Using Form C relays in safety circuits

Last updated on August 23rd, 2022 at 05:30 pm

I recently had a discussion with a colleague who wanted to know if it was OK for a design to include a form C relay in an e-stop circuit. You might recall that e-stop functions are required to meet at least PL_c/SIL1 requirements [1], [2]. It’s important to remember that PL_c/SIL1 can be met using Category 1, 2, or 3 architectures. See [1, Fig. 5] below.

The Short Answer

YES, you can, but you need to understand the special requirements that apply. For that, read on!

Component Requirements

Frequently designers get confused about requirements for components to be used in SRP/CS*. To some degree, component selections are based on the architectural category selected (i.e., B, 1, 2, 3, 4), but it’s important to understand that, except for Categories B and 1, there are no explicit requirements placed on the components used.

*See the Definitions at the end of this post.

Category B

In Category B the component requirements are limited to their suitability for the prevailing circuit conditions. This applies equally to electrical and fluidic components. Category B forms the basis for all of the other Categories, so this minimum requirement applies in all designs. Having said this, no competent designer would do anything else.

Category 1

In Category 1 a new requirement is added: well-tried components. The idea of well-tried components has not been well defined since EN 954-1 was published in 1995, however, this will change in the next edition of the standard. In the meantime, the tables of well-tried components in ISO 13849-2 [3] give explicit examples of well-tried components in mechanical, electrical and fluidic technologies.

The use of well-tried components is the heart of Category 1 since this category relies on high-reliability components to achieve a higher PL.

Categories 2, 3, and 4

In Categories 2, 3, and 4, additional reliability is based on diagnostic capability and the use of redundancy. There is nothing that would preclude using well-tried components in these categories, however, they are not required.

Contactors and Relays

Simple safety circuits commonly use contactors or relays for output devices, the “O” devices in the block diagram below [1, Fig. 11].

Remember too that the dashed line used for the “m” links shown above indicate that some but not all faults may be detected by the diagnostics. In Category 3, this ranges from DC_avg = Low (60% to 90%) to DC_avg = Med (90% to 99%).

Contactors

If we look at an example Category 3 circuit, below, we can see that there are auxiliary contacts from the output contactors, K1 and K2, connected into the reset loop (+24 Vdc to S34) on the safety relay to monitor the devices.

The mechanical design of some power contactors is such that the auxiliary contact and the power contacts are mechanically linked in a way that will force all the contacts to transfer together. Similar to a fluidic valve, contactors are only open or closed. In the event that a contact welds, the contactor will remain in the closed state.

As you can see, the basic mechanical construction is quite simple. The contacts are mounted to a rigid mechanical armature, ensuring that they move together when the solenoid is energized.

Beware, however, as not all contactors are built this way. Check to ensure that the contactor datasheet shows that the contacts are force-guided. An easy way to verify this is to look for IEC 61810-3 in the list of standards to which the contactor conforms.

What happens if the circuit conditions are such that a smaller relay is preferable?

Control Relays

A Form C relay is also sometimes called a “changeover” or “Single Pole-Double throw (SPDT)” relay.

A single form C contact isn’t much good unless you are trying to design a system whose PL only requires PL_a or PL_b, but adding a second contact to this device adds the possibility of monitoring the relay. This is called a “double-pole, double-throw” or DPDT relay.

This is the configuration commonly found in control relays that physically look something like this:

Depending on how the armature is mechanically linked to the contact reeds, it is quite possible to have one contact transfer and one stay closed for a number of reasons. This is a “dangerous undetectable (?_dd)” fault that will crush the reliability of your design. It’s for this reason that “force-guided” relays were created.

Force-guided relays, on the other hand, have a completely different design from a conventional control relay. In a force-guided relay, the armature is moved to the tip of the contact reeds and as close to the contacts as possible. This helps ensure that the contacts move together. Also, each contact is enclosed in a well inside the plastic body, which will contain the reed if it breaks, and also helps to contain any debris created by heavily loaded contacts. The drawing below shows a force guided relay that has failed, with one of the normally open (NO) contacts welded.

