Download Experion PKS -- Process Knowledge System...
Honeywell Process Solutions
Experion PKS
Overview EPDOC-XX81-en-410A R410 March 2012
Release 410 Honeywell
Notices and Trademarks Copyright 2012 by Honeywell International Sárl. Release 410 March 2012 While this information is presented in good faith and believed to be accurate, Honeywell disclaims the implied warranties of merchantability and fitness for a particular purpose and makes no express warranties except as may be stated in its written agreement with and for its customers. In no event is Honeywell liable to anyone for any indirect, special or consequential damages. The information and specifications in this document are subject to change without notice. Honeywell, PlantScape, Experion PKS, and TotalPlant are registered trademarks of Honeywell International Inc. Other brand or product names are trademarks of their respective owners.
Honeywell Process Solutions 1860 W. Rose Garden Lane Phoenix, AZ 85027 USA 1-800 822-7673
ii
Experion PKS Overview Honeywell
R410 March 2012
About This Document Provides brief descriptions of the functions and components that can be combined to personalize your Experion system.
Release Information Document Name
Document ID
Overview - ovwm
EPDOCXX81-en410A
Release Number
Publication Date
410
March 2012
References The following list identifies all documents that may be sources of reference for material discussed in this publication. Document Title Control Building User's Guide C300 Controller User’s Guide Control Hardware Installation Guide Server and Client Planning Guide Server and Client Configuration Guide Experion Specification document
R410 March 2012
Experion PKS Overview Honeywell
iii
Support and Other Contacts
Support and Other Contacts United States and Canada Contact: Phone:
Fascimile: Mail:
Honeywell Solution Support Center 1-800-822-7673 Calls are answered by dispatcher between 6:00 am and 4:00 pm Mountain Standard Time. Emergency calls outside normal working hours are received by an answering service and returned within one hour. 1-973-455-5000 Honeywell TAC, MS L17 1860 W. Rose Garden Lane Phoenix, AZ, 85027 USA
Europe, Middle East, and Africa (EMEA) Contact: Phone: Fascimile: Mail:
Email:
Honeywell TAC – EMEA +32-2-728-2345 +32-2-728-2696 TAC-BE02 Hermes Plaza Hermeslaan, 1H B-1831 Diegem, Belgium
[email protected]
Pacific Contact: Phone: Fascimile: Mail: Email:
Honeywell Global TAC – Pacific 1300-364-822 (toll free within Australia) +61-8-9362-9559 (outside Australia) +61-8-9362-9564 Honeywell Limited Australia 5 Kitchener Way Burswood, WA, 6100, Australia
[email protected]
India Contact: Phone: Fascimile: Mail:
iv
Honeywell Global TAC – India +91-20- 6603-2718/19 1800-233-5051 +91-20- 6603-9800 Honeywell Automation India Ltd 56 and 57, Hadapsar Industrial Estate Hadapsar, Pune – 411 013, India Experion PKS Overview Honeywell
R410 March 2012
Support and Other Contacts
Email:
[email protected]
Contact: Phone: Fascimile: Mail:
Honeywell Global TAC – Korea +82-80-782-2255 (toll free within Korea) +82-2-792-9015 Honeywell Co., Ltd 4F, Sangam IT Tower B4-4 Block 1590, DMC Sangam-dong, Mapo-gu Seoul, 121-835, Korea
[email protected]
Korea
Email:
People’s Republic of China Contact: Phone: Mail: Email:
Honeywell Global TAC – China +86- 21-2219-6888 800-820-0237 400-820-0386 Honeywell (China) Co., Ltd 33/F, Tower A, City Center, 100 Zunyi Rd. Shanghai 200051, People’s Republic of China
[email protected]
Singapore Contact: Phone: Fascimile: Mail:
Email:
Honeywell Global TAC – South East Asia +65-6823-2215 +65-6445-3033 Honeywell Private Limited Honeywell Building 17, Changi Business Park Central 1 Singapore 486073
[email protected]
Japan Contact: Fascimile: Mail:
Email:
R410 March 2012
Honeywell Global TAC – Japan +81-3-6730-7228 Honeywell K.K New Pier Takeshiba, South Tower Building 20th Floor, 1-16-1 Kaigan, Minato-ku Tokyo 105-0022, Japan
[email protected]
Experion PKS Overview Honeywell
v
Support and Other Contacts
Elsewhere Call your nearest Honeywell office.
World Wide Web Honeywell Process Solutions website: https://www.honeywellprocess.com/
Training Classes Honeywell Automation College: http://www.automationcollege.com
vi
Experion PKS Overview Honeywell
R410 March 2012
Symbol Definitions
Symbol Definitions The following table lists those symbols used in this document to denote certain conditions. Symbol
Definition ATTENTION: Identifies information that requires special consideration.
TIP: Identifies advice or hints for the user, often in terms of performing a task. REFERENCE -EXTERNAL: Identifies an additional source of information outside of the bookset. REFERENCE - INTERNAL: Identifies an additional source of information within the bookset.
CAUTION
Indicates a situation which, if not avoided, may result in equipment or work (data) on the system being damaged or lost, or may result in the inability to properly operate the process. CAUTION: Indicates a potentially hazardous situation which, if not avoided, may result in minor or moderate injury. It may also be used to alert against unsafe practices. CAUTION symbol on the equipment refers the user to the product manual for additional information. The symbol appears next to required information in the manual. WARNING: Indicates a potentially hazardous situation, which, if not avoided, could result in serious injury or death. WARNING symbol on the equipment refers the user to the product manual for additional information. The symbol appears next to required information in the manual. WARNING, Risk of electrical shock: Potential shock hazard where HAZARDOUS LIVE voltages greater than 30 Vrms, 42.4 Vpeak, or 60 VDC may be accessible.
R410 March 2012
Experion PKS Overview Honeywell
vii
Symbol Definitions
Symbol
Definition ESD HAZARD: Danger of an electro-static discharge to which equipment may be sensitive. Observe precautions for handling electrostatic sensitive devices. Protective Earth (PE) terminal: Provided for connection of the protective earth (green or green/yellow) supply system conductor.
Functional earth terminal: Used for non-safety purposes such as noise immunity improvement. NOTE: This connection shall be bonded to Protective Earth at the source of supply in accordance with national local electrical code requirements. Earth Ground: Functional earth connection. NOTE: This connection shall be bonded to Protective Earth at the source of supply in accordance with national and local electrical code requirements. Chassis Ground: Identifies a connection to the chassis or frame of the equipment shall be bonded to Protective Earth at the source of supply in accordance with national and local electrical code requirements.
viii
Experion PKS Overview Honeywell
R410 March 2012
Contents 1.
INTRODUCTION ..........................................................................19 1.1
Experion® Process Knowledge System (PKS) Offers a Single Solution . 19
Introducing Experion PKS ....................................................................................................19 Experion PKS basics ............................................................................................................20 Basic Control System topology ............................................................................................22
2.
CONCEPTS AND FUNCTIONS ...................................................27 2.1
Global Data Ownership ................................................................................. 27
Global ownership .................................................................................................................27 Data ownership ....................................................................................................................27
2.2
Composite Data ............................................................................................. 27
2.3
Deterministic Control .................................................................................... 27
2.4
Redundancy ................................................................................................... 27
2.5
SCADA Support ............................................................................................. 28
2.6
On-Process Migration ................................................................................... 28
Redundant servers required .................................................................................................28 Experion controller migration................................................................................................28 Safety Manager migration ....................................................................................................29
2.7
Off-Process Migration ................................................................................... 29
2.8
Upgrade Tool ................................................................................................. 29
2.9
Custom installation path .............................................................................. 30
2.10
Configuration Studio ................................................................................. 30
2.11
Building an Enterprise Model ................................................................... 32
About the Experion Enterprise Model ...................................................................................32 System model ......................................................................................................................32 Asset model .........................................................................................................................32 Alarm group model ...............................................................................................................33 Network tree .........................................................................................................................33
2.12
Control Building......................................................................................... 34
Control Builder .....................................................................................................................34 Navigation improvements in the Control Builder ..................................................................35 Search enhancements in the Control Builder .......................................................................35 Resize Control Builder Search windows ..............................................................................35 R410 March 2012
Experion PKS Overview Honeywell
ix
Contents
Control Builder enhancements in R410 ............................................................................... 36 Function blocks .................................................................................................................... 39 Control Modules ................................................................................................................... 39 Continuous control functions ................................................................................................ 39 Logic control functions ......................................................................................................... 40 Sequential control functions ................................................................................................. 40 Batch control functions......................................................................................................... 40 Procedural operations .......................................................................................................... 40 Layered recipe functions ...................................................................................................... 41 Unit Control Function (UCF) ................................................................................................ 41 Support for Class-based recipes .......................................................................................... 41 Template and hierarchical build functions ............................................................................ 42 Qualification and Version Control System ............................................................................ 42 Peer Control Data Interface functions .................................................................................. 42
2.13
Identical Build/Operate Environments ..................................................... 42
Build environment ................................................................................................................ 42 Independent build capability ................................................................................................ 43 Multiple user access ............................................................................................................ 43 Operate environment ........................................................................................................... 43
2.14
Safety Builder ............................................................................................. 44
2.15
OneWireless integration............................................................................ 45
2.16
Functional Logic Diagrams (FLDs) .......................................................... 47
2.17
Custom Display Building .......................................................................... 50
HMIWeb Display Builder ...................................................................................................... 50 Display scripts ...................................................................................................................... 51
2.18
Online Documentation............................................................................... 51
Knowledge Builder ............................................................................................................... 51 KB mode .............................................................................................................................. 52 Internet-awareness .............................................................................................................. 52
2.19
3.
Internationalization .................................................................................... 52
SERVERS AND STATIONS......................................................... 53 3.1
Supervisory Infrastructure ........................................................................... 53
Components ........................................................................................................................ 53 Functions and features ........................................................................................................ 53
3.2
Server.............................................................................................................. 54
Capability ............................................................................................................................. 54 Alarm and event management ............................................................................................. 54 Alarm aggregation................................................................................................................ 55 Historization ......................................................................................................................... 55 x
Experion PKS Overview Honeywell
R410 March 2012
Contents
Trending ...............................................................................................................................55 Reporting..............................................................................................................................56 Redundancy .........................................................................................................................57 Distributed System Architecture ...........................................................................................57 Server scripts .......................................................................................................................59 Specialized server software options .....................................................................................59
3.3
Stations .......................................................................................................... 59
Flexibility ..............................................................................................................................59 Flex Stations ........................................................................................................................60 Console Stations, Console Extension Stations, and Consoles.............................................60 Multiple-window Station configurations ................................................................................60 Mobile Station ......................................................................................................................61 eServer and casual Web access ..........................................................................................61 Specialized Station hardware ...............................................................................................61 Station security.....................................................................................................................63 Integrated Security ...............................................................................................................63 Signon Manager ...................................................................................................................63 Electronic signatures ............................................................................................................64 High Security Policy .............................................................................................................64
3.4
Data Exchange............................................................................................... 65
TPS Integration ....................................................................................................................65 Open Database Connectivity (ODBC) Driver .......................................................................66 Open Database Connectivity (ODBC) Data Exchange ........................................................66 Microsoft Excel Data Exchange (MEDE) ..............................................................................67 OLE for Process Control (OPC) ...........................................................................................67 Experion Application Programming Interface (API) ..............................................................68 Network API .........................................................................................................................68
4.
PROCESS CONTROL HARDWARE ...........................................69 4.1
Control Hardware Infrastructure.................................................................. 69
Basic Components ...............................................................................................................69 Extension Component ..........................................................................................................71
4.2
Process Controller ........................................................................................ 73
About the controller ..............................................................................................................73 Chassis ................................................................................................................................74 Control Processor ................................................................................................................74 Controller redundancy ..........................................................................................................76 Bumpless failure ...................................................................................................................80 Chassis I/O...........................................................................................................................80 Chassis I/O terminal connectors ..........................................................................................81 Series C I/O..........................................................................................................................81
4.3
Safety Controller ........................................................................................... 83
Safety Manager System Configurations ...............................................................................83 R410 March 2012
Experion PKS Overview Honeywell
xi
Contents
Safety Manager basic architectures ..................................................................................... 84 Controller chassis ................................................................................................................ 84 Control Processor ................................................................................................................ 85 Quad Processor Pack (QPP) ............................................................................................... 86 Universal Safety Interface (USI)........................................................................................... 87 IO bus .................................................................................................................................. 87 I/O modules ......................................................................................................................... 88 IO FTA ................................................................................................................................. 90
4.4
5.
Wireless Device Manager ............................................................................. 92
SUPPORTED EXPERION HARDWARE...................................... 93 5.1
Supported Platforms ..................................................................................... 93
Supported server platforms .................................................................................................. 93 Supported workstation platforms.......................................................................................... 93
5.2
6.
Support for new Matrox Extio2 Remote Peripheral Solution (RPS) ......... 94
PROCESS COMMUNICATIONS ................................................. 95 6.1
Communications Topology .......................................................................... 95
Plantwide communications .................................................................................................. 95 Scalable security inhibits unauthorized data access ............................................................ 96 Control level communications .............................................................................................. 96 Application and user interface communications for the Experion server .............................. 97 Foundation Fieldbus communications.................................................................................. 97 Redundant Fieldbus integrated architecture ........................................................................ 99
6.2
Network Platforms ....................................................................................... 102
Ethernet ............................................................................................................................. 102 Fault Tolerant Ethernet ...................................................................................................... 102 Supervisory Fault Tolerant Ethernet (FTE), ControlNet or Ethernet................................... 103 Time Synchronization ........................................................................................................ 103
6.3
ControlNet .................................................................................................... 103
Open technology ................................................................................................................ 103 Devices .............................................................................................................................. 103 Control network redundancy .............................................................................................. 104
6.4
ControlNet Interoperability ......................................................................... 104
6.5
Connectivity ................................................................................................. 106
Background ........................................................................................................................ 106 Third-party networks .......................................................................................................... 106
6.6
Communications Model for the Control Processor ................................. 107
Reference model................................................................................................................ 107 xii
Experion PKS Overview Honeywell
R410 March 2012
Contents
Publish/subscribe transport layer .......................................................................................107 Publish/subscribe application layer ....................................................................................108 Request/response application layer ...................................................................................108 Report-by-exception ...........................................................................................................108
6.7
7.
Safety Manager SafeNet ............................................................................. 108
MONITORING PLANT PROCESSES ........................................111 7.1
Understanding Points ................................................................................. 111
Process points....................................................................................................................111 Flexible points ....................................................................................................................111 Standard (Inbuilt) point types .............................................................................................111 Scanning ............................................................................................................................112 Point algorithms .................................................................................................................112 Scripts ................................................................................................................................112 User-defined parameters....................................................................................................112
7.2
Process Monitoring and Data Display ...................................................... 113
System displays for configuring your system .....................................................................113 System displays for managing alarms and events .............................................................114 System displays for monitoring your processes .................................................................114 Custom displays .................................................................................................................117
7.3
Operator Notification of Alarms and Events ............................................ 118
Alarm and event generation ...............................................................................................118 Alarms ................................................................................................................................119 Filters and views ................................................................................................................119 Alarm suppression .............................................................................................................119 Alarm shelving....................................................................................................................120 Operator response .............................................................................................................120
7.4
Safety Manager Sequence of Events (SOE) support ............................... 122
SOE generation..................................................................................................................122 SOE reporting ....................................................................................................................122
8.
CONTROLLING THE PROCESS ...............................................123 8.1
Understanding Supervisory Control ......................................................... 123
Supervisory control ............................................................................................................123
8.2
Examples of Process Control .................................................................... 124
Background ........................................................................................................................124 Process control using status points ....................................................................................124 Process Control Using Analog Points ................................................................................125
R410 March 2012
Experion PKS Overview Honeywell
xiii
Contents
9.
ANALYZING PROCESS DATA ................................................. 127 9.1
Understanding Reports............................................................................... 127
Background ........................................................................................................................ 127
9.2
Process History Analysis and Archiving .................................................. 127
History................................................................................................................................ 127 PHD integration.................................................................................................................. 128 Analyzing process history .................................................................................................. 128 Archiving process history ................................................................................................... 129 Event archiving and storage .............................................................................................. 129
10.
