Disclaimer: This tip is only meant to encourage thinking about some of the “what ifs” of control systems.
A “fail-safe” system motto: When things are going bad – Don’t make them worse.
Some of the things to consider:
- Use of device normally-open output contacts that are closed when no alarm is present so that device loss of power, or wiring connection, or abnormal state will cause an alarm.
- To energize an alarm light or horn, consider using normally-closed contacts of a relay that is energized by a PLC output during a normal system condition. Program the PLC so that any new alarm will again de-energize the output after a previous alarm has been acknowledged. A PLC fault or loss of power should cause the horn or light to be on continuously.
- Consider generating analog alarms in PLC logic, rather than SCADA software, if possible, to help ensure reliability.
- Consider use of a hierarchy of control points in wiring and logic so that operators closer to the process or machine can lock out all others from control.
- Use of, for example, “Fail to Start” alarms to drop commands or time-delays to reset them if loss of communication prevents them from being sent.
- Use of “old-school” relays, switches, and indicators for critical function backup.
- Use of redundant power suplies, communication networks, SCADA PC’s, and PLC “hot-backup” processors.
- Use of Uninterruptible Power Supplies (UPS) with monitoring of utility power loss.
- Researching all safety requirements regarding need for emergency stops, master-control relays, safety PLC’s, explosion-proof or intrinsically-safe wiring and devices, etc.
- Consider special PLC fault routines for control or capturing fault information.
- Transient voltage protectors for power and signals where needed.
- Fiber optics for no transient voltage worries.
- Computers that are dedicated for SCADA and no other purposes.
- Regular testing and calibration.
- Keeping spare parts!
Comments on this entry are closed.