stop cannot be activated
here. The check box is automatically activated if
safe operational stop has been defined for an
axis.
Parameter Description
Maximum velocity Limit value for maximum velocity for rotational
rotational axis axes
0.5 … 5,000°/s
Default: 1,000°/s
The axis-specific protected space is dependent
on the maximum axis velocity. A defined mini-
mum size for the axis-specific protected space is
derived from the maximum axis velocity; the size
must not fall below this value. If this minimum
value is violated, a message is displayed.
Maximum velocity Limit value for maximum velocity for translational
translational axis axes
0.5 … 30,000 mm/s
Default: 5,000 mm/s
The axis-specific protected space is dependent
on the maximum axis velocity. A defined mini-
mum size for the axis-specific protected space is
derived from the maximum axis velocity; the size
must not fall below this value. If this minimum
value is violated, a message is displayed.
Procedure 1. Select the Axis monitoring tab and press Safety stop.
The Safety stop window is opened.
2. Select axis from the list.
3. Activate one or more axis groups in which the axis is to be monitored by
activating the corresponding check box (set the check mark).
4. Enter the axis angle or distance tolerance.
5. Repeat steps 2 to 4 to define further monitoring functions.
Description
Parameter Description
Monitoring in axis Safe operational stop for axis group 1 … 6
groups 1-6
Check box activated = safe operational stop is
activated for the axis.
Check box deactivated = safe operational stop
is not activated for the axis.
Default: Check box deactivated
If interface X13 is used, safe inputs are only
available for axis group 1 … 2.
(>>> 10.2 "SafeOperation via interface X13
(optional)" Page 107)
Axis angle tolerance Limit value for the axis angle or distance toler-
ance for standstill monitoring
Rotational axes:
0.001° … 1°
Linear axes:
0.003 … 3 mm
Default value for rotational axes: 0.01°
Default value for linear axes: 0.01 mm
Procedure 1. Select the Tools tab and select a tool from the list.
The parameters of the safe tool are displayed.
2. Activate the safe tool via the check box (set the check mark) and enter a
name for the tool (max. 24 characters).
3. Define the safe TCP of the tool.
4. Press Properties.
The Properties of [NameTool] window is opened.
5. Select a sphere from the list and activate monitoring via the check box (set
the check mark).
6. Enter the coordinates of the center of the sphere and the radius of the
sphere.
7. Repeat steps 5 to 6 to define additional spheres for the safe tool.
Tool
Parameter Description
Activation Check box activated = safe tool is activated.
Check box deactivated = safe tool is deacti-
vated.
Default tool 1: check box activated
Default tool 2 to 16: check box deactivated
If interface X13 is used, tool 1 is always active. A
tool change is not possible.
(>>> 10.2 "SafeOperation via interface X13
(optional)" Page 107)
TCP X, Y, Z X, Y and Z coordinates of the safe TCP relative
to the velocity monitoring
-10,000 mm … +10,000 mm
Default: 0 mm
Properties
Defining properties:
Parameter Description
Monitoring Check box activated = sphere is monitored.
Check box deactivated = sphere is not moni-
tored.
Default sphere 1: Check box activated
Default spheres 2 to 6: Check box deactivated
Parameter Description
X, Y, Z X, Y and Z coordinates of the sphere center
point at the safe tool relative to the FLANGE
coordinate system
-10,000 mm … +10,000 mm
Default: 0 mm
Radius Radius of the sphere at the safe tool
0 … 10,000 mm
Default: 250 mm
The radius is dependent on the maximum Carte-
sian velocity. A defined minimum value for the
radius is derived from the maximum Cartesian
velocity; the radius must not be less than this
value. If this minimum value is violated, a mes-
sage is displayed.
Description
Parameter Description
Reference group Each axis that is to be subjected to safe monitor-
ing must be assigned to a reference group.
Robot axes are always assigned to reference
group 1. External axes can be assigned to other
reference groups, but also to reference group 1,
e.g. in the case of a KL.