STANDARD COMPLIANCE ...................................................... 131
10.1
Safety Manager compliance.................................................................... 131
10.2
Experion compliance ............................................................................... 131
xiv
Experion PKS Overview Honeywell
R410 March 2012
Contents Tables
Tables Table 1 Safety Manager System Configurations .......................................................... 83 Table 2 System Manager Architectures ....................................................................... 84
R410 March 2012
Experion PKS Overview Honeywell
xv
Contents Figures
Figures Figure 1 - Experion Platform Architecture ...................................................................... 20 Figure 2 - Basic Experion System Topology with C200 Process Controllers ................ 24 Figure 3 - Basic Experion System Topology with C300 Process Controllers ................ 25 Figure 4 - Example SafeNet Topology ........................................................................... 26 Figure 5 - Configuration Studio ...................................................................................... 31 Figure 6 - Typical Control Builder view with open Control Module. ............................... 34 Figure 7 - Sample Safety Builder Function: Network Configurator ................................ 44 Figure 8 Experion OneWireless integration topology .................................................... 46 Figure 9 - Sample Functional Logic Diagram (FLD) ...................................................... 47 Figure 10 - Typical custom display ................................................................................ 51 Figure 11 - Typical trend display .................................................................................... 56 Figure 12 - A geographically distributed system ............................................................ 58 Figure 13 - A plant-wide distributed system ................................................................... 58 Figure 14 - Honeywell's Icon Console ........................................................................... 62 Figure 15 - Sample Upgraded System with Experion Controller Expansion ................. 65 Figure 16 - C200 Control Processor .............................................................................. 75 Figure 17 - C300 Control Processor .............................................................................. 76 Figure 18 - Redundancy Module For C200 Controller Redundancy ............................. 77 Figure 19 - Module redundancy for C200 Controller in redundant supervisory ControlNet networks ............................................................................................... 78 Figure 20 - C300 Controller redundancy in supervisory Fault Tolerant Ethernet network79 Figure 21 - Chassis I/O Module Basic Layout ............................................................... 80 Figure 22 - Typical non-redundant Series C I/O configuration ...................................... 82 Figure 23 - Front and Rear View of the CP chassis ...................................................... 85 Figure 24 - Safety manager Control Processor Modules............................................... 86 Figure 25 - Back View of Typical Safety Manager with Redundant Controller and I/O Chassis ................................................................................................................... 88 Figure 26 - Example of the High Density SAi 1620m Module........................................ 89 Figure 27 - Some Terminal Type FTA's ......................................................................... 91 Figure 28 - Scalable Architecture for Plantwide Communications. ................................ 95 Figure 29 - Control Level Communications Network for C200 Controllers using ControlNet media .................................................................................................... 96 Figure 30 - Supervisory Level Communications Network .............................................. 97 Figure 31 - Foundation Fieldbus Level Communications Network using a Chassis I/O Series A Fieldbus Interface Module ........................................................................ 98 Figure 32 - Foundation Fieldbus Level Communications Network using a Series C Fieldbus Interface Module ...................................................................................... 99 Figure 33 - Sample system architecture for redundant Fieldbus integration using a Chassis I/O - Series A Fieldbus Interface Module ................................................ 100 xvi
Experion PKS Overview Honeywell
R410 March 2012
Contents
Figure 34 - Sample system architecture for redundant Fieldbus integration using a Series C Fieldbus Interface Module ..................................................................... 101 Figure 35 - Control Network Redundancy ................................................................... 104 Figure 36 - Connectivity System .................................................................................. 106 Figure 37 - Experion versus ISO-OSI Communications Model ................................... 107 Figure 38 - Example Safety Manager Topology .......................................................... 109 Figure 39 - Typical configuration display ..................................................................... 113 Figure 40 - An alarm summary display ........................................................................ 114 Figure 41 - A typical point detail display ...................................................................... 115 Figure 42- A Typical Faceplate ................................................................................... 115 Figure 43 - A typical trend display ............................................................................... 116 Figure 44 - A typical group display .............................................................................. 116 Figure 45 - Safety Manager System Information Display ............................................ 117 Figure 46 - An event summary display ........................................................................ 118 Figure 47 - Supervisory Control Process..................................................................... 123 Figure 48 - Process Control Example.......................................................................... 124 Figure 49 - Process Control Using Status Points ........................................................ 125 Figure 50 - Process Control Using Analog Points ....................................................... 126
R410 March 2012
Experion PKS Overview Honeywell
xvii
Contents Figures
xviii
Experion PKS Overview Honeywell
R410 March 2012
1. Introduction 1.1 Experion® Process Knowledge System (PKS) Offers a Single Solution Introducing Experion PKS Experion PKS is a cost-effective open control and safety system that expands the role of distributed control. It addresses critical manufacturing objectives to facilitate sharing knowledge and managing workflow. Experion provides a safe, robust, scalable, plantwide system with unprecedented connectivity through all levels of the plant as illustrated in the following high-level view of the architecture. The Experion unified architecture combines DCS functionality and a plant-wide infrastructure that unifies business, process, and asset management to: Facilitate knowledge capture Promote knowledge sharing Optimize work processes Accelerate improvement and innovation.
R410 March 2012
Experion PKS Overview Honeywell
19
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Figure 1 - Experion Platform Architecture Experion PKS basics The Experion platform is well suited for both small and large systems. It provides the power and flexibility required to handle the full spectrum of process control and safety applications. Experion offers state-of-the-art DCS capabilities that include Abnormal Situation ® ® Management (ASM ), Safety Management, and Information Management technologies. Experion interfaces with FOUNDATION Fieldbus, Profibus, DeviceNet, HART, LON, ControlNet and Interbus. Robustness, security, compliance, control, safety, and reliability are plant-wide. Its distributed control features include a complete continuous, logic, sequential, and drive object-oriented control environment hosted on fully redundant controllers. Experion features include: Sophisticated human-machine interface. Tightly integrated databases, engineering tools, and control and safety applications. 20
Experion PKS Overview Honeywell
R410 March 2012
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Operational integration of control and safety applications. Open, deterministic, high-speed control network communications system for predictable and repeatable control linking servers, controllers, and remote I/O. A configurable Control Execution Environment (CEE) provides deterministic, consistent, and reliable control application execution. A single builder tool, Configuration Studio, allows integrated application configuration. Four CEE-based controllers: The C200 Process Controller is a compact and cost-effective solution located close to the process with direct IO connections. It is ideal for integrated regulatory, fast logic, sequential, and batch control applications. The C200E Process Controller an enhanced C200 Controller with additional user memory and an enhanced function block set. The C300 Process Controller is the next generation controller that builds on the reliability and robustness of the C200 controller to provide even more versatile control integration through innovative mounting and connecting techniques. The Process, Machinery and Drives (PMD) Controller provides the traditional control process functions and manages smart motor center controls, hydraulic and pneumatic controls of machinery and coordinated line drive control solutions. Fast functions, such as machine element controls and coordinated line drives, can be executed at a 20 millisecond cycle. For more information about PMD Controllers, refer to Experion PKS with PMD Controller Field Controller User's Guide and Experion PKS with PMD Controller Field Controller Express User's Guide. The Application Control Environment (ACE) is ideally suited for supervisory control solutions and integration with third party control systems. It is hosted on a server grade computer platform. Safety Instrumented Systems (SIS) Safety Manager topology with scalable safety solution through Safety Manager local I/O and SafeNet plant-wide network capabilities. Safety Manager will meet the most stringent safety requirements with Safety Integrity Levels (SIL) 3 compliancy. The Simulation Control Environment (SCE) supports system simulation on computers without requiring dedicated controller hardware or process connections. Redundancy support for servers, networks, and controllers. Distributed System Architecture (DSA) that integrates multiple servers into a single operational system. R410 March 2012
Experion PKS Overview Honeywell
21
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Support for internationalization/localization. Interfaces for wide variety of third-party controllers and protocols. A cost-effective architecture that Makes extensive use of open technologies and commonality of hardware, and Is scaleable from just a few points, to thousands of points. Basic Control System topology In a basic Experion system topology, the server and C200/C200E and/or C300 Process Controllers share a global database, so you only need to enter data once. This one-step configuration eliminates errors and dramatically reduces configuration time. When you define a control or safety strategy, point detail displays, trends, alarms, and group displays are automatically created, so you instantly have access to the information you need to operate your control or safety strategy. The following figure illustrates the high-level view of a basic Experion system topology. Experion can be segmented into basic sets of hardware component platforms: Supervisory Platform, which includes non-proprietary computing platforms running Windows operating systems and serving as both Experion servers and Experion Stations. Experion Stations are able to serve as both engineering and operating interfaces, depending on the software loaded on each node. C200/C200E, C300, using a small hardware form-factor supporting a scaleable and modular architecture. Commonality and flexibility of hardware components, and their placement within the system, reduce initial cost-to-purchase, and minimize cost-of-ownership while plant safety is guaranteed. Safety Manager Controller is the SIL 3 safety controller that executes safety strategies independently from the process control layer. It communicates with dedicated Input/Output (I/O) modules that are directly connected to the Safety Manager controller. Safety manager is a fully redundant controller that seamlessly integrates in the Experion topology. Safety Manager Controllers can connect to each other through a dedicated network or through the FTE network. The "SafeNet" connection is a SIL 4 certified safety protocol. Process, Machinery and Drives (PMD) Controller is a controller unit that contains an integrated application execution environment, two independent fieldbus interfaces, an Upline interface, an FTE system interface. Integrated Controllers, the server integrates to a number of Honeywell loop controllers and recorders. This integration effectively reduces engineering time by integrating the device configuration tools and/or diagnostic features with the Experion platform.
22
Experion PKS Overview Honeywell
R410 March 2012
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Third -party Controllers, the server can interface to a number of third party controllers including the Allen Bradley PLC5 and SLC range, Modicon, GE Fanuc and Siemens plus many more. Communications Platform, which utilizes open network standards, including: Ethernet-or Honeywell's Fault Tolerant Ethernet (FTE) based plant information network (PIN) linking servers and clients together for the purpose of supervisory level communications. Fault Tolerant Ethernet (FTE) network providing the communications link between the C300 Controllers and the supervisory level as well as peer-to-peer communication between Controllers and remote I/O. SafeNet providing the safe communication link between the Safety Manager Controllers on a separate network or by using Fault Tolerant Ethernet (FTE). ControlNet, Ethernet, or Fault Tolerant Ethernet (FTE) network providing the communications link between the C200/C200E Controllers and the supervisory level, as well as peer-to-peer communications between Controllers, with ControlNet network providing the communications link between the C200/C200E Controllers and remote I/O. ATTENTION With R410, you can configure native peer-to-peer communication between the CEE points and non-CEE points such as SCADA, TPS, PMD, and Safety Manager points.
R410 March 2012
Experion PKS Overview Honeywell
23
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
LAN (TCP/IP, Ethernet, Fault Tolerant Ethernet, etc.) Other connectivity Honeywell S9000 Honeywell 620 LC TDC 3000 Data Hiway Honeywell UDC Modicon PLC Allen-Bradley
Station
Station
Server
Supervisory Fault Tolerant Ethernet, ControlNet, or Ethernet Controller
Controller
Controller
I/O ControlNet
Non-Redundant Controller
I/O ControlNet
Redundant Controller
Figure 2 - Basic Experion System Topology with C200 Process Controllers
24
Experion PKS Overview Honeywell
R410 March 2012
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Figure 3 - Basic Experion System Topology with C300 Process Controllers
R410 March 2012
Experion PKS Overview Honeywell
25
1. Introduction 1.1. Experion® Process Knowledge System (PKS) Offers a Single Solution
Figure 4 - Example SafeNet Topology
26
Experion PKS Overview Honeywell
R410 March 2012
2. 2.1
Concepts and Functions
Global Data Ownership
Global ownership The global ownership part of the Global Data Ownership concept means that there is one-and-only-one owner of any particular object across the entire automation system. This has advantages primarily in the area of engineering efficiency. Global data allows the Experion system to provide a unified build environment. Data ownership In the Experion system, the controller owns some data while other data is owned by a server-based database known as the System Repository. Each data element is owned by one-and-only-one of these entities. This provides robustness because all users throughout the Experion system are dealing with the same value for that data at any given point in time. Since the data is owned by one-and-only-one entity yet is usable throughout the entire system, each data entity needs to be built only once in Control Builder. Data is also acted upon in a unified fashion, best typified by unified event management. For example, the C200/C200E or C300 Process Controller originates alarms and events and notifies all relevant parties throughout the system of their occurrence. This is known as the "event notification subsystem" and it is an important part of the system's architecture. Data in the Experion environment is global in nature, and as such, can be used by any relevant entity throughout the system.
2.2
Composite Data Composite data (using a Control Module, point, parameter model) provides engineering efficiency by establishing predefined data structures. It also permits precise control by supporting consistent exception and failure mode handling.
2.3
Deterministic Control Deterministic control simply means quality through repeatable control. Users are informed when they approach the limits of the control processing cycle. If a user has overloaded a controller processing cycle, control is still performed.
2.4
Redundancy Redundancy provides critical system components with the software to transfer from a primary to a secondary device should a problem develop in the primary device. The Experion system has been designed to accommodate the most complete redundancy protection ever developed for an industrial automation system, and fully implement redundancy in terms of servers, networks, controllers, and selected I/O.
R410 March 2012
Experion PKS Overview Honeywell
27
2. Concepts and Functions 2.5. SCADA Support
For Experion Safety Manager, redundancy is applied by running the two single legs simultaneously. This allows for uninterrupted process safety in case of any anomaly detected in controller, I/O or field instrumentation. Even the single Safety Manager leg is SIL 3 certified without restrictions.
2.5
SCADA Support By definition, an Experion process system includes C200/C200E, C300, and/or ACE controllers. It can also include SCADA devices that may consist of serial devices (RS232 or RS485), ControlNet connections, and/or Ethernet Interfaces (for example, MODBUS TCP) or combinations of these. In addition, SCADA points and connections may coexist with C200/C200E s and TPS within given capacity constraints. The Quick Builder application provides the tools for building a SCADA network interface. A SCADA only system does not include C200/C200E, C300 or ACE controllers.
2.6
On-Process Migration Experion on-process migration is a licensed option for upgrading software on redundant servers, Stations, and Process Controllers to a new release. It does not include the migration of SCADA connected controllers.
Redundant servers required If you have a redundant system, you can use on -process migration to upgrade to the next release of Experion while maintaining view and control of your processes. On-process migration involves upgrading one of the servers, switching the upgraded server to primary mode and then upgrading the other server. Once you upgrade the redundant servers and their associated Stations, you can use the Controller Migration Wizard to upgrade the redundant Controllers and their associated I/O modules. Experion controller migration Redundant C200/C200E Controllers migration includes the firmware upgrade of chassis-resident modules such as the Control Processor Module, Redundancy Module, Fieldbus Interface Module and I/O Link Interface Module. The same is true for Redundant Series C hardware such as the C300 Controller and Series C Fieldbus Interface Module. You must upgrade ACE and SCE nodes off process, but you can use the Controller Migration Wizard to start the migration. ATTENTION You must perform freeze and switchover operation of redundant C200, C200E, and C300 from server B only. 28
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.7. Off-Process Migration
Safety Manager migration Safety Manager on-process migration is an option for upgrading software on redundant Safety Manager Controllers to a new release. If you have a redundant system, you can upgrade to the next release of Experion Safety Manager while maintaining view and safety of your processes. On-process migration involves upgrading one of the Safety Manager Control Processors, switching the upgraded server to primary mode and then upgrading the other Control Processor. This all is done by using the 4-step wizard that guides you through the OPM process The Safety Manager migration allows for upgrades of application, and firmware. The migration is TUV approved and Safety Manager will continue safeguarding the Process during all steps of the migration process. No external measures (such as external overrides or secondary means of process stops) are needed. The flexible migration of Safety Manager allows even adding and removing of hardware modules, chassis or even complete Safety Manager Controllers while continuously monitoring the plant safety.
2.7
Off-Process Migration The off-process migration does not require a license and you can use it to upgrade redundant as well as any non-redundant system components including servers.
2.8
Upgrade Tool The Upgrade tool checks the upgrade readiness of the nodes and its subsystems in an Experion system. The Upgrade tool is installed as a part of the Engineering tools installation. If you have redundant servers, Upgrade tool is installed on Server B. In case of non-redundant server, Upgrade tool is installed on the only server. The Upgrade tool does not depend on any specific Experion topology. In case of a redundant Experion configuration, the Upgrade tool is run only on the Server B. In case of a non-redundant Experion server configuration, the Upgrade tool is run on the single Experion server node. The Upgrade tool ensures that it does not overload the Experion server. Before starting an Experion upgrade, you have to verify the upgrade readiness of the Experion system and prepare it for the upgrade. The Upgrade tool automates the manual process of preparing the Experion system for the upgrade. After the upgrade is complete, you can run the Upgrade tool to perform a post-upgrade analysis. Upgrade tool makes the upgrade readiness process effortless, easy, and errorfree. It reduces the manual information gathering time and minimizes the possibility of errors.
R410 March 2012
Experion PKS Overview Honeywell
29
2. Concepts and Functions 2.9. Custom installation path
2.9
Custom installation path Starting R410.1, Experion installation, and migration is supported on custom installation paths. This feature allows control on the path where Experion is installed/migrated and the location where the runtime files and SQL logs are stored. You can select the custom installation path for the following components. Experion software: This consists of deliverable that are part of Experion installer and third party software. Experion runtime data: This consists of the all the files and folders available at “C:\ProgramData\Honeywell\” path for the Experion release and the Experion SQL databases. Following files comes under this category. Runtime data Experion created SQL data files Experion SQL logs: This consists of SQL database log files generated during installation/migration
2.10 Configuration Studio Configuration Studio provides a central location from which you can configure your Experion system. The individual tools required to configure parts of your system are launched from Configuration Studio.
30
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.10. Configuration Studio
Figure 5 - Configuration Studio In Configuration Studio, you are provided with a customized list of tasks that you are required to complete to configure your system. When you click a task, the appropriate tool is launched so that you can complete the task. R410 March 2012
Experion PKS Overview Honeywell
31
2. Concepts and Functions 2.11. Building an Enterprise Model
These tools include: Enterprise Model Builder: a graphical tool for building your asset model. (See Asset model.) Quick Builder: a graphical tool for building hardware items such as Flex Stations, printers, controllers, and standard (non-C200/C200E) points in your system. After building hardware and points with Quick Builder, you download these items from Configuration Studio to the server database. System Displays: displays that are used to configure items such as reports, group display, trends, Station settings, and Console Stations. Control Builder: a graphical tool for building your control strategy for Process Controllers. HMIWeb Display Builder: a graphical tool for creating your own (custom) displays using Web-based features. Displays are saved in HTML format. For more information on custom displays and HMIWeb Display Builder, see the Safety Builder section.
