Renesas’ functional safety over EtherCAT (FSoE) controlled safety drive system includes two independent RX72N 32-bit microcontrollers (MCUs) so if the system hits an unwanted state, control is maintained and it can safely cut power to the motor. The FSoE safety network is one of the most well-known safety protocols in industrial systems.

The safety data, such as the emergency stops, comes from the safety sensor or safety programmable logic controller (PLC) through the EtherCAT communication block. This safety data is checked by both RX72N MCUs individually, and if either shows an emergency, either one (or both) RX72N MCUs can cut off the motor power to avoid dangerous situations.

The safety control block consists of two RX72N MCUs, which manage motor emergency, stop control, and safety protocol data processing. According to the international safety standards (IEC 61508, ISO 13849-1), redundancy in the system is required. This redundancy is achieved by having dual RX72N MCUs. Each RX72N MCU operates the same process and can check each other through the cross-monitoring interface.

Renesas supports required software for the safety control block, such as self-test software and control software system (self-test software kit and SIL3 system software kit). By using these safety solutions, customers can shorten their development and certification times and reduce costs. By separating the functional safety block from the non-safety block (network device or motor control device), customers can easily design their applications.