Get documents about "Microsoft powerpoint - 1823 - PCS 7 Redundancy.ppt
W
Document Sample
s 2008 Automation Summit A Users Conference ID#: 1823 Title: PCS 7 Redundancy Tailored to Your Needs Topic: Process Automation Presenter: Christoph Lehmann Company: SE&A Expand your world of automation Presenter - Christoph Lehmann PCS 7 Product Manager in the U.S. Grad. Engineer (Dipl. Ing.) - Electrical Engineering Application Engineer for Automation Systems DCS System Specialist for High Available PCS 7 Pilot Installations System Consultant for Critical Control and Process Safety Systems PCS 7 Product Manager for Process I/Os and Safety Systems Contact: Christoph Lehmann PCS 7 Product Management USA Phone: +1 (215) 646 7400 ext. 2122 Cell Phone: +1 (267) 421 9327 email: christoph.lehmann@siemens.com Address: SIEMENS Energy & Automation Inc. 1201 Sumneytown Pike P.O. Box 900 Spring House, PA 19477 USA page 2 PCS 7 Redundancy tailored to your needs To minimize plant down-time PCS 7 offers well-conceived redundancy concepts which stretch across all automation levels. A unique and extremely flexible system architecture enables costeffective fault-tolerant solutions exactly where they are required. This presentation gives you an overview of fault-tolerant architectures from the instrument level up to the Operator Screens. Contents: MTBF and Reliability PCS 7 Redundancy concept - Solutions for OS, AS, I/O, Communication, Fieldbus Application Notes page 3 Motivation Why is high availability important? “The plant has to be running!” Failures of the process control system or of any of its components can lead to a plant shutdown which causes: production loss expenses for activities to restart the process loss of an entire batch due to lost quality data Goal: Minimize the probability of a production shutdown and the impact of failures! page 4 Module MTBF – Part Count Method The module MTBF of SIMATIC components is calculated with the Part Count Method. The approach is to sum up all component failure rates regardless of the structure according to IEC 61709, SN 29500 and MIL-HDBK-217F Assumption of a serial structure MTBF1 MTBF2 MTBF3 1 1 1 1 = + + MTBFs MTBF1 MTBF2 MTBF3 MTBFs = 1 λ1 + λ2 + λ3 page 5 Module MTBF – Field Approach The field approach requires failure rate data from the field, which are gathered by product observation and field data acquisition Theoretical approach module MTBF theot. Field approach = < module MTBF field MTBF theor. MTBF field The field approach serves MTBF values which are > 3 times better than the predicted values page 6 Module MTBF: Calculated vs. Field Module CPU 417-4HL01 Sync Module MTBF (calc.) 14.9 Years 150.0 Years MTBF (field) 261.7 2453 Factor 17.6 16.3 http://support.automation.siemens.com/WW/view/en/16818490 page 7 Reliability of the plant Regarding Reliability, Availability and Maintainability of a process control system, always keep in mind: The process control system1) is only a part of the whole plant. For reliability analysis of a plant, all components have to be taken into consideration: Pumps and motors Valves Sensors Supplies (air, steam, electric power, …) Cabling Simplified reliability structure: Plant 2) Process Control System1) OS Network 1) Controller Network I/O-system Cabling Supplies Sensor/ Actuator 1) 2) page 8 mainly our objective is to do a prediction of the DCS system avoid to include this peripheral components ( often not SIEMENS products) in the prediction Redundancy at all levels with SIMATIC PCS7 Parallel redundancy of OS/Batch clients Redundant OS/Batch servers with archive synchronization between servers Double-redundant plant bus and terminal Bus Fully redundant automation system with optical fiber connection between CPUs Redundant connection of the distributed I/O Redundant connection of PROFIBUS PA Redundant connection of non-redundant PROFIBUS DP devices with Y link Redundant I/O modules Redundant Profibus PA Ultimate flexibility to choose the redundancy levels to fit the application page 9 Benefits of