2.11 Building an Enterprise Model About the Experion Enterprise Model The Experion Enterprise Model is a framework that can be used by engineers, operators, and applications to model and view their plant or process. The Enterprise Model replaces the flat, area-based structure that was used prior to Release 210. You use Configuration Studio (see Configuration Studio) to define the various components of your Enterprise Model, which comprises: A system model An asset model An alarm group model Network tree System model The system model represents the boundaries of your system. You build your system model by defining the servers that are part of your Experion system. You can also use your system model, to define those servers that are connected to, but outside of, your system. Asset model An asset model forms the core of the Experion Enterprise Model and is used to: Define scope of responsibility for operators and other users Navigate your Experion system 32
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.12. Control Building
Resolve data references Manage alarms Organize points, displays and reports. About assets in an asset model An Experion asset is a database entity that represents a particular physical item in your enterprise, for example, fixed plant equipment, facilities and buildings. The benefits of a hierarchical asset-based structure in your Experion database include: A simple and intuitive means of implementing scope of responsibility (SOR), that is, of allowing or restricting access to parts of the plant, process, or equipment. Instead of having to nominate each and every item for which a given Station or operator has scope of responsibility, you can often assign the scope of responsibility with a single click, depending on how you have defined your asset structure. By assigning a given asset to a Station or operator, you assign that Station or operator the ability to control all the points that belong to that asset (and any of its subsidiary or "child" assets) and to view the alarms and custom displays for that asset. A structure that can be used to logically replicate your physical assets and to engineer your Experion system around your key entities. A user-friendly asset-naming system that helps operators and other users to more easily navigate through displays and identify particular parts of the plant or specific pieces of equipment without having to remember obscure tag names. A ready-made form of alarm aggregation. Once you have defined your assets and the points that belong to those assets, alarms for those points are automatically aggregated under each asset. Alarm group model The alarm group model is used to: Define alarm groups View aggregated alarms for those alarm groups Network tree The Network tree is a graphical view of the nodes on your network, which can be viewed on the System Status display. This provides you with a single display that can be used to view the status of all the parts that comprise your control system. The Network tree works in conjunction with the System Event Server and the System Performance Server to display system errors, which can be used to troubleshoot faults within the system. R410 March 2012
Experion PKS Overview Honeywell
33
2. Concepts and Functions 2.12. Control Building
2.12 Control Building Control Builder Control Builder is an engineering tool offering the latest in control strategy building going well beyond looking "pretty" on screen. Its graphical, object-oriented design dramatically reduces the effort required to design, implement and document control applications.
Figure 6 - Typical Control Builder view with open Control Module. Prior to R400, you could search or a tag by expanding the function block tree view in Project or Monitoring mode. With R400, you can search, sort, and filter the tags. The Control Builder search window can be resized to view the complete tag name and other fields.
34
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.12. Control Building
Navigation improvements in the Control Builder Navigating to the function block/parameter in the Control Builder is based on the Closed Match concept. For more information on navigation enhancements, see Control Building User's Guide. Search enhancements in the Control Builder Prior to R400, you could search for a tag by expanding the function block tree view in Project or Monitoring mode. With R400, you can search for tags in the following ways. Using File > Open > Open Object Using Find Options toolbar in the tree view Typing the prefix of a tag in the tree view Using New List View, which also provides sorting and filtering functionality For more information on search enhancements, see Control Building User's Guide. Resize Control Builder Search windows Prior to R400, you could not resize the search window to view the complete tag name and other fields. With R400, following are the enhancements with Control Builder Search windows. Resizing of the Control Builder Search window to view the complete tag name A tooltip is available for the controls in the dialog box. Column sorting and resizing based on the column values The following are the search windows considered for the enhancements: Point Selection popup window Create / Read Bulk Build List Create / Read Bulk Edit List Substitute Name List Execution Environment Assignment For more information on resizing the Control Builder Search windows, see Control Building User's Guide.
R410 March 2012
Experion PKS Overview Honeywell
35
2. Concepts and Functions 2.12. Control Building
Control Builder enhancements in R410 The following are the Control Builder enhancements in Experion R410. Configuring on-delay and off-delay for individual alarms With R410, on the Alarms tab, you can configure on-delay time, off-delay time, deadband value, and deadband units for the individual alarms. This is applicable only for few function blocks for which alarms are supported. For more information about the on-delay and off-delay functionality, refer to Control Builder Components Theory. Configuring alerts With R410, the FLAG block is enhanced such that you can configure the FLAG block to generate alerts. To accomplish this, a new parameter ALTENBOPT is introduced in the Main tab of the FLAG block configuration form. For more information about configuring the alerts, refer to Control Building User's Guide. Control Builder print feature Prior to R410, you could not print multiple pages in a single sheet. This resulted in wastage of paper. In addition, you could not view the complete chart configuration in a single page. In addition, before printing, you could not predict the number of pages that might be required to print the selected chart. With R410, Control Builder print and zoom feature is enhanced such that you can print multiple pages of a chart in a single sheet based on the scale factor. In addition, before printing you can preview the charts and can predict the number of pages to be printed using the Print Preview option. You can also zoom-in and zoom-out the charts to the desired zoom values. For more information about configuring the alerts, refer to Control Building User's Guide. Print Preview feature With R410, Print Preview feature enables you to preview the charts before printing. You can only preview the chart that is currently open before printing. The Print Preview feature enables you to view each page of a chart individually. You can also navigate to the next or the previous page of the chart. For more information about configuring the alerts, refer to Control Building User's Guide.
36
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.12. Control Building
Inserting comments into a strategy using Text Comment block With R410, you can use the Text Comment block to add comments into a template or a strategy. The Text Comment block contents can be added/modified from the Project view. The strategy can then be loaded to the Monitoring view without inactivating the strategy or setting the CEE to IDLE. If you add a Text Comment block into a strategy that is already loaded, the Load while active delta flag appears against the strategy. Similarly, if you modify the existing comments in the Text Comment block, the Load while active delta flag appears against the specific Text Comment block. This indicates that the strategy/block can be loaded while active. For more information about Text Comment block, refer to Control Builder Components Theory. Exporting object with contents With R410, you can export objects with contents. When you select a parent object to be exported, all the childlevel objects are also selected for export, by default. The parent objects can be Controllers, CEEs, IOLINKs, containers CM, or user-defined templates. For example, you can export a controller along with its assigned strategies in a single operation. For more information about exporting objects, refer to Control Building User's Guide. Regulatory control (REGCTL) function block detail displays With R410, standard detail displays are supported for some of the REGCTL function blocks. As a result, the operator need not create a custom display for these REGCTL blocks for monitoring purposes. For more information about exporting objects, refer to Control Building User's Guide. Support for validation of blocks with OPC references Prior to R410, if you entered an incorrect block name, there was no option to verify the OPC references during configuration. If any of the block that contained OPC references had executed successfully, and if that block was deleted later, there was no indication of the missing block during the subsequent execution. With R410, a new feature is introduced in the Control Builder/Recipe Builder to validate blocks with OPC references after loading the OPC gateway. This feature can also be used for validating OPC references, if the OPC gateway is configured through the Redirection Manager (RDM).
R410 March 2012
Experion PKS Overview Honeywell
37
2. Concepts and Functions 2.12. Control Building
Support to edit or load parameters while active With R410, you can modify and load the SR-resident parameter values without inactivating the control strategy/setting the CEE to IDLE. The parameters that can be modified/loaded while active are referred to as ‘active loadable’ parameters. In addition, you can turn off editing of all parameter values except for active loadable parameters. To accomplish this, Allow only active loadable parameter changes option is introduced in the System Preferences > General tab. To load parameters while active, a new load option called Load Values while Active is provided. Note that when load while active is performed, the server point build also happens simultaneously. Any errors that occur while loading the active loadable parameter values do not affect the on-process control. For more information about Load Values While Active functionality, refer to Control Building User's Guide. Automatically apply Daylight Savings Time (DST) Prior to R410, at the start of DST, you had to manually set the DAYLIGHTTIME parameter to ON in all Experion controllers. Similarly, at the end of DST, you had to set this parameter to OFF in all Experion controllers. With R410, a new feature Automatically apply DST is introduced, which enables you to automatically apply DST settings to all Experion controllers in a cluster. This feature is applicable to all Experion controllers. This feature is optional; however, if you do not select this feature, you still have to manually set the DAYLIGHTTIME parameter. For more information about Automatically apply DST functionality, refer to Control Building User's Guide. Identification of unused I/O channels Prior to R410, identifying unused I/O channels was not easy since I/O channels retained their last modified names even after unassignment or deletion. With R410, I/O channel names return to their default names after unassignment or deletion; thereby making the identification of unused I/O channels simpler. In R410 and later, in case the channel name conflicts during any of the scenarios mentioned, “_1” is suffixed with the channel name. For example, if “AICHANNEL_01” already exists in the unassigned list, the channel name is changed to “AICHANNEL_01_1.” For more information about identification of unused I/O channels functionality, refer to Control Building User's Guide.
38
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.12. Control Building
Support to rename objects while importing Prior to R410, you could not rename the objects while importing. As a result, the existing objects would be overwritten with the new objects. With R410, you can rename objects while importing the objects. You can also rename objects containing Foundation Fieldbus blocks. For more information about renaming objects while importing functionality, refer to Control Building User's Guide. Support to search for dangling/missing connection A connection is said to be dangling, if a block is missing at one end of the connection. A connection is said to be missing, if the blocks are missing at both ends of the connection. With R410, you can search for dangling and missing connections in the system using the Search utility in Configuration Studio. You can perform a search for a dangling connection at the system, the server, the controller, and the tagged module level. You can perform a search for a missing connection at the system and the server level. For more information about searching for dangling/missing connection functionality, refer to Control Building User's Guide. Function blocks Function blocks represent the basic unit of control functionality that includes Regulatory Control blocks, Device Control blocks, Logic blocks, Sequential blocks and Auxiliary blocks. With Control Builder, function blocks are selected from a Honeywell-supplied "Function Block Library" and placed in a Control Module. These function blocks are then soft wired together to perform the desired control strategy. Control Modules Experion provides two basic types of control modules: Control Modules - used for continuous control functions, and Sequential Control Modules - used for sequential and batch control functions. Both control module types contain their respective function blocks. Continuous control functions The designed-in features of the continuous control functionality reduce your engineering costs and enable intuitive operator interaction with the control strategy. This has been done by designing in features and options that address a wide range of control needs through simple configuration tasks. By offering configuration options to address control needs, Experion provides predefined approaches for the operator interface, and handling how failures are managed by the control strategy. This in turn defines how your control strategies recover when failures are cleared. In Experion, the continuous control automatically handles these functions, supporting control that R410 March 2012
Experion PKS Overview Honeywell
39
2. Concepts and Functions 2.12. Control Building
enforces maximum ramp rate of the temperature measurement-adjusting output ramp as necessary. No additional engineering effort is required to implement this on your part. Logic control functions The value of logic control functions is focused in the area of improving engineering efficiency by providing a full suite of algorithm options in an approach that can be consistently configured and operated. The built-in device level functions also address: Common application needs for motors, valves, and pumps Improve operational monitoring by offering Intuitive interlock tracing, and Direct access to device maintenance statistics, such as motor run-time. Sequential control functions Sequential control functions reduce the engineering costs for implementing sequential and batch control applications. The implementation of batch and sequential control is in the implementation of abnormal situation management such as: "What control action should be taken when a motor trips?" "What control action should be taken when an interlock shuts a valve?" "What control action should be taken when an operator has intervened with manual action to adjust a mode or setpoint?" The Experion sequencing control facility is designed with built-in options to handle abnormal situations. Devices can be configured to enter states, setpoint, outputs etc. based on abnormal status, or you can program a series of steps to safely handle the process. Devices can also be configured to take fail-safe action on abnormal sequence operations. Implementation is simplified and intuitive operator information on sequence/batch status is directly available. The system also uses smart device drivers to enable the control strategy to easily and quickly return to its normal state when the abnormal condition is cleared. Batch control functions Experion batch capabilities enable significantly reduced engineering costs and improved operational security. The built-in coordination and batch, sequence, and device controls eliminate the work required to handle normal housekeeping chores, which in many projects can amount to 20% or more of the engineering effort. Procedural operations The Sequential Control Module (SCM) and Recipe Control Module (RCM) views and operator interactive functions that collectively work to improve operator effectiveness are referred to as Procedural Operations that are also known as ProcOps or Interactive Instructions. When configured, these functions can deliver automated procedures for 40
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.12. Control Building
startup, shutdown, grade change, and so on, in an interactive manner patterned after those previously executed from paper documents. A Table View function in Station facilitates operator interaction with SCMs and RCMs. Some of the features and functions of Table View are the ability to: View transition details associated with the step, View Step associated Instructions when implemented, Use filters allowing operators to focus on items relating to the steps and outputs currently executing , Use filters allowing operators to display only executing steps/phases with key trailing transitions , Enable the operator to 'stand' on a step to view leading and trailing transition details, and Record all operator changes made through the SCM/RCM Table View in the system journal. Layered recipe functions Starting in Experion R310, Control Builder supports multiple layers of recipe configuration. This means you can build and execute multiple level hierarchical recipes as defined in ISA S88.01. In this hierarchy, a higher level recipe can control its underlying recipe(s). Recipes at each layer are implemented as a modular function block. Recipe Control Module (RCM) blocks can represent Procedures, Unit Procedures, and Operations. Sequential Control Module (SCM) blocks can represent Phases. Unit Control Function (UCF) The UCF provides the ability to map a PHASE block to an SCM or an RCM, which allows a "function" defined by a PHASE block to initiate a single simple SCM in one case and a more complex multi-layer RCM/SCM in another. This lets layered recipes map directly to an SCM/RCM at any level rather than constraining initiation of a Phase/SCM to the operation level. For example, a Procedure, Unit Procedure, or Operation can directly initiate a Phase/SCM. The UCF does not constrain to a defined parent/child relationship between the layers. It supports the standard layers while giving users the flexibility to adjust to meet specific process needs.
Support for Class-based recipes With R410, the Experion Batch Manager (EBM) is enhanced to support Class-based recipes. Class-based recipes are recipes that are designed for Unit classes and not for a specific Unit. When you need to run an operation on every Unit in a Unit class, you can create Class-based recipes to avoid creating the same operation for every Unit. That is, you R410 March 2012
Experion PKS Overview Honeywell
41
2. Concepts and Functions 2.13. Identical Build/Operate Environments
can design a recipe for a Unit class and during runtime, the recipe can be assigned to run on any selected Unit in the Unit class. Class-based recipes enable reuse of recipes and reduce engineering effort; there by improving the batch cycle time. For more information about implementing and using Class-based recipes, refer to the following documents – Batch Overview and Planning Guide Batch Implementation Guide Operator’s Guide Template and hierarchical build functions Control Builder offers optional template and hierarchical build functions so users can create their own templates and arrange control strategy components to reflect their process hierarchy. Qualification and Version Control System The optional Qualification and Version Control System (QVCS) lets users easily track and compare changes that are made to control strategies and user templates through Control Builder. It features a Version Control System Manager with a familiar Windows like interface for intuitive interaction with the application. Peer Control Data Interface functions Beginning in Experion R310, Control Builder offers a licensed option for a Peer Control Data Interface (PCDI) function to facilitate communications with Safety Manager or third-party devices that support the MODBUS TCP protocol. The PCDI function allows a C300 Controller to communicate directly with Safety Manager without requiring the Experion Server in the communications path. It uses the existing FTE network as the communications medium and has built in redundancy. Other features include: Bi-directional data transfer, Operational integration without common cause failures, and Fault reaction configuration per Safety Manager point.
2.13 Identical Build/Operate Environments Build environment With Control Builder, you build your control strategy by assembling a collection of related control modules.
42
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.14. Safety Builder
Independent build capability Control Builder can be run on an engineering Station for independent development, thereby allowing users to configure, load, and test control strategies without an Experion server. The engineering Station can be used as a development-only node for developing and testing templates and control strategies independent of the target system. Once developed, individual template strategies, or an entire database, can then be exported and subsequently imported to the ERDB on the target system. Multiple user access Control Builder can run simultaneously on up to four Experion Station nodes and other non-Experion server nodes in a ControlNet system or up to twelve in a Fault Tolerant Ethernet system. Use of the Control Builder client allows simultaneous multi-user configuration, monitoring and debugging capabilities thereby improving plant productivity. Up to four or twelve application engineers may configure control strategies in the same ERDB from multiple computers. Up to four or twelve operators and maintenance engineers (with appropriate security levels) may access Control Building monitoring charts from separate Experion Stations. Between two and four users in separate locations, such as an operator at a plant site and an engineer at a remote location, may be allowed simultaneous access of the same control strategy from different computers thereby facilitating debugging and troubleshooting. Control Builder can run on any workstation connected to the server either by LAN, or WAN connection. In addition to this, an engineer using Control Builder may choose which server to use and switch servers at run time. It also features a secure logon function that lets you integrate Windows user account with Station operator-based account access. Operate environment When the process is running, the identical control module configuration forms used in engineering your control strategy can be used by anyone with access to monitor or run the process. Of course, you may also build custom graphic displays to monitor the process but these displays can be supplemented with the control modules themselves. This is particularly useful for sequential operations where continuation conditions are frequently used by your operators to move the process along.
R410 March 2012
Experion PKS Overview Honeywell
43
2. Concepts and Functions 2.14. Safety Builder
2.14 Safety Builder Safety Builder is a powerful software package that runs on computers with a Microsoft Windows operating system. It provides a user interface with Safety Manager and supports the user in performing a number of design and maintenance tasks as illustrated in the following figure.
Figure 7 - Sample Safety Builder Function: Network Configurator
ATTENTION Refer to the Experion specifications document for information about the operating systems specification on which the Safety Manager executes.
Safety Builder's design and implementation features include: Intelligent user interface, presenting menu items only when applicable, 44
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.15. OneWireless integration
Network Configurator, Hardware Configurator, Point Configurator, Application Editor, Database import and export, Automatic control program documentation, FLD revision control, and Easy loading of system software and control program into the Control Processors. Safety Builder's maintenance support features include: Live viewing of Application execution, Detailed monitoring of process signal behavior, Collection of diagnostics of Safety Manager, automatically or on user demand, Diagnostic message storage, with user-definable browsing functions, and Forcing of Safety Manager input and output interfaces.
2.15 OneWireless integration Within Experion PKS, the wireless process I/O is considered identical to wired process I/O in terms of data, event, and alarm information view, access, and configuration. After integrating OneWireless with Experion, the OneWireless components such as Wireless Device Manager (WDM), Field Device Access Point (FDAP), Multinode, and the field devices become a part of the Experion system. The best approach for deploying OneWireless Network infrastructure is to place it on the dedicated subnet routed to the rest of the PCN.
R410 March 2012
Experion PKS Overview Honeywell
45
2. Concepts and Functions 2.16. Functional Logic Diagrams (FLDs)
Figure 8 Experion OneWireless integration topology For more information about integrating OneWireless with Experion, refer to the Experion OneWireless Integration User’s Guide available in the HPS Support website.
