Various processes and robotic equipment may be used to facilitate product manufacturing and assembly, such as but not limited to products such as vehicles or onboard systems. Automated manufacturing cells may be laid out on a plant floor to streamline production. To ensure plant floor safety, the perimeter of a given cell is typically closely monitored and access thereto is guarded using fences and various safety sensors and components, e.g., push-button or E-Stop devices, light curtains, safety mats, laser scanners, guard locks, safety rope, etc. Attempted access into the working area of the cell can be instantly detected using such sensors, resulting in an almost instantaneous shut down or suspension of operation of automated running equipment in the cell if access is attempted.
Automatic control of a manufacturing cell generally encompasses two primary control tasks: normal automation control and safety automation control. Normal automation control refers to the control of any work-related tasks in the cell using any available means, such as closed loop control and/or open loop controls. Precise control is maintained over the various automated equipment operating within the cell, including robots, conveyors, fixtures, etc. The second primary control task, safety automation control, refers to monitoring of the cell for any safety-related tasks and concerns, e.g., the presence of operators in or near the robot working area, as well as for certain hardware failures occurring in the cell. Typically, control of the tasks is integrated into a single safety programmable logic controller that is often referred to as a Safety PLC. Therefore, the same term will be employed extensively herein for consistency.
Cell sensors and safety-related components may be vendor-specific both in operation and in internal construction, but nevertheless must function properly in response to the overall or top-level control logic of the cell. Various governmental and/or regulatory requirements and industrial standards, e.g., IEC 61508 and similar standards, may require a 3rd party certification of the safety-related portions of the automation control logic that is used in such cells. Conventional logic certification and testing methods utilize purely hardware-based testing, and may result in a longer setup time and relatively high testing costs. Additionally, such methods may not provide a viable method for completely testing the various safety-related tasks and concerns of a cell. For example, some operator-triggered events, such as the interruption of a perimeter light curtain with a nearly simultaneous activation of an E-Stop device located a substantial distance away from the light curtain, may be difficult to achieve in a reliable and highly repeatable manner. Also, safety-related components and sensors may be provided in black-box form from a supplier, thereby making the complete testing of components and their overall system a challenging task.