The present disclosure relates generally to industrial automation and control systems, such as those used in industrial and commercial settings. More particularly, the present disclosure relates to high reliability or industrial safety controllers appropriate for use in devices intended to protect human life and health and specifically to rapid backup or configuration of industrial safety controllers by means of a memory module.
Industrial controllers are special purpose computers used in controlling industrial processes. Under the direction of a stored, controlled program, an industrial controller examines a series of inputs reflecting the status of the controlled process and changes a series of outputs controlling the industrial process. The inputs and outputs may be binary, i.e. on or off, or analog, providing a value within a substantially continuous range. The inputs may be obtained from sensors attached to the controlled process and the outputs may be provided to actuators on the controlled process.
Safety systems are systems intended to ensure the safety of humans working in the environment of an industrial process. Such systems may include the electronics associated with emergency stop buttons, light curtains and other machine lockouts. Traditionally, safety systems have been implemented by a set of redundant circuits separate from the industrial control system used to control the industrial process with which the safety system is associated. Such safety systems have been hardwired from switches and relays, including specialized safety relays which provide comparison of redundant signals and internal checking of all conditions, such as welded or stuck contacts.
Safety control can be implemented in various manners, depending on the required control complexity and safety complexity, which takes into account the number of controlled zones. A safety controller can be provided in the form of a safety relay for local, small-scale and/or simple safety control, as a module for a modular, more complex configuration or as a more sophisticated but still compact programmable logic controller, fulfilling certain safety ratings. A compact safety controller can be employed within a complex safety network. Safety relays, on the other hand, are particularly useful for small scale emergency stop applications.
A safety device oftentimes is configured to comply with standardized requirements, such as a safety integrity level (SU). On the other hand, it is desirable to enable users to configure not only standard control devices, but also a safety controller or safety relay by means of software, using an editor program. Before enabling full operation of a safety controller configured by means of software, compliance of the safety controller with safety requirements has to be verified so as to increase safety during operation of said safety controller. In order to indicate completion of such a verification process, a safety control program on a safety controller can be supplemented with a verification ID stored as well on the safety controller, or the safety control program is downloaded to the safety controller together with an integrated verification ID. Other means to indicate that a safety control program is verified can be provided.
Traditionally, a safety controller or a safety relay is connected via a network, USB connection or Bluetooth connection to a programming tool or device in order to receive a safety control program, which is also sometimes referred to as a safety control application or safety control project. The safety control program is then downloaded to the safety controller, thereby requiring connecting said safety controller with the programming or editor device.
For OEMs or generally in cases where many machines or controller devices have to be programmed with a common configuration, this is a time-consuming procedure that requires connecting each controller with the device running the editor software and downloading the configuration comprising the industrial control program to the controller. Furthermore, this approach makes it difficult to track whether the same or the intended safety control program is downloaded to the controllers.
In another conventional approach for providing a configuration to industrial controllers, a memory card or module is permanently slotted in a receptacle of an industrial controller. This reduces available space and expandability of the industrial controller. To balance these drawbacks, additional functionality, such as a real-time clock, is conventionally provided on such memory cards or modules permanently slotted in the industrial controller.