the SIMATIC PCS 7 redundancy concept Scaleable solutions throughout the modular system to adapt the system design to the requirements Cost optimized solution Failures of a redundant component will be automatically reported to the operator station Failures are detected without delay. Failed components can be quickly exchanged to restore the redundancy and minimize the meantime to repair. Hardware upgrades for redundancy have minimum impact into the software configuration Minimum effort to upgrade the system architecture page 10 SIMATIC PCS 7 – Redundancy at all levels Solutions for the Operator System WEB Client SIMATIC IT Office LAN (Ethernet) Client Station WEB Server (OPEN PCS 7) OS LAN (Ethernet) OS Server ROUTE Control Industrial Ethernet AS 41x HF ET200M HF ET200S ET200M HF (Standard & F-Modules) ET200M HF ET200iSP CAS/ BATCH Server Engineering/ Maintenance Station AS 41x PROFIBUS DP SIMOCODE ET200iSP PROFIBUS PA PROFIBUS DP PROFIBUS PA page 11 SIMATIC PCS 7 Redundancy – Solutions for the Operator System Parallel OS Single Stations ES OS OS Each station includes all operation and monitoring functions In case of a station failure, all other stations remain available Note: There is no data exchange between the stations, which means that in the case of a failure there is a data gap in the OS Archives (Tags and Events) of the failed station. page 12 SIMATIC PCS 7 Redundancy – Solutions for the Operator System Redundant OS Single Stations ES OS OS Fully Redundant Operator Stations Archive Synchronisation (Messages and Tags) between the OS Single Stations, no gaps in Trends and logs after a PC failure Online Configuration possible while both OS Single Stations run Higher Availability than one Server and one Client page 13 SIMATIC PCS 7 Redundancy – Solutions for the Operator System Server-Client-Architecture with redundant servers A A A B B B Server A Server B Initial State: Distribution of the clients between redundant servers A and B (preferred server for each client) Automatic client switchover in case of a HW or SW failure of a OS Server Server recovery: automatic reconnection and automatic archive synchronization Automatic client switching after server recovery (back to initial state: preferred server) In case of a client failure all other clients remain available page 14 Expandable up to 12 redundant servers and 32 clients/server SIMATIC PCS 7 Redundancy – Solutions for the Operator System Central Archive server Client Stations OS LAN (Ethernet) OS Server CAS Industrial Ethernet AS 41x HF AS 41x Fully Redundant Central Archive Servers Archive Synchronisation (Messages and Tags) between the CAS servers, no gaps in Trends and logs after a PC failure Online Configuration possible while both CAS servers run CAS redundancy is independent of the OS server redundancy page 15 SIMATIC PCS 7 – Redundancy at all levels Solutions for the Automation System WEB Client SIMATIC IT Office LAN (Ethernet) Client Station WEB Server (OPEN PCS 7) OS LAN (Ethernet) OS Server ROUTE Control BATCH Server Industrial Ethernet AS 41x HF ET200M HF ET200S ET200M HF (Standard & F-Modules) ET200M HF ET200iSP CAS Engineering/ Maintenance Station AS 41x PROFIBUS DP SIMOCODE ET200iSP PROFIBUS PA PROFIBUS DP PROFIBUS PA page 16 SIMATIC PCS 7 Redundancy – Solutions for the Automation System Redundancy Options Single System single power supply single system bus single controller double power supply single system bus single controller double power supply double system bus single controller (H) H System double power supply double system bus double controller quad power supply double system bus double controller quad power supply quad system bus double controller page 17 SIMATIC PCS 7 Redundancy – Solutions for the Automation System Redundant Controller S7-400H AS 412 H AS 414 H AS 417 H Two redundant configured subsystems that are synchronized via fibre optic cables Very fast switchover Hot redundancy: user program is completely identical and is simultaneously executed; results are compared