SFPL - General - What is it and system architecture

SFPL - General - What is it and system architecture

Notes
The Model6277 Safe Flight Pattern Limiter (SFPL) system is designed for truck mounted boom lifts.
The system is modular in design and ensures safe operation during various human work tasks; when a human must complete work in a man platform environment, at the end of a boom lift.

Below - EQSS SFPL monitoring a truck mounted boom lift
during a tree branch cutting task


Below  - EQSS SFPL main control unit


Below  - EQSS SFPL main control unit and light tower in mounted positions


The Model6277 Safe Flight Pattern Limiter (SFPL) system is designed to meet the requirements of AS1418-10, which requires compliance to the safety standards detailed in ISO13849-2. The SFPL system architecture is implemented to achieve ISO13849-2 compliance with respect to category 3 safety systems (with single fault fail to safe operation).

To achieve these requirements, the following system architectural design features are included:
  1. Model6206 CAN Angle Length Module (CALM)
    1. Length drawer wire breakage detection
    2. Stow switch failure detection
    3. Angle range error detection
    4. CAN 2.0B bus communication with check sum verification
  2. Model6381 CAN Dual Inclinometer Module (CDIM)
    1. Angle range error detection
    2. CAN 2.0B bus communication with check sum verification
  3. Model6259 CAN Cabin Interface Module (CCIM)
    1. Fail to safe operation to provide system range cutouts
    2. Fail to safe operation for system power control
    3. CAN 2.0B bus communication with check sum verification
  4. Model6202 CAN Safety Display Module (CSDM)
    1. Dual safety control algorithms with separate outputs
    2. 250ms system watch dog supervisor
    3. CSDM power up, cut-outs enabled, display fail to safe operation
    4. CAN bus error detection, fail to safe
    5. Node error and node disconnection detection, fail to safe
    6. Boom angle range error detection
    7. Boom length range error detection
    8. Turret angle range error detection 

SFPL Main System Components

Safety Display Module (CSDM)


The Model 6202 CAN Safety Display Module is a state of the the art embedded computer specifically designed for use with industrial lifting equipment. The slimline display features a 7” wide screen high definition LCD screen, capable of displaying high quality graphic effects to better assist the machine operator. The display takes advantage of the latest in computer technology, providing the operator with information such as:
  1. the digital rating chart with forward prediction
  2. active shading and zoom
  3. plus the machine dynamic stability triangle.
The CSDM has a NTSC / PAL video input to be used for reverse, forward and remote cameras. The CSDM safety processing software and operating system is easily updated via an on-board SD card. The CSDM operating system includes advanced menu functions for instant system configuration and diagnostics.

Cabin Interface Module (CCIM)

            
The Model6259 CAN Cabin Interface Module is a universal and fully configurable digital IO module, with smart power management and backup battery. This unit has a small footprint and is designed to be mounted within the cabin of a machine, or the main control box of an SFPL. It provides the interface between the machine electrics and the EQSS technology. The CCIM has an array of configurable input and output channels that can be used to sense signals such as, outrigger positions and to control machine cut-outs.

Angle and Length Module (CALM)



The Model6206 CAN Angle and Length Module is designed as a small all-in-one unit for measuring angle and length in industrial lifting applications. The unit has been designed to fit onto the outside or inside of a telescopic boom. With its small footprint, low profile and M12 screw lock connector system; makes it easy to install. The CALM uses unique quadrature encoding for the length measurement and solid state accelerometers for angle determination; making the unit fully digital and self calibrating. The boom length input is required by the load/rating processor to determine the boom position (in order to calculate the load and rated capacity). The internal recoil spring is protected against reverse recoil in the event of trace cable breakage via an internal clutch mechanism.

The boom angle sensor is used to measure the machines boom angle with respect to gravity. The input of the sensor is required by the load/rating processor unit (to determine if the safety cut-out needs to be activated).

The boom stow position is measured to aid logic analysis of the sensor state for advanced mechanical fault detection. Low power detection saves the current length data in two separate EEPROM locations (in both normal and inverted formats). This length data is used to recover the boom length at next machine start up. If the low power input incorrectly triggers or fails, it will force the processor to be held in reset (producing an off-line fault in the NPU).

Model6381 CAN Dual Inclinometer Module (CDIM)



The Model6381 CAN Dual Inclinometer Module is a multi functional sensor/system used for determination of relative angles with respect to gravity. The CDIM can be used as a sensor with the EQSS SFPL and Gen3 product range, or as a stand alone system in applications such as chassis level or man basket level (maximum angle alarm or cut-out requirements). The CDIM uses state of the art solid state dual axis inclinometers that provide high accuracy in all operational environments. This sensor is factory configured to suit the application as either a system sensor or an angle limiting system where audio and electronic outputs are required. The CDIM is enclosed in a durable IP67 rated enclosure and electrical connections are made via a durable M12 screw lock connector system.

