ProSafe RS training ESD Yokogawa

Yokogawa Engineering Asia – Singapore Training CentreAll rights reserved 2008 Safety and Availability in a Smart Architecture Page.4 VMR* Versatile Modular Redundancy SIL3 is achieve

Trang 1

Friday, 29 May 2015

ProSafe-RS Day 1 & Day 2 Configuration &

Name of Hardwares

Trang 2

Yokogawa Engineering Asia – Singapore Training Centre

2008

INTRODUCTION

Page.2

Trang 3

What is required for a SIS

Safety

of course, it is SIS (Safety Instrumented System)

- SIS needs to make a safe action if demand comes from the process

High Availability (or less false trip)

at the same time, to keep running the process.

- Internal failure in SIS should not cause a false trip of the process

If above wishes are all possible in

Let’s see how Yokogawa can

satisfy these requirements!!

Trang 4

2008

Safety and Availability in a Smart Architecture

Page.4

VMR* (Versatile Modular Redundancy)

SIL3 is achieved in single Input-CPU-Output module configuration.

Low false Trip is realized by VMR based on proven “ Pair & Spare ”

technology, even when an internal failure is diagnosed, safety functionality is kept

*VMR: certified in the US Patent and Trademark Office on March 20, 2007.

Trang 5

Super Reliable Safety in Single SIL3

Single CPU module

Single Input module Single Output module

Input Circuit, MPU Circuit, MPU

CPU MPU, memory MPU, memory

Output Circuit, MPU Circuit, MPU

is certified as applicable up to SIL3 application in a single modular configuration.

CPU & IOM have internal duplex channel architecture with

comparator and diagnostic functions.

Trang 6

Proven redundant technology from CS3000

Redundant Input module Redundant Output module

Trang 7

Behaviors of VMR

Pair & Spare

FE S

　　　　 With Two Failures 　　　　 Still;

　　　　 -No Shut Down 　　　　 -SIL 3

　　　 With Three Failures 　　　 Still;

　　　 -No Shut Down 　　　 -SIL 3

　　　 - Unlimited Time to Repair

S: Sensor

FE: Final Element

Internal failure in SIS does not affect the process.

Moreover, on-line change of failure module is possible without affecting the process.

Trang 8

Single inputs Single outputs

Dual redundant inputs Single outputs

With single or dual redundant CPU’s

O I

O O I

O I I

O O I

I

- Redundant options are selectable part by part.

- Flexible selection also saves extra cost

All Solutions are SIL3!

Trang 9

A smarter way with ProSafe-RS

Maximizing both Safety and High Availability

in a smart, simple architecture

- SIL3 is achieved in a single Input-CPU-Output module configuration.

- CPU & IOM have internal duplex channel architecture with

comparator and diagnostic functions.

- Low false Trip is realized by Yokogawa’s only VMR, based on

field-proven CENTUM CS3000 “Pair & Spare” technology.

- High availability is reached by redundant module options of CPU

module & I/O module

- Even when an internal failure is diagnosed, safety functionality is kept

Trang 10

2008

Page.10

Contents

Configuration of ProSafe-RS Expanding ProSafe-RS with ESB

Input / Output Modules Other Modules

Software Configuration Viewer

Safety Application for ProSafe-RS

Trang 11

Configuration of ProSafe-RS

Safety Control Unit

 Standard Type Safety Control Unit for V net/IP

 Wide Range Temperature Type Safety Control Unit for V net/IP

Safety Node Unit

Optical Bus Repeater Module

Processor Module for V net

Processor Module for V net/IP

LED Displays on the Processor Module

Power Supply Module

Trang 12

2008

Page.12

Configuration of a

Control System with ProSafe-RS

Safety Engineering PC SENG

Safety Control Unit (For Vnet/IP) SSC50S / SSC50D

SSC60S/ SSC60D Safety Node Unit SNB10D

Unit for Optical Bus Repeater Module SNT10D

Restrictions on Node Units

• Number of Safety Node Units

Up to 9 (R2.02 & lower)

Up to 13 (R2.03)

• ESB Bus

Total length should be less than 10 meters

• Optical transmission line

Max 50 km for SSC50S/SSC50D Max number of extension nodes: 2

Ref.　Safety　Control　Stations　(Hardware),　@1.0

Trang 13

Standard Type

Safety Control Unit for V net/IP 1/2

Domain property information is stored in the SCP451.

