fieldbus foundation update for ga12 ff-sis © 2008 fieldbus foundation international development...

1

FF-SIS

© 2008 Fieldbus Foundation

Fieldbus FoundationSafety Fieldbus for Process Automation – FF

SIS (SIF)

Trygve Harvei

2

FF-SIS


ABB Corporate Research CenterResearch and Development within the area of automation

networks at Billingstad (Oslo, Norway)

One important topic is Safe Communication

About 22 scientists in Oslo

Integrated part of Scandinavian Corporate Research Center

and Global Lab for Automation (ca 700 scientists)

Work together with different ABB business units on

research activities and front-end technology development

ProcessAutomation

AutomationProducts

RoboticsPower Systems

Power Products

3

FF-SIS


IEC 61508

"Functional safety of

electrical/electronic/program

mable electronic safety-

related systems".

IEC 61508 has the following

views on risks:

zero risk can never be reached

safety must be considered from

the beginning

non-tolerable risks must be

reduced (ALARP) TÜV Rheinland,

FF-SIS approval

http://en.wikipedia.org/wiki/ALARP

4

FF-SIS


What do we need to ensure with safe communication?

Communication:

We must know that the values of the data we receive

is right

We must know that the data is not too old

We must know that the data is received from the right

node to the right node

This is the purpose of the layered protocols

such as TCP/IP or others?

Yes, but the probability calculations for errors is not

good enough

5

FF-SIS


Some Industrial Safety Protocols

CIP-Safety

DeviceNet

Ethernet/IP

PROFIsafe

PROFIBUS DP/PA

PROFINET

FF-SIS

FF H1

Vendor specific

ABB (Ethernet)

Hima (Ethernet)

PILZ

Others

6

FF-SIS


Motion Control and Safety

Source: ARC

7

FF-SIS


Safety Measures in safety protocols

Trans-

mission

error

Number

sequen

ce

Time

stamp

Receipt

acknow-

ledge-

ment

Identifier for

sender &

receiver with

watchdog

timeout

Data

integrity

assurance

(CRC)

Redun-

dancy

with

cross

check

Different data

integrity

assurance

systems for

safety & standard

messages

Message

repetition

Loss of

message

Message

insertion

Sequence

failure

Data

corruption

SB

only

Delay

Masquerade

9

FF-SIS


Safety Instrumented System (SIS)

FF SIS

New approach to SIS

– Defines ”control in the field”

– Function blocks for building safety applications

Shared with ”host”

Distributed

PROFISAFE PA

PROFISAFE transparent to ”media”

Utilizes ”black channel” approach

ESD: emergency shutdown system

SIS: safety interlock (or instrumented)

system

BMS: burner management system

F&G: fire and gas system

10

FF-SIS


PROFIsafe – “wire representation”Ethernet ramme på kabelen:

Sikkerhets bitene i Ethernet rammen:

11

FF-SIS


Foundation Fieldbus extension - FF SIS

scope

Safety

Instrumented

Systems

n Extends FF Technology to Safety Instrumented

Systems

n Based on the IEC 61508 International Standard.

n Example Application Areas: Burner Management Systems

Fire & Gas (petrochemical)

Fuel Engineering

12

FF-SIS


International Development Team

ABB AS Norway

ABB Instrumentation Italy

BIFFI Italy

E.I. DuPont de Nemours, Inc. USA

ExxonMobil Research & Engineering USE

Emerson Process Management USA

Flowserve USA

HIMA Germany

Honeywell SMS The Netherlands

ice-PROS Canada

Infraserv Höchst Technik GmbH & Co. KG Germany

Invensys/Triconex USA

Metso Automation Finland

Rockwell Automation USA

Rotork Control Systems UK

Saudi Aramco Saudi Arabia

Smar Brazil and Singapore

Shell Global Solutions The Netherlands

Softing AG Germany

TÜV Germany

Westlock Controls Corporation USA

Yokogawa Electric Corporation Japan

Yokogawa - SCE The Netherlands

Yokogawa UK Limited UK

13

FF-SIS


FF-SIS Scope

n Extends FF Technology to Safety

Instrumented Systems

n Based on the IEC 61508 International

Standard.

n Example Application Areas:

Burner Management Systems

Fire & Gas

Fuel Engineering

14

FF-SIS


FF-SIS End User Requirements

n Reduced Total Cost of Ownership for FF-SIS

applications.

CAPEX– Hardware, Footprint, Commissioning, Power Consumption

OPEX– Advanced diagnostics, Reduced test interval via increased DCF.

n SIL 2 and 3 applications

n Password protected access to FF-SIS field devices

n Additional Function Blocks (e.g. logic, 2 out of 3

voting)

n Definable actions on diagnosed failures – trip,

message

n Handle discrete signals (e.g. switches, motor trips,

lights, push buttons, etc.) where H1 dynamic

performance is acceptable

15

FF-SIS


FF-SIS End User Requirements

n Total system approach

Total Asset Management – FF-SIS and Non-SIS

Modular Logic Solver –centralized and distributed

option

Diagnostics

Hybrid system architecture – FF-SIS & traditional

hardware

Guidance to manual proof test

Signalling/procedures for auto proof test

Awareness of opportunity-based proof test

Logging/documentation of results

Failure rate updates

16

FF-SIS


FF-SIS Extension Areas

n Communication

Meet IEC 61508 part 2 clause 7.4.8

Communication Diagnostics

n User Application

Meet IEC 61508 part 3 clause 7.4.4

Function Block Diagnostics

CRC on Device Description Files

17

FF-SIS


Process Safety Time/

Safety Function Response Time

Stale counter – must be applied in accordance with the specific application

3x communcation timeout as thumb rule

18

FF-SIS


FF Scheduling of communciation and FB execution

19

FF-SIS


FF H1- Slow but accurate & safe?The PID control algorithm

depend on the sampling of

process values + filtering

Polled approach

– PLC – cyclic IO Copy

Jitter + drift

introduces ”I&D-

errors”

Synchronized

approach

– FF -In loop execution of

sampling and control

algorithm

The analog SIS voter can rely

on ”fresh values” -> best

possible Process Safety

Time

1 ms synch

accuracy

”Alarm”

20

FF-SIS


FF-SIS Communication Extensions

n Black Channel Approach

H1 Communication System (Black Channel) is unchanged.