46
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.16. Functional Logic Diagrams (FLDs)
2.16 Functional Logic Diagrams (FLDs) Safety Manager safety-critical control functions (contained in the control program) are determined by the safety instrumented functions assigned to the system for the specific application. Safety Builder supports the design of the control program by the user. The control functions are defined through graphical Functional Logic Diagrams (IEC 61131-3: Continuous Function Charts). The following figure shows an example of a Functional Logic Diagram (FLD).
Figure 9 - Sample Functional Logic Diagram (FLD) An FLD is split into four main areas: Information area (bottom) (on hardcopy only), Input area (left), Control function area (center), and R410 March 2012
Experion PKS Overview Honeywell
47
2. Concepts and Functions 2.16. Functional Logic Diagrams (FLDs)
Output area (right). The FLD information area, at the bottom of the FLD, is included on printouts, and provides information to identify the Functional Logic Diagram, including revision data. The FLD input area, on the left-hand side of the FLD, contains all the variables that serve as the input to the control function. Input variables may originate from the field equipment or from other computer equipment (Experion server, Safety Manager). Special input functions are provided for: Diagnostic status of the Safety Manager IO interfaces, Status of field loops, and System alarm summary, e.g. temperature pre-alarm or device communication failure. Data can be exchanged between FLDs through sheet transfer functions. This allows a structured design of complex functions across multiple diagrams. The table below lists the input functions that are available in Safety Manager functional logic diagrams, together with their source. Input Type
Source
Analog Input
Field Equipment
Boolean Input
Field Equipment, Process Computer, Other Safety Manager.
Numerical Input
Field Equipment, Process Computer, Other Safety Manager.
Diagnostic Input
Diagnostic status of Safety Manager safe IO interfaces
Loop Status Input
Field loop status of Safety Manager IO interfaces with loop monitoring
System Alarm Input
Safety Manager controller
Sheet Transfer
Other FLDs
The FLD control function area, which is the central area of the FLD, contains the actual implementation of the control function. The function is realized by interconnecting predefined symbols, which provide a variety of functions including logical, numerical and time-related functions. Apart from these standard functions, user-definable blocks are supported: Function Blocks standard FLDs for repetitive use within the control program, and 48
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.16. Functional Logic Diagrams (FLDs)
Equation Blocks for tabular definition of complex functions. For example, nonlinear equations. The following table lists the control functions that are available in Safety Manager functional logic diagrams. Function Data type conversion functions
Description INT
SINT
DINT
INT, SINT
REAL
DINT, INT, SINT
Boolean functions
Boolean Constant, AND, OR, XOR, NOT, NAND, NOR, XNOR, flip-flop set and reset dominant
Arithmetical functions
Numerical Constant, AND filter, ADD, SUB, MUL, DIV, x SQR, SQRT, ln(x), e
Comparison functions
EQ, NEQ, GT, GTE, LT, LTE
Timer functions (with constant or variable time value)
Pulse, Pulse-retriggerable, Delayed-ON, Delayed-OFF, Delayed-ON memorize
Count and storage functions
Counter, Register
User-definable blocks
Equation Block Function Block
The supported data types are: Boolean, ShortInt (-127 .. +128) Integer (32767...32768), LongInt and Real (-1038...1038). The FLD output area, on the right-hand side of the FLD, contains the results of the control function. These variables may be used to drive the field equipment or may be transferred to other computer equipment. For example, a process computer or another Safety Manager. The following table lists the output functions that are available in Safety manager functional logic diagrams, together with their destination. Output Type
Destination
Analog Output
Field Equipment
Boolean Output
Field Equipment, Process Computer, Other Safety
R410 March 2012
Experion PKS Overview Honeywell
49
2. Concepts and Functions 2.17. Custom Display Building
Output Type
Destination Manager.
Numerical Output
Field Equipment, Process Computer, Other Safety Manager.
Sheet Transfer
Other FLDs
Timer functions (with constant or variable time value)
Pulse, Pulse-retriggerable, Delayed-ON, Delayed-OFF, Delayed-ON memorize
Count and storage functions
Counter, Register
User-definable blocks
Equation Block Function Block
2.17 Custom Display Building HMIWeb Display Builder You use HMIWeb Display Builder to create your own (custom) displays. HMIWeb Display Builder is supplied with a set of shape libraries that cover a range of industries. You can also insert your own graphics, such as photographs and layout diagrams, using any of the following formats. GIF (*.gif) Windows Bitmap (*.bmp) JPEG (*.jpg) Metafile (*.wmf) Portable Network Graphic (*.png) The following figure shows a typical custom display created using HMIWeb Display Builder.
50
Experion PKS Overview Honeywell
R410 March 2012
2. Concepts and Functions 2.18. Online Documentation
Figure 10 - Typical custom display Display scripts Experion provides many native functions that minimize the need to write complex scripts to accomplish appropriate visualization of process conditions in custom displays. However, if the standard functionality does not provide the needed animation or capability, then a powerful display scripting subsystem is available to supplement the native functionality.
2.18 Online Documentation Knowledge Builder The online user documentation supplied with Experion is called the Knowledge Builder. It is created using the familiar HTML language. This permits the support information to be transmitted and searched over the Internet, Intranet, and yes, even your facility's standard information network. A unique feature of the Knowledge
R410 March 2012
Experion PKS Overview Honeywell
51
2. Concepts and Functions 2.19. Internationalization
Builder is that, while it utilizes common World-Wide-Web based technologies, we have removed the need for a web or Intranet server. This permits your entire facility the option of accessing one central repository of Experion support information, eliminating or minimizing the need to manage and update multiple book sets. KB mode Knowledge Builder (KB) can be installed in the following modes. Server mode - The KB server only contains booksets and installs the booksets locally. The path where the KB booksets are installed is referenced in the following scenarios. The path is referenced by the KB installed in client mode. The path is the default KB server path in case you do not provide the KB server path during KB client installation. Client mode - The KB client contains tools (KB.exe and KB backup and restore utility) and installed them on the local computer. Full mode - The KB full mode contains both KB server and client components. The selected booksets and KB tools are installed on the same local computer. Internet-awareness Honeywell will be providing documentation and training, including updates, over the Internet to minimize your cost and maximize the expediency of their delivery. We expect you will also find ways to leverage the power of the Internet to build efficiencies into the way that you engineer and operate Experion systems.
2.19 Internationalization Most major processing companies today operate on a global basis. Everyone involved in the life cycle of a control application (engineers, operators, technicians, electricians, managers, and so on) is more efficient if they are able to carry out their tasks in their native language. Experion provides a built-in capability for Honeywell regional offices to present the system in their local, native language.
52
Experion PKS Overview Honeywell
R410 March 2012
3. 3.1
Servers and Stations
Supervisory Infrastructure
Components Experion's supervisory infrastructure consists of one or more servers and a number of workstation computers running the Experion's user-interface application called Station. The workstation computers are usually referred to as "Stations". These components provide the infrastructure for engineering and operations software applications. Functions and features Experion's server and workstation environments provide: Supervisory level functions, including: Monitoring and supervisory control of configured processes Alarming of critical events Logging and reporting of events either triggered by devices or by operators or on demand Recording of process history for pre-designated intervals and displaying by sampling, mapping, graphing, totaling, and averaging to help you discern trends Supervisory level features, including: Time scheduled controls Segregated database Local or remote connection Pre-built infrastructure that includes preformatted displays and reports for immediate process information viewing Custom display building Composite point structure to reduce tag count and group related field data (PID loop, for example) Online configuration of channels, controllers and points and customization of reports and trend displays Redundant server system option for high availability actively linked for constant data update Distributed System Architecture (DSA) that integrates multiple servers into a single operational system.
R410 March 2012
Experion PKS Overview Honeywell
53
3. Servers and Stations 3.2. Server
3.2
Server
Capability ATTENTION Refer to the latest Experion Specification document for the Windows Server operating system specifications.
Experion server software runs under Windows Server without Hyper-V. The server contains supervisory control functions, the Experion Global Data infrastructure and optional redundancy. The server supports object-oriented graphical tools such as Control Builder and HMIWeb Display Builder and acts as the central repository for all system data. It also runs all the core system functions, including: Data acquisition and processing Alarm and event management History collection, archiving and trending Reporting subsystem Sign-on security Specialist and user applications Running on primary (and/or secondary) server nodes. Alarm and event management Experion provides comprehensive alarm and event detection, management, and reporting facilities to speedily target the source of the problem, allowing the operator to focus on the data of interest in times of urgency. Experion's alarm and event management includes: Controller-based alarming. Multiple alarm priorities. Standard notification displays of alarms, events, alerts, and messages. Most recent alarm zone displayed on every screen. Alarm shelving. Advanced alarm management such as the ability to: Launch associated graphic and point detail display on alarm for instant context Log the "return to normal" status Filter alarms (for example, by priority, asset, and acknowledgment status) Log to track operator-initiated actions 54
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.2. Server
Configure and view aggregate alarm counts (see Alarm aggregation) Alarm aggregation Custom operating displays are often organized hierarchically to provide an overview of the process being monitored and controlled. To enable operators to see alarms in particular parts of the plant at a glance, aggregated alarm counts can be added to custom displays. One way in which you can generate aggregated alarm counts is to configure points into alarm groups. Alarm groups provide an alternative way of viewing assets and alarms associated with assets. By using alarm groups, you can create a group of assets and points that are otherwise unrelated to one another in the asset model. For example, you may be interested in all mechanically agitated tanks in the plant for the purposes of monitoring agitator-related alarms across the entire plant. Operators can also view aggregated alarms counts via your asset model (see Alarm group model): the asset tree in the location pane on the Alarm Summary display contains aggregated alarm counts for each asset that contains a point that is in alarm. Historization Experion provides history collection over a wide range of frequencies in both average and snapshot/production formats. Large amounts of history are retained online, with automatic archiving, allowing retention of and access to unlimited quantities of historical data. For more information regarding historization, refer to Process History Analysis and Archiving. Trending Experion provides advanced trending facilities in a number of formats through simple configuration. Trends are easily configured online through standard trend displays, without the need to build special displays. See the following figure for a typical trend display.
R410 March 2012
Experion PKS Overview Honeywell
55
3. Servers and Stations 3.2. Server
Figure 11 - Typical trend display Real-time and historical data are presented together on the same trend. Archived history may be accessed automatically by simply scrolling to, or directly entering, the appropriate time and date. Because Experion supports copying/pasting, users can copy trend data to other applications such as Microsoft Excel. For more information regarding trending, refer to Analyzing process history. Reporting For analyzing key system data, Experion provides a range of standard reports, including: Alarm/Event reports all alarms and events in a specified time period. By using filters, this report provides an operator and/or point trace facility. Alarm Duration reports the time of occurrence and elapsed time before return-tonormal for specific alarms in a specified time period. Point Attribute reports on points displaying specific attributes, such as off-scan, bad data, and alarm inhibit. Cross Reference determines database references for specified points to enable easier system maintenance when points are decommissioned or renamed. Integrated Microsoft Excel Report allows Excel-based reports to be scheduled like other pre-formatted reports. 56
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.2. Server
Safety Manager System information and diagnostics report the status of the diagnostic based Safety Manager. It will give an overview of the important Safety Manager properties such as temperature behavior, execution time and the overrides currently applied in the Safety Manager Controller. If you have special reporting needs, you can use: Integrated Microsoft Excel Reports to design your own reports in Microsoft Excel and run them from a Station like a standard report. Free Format Report Writer option to modify standard reports, and to create your own reports and then add them to the list of standard reports Reports may be generated periodically, or on an event-driven or demand basis, and may be configured on line. Outputs may be directed to screen, printer, file, or directly to another computer for analysis or electronic viewing. For more information regarding reporting, refer to Understanding Reports. Redundancy The server supports redundant server configurations providing a warm fail over architecture with online database replication. This differs dramatically from the more typical PC-based systems, which run two independent servers that are not synchronized at the database level. The server redundancy scheme supports temporary removal of a server for maintenance. When the server is brought back online, the databases can be resynchronized at the touch of a button. Distributed System Architecture The Distributed System Architecture (DSA) option enables multiple systems to share point data, alarms, messages, and history without the need for duplicate configuration on any server. It also provides global access to Experion data on all servers in the system. Each server provides automatic dynamic caching of remote data for all of its clients, so that clients access their local server for all data. This mechanism ensures maximum efficiency both on the servers and over the network.
R410 March 2012
Experion PKS Overview Honeywell
57
3. Servers and Stations 3.2. Server
Master Control Center
WAN Site C
Site A Site B
Figure 12 - A geographically distributed system
Plant-Wide Network Plant A
Plant C Plant B
Figure 13 - A plant-wide distributed system
58
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.3. Stations
Server scripts You can add extra functionality to your system by writing server scripts. A server script runs when the associated event occurs, for example, when: A point changes state An operator acknowledges an alarm The server starts A report is generated Server scripts can also include: Periodic scripts, which run at periodic intervals while the server is running Library scripts, which perform specialized functions when called by other server scripts Specialized server software options Experion provides a range of specialized options that you can license, including: Controller interface options (each interface enables the server to communicate with a particular type of controller) Point Control Scheduler option can be used to schedule supervisory control for specified points. This option means an operator does not have to be present to exercise control. Recipe Manager option is used to load sets of points with pre-configured values. A recipe is a set of point values that serve as the "ingredients" for a process. Redundancy option provides a high availability architecture where a backup system is actively linked for constant data updating. Application Programming Library option consists of set of routines that can be used to develop user-written applications that run on the server.
3.3
Stations
Flexibility Station is Experion's main human interface. (Station uses a series of Web-style displays to present process information in a user-friendly manner. These are described in the Process Monitoring and Data Display section of this document. The following topics describe the various Station configurations and options, each of which has been optimized to meet specific requirements.
R410 March 2012
Experion PKS Overview Honeywell
59
3. Servers and Stations 3.3. Stations
Flex Stations A Flex Station is the most common Station configuration. It typically runs on a standard PC and communicates with the server using either of the following two connection types: Static. A permanent, dedicated connection. This is the recommended connection type for Flex Stations used by operators. Rotary. An "as required" connection. This is the recommended connection type for users who do not need full-time access to the server, or who need remote access (typically through a modem). Rotary connections are advantageous from a licensing viewpoint because the license specifies the maximum number of simultaneous Station connections. Console Stations, Console Extension Stations, and Consoles A Console Station is a Station that connects directly to a Process Controller, FIM, IOLIM, or ACE node as well as to an Experion server Console Stations are advisable in an environment where continuity of view is paramount and where it is important to minimize the impact of a server being unavailable. Because Console Stations can directly access process data, alarms and messages from C200/C200E, C300, ACE, and so on, there is no loss of view of critical data and alarms when the server fails and therefore an operator can still control and monitor the process. For each Console Station, you can connect up to three Console Extension Stations. Console Extension Stations connect to a Console Station in the same way that a Flex Station connects to an Experion server. A Console is a logical grouping of Console Stations and Console Extension Stations constituting a single workspace for an operator. In general, Console Stations and their Console Extension Stations are grouped together physically. A Console can include the following combinations: A Console Station with a Console Extension Station Multiple Console Stations Multiple Console Stations with Console Extension Stations Multiple-window Station configurations There are two Station configurations that provide a multiple-window setup: Multi-window Station. A Flex or Console Station that uses SafeView to manage several windows (typically two or four), each of which can contain a separate display. Multi-window Station enables you to control the placement of displays in the various windows. For example, you may want the Alarm Summary display in 60
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.3. Stations
the top-left window, a trend display in the top-right window and a point detail display in the bottom-right window. Multiple static Station. A computer that has up to four instances of Flex Station running simultaneously. Note that each instance requires its own static connection to the server. This option is only available for Flex Stations to meet legacy needs. It is not available for ES-C and ES-CE. In practice, both setups require specialized hardware, such as an Icon Console. Mobile Station Mobile Station enables users with handheld devices to access displays through a local wireless network. Mobile Station provides the following levels of access and control: Mobile Access for eServer Standard. Provides "snapshots" of displays, in which the data is valid at the time of the snapshot. This option does not provide any process control functions. Mobile Access for eServer Premium. Provides "live" displays, in which the data is regularly updated. This option does not provide any process control functions. Mobile Access for Station. Provides users with the same level of access and control as a normal Station. eServer and casual Web access An eServer gives casual users read-only access to displays and reports using a browser such as Microsoft Windows Internet Explorer. An eServer also simplifies administration because it consolidates the management, security and licensing of casual user accounts. An eServer provides two levels of access: Premium. Provides access to displays that are updated in the normal manner. Standard. Provides snapshots of displays that are not updated. (To check for changes to data, the user must request a new snapshot by using the browser's refresh function.) Specialized Station hardware In general, Station runs on a standard computer, with a standard keyboard, monitor and mouse. However, Station supports most Windows-compliant peripherals such as trackballs and touch-screens, as well as two specialized keyboards: Operator Entry Panel (OEP). This is a membrane-style keyboard with dedicated function keys. It is suited for use by operators in harsh environments. Integrated Operator Keyboard (IKB). This consists of a standard keyboard combined with dedicated function keys and built-in trackball. It is suited for use by R410 March 2012
Experion PKS Overview Honeywell
61
3. Servers and Stations 3.3. Stations
operators who need a large number of function keys in addition to a standard keyboard. For demanding tasks, you can use Honeywell's Icon Console, which includes up to four flat-panel monitors and an OEP.
Figure 14 - Honeywell's Icon Console Either of Station's multiple-window configurations is suitable for use with an Icon Console.