You can also see the location of the armature and the contact wells in the diagram above.

The close mechanical linking of the contacts helps to ensure that all the contacts transfer together. If one contact is used as a monitoring contact for the relay, there should be a high level of confidence that the state of the monitoring contact is the same as the in-circuit contacts. This mechanical design helps solve the problem with the dangerous undetectable fault created by the design of a standard control relay.

Force-guided relays that meet IEC 61810 [14] will bear the Class A contact mark shown below. Class A refers to the forcible guiding of the contacts. Class B contacts are those found in a standard control relay.

The Class A contact mark will normally show up on the relay nameplate as shown below.

For more depth on force-guided relay differences as compared to standard control relays, see Elesta’s explainer.

The Answer

If you only need the relatively small current handling capability offered by a control relay relative to a contactor, then there is no reason you should not select one for use in your SRP/CS with one caveat: it must be force-guided.

Once you’ve selected the appropriate device, you can then do the ISO 13849-1 analysis using the component reliability data provided by the relay manufacturer. In some cases, such as Category 4 applications, you may want to select two different relays from different manufacturers to help with diversity in the SRP/CS. This will be accounted for in your CCF scoring.

Contactors are equally good, but are physically larger and often have higher-power solenoids, so these aspects may also be constraints on the design. If you are selecting a contactor, picking a “safety contactor” makes manually overriding the solenoid more difficult by preventing access to the contactor armature with a small tool or a zip-tie. Safety contactors also ensure that the armature design ensures that the contacts are force-guided, including the auxiliary contacts.

If this doesn’t answer your question in enough depth, feel free to get in touch!

Definitions

Forcibly Guided Contacts

• combination of make contacts and break contacts designed in such a way that it is made sure by mechanical means that these make contacts and break contacts can never be in the closed position simultaneously [12]
• makes it impossible to close the normally closed and normally open contact simultaneously. If a normally closed contact becomes welded, it must be impossible for the normally open contacts to close when the coil is energized.
  
  If a normally open contact becomes welded, it must be impossible for the normally closed contacts to close when the coil is de-energized. Also known as: forced contacts, positively activated contacts, guided contacts, and linked contacts. [9] See IEC 61810-3 [10] and [14].

Form C – A ?Form C? contact has at least 3 terminals. One terminal is common, with one normally open contact and one is normally closed contact sharing the common. This is also called a ?changeover? device because the common contact changes from the normally closed position to the normally open position when the coil is energized in a relay or a magnetic field is nearby in a reed switch [4]

safety?related part of a control system
SRP/CS
part of a control system that responds to safety-related input signals and generates safety-related output signals

Note 1 to entry: The combined safety-related parts of a control system start at the point where the safety-related input signals are initiated (including, for example, the actuating cam and the roller of the position switch) and end at the output of the power control elements (including, for example, the main contacts of a contactor).

Note 2 to entry: If monitoring systems are used for diagnostics, they are also considered as SRP/CS. [1, 3.1.1]

Single-Pole Double-Throw (SPST), etc. (SPDT, DPST, and DPDT)

SP and DP refer to single pole and double pole, ST and DT refer to single throw and double throw.

Pole refers to the number of circuits controlled by the switch: SP switches control only one electrical circuit. DP switches control two independent circuits (and act like two identical switches that are mechanically linked). Do not confuse ?pole? with ?terminal?. The DPST switch, for example, has four terminals, but it is a DP, not a 4P switch.

Throw refers to the extreme position of the actuator: ST switches close a circuit at only one position. The other position of the handle is Off. DT switches close a circuit in the Up position and the Down position (On-On). A DT switch can also have a center position (frequently On-Off-On).

Single pole/throw and double pole/throw switches are the most common, but triple and quadruple configurations are also available. They are commonly denoted 3PST, 3PDT, 4PDT, etc. [15]

References

[1] Safety of machinery — Safety-related parts of control systems — Part 1: General principles for design, ISO 13849-1. 2015.

