1 / 49

Automation and Drives

Automation and Drives. S. IMATIC S7-400H. The Fault-tolerant Automation System. Benefits. Overview. Avoidance of control system failures due to individual faults This is attained primarily through a redundant configuration Fault-tolerance is required in the following cases:

bazyli
Download Presentation

Automation and Drives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automation and Drives S IMATIC S7-400H The Fault-tolerant Automation System

  2. Benefits Overview • Avoidance of control system failures due to individual faults • This is attained primarily through a redundant configuration • Fault-tolerance is required in the following cases: • When processing valuable materials • When downtimes or production failures would be expensive • When a control system failure would result in high restart costs • In order to enable operation without supervisory or maintenance personnel

  3. Industries (1) Overview • Power generation and distribution(oil, gas, electricity) • Power plants • Pipelines • Offshore • District heating systems • Chemical, electrochemical, petrochemical and pharmaceutical industries • Mining • Environmental engineering • Water treatment • Refuse incineration • Pulp and paper • Steel and metal

  4. Industries (2) Overview • Food and beverages • Glass industry • Semiconductor industry (utilities) • Transport • Tunnel automation • Marine automation • Airports • Runway lighting • Baggage transport

  5. System architecture Overview Clients Parallel redundancy Management level Server Parallel redundancy With archive-matching PC network/terminal bus Fault-tolerantcommunication Ethernet Media redundancy Process level H CPUs Hot stand-by SW redundancy Warm stand-by Redundant power supply ET 200M Field level Redundant PROFIBUS Redundant IM 153

  6. System integration Overview • Hidden redundancy • Transparent programming(programming same as for non-redundant systems) • Standard system parameterization • Standard handling • All SIMATIC programming languages can be used without restriction • Platform for F andFH systems

  7. Redundancy principle (1) Redundancy with identical components(homogeneous redundancy) Redundancy features Majority redundancy Passive redundancy Active redundancy A B m-v-n A R 1 1-v-2 1-v-2 2oo2 2oo2 A B C Fault-tolerant Hot stand-by = automatic switchover < 100 ms Warm stand-by = automatic switchover in seconds range Redundancy principle S7-400H m-of-n Fault-tolerant and failsafe A B  2-v-2 A R 1-v-2 1oo2 HW or SW voting 2oo2 Cold stand-by = manual switchover Failsafe

  8. Redundancy principle (2) Synchronization, information and status exchange Redundancy features IM IM DI DO AI AO FM Process

  9. Bumpless master-stand-by switchover • Switchover time • Switchover time < 100ms • Outputs are retained during switchover • No information or alarm/interrupt is lost • Switchover criteria • Master failure • Power supply • Rack • Sync module • Sync cable • CPU • Failure of a DP string or DP slave interface module does not force a switchover Redundancy features • Switchover

  10. Automatic event synchronization • Synchronization procedure Event synchronization Redundancy features No synchronization Cycle synchronization Time synchronization Command synchronization • Synchronization Subcontroller B Subcontroller A Subcontroller A Subcontroller B Subcontroller A Subcontroller A Subcontroller B Subcontroller B

  11. Automatic event synchronization • Principle Redundancy features Synchronization, Information and status exchange • Synchronization A A I 10.0 I 10.0 S O 8.0 S O 8.0 : : : : : : Value Synchronization L PW100 L PW100 Ackn. L DW 10 L DW 10 + F + F Synchronization T PW130 Switchover :

  12. CPU 1 CPU 0 Automatic event synchronization • Cycle Redundancy features • Synchronization Self-test Self-test PII exchange PII PII Synchronization User program User program Match-up PIO PIO

  13. Automatic event synchronization • Customer benefits • Transparent programming • All standard SIMATIC-S7 programming languages • No command restrictions • Easy porting of the user programfrom standard CPU to fault-tolerant CPU • Bumpless switchover • No loss of information • No loss of alarms/interrupts • Because all redundancy-specific functions are handled by the operating system, the user can feel assured that he/she has done everything right as far as redundancy is concerned Redundancy features • Synchronization

  14. Comprehensive self-test functions • Self-test • Scope: • CPU • Memory • Synchronization link • Organization: • Startup self-test • Complete test • Self-test in cyclic mode • Executes permanently as background task • Executes in its entirety within a specifiable amount of time (default: 90 minutes) Redundancy features • Self-test

  15. Online programming • Online modifications same as for standard system • All modifications are automatically copied to both CPUs • Connecting a PG • At MPI interface • Via bus Redundancy features • Programming PROFIBUS/Ethernet MPI/DP

