Safety application coverage in CIP provides the ability to mix safety devices and standard devices on the same network or wire for seamless integration and increased flexibility. CIP Safety™ provides fail-safe communication between nodes such as safety I/O blocks, safety interlock switches, safety light curtains and safety controllers in both machine and process automation safety applications up to Safety Integrity Level (SIL) 3 according to IEC 61508 standards. CIP Safety has also been adopted by Sercos International.
CIP Safety is made up of high integrity safety services and diagnostics in the application layer and doesn’t require special communications hardware. CIP Safety can also coexist with other application layer standards like CIP Motion and CIP Security. CIP Safety does not prevent communication errors from occurring, but instead it ensures transmission integrity by detecting errors and allowing devices to take appropriate actions as follows:
- All CIP Safety data is produced with a timestamp which allows safety consumers to determine the age of the produced data.
- A Production Identifier is encoded in each data production to ensure that each received message arrives at the correct consumer.
- All safety transfers on CIP Safety use Safety CRCs or checksums to ensure the integrity of the transfer of information.
- Data and CRC or checksum redundancy with cross checking provides an additional measure of protection by detecting possible corruption of transmitted data.
- The CIP Safety protocol is present only in safety devices; this prevents standard devices from masquerading as safety devices.
CIP Safety packets are made up of the following four sections (note that no packet has all four): data, timestamp, time correction and time coordination. When configuring a CIP Safety device over the network, there are measures to ensure integrity of the configuration, such as:
- Safety Network Number which identifies each network path in the system individually, allowing each device to be uniquely identified.
- Configuration Ownership can be enforced to ensure that safety configurations cannot be changed by other devices in the network.
CIP Safety has been certified by TÜV Rheinland as a “black channel” protocol, which means that the safety integrity is not dependent on the physical media. As a black channel protocol, CIP Safety can be communicated with over different wired Ethernet platforms (10, 100 Mbps and 1 Gbps), fiber optics, and wireless systems such as existing WiFi (802.11a/b/g/n/ac). CIP Safety is expected to be forward compatible to new standards like WiFi 6 (802.11ax) and 5G.