UNINTENDED EQUIPMENT OPERATION
Touch panel switches should NOT be used
to make a switch that could result in human injury or equipment
damage. Trouble with the display unit, units, and cables which
keep the output ON or OFF could result in a serious accident.
An output signal that could result in a serious accident must
be equipped with a monitoring circuit such as a limiter. Please
design the system so that important operation switches are
handled by equipment other than the display unit. This will
prevent potential accidents as a result of incorrect output
or malfunctions. - Touch panel switches should NOT be used for
a device's Emergency Stop Switch. The Ministry of Health,
Labor and Welfare requires all industrial machinery/systems
must be equipped with a mechanical, manually operate emergency
stop switch. Also, for other kinds of systems, similar mechanical
switches must be provided to ensure safe operation of those
systems.
- Do not create touch panel switches to control
machine safety operations. Emergency stop switches and the
like should be installed as separate hardware switches.
Be sure to design your system so that a
communication interruption between the display unit and host
controller will not cause equipment to malfunction. This is
to prevent any possibility of bodily injury or equipment damage. - Do not use the display unit as a warning device
for critical alarms that can cause serious operator injury,
machine damage or halt system operation. Critical alarm indicators
and their control/activation units must be designed using
stand alone hardware and mechanical interlocks.
- Do not use display units with aircraft control
devices, aerospace equipment, central trunk data transmission
(communication) devices, nuclear power control devices, or
medical life support equipment, due to their inherent requirement
for extremely high levels of safety and reliability. Do not
use for these purposes.
- After the display unit's backlight burns out,
the touch panel is still active. This is unlike the display
unit's Standby Mode. If the operator fails to notice that
the backlight is burned out and touches the panel, a potentially
dangerous machine operation error can occur. Therefore, do
not create touch panel switches that may cause injury and/or
equipment damage.
If the display unit backlight is OFF, use the following to
determine if the backlight is burned out.
(1) If the screen has gone blank although the display unit
is not set up to enter Standby Mode, then the backlight is
burned out.
(2) If screen has gone blank and the display unit is set up
to enter Standby Mode, touch the screen or perform some other
input operation. If the screen does not reappear, the backlight
is burned out.
- Be sure to design the control system so that,
in the event of a power failure or a display unit accident,
the user system's overall safety integrity will be maintained.
If this is not done, incorrect output signals or a display
unit malfunction may cause an accident.
(1) Emergency stops, safety circuits, interlocks that operate
with opposing actions such as clockwise/counterclockwise rotation,
and interlocks that prevent machine damage with upper, bottom,
movement, and other limits, should be designed outside the
display unit.
(2) When the display unit generates a Watchdog Timer Error
during logic program operation, the logic program operation
will halt. Also, when errors occur in Input/Output control
areas that the display unit cannot detect, unanticipated operations
may occur. Therefore, to prevent unsafe machine movement,
a Failsafe Circuit should be created which is completely external
to the display unit.
For a failsafe circuit, please refer to the hardware manual
section titled "Installation Precautions".
(3) If a problem arises with an external unit's relay or transistor,
causing an output (coil) to remain either ON or OFF, a major
accident can occur. To prevent this, be sure to set up external
watchdog circuits that will monitor vital output signals.
- Design a circuit that supplies power to the
display unit I/O, before the display unit starts up. If the
display unit program enters RUN mode before the I/O unit turns
ON, an incorrect output (signal) or malfunction could cause
an accident.
- Design a logic program with interlock circuits
that ensure the safety of the system in the event of a display
or control error, a data transmission error, or power failure
between the display unit and connected units. If this is not
done, incorrect output signals or a display unit malfunction
may cause an accident.
- Be sure to read the display unit manual carefully
before performing program changes, enabling forces, or using
the RUN, STOP, and PAUSE commands. Operation mistakes can
cause accidents or damage machinery.
Failure to follow these instructions can result in death, serious injury, or equipment damage. |
WARNING