A new FF-SIS protocol above the Black Channel detects network

faults and appropriate action is taken without human intervention.

IEC 61508

IEC 61508

Black Channel

New FF-SIS

Communication Diagnostics

21

FF-SIS


FF-SIS User Application Extensions

n User Application

New Function Blocks for FF-SIS Applications – FBAP Part 6

New FBAP diagnostics detect application faults and appropriate

action is taken without human intervention.

IEC 61508

IEC 61508

Black Channel

New FF-SIS Function Blocks

&

Function Block Diagnostics

22

FF-SIS


Function Block Application Process – Part 6

SIS Write Lock

SIS Discrete Input

SIS Analog Input

SIS Discrete Output

SIS Analog Voter

SIS Discrete Voter

SIS AND/OR/XOR

FF-SIS Diagnostics and Statistics added to device Resource Block

FF-SIS User Application Extensions

23

FF-SIS


Operation Engineering

Proprietary Network

SIS Logic

Hardwired

Today’s Proprietary SIS

24

FF-SIS


Ethernet

Switch

Operation Engineering

Proprietary Network

SIS Logic

Hardwired

H1

Operation EngineeringTotal Asset

Management

HSE

FF-SIS Devices

Tomorrow’s Open FF-SIS

Linking

Device

H1

Non-SIS FF Devices

Linking

Device

. . . .Logic Solver?

Logic Solver

25

FF-SIS


Control Network

Control/

PLC

Seriell kommunikasjon/felt buss

Firewall

Plant Network / Intranett

Application

server

Aspect

server

Client/server Network

Tredje part

applikasjon

server

ArbeidsstasjonerEnterprise Optimization

Suite

Mobile

Operator

Connectivity

server

Engineering

Arbeidsstasjoner

F&G SIL 2ESD – SIL 3 PSD – SIL2

System topology for process safety

Trenger sikker (safe) kommunikasjon på

Kontrollnetverks-nivå og på felt-nivå.

Delevis på operatør-nivå

26

FF-SIS


Increased diagnostic coverage with FF-SIS

The instruments and actuators

are included in the safety system

and becomes part of the

diagnostic testing

The increased diagnostic

coverage

Makes it possible to at an early

stage do repair in many cases

No longer proven in use

certification

TÜV will not accept the proven in

use concept for FF-SIS devices

27

FF-SIS


Effects of increased diagnostic coverage

28

FF-SIS


SIS_

DI

SIS_

AVTR

SIS_

DO

Write Lock

S

SIS_

WL

SIS_

AI

SIS_

RB

SIS_

WL

SIS_

AI

SIS_

RB

SIS_

WL

SIS_

AI

SIS_

RB

SIS_

WL

SIS_

RB

Example FF-SIS Application

29

FF-SIS


SIS_

DI

SIS_

DVTR

SIS_

DO

Write Lock

S

SIS_

WL

SIS_

DI

SIS_

RB

SIS_

WL

SIS_

DI

SIS_

RB

SIS_

WL

SIS_

DI

SIS_

RB

SIS_

WL

SIS_

RB

Example FF-SIS Application

PS PS PS

SIS_

LOGIC

SIS_

WL

SIS_

DI

SIS_

RB

Estop

30

FF-SIS


USER LAYER

TRANSPORT LAYER

SESSION LAYER

PRESENTATION LAYER

APPLICATION LAYER

PHYSICAL LAYER

DATA LINK LAYER

NETWORK LAYER

1

2

3

4

5

6

7

OSI Model

PHYSICAL LAYER 1

2

3

4

5

6

7

COMMUNICATION

STACK

IEC 61158

@ 31.25 kbit/s

IEC 61158 - DLL

IEC 61158 - FMS

H1

USER LAYERDD – IEC 61804-2

IETF TCP/UDP

IEEE 802.3

MAC

IETF IP

IEC 61158 - FDA

IEEE 802.3u

@ 100 Mbit/s

HSE


FF-SIS – New Kid on the Block

PHYSICAL LAYER

COMMUNICATION

STACK

H1/HSE


FF-SIS

IEC 61508

31

FF-SIS


Target Schedule

2002

4Q FF Board of Director Approval for SIS Project

2003

1Q Project Kickoff Meeting

2Q Architecture Completed

3Q Draft Preliminary Specifications (DPS) Version 0.4

4Q TÜV Concept Approval for SIS

2004

1Q DPS Version 0.5 External Review

2Q Release DPS Version 1.0

3Q Develop Lab Test Tools and Lab Prototypes

4Q Begin Specification Validation Lab Testing @ Infraserve in

Frankfurt

2005 – Release SIS Specification 1.0 and Final TÜV Type Approval

2008 – FF SIS Rollout Team

32

FF-SIS


FF SIS demonstrators - SROT

fieldbus foundation update for ga12 ff-sis © 2008 fieldbus foundation international development...

Documents