62
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.3. Stations
Station security There are two types of Station security: Operator-based. Each user is assigned an ID, and signs on to a Station with a password. Operator-based security is appropriate if you need to specify each user's access and control rights, or where an operator remains at the Station throughout a shift. Station-based. A Station provides operator-level access to any user. However, users can move to a higher level if they know the password for that level on that Station. You can also restrict a Station's ability to display Web pages and ActiveX documents by either restricting access entirely or specifying the pages/documents that can be accessed. Integrated Security With Integrated Security, each user has an integrated account, which is a combination of a Windows user account and a Station operator account. The security settings stored in the Windows user account are used to authenticate the user, whereas the security settings in the Station operator account are used to control the user's authority within Experion. Note that you must use Station's operator-based security, if you want to use Integrated Security. Single signon If you are using integrated accounts you can set up single signon. With single signon, operators only need to log on to Windows when they start their computer and do not need to enter their logon details again when they start Station. This is particularly useful where operators need to start up multiple instances of Station. Windows group accounts If you are using integrated accounts, you can use Windows group accounts to add multiple users to Experion by simply adding the Windows group. Users within the Windows group can then log on to Station in the same manner as traditional operator accounts or integrated accounts. Signon Manager If you use Windows-based security, and want to keep Station running during user changeovers-for example, when operators change shift-you need to use Signon Manager. (Without Signon Manager, the outgoing user must close Station and log off Windows; and the incoming must log on and restart Station.)
R410 March 2012
Experion PKS Overview Honeywell
63
3. Servers and Stations 3.3. Stations
Signon Manager is also recommended if you have a multiple static Station (see Multiple-window setups) because it enables users to simultaneously log on/off each instance of Station. If you have installed a supported smart card reader, Signon Manager can be configured so that operators not only have to use a smart card for authentication but may also be required to enter a PIN as well as a password. Note that Signon Manager requires Integrated Security. Electronic signatures An electronic signature is the legally binding equivalent of an operator's handwritten signature. You can configure an action to require one or two electronic signatures before the action is performed. (You can also require a reason to be specified before the action is performed.) Each time such an action is performed, an event records the name of the operator(s) who initiated the action, the specified reason and the date/time. High Security Policy The High Security Policy provides an appropriate security configuration for each user type: operator, supervisor, engineer and so on. The High Security Policy is based on the Windows Security Model, but has been is optimized for use with Experion and related products with the addition of specialized security templates, accounts and groups. Note that you need a domain controller if you want to use the High Security Policy.
64
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.4. Data Exchange
3.4
Data Exchange
TPS Integration You can completely integrate your TPS system with Experion by upgrading to Experion Stations and controllers. You get the benefits of an upgraded system while protecting your investment in existing equipment and the associated configuration and graphics. Experion Stations TPS (ES-T) are fully functional Experion Console Stations which have a direct connection to the LCN. ES-Ts are the primary interface to TPS data on an upgraded system. The optionally redundant Experion Server TPS (ESVT) has direct connections to the LCN, as shown in the following figure. A server is required on every LCN to support Experion Stations and controllers. One redundant ESVT per LCN is supported. It is a fully functional Experion Server in addition to having an LCN connection
Figure 15 - Sample Upgraded System with Experion Controller Expansion
R410 March 2012
Experion PKS Overview Honeywell
65
3. Servers and Stations 3.4. Data Exchange
ATTENTION With R400, the TPS GUS and TPS APP nodes are merged with the Experion PKS system. The TPS GUS is referred as GUS node and the TPS APP node is referred as APP node in Experion.
Consistent alarms behavior The view and control of alarms on an upgraded system is fully consistent. For assigned LCN units, the alarm summaries on all Experion Station TPS, GUS and Universal Stations are identical. Alarms can be silenced and acknowledged from any of these stations and all other users see and respond to this. Graphics support Experion HMIWeb graphics fully support points from LCN controllers. Solution pack shapes, conforming to the Abnormal Situation Management Consortium guidelines, are available for both LCN and Experion points and controllers. Points and controllers from both LCN and Experion can be mixed freely in any HMIWeb graphics. Expand with Experion controllers You can expand or upgrade by adding Experion C200/C200E and C300 controllers. These controllers connect through Fault Tolerant Ethernet. The required infrastructure to support Experion controller is included on all ESVT and ES-Ts. Application Control Environment TPS (ACE-T) Node The ACE-T supports control strategies built in the same Control Execution Environment (CEE) as the C200/C200E and C300 controllers. These are built and monitored with the same tool. ACE supports Control Application Block (CAB) visual basic applications. UCNOUT and HIWAYOUT connection blocks are supported for creating cascade connections to UCN and Hiway-based controllers, including initialization and anti-windup. A single control strategy can include controllers from Experion, UCN and Data Hiway. Open Database Connectivity (ODBC) Driver The ODBC driver allows ODBC-compliant client applications, such as Crystal Reports, or Microsoft Access, to retrieve Experion data. Open Database Connectivity (ODBC) Data Exchange ODBC Data Exchange enables data to be transferred between the server database and an ODBC-compliant database. The data can be transferred on event or periodically.
66
Experion PKS Overview Honeywell
R410 March 2012
3. Servers and Stations 3.4. Data Exchange
Microsoft Excel Data Exchange (MEDE) MEDE incorporates a wizard that provides an efficient means of reading real-time and historical data from Experion servers into an Excel spreadsheet. You can also enable the writing back of data to the Experion database. OLE for Process Control (OPC) Experion provides the following OPC interfaces, each of which has been optimized for a particular purpose: Experion OPC Client Interface is primarily designed for integrating lowcomplexity subsystems, such as controllers. Configuration involves individually mapping OPC items to standard Experion points (analog, status and so on). If you require alarming for an item, you must configure the associated point's alarm properties. Experion OPC Advanced Client includes a data client, and an alarm and event client for connection to third-party OPC servers: Experion OPC Advanced Data Client is primarily designed for integrating complex subsystems, and is compliant with the OPC 2.0 Data Access specification. Such systems typically have OPC items with multiple parameters, and are capable of generating their own, often broad range of, alarms. It also performs dynamic communications optimization. Only those parameters (items) that are currently being accessed-in displays, reports and so on-are subscribed from the OPC server. The points are dynamically subscribed and unsubscribed as required to minimize load on the source system. Experion OPC Advanced Alarm and Event Client enables Experion to receive alarms and events from third-party OPC alarm and event servers. OPC alarms are displayed and acknowledged in the same way as Experion alarms, giving operators a uniform user interface. For example, when an OPC alarm is received, it appears in the Alarm Summary; and when an operator acknowledges the alarm, confirmation of the acknowledgement is sent to the OPC alarm and event server. The Experion OPC Advanced Alarm and Event Client is based on the OPC Foundation Alarm and Events Specification (Version 1.0). Experion Display Data Client is designed to be used when you want to add OPC items to custom displays, but have no requirement for advanced features such as alarms, history or reporting. (You can directly add OPC items to custom displays, without having to first define them as points in Quick Builder.) Experion OPC Data Access Server gives an OPC client read/write access to Experion point parameters. It is compliant with the OPC 2.0 Data Access specification, and can accept connections from either OPC 1.0 or 2.0 clients. The Experion OPC Data Access Server supports all mandatory OPC interfaces, R410 March 2012
Experion PKS Overview Honeywell
67
3. Servers and Stations 3.4. Data Exchange
including an automation interface for application development in Visual Basic, as well as the IOPCBrowseServerAddressSpace interface. Experion OPC Alarm and Event Server allows an OPC alarm and event client to receive alarm and event information from Experion. It is compliant with the OPC 1.02 Foundation Alarm and Event Specification. Experion OPC History Data Access Server allows an OPC history data access client to receive history information from Experion. It is compliant with the OPC 1.2 Foundation History Data Access Specification. Experion OPC Integrator is designed to allow data to be transferred bidirectionally between two or more OPC servers. The Experion OPC Integrator supports redundant servers, and is therefore itself redundant; it also supports redundant third-party OPC servers. The following scenarios illustrate typical uses of the Experion OPC Integrator: You have a system that provides an OPC data access server, but not an OPC client. However, the system needs to retrieve data from Experion. Experion data needs to be transferred to a third-party OPC server whenever it changes, irrespective of the reason for the change (including when the data is changed by an operator). You have C200/C200E Process Controllers and need to transfer data efficiently between the controllers at the supervisory control layer. Experion Application Programming Interface (API) The Experion API allows programmers to create applications that run on the server. These applications can be written in C/C++. The API Library includes libraries of functions, header files, and sample source programs to help programmers create applications. Network API Network API allows programmers to create network applications in Visual C/C++, and Visual Basic languages. Network API has libraries of functions, header files, documentation, and sample source programs to help programmers create network applications.
68
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.1
Control Hardware Infrastructure
Basic Components ATTENTION The C300 – 20mS CEE has been introduced to support Turbine control solutions. It has a faster base period of 20 ms and supports two new Series C IO modules - Speed Protection Module (SPD) and Servo Valve Positioner (SVP) Module along with Series C IO modules.
The Experion platform offers a traditional chassis-based hardware infrastructure and a Series C form factor infrastructure featuring a unique vertical design for enhanced component mounting and wiring. Each infrastructure provides a common approach to Controller and I/O configurations, which can be integrated to support an economical evolution path. Common chassis, cabinets, power supplies and communication media are employed across the basic system. Typical control hardware components include: C200 Control Processor Module (CPM) is the Control module within the C200 Process Controller in which Experion control strategies execute. It communicates with Input/Output (I/O) Modules and peer devices via the Integrated Control Protocol (ICP) backplane and the connected ControlNet network. Together with an ICP backplane and I/O devices, the CPM constitutes a controller. It may also be referred to as the C200 controller, since C200 identifies the current version of the CPM. C200E Controller (C200E) is an enhanced C200 Controller with additional user memory and an enhanced function block set. The C200E Controller provides increased user memory from 4 MB to 16 MB. The C200E Controller supports the following supervisory networks. FTE through the Fault Tolerant Ethernet Bridge ControlNet through the ControlNet Interface C300 Process Controller (C300) is the Series C form factor controller that executes Experion control strategies. It communicates with Input/Output (I/O) Modules and peer devices through the FTE network and the connected C300 I/O link on its I/O termination assembly (IOTA). You can communicate with ChassisSeries A I/O, C200/C200E controller, and programmable logic controller (PLC) through the Fault Tolerant Ethernet Bridge module mounted in the respective chassis. Safety Manager Controller is the SIL 3 safety controller that executes safety strategies independently from the process control layer. It communicates with dedicated Input/Output (I/O) modules that are directly connected to the Safety R410 March 2012
Experion PKS Overview Honeywell
69
4. Process Control Hardware 4.1. Control Hardware Infrastructure
Manager controller. Safety manager is a fully redundant controller that seamlessly integrates in the Experion topology. Safety Manager Controllers can connect to each other through a dedicated network or through the FTE network. The "SafeNet" connection is a SIL 4 certified safety protocol. Process, Machinery and Drives (PMD) Controller is a controller unit that contains an integrated application execution environment, two independent fieldbus interfaces, an Upline interface, an FTE system interface. I/O Modules (either local to a processor or as remote I/O), which provide the terminals and processing power to accept input signals from transmitters, thermocouples, etc. and send output signals to valves, motors, etc. A variety of I/O modules are available for analog inputs/outputs and digital inputs/outputs. Experion also offers Serial Interface and Pulse Input Modules. The Series C I/O or Process Manager I/O can connect directly to the I/O links on the C300 controller. Series C I/O is the family of Series C form factor I/O modules designed to operate with the C300 controller. The Series C I/O is optionally available as redundant. With R410, the following Series C I/O modules are introduced. Series C Pulse Input Module (SCPIM) Universal Input/Output (UIO) module For more information about the new Series C I/O modules, refer to Series C I/O User's Guide. ControlNet Interface Module(s) (CNI) links the C200/C200E controller with remote I/O module chassis (up to 8) via the I/O Network and/or other system controllers and plant networks via ControlNet. Control Firewall 9-Port Switch controls Ethernet communications and provides FTE connections to the C300 controller domain. It rejects Ethernet messages that are not needed for control. If control communication starts to slow, it controls the flow of messages of lower importance. Fault Tolerant Ethernet (FTE) Supervisory Network Support is the default communications medium for the Series C form factor components. It can be optionally configured using a Fault Tolerant Ethernet Bridge module for the FTE Supervisory Network connection between the server and the C200/C200E Process Controller. ETHERNET Supervisory Network Support can be optionally configured using 10baseT Ethernet for the Supervisory Network connection between the server and the C200/C200E Process Controller. An ICP chassis based Ethernet Module is used instead of the Uplink CNI Module. Redundancy Module (RM) with a C200/C200E controller chassis provides automatic backup for the primary C200/C200E controller. It can also be used in 70
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.1. Control Hardware Infrastructure
chassis containing Chassis I/O - Series A Fieldbus Interface Modules (CIOM-A FIM) to support redundant fieldbus operation. PCIC - ControlNet Module is a PCI Bus Card that increases the available ControlNet bandwidth usage from the Experion server. This module is installed in a slot in the server. Profibus Gateway Module (PGM) is an interface module that can be used with C300 Controller to connect and communicate with the Profibus devices. The PGM is developed in the Series C form factor for use with the C300 Controller. The PGM module is an FTE resident module. With R410, the following enhancements are supported. Processing HART data using Turck Excom DSB Gateway redundancy User-defined Template (UDT) support for Device Support Blocks (DSB) Remote IO (RIO) diagnostics support Generic Device Support Blocks (GENIODSB) support For more information about the enhancements, refer to PROFIBUS Gateway Module User's Guide. Turbine Control Solution is a solution to improve plant performance and reliability. This solution is suitable for applications like steam turbine control in power plants, steam turbine driven auxiliaries control, centrifugal compressor control, and other fast process control applications. With R410, the following enhancements are supported. Flow measurement Angular measurement Two servo output current drives For more information about the enhancements, refer to Turbine Control User's Guide. Extension Component ATTENTION Refer to the latest Experion Specification document for the Windows operating system specifications.
The Experion system offers a variety of additional components that let you adapt the system to ever expanding data gathering and control interfacing requirements. These extension components include: R410 March 2012
Experion PKS Overview Honeywell
71
4. Process Control Hardware 4.1. Control Hardware Infrastructure
Application Control Environment (ACE) turns a computer using a Windows Server operating system into a supervisory controller that mirrors the basic operations of a Control Processor Module (CPM). It provides the additional capability of communicating with OPC servers through a Fault Tolerant Ethernet (FTE) or redundant or non-redundant Ethernet network. You can also connect an ACE supervisory controller directly to a supervisory ControlNet network to support peer-topeer communications with a C200/C200E Process Controller. Simulation Control Environment (SCE) turns a computer using a Windows operating system into an advanced simulation environment to support Honeywell's Shadow Plant simulator. The SCE is designed to emulate the same Control Execution Environment (CEE) functions found in the Control Processor Module (CPM) of the C200/C200E Process Controller or the Application Control Environment (ACE) supervisory controller to provide high fidelity simulation of control strategies. It requires the same system server and operator Station support as the other system controllers. The components are connected through the Fault Tolerant Ethernet (FTE) or Ethernet network. Chassis I/O - Series A Fieldbus Interface Module (CIOM-A FIM) serves as the communication gateway between the Supervisory ControlNet and/or I/O ControlNet network and the Foundation Fieldbus H1 communications medium. It includes a Remote Termination Panel (RTP) for connecting and powering up to two fieldbus H1 links. It lets you seamlessly integrate fieldbus devices with your Control Builder configured control strategies. Series C Fieldbus Interface Module (FIM4) is the Series C form factor version of the CIOM-A FIM and serves as the communication gateway between the Supervisory Fault Tolerant Ethernet network and the Foundation Fieldbus H1 communications medium. Its input/output termination assembly provides up to four fieldbus H1 links. An optional power conditioner supplies redundant power to all four H1 links on the associated Series C Fieldbus Interface Module as well as alarm contacts to monitor circuit status. I/O Link Interface Module (IOLIM) serves as the communication gateway between the Supervisory ControlNet and the Process Manager Input/Output components. It lets you seamlessly integrate Input/Output Processors (IOPs) with your Control Builder Configured control strategies. Rail Input/Output Module - Series A (RIOM-A) complements the existing system chassis I/O Modules by providing a seamless integration with the ControlNet communications network through a Gateway. Rail Input/Output Module - Series H (RIOM-H) complements the existing system chassis I/O Modules by providing a seamless integration with the ControlNet communications network through a Galvanically Isolated/Intrinsically Safe (GI/IS) Gateway and a fiber optic-coupling scheme. They are designed for use in locations with potentially explosive atmospheres. 72
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.2. Process Controller
PROFIBUS Interface Module Block (PBIM) - serves as control strategy interface to the chassis mounted SST-PB3-CLX-HWL module that interfaces to devices on a PROFIBUS DP network. ATTENTION The PROFIBUS interface Module SST-PB3-CLX-HWL (SAP item 1120160021), manufactured by Molex Inc. (formerly Woodhead / SST), supersedes models SST-PBF-CLX and SST-PBF-CLX-RLL.
HART Input/Output Integration - complements the existing system chassis I/O Modules or Process Manager IOPs by providing seamless integration with the ControlNet communications network through HART (Highway Addressable Remote Transducer) communication capable analog input and analog output modules installed in the chassis. A HART software multiplexer application resides in the server to further enhance the communication interface. DeviceNet Interface Module - serves as the communication bridge between the I/O ControlNet network and the DeviceNet network. Requires interface to personal computer running the RSNetWorx application to handle DeviceNet configuration requirements. It lets you seamlessly integrate DeviceNet devices with your Control Builder configured control strategies. Non-CEE points – are PMD, SCADA, TPS, and Safety Manager points. With R410, these points can be peer-to-peer communicated to the CEE points such as C300/C200E/ACE points.
4.2
Process Controller
About the controller The C200/C200E or C300 Process Controller handles all possible control requirements, whether for continuous processes, batch processes, discrete operations, or machine control needs. ATTENTION A C300 – 20mS CEE controller has been introduced for Honeywell Turbine Control Solutions. For detailed information refer to the C300 Controller User’s Guide.