[2] Safety of machinery — Functional safety of safety-related electrical, electronic and programmable electronic control systems, IEC 62061. 2005.

[3] “Contactor Construction & Operating Principle – Electrical Engineering 123”, Electrical Engineering 123, 2019. [Online]. Available: https://www.electricalengineering123.com/contactor/. [Accessed: 27- Oct- 2019].

[4] “Understanding Form A, Form B, Form C Contact Configuration”, Engineering and Component Solution Forum — TechForum — Digi-Key, 2019. [Online]. Available: https://forum.digikey.com/t/understanding-form-a-form-b-form-c-contact-configuration/811. [Accessed: 27- Oct- 2019].

[5] Rockwell Automation, 52582 – Example Safety Circuits Categories for the SMC. 2019.

[6] Sivaranjith, “What are Control relays?”, Industrial Automation, PLC Programming, scada & Pid Control System, 2017. [Online]. Available: https://automationforum.in/t/what-are-control-relays/2888. [Accessed: 27- Oct- 2019].

[7] grotedikken, “Magneet aan/uit – Forum – Circuits Online”, Circuitsonline.net, 2018. [Online]. Available: https://www.circuitsonline.net/forum/view/142265. [Accessed: 27- Oct- 2019].

[8] “HOZ-03463/11-001614-220/030.01”, Hengstler.de, 2019. [Online]. Available: https://www.hengstler.de/en/s_c10050102i35984/Relays/Safety_relays/463/HOZ-03463/11-001614-220/030.01/4631011.html. [Accessed: 27- Oct- 2019].

[9] “What are force guided contacts?”, Se.com, 2019. [Online]. Available: https://www.se.com/us/en/faqs/FA111694/. [Accessed: 28- Oct- 2019].

[10] “Distinguishing features of relays with forcibly guided contacts and elementary relays / ELESTA GmbH”, elesta-gmbh.com, 2019. [Online]. Available: https://www.elesta-gmbh.com/en/relays/relays-know-how/anwendungen-loesungen/unterscheidungsmerkmale-von-relais-mit-zwangsgefuehrten-kontakten-und-elementarrelais.html. [Accessed: 28- Oct- 2019].

[11] “Safety Relay: How Does a Forcibly Guided Contact Work | FAQ | Singapore | Omron IA”, Omron-ap.com, 2019. [Online]. Available: http://www.omron-ap.com/service_support/FAQ/FAQ02481/index.asp. [Accessed: 28- Oct- 2019].

[12] “IEC 60050 – International Electrotechnical Vocabulary – Details for IEV number 444-04-23: “forcibly guided contacts””, Electropedia.org, 2019. [Online]. Available: http://www.electropedia.org/iev/iev.nsf/display?openform&ievref=444-04-23. [Accessed: 29- Oct- 2019].

[13] “Safety Circuit Examples of Safety Components | Technical Guide | Australia | Omron IA”, Omron.com.au, 2019. [Online]. Available: http://www.omron.com.au/service_support/technical_guide/safety_component/safety_circuit_example.asp. [Accessed: 29- Oct- 2019].

[14] “IEC 61810-3:2015 | IEC Webstore”, Webstore.iec.ch, 2019. [Online]. Available: https://webstore.iec.ch/publication/21885. [Accessed: 30- Oct- 2019].

[15] “SPST, SPDT, DPST, and DPDT Explained – Littelfuse”, Littelfuse.com, 2020. [Online]. Available: https://www.littelfuse.com/technical-resources/technical-centers/commercial-vehicle-technical-center/poles-and-throws.aspx. [Accessed: 13- Jan- 2020].

Thanks

Thanks to the following people: my anonymous colleague who originally asked the question, Mr. Les Young, and Mr. Anthony Kerstens for their comments on this article through LinkedIn.

© 2019 – 2022, Compliance inSight Consulting Inc.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.