05/16/2025
How-to | Safety | Engineering

ctrlX SAFETY: When and how to (re-)validate the SAFEX-C.1x configuration project?

[callout type="info" text="All available hardware versions HW4 to HW7 of compact safety controllers SAFEX-C.1x are compatible with the available firmware in principle. Firmware and engineering versions are released in combination. Later versions provide more and improved functionality. Always the newest available version of Firmware and Engineering is recommended to be installed." has-icon="true"]

Especially in cases, when firmware and engineering versions or even the hardware version are updated or changed, the validation of the functional safety application has to be reconsidered. For the firmware and FPGA update please refer to the following link buttons to "How To update SAFEX-C.1x firmware" - Part 1 and 2 of 2!

[link-button type="secondary" text="Update Part 1/2" target="_self" href="https://community.boschrexroth.com/ctrlx-automation-how-tos-qmglrz33/post/how-to-update-safex-c-1x-firmware---part-1-2-WA2LgHD61k1Zvlh"]

[link-button type="secondary" text="Update Part 2/2" target="_self" href="https://community.boschrexroth.com/ctrlx-automation-how-tos-qmglrz33/post/how-to-update-safex-c-1x-firmware---part-2-2-afHAGYZrVWSNJT1"]

[callout type="warning" text="Please make sure to always use the recommended combination of firmware and ctrlX SAFETY Engineering versions before starting or executing the (re-)validation!"]

[callout type="warning" headline="General relevance of (re-)-validation" text="Be aware of: A correct and thorougly created validation report provides the prerequisites for future legal questions."]

Let's make things as easy as possible:

  1. A validation can be shortened under some conditions: (1) the recent validation report and (2) the recent safety configuration project being applied to the SAFEX-C.1x.

    [callout type="info" text="A prerequisite for a successful approval is the recent validation report as a reference!" has-icon="true"]

    [callout type="warning" text="If the validation report is not available for comparison the validation process shall be repeated! This provides the prerequisites for future legal questions."]

  2. We assume that the safety periphery (inputs and actuators) remains 100% the same.

  3. We assume furthermore that the safety configuration project (ctrlX SAFETY Engineering) is available and remains the same.

    [callout type="info" text="With 1. and 2. we expect in most cases no need to do any validation, but since it is about functional safety we need to be careful and do the below considerations." has-icon="true"]

  4. We assume further on that firmware, FPGA and configuration update is done in a continuous sequence, even if several stages are needed from the beginning to the final one. At the final stage the machine or facility shall be actuated again where a validation is only necessary at this step.

  5. In combination with a version step in ctrlX SAFETY Engineering the resulting configuration has to be loaded into the SAFEX-C.1x.

    1. After this step first of all the checksums have to be approved in the Online dialog "Diagnostics -> SAFEX-C.1x - System Info" within ctrlX SAFETY Engineering according to the following description.

      [gallery images="1-2"]

    2. This value has to be compared to the previous validation report. In general it does not change, but it can happen, if the interpreter code for the used blocks has changed.

    3. An additional approval about the identity of the configuration active inside the SAFEX-C.1x and the connected PC can be done by the verification of the configuration while in Online mode.

      [gallery images="3"]

  6. The difference between the previous and the current checksum decides upon the next step in the procedure.

    1. If the checksums do not differ between previous validation report and the current system information output (no change in safety periphery) no further validation is necessary. The validation report can be simply created and stored for future reference.

    2. If the checksums differ between previous validation report and the current system information, a test of all safety functions is required. This is due to the fact that the influence of the changed code cannot be assigned to any specific function.

      Finally a new validation report as for the original safety acceptance test needs to be created and stored for future reference.

      [callout type="warning" text="If the equality of the checksums cannot be approved the validation process shall be repeated! This provides the prerequisites for future legal questions."]

  7. After all necessary checks and approvals the configuration can and has to be locked. With this step it is signaled at the machine and in the cabinet that the configuration of the SAFEX-C.1x is approved. This is visible with the transition of the light-pipe changing from flashing green to permanently green.

[callout type="info" headline="Final Note" text="Storage of the validation report is crucial a) for legal reasons and b) for future reference with further updates. " has-icon="true"]

2
Types
How-to
Products
Safety
Controls
IO
Motion
Markets
Manufacturing
Assembly Lines
Logistic
Packaging
Printing
Production Machines
Robotics
Semicon & Electronics
Sonstiges

Latest published/updated articles