1: robot axes
1 … 3: external axes
Default: 1
Reference position Axis-specific coordinates of the reference posi-
tion
To monitor the mastering, the axis angles of the
robot axes are defined for a specific Cartesian
reference position. During the mastering test, the
robot moves to the Cartesian reference position
and the actual position of the axes is compared
with the command position.
Rotational axes:
-360° … +360°
Linear axes:
-30,000 mm … +30,000 mm
Default value for rotational axes: 45°
Default value for linear axes: 1,000 mm
Current position Axis-specific actual position (display only)
Red: reference position not allowed, as too
near mastering position
Green: reference position allowed
Mastering position The axis angles at the mastering position are
defined in the machine data. (display only)
Cartesian reference X, Y and Z coordinates of the Cartesian refer-
position X, Y, Z ence position relative to the WORLD coordinate
system (display for reference group 1)
The coordinates of the Cartesian reference posi-
tion refer to the center point of the mounting
flange.
-30,000 mm … +30,000 mm
Default: 0 mm
Procedure 1. Press Save and answer the request for confirmation with Yes.
The safety configuration is saved on the hard drive and the checksum of
the safety configuration is saved to the RDC.
The robot controller is automatically reinitialized.
2. The checksum and activation code of the safety configuration are dis-
played on the General tab.
Note the checksum and activation code in the checklist for safe functions.
(>>> 13.1.3 "Checklist for safe functions" Page 115)
Procedure Select and execute the program MasRef_Main.SRC to the end of the pro-
gram.
The configured velocity limits, the limits of the monitoring spaces and the
space-specific velocities must be checked with override reduction deactivated.
For this, the following variables must be set to FALSE in $CUSTOM.DAT:
$SR_VEL_RED
$WORKSPACE_RED
To check the configured limits, the space and velocity limits are deliberately
exceeded by means of test programs. If the safety configuration stops the ro-
bot, the limits are correctly configured.
If the robot is stopped by the safety controller, a message with message num-
ber 15xxx is displayed. If no message is displayed, or if a message from a dif-
ferent number range is displayed, the safety controller must be checked.
Procedure 1. Configure reduced Cartesian velocity for T1, reduced Cartesian velocity
and maximum Cartesian velocity.
(>>> 7.6 "Defining global parameters" Page 68)
2. Create a test program in which the Cartesian velocity is to be exceeded
deliberately, e.g. configured with 1000 mm/s, moved at 1100 mm/s.
When testing the Cartesian velocity on a KL, the linear unit must also
be moved.
Calculation of The axis velocity $VEL_AXIS[x] is calculated using the following formula:
$VEL_AXIS $VEL_AXIS[x] = (VTest / Vmax) * 100 = (200 °/s / 360 °/s) * 100 = 56
Element Description
x Number of the axis
Vtest Test velocity
Unit: °/s
Vmax Maximum axis velocity
Unit: °/s
...
PTP {A1 -30}
HALT
$VEL_AXIS[1] = 56
PTP {A1 30}
...
Description The configuration of the boundaries and the space-specific velocity must be
checked. If “Stop at boundaries” is not configured, an alarm space is used for
this.
The space surfaces can have any orientation. The robot must be moved to
each of the 6 space surfaces of a Cartesian monitoring space in three different
positions to check whether the limits have been programmed correctly. An ex-
ception is made here for space surfaces that cannot be addressed due to cir-
cumstances in the system.
The cell area is a Cartesian monitoring space and is tested in the same way.
Depending on the configuration, the cell area consists of 5, 6 or more space
surfaces. Here, once again, each accessible space surface must be ad-
dressed in 3 different positions.
Description The configuration of the boundaries and the space-specific velocity must be
checked. If “Stop at boundaries” is not configured, an alarm space is used for
this.
