In the EEROS library you will find a directory with examples. Open a shell in the build directory of your EEROS library and run examples/safety/SafetySystemTest2.
The example comprises a safety system with only two safety levels and two safety events. The system will start in the safety level slStart. It will stay there for three seconds after which a safety event is triggered which causes a level change to slRampingUp. The control system for this example consists of three block as show below: (insert figure here). When the system changes into slRampingUp the integrator is enabled. The output of the integrator starts to ramp up. The levels and events are defined in the safety properties. The properties further include one critical input and one critical output.

The following events are defined and used in the example:

The example shows a typical use of safety levels and safety events. In order to demonstrate how the system works in a very limited example the following assumptions have been taken:

• The end of the initialization phase is triggered by a periodic which is run by the executor. In general this would be signalled by the sequencer after a initializing sequence has finished or by the control system as soon as a certain condition arises.
• To start and stop running might be triggered by pressing or releasing a button connected to the critical input. In our simple example we do not have real hardware. Hence we simply start and never stop, because the state of the hypothetical input is always true.
• When pressing Ctrl-C the system falls into level slShuttingDown. A level action for this safety level causes the system to automatically switch to level slOff which then terminates the program. Here again, this would be signalled by the sequencer after a shutting down sequence has finished or by the control system as soon as a certain safe condition is reached.