  16. Online programming • Programming/parameter assignmentSIMATIC Manager H-station view Redundancy features • Programming

  17. Online Programming • Programming – Hardware configuration Redundancy features • Programming

  18. Configuration in RUN (CIR) • CPU memory configuration • Adding or removing: • Central I/O or CP • DP slaves • PA interface and PA slaves • Y-link and slaves • Modules in modular DP slaves • CPU parameter Redundancy features • CIR

  19. Connect and update stand-by CPU (1) Automatic CPU re-incorporation following repair MASTER STAND-BY Redundancy features RUN solo STOP Stand-by requests link-up DisableDelete, Copy and Generate Blocks functions Master copies all data to stand-by Execute start routine and self-test • Online repair CPU 1 requests update Terminate communication via configured links. Disable low-priority alarms Master copies dynamic data User program OS

  20. Connect and update stand-by CPU (2) Automatic CPU re-incorporation following repair MASTER STAND-BY(link-up) Redundancy features Disable all alarms/ interrupts Dynamic data which have changed since the last update Inputs, outputs, timers, counters, memory bits • Online repair Enable alarms/interrupts and communication Redundant, synchronous operation

  21. Modules which can be removed and inserted in Run mode I/O and CP Sync module Redundant IM 153-2 Redundant power supplies Redundant components which can be replaced with the power off: Standard power supplies Central IM CPU CPU is automatically updated following replacement(program and data) Replacing modules in RUN mode Redundancy features • Online repair

  22. ConfigurationHighlights new CPUs • Performance Increase • Average Increase 417-4H appr. x 2,5-3 414-4H appr. x 1,2-2,2 • More Memeory 417-4H from 4 MB to 20MB 414-4H from 768KB to 1,4MB Higher Reliability • Memory with automatic Ewrror Detection and Correction (EDC) New Feature • Distance between the Controller up to 10km (before 500m) Konfiguration

  23. ConfigurationTechnical specifications for the CPUs • Two CPU types available • CPU 417-4H with 20MB onboard • CPU 414-4H with1,4MB onboard • General technical specifications,e.g. CPU 417-4 or CPU 414-3 • 4 integrated interfaces • Two for the Sync modules • One DP interface • One MPI/DP interface Configuration

  24. ConfigurationRedundant link Replaceable Sync modules Fiber-optics (FO) Configuration Fiber-optics (FO)

  25. Central Controller Configuration • Distance between the Controller up to 10m • Use of the Sync-Modules for Patch Cables up to 10m • MLFB Module: 6ES7 960-1AA04-0XA0 • MLFB FO-Cable 1m: 6ES7 960-1AA04-5AA0 • MLFB FO-Cable 2m: 6ES7 960-1AA04-5BA0 • MLFB FO-Cable 10m: 6ES7 960-1AA04-5KA0 • Distance between the Controller up to 10km • Use of the Sync-Modules for Cables up to 10km • MLFB Module: 6ES7 960-1AB04-0XA0 • Monomode FO-Cable LC/LC Duplex crossed 9/125µ Konfiguration

  26. Central controller configurations • With two standard subracks Redundant power supply (PS) optional PS PS CPU PS PS CPU Max. cable length 10km With H subrack (with split backplane bus) Configuration PS PS CPU PS PS CPU

  27. I/O configurationSwitched I/O Redundant IM 153-2 PROFIBUS DP ET 200M with active backplane bus L+ L+ Configuration Special bus module (BM) IM Active backplane bus IM

  28. I/O configurationSwitched I/O: mode of operation • Both DP masters are active and functioning properly • Reading inputs:The inputs are read only from the preferred channelside (active IM) • Writing outputs:The data are accepted by both channels.Only the data in the preferred channel are forwarded to the outputs. Configuration

  29. I/O configurationConnecting PROFIBUS PA via PA link PROFIBUS DP 2 x IM 157 DP-PA link Configuration

  30. I/O configurationY-Link • The Y-link bus coupler creates a network portal from the redundant DP master system to a one-channel DP master system Rack 0 Rack 1 IM 153-2 with ET 200M Configuration IM 157 with PA bus Y-Link with DP bus

  31. I/O configurationY-Link hardware configuration • IM 157: • 6ES7 157-0AA82-0XA0 • Y-Link: • 6ES7 197-1LB00-0XA0 • Bus module BM IM 157 • 6ES7 195-7HD80-0XA0 • Bus module BM Y-Link • 6ES7 654-7HY00-0XA0 • Collective Order No. • 6ES7 197-1LA02-0XA0 IM 157 Y-Link Configuration

