Functional safety in motion control: designing without compromise

In industrial settings, when we talk about motion control, safety cannot be treated as an additional or separate layer from the control logic. Industrial robots, AGVs, and collaborative robots operate in dynamic environments, often shared with human operators, where precision, operational continuity, and personnel protection must coexist.

In this context, functional safety forms the foundation for designing reliable systems that comply with regulations and can handle risk situations, even in the presence of faults or abnormal conditions, without compromising system performance.

What is functional safety?

Functional safety is a discipline that concerns a control system’s ability to correctly perform its intended safety functions, reducing risk to an acceptable level. It is governed by international standards such as IEC 61508, ISO 13849 and IEC 62061 and represents a critical part of industrial safety.

In automated and robotic systems, functional safety ensures that the system:

• reacts deterministically to dangerous conditions;
• detects hardware and software failures;
• brings the machine to a safe state when necessary.

In industrial and collaborative robotics, this translates into safe stops, speed limitation, position control, and reliable management of human-machine interaction.

The role of the safety PLC in motion and robotic applications

A safety PLC is a controller specifically designed to manage certified safety functions. Compared to a standard PLC, it integrates redundant architectures, continuous self-diagnostic mechanisms, safe handling of inputs and outputs, and certified software and firmware for high SIL or PL levels.

In motion control applications, the safety PLC becomes the central point for controlling safe motion functions, such as:

• Safe Torque Off (STO);
• Safe Limited Speed (SLS);
• Safe Limited Position (SLP);
• Safe Direction Indicator (SDI);
• Safe Workspace Monitoring (SWM).

To make these functions truly effective, the PLC must be able to process complex variables safely. When these variables cannot be measured directly and must be derived mathematically, the correctness of the calculation becomes an integral part of the safety function.

Safety Arithmetics (SARC): safe mathematical calculations for functional safety

Beyond Boolean logic

In advanced motion control systems, many safety functions cannot be expressed with simple on/off logic. Monitoring Cartesian positions, resultant velocities, trajectories, or dynamic workspaces requires continuous mathematical calculations, often based on nonlinear kinematic models.

Delegating these calculations to non-safety controllers means losing the ability to integrate them directly into the certified safety chain. This is where safe arithmetic becomes essential.

What is SARC?

Safe Arithmetic Calculations (SARC) is a library of certified mathematical functions for use in functional safety applications. It integrates natively into the safety controller’s development environment, providing certified function blocks for:

• basic arithmetic operations;
• advanced mathematical functions;
• trigonometric functions;
• safe integer-to-floating point conversions;
• matrix calculations, essential for kinematic applications.

Safe floating point and calculation integrity

Many safety-relevant variables, such as speeds, angles, and positions, must be handled in floating point to ensure precision and continuity. Rounding errors, overflow, or uncontrolled conversions can compromise the reliability of a safety function.

SARC allows floating-point calculations within the PLC while maintaining:

• deterministic behavior;
• numerical consistency;
• integrity of the safety function.

This is especially important in robotic applications, where calculation accuracy directly affects the system’s ability to react safely.

Kinematics and spatial transformations in safety

In robots and AGVs, safety variables are not always directly measurable. They often need to be mathematically derived, for example, converting joint coordinates to Cartesian coordinates, calculating resultant velocities across multiple axes, or evaluating the TCP’s position in space. Thanks to trigonometric functions and matrix calculations, SARC allows these transformations to be implemented directly in the safety logic, enabling safe monitoring of:

• trajectories;
• dynamic workspaces;
• resultant velocities and positions.

Integration with safety functions

The results of SARC calculations can serve as inputs for standard safety functions of the controller, such as:

• Safe Limited Speed;
• Safe Position;
• Safe Direction;
• Safe Workspace Monitoring.

In this way, mathematical calculations become an integral part of the safety chain, linking the processing of physical variables to the system’s safety responses.

Verification, validation, and transparency

The implementation through function blocks makes the calculation logic readable, verifiable, and easier to validate during risk analysis and testing. This transparency is crucial for meeting regulatory requirements and ensuring that implemented functions are technically correct and demonstrable.

Without a safe arithmetic library, many advanced safe motion functions would have to be implemented outside the certified safety logic, increasing validation complexity. Integrating mathematical calculations directly into the safety PLC maintains consistency, traceability, and certifiability of the entire safety chain.

Fail Safe over EtherCAT (FSoE)

FSoE is the safety protocol for EtherCAT networks, standardized in IEC 61784-3 and approved by TÜV SÜD Rail. It supports safety applications up to SIL 3 and operates using the black channel principle:

• safe data travels in the same frame as non-safe data;
• only FSoE devices interpret safety data;
• no special network infrastructure requirements are needed.

The FSoE master manages the exchange of safety data between slaves without imposing constraints on device topology or position, making it a highly flexible solution for complex motion control systems.

Robox solutions for functional safety