03-01-2013, 11:48 AM
Requirements for High-Availability Systems
Requirements.pdf (Size: 1.24 MB / Downloads: 34)
INTRODUCTION
As the degree of automation
increases in industrial plants, the
availability of the implemented systems
becomes more and more
important. Automation system
faults or failures result in unproductive
and therefore expensive downtimes
on the one hand and high
restart costs on the other.
Furthermore, due to the increasing
cost pressure, there is also a demand
to operate machines and plants with
as few operators as possible.
Changeover time
Thanks to their redundant structure,
high-availability automation systems
can ensure that the production
process continues even after a fault
has occurred. In this case,
changeover from the master system
to the standby station is completed
within the so-called changeover
time. The requirements of "warm
standby" (longer changeover time)
and "hot standby" (short changeover
time) are differentiated in accordance
with the length of this
changeover time. This reduces
downtimes and restart costs considerably.
Safety-oriented applications
In addition, there are safety-oriented
applications in which stringent
requirements are placed on the
safety of persons, machines, the
environment and the process (critical).
This is where high-availability
and simultaneously fail-safe automation
systems are implemented.
When a malfunction with relevance
to safety occurs (e.g. opening of a
protective door), the safety-relevant
part of the application is smoothly
transferred to a safe state or held
there.
Warm Standby with the S7 Software Redundancy
Introduction
SIMATIC S7 Software Redundancy is
a program package containing function
blocks (FBs) for SIMATIC S7
which, in the event of a fault,
change over from the master system
to the standby system.
It is suitable for high-availability processes
with warm standby requirements
(processes that are not timecritical
with changeover times of the
order of seconds). During changeover,
the outputs retain their status.
Changeover time
To determine suitability for specific
applications, the changeover time
must be used as the selection criterion.
It lies in the range of a few seconds
and depends on several factors:
· Communications performance
of the CPU used
· Communications medium, connection
type used and transmission
rate
· Transmitted quantity of data
· Cause of fault
· Transmission rate of the
PROFIBUS DP system and
number of DP slaves
With S7-300, two separate subracks
are assembled for the two CPUs.
With S7-400, the CPUs can either be
plugged into one or into two subracks.
The redundant link between
the systems is implemented over the
standard bus systems of PROFIBUS,
Ethernet or MPI.
In this example, a larger controller is
used as a master controller for processing
the high-availability and
normal areas.
A smaller controller is adequate as a
backup controller because it is only
responsible for the high-availability
area in the event of a fault.