The C200/C200E Process Controller architecture supports one common set of multiple size chassis for both Control Processor and remote chassis I/O configurations. The power supplies are attached, but separate from the chassis and support both 115/230 Vac and 24 Vdc sources. A single ControlNet communications module, available in R410 March 2012
Experion PKS Overview Honeywell
73
4. Process Control Hardware 4.2. Process Controller
both non-redundant and redundant media configuration, supports all controller-toserver and controller-to-I/O networking. The Control Processor (CPM) provides the plant-level control execution environment (CEE) for your control applications. The I/O system supports discrete, analog, and special function modules. The C300 Process Controller architecture features an innovative vertical design for more efficient mounting and wiring. It includes integral connections for redundant FTE media and Series C I/O or Process Manager I/O modules. It supports redundant configuration through a dedicated connection and provides the control execution environment (CEE) for your control applications like the C200/C200E controller. The Control Firewall ensures data integrity and an integrated power subsystem distributes power efficiently within a cabinet. The discreet and analog Series C I/O are optionally redundant. The PMD Controller architecture supports a single automation system to control a production plant’s continuous and batch processes, machines and drives. The PMD Controller can be utilized on all plant’s control levels for implementing advanced controls, fast machine controls and process controls. For more information about Experion PKS with PMD Integration, refer to Experion PKS with PMD Controller Overview Guide. Chassis Experion supports a common chassis backplane technology that may be used for either C200/C200E controller or remote chassis I/O. This minimizes the cost while maximizing the flexibility of the system. Five different size chassis assemblies provide you with scalability and flexibility in your control system layout. Each chassis, with cards installed, is 14 cm (5.5 in.) high and 17 cm (6.7 in.) deep. Length is dependent upon the number of slots the chassis provides. Chassis sizes, by number of slots, include: 4-Slot, 26 cm (10.4 in.) in length 7-Slot, 37 cm (14.5 in.) in length 10-Slot, 49 cm (19 in.) in length 13-Slot, 59 cm (23.5 in.) in length 17-Slot, 69 cm (27.7 in.) in length Control Processor The C200/C200E or C300 Control Processor is designed for integrated continuous loop, Boolean logic, motor, sequence and batch control functions. The specific functions of I/O Processing (via IOMs), Modulating/Logic Control (via CMs), and Sequential Control (via SCMs) are selected and defined by configuration prior to process operation. I/O Processing, Modulating/Logic Control, and Sequence Control have access to a common database that includes current parameter values for 74
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.2. Process Controller
all IOMs, CMs, and SCMs controlled by all controllers on the supervisory network. The operator also has access to these parameters through Station displays.
Figure 16 - C200 Control Processor
R410 March 2012
Experion PKS Overview Honeywell
75
4. Process Control Hardware 4.2. Process Controller
Figure 17 - C300 Control Processor Controller redundancy Process control applications require that the controller recognize when its integrity has been compromised and it should fail over to a back up processor in a bumpless fashion. Honeywell's previous fail over schemes from the Process Manager family of process controllers have been built into Experion's controller redundancy scheme. This patented technology deals with: Fault detection Guaranteed database synchronization Bumpless failure. The C200/C200E Controller achieves redundancy through matching chassis configurations that include a Redundancy Module with a dedicated link. The Series C form factor components include redundant capability as an integral part of their design. The input/output termination assembly (IOTA) 76
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.2. Process Controller
for the C300 Controller includes a connector for a dedicated redundancy link to another C300 Controller. This makes installing and configuring a redundancy scheme in a C300 Controller domain more efficient.
4 character display Primary LED Comm LED OK LED
Front View Figure 18 - Redundancy Module For C200 Controller Redundancy
R410 March 2012
Experion PKS Overview Honeywell
77
4. Process Control Hardware 4.2. Process Controller
LAN (TCP/IP, Ethernet, etc.)
Server
Station
Redundant Supervisory ControlNet networks A B Controller
Redundant I/O ControlNet networks A B Figure 19 - Module redundancy for C200 Controller in redundant supervisory ControlNet networks
78
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.2. Process Controller
Figure 20 - C300 Controller redundancy in supervisory Fault Tolerant Ethernet network R410 March 2012
Experion PKS Overview Honeywell
79
4. Process Control Hardware 4.2. Process Controller
Bumpless failure The redundancy aspects implemented in the Experion system are far superior to those available today by PC/PLC systems. The most critical failure task, switching the controller in a bumpless fashion, has been fully implemented in the Experion system. Chassis I/O The Experion chassis I/O -Series A modules are an expanding family of traditional and special function input/output signal interface devices. The traditional models are available in a wide variety of densities, including 6, 8, 16 and 32 points, and they can interface to AC, DC or TTL voltage levels as well as common thermocouple and RTD sensors. The output modules are available with analog solid state AC, solid state DC or relay contact type output. The special function models include a Pulse Input Module (PIM) for counting dc pulses and a Serial Interface Module (SIM) for accepting asynchronous serial communications based on an EIA-232 (RS-232) or EIA-422/485 (RS-422/485) standard. The PIM provides up to eight input channels and two output channels and also provides channel-to-channel and terminal-to-backplane isolation. All I/O modules, except the SIM, have a small form factor (5 inches by 5 inches) and feature deterministic I/O update rates and diagnostic capabilities. They can support local, front of module or remote terminations and software configuration. These I/O modules, except the SIM, share the same basic layout as illustrated in the following figure. DIGITAL INPUT
ST ST
O K
24 vdc 16 PT lsol
Figure 21 - Chassis I/O Module Basic Layout
80
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.2. Process Controller
Chassis I/O terminal connectors The chassis I/O has a uniquely designed termination connector that supports Removal and Insertion Under Power (RIUP) for field termination and backplane connectors. Field wiring connectors allow RIUP to be accomplished without any detrimental effect on the I/O module operation. RIUP is accomplished on the field wiring connector by the length of the connecting pins. When removing the connector, the signal is broken first and when inserting the connector, the commons are connected first. REFERENCE - INTERNAL Review the Removal and Insertion Under Power (RIUP) Function Guidelines in the Control Hardware Installation Guide before you RIUP any module.
A jumper bar is shipped with each I/O module so that commons can be tied together very quickly, without the need for wiring. The front door of the housing opens and provides a handle for the removal of the connector from the I/O module. Labels are provided to attach to the inside of the connector door for identification of the field wire. Series C I/O The Series C I/O is an expanding family of Series C form factor I/O modules for handling a variety of analog and discreet I/O signals as wells as HART protocol interfaces. The Series C I/O module mounts directly on its mating I/O termination assembly (IOTA) for efficient mounting and wiring. All Series C I/O is optionally redundant by simply adding a second matching Series C I/O module to its I/O termination assembly. The following illustration shows a typical non-redundant Series C I/O hardware configuration.
R410 March 2012
Experion PKS Overview Honeywell
81
4. Process Control Hardware 4.2. Process Controller
Figure 22 - Typical non-redundant Series C I/O configuration
82
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.3. Safety Controller
4.3
Safety Controller
Safety Manager System Configurations Safety Manager is available in several configurations to suit virtually every process control requirement. The following table lists the Safety Manager system configurations that are available, together with their main characteristics. Table 1 Safety Manager System Configurations Type
Safety Manager Controller
Safety Manager IO Interface
Typical Application
Non-redundant (single)
Non-redundant
Non-redundant
Critical process control with redundancy in field equipment
DMR
Redundant
Redundant
Non-redundant
Critical process control with redundancy in field equipment
DMR
Redundant
Redundant
Critical process control
QMR
Redundant
Redundant & Non-redundant
Burner/Boiler Management System with Safety Manager controlled alarm panel
QMR
Combined
Architecture
Fire and Gas DMR = Dual Modular Redundant QMR = Quadruple Modular Redundant
R410 March 2012
Experion PKS Overview Honeywell
83
4. Process Control Hardware 4.3. Safety Controller
Safety Manager basic architectures Safety Manager can be configured for a number of architectures, each with its own characteristics and typical applications. The following table provides an overview of the available architectures. Table 2 System Manager Architectures Controller configuration
IO configuration
Remarks
Non-redundant (DMR)
Non-redundant
DMR architecture; Applications up to and including SIL3
Redundant (QMR)
Non-redundant Redundant Redundant and nonredundant
QMR architecture; Applications up to and including SIL3
DMR = Dual Modular Redundant QMR = Quadruple Modular Redundant
All Safety Manager architectures can be used for safety applications up to and including SIL 3. The preferred architecture depends on the availability requirements The Safety Manager Controller consists of: Controller chassis Control Processor (one or two) Battery & Key switch Module Controller chassis The SM controller is placed in the CP chassis (CPCHAS). The CP backplane (CPB), which is integrated into the CP chassis, has the following functions: A 32 bit Redundant System Bus between the Control Processors 5 Vdc and WD distribution to the IO chassis, I/O bus connections, Communication connections, Incoming 24Vdc power for both Control Processors, ESD input, and Three common system inputs.
84
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.3. Safety Controller
The following figure shows also that the CP chassis is covered at the back.
Figure 23 - Front and Rear View of the CP chassis Control Processor The Control Processor (CP) is the heart of the SM controller. It is a modular microprocessor system specifically designed for safety-critical applications and can be tailored to the requirements of many applications. The main Control Processor modules are: Quad Processor Pack (QPP) Universal Safety Interface (USI) Power Supply Unit (PSU) The Control Processor modules are constructed on a European standard size instrument card. The height of the front panel of the modules is 4 HE (4U), their width is 8 TE (8 HP) (USI, SMM, PSU and BKM module), and the QPP module is 16 TE wide. The Control Processor modules are placed in the CP Chassis (19-inch chassis), which are generally located in the top section of the cabinet. R410 March 2012
Experion PKS Overview Honeywell
85
4. Process Control Hardware 4.3. Safety Controller
Figure 24 - Safety manager Control Processor Modules Quad Processor Pack (QPP) The QPP reads the process inputs and executes the application program created with the Application Editor. The results of the control program are transmitted to the output interfaces. In Safety Manager configurations with a redundant Controller, both QPPs synchronize their operation through a dedicated redundant communication channel, integrated in the Controller backplane. Through continuous testing of Safety Manager hardware and software integrity, the QPP ensures safe operation as well as extensive diagnostics. The QPP contains a watchdog circuit. It automatically monitors the correct functioning and the operating conditions of the QPP safety processors. The watchdog circuits include the following functions: A unique feature of the Safety Manager watchdog is that it verifies if the processor executes its tasks within the defined cycle time. The monitored operating conditions include the data integrity check of the processor memory and the voltage range check of the supply power (under voltage and over voltage). Deactivate the safety-critical outputs of Safety Manager, regardless of the QPP status, whenever required.
86
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.3. Safety Controller
The QPP is also equipped with the following items: 4 bus drivers to drive the IO chassis A status LED Display to show time, date, system information, system status and diagnostics Key switch Universal Safety Interface (USI) USI is a communication module with universal safety interfaces. Safety Manager uses the USI to exchange information with other equipment. The USI is equipped with 2 Ethernet interfaces and 2 serial interfaces, for either RS232 or RS485 (configurable). A Control Processor can accommodate two USI modules with a maximum of eight external communication links. IO bus The Control Processor controls I/O (located in the IO chassis) through an I/O bus. An I/O extender (located in the I/O chassis) communicates with the individual I/O modules through a horizontal I/O bus. The Control Processor interfaces with the I/O system through an I/O bus, which is a flat cable that runs vertically in the cabinet. The I/O-bus is controlled by the I/O Bus Driver function, which is part of the QPP module.
R410 March 2012
Experion PKS Overview Honeywell
87
4. Process Control Hardware 4.3. Safety Controller
Figure 25 - Back View of Typical Safety Manager with Redundant Controller and I/O Chassis Each of the I/O chassis contains an I/O extender IO-0001 module, which connects to the I/O-bus. The I/O extender module drives the Horizontal I/O Bus, which relays the signals from the I/O-bus to the I/O modules through a flat cable. The Horizontal I/O bus back plane is located on top of each I/O chassis. The Horizontal I/O bus and the flat cables of the I/O modules are covered with a sheet steel cover which provides optimum EMC/RFI immunity. The cover plate contains a paper strip which holds the relevant process tagging for signal identification. I/O modules The I/O modules are constructed on a European standard-size instrument card. The height of the front panel of the modules is 3 HE (3U), their width is 4 TE (4 HP). A total of 18 I/O modules can be placed per I/O chassis. All I/O modules are equipped with standard 32-pin DIN 41612F connectors. All I/O chassis are provided with an I/O backplane, which contains matching 32-pin connectors with key coding to prevent miss-insertion of the I/O modules. 88
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.3. Safety Controller
Figure 26 - Example of the High Density SAi 1620m Module Safety Manager provides an extensive selection of digital and analog input and output interfaces, with different characteristics, to meet the demands of a wide range of field equipment. The following table lists the input and output interfaces available with Safety Manager. Interface
Properties
Digital Input
24 Vdc, 48 Vdc and 110 Vdc 24 Vdc (loop-monitored) 120-230 Vac Class I, Division 2, Groups ABCD; Class II, Division 2, Groups FG Class [Eex ia] IIC intrinsically safe (Through external devices)
Digital Output
24 Vdc, 48 Vdc, 60 Vdc and 110 Vdc 24 Vdc, 48 Vdc (loop-monitored) 120-230 Vac Dry contact outputs Class [Eex ia] IIC intrinsically safe (Through external
R410 March 2012
Experion PKS Overview Honeywell
89
4. Process Control Hardware 4.3. Safety Controller
devices) Analog Input
0-20 mA, 4-20 mA, 0-25mA 0-20 mA and 4-20 mA with HART support (Through external devices) 0-5 V, 1-5 V, 0-10 V and 2-10 V Class I, Division 2, Groups ABCD; Class II, Division 2, Groups FG Resistance Temperature Device (RTD) (Through external devices) Thermocouple, types E, J, K and T (Through external devices)
Analog Output
0-20 mA and 4-20 mA Class I, Division 2, Groups ABCD; Class II, Division 2, Groups FG
All Safety Manager I/O modules are galvanically or optically isolated between external and internal power supply. Safe I/O modules can be used for safety loops up to and including SIL3. Safe modules can also be used for control applications, offering the benefits of Safety Manager diagnostic and fault-reporting functions with or without automatically isolating faults. (Automatic isolation of faults is configurable.) IO FTA An FTA module for I/O converts input field signals to values appropriate for the Safety Manager input module that is used, or Safety Manager output module signals to values that can be used in the field. To enable this conversion, FTAs can be used in combination with input converter modules or output converter modules. FTA modules are 70 mm (2.76 in) or 109 mm (4.29 in) wide, and their length varies between 90 mm and 300 mm (3.54 and 11.81 in), depending on the FTA type, as shown in the following figure. The modules are mounted on standard DIN EN rails (TS32 or TS35 x 7.5).
90
Experion PKS Overview Honeywell
R410 March 2012
4. Process Control Hardware 4.3. Safety Controller
Figure 27 - Some Terminal Type FTA's An FTA may contain electronic circuitry to convert standard Safety Manager signals to specific signals with characteristics required by field equipment. For the connection to the Safety Manager IO modules a standard system interconnection cable FS-SIC-0001 is used for all FTAs. The field cables are connected to terminals.
R410 March 2012
Experion PKS Overview Honeywell
91
4. Process Control Hardware 4.4. Wireless Device Manager
4.4
Wireless Device Manager WDM is the central management unit of the OneWireless Network. The WDM is responsible for network security, network resource allocation, data caching, and external interface functionality (including CDA protocol). OneWireless Network supports integration of wireless data with existing control systems using industry standard protocols such as HART, Modbus TCP, Modbus RTU, and OPC. The WDM hosts the interfaces required to connect the field device data to the control application using the proprietary protocols. The WDM can establish peer-to-peer communication with ACE/C200/C200E/C300 controllers. WDM and wireless devices can be configured and loaded in Experion Control Builder. You can monitor the devices and WDM parameters using Control Builder and Detail Displays in Experion Station. In addition, the notifications related to diagnostic information of OneWireless devices can be monitored using Station.
92
Experion PKS Overview Honeywell
R410 March 2012
5. Supported Experion Hardware 5.1
Supported Platforms
Supported server platforms Experion R410.1 supports the following Dell server platforms. Dell PowerEdge 2850 server Dell PowerEdge 2900 and 2900 III servers Dell PowerEdge 2950 and 2950 III servers Dell PowerEdge SC1430 server Dell PowerEdge T610 server Dell PowerEdge R710 server Dell PowerEdge T310 server Dell PowerEdge T105 server Supported workstation platforms Experion R410.1 supports the following Dell workstation platforms. Dell Precision WS490 workstation Dell Precision T3400 workstation Dell Precision T3500 workstation Dell Precision T5400 workstation Dell Precision T5500 workstation Dell Precision R5500 workstation
R410 March 2012
Experion PKS Overview Honeywell
93
5. Supported Experion Hardware 5.2. Support for new Matrox Extio2 Remote Peripheral Solution (RPS)
5.2 Support for new Matrox Extio2 Remote Peripheral Solution (RPS) Experion R410.1 supports Matrox Extio2 RPS. The Matrox Extio2 RPS installation kit extends the following components from an Icon Series Console or a Desktop Station to a system, through a fiber-optic cable without any loss of signal integrity or system performance. Audio (stereo output and mono input) Video (up to four monitors) USB (including keyboard, mouse, MIMs, Pop-Up disk drives, touch screens, OEP, and IKB) The system can be at a maximum distance of up to 400meters (1312 feet) from the console station. This can substantially reduce noise and heat in the control room, while providing additional security for the computer. Matrox Extio2 RPS can be installed on an existing Experion system or along with a fresh Experion installation using the latest EXPPlus media (Experion R3xx) or the Experion PKS System Initialization media (Experion R4xx).
94
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.1
Communications Topology
Plantwide communications You can scale an Experion PKS system architecture to accommodate small personal workgroups, large plantwide domains, or a mix of workgroups and domains including the integration of an existing TPS system and information from your business network. The following figure combines many of the features previously discussed in the Servers and Stations and Process Control Hardware sections into a single view as an example of system scalability.