at every output Shared rack or separated rack (for distances up to 6 miles) 6 miles page 18 SIMATIC PCS 7 Redundancy – Solutions for the Automation System Redundant Controller S7-400H: Automatic Event Synchronization Definition Synchronization whenever the two redundant CPUs could end up with different results during execution of the program. Automatic operating system function Synchronizing Events Updating the process image & I/O access Interrupts, alarms Updating timers Changes to program data through communication func. Guarantees bumpless switchover Fast switchover time (typically 30ms) No loss of information No loss of alarms Resumes processing of program where it left off page 19 (Siemens patent) Event Synchronization CPU A CPU B SIMATIC PCS 7 Redundancy – Solutions for the Automation System Redundant Controller S7-400H: FW Update Improved FW Update for redundant systems: Error correction during operation Flash Card or New via Ethernet 1. 2. 3. 4. CPU Update Switch Over CPU Update Coupling Automatic Change Over New As simple as modification during operation page 20 SIMATIC PCS 7 – Redundancy at all levels Solutions for I/Os WEB Client SIMATIC IT Office LAN (Ethernet) Client Station WEB Server (OPEN PCS 7) OS LAN (Ethernet) OS Server ROUTE Control BATCH Server Industrial Ethernet AS 41x HF ET200M HF ET200S ET200M HF (Standard & F-Modules) ET200M HF ET200iSP CAS Engineering/ Maintenance Station AS 41x PROFIBUS DP SIMOCODE ET200iSP PROFIBUS PA PROFIBUS DP PROFIBUS PA page 21 SIMATIC PCS 7 Redundancy – Solutions for I/Os Single Controller / Single I/O Single Controller Single PROFIBUS DP Fiber Optic and Ring Topology possible PROFIBUS DP PROFIBUS Interface (IM 153-2) Single Channel I/O: Single I/O modules installed in a single Rack PA devices via DP/PA-Link DP/PA-Link PROFIBUS PA page 22 SIMATIC PCS 7 Redundancy – Solutions for I/Os Redundant Controller / Single I/O Redundant Controller Redundant PROFIBUS DP Fiber Optic and Ring Topology possible PROFIBUS DP Redundant Controller Redundant PROFIBUS Interface (IM 153-2) Single Channel I/O: Single I/O modules installed in a single Rack connected to a redundant Profibus. Y-Link PROFIBUS DP devices via Y-Link DP/PA-Link PA devices via redundant DP/PA-Link PROFIBUS PA page 23 SIMATIC PCS 7 Redundancy – Solutions for I/Os Redundant Controller / Redundant I/O Redundant Controller Redundant PROFIBUS DP Fiber Optic and Ring Topology possible Redundant I/O-modules Redundant PROFIBUS Interface (IM 153-2) Dual Channel I/O: Redundant I/O Modules can be installed in separated Racks via redundant PROFIBUS DP Redundant Partner Module can be selected by the user Mixture of redundant and non redundant I/O racks on the same controller PROFIBUS DP Y-Link DP/PA-Link PROFIBUS PA PROFIBUS DP devices via Y-Link PA devices via redundant DP/PA-Link page 24 SIMATIC PCS 7 Redundancy – Solutions for I/Os Flexible Modular Redundancy Redundancy Evaluation is done in the controller (Code automatically generated during compilation) read both input discrepancy check (AI: tolerance, DI: Change) write both outputs alarming and error handling Usage of selected standard I/O’s for redundancy I/O Module Fast and easy field connection with MTA’s I/O module redundant page 25 Benefits: wide range of standard and safety I/O modules available for redundancy no difference between redundant and non redundant engineering flexible, user defined redundancy SIMATIC PCS 7 Redundancy – Solutions for I/Os Flexible Modular Redundancy Dual DO DO DI AI Make any component redundant Physically separate redundant resources Mix and match redundancy Fieldbus architecture allows system to tolerate multiple faults without interruption I/O redundancy independent of CPU redundancy Simplex AI Triple page 26 DO DI AI AI SIMATIC PCS 7 – Redundancy at all levels Solutions for Communication WEB Client SIMATIC IT Office LAN (Ethernet) Client Station WEB Server (OPEN PCS 7) OS LAN (Ethernet) OS Server ROUTE Control BATCH Server Industrial Ethernet AS 41x HF ET200M HF ET200S