  32. I/O configurationY-Link configuration Configuration

  33. Redundant communicationPrinciple • Redundant communication is attained through redundant connections, which are then used when a problem occurs. Redundant connections can be created from H stations to • Other H stations (one- or two-channel) • HMI PCs (software Redconnect required) Active connection Stand-by connection Communication

  34. Redundant communicationConfiguration with redundant bus (1) Ethernet H-CPU in single mode Equivalent circuit diagram: Communication PS CPU CP Bus CP CPU PS PS CPU CP Bus CP CPU PS

  35. Redundant communicationConfiguration with redundant bus (2) Ethernet H-CPU in single mode Equivalent circuit diagram: Communication CP CP PS CPU CPU PS Bus CP CP CP CP Bus PS CPU CPU PS CP CP

  36. Redundant communicationConfiguration with single bus Ethernet H-CPU in single mode Equivalent circuit diagram: Communication PS CPU CP CP CPU PS Bus PS CPU CP CP CPU PS

  37. Redundant communicationConfiguration with ring bus Ring bus S7-400H S7-400H H-CPU in single mode Equivalent circuit diagram: Communication PS CPU CP Bus CP CPU PS PS CPU CP Bus CP CPU PS

  38. Redundant I/O New: Redundant IO Redundant Communication Redundant Controller PROFIBUS DP Redundant Profibus Sensor/control element Redundant I/O Redundant IM

  39. Redundant I/OPossible redundancy structures (1) Central I/O modules Distributed I/O modules Redundant I/O

  40. Redundant I/OPossible redundancy structures (2) Distributed switchedI/O modules H-CPU in single mode Redundant I/O

  41. Redundant I/ORedundant quality stages • Highest quality level • Use of F-IO by exploiting the high-quality diagnostic functions required for failsafe operation • E.g. when it is necessary to control duration-1 faults associated with output signals • Medium quality level • Use of modules with diagnostic functions • Low-cost quality level • Use of modules without diagnostic functions Redundant I/O

  42. Redundant I/OHardware configuration • Slot • DP address • Redundant DI • Time discrepancy in ms • Response time followingdiscrepancy • Possible options: • AND gate • OR gate • Use last valid value Redundant I/O

  43. Redundant I/OHardware configuration • Redundancy tabAppears only for redundancy-capable modules. • Type of redundancy(none or 2) • Station 2,PROFIBUSaddress 3,slot 4 contains a compatiblemodule. This module is selected as redundant DI Redundant I/O

  44. Redundant I/O Wiring digital inputs With one sensor With two sensors DI Master I/O Both Inputs are read in parallel. The correct value is selected and processed automatically Redundant Profibus Redundant I/O Redundant I/O DI Since the function is not suitable for all module types, the manual or Internet should be consulted to find out which modules can currently be used.

  45. Redundant I/O Wiring analog inputs With voltage sensor With current sensor With current sensor With 2 sensors AI-I AI-I I 4-wire transducers only AI Master I/O The CPU reads both inputs. The correct value is selected and processed automatically I R Redundant Profibus Redundant I/O Redundant I/O AI Since the function is not suitable for every module type, the manual or Internet should be consulted to find out which modules can currently be used.

  46. Redundant I/O Wiring digital outputs With diodes * Without diodes* * Dependant on the module type DQ DQ DO Master I/O Actuator Both Outputs are set Redundant Profibus Redundant I/O Redundant I/O DO Since the function is not suitable for every module type, the manual or Internet should be consulted to find out which modules can currently be used.

  47. Redundant I/O Wiring analog outputs Each Output outputs half the value. When one of the modules fails, the output that is still intact provides the full value AO Master I/O Actuator Both Outputs are set I Redundant Profibus Redundant I/O Redundant I/O AO Since the function is not suitable for all module types, the manual or Internet should be consulted to find out which modules can currently be used

  48. Redundant I/O Integrating the user program • The user program is integrated with the "Functional I/O Redundancy" library, which is part of STEP7 V5.3 • The redundant I/O are available to the user for programming as transparent I/O • The rules state that the lowest address must always be used for programming. • Method of operation: • The inputs are read by FB RED_IN and copied back to the POI following the discrepancy analysis • The user writes the outputs to the lowest address in the usual manner. FB RED_OUT automatically copies the relevant value to the second address. Redundant I/O

  49. Thank you …

More Related