Figure 28 - Scalable Architecture for Plantwide Communications.
R410 March 2012
Experion PKS Overview Honeywell
95
6. Process Communications 6.1. Communications Topology
Scalable security inhibits unauthorized data access The Experion system offers integrated Windows and Station-based security as well as electronic signature and asset assignment functions. This lets you easily scale your security functions to provide progressive data access on a "need to know" basis to complement plantwide communications. Control level communications Controller domain The most significant networks within the Experion controller architecture are the, open networks called ControlNet for C200/C200E Controllers only and Fault Tolerant Ethernet (FTE) serving as the network technology for: Controller-to-Server communications, Controller-to-Controller (peer-to-peer) communications, Controller-to-I/O communications through ControlNet for C200/C200E Controller only. Both ControlNet and Fault Tolerant Ethernet support redundant media.
Server Controller to Server
Controller to Controller
Controller to I/O Module
Figure 29 - Control Level Communications Network for C200 Controllers using ControlNet media
96
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.1. Communications Topology
The C200/C200E architecture also supports an Ethernet media for Controller-to-Server and Controller-to-Controller communications that are also referred to as the supervisory level communications. Application and user interface communications for the Experion server Experion takes advantage of industry standard Ethernet for communication above the Experion server. Ethernet is employed for communication between the server and Stations involved in the Experion application. Ethernet is also the media for communication with PIN-resident applications. Honeywell also offers its own version of a robust Ethernet known as Fault Tolerant Ethernet (FTE). Server to Station
Server
Station
Station
ControlNet Controller
Figure 30 - Supervisory Level Communications Network Foundation Fieldbus communications FOUNDATION Fieldbus (FF) is an open, digital multi-drop communications technology for intelligent field devices and automation systems through an integral chassis mounted Series A Fieldbus Interface Module (CIOM-A FIM) or a Series C Fieldbus Interface Module (FIM4) and integral Control Builder configuration. Some interface features include: A rail-mountable device for linking two H1 networks into the I/O ControlNet or into the Chassis I/O - Series A Fieldbus Interface Module. A non-redundant or redundant I/O termination assembly for linking four H1 networks into the Series C Fieldbus Interface Module mounted in a cabinet. Provides support for multiple interface modules per controller. R410 March 2012
Experion PKS Overview Honeywell
97
6. Process Communications 6.1. Communications Topology
Supports Experion regulatory, sequential and logic control operation with Fieldbus measurement and actuation devices. Supports operational access to field device data via server points. As a field communication network(s) interconnecting field devices, fieldbus devices also broadcast alarms and collect and broadcast trend data providing standard definitions of base field device functions. Ethernet (TCP/IP)
Redundant Servers
Station
Supervisory ControlNet/Ethernet
Redundant Controllers
FIM
Non-Redundant Controller I/O ControlNet
I/O ControlNet
FIM 24Vdc (Optional)
Remote I/O Chassis
Remote Termination Panel
Remote I/O Chassis
H1 Link 2
24Vdc Conditioned
24Vdc (Optional)
PT
PT
PT
Remote Termination Panel
PT PT
H1 Link 1
24Vdc Conditioned
H1 Link 1
PT
PT H1 Link 2
FOUNDATION Fieldbus Compliant Devices FOUNDATION Fieldbus Compliant Devices
Notes:
PT
FIM = Fieldbus Interface Module Only ControlNet is available as redundant media.
24Vdc Conditioned 24Vdc Conditioned
Figure 31 - Foundation Fieldbus Level Communications Network using a Chassis I/O - Series A Fieldbus Interface Module
98
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.1. Communications Topology
Figure 32 - Foundation Fieldbus Level Communications Network using a Series C Fieldbus Interface Module Redundant Fieldbus integrated architecture The following figures show sample redundant fieldbus architectures. The first figure shows a pair of Chassis I/O - Series A Fieldbus Interface Modules (CIOM-A FIMs) and Redundancy Modules (RMs) in a redundant C200/C200E Process Controller and a redundant remote I/O chassis configuration. The FIM serves as the communication gateway between the Supervisory ControlNet and/or I/O ControlNet network and the Foundation Fieldbus H1 communications medium. It includes a redundant Remote Termination Panel (RTP) for connecting and powering up to two fieldbus H1 links. R410 March 2012
Experion PKS Overview Honeywell
99
6. Process Communications 6.1. Communications Topology
The second figure shows a redundant Series C Fieldbus Interface Module (FIM4) configuration in a C300 Process Controller domain. The FIM4 serves as the communication gateway between the Supervisory Fault Tolerant Ethernet network and the Foundation Fieldbus H1 communications medium. It does not require a C300 Controller for operation. The illustrations in the following figures are for example purposes only to show the possible architectural variations for a redundant fieldbus application. Ethernet (TCP/IP)
Redundant Servers
Station
Supervisory ControlNet RM
CPM
Non-Redundant Controller I/O ControlNet RM
FIM
RM
FIM
Redundant Controllers I/O ControlNet RM
FIM
FIM
Redundant Remote I/O Chassis
Remote I/O Chassis 24Vdc (Optional)
24Vdc (Optional) Redundant Remote Termination Panel
H1 Link 2
24Vdc Conditioned
PT
PT H1 Link 1
H1 Link 2
PT
PT
PT
Redundant Remote Termination Panel
PT H1 Link 1
24Vdc Conditioned
PT
24Vdc Conditioned
PT
FOUNDATION Fieldbus Compliant Devices
24Vdc Conditioned
FOUNDATION Fieldbus Compliant Devices
Notes: CPM = Control Processor Module FIM = Fieldbus Interface Module RM = Redundancy Module Only ControlNet is available as redundant media.
Figure 33 - Sample system architecture for redundant Fieldbus integration using a Chassis I/O - Series A Fieldbus Interface Module 100
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.1. Communications Topology
Figure 34 - Sample system architecture for redundant Fieldbus integration using a Series C Fieldbus Interface Module
R410 March 2012
Experion PKS Overview Honeywell
101
6. Process Communications 6.2. Network Platforms
6.2
Network Platforms
Ethernet Ethernet has been globally accepted as the de facto standard for office environments and has recently been accepted to perform many tasks on the plant floor. Because of the wealth of third party Ethernet equipment, including switches, routers, hubs, and so on. coupled with its ever increasing performance, along with a steady decline in the price-performance curve, Ethernet has become the ideal network for many plant floor applications, including data monitoring and program maintenance. Many are now using today's Ethernet for critical control. The support of TCP/IP Ethernet as the Supervisory network in Experion does not preclude the customer to design and configure a mission critical control strategy based upon Ethernet. The user is cautioned, however, that Ethernet is not a deterministic network and there are many factors that should be considered before employing a mission critical control strategy that relies on Ethernet. The system can also communicate with modem-connected system components by using: Local Area Networks (LANs) to connect system components for plants that have all their installations located at one site, for example, waste water treatment facilities and food manufacturing plants Wide Area Networks (WANs) that connect modem-connected installations that are separated by hundreds (sometimes thousands) of miles, such as offshore oil and gas installations and pipelines. WANs may use satellite uplinks, ISDN, microwave or radio communications systems. Fault Tolerant Ethernet Honeywell's Fault Tolerant Ethernet (FTE) represents a way to achieve Ethernet redundancy through the use of Honeywell's FTE driver and redundant commercially available equipment. Fault Tolerant Ethernet enabled components allow network communication to occur over a functioning route. If that route should fail and another route exists, then communication occurs over that route. In this approach, FTE can recover from single faults and may recover from several faults. REFERENCE – EXTERNAL Refer to the Fault Tolerant Ethernet (FTE) Specification and Technical Data Sheet EP03-500-110 or latest version for more information. The Specification and Technical information is subject to change without notice and is superseded by information in applicable Experion product Specification and Technical data documents. Hence, for each Experion release, you are recommended to refer the applicable Specification and Technical data documents. 102
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.3. ControlNet
Supervisory Fault Tolerant Ethernet (FTE), ControlNet or Ethernet The Supervisory FTE, ControlNet or Ethernet is used by the Experion server to access data from the Controller to populate Experion displays, receive Alarms, and gather Historical Data. The Controllers for Peer-to-Peer communications also use the Supervisory FTE, ControlNet, or Ethernet. Only the FTE and ControlNet are available as redundant media. The Control Builder also uses the Supervisory Network for strategy loading and monitoring. However, not all Controller related functions are Ethernet compatible. For example, the Chassis I/O - Series A Fieldbus Interface Module requires an FTE or ControlNet network. All the Series C form factor components require Supervisory FTE. Time Synchronization To ensure accurately time-stamped process event data, the real-time clocks of Safety Managers in a network need to be synchronized by a time master. Safety Manager can use the following external sources to synchronize their real-time clock: Experion system (connected via Ethernet) GPS receiver via IEEE 1588 protocol Safety Station Time master Simple Network Time Protocol (SNTP)
6.3
ControlNet
Open technology The ControlNet technology was designed by Allen-Bradley, with significant design input from Honeywell to ensure its suitability for process control applications, and turned over to the public sector as an open system. ControlNet is an open standard that will support third-party devices in the future, but you cannot currently connect thirdparty devices on the I/O ControlNet or the Supervisory ControlNet. Devices What kind of devices would likely sit on ControlNet? Basically, any of the devices certified under our existing TPS Multi-vendor Interface Program. For example, these devices might include: Analyzers Weigh scales Motor drives R410 March 2012
Experion PKS Overview Honeywell
103
6. Process Communications 6.4. ControlNet Interoperability
Operator interface panels Bar code readers Control network redundancy Experion incorporates the open technology of ControlNet, which can be implemented in a redundant fashion. This provides redundant communication between the server and controllers, from controller to controller and from controller to remote I/O. The LAN can also be redundant. LAN (TCP/IP, Ethernet, etc.)
Server
Station
Redundant Supervisory ControlNet networks A B Controller
Redundant I/O ControlNet networks A B Remote I/O Chassis
Remote I/O Chassis
Figure 35 - Control Network Redundancy
6.4
ControlNet Interoperability ControlNet Interoperability gives the Experion system the ability to exchange Process data with A-B PLCs and other third-party devices. In order for the devices to communicate with each other, a protocol that is understood by both must be used.
104
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.4. ControlNet Interoperability
An example of a suitable protocol is the PCCC (Programmable Controller Communications Commands) protocol. This protocol is a simple Command-Reply protocol. The PCCC protocol is supported by devices on ControlNet and by devices on other networks such as the DH+ network. Using a bridge module such as the DHRIO module, you will be able to establish communication between a device on the ControlNet and a device on the DH+ network. Each message is limited to a maximum length of 256 bytes. Currently the CPM can only be used as the Requester. The following commands are supported: PLC-5 Typed Read PLC-5 Typed Write The following devices have been qualified: PLC-5 on ControlNet CL5550 controller PLC-5 on DH+ Communication between the CPM and the CL5550 controller can also be achieved through the more advanced CIP protocol. The CIP protocol allows both CommandReply and Producer-Consumer modes. Currently the CPM only supports the Messaging mode as a Requester. The following CIP commands are supported: CIP Data Table Read CIP Data Table Write ATTENTION You will not be able to implement ControlNet Interoperability unless communication has been established between the third-party device and its software.
R410 March 2012
Experion PKS Overview Honeywell
105
6. Process Communications 6.5. Connectivity
6.5
Connectivity
Background Experion supports many types of controller, such as Modicon PLCs, Honeywell Series 9000 and Allen-Bradley. You can connect a controller to the server in a number of ways. If a controller has a network interface, you can connect it directly to the network. If it has a serial interface, you can connect it through a "terminal server". (A terminal server allows you to connect several controllers to the network even though they only have serial or parallel ports. Most terminal servers also provide a range of serial connection options, such as RS-232, RS-422 and RS-485.) The communications link used to connect controllers to the server is called a channel. Logical representations of channels are stored in the server. Usually each type of controller uses a different communications protocol, so each has its own channel. Third-party networks The following figure illustrates how systems are connected to the Experion system. For example, drivers are used to connect Allen Bradley's PLCs via the data highway to an Experion system. LAN (TCP/IP,Ethernet,etc.)
Server
Station
ControlNet Other connectivity Honeywell S9000 Honeywell 620 LC TDC 3000 Data Hiway Honeywell UDC Modicon PLC Allen-Bradley PLC other
Figure 36 - Connectivity System
106
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.6. Communications Model for the Control Processor
6.6
Communications Model for the Control Processor
Reference model Experion employs a publish/subscribe communications scheme. The following figure illustrates the communications models employed within Experion and relates them to the standard ISO - OSI model as a reference. ISO-OSI
Experion PKS Control Proc essor
Server
Referenc e Model
Server Cache: Run-time Monitor, Builder Load Server DA CDA DDE
CEE CDA (Pub/Sub,Req/Resp, Notif. Pub)
Endian Conversion
Data Types Null
User Layer Application Layer Presentation Layer
Null
Session
ASA Transport Class 5 Frag/Reassembly, Mult Msg
ASA Class 5
TCP
Transport
ASA Network
ASA Network
IP
Network
ICP, SMAC
KTC-SMAC
802.3
Link
ControlNet
Ethernet Media, Serial Comm.
Serial Bus, ControlNet
Physical
Figure 37 - Experion versus ISO-OSI Communications Model Publish/subscribe transport layer The Experion OSI stack employs a Producer/Consumer model for managing communications. This means that any node on the network can demand to be registered as a "consumer" of a particular piece of information. Then, when an object from another node "produces" that piece of information, it is done in a way that makes it available to every registered consumer. This allows the same piece of data to be distributed to multiple consumers of that data.
R410 March 2012
Experion PKS Overview Honeywell
107
6. Process Communications 6.7. Safety Manager SafeNet
Publish/subscribe application layer The transport layer is capable of producing information onto the network for consumers to "pick-up" but how is the subscription list managed and how are subscribers identified? This is done through CDA's connection-oriented communication scheme. Information is sent between nodes by establishing connections. Each published message contains a Connection ID (CID). Each potential consumer can then subscribe to receive that particular CID. Request/response application layer Publish/subscribe works well for cyclic (repeated) transactions. But, for one-time reads and writes between two end-points, Experion has implemented request/response. Report-by-exception In addition to the high performance of the publish/subscribe model, Experion supports report-by-exception technology, also known as 'on data change'. This way, only changes to data are published. In other words, publishing doesn't happen simply because a clock cycle requests it.
6.7
Safety Manager SafeNet Safety Manager supports Distributed Safety Solutions (DSS) through its extensive networking capabilities. Safety Manager networks provide the means to decentralize process safeguarding with central process monitoring and control capabilities. In a DSS network, multiple Safety Managers are interconnected via dedicated Ethernet (or serial) communication links. Both point-to-point and multidrop networks are supported. For optimum availability of the communication, the redundant Safety Manager configurations require the use of redundant communication links. The communication is based on the Honeywell proprietary, TÜV-approved SafeNet communication protocol. This protocol includes a high level of error detection and recovery, which makes it suitable for exchanging safety-related information while maintaining optimum availability. The network is also used to route diagnostic data to central operator stations and maintenance workstations. Communication within Safety Manager networks is based on the master-slave concept. In this concept, the master system is responsible for all communication activities. It initiates requests for data from the slave systems, and sends data to the slaves. Safety Manager networks also support communication server systems. These are Safety Managers that are interconnected between the communicating master and slave system(s). Their task is to route the data that is exchanged between master and slave(s).
108
Experion PKS Overview Honeywell
R410 March 2012
6. Process Communications 6.7. Safety Manager SafeNet
The DSS concept supports safety solutions in line with the plant design, with every independent process unit being safeguarded by a separate Safety Manager. This minimizes the risk of nuisance plant trips during unit maintenance. Safety Manager supports SafeNet communication through Ethernet, RS232, RS485 and Fiber optic. This allows easy integration of fail-safe networking through thirdparty equipment (black channel), enabling the use of existing media, equipment, and cabling to exchange safety-critical Safety Manager data. For example, using public telephone lines, satellites, or radio links. This TÜV-approved function provides flexible solutions for FPSOs, pipelines, and other remote system applications. It is completely embedded into the Safety Manager design, and no additional effort is needed to configure this type of communication.
Figure 38 - Example Safety Manager Topology
R410 March 2012
Experion PKS Overview Honeywell
109
6. Process Communications 6.7. Safety Manager SafeNet
110
Experion PKS Overview Honeywell
R410 March 2012
7. 7.1
Monitoring Plant Processes
Understanding Points
Process points From the point of view of operators, Stations and servers, Function blocks (created in Control Builder) are points. These points are called Process points to distinguish them from other types of point. Flexible points Experion includes a number of system interfaces (high-level interfaces), such as TPS and OPC that allow it to exchange data with other applications or subsystems without the need for separately defining points in Experion. Such points are called flexible points. The database structure of a flexible point is determined by the application/subsystem, rather than by Experion. An example of flexible points would be TPS points. Standard (Inbuilt) point types Experion provides the following types of standard (inbuilt) point to exchange data with controllers other than C200/C200E or C300 Process Controllers. These points are also known as SCADA points. Note that points deriving their inputs from OPC are licensed as SCADA points. Analog, used for continuous values, such as temperature or pressure Status, used for digital values (on and off) Accumulator, used for totalizer values Container, a "user-defined" point type that allows you to treat a group of related points as if they were one point. Standard points have a composite data structure that can represent several field values. For example, you only need one analog point for a control loop that maintains the temperature of an oven, because the point's data structure includes the following parameters (data items): Process variable (PV) to record the current oven temperature Output variable (OP) to change the temperature of the oven Set point (SP) to specify the correct oven temperature Mode (MD) to change the loop from manual to automatic control
R410 March 2012
Experion PKS Overview Honeywell
111
7. Monitoring Plant Processes 7.2. Process Monitoring and Data Display
Scanning In the case of standard points, Experion uses a scanning process to read from/write to memory locations in controllers. Controllers can be scanned using the following strategies, each of which is optimized for a specific need: Periodic (at regular intervals) Exception (the server only requests change-of-state data) Some controllers support unsolicited messaging, where the controller, rather than the server, initiates a communications session. Unsolicited messaging can substantially reduce communications traffic, especially if the values change infrequently. Point algorithms Experion includes a set of algorithms that can be attached to standard points to perform specialized tasks on point data. (If you want to attach an algorithm to a process or flexible point, you must map it to a standard point and then attach the algorithm to the standard point.) There are two types of point algorithm: Action Algorithm, which initiates an action-such as requesting a report-when the point's PV changes value PV Algorithm, which gathers/manipulates data, the result of which is usually stored in the point's PV The following two examples illustrate an algorithm's capabilities: Status Point Notification, which sends a message to a custom application when the status of the point changes to a specified state Maximum/Minimum, which records the maximum and minimum values of the PV of an analog point and the times at which they occurred Scripts You can extend a point's functionality by writing a script that, for example, performs a: Calculation on the value of its PV parameter each time its value changes Task when it goes into alarm User-defined parameters You can increase the functionality of a standard point by defining your own parameters so that you can store custom data. For example, you may want to store a value generated by a script, or record the serial number of the device associated with the point. 112
Experion PKS Overview Honeywell
R410 March 2012
7. Monitoring Plant Processes 7.2. Process Monitoring and Data Display
7.2
Process Monitoring and Data Display Station uses a series of Web-style displays to present process information in a userfriendly manner. (In addition to displays, Station can also show Web pages and ActiveX documents such as Microsoft Word documents and Microsoft Excel spreadsheets.) Experion is supplied with over 400 system displays that present information in a standardized manner. You can also create your own (custom) displays, which can include graphics and animations. The following topics describe Experion's system displays and the benefits of creating your own custom displays.