SafeOperation must not be put into operation until the safety acceptance pro-
cedure has been completed successfully. For successful safety acceptance,
the points in the checklists must be completed fully and confirmed in writing.
4. Only in the user group “Safety Recovery”: enter the activation code and
press Activate again.
8 Programming
The distance from the supplied reference switch must not exceed
2 mm. If the distance is greater, the reference switch will not be actu-
ated.
Line Description
5 Program the motion to the reference position of reference
group 1 and teach the reference position.
10 Program the motion to the reference position of reference
group 2 and teach the reference position.
15 Program the motion to the reference position of reference
group 3 and teach the reference position.
20 Teach the motion away from the reference position of refer-
ence group 1.
25 Teach the motion away from the reference position of refer-
ence group 2.
30 Teach the motion away from the reference position of refer-
ence group 3.
9 System variables
Description The variables for override reduction can be modified in the $CUSTOM.DAT
file, in a KRL program or via the variable correction function. If a variable is
modified, an advance run stop is triggered.
Variable Description
$SR_OV_RED Maximum velocity limit with override reduction activated for
the velocity.
The percentage value refers to the lowest activated velocity
limit.
10 … 95 %
Default: 95 %
$SR_VEL_RED Override reduction for the velocity
TRUE = override reduction is activated.
FALSE = override reduction is not activated.
Default: TRUE
$SR_WORKSPACE_RED Override reduction for monitoring spaces
TRUE = override reduction is activated.
FALSE = override reduction is not activated.
Default: FALSE
Variable Description
$MASTERINGTEST_REQ_INT Internal request of the mastering test from the safety control-
ler
TRUE = mastering test is requested.
FALSE = mastering test is not requested.
Default: FALSE
$MASTERINGTEST_REQ_EXT External request for mastering test, e.g. from the safety PLC
TRUE = mastering test is requested.
FALSE = mastering test is not requested.
Default: FALSE
Note: This signal is declared in the file KRC:\ROBOTER\
KRC\STEU\MADA\$MACHINE.DAT and must be assigned
to a suitable input.
$MASTERINGTESTSWITCH_O Check of the function of the reference switch
K
TRUE = reference switch is OK.
FALSE = reference switch is defective.
Default: TRUE
Variable Description
$SR_ACTIVETOOL Number of the active safe tool
0: no safe tool or multiple safe tools are selected.
1 … 16: safe tool 1 … 16 is active.
$SR_AXISSPEED_OK Reduced axis acceleration exceeded
TRUE = axis velocity has not been exceeded.
FALSE = axis velocity has been exceeded.
The variable is set to FALSE when the excessive value is
detected and then set immediately back to TRUE.
$SR_CARTSPEED_OK Cartesian velocity exceeded
TRUE = Cartesian velocity has not been exceeded.
FALSE = Cartesian velocity has been exceeded.
The variable is set to FALSE when the excessive value is
detected and then set immediately back to TRUE.
$SR_DRIVES_ENABLE Enabling of the drives by the safety controller
TRUE = drives are enabled.
FALSE = drives are not enabled.
$SR_MOVE_ENABLE Enabling by the safety controller
TRUE = motion enable
FALSE = no motion enable
$SR_SAFEMON_ACTIVE Status of the safe monitoring
TRUE = monitoring is activated.
FALSE = monitoring is not activated.
$SR_SAFEOPSTOP_ACTIVE[In Status of the safe operational stop
dex]
TRUE = safe operational stop is activated.
FALSE = safe operational stop is not activated.
Index:
1: status of the global safe operational stop (all axes)
The global operational stop is a standard safety function
of PROFIsafe. (Input byte 1, bit 1, safe operational stop)
2 … 7: status of the safe operational stop in relation to
axis group 1 … 6 (safe operational stop 1 …safe opera-
tional stop 6)
$SR_SAFEOPSTOP_OK Violation of an externally activated operational stop
TRUE = no violation
FALSE = safe operational stop has been violated.