When the SCP451 is used for the other system, the domain property info must be erased Otherwise the SCP451

may not work correctly.

This procedure is also applied to VI701. Ref.　Safety　Control　Stations　(Hardware),　@1.0

Trang 14

Trang 15

Wide Range Temperature Type

Trang 16

2008

Page.16

Wide Range Temperature Type

Trang 17

Connecting Control Bus Cables for SCS-IP

Ref.　Safety　Control　Stations　(Hardware),　@3.3.2

Trang 18

Trang 19

Configuration of a

Safety Node Unit 2/2

Trang 20

* I/O modules can not be installed on SNT10D

– SNT10D is not counted as an I/O node

* SNT10D is not included the maximum limit of 9 I/O nodes/SCS. Ref.　Safety　Control　Stations　(Hardware),　@1.0

Trang 21

CPU Module

 Basic architecture is the same as CS3000 “Pair and Spare”

 MPUs are duplicated in single module ( Pair )

 Redundant module configuration contributes to the higher availability ( Spare )

 Memories are also duplicated in single module

 Scan speed : 50mS to 1sec

 Non-volatile memory (Flash memory) for Application program (Battery is not required)

 B attery is for SOE, Alarms applications

 Complete self diagnosis

Hardware resources are checked periodically by hardware/software mechanism

- Double MPU/Memory comparison with double comparator,

- Memory check with ECC ( SEC-DED ),

- Periodical CRC check for application memory,

- Clock freq check,

- Communication check by CRC,

 SCP401 (for SSC10S/D,Vnet) SCP451 (for SSC50S/D, Vnet/IP)

Trang 22

2008

Safety Controller Design

Page.22

Pair and spare based super reliable safety CPU

I/O Bus (SB/ ESB-Bus )

I/O Controller

Main Memory (ECC)

Application Program Memory

( Flash Memory )

Control Bus Interface

SEN Bus Interface

I/O Controller

Control Bus ( V net )

Main Memory (ECC)

Main memory (ECC)

Application Program Memory 　

(Flash Memory )

Control Bus Interface

SEN Bus Interface

Trang 23

Processor Module for VNet/IP CP451

Trang 24

2008

Page.24

LED Display on Processor Module 1/2

• HRDY:

module hardware is functioning normally, the green lamp turns

• RDY:

The green lamp turns on if both the hardware and software are

functioning normally If either of them is abnormal, the lamp

turns off.

• CTRL:

The green lamp turns on if the processor module is performing

control If the processor module is standby, the lamp turns off.

• COPY:

In the dual-redundant type safety control unit, the green lamp

turns on when program copy is executed and turns off when

program copy is completed

When a processor module has been replaced or when the unit is

stopped and then started again, the standby-side processor

module automatically copies the program of the control-side

processor module When copy is completed, the lamp turns off

Trang 25

LED Display on Processor Module 2/2

• RCV:

Indicates the control bus communication status.

- V net: When receiving communication frames, the green lamp

turns on, otherwise the lamp turns off.

- Vnet/IP: When receiving communication frames, the green

lamp blinks, otherwise the lamp turns off.

• SND:

Indicates the control bus communication status.

- V net: When sending communication frames, the green lamp

turns on, otherwise the lamp turns off.

- Vnet/IP: When sending communication frames, the green

lamp blinks, otherwise the lamp turns off.

• SYNC:

Indicates the time synchronization status.

- V net: If the module is synchronizing with V net clock or IRIG-B

clock , the green lamp turns on, otherwise the lamp turns off.

- Vnet/IP: If the module is synchronizing with Vnet/IP clock ,

the green lamp turns on, otherwise the lamp turns off.

• SCTY:

The green lamp turns on when the security level of the SCS is

online-level If the security level of the SCS is offline-level ,

the lamp turns off.

- When the DOMN bit of the font setting switch (6-bit DIP switch) is on: Displays the domain number that was set

to the processor module.

- When the STA bit of the font setting switch (6-bit DIP switch) is on: Displays the station number that was set to the processor module.

*1

Trang 26

2008

Page.26

Setting Switch on Processor Module

• START/STOP:

This maintenance switch is used for forcing the processor module CPU stop or restart.

If this switch is pressed when the processor module is still operating, the CPU will stop.

If this switch is pressed when the processor module is not operating, the CPU will

restart.

This switch is located inside a hole next to the START/STOP sign.