System displays for configuring your system Experion includes a comprehensive set of system displays that make it easy to configure and fine-tune your system.
Figure 39 - Typical configuration display R410 March 2012
Experion PKS Overview Honeywell
113
7. Monitoring Plant Processes 7.2. Process Monitoring and Data Display
System displays for managing alarms and events Experion's alarm and event displays enable operators to manage and respond to alarms and events in an efficient manner. Inbuilt features of these displays include the ability to sort and filter alarms and events according to criteria such as priority, asset, and so on. The Experion Alarm Summary, for example, provides live information about current process alarms in your system. Depending on how your system has been configured, the Alarm Line (at the bottom of the display) shows the most recent (or oldest), highest (or lowest) priority alarm that has not been acknowledged.
Figure 40 - An alarm summary display System displays for monitoring your processes Experion includes a range of system displays and faceplates that form the basis for monitoring your processes. These include the: Point detail displays, which show the current parameter values, and configuration details, for a selected point. 114
Experion PKS Overview Honeywell
R410 March 2012
7. Monitoring Plant Processes 7.2. Process Monitoring and Data Display
Faceplates, specialized popup displays that are the identical to the left-hand section of the corresponding point detail displays. They provide a convenient means of monitoring and controlling points from custom displays. Trend displays, which plot changes in process values over time. Group displays, which show the main parameter values of up to eight related points.
Figure 41 - A typical point detail display
Figure 42- A Typical Faceplate R410 March 2012
Experion PKS Overview Honeywell
115
7. Monitoring Plant Processes 7.2. Process Monitoring and Data Display
Figure 43 - A typical trend display
Figure 44 - A typical group display 116
Experion PKS Overview Honeywell
R410 March 2012
7. Monitoring Plant Processes 7.3. Operator Notification of Alarms and Events
Figure 45 - Safety Manager System Information Display Custom displays Custom displays enable you to represent a complete process on one display, and to include graphics and animations to make processes easier to understand. Custom displays are created using HMIWeb Display Builder.
R410 March 2012
Experion PKS Overview Honeywell
117
7. Monitoring Plant Processes 7.3. Operator Notification of Alarms and Events
7.3
Operator Notification of Alarms and Events
Alarm and event generation Experion generates events and alarms when it detects certain changes in the plant or process as reported by controllers. With Experion operators can: View events and alarms in Station displays Print a summary of alarms and events to an alarm/event printer All changes in the system caused by, for example, alarms, operator actions, and changes in security level, are logged as events. The following figure shows the Experion Event Summary.
Figure 46 - An event summary display
118
Experion PKS Overview Honeywell
R410 March 2012
7. Monitoring Plant Processes 7.3. Operator Notification of Alarms and Events
Alarms Alarms indicate unusual conditions in processes (excess pressure in a valve, low temperature of an oven, and so on) or in the system (such as the failure of a channel) that require operator action. Unless an alarm has been suppressed or shelved, it remains in the default view of the Alarm Summary until the condition that triggered the alarm returns to normal and someone acknowledges the alarm. All alarms are recorded in the event log, including when it was generated, when it returned to normal, and when it was acknowledged. The event log also shows when alarms have been suppressed or unsuppressed, and shelved or unshelved. Filters and views Filters and views on Station summary displays enable operators to temporarily exclude less important (or currently irrelevant) alarms and events from the display - for example, operators might want to filter out high and low alarms to focus on urgent alarms only. In addition to a range of filtering options for the columns in an alarm (or event) summary, Experion provides several predefined views for summary displays, including: unacknowledged alarms (to show only unacknowledged alarms) Urgent alarms (to show only urgent alarms) Urgent and high alarms (to show only urgent and high alarms) Suppressed alarms (to show only alarms that are currently suppressed) Shelved alarms (to show only alarms that are currently shelved) You can also create your own filters, based on various criteria such as asset, priority and date/time. Alarm suppression Dynamic Alarm Suppression (DAS) is an Experion licensed option that provides an automated way of temporarily removing alarms from the default (unfiltered) view of the Alarm Summary. DAS removes alarms in accordance with a set of rules that you configure. By temporarily removing specific alarms from the Alarm Summary when pre-configured conditions are met, DAS helps operators to focus on the issue at hand or on other more critical conditions in the plant. For more information, see the Server and Client Planning Guide and the Server and Client Configuration Guide.
R410 March 2012
Experion PKS Overview Honeywell
119
7. Monitoring Plant Processes 7.3. Operator Notification of Alarms and Events
Alarm shelving Alarm shelving allows operators to temporarily remove distracting/nuisance alarms from the Alarm Summary display. Shelved alarms are only visible in the (shelved alarms) view or when you choose the Alarm State column filter for showing shelved alarms. To prevent operators from forgetting about a shelved alarm, a shelved alarm is automatically unshelved when the shelving period expires or the alarm returns to normal (depending on how the shelving settings have been configured). Operator response Operators can: View events and alarms in Stations. The Status Line (below the display), always shows the most recent (or oldest) and highest priority alarm that has not been acknowledged. Print a summary of alarms and events to an alarm/event printer. Note that you can make it easier for operators to manage alarms by creating appropriate views for operators. (A view shows a particular subset of alarms, and presents the details in a particular way.) By default, the Alarm Summary shows all alarms (except shelved alarms and suppressed alarms) in a table format with the newest alarm at the top. Operators can change this view by applying filters and sorting the summary to help them to monitor and respond to alarms of particular interest. The following graphic shows other features of the Alarm Summary that help operators monitor and respond to alarms more efficiently and effectively: The Location pane (in the lower left of the display), which filters the Alarm Summary to show alarms for a particular asset, alarm group or piece of equipment. The Alarm Tracker pane, which provides a graphical view of alarm “clusters” on assets within an operator’s scope of responsibility. Based on Abnormal Situation Management (ASM®) Consortium research, Experion Alarm Tracker supports operator effectiveness by providing an asset-based view of alarms over time that enables operators to identify and respond more easily to abnormal situations such as alarm floods.
120
Experion PKS Overview Honeywell
R410 March 2012
7. Monitoring Plant Processes 7.3. Operator Notification of Alarms and Events
Figure 45 – An Alarm Summary with the Alarm Tracker pane showing
R410 March 2012
Experion PKS Overview Honeywell
121
7. Monitoring Plant Processes 7.4. Safety Manager Sequence of Events (SOE) support
7.4
Safety Manager Sequence of Events (SOE) support
SOE generation Safety Manager integrates the sequence-of-event (SOE) features as supported by Safety Manager into the Experion server. Safety Manager supports SOE for digital inputs and outputs, analog inputs and outputs, and marker points. Each tag name that has been "SOE-enabled" is time-stamped by the Safety Manager controller and reported to the Experion Server, SOE reporting SOE from Safety Manager as well as from DI SOE are incorporated into the standard Experion Server SOE list which allows for improved search, filter and automated archive functionality. Standard SOE displays are available to view the events as they are reported.
122
Experion PKS Overview Honeywell
R410 March 2012
8. 8.1
Controlling the Process
Understanding Supervisory Control
Supervisory control The term "supervisory control" means control that originates from a location outside and above the controller, whether by an operator or a program. Supervisory control works by changing the values in controllers that are associated with processes. Process control is usually performed by the internal logic of controllers. The following figure and procedure show how supervisory control works. A new value is entered by an operator (manual mode) or a program (automatic mode). The server relays the new value to the controller. The controller outputs the control value to the field device.
Figure 47 - Supervisory Control Process
R410 March 2012
Experion PKS Overview Honeywell
123
8. Controlling the Process 8.2. Examples of Process Control
8.2
Examples of Process Control
Background The following examples are based on a pipeline carrying a fluid. The pipe, for the purposes of the examples, contains a pump, a valve, and a device that measures the rate of flow of the fluid. If you are using a C200/C200E and/or C300 Process Controller, field devices are represented by named parameters related to associated control function blocks. If you are using another type of controller, the field devices are represented by standard points, such as accumulator, analog or status. The following figure shows a representation of this pump, control valve, and flowmeasuring device.
Controller
Pump
Valve
Flow Sensor
Flow
Figure 48 - Process Control Example Process control using status points Because a pump can be in only one of two possible states at a time (either on or off), Experion stores data about pumps in a status point. Status points have three main process variables: Input (PV), which is read-only digital value. Output (OP), which an operator can change. In this case, this represents the "on" or "off" instruction you send to the pump. 124
Experion PKS Overview Honeywell
R410 March 2012
8. Controlling the Process 8.2. Examples of Process Control
Mode (MODE), which the operator can change to switch the control from manual mode to automatic mode, or the other way around. The current state of the pump is read by the controller using a digital input. The state of the pump can be changed by the controller by using a digital output. In automatic mode, the controller logic changes the digital output automatically to switch the pump either on or off. In manual mode, the pump is switched on or off by the operator. Manual mode effectively disables or bypasses the internal logic of the controller. Because the control command is issued from Experion, this is supervisory control. The following figure illustrates how this works.
Server (Station Display)
Controller
Plant Equipment
Ladder Logic PV
MD
OP
Digital Input Digital Output PV OP MD
Pump
Figure 49 - Process Control Using Status Points Process Control Using Analog Points For valves that can be open to any extent (such as control valves), Experion uses analog points. Analog points store continuous values, which can range from 0 to 100 percent of full scale. Analog points can have several process-related variables: Input (PV), which is a read-only analog value Setpoint (SP), which is the desired value for the input variable. R410 March 2012
Experion PKS Overview Honeywell
125
8. Controlling the Process 8.2. Examples of Process Control
Output (OP) which is an analog value; in this case, the variable controls how much the valve should be open or closed. Mode (MODE), which governs whether or not operators will be able to control the SP and OP process variables. Auxiliaries (A1 to A4), which can be assigned to any values for any purpose (loop tuning constants, for example) In this example, the valve controls the flow rate, and the controller reads the flow rate and the current valve position into registers. If the flow changes in: Automatic mode, the controller compares the PV to the setpoint specified for the flow. If the flow is too low or too high, the output variable adjusts the valve automatically. Manual mode, the valve is adjusted by the operator by entering the OP. The following figure illustrates how this works. Server (Station Display)
Controller
Plant Equipment
PID
SP PV
OP MD
SP PV OP MD Pump
Valve
Flow Sensor
Figure 50 - Process Control Using Analog Points
126
Experion PKS Overview Honeywell
R410 March 2012
9. 9.1
Analyzing Process Data
Understanding Reports
Background Reports extract information from the server database. Reports may be requested and printed on demand, or scheduled to be automatically generated reports at pre-defined times. Reports can be sent to printers or to operator Station displays. Experion can produce both: Standard Reports, which are preformatted reports provided with Experion and contain information about alarms, events, points, and so on. Custom Reports, which can contain almost any kind of information stored in the server database. You can either request reports when you need them or schedule Experion to automatically produce reports at pre-defined times.
9.2
Process History Analysis and Archiving
History Experion provides two different ways of collecting and storing historical data for point parameters: Periodic history Exception history The historical data collected by Experion can be used for: Third-party applications via the Experion OPC HDA Server and ODBC driver. Operational purposes like trend monitoring (in the case of periodic history). Collection and analysis by enterprise historians like PHD servers. Because the data from both periodic history and exception history is readily accessible to specialized historians, the transmission of Experion history data places no additional load on your control network. Periodic history Periodic history collects and stores numerical data at predefined regular intervals. Periodic history data is generally used for operational purposes such as trend monitoring but is also collected for historical analysis. Experion collection rates for periodic history provide a high degree of flexibility in moderating the load on your control network.
R410 March 2012
Experion PKS Overview Honeywell
127
9. Analyzing Process Data 9.2. Process History Analysis and Archiving
Fast history – Stores snapshots of a point parameter at short regular intervals (less than 1 minute). You can choose from 8 different collection rates. By default, the fastest rate is 5 seconds but this can be changed to 1 second if necessary. Standard history – Stores snapshots at intervals ranging from 1 minute to 30 minutes. The fastest standard history collection rate of 1 minute can be changed to 30 seconds if necessary. Standard history also calculates and stores average values, based on the standard history snapshot rates. The default averages are: 6-minutes, 1-hour, 8-hours, and 24-hours. Extended history – Stores 1, 8, and 24-hour snapshots. Exception history While periodic history is used for numerical data and primarily for operational purposes, exception history collects string data for analysis by enterprise historians such as PHD servers. And unlike periodic history, exception history is based on sampling rather than regular collection: it only stores the scanned values when they are different to the last stored value. This not only helps to minimize the database size but also the load on the control network. The default collection rates for exception history are: 5, 10, 15, 30, and 60 seconds 5, 10, 15, 30, and 60 minutes 2, 4, 6, 8, 12, and 24 hours PHD integration Experion can be integrated with a Uniformance Process History Database (PHD). The integration allows synchronized history collection of Experion data on PHD. PHD tags that map to point parameters assigned to history on Experion are created and maintained automatically. PHD provides long term history collection. PHD data can be displayed on Experion trends. Analyzing process history Process history can be analyzed for trends using trend set displays, which present process history in a graphical manner. Experion allows you to present trend set data in a range of useful ways, such as: Simple Trend, which displays plotted data for the specified point parameters. Trend with Events, which displays plotted data for the specified point parameters as well as an Event Summary. Trend with numeric history, which displays plotted data for the specified point parameters as well as tabular numeric history for the specified point parameter. 128
Experion PKS Overview Honeywell
R410 March 2012
9. Analyzing Process Data 9.2. Process History Analysis and Archiving
Archiving process history Archiving stores process data in the server. The period of time that this historical data is stored is determined by the default retention periods for the history interval being used. You can archive this process history to off-line media such a removable disk or a tape so that the history can be restored later if needed. Event archiving and storage Experion stores every event, such as a point status change or an operator action, in an event journal. Events are collected in an Experion system database, and are periodically copied to an SQL Server online event database for queries and reporting. Events are kept in the SQL database for a specified period, after which they are deleted. If you want to keep events for more than a few weeks, use Event Archiving. Event Archiving allows you set up automatic archiving, or to configure an alarm, which alerts the operator to archive events at appropriate intervals. Event Archiving enables you to archive events to a network fileserver or to tape. Archiving to tape uses the Windows Backup program. Events archived to a network fileserver can be copied to other media such as CD, or included in a system backup.
R410 March 2012
Experion PKS Overview Honeywell
129
9. Analyzing Process Data 9.2. Process History Analysis and Archiving
130
Experion PKS Overview Honeywell
R410 March 2012
10. Standard Compliance 10.1 Safety Manager compliance A major requirement for compliance to IEC 61508 is the availability of a change history of applications. With the new Safety Builder this is no longer an issue as the Safety Audit Tracker provides an automatically enabled audit trail. It will keep track of all the changes performed on an application automatically. Difficult procedures or extensive loggings are not required. The Safety Audit Tracker, together with the Application Verification Tool, is all that is necessary. Safety Manager complies with the following international standards: For BMS: NFPA 85, 86, VDE 0116 For ESD: IEC 61508, ISA S84.01, DIN V 19250, UL, FM, ATEX For F&G: EN54-2, NFPA 72, Lloyd's Register. In summary, with all SIL3 safety compliance tools, hardware and software, Honeywell's Safety Manager provides excellent protection for safety applications across multiple industries throughout the lifetime of an installation. Together with Experion or any other process control systems, Safety Manager provides the basis for critical control and safety unification, reducing risks and installed costs, and improving plant safety.
10.2 Experion compliance The various components of the Experion system are declared to be in conformity with the following standards. EN 50082-2-1995 Electromagnetic Compatibility - Generic Immunity Standard, Part 2: Industrial Environment. EN 55011-1991 Limits and Methods of Measurement of Radio Disturbance Characteristics of Industrial, Scientific and Medial (ISM) Radio-Frequency Equipment EN 61131-2-1994 Programmable Controllers - Part 2: Equipment Requirements and Tests (LVD), Year of first CE marking per 73/23/EEC (LVD): 1997 EN 61326-1998 Electrical equipment for measurement, control and laboratory use EMC requirements. EN 61010-1-1993 Safety Requirements for Electrical Equipment for Measurement, Control and Laboratory Use. Part 1: General Requirements
R410 March 2012
Experion PKS Overview Honeywell
131
10. Standard Compliance 10.2. Experion compliance
132
Experion PKS Overview Honeywell
R410 March 2012
Honeywell Process Solutions 1860 W. Rose Garden Lane Phoenix, AZ 85027 USA