Debugging Safety-Related Code: Forcing/Overwriting
This topic contains the following sections:To supplement the function test of the safety-related application, the editor provides debug commands in debug mode. For example, instead of pressing a button at the machine, you can force the corresponding input variable in the code editor and then verify the reaction of the application.
| Note
In contrast to the monitoring mode (which allows read-only-access to the Safety PLC), debug mode additionally allows write access to the Safety PLC by providing debug commands for forcing/overwriting variables and executing single cycle operations. Therefore, debug mode is considered as non-safety-related mode as the execution of the application can be influenced. |
As the debug mode allows write access to the Safety PLC you have to be logged on the Safety PLC. However, you don't have to be logged on to the Safety-related Area as long as you do not have to modify safety-related project data (code, variables, parameterization, etc.)
In debug mode, the system provides the possibility of- changing the operational state of the Safety PLC (stopping/starting the program execution).
- overwriting local and global variables without assigned process data item (marker variables).
-
forcing global variables connected to process data items, i.e., I/O variables.
Note
Depending on the controller type used, forcing may not be supported in the current version. - executing single cycle operations.
|
WARNING
|
Unintended machine operation
|
Starting the debug mode
To activate the debug mode, execute the following commands in- the Safety Cockpit editor of the Safety PLC, or in
- the context menu of the Safety PLC in the PLANT, or in
- the context menu of the Safety PLC in the ONLINE STATE window (which is located in the Cross Function Area).
- Select the 'Connect/Disconnect' command:
Not yet logged on to the standard controller? If the controller involved (which contains the Safety PLC) implements a secure device concept, and if you are not yet logged on to the controller (black shield symbol beside the controller icon in the PLANT), the logon mask appears when connecting. Enter the user name of the desired and suitable role as well as the relating password and press <Enter> to log on. (Make sure that the user role you are entering allows writing and starting the safety-related project.)Note
The monitoring mode may be active to switch to debug mode.
If an authentication error occurs during connection establishment (due to a rejected or unknown controller certificate), a dialog appears where you can instruct PLCnext Engineer to establish the ("unsecured") connection nevertheless.While you are logged on to the controller, this is indicated by a green shield symbol
beside the controller icon in the PLANT. When hovering the mouse on the controller icon, a tooltip appears showing logon information. If you have accepted an "unsecured" connection, the following shield symbol is displayed: 
- While connected, select the
'Debug Mode' command:
- A warning message appears informing you that activating the debug mode means leaving the safe mode of operation.
Confirm the dialog with 'Yes' to continue.WARNINGUnintended machine operation - Make sure that no hazardous situation can result from any intentional or unintentional operation of the Safety PLC.
- Also observe the warning at the beginning of this topic.
Click 'No' to abort the activation of the debug mode. - If you are not yet logged on to the Safety PLC, the 'PLC Authentication' dialog appears. Enter the Safety PLC password and click 'OK'. Refer to the topic "Safety PLC Password protection" for further information.
If you cancel the authorization, debug mode will not be activated.
- the 'Debug Mode' icon appears pressed in the Safety Cockpit,
- the status bar shows a red dot
next to the entry 'Safety PLC: Debug Mode Active'. - already open online worksheets are automatically switched to debug mode (no new instance must be selected),
- you can select and open POU instances in the same way as in monitoring mode
- online values are displayed in online worksheets,
- the Safety Cockpit provides commands for changing the operational state of the Safety PLC (Stop, Cold Start, etc.),
- debug commands can be executed in all worksheets as well as in the WATCHES window,
Exiting debug mode
- To exit the
debug mode
and switch back to programming mode (offline mode), select the
'Debug Mode' command again.
- A warning message appears informing you that terminating the debug mode results in a reset of the force list and, if the Safety PLC is in debug run state, a reinitialization of all variables.
Confirm the dialog with 'Yes' to continue.WARNINGUnintended machine operation - Make sure that no hazardous situation can result from the reset of the force list and the reinitialization of the variables.
- Also observe the warning at the beginning of this topic.
Click 'No' to abort the deactivation of the debug mode.
After detaching, PLCnext Engineer is still connected to the Safety PLC (Safety PLC icon in the PLANT indicates the state) and the monitoring mode is active, i.e., online values are read from the Safety PLC. To reattach to the application process, select the 'Debug Mode' command again.
 | When selecting the command 'Connect/Disconnect' from the Safety PLC context menu in the PLANT or on the Safety Cockpit toolbar while debug mode is active, PLCnext Engineer detaches from the running application process (programming mode becomes active) and then disconnects from the Safety PLC. |
| Note
If the debug mode is active when disconnecting, a message appears informing you about the following: the Failure state will be entered if the Safety PLC detects disconnection from PLCnext Engineer while in debug mode and after the elapse of more than 10 minutes, or if another condition that does not allow further execution of the program has occurred on the Safety PLC. |
| Further Info
Refer to topic "Connecting vs. Monitoring Mode vs. Debug Mode" for detailed information. |
Forcing and overwriting variables in debug mode
Both, forcing and overwriting means assigning a new value to a variable. Both operations are only possible while the software runs in debug mode.
What is the difference between forcing and overwriting?
- Overwriting is possible for local and global variables (marker variables without assigned process data item) as well as for I/O variables (assigned to process data item). The value is overwritten (set) only once at the beginning of the task execution cycle. Then, the variable is processed normally. Thus, the new value of the variable remains until a write access is performed. A write access can be performed by a programmed store operation or by remote access (e.g., by the OPC server) or by initializing the variable in case of a controller cold start.
-
Forcing is possible for variables and ports which are connected to process data items, i.e., I/O variables/ports. Forcing means setting the I/O variable/port permanently to the force value until forcing is reset by the user.Forcing takes place at the beginning and at the end of a program cycle. Within a cycle, the application may change the variable value by a write access. In this case, it is set to the force value again at the end of the cycle (until you unforce it).
Note
Depending on the controller type used, forcing may not be supported in the current version.
Forcing/overwriting can be done in online code worksheets, online variables tables/Data Lists/Port Lists, and in the WATCHES window.
To modify a force value or unforce variables/ports, additionally the FORCELIST window can be used.
What do you want to do?
Force/overwrite a variable in an online code worksheet
Force/overwrite a variable in the WATCHES window
Unforce (reset) a forced variable
Switch the Safety PLC to Debug Halt state and execute single cycles