EEVblog Electronics Community Forum
Electronics => Beginners => Topic started by: DannyCoates on July 12, 2023, 03:50:28 pm
-
What's the point of safety relays?
I understand it guarantees all poles are switched together but if main contact is welded shut (don't say it can't happen) and therefore the auxiliary contacts are also closed, how is that useful? You know the power is switched on but what can you do about it? Use it to drive another relay? Then you face the same problem with that one, and so on.
Is there any way of using them to guarantee an open-circuit on the main contact?
-
Normally the design uses two of the things with the main power contacts in series, and has the coil control doings designed such that if either relay aux contact indicates contact closed, the 'start' button is disabled.
Thus a welded contact effectively prevents you starting the machine because the aux contact will be open and thus the 'start' button will be disabled.
There is more to it then this as you want redundant wiring to the estop switch and such, but the usual suspects for industrial safety relays all have good documentation and usually a list of patents in this space.
Regards, Dan.
-
A "safety" (a.k.a. force-guided) relay does not guarantee that all contacts will switch together. The guarantee is that the NC and NO contacts will never both be closed at the same time. IIUC, an FGR can still fail with, say, one of three NO contacts welded, in which case you may or may not see continuity across the other two. What you won't see is continuity across any NC contacts in such a case.
Designs using FGRs will almost always use multiple mechanisms in series to disconnect the load, and will also almost always use the aux contacts for monitoring. An FGR, on its own, doesn't guarantee that it won't weld. What it does guarantee is that welding will be detectable by providing a way to compare the expected state of the relay to its actual state. To wit, if NC contacts have continuity, NO contacts are guaranteed to be open, and similarly, if NO contacts have continuity, NC contacts are guaranteed to be open. Thus, you can compare whether coil power is applied to which of the aux contacts have continuity. If there's a mismatch, you know you have welded contacts. (If there isn't, at worst you have open contacts that are supposed to be closed. Practically speaking, however, this is less likely, and not having power to the load when you should is usually not the danger.)
This lets you do two things. The first, as Dan mentions, is to trigger some sort of safety lock-out that prevents you turning the load on in the first place. However, you're only likely to get into that state if a critical fault already occurred and hasn't been remedied. More importantly, it lets you detect a failure of the load contacts to open, which gives you the opportunity to enter into fault mode. That could mean setting off an alarm or activating some other safety system or fallback mechanism for interrupting power. (Bear in mind that you do go through a mismatch state briefly in normal operation, so your fault detector needs to wait for the state to persist for some amount of time.)
With a normal relay, the only way to detect contact welding is to somehow test continuity across the contacts. This can be a challenge to do at the same time those contacts are carrying a load current. (You might think "I'll just measure whether there is a load current"... but that can also be problematic if you need to detect faults when the load current might be small or intermittent, and a current sensor might be less reliable than using an FGR's aux contacts.)
-
Normally the design uses two of the things with the main power contacts in series, and has the coil control doings designed such that if either relay aux contact indicates contact closed, the 'start' button is disabled.
Thus a welded contact effectively prevents you starting the machine because the aux contact will be open and thus the 'start' button will be disabled.
There is more to it then this as you want redundant wiring to the estop switch and such, but the usual suspects for industrial safety relays all have good documentation and usually a list of patents in this space.
Regards, Dan.
Thanks Dan. Interestingly when I was trying to find out more about safety relays I came across one of your replies from 5 years ago. You must be in the biz.
https://electronics.stackexchange.com/questions/335033/relay-output-from-mcu-with-enhanced-safety-level (https://electronics.stackexchange.com/questions/335033/relay-output-from-mcu-with-enhanced-safety-level)
Again in that particular example there's nothing to stop both relay contacts from welding shut and still providing power to the crane through START_STOP_COM and START_STOP. The aux contacts signal some other possibly-faulty electronics through Relay_1_EDM and the transistors could fail short-circuit.
It's just a giant puzzle of redundancy with no guarantees. If redundancy is the best you can hope for then why not just use multiple standard relays?
With a normal relay, the only way to detect contact welding is to somehow test continuity across the contacts. This can be a challenge to do at the same time those contacts are carrying a load current. (You might think "I'll just measure whether there is a load current"... but that can also be problematic if you need to detect faults when the load current might be small or intermittent, and a current sensor might be less reliable than using an FGR's aux contacts.)
Thanks sparkydog. Can't you just sense the voltage on the NO side of the contact to detect welding?
-
It's just a giant puzzle of redundancy with no guarantees. If redundancy is the best you can hope for then why not just use multiple standard relays?
I can't speak to a particular example, which may be implemented wrong or not making the best possible use of FGRs. To the point whether or not there are guarantees, however... the guarantee is that a fault is detectable. That gives you the opportunity to set off an alarm, or employ some sort of fall-back for cutting power. You can't do that with standard relays because it's hard to detect a fault.
If you're properly paranoid, "some sort of fall-back for cutting power" could be a pyrotechnic. There are extremely reliable ways to interrupt power, but they're not necessarily as easily reset as a relay. Thus, you'd only use such devices if your "normal" mechanism for interrupting power has failed to do so. FGRs give you a way to employ such devices. (A somewhat more reasonable fall-back is a shunt trip breaker. I think I have a thread around here somewhere on fall-back mechanisms for cutting power.)
With a normal relay, the only way to detect contact welding is to somehow test continuity across the contacts. This can be a challenge to do at the same time those contacts are carrying a load current. (You might think "I'll just measure whether there is a load current"... but that can also be problematic if you need to detect faults when the load current might be small or intermittent, and a current sensor might be less reliable than using an FGR's aux contacts.)
Thanks sparkydog. Can't you just sense the voltage on the NO side of the contact to detect welding?
My understanding is that the aux NO(s) might open if one or more load NOs are welded. What won't happen is the NC contacts won't close if any of the NO contacts are welded. (And vice versa.)
Generally speaking, linked contacts aren't perfect. (More generally, there's no such thing as a perfectly rigid body.) There's going to be a little bit of slop that's going to result in the open/close timing being slightly different; by extension, that means you can't guarantee that linked contacts are always in the same state.
Consider a relay with one coil and two unlinked contacts. If you de-energize the coil and one of the contacts is welded, the other is free to fully open (and close an NC contact in the case of dual poles). If you now link the contacts, the welded contact limits how far the other can move, but can't prevent it from moving at all. (And, just to make things exciting, the unwelded NO might open just enough to become a spark gap.) What you can do — what FGRs do — is ensure enough rigidity that the unwelded contact can't move so far as to close the NC contacts.
So... no. An FGR doesn't guarantee that all linked contacts will be in the same state. It only guarantees that "contradictory" states won't happen.