ET200M HF (Standard & F-Modules) ET200M HF ET200iSP CAS Engineering/ Maintenance Station AS 41x PROFIBUS DP SIMOCODE ET200iSP PROFIBUS PA PROFIBUS DP PROFIBUS PA page 27 SIMATIC PCS 7 Redundancy – Solutions for Communication Ethernet & PROFIBUS DP Operator stations Enhanced availability through optical or electrical ring topologies Ring structures are capable to bridge a broken cable at any location in the ring. Terminal bus and Plant bus: Industrial Ethernet with electrical and/or optical switches (ESM/OSM, SCALANCE) Profibus DP Terminal bus Redundant OS Server Plant bus Field bus: PROFIBUS DP with optical link modules (OLM) page 28 Profibus DP SIMATIC PCS 7 Redundancy – Solutions for Communication Ethernet & PROFIBUS DP Redundant subcomponents e.g. redundant CPs With redundant CPs the system can tolerate the failure of a CP or a switch Redundancy at the Computer level is independent to CP redundancy on the controllers Profibus DP Operator stations Terminal bus Redundant OS Server Plant bus page 29 Profibus DP SIMATIC PCS 7 Redundancy – Solutions for Communication Ethernet & PROFIBUS DP Redundancy of all components can handle multiple errors A redundant ring topology can tolerate double failures like switch failure and a broken cable. Operator stations Terminal bus Redundant OS Server Plant bus page 30 Profibus SIMATIC PCS 7 Redundancy – Solutions for Communication PROFIBUS PA One reason for the slow adoption of field buses has been the lack of redundancy. The failure of a critical element could have lead to the loss of many devices. 1 Loss of the coupler 2 Short-circuit / wire break on backbone 3 Short-circuit / wire break on spur 4 Missing bus termination 4 Backbone Fieldbus (e.g. PA, FF) Bus coupler, non redundant 1 2 3 Bus termination ... max. 31 devices per coupler spur page 31 With PROFIBUS PA this is no longer true, as key elements can now be redundant. SIMATIC PCS 7 Redundancy – Solutions for Communication PROFIBUS PA Redundancy Coupler Redundancy PROFIBUS DP M Coupler-Redundancy DP/PA-coupler, redundant (M = master) AFS IM 153, redundant Active Field Splitter PROFIBUS PA Bus termination Automatic bus termination PA Ring Redundancy PROFIBUS DP Coupler-Redundancy M M DP/PA-coupler, redundant (M = Master) AFD Media redundancy based on a ring topology AFD Active Field Distributor IM 153, redundant PROFIBUS PA page 32 AFD AFD SIMATIC PCS 7 Redundancy – Solutions for Communication PROFIBUS PA Redundancy PROFIBUS DP M DP/PA coupler, redundant AFD IM 153, redundant PROFIBUS PA Active field distributor U1, I1 S1 S3 Bus termination - S2 U2,I2 Automatic bus termination in the event of short-circuit or wire break on the main line Up to 8 AFD can be connected per redundant ring page 33 SIMATIC PCS 7 Redundancy – Solutions for Communication PROFIBUS PA Redundancy Add new devices Expand line Expand ring M PROFIBUS PA AFD AFD AFD AFD AFD Bus termination Automatic bus termination Mixed operation of single and redundant DP/PA Couplers in one DP/PA Link possible page 34 SIMATIC PCS 7 Maximum Scalability (1:1000) Pilot plant Production plant Interconnected plants at a production location Scalable From a laboratory system (~100 I/O)... ...to the distributed system in client/ server architecture (~ 120.000 I/O) … as powerful as you need it to be! page 35 SIMATIC PCS 7 Scalable Redundancy page 36 … as Redundant as you need it to be! PCS 7 Application Note: PCS 7 Architectures http://support.automation.siemens.com/WW/view/en/28430682 PCS 7 I/O Redundancy Setup and Wiring (incl. MTA) Configuring Redundant I/O Function Diagnostics page 37 PCS 7 Application Note: PCS 7 Architectures Standard PCS 7 Architectures Box Systems Single Station Client-Server Redundancy Options Batch/Route Control PDM, Asset Management, Safety Visio Drawings including Operator Stations Networks (Ethernet, Profibus) Controllers Bill of Materials Part No. page 38 PCS 7 Application Note: PCS 7 Architectures Examples page 39 SIMATIC PCS 7 Takes you beyond the limits! Questions ? page 40
Related docs
