PROFIsafe: Networked Functional Safety

Implementing functional safety over a network reduces the number of components, wire, and cabinets; speeds installation and commissioning; and increases uptime. With PROFIsafe, PI’s functional safety application profile, messages are exchanged transparently between Profibus (a serial fieldbus) and Profinet (an industrial Ethernet).


If you are not implementing functional safety over a network you might as well be creating relay ladder logic on D-size vellum with a universal arm drafting machine—and realizing the design with actual relays and lots of wire.

Actually, for decades after the introduction of the PLC and fieldbuses, relays and hardwiring were still required for safety. Then in 2002 machine wiring standards were revised in the U.S. to permit implementing safety in logic controllers and transmitting safety messages over a network. Finally the benefits of PLCs and fieldbuses could be realized for safety. And now 10 years into the networked functional safety era, it’s time for you to realize these benefits in your own facilities.

Networked functional safety architecture showing PROFIsafe-enabled devices in yellow: controller, IO, drive, and process instrument. Courtesy: PI North AmericaTo get you started: What do we mean by networked functional safety, how does it work, and why would you use it?

Safety via communication protocol

The overarching safety standard IEC 61508 defines safety as “the freedom from unacceptable risk of physical injury or of damage to the health of people, either directly, or indirectly as a result of damage to property or to the environment.” This makes functional safety “part of the overall safety that depends on a system or equipment operating correctly in response to its inputs.” With the safety messages transmitted over a fieldbus or Industrial Ethernet we have networked functional safety.

Functional safety is more than moving and reacting to safety messages. Functional safety begins with risk assessment. Having been assessed, risk can be mitigated in many ways from signage to guarding to safety circuitry. In implementing safety circuitry, networked functional safety is bookended by safety IO and a safety controller. Networked functional safety is more than the network—the network needs safety-rated IO on one side and a safety-rated controller on the other.

Networked functional safety can apply in the factory where discrete logic predominates or in the process plant where process instruments containing multiple variables and diagnostic data predominate. Motion control also is subject to networked functional safety. Once the only safety options available for motion were removing power and applying external brakes, but now additional safety options are available—options like “go to safe position.”

Secure messaging

Networked safety relies on a concept called “the black channel,” which tunnels through the fieldbus or Industrial Ethernet protocol to provide secure messaging. By doing so, other aspects of the network are not safety-relevant. So you don’t need safety-rated cable, connectors, gateways, or Ethernet switches. You can compare the black channel to a VPN connection in the Ethernet world. Virtual Private Networks (VPNs) create an encrypted tunnel through Ethernet infrastructure. This prevents other devices or activity on the network from interfering with the VPN traffic. 

PI (Profibus and Profinet International) pioneered the creation of the black channel through academic and practical activities over 12 years ago. To meet safety-certifying agencies requirements, PI came up with the following remedies to the listed potential failures:


PI PROFIsafe: Failure types and remedies

 Failure type






Consecutive number


Time out with receipt


Codename for sender and receiver


Data consistency check










































Data corruption




















Masquerade (standard message mimics failsafe)










FIFO failure within router










Courtesy: PI North America


The remedies are embedded in the data packets. If one of the remedies shows a failure (which must be detected in the receiving logic controller), the system will treat it as a safety event which returns all values to a predescribed safe state.

Because the black channel isolates the safety information in the fieldbus’ or industrial Ethernet’s data stream, connecting cables, connectors, and devices are not safety-relevant. Their failure would be detected by one of the remedies in place and a safety reaction would be generated.

In the case of PROFIsafe, PI’s functional safety application profile, the messages are exchanged transparently between Profibus (a serial fieldbus) and Profinet (an industrial Ethernet). Any type of media can be used: copper, fiber, or wireless. Devices in the discrete, process, or motion control application spaces can communicate to the same safety controller, allowing comprehensive safety scenarios.

Less cost, more uptime

There are technical and business benefits in using networked functional safety. The technical benefits of using a fieldbus transfer include a reduced number of components, less wire, fewer cabinets, faster installation, and faster commissioning.  Some business benefits derive from these, but the big addition is uptime. Just as a fieldbus and Industrial Ethernet can convey diagnostic information, networked functional safety does. In addition, manual maintenance in verifying switch and other safety functions is minimized since the system continually verifies this functionality.

A manufacturer of automotive body lines converted from hardwiring of safety circuitry to PROFIsafe and reduced the number of safety components by 85%. The amount of wire needed was also greatly reduced. The line needed less floor space since there were fewer enclosures. And the factory start-up time was reduced from several weeks to an afternoon.

Networked functional safety is a proven technology, widely used. Using it is a competitive advantage.  As an ARC white paper puts it: “Safety has evolved from being a cost burden to a strategy for improving productivity and reducing downtime.”

- Carl Henning is deputy director, PI North America (Profibus and Profinet in North America, formerly PTO); Edited by Mark T. Hoske, content manager CFE Media, Control Engineering and Plant Engineering,

No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2013 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Sister act: Building on their father's legacy, a new generation moves Bales Metal Surface Solutions forward; Meet the 2015 Engineering Leaders Under 40
2015 Mid-Year Report: Manufacturing's newest tool: In a digital age, digits will play a key role in the plant of the future; Ethernet certification; Mitigate harmonics; World class maintenance
2015 Lubrication Guide: Green and gold in lubrication: Environmentally friendly fluids and sealing systems offer a new perspective
Drilling for Big Data: Managing the flow of information; Big data drilldown series: Challenge and opportunity; OT to IT: Creating a circle of improvement; Industry loses best workers, again
Pipeline vulnerabilities? Securing hydrocarbon transit; Predictive analytics hit the mainstream; Dirty pipelines decrease flow, production—pig your line; Ensuring pipeline physical and cyber security
Cyber security attack: The threat is real; Hacking O&G control systems: Understanding the cyber risk; The active cyber defense cycle
Designing positive-energy buildings; Ensuring power quality; Complying with NFPA 110; Minimizing arc flash hazards
Building high availability into industrial computers; Of key metrics and myth busting; The truth about five common VFD myths
New industrial buildings: Greener, cleaner, leaner; New building designs for industry; Take a new look at absorption cooling; Offshored jobs start to come back

Annual Salary Survey

After almost a decade of uncertainty, the confidence of plant floor managers is soaring. Even with a number of challenges and while implementing new technologies, there is a renewed sense of optimism among plant managers about their business and their future.

The respondents to the 2014 Plant Engineering Salary Survey come from throughout the U.S. and serve a variety of industries, but they are uniform in their optimism about manufacturing. This year’s survey found 79% consider manufacturing a secure career. That’s up from 75% in 2013 and significantly higher than the 63% figure when Plant Engineering first started asking that question a decade ago.

Read more: 2014 Salary Survey: Confidence rises amid the challenges

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.