A Safety Programmable Logic Controller (PLC) is designed to meet specific Safety Integrity Levels (SIL). Safety PLCs ensure that machinery operates safely and that their failure does not endanger people or processes, adhering to stringent safety requirements. These devices are certified by recognized authorities such as TÜV and Exida, ensuring they meet international safety standards like IEC 61508.
What is a Safety PLC?
A Safety PLC is an advanced type of PLC that integrates safety functions within the automation system. This integration ensures a higher level of reliability and diagnostics. Safety PLCs are designed to comply with international standards like IEC 61508, which covers the functional safety of electrical, electronic, and programmable electronic safety-related systems.
It is important to note that a PLC can still be used unsafely if not programmed correctly, even if it achieves a specific SIL rating. Additionally, standard PLCs can be employed in safety applications, depending on the required SIL rating.
TwinCAT Safety PLC, source: https://download.beckhoff.com/download/Document/automation/twinsafe/TcSafetyPLC_en.pdf
Safety PLC vs. Standard PLC
Although safety PLCs and standard PLCs might seem similar, their architectures and design philosophies differ significantly. For instance, in the Siemens PLC environment, both safety and standard codes are programmed using the same interface, but the safety code is clearly differentiated. All of the safety blocks and signals have a yellow color indication for safety-related functions. Safety standard functions are used to reduce the risk associated with particular hazards.
. 
The primary difference between safety PLCs and standard PLCs lies in their architecture and design. Safety devices are based on a redundant structure, typically featuring dual-channel architecture where two separate channels process input and output signals. This internal design ensures specific safe behavior if one channel malfunctions or if there is an undesirable difference between the signals in both channels. A safety PLC usually has at least two processors that analyze and compare signals. In the case of Siemens PLCs, redundancy is realized at the software structure level without requiring two processors, still fulfilling the necessary requirements.
Key Features of Safety PLCs
Safety PLCs are equipped with multiple diagnostic functions to identify potential internal faults in both hardware and firmware. These diagnostics help reduce the occurrence of dangerous undetected failures and influence the probability of failures in SIL calculations. The safety hardware is usually of higher quality, with a longer mean time to failure.
Safety applications are generally simpler in program logic compared to those handled by standard PLCs, focusing primarily on comparing actual states from input devices (such as various safety sensors, light curtains, and E-stop switches) to the expected states. In contrast, standard PLCs have more functionalities related to process control, as their roles are different.
A Safety PLC does not necessarily mean it can only be used for safety applications. For instance, Siemens offers a series of PLCs with integrated safety features capable of handling both standard process control and safety-critical operations. This dual functionality allows a single PLC device to manage regular process control tasks as well as safety functions.
Safety light curtains, source: https://www.pilz.com/en-INT/products/sensor-technology/safety-light-curtain
Predefined Safety Function Blocks
In most cases, safety PLCs come with predefined function blocks that are certified and tested to meet specific safety standards. Using these blocks simplifies the programming process, ensures compliance with safety regulations, and reduces the risk of programming errors. These predefined blocks are designed to handle common safety functions such as emergency stop, light curtain monitoring, and door interlock control.
When to Use a Safety PLC
To determine whether a Safety PLC is needed, a structured evaluation process should be followed. This involves assessing the risk associated with the application, identifying the required Safety Integrity Level (SIL), and understanding the specific needs of the system. Key steps include performing a risk assessment and determining the required SIL level.
Often, the decision to use a Safety PLC arises from the need to monitor a greater number of safety functions, making the use of single-function safety relays impractical. A Safety PLC offers more flexibility than using relays because it is easier to make changes and adjustments.
