When designing a safety solution for a machine or application, a fundamental consideration is whether to implement it as a standalone or network safety solution. Standalone safety involves wiring safety devices point-to-point to a safety relay or controller, which in turn is wired to a contactor or a device that disconnects primary power to a machine.

On the other hand, network safety collects the safety devices and connects them to a network safety system via a fieldbus that uses a communications gateway, a safety CPU, and safety I/O.

Network safety has multiple advantages over standalone safety. First and foremost, it is a highly effective way to mitigate risk. In addition to this, however, network safety becomes a key factor of a high-performing, future-ready manufacturing facility thanks to its ability to improve automation efficiency and boost throughput.

Why are there so many industrial networking protocols?

As there are several different manufacturers, there are also several unique, independent solutions to solve communication issues. These unique industrial problems brought networking to the forefront. In particular, manufacturers needed their operations to be:

  • capable of responding in real time,
  • deterministic,
  • reliable/redundant,
  • secure,
  • safe, and

The process of converging protocols prompted an effort to bring together the best practices and standardize communications. The cornerstone of interoperability is a standard communications protocol. EtherCAT (ECAT) is an example of higher- a level networking protocol that uses a multiple-layer protocol model to interwork with many Fieldbus protocols.

Choosing the right safety network configuration

While there are a variety of configurations that can address network safety, choosing the correct one is essential in optimizing automation efficiency and reducing safety risk. A safety risk assessment is the primary way to establish the correct safety needs and configuration.

Automation architecture must provide control, configuration capabilities, and data collection. The two leading network safety architectures are Fail Safe over EtherCAT (FSoE) and Common Interface Protocol Safety (CIP Safety).

EtherCAT technology allows for interoperability between participating vendor devices. It is faster, has a wider bandwidth, and supports processing on the fly. CIP Safety provides failsafe communication between nodes and enables interoperability between various automation and safety vendors.

Eight types of network errors must be mitigated for proper functional safety communications. These are:

  1. Corruption of the signal
    2. Unintended repetition of the message
    3. Incorrect sequence of the message
    4. Loss of the message
    5. Unacceptable delay of the message
    6. Insertion of another unintended message
  2. Masquerade the message
    8. Addressing the message as intended

Functional elements of a networked safety system

A networked safety system consists of several key functional elements. The following examples illustrate some sample choices, depending on the desired configuration and/or application.

EIP Network Slave Terminal (NX-EIC202 & NX- SL3300). The EIC202 is the communications coupler, and the NX-SL3300 is the safety CPU. This is for status information only, fed back over EIP to a control system.

Conversely, it does not take any control information and sends it to the safety system to control or influence it.

The purpose of this is to be able to inform safety status via EIP to a third-party controller such as Rockwell Automation PLC.

EtherNet/IP also has its advantages. EIP is the way that Rockwell controllers connect field devices, and it is the most widely used application layer manufacturing protocol in North America.

This is the prime configuration that allows Omron to be able to connect to a specified Rockwell control system.

ECAT Network Slave Terminal (NX-ECC201, 202, 203 & NX-SL3300, 3500). The ECC201-3 is the communications coupler, and the SL3300-3500 is the safety CPU. The exact model is dependent on program capacity and the number of safety master connections.

The purpose of this is to be able to operate as an ECAT slave and connect multiple safety devices over an ECAT network. The safety monitoring and reporting would run with FSoE. ECAT slave devices need to embed a specific hardware ASIC to implement ECAT.

ECAT Master (NX102 & NX-SL3300, 3500). The NX102 Machine Automation Controller serves as the database connection CPU Unit, while the SL3300- 3500 functions as the independent safety CPU. The exact model is dependent on program capacity and the number of safety master connections.

The purpose of this is to operate as a cornerstone ECAT network arrangement. The safety monitoring and reporting would run with FSoE. Master devices simply issue the message and receive the response. Single message in – single message out.

ECAT & CIP Safety (NX102 & NX-SL5500, 5700). The NX102 Machine Automation Controller serves as the database connection CPU Unit, while the SL5500- 5700 functions as the independent safety CPU. The exact model is dependent on program capacity and several safety master connections.

The purpose of this configuration allows both FSoE and CIP Safety protocols to operate simultaneously. ECAT-equipped devices, non-ECAT devices, and even non-Omron devices can now be connected by ECAT and/or CIP Safety network protocols.

CIP Safety Only (NX-CSG320 & NX-SL5500, 5700 & GI-SMD1624, GI-SID1224 Modules). The NX-CSG320 model is the safety gateway for CIP Safety, while the SL5500-5700 functions as the independent safety CPU. The GIs function as safety I/O terminals for CIP Safety. The exact model of each is dependent on program capacity, the number of safety master connections, and whether inputs only or both inputs and outputs are required.

The purpose of this is to be able to connect with third-party products via the CIP safety protocol. This safety solution is the best package to connect to non-ECAT community devices.

By networking safety rather than using the point-to-point connection of safety devices, users ensure maximum efficiency and safety in their manufacturing lines. Industry 4.0-level performance can now be realized: flexibility, ease of use, human-machine collaboration, and interoperability between vendors.


Networking safety is the culmination of maximized safety risk mitigation, improved automation efficiency, and increased factory output. Omron’s safety solutions tie into Industry 4.0 level performance of industrial automation.

Whereas safety was once considered a mandatory compliance issue, it is now integral to the elevated performance.
From point-to-point connections to a field bus, networking the safety system helps in making the operation robust and future-proofing it.

Omron’s safety olutions can provide the answer to each of the possible configurations and leading communications protocols that exist.

Cezanne Gonsior
Omron Electronics (Pty) Ltd
Tel. +27 11 579 2600

Share this article