$SR_SAFEREDSPEED_ACTIVE Status of the monitoring of the reduced velocity
TRUE = monitoring is activated.
FALSE = monitoring is not activated.
Reserved bits Reserved safe inputs can be pre-assigned by a PLC with the values 0 or 1. In
both cases, the robot will move. If a safety function is assigned to a reserved
input (e.g. in the case of a software update) and if this input is preset with the
value 0, then the robot would either not move or would unexpectedly come to
a standstill.
Input byte 2
Bit Signal Description
0 JR Mastering test (input for mastering test refer-
ence switch)
0 = reference switch is active (actuated).
1 = reference switch is not active (not actu-
ated).
1 VRED Reduced axis-specific and Cartesian velocity
(activation of reduced velocity monitoring)
0 = reduced velocity monitoring is active.
1 = reduced velocity monitoring is not active.
2…7 SBH1 … 6 Safe operational stop for axis group 1 ... 6
Assignment: Bit 2 = axis group 1 … bit 7 = axis
group 6
Signal for safe operational stop. The function
does not trigger a stop, it only activates the safe
standstill monitoring. Cancelation of this func-
tion does not require acknowledgement.
0 = safe operational stop is active.
1 = safe operational stop is not active.
Input byte 3
Bit Signal Description
0…7 RES Reserved 25 ... 32
The value 1 must be assigned to the inputs.
Input byte 4
Bit Signal Description
0…7 UER1 … 8 Monitoring spaces 1 … 8
Assignment: Bit 0 = monitoring space 1 … bit 7
= monitoring space 8
0 = monitoring space is active.
1 = monitoring space is not active.
Output byte 3
Bit Signal Description
0…7 RES Reserved 25 ... 32
Description Some signal states are extended to ensure that they can be detected reliably.
In the case of extended signal states, the minimum duration of the extension
is specified in square brackets. Values are specified in milliseconds, e.g. [200].
Output byte 6
Bit Signal Description
0…7 UER9 … 16 Monitoring spaces 9 … 16 (optional)
Assignment: Bit 0 = monitoring space 9 … bit 7
= monitoring space 16
0 = monitoring space is not active.
1 = monitoring space is active.
Output byte 7
Bit Signal Description
0…7 UERV1 … 8 Violation of monitoring spaces 1 … 8 (optional)
Assignment: Bit 0 = monitoring space 1 … bit 7
= monitoring space 8
0 = monitoring space not violated
1 = monitoring space violated [200]
Output byte 8
Bit Signal Description
0…7 UERV9 … 16 Violation of monitoring spaces 9 … 16
(optional)
Assignment: Bit 0 = monitoring space 9 … bit 7
= monitoring space 16
0 = monitoring space not violated
1 = monitoring space violated [200]
Inputs
Signal Description
VRED Reduced axis-specific and Cartesian velocity (activation of
reduced velocity monitoring)
0 = reduced velocity monitoring is active.
1 = reduced velocity monitoring is not active.
SBH1 … 2 Safe operational stop for axis group 1 ... 2
Signal for safe operational stop. The function does not trig-
ger a stop, it only activates the safe standstill monitoring.
Cancelation of this function does not require acknowledge-
ment.
0 = safe operational stop is active.
1 = safe operational stop is not active.
UER12 … Monitoring spaces 12 … 16
16
0 = monitoring space is active.
1 = monitoring space is not active.
Outputs
Signal Description
SO SafeOperation active
SafeOperation activation status
0 = SafeOperation is not active.
1 = SafeOperation is active.
RR Robot referenced
Mastering test display
0 = mastering test required.
1 = mastering test performed successfully.
MR1 … 6 Alarm space 1 … 6
Alarm space 1 (associated monitoring space 1) … alarm
space 6 (associated monitoring space 8)
0 = space is violated.
1 = space is not violated.
11 Diagnosis
12 Messages
13 Appendix
13.1 Checklists
The checklist must be completed and confirmed in writing by the system build-
er.
