Functional safety, the last major domain of conventionally wired signal cables, is facing a changeover. Reliable, more up-to-date solutions can now be implemented in safetyrelated communication, even in hazardous locations.
Technical equipment for industrial processes has always carried inherent risks which users need to face. They not only have to ensure the correct, smooth operation of plants and machines. Danger to staff in process technology applications as well as in environments beyond the plant must also be controlled and prevented at all costs. In automation technology, this is traditionally implemented by means of dedicated safety circuits. However, current trends in data transmission have been steering away from such separate point-to-point connections, since modern signal transmission solutions have proven much more comfortable and flexible while providing a better performance. Fieldbus networks and remote I/O systems are therefore already widespread, even in demanding applications with explosion protection requirements.
Functional safety, the last major domain of conventionally wired signal cables, is now also facing this changeover. Reliable, more up to- date solutions than separately wired cables can now also be implemented in safety-related communication, even in hazardous locations, thus considerably reducing wiring efforts and increasing communication flexibility. The required theoretical groundwork is established, at least for major fieldbus systems. However, adequate hardware for safety fieldbuses is still in short supply. Convincing solutions for SIL 2-compliant installations can be based on remote I/O technology instead, provided that a suitable ESD system (Emergency Shut Down) is available.
Safe buses ...
In safety-related installations in hazardous areas, conventionally wired circuits still make up nearly 100% of all cables. At a first glance, this is surprising, since the percentage of bus technologies has been increasing in explosionprotected areas in the last years. This cannot be caused by a lack of suitable, safe bus systems: the PROFIsafe profile, which is suitable for applications up to SIL 3 combined with PROFIBUS DP, PROFIBUS PA or PROFINET, has been established 10 years ago. The SIF (Safety Instrumented Function) protocol has been developed for the Foundation™ fieldbus: a series of interoperability tests was successfully performed in 2007. The solution was then certified for SIL 3 applications in early 2008.
These systems, which can comply with the requirements of at least a dozen relevant standards, constitute a great step forward. Thanks to them, process data and safety data can be transmitted via the same line in bus networks, e.g. in PROFIBUS networks, where the former are transmitted in the so-called “grey channel” and the latter via the PROFIsafe layer which is based on the standard protocol. Both PROFIsafe and FF SIF implement a range of error recognition and elimination features, which enable safety-critical communication. These include, for example, clearly defined identifiers for the communicating devices, clear identification and timestamping of all data packets, the specification of reply timers which trigger an error message after timeout, and a routine integrity check of transmitted data by means of CRC checksums.
... carrying too few passengers
However, the required fieldbus-enabled devices for both solutions are still hard to find. Not many manufacturers offer bus-enabled SIL technology, let alone units that are also suitable for use in hazardous areas. Control systems and field devices for FF SIF are still in the prototype stadium. There are only two manufacturers who offer control systems (“F-hosts”) for PROFIsafe technology, which has been established longer, and very few provide suitable field devices. Tried-and-tested or SIL 2-certified sensors and actuators, which provide a safe protocol stack and a proven or SIL 2-certified interface, would be desirable. Widespread commitment to the new bus types is still a long time coming – understandably so, since manufacturers would need to provide one conventional, one PROFIsafe and one FF SIF model each, thus tripling development efforts. This obstacle will continue to exist, as will doubts as to whether the situation will improve quickly within the next years.
Shared taxi in the bus lane
Remote I/O technology provides a practical way out of this situation. Using an explosionprotected remote I/O system, which communicates with PROFIBUS DP and PROFIsafe, SIL devices which are conventionally wired via 4...20 mA signals can be safely connected to an ESD system (Emergency Shut Down) through a fast bus connection. Devices suitable for SIL 2 applications are widely available. The explosion-protected IS1 remote I/O system from R. Stahl uses a special Safety Analog Input Module (S-AIMH) for safetyrelated data in the PROFIsafe protocol layer in order to handle both communication types within the PROFIBUS network via the same line. This PROFIsafe slave component, which has 8 channels in the standard version, is installed within a standard remote I/O station. Standard process signals are transmitted to and from the PROFIBUS DP slave via the “grey channel”, just like in other remote I/O installations. If correct configuration and parameterisation are ensured, IS1 users can employ HART signals even in safety-relevant circuits. Using a remote system like IS1, available and existing field devices can be easily integrated via modern bus technology. Moreover, this solution also allows for fieldbus technology to be used in functional safety applications in hazardous areas.
R. Stahl
From wire bundles to data buses
Functional safety, the last major domain of conventionally wired signal cables, is facing a changeover.
- by R. STAHL
- April 12, 2010
- 3067 views