PROFIsafe: Networked Functional Safety

Implementing functional safety over a network reduces the number of components, wire, and cabinets; speeds installation and commissioning; and increases uptime. With PROFIsafe, PI’s functional safety application profile, messages are exchanged transparently between Profibus (a serial fieldbus) and Profinet (an industrial Ethernet).


If you are not implementing functional safety over a network you might as well be creating relay ladder logic on D-size vellum with a universal arm drafting machine—and realizing the design with actual relays and lots of wire.

Actually, for decades after the introduction of the PLC and fieldbuses, relays and hardwiring were still required for safety. Then in 2002 machine wiring standards were revised in the U.S. to permit implementing safety in logic controllers and transmitting safety messages over a network. Finally the benefits of PLCs and fieldbuses could be realized for safety. And now 10 years into the networked functional safety era, it’s time for you to realize these benefits in your own facilities.

Networked functional safety architecture showing PROFIsafe-enabled devices in yellow: controller, IO, drive, and process instrument. Courtesy: PI North AmericaTo get you started: What do we mean by networked functional safety, how does it work, and why would you use it?

Safety via communication protocol

The overarching safety standard IEC 61508 defines safety as “the freedom from unacceptable risk of physical injury or of damage to the health of people, either directly, or indirectly as a result of damage to property or to the environment.” This makes functional safety “part of the overall safety that depends on a system or equipment operating correctly in response to its inputs.” With the safety messages transmitted over a fieldbus or Industrial Ethernet we have networked functional safety.

Functional safety is more than moving and reacting to safety messages. Functional safety begins with risk assessment. Having been assessed, risk can be mitigated in many ways from signage to guarding to safety circuitry. In implementing safety circuitry, networked functional safety is bookended by safety IO and a safety controller. Networked functional safety is more than the network—the network needs safety-rated IO on one side and a safety-rated controller on the other.

Networked functional safety can apply in the factory where discrete logic predominates or in the process plant where process instruments containing multiple variables and diagnostic data predominate. Motion control also is subject to networked functional safety. Once the only safety options available for motion were removing power and applying external brakes, but now additional safety options are available—options like “go to safe position.”

Secure messaging

Networked safety relies on a concept called “the black channel,” which tunnels through the fieldbus or Industrial Ethernet protocol to provide secure messaging. By doing so, other aspects of the network are not safety-relevant. So you don’t need safety-rated cable, connectors, gateways, or Ethernet switches. You can compare the black channel to a VPN connection in the Ethernet world. Virtual Private Networks (VPNs) create an encrypted tunnel through Ethernet infrastructure. This prevents other devices or activity on the network from interfering with the VPN traffic. 

PI (Profibus and Profinet International) pioneered the creation of the black channel through academic and practical activities over 12 years ago. To meet safety-certifying agencies requirements, PI came up with the following remedies to the listed potential failures:


PI PROFIsafe: Failure types and remedies

 Failure type






Consecutive number


Time out with receipt


Codename for sender and receiver


Data consistency check










































Data corruption




















Masquerade (standard message mimics failsafe)










FIFO failure within router










Courtesy: PI North America


The remedies are embedded in the data packets. If one of the remedies shows a failure (which must be detected in the receiving logic controller), the system will treat it as a safety event which returns all values to a predescribed safe state.

Because the black channel isolates the safety information in the fieldbus’ or industrial Ethernet’s data stream, connecting cables, connectors, and devices are not safety-relevant. Their failure would be detected by one of the remedies in place and a safety reaction would be generated.

In the case of PROFIsafe, PI’s functional safety application profile, the messages are exchanged transparently between Profibus (a serial fieldbus) and Profinet (an industrial Ethernet). Any type of media can be used: copper, fiber, or wireless. Devices in the discrete, process, or motion control application spaces can communicate to the same safety controller, allowing comprehensive safety scenarios.

Less cost, more uptime

There are technical and business benefits in using networked functional safety. The technical benefits of using a fieldbus transfer include a reduced number of components, less wire, fewer cabinets, faster installation, and faster commissioning.  Some business benefits derive from these, but the big addition is uptime. Just as a fieldbus and Industrial Ethernet can convey diagnostic information, networked functional safety does. In addition, manual maintenance in verifying switch and other safety functions is minimized since the system continually verifies this functionality.

A manufacturer of automotive body lines converted from hardwiring of safety circuitry to PROFIsafe and reduced the number of safety components by 85%. The amount of wire needed was also greatly reduced. The line needed less floor space since there were fewer enclosures. And the factory start-up time was reduced from several weeks to an afternoon.

Networked functional safety is a proven technology, widely used. Using it is a competitive advantage.  As an ARC white paper puts it: “Safety has evolved from being a cost burden to a strategy for improving productivity and reducing downtime.”

- Carl Henning is deputy director, PI North America (Profibus and Profinet in North America, formerly PTO); Edited by Mark T. Hoske, content manager CFE Media, Control Engineering and Plant Engineering,

The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
Doubling down on digital manufacturing; Data driving predictive maintenance; Electric motors and generators; Rewarding operational improvement
2017 Lubrication Guide; Software tools; Microgrids and energy strategies; Use robots effectively
Prescriptive maintenance; Hannover Messe 2017 recap; Reduce welding errors
The cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Mobility as the means to offshore innovation; Preventing another Deepwater Horizon; ROVs as subsea robots; SCADA and the radio spectrum
Research team developing Tesla coil designs; Implementing wireless process sensing
Commissioning electrical systems; Designing emergency and standby generator systems; Paralleling switchgear generator systems
Natural gas engines; New applications for fuel cells; Large engines become more efficient; Extending boiler life

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
The maintenance journey has been a long, slow trek for most manufacturers and has gone from preventive maintenance to predictive maintenance.
Featured articles highlight technologies that enable the Industrial Internet of Things, IIoT-related products and strategies to get data more easily to the user.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.
Maintenance Manager; California Oils Corp.
Associate, Electrical Engineering; Wood Harbinger
Control Systems Engineer; Robert Bosch Corp.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me