1. Field of the Invention
The invention pertains to the field of power control, safety, and distribution equipment. More particularly, the invention pertains to a power and safety control hub for power control, safety control, and power distribution.
2. Description of Related Art
There is currently no device that constitutes a power and safety control hub for power control, safety control, and power distribution. As part of its function, a power and safety control hub of this type should integrate fault tolerant power disconnect control, software monitoring of disconnect and multi-voltage power distribution and disconnect with non-hazardous power control, EMI filtering and multi-circuit current protection in a single unit. There are presently some products and machines that incorporate some or part of these functions, but this is done on a custom-made basis for each machine model. There is no product at present that integrates all of these functions into a single integrated system for use as a power and safety control hub for overall power control, safety control and power distribution in many different applications. As used herein, an integrated system is the integration of components that form a power and safety control hub in one or more enclosures and/or printed wiring boards, that is provided as a single system.
As part of its function, such a hub should also implement electromagnetic, single fault tolerant, safety control circuits without using positively driven contact relays. Electromagnetic circuits which control hazardous power in machines that meet the CE machinery directive (and other machine safety standards) normally utilize interconnected relays with positively-guided contacts (in which one set of contacts can reliably be used to monitor the proper operation of the other contacts within the relay) as control elements. Alternately, safety control is sometimes implemented with completely redundant electronic control systems that must agree in order to turn on hazardous power. Both of these methods can be used to meet the requirements of fault tolerance (one element can fail and safety is maintained) and fault monitoring (any single fault can be detected). However, there is a need for a method for accomplishing these single fault tolerance and monitoring requirements without using either of these typically expensive techniques. Such a method currently does not exist.
Another part of its function should be coordination of the shutdown of any connected mechanical drives such as servo motor drives, autonomously commanding them to come to a controlled stop before safety power is disconnected (when networked controls are used). As used herein, mechanical drives would include any powered source of mechanical drive. Thus, mechanical drives would include, but are not limited to, motors, motor drives, servo motor drives, variable speed motor drives, pneumatics, hydraulics, and other devices supplying mechanical drive power. This is an extremely important safety feature that can be used to control hazardous equipment including electric motors, pneumatics, hydraulics, and other potentially dangerous powered equipment. However, there is currently no device that, when used with connected networked controls, automatically brings to a halt any connected mechanical drives in the split second before it removes power.
It should also integrate segmented hazardous power control (distinguishing between load/unload and main areas of the equipment being controlled) so that the main area can be operating while the load/unload area has power disconnected. Examples of equipment that operates in this way does exist, however, there are currently no integrated safety control products that accomplish this.
A power and safety control hub for overall power control, safety control and power distribution should also automatically discharge energy sources within connected mechanical drives (as previously defined) at the time of safety power disconnect of hazardous power. For example, servo motor drives, stepper motor drives and variable Speed drives often contain storage (smoothing, filtering) capacitors in their internals that store energy for some time after AC power is removed from the unit. The stored charge in these capacitors constitutes a hazard until they are discharged. There is, therefore, a need for circuits that can be connected to automatically discharge these capacitors at the time of removal of hazardous power. However, there are currently no integrated safety control products that accomplish this.
Such a power and safety control hub should also include a safety control and monitoring algorithm that automatically forces the test on e-stop switches and interlocks in a machine each time the machine is powered up (or reset). As used herein, interlocks are switches or devices that indicate that an operator is not in harms way from any of the hazards within the machine, including but not limited to, interlock switches, interlock switches with guard locking, light curtains, etc. Several safety control standards require the e-stop switch circuit to be checked for proper operation on a periodic basis. This is normally accomplished by a periodic preventative maintenance schedule outlined in the machine's instructions or by a placard in a conspicuous area (e.g. near the e-stop switch). However, there is nothing that avoids having to depend upon this type of relatively unreliable manual procedure for e-stop switches and interlocks.
The hub should additionally have a state driven safety control and monitoring algorithm that pinpoints at least one of wiring and device problems for rapid debug. This makes debugging of the system in the case of a safety fault much easier. However, there is currently no power and safety control hub for overall power control, safety control and power distribution that incorporates this feature.
It should also include internal self-protection that automatically forces a control safety power disconnect (after warning the host) if the unit should approach its maximum operating temperature, or if a cooling fan stops. This feature is not analogous to thermal shutdowns used in other products to protect circuitry in the vicinity from damage but rather to insure the proper integrity of the safety disconnect and it is not currently incorporated into any device.
A power and safety control hub for overall power control, safety control and power distribution should also incorporate safety monitoring software for synchronous de-bouncing interlocks and e-stop switch inputs to eliminate false trips. Mechanical switches have a property called “contact bounce”. When a mechanical switch is closed or opened it does not typically do so in a single clean transition. The contacts typically bounce together and apart causing several short on-off transitions over a period that lasts a few milliseconds to a few hundred milliseconds. When these switch signals are used by electronics, these transitions can confuse the circuits unless they are de-bounced. De-bouncing can be done with either electronic circuits or software and is a well known technique. However, traditional de-bouncing of individual contact inputs is insufficient for applications that need to monitor simultaneous switch operation. If simple de-bouncing is employed, a subsequent algorithm is required to find out if the transitions are close enough to each other to be considered simultaneous. This usually makes the software code complicated and harder to construct, test and debug. Synchronous de-bouncing eliminates this requirement.
Another part of the hub's function should be to integrate a comprehensive audible indicator that announces the activation of any over current protection devices (e.g., blown fuses or tripped circuit breakers) as well as individual visual blown fuse or tripped circuit breaker indicators in the power distribution system. Although visual blown indicators for individual over current devices are common, there are no examples of a single comprehensive indicator that provides a signal (by sounds or otherwise) when there is any blown fuse or tripped circuit breaker in the power distribution product.
It could also include integration of an e-stop reset function into the machine on-off front panel switch. A common requirement of machine safety standards is the need for a separate reset switch for restoring hazardous power to a machine. Specifically, resetting the e-stop switch can't reapply hazardous power on its own. These safety standards state that the resetting of the e-stop switch simply arms the hazardous power control circuits (necessary, but not sufficient for the reapplication of hazardous power). These standards call for a separate reset switch, which must be deliberately actuated after the e-stop switch is reset, to restore hazardous power. There is, however, nothing that has a circuit that integrates the hazardous power reset switch function with the On-Off switch panel, allowing the On switch to double as the hazardous power reset switch.
Finally, a power and safety control hub for overall power control, safety control and power distribution should include integration of a “soft-off” circuit that automatically shuts off the machine when the host computer is shut down. The control of automated machines is often accomplished by a computer connected to sensors, actuator, indicators, operator controls and mechanical drives (either directly or through a network). The connected control computer may have a method of shutting itself down when requested to do so by its internal software (after being requested by the user, some internal event or an event detected within the machine). However, there is currently no device in the field that contains a circuit that can be used to extend this shutdown action to the entire machine when the host computer shuts down.