Safety in field bus systems

In CAN technology, there are different “safeties” distinguished: safety-related communication, safety-critical communication, and intrinsically safe communication. Secure communication is something different (e.g. protection against unauthorized access by means of data encryption and decryption).

Safety-related communication

In safety-related control applications, there is a safe state. In respect to the safety-related communication, any failure in the communication shall force the devices into safe state. The CANopen Safety protocol and the DeviceNet CIP Safety protocol provide standardized safety-related communication functionality. There are also some proprietary safety-related communication systems based on CAN.

Safety-critical communication

Safety- or mission-critical communication is required, when there is no safe state. In those applications requiring high availability of the communication system, redundant networks and redundant communication interfaces are necessary. Besides proprietary solutions, CANopen provides specific services and protocols for swapping active and stand-by bus-lines as well as redundant network management functions.

Intrinsically safe communication

An intrinsically safe CAN physical layer is not able to cause explosions under given circumstances. It is mainly required for networks running in chemical and petrochemical systems. The CiA 103 physical layer specification for intrinsically safe capable devices standardizes the hardware interface for CAN-connected devices.