Place, date
Signature
Remarks:
Place, date
Signature
Specified value:
Value specified by cell planner, design engineer
Configured value:
Value entered in the safety configuration
Test value:
Value with which the test was carried out
Place, date
Signature
Place, date
Signature
Precondition The monitoring spaces that can be activated by means of safe inputs have
been deactivated.
The surfaces arising from the configuration must be violated one after the oth-
er to demonstrate the correct configuration of the cell area.
No. Activity Yes Not relevant
1 Has the limit in the Z direction been configured correctly?
Z min: ____________mm
Z max: ____________mm
Place, date
Signature
Place, date
Signature
Place, date
Signature
Place, date
Signature
14 KUKA Service
Introduction The KUKA Roboter GmbH documentation offers information on operation and
provides assistance with troubleshooting. For further assistance, please con-
tact your local KUKA subsidiary.
Availability KUKA Customer Support is available in many countries. Please do not hesi-
tate to contact us if you have any questions.
Index
Symbols Brake defect 48
$MASTERINGTEST_REQ_EXT 99 Braking distance 8, 37
$MASTERINGTEST_REQ_INT 99 Buttons, overview 61
$MASTERINGTESTSWITCH_OK 99
$ROBROOT, special cases 15 C
$SR_ACTIVETOOL 100 Cartesian monitoring spaces, defining 72
$SR_AXISSPEED_OK 100 Cartesian monitoring spaces, testing 93
$SR_CARTSPEED_OK 100 Cartesian protected spaces 18
$SR_DRIVES_ENABLE 100 Cartesian velocity, maximum 69, 91
$SR_MOVE_ENABLE 100 Cartesian velocity, reduced 70, 91
$SR_OV_RED 25, 99 Cartesian velocity, reduced for T1 70, 91
$SR_SAFEMON_ACTIVE 100 Cartesian velocity, testing 91
$SR_SAFEOPSTOP_ACTIVE 100 Cartesian workspaces 17
$SR_SAFEOPSTOP_OK 100 CE mark 36
$SR_SAFEREDSPEED_ACTIVE 100 Cell area 10, 13, 16, 17
$SR_VEL_RED 24, 99 Cell area, defining 70
$SR_WORKSPACE_RED 25, 99 Change log 63
Checking the reference position 89
Numbers Checklist, Cartesian monitoring spaces 123
2004/108/EC 57 Checklist, configuration of axis-specific monito-
2006/42/EC 57 ring spaces 125
89/336/EEC 57 Checklist, configuration of safe tools 127
95/16/EC 57 Checklist, configuration of the cell area 122
97/23/EC 57 Checklist, configuration of the safe operational
stop 121
A Checklist, robot and system 115
Accessories 35 Checklist, safe functions 115
Activating a new safety configuration 95 Checklist, velocity limits 118
Activation code, safety configuration 62 Checklists 115
Activation, monitoring space 73, 77 Checksum, brake test configuration 63
Activation, reference stop 73, 77 Checksum, safety configuration 62
Actuating plate, hole pattern 32 Cleaning work 54
Actuating plate, installation 67 Components 11
Alarm space 8 Connecting cables 35
Ambient temperature, reference switch 31 Connecting cables, overview 28
Appendix 115 Connecting, reference switch 67
Applied norms and regulations 57 Coordinate systems 14
Areas of application 11 Coordinate systems, angles 15
Automatic mode 53 Coordinate systems, orientation 15
Axis angle tolerance 84 Counterbalancing system 54
Axis angle, lower limit 79 Criteria, reference position 27
Axis angle, upper limit 79 CRR 8, 25
Axis limit 8, 19, 20
Axis range 8, 19, 20, 37 D
Axis range limitation 46 Danger zone 8, 37
Axis range monitoring 46 Declaration of conformity 36
Axis velocity, maximum 82, 92 Declaration of incorporation 35, 36