Model 6231 CAN Light Tower Module (CLTM)


The Model6231 CAN Light Tower Module CLTM is designed to provide personal outside the machine, an indication of the current machine state. The CLTM receives information from the safety system which relates to the machines state of operation. The module comes standard with three indication states of green, yellow and red, additional indication states can be added if required. The light tower uses LED's to illuminate each color section. These LED's operate at a lower power and have an increased life over traditional indication solutions, making the module robust and long lasting. The CLTM can be added to any of the EQSS complete system solutions by simply plugging the unit in on the CAN bus, once connected the CLTM is automatically detected and starts operating, reducing the need for any special system configuration.

SFPL Design Background
Basic Safety Principles 
  1. The system is constructed with established and proven methods of design, construction, material selection and QA validation. In accordance with the Analogue and Digital Measurements QA programme. All system components/nodes are designed and constructed for the specific application and environmental conditions for use with EWP's and industrial lifting equipment.
  2. All components produced are designed for their specific application and environmental conditions. During design, all foreseeable failure points are considered and eliminated taking into account variables such as stress strain and mechanical ware.
  3. Other manufacturers components that are integrated into the component/nodes of the system are designed in (based on their specification and quality levels). Each component that is integrated, is operated in accordance to the manufacturers specification.
  4. All digital output controls are designed to be fail to safe; such that when in the de-energized state, the safety function is active. All digital input channels also use the de-energized principle such that in the event of a failure, the digital input is sensed as high.
  5. Limitation of the generation and/or transmission of force and similar parameters. This is considered in all mechanical system components.
    1. for example: the length transducer incorporates an internal clutch such than in the event of a drawer wire breakage, the inertia caused by the spring recoil will not damage the recoil spring.
  6. The SFPL is designed to operate from -20 to +85 degrees C. This is made possible by the correct selection of electronic components.
  7. In the event of an unsafe condition, system(s) failure or system(s) fault the SFPL will activate the safety cut-out within 750ms.
  8. All electronic nodes have built in reset controllers such that each node starts up at the same time. The system does not store energy and can not continue to operate for greater than 5ms without power.
  9. The system is designed to be modular with the least number of system nodes and I/O signals required (thus reducing complexity and increasing reliability).
  10. All components are well protected against environmental exposure. For example the display module is encased in an IP69 enclosure.  
Well Tried Safety Principles
The Model6277 SFPL is designed using the well tried safety principles and production techniques used by Equipment Safety Systems to date.
Shown below are some of the safety principles used in the system design methodology:
  1. All components and materials used in the Model6277 SFPL are selected to enable the system to operate with its maximum operational specifications and to insure long life and integrity of the system.
  2. All critical components used within the system have known failure modes as detailed within the device component data sheets.
  3. All mechanical and electronic components are designed to operate above the system design specifications.
  4. All electro mechanical, and mechanical systems are held a safe operational position, non reliant on frictional forces 
System Block Diagram
Shown below is a block diagram of the system architecture and safety switching output. It's been posted here to help the reader's understanding of the overall system architecture and functionality.


    • Related Articles

    • SFPL - General - Maintenance

      The components of the SFPL require periodic checks and maintenance to be performed to ensure it remains in working order. Cable Reeler Lubrication The cable reeler consists of a multi core cable wrapped around a drum. As the boom extends, the cable ...

    • SFPL - User - SFPL Menus

      The menu system allows for configuring and diagnosing the SFPL. To enter the menu system press the user control dial. This will display the main menu. To navigate through the menu options rotate the user control dial. The currently selected option ...

    • ITC SWL- General - What is it and System Startup

      The SWL system is activated when the ignition is set to accessories or first stage. The ITC SWL is a no display Safe Working Load management system. It uses inclinometers and pressure sensors to generate cutouts when safe working load conditions are ...

    • Gen4 - General - What is Gen 4 LMS?

      Hardware Overview Display The Model 6205 Display Module is the main HMI device for the Gen4-LMS. It is used to display information to the operator. It contains a built in touch screen to allow the operator to interact with the system, and dual audio ...

    • SFPL - Installation - Power / Cutout

      The system uses a 4 pin cable to supply power to the system and to signal cutout / fault conditions. Connect the supplied 4 pin cable to the left male connector on the display. Connect the other end of the cable according to the table below: The ...