CNC Design is excited to announce the further release of the Simatic S71500 H (High availability [redundant] system) now with equivalent function to Siemens’ long proven S7400 H portfolio.
The Simatic High Availability PLC system is ideal for scenarios where one’s system needs a guaranteed up time to a very high threshold, with the huge advantage that there is no additional programming overhead to get the benefit of this high availability when using the H system. This simplification of programming to achieve PLC redundancy minimises system complexity and hence maximises reliability.
Scenarios where this may be of benefit include:
1. Avoiding plant down times – when the failure to provide a service, particularly in the infrastructure segment has a high societal or contractual cost.
2. Avoiding product damage – if a PLC issue during production would damage a high value product.
3. Remote unmanned systems – when it would take a long time to get service personnel to site to rectify a fault in a PLC system.
4. Prevention of data loss – when the PLC system is storing or passing time critical data, which would be costly to lose or result in a long recovery time if lost or not kept up to date.
CNC Design has a long history of deploying the S7400H CPU for oil and gas applications. CNC Design’s principal engineer has significant experience designing H systems and deploying them for life safety control systems in car and train tunnels (Controlling emergency lighting, ventilation and fire suppression systems). Plus top level / co-ordinational control of air conditioning at facilities which have physically redundant air conditioning systems such as bank trading floors. In such cases the Siemens H PLC system has overall control and coordination of the air conditioning / air handling hardware, to handle fault conditions in such way that the air conditioning function is still supplied even after multiple faults.
CNC Design are now deploying Siemens’ latest generation the S71500H in the data centre market, particularly for Tier 4 and Tier 3 data centres. These PLC systems are ideal for the control of auxiliary systems such as air conditioning, chilled water, redundant power systems switch over, generator control or generator fuel system control, so that these systems can perform to the level required for the data centre to guarantee it’s up time.
If a Siemens S71500H system takes advantage of the full architecture available from Siemens TIA Portal V18, and S71500 Firmware version 3.0, an extremely robust but cost optimised solution is possible.
The dual redundant PLCs of the S71500H system run in program sync mode. That means that each line of code is executed in ‘lock step’ on both PLCs. The PLCs are physically connected by a fibre optic link, which as of the release of TIA Portal V18 can be up to 40 kilometres apart. This results in ‘bumpless’ transition between PLCs if a PLC or it’s interface module is somehow physically damaged, or develops another fault.
The H system supports full “R1” redundancy. With intelligent PROFInet network design and cable / fibre cable routing, an extremely fault tolerant system is achieved. Both the ET200SP and ET200MP I/O ranges can be supplied with dual PROFInet headers, so that dual Media Redundancy Protocol (MPR) PROFInet rings are possible. Therefore even with three network cable failures, or two PROFInet header channel faults (on different racks) full system function will continue to be available. In the worst-case scenario, a freezing of peripheral I/O status may occur for approximately 40 milliseconds. After which fresh data routes it’s way back to either PLC. From Simatic S71500 firmware version 3.0, the fibre link between the PLCs can be used as one run in a PROFInet ring, if one’s system is architected to only have one redundant ring. (Two are possible).
PROFInet devices which only have a single network port, such as HMIs or drives / VSDs / Servo systems can be connected to the system in various ways, including by ‘Y-Coupler’ to connect them to dual PROFInet rings. This gives flexibility, but overall system design could avoid this situation by doubling up on such devices, if the overall reliability of the system requires this. The system can also accommodate a plethora of communication protocols to other/sub systems, such as a Building Management System (BMS) controlling non-critical functions, via the BMS protocol of choice.
Of course to provide the reliability required one needs to author reliable code. Following the relevant Siemens programming guides aid in this, as well as highly robust and rigorous program module, factory and site acceptance testing. Ideally once one gets to site testing, the majority of testing will be around forcing physical failure scenarios, and ensuring the system stays operational when it should. As well as clearly indicating any underlying fault that should be rectified at the next maintenance opportunity, to regain system redundancy.
If you operate or are designing a facility or a process that you need to ensure keeps providing the designed function to the highest reliability available in the market, contact CNC Design. We can assist you with your hardware selection, procurement of the system, or full turn key solution supply.
