Sauer-Danfoss Introduces Flexible, Powerful CAN Safety Message

Safety protocol extension applicable to SAE J1939, ISOBUS, CANopen; helps OEMs meet functional safety requirements using standard CAN components

Advertisement

AMES, Iowa, USA, April 15, 2013 – Sauer-Danfoss Inc. (NYSE:SHS) Sauer-Danfoss is pleased to introduce the CAN Safety Message, an unrivaled safety protocol extension confirmed by TÜV SÜD, at bauma 2013 in Munich. Uniquely applicable to all three major industry protocols (SAE J1939, ISOBUS and CANopen), the CAN Safety Message raises the reliability of safety-relevant CAN bus messages above the requirement for Safety Integrity Level (SIL) 2 certification according to IEC 61508:2010.

The safety protocol extension can be implemented using existing standard CAN components, enabling mobile off-highway machine OEMs to achieve functional safety requirements more easily without the need for costly specialized hardware.

“Our CAN Safety Message establishes a new industry standard for functional safety communication,” said Marco Tacke, Product Marketing Manager of the Software Solutions Services group at Sauer-Danfoss. “Existing methods for sending safety-relevant information over CAN are limited. Our flexible, powerful new solution helps OEMs meet the demands of safety legislation, reduce development and certification costs and accelerate time to market.”

All off-highway mobile equipment exported to or manufactured in the European Union (EU) must meet European Machinery Directive 2006/42/EC. Some international standards, such as ISO 13849 and IEC 62061, have been harmonized to provide a “presumption of conformity” with the Machinery Directive. Both standards refer to IEC 61508 for E/E/PE-Systems and encourage the use of SIL-certified components and software.

CAN Safety Message analysis includes calculations for 256 nodes on a bus with a 1 MHz rate at a refresh time of 1.0 ms. The worst-case probability for failure per hour (PFH) of 8,25E-10 easily fulfills the requirements for SIL 2 certification.

The CAN Safety Message Safety Data Group (SDG) consists of two CAN data messages:

• Safety Data Message (SDM), which contains the data considered to be safety-critical and non-safety-critical data
• Safety Header Message (SHM), which contains the Running Number and CRC Signature. The SHM is used by the receiver to validate the SDM data and is sent after the SDM within a minimum delay

The SDG will be transmitted periodically and is only valid if both CAN messages are received properly — without failure and within time.

“The CAN Safety Message offers easy adoption of simple and well-known procedures and a transparent evaluation method with clear documentation,” Tacke said.

The whitepaper for the PLUS+1™ CAN Safety Message is available for free download under Functional Safety at www.sauer-danfoss.com. This Safety Message joins the growing Sauer-Danfoss PLUS+1 family of mobile machine management products, which integrate seamlessly through industry-renowned application expertise. At bauma, Sauer-Danfoss will have PLUS+1 tools ready to support the new safety protocol extension.

“Sauer-Danfoss PLUS+1 tools make it easy for OEMs to get up and running with safety data transmitted over CAN,” Tacke said.