Push the switch using a non conductive slender bar of around 1 to 2 mm diameter.

• Battery ON/OFF switch:

When this switch is on, battery backup is activated for protecting the processor module

management information (in the storage memory) during power failure.

ON: Enables the backup Select this position during normal operation.

OFF: Disables the backup.

• Front setting switch (6-bit DIP switch)

PORT: Port for maintenance (In usual operations, set to 0 position).

DOMN: Indicates on STATUS LED the domain number that was set to the processor

module, if this switch is ON (In usual operations, set to OFF position).

STA: Indicates on STATUS LED the station number that was set to the processor

module, if this switch is ON (In usual operations, set to OFF position).

FIX (only SCP451): Negotiation (Default : OFF)

ON : Force

Trang 27

LED Status of the CPU Module

Trang 28

2008

Page.28

Power Supply Module SPW481,SPW482,SPW484

Power Supply Input Terminal

This terminal receives the specified power supply voltage.

• L (+) : Line

• N (-) : Neutral

• Grounding terminal: For grounding

Status Lamps

• SYS: The lamp is ON when +5 V is output properly

Otherwise, the lamp is OFF.

• FLD: The lamp is ON when +24 V is output properly

Otherwise, the lamp is OFF.

Check Terminals

It is possible to measure output voltages of +5 V DC and +24 V

DC using these terminals for maintenance purposes.

Trang 29

Expanding ProSafe-RS with ESB

ESB Bus Coupler Module ESB Interface Module Connecting ESB Bus Coupler Module & ESB Bus Module Optical ESB Repeater Module

Trang 30

2008

Page.30

ESB Bus Coupler Module SEC401 1

ESB bus coupler module (Model: SEC401 ) is installed in the

safety control unit for communicating with the ESB bus interface module (Model: SSB401) installed in the safety node unit.

configured.

Trang 31

ESB Interface Module SSB401 1

ESB bus coupler module (Model: SEC401) is installed in the

interface module (Model: SSB401 ) installed in the safety node unit

configured.

Trang 32

2008

Page.32

Trang 33

SEC401

SSB401

Detection circuit

T

ESB BUS T branch unit

ESB BUS cable

CPU Node

IO node

ESB BUS Terminator unit

ESB BUS cable

Trang 34

2008

Page.34

Connecting ESB Coupler Modules

& ESB Bus Modules

Trang 35

Optical ESB Repeater Module

SNT401/501 & SNT411/511 1/5

Trang 36

If the self-diagnosis is successfully

completed, the green lamp turns on.

• RCV/SND:

If the ESB bus frame is received or sent,

the green lamp turns on.

• OPT RCV-1/OPT SND-1:

If the optical transmission frame is

received or sent, the green lamp turns on.

• NODE-1:

If the DIP switch 1 is set to 1 (Node), the

Trang 37

“0” if the module is mounted onto the unit for optical bus repeater module.

“1” if the module is mounted onto the safety control unit or the safety node unit.

Switches 2 to 5: Always “0”

Switches 6 to 8: Used for maintenance Usually “0” for routine operation.

Trang 38

2008

Page.38

SNT401/501 & SNT411/511 4/5

• Types of Optical ESB Bus Repeater Module

The following models of optical ESB bus repeater modules are available.

SNT401 Optical ESB bus repeater master module

SNT411 Optical ESB bus repeater master module 5 km to 50 km (for SCS-IP) SNT501 Optical ESB bus repeater slave module

SNT511 Optical ESB bus repeater slave module 5 km to 50 km (for SCS-IP)

• Transmission Distance

Combination of optical ESB bus repeater modules determines the transmission distance.

Trang 39

SNT401/501 & SNT411/511 5/5

SNT401 SNT501 SNT411 SNT511

Safety Control Unit Safety Node Unit Optical Bus Repeater Module

can be installed in each of following units/module.

Trang 40

2008

Number and Location of Optical ESB Bus Repeater Modules

Page.40

Safety Control Unit (SSC*)

Safety Node Unit (SNB10D)

Unit for Optical Bus Repeater Module (SNT10D)

Trang 41

Star Type Connection

Trang 42

2008

Page.42

Optical ESB Repeater Module 1/2

Chain Type Connection

Trang 43

Optical ESB Repeater Module 2/2

Chain Type Connection

Định dạng
Số trang	111
Dung lượng	7,22 MB