Axis velocity, reduced 24, 81, 92 Decommissioning 55
Axis velocity, reduced for T1 81, 92 Diagnosis 109
Axis velocity, testing 92 Diagnosis, variables 100
Axis-specific monitoring spaces, defining 75 Diagnostic monitor (menu item) 109
Axis-specific monitoring spaces, testing 94 Diagnostic signals via PROFINET 103
Axis-specific protected spaces 20 Directives 130
Axis-specific velocity monitoring, defining 79 Displaying information, safety configuration 62
Axis-specific workspaces 19 Displaying machine data 63
Displaying, change log 63
B Disposal 55
BASE coordinate system 14 Documentation, industrial robot 7
E Knowledge, required 7
EC declaration of conformity 36 KUKA Customer Support 131
EMC conformity, reference switch 31 KUKA smartPAD 37
EMC Directive 36, 57
EMERGENCY STOP button 43, 51 L
EMERGENCY STOP device 43, 44, 48 Labeling 47
EMERGENCY STOP, external 44, 51 Liability 35
EMERGENCY STOP, local 51 Linear unit 35
EN 60204-1 57 Low Voltage Directive 36
EN 61000-6-2 57
EN 61000-6-4 57 M
EN 614-1 57 Machine data 51, 63
EN ISO 10218-1 57 Machinery Directive 36, 57
EN ISO 12100-1 57 Maintenance 54
EN ISO 12100-2 57 Manipulator 35, 37, 40
EN ISO 13849-1 57, 130 Manual mode 52
EN ISO 13849-2 57 Mastering position, reference position 89
EN ISO 13850 57 Mastering test 8
Enabling device 44, 48 Mastering test input 69
Enabling device, external 45 Mastering test, overview 26
Enabling switches 44 Mastering test, performing manually 91
Error messages 111 Mastering test, programming 97
External axes 35, 38 Mastering test, variables 99
Mechanical axis range limitation 46
F Mechanical end stops 46
Faults 49 Messages 111
FLANGE coordinate system 15 Mode selection 41, 42
Function test 50 Monitoring space 10
Functional principle 12 Monitoring space, axis-specific 75
Functions, SafeOperation 11 Monitoring space, Cartesian 72
Monitoring spaces 12
G Monitoring time 8
General safety measures 48 Monitoring, velocity 45
Global parameters, defining 68 Mouse, external 49
Guard interlock 42
N
H Norms 130
Hardware components, scope of supply 11
Hazardous substances 55 O
Hole pattern, actuating plate 32 Operating current, reference switch 31
Hole pattern, reference switch 32 Operating voltage, reference switch 31
Hysteresis, reference switch 31 Operation 61
Operator 37, 39
I Operator safety 41, 42, 48
I/Os, interface X13 107 Options 35
Industrial robot 35 Outputs, reference switch 31
Installation 59 Overload 48
Installation, SafeOperation 59 Override reduction 24
Intended use 35 Override reduction, variables 99
Interface, X13 107 Overview, buttons 61
Interface, X13 12 Overview, SafeOperation 11
Interfaces 101 Overview, safety acceptance 94
Introduction 7 Overview, start-up 65
J P
Jog mode 45, 48 Panic position 44
Performance Level 41
K Permissible load current, reference switch 31
KCP 37, 49 Permissible switching distance, reference switch
Keyboard, external 49 31
KL 8 Permissible switching frequency, reference swit-
U
Uninstallation, SafeOperation 59
Update, SafeOperation 59
Use, contrary to intended use 35
Use, improper 35
User 37, 38
User groups 61
V
Velocity monitoring 45
Velocity monitoring functions 23
Velocity monitoring, axis-specific 79
Velocity, space-specific 22
Version, SafeOperation 62
Version, safety configuration 62
W
Warnings 7
Working range limitation 46
Workspace 8, 12, 17, 19, 37, 39, 40
WORLD coordinate system 14