What is automation? What content or technology is involved in automation?
What is redundancy?
Redundancy means that the backup components in the system can take over the work of the primary components should they fail. But which components are backed up? Any component that is critical to your operation can be a single point of failure that stops the entire process.
Some of the components we can see people implementing in redundant systems include but are not limited to:
“Physical Network”
“network adapter”
“Network Card (NIC)”
“PLC”
“Input Sensor”
“Output Control Device”
“OPC Server Software”
“Physical Server”
“HMI / SCADA operator station and server”
《Power/UPS》
The Essentials of Failure, Collision, and Consequences
The goal of redundancy is to eliminate single points of failure and provide reliable uptime for your process. When considering your redundancy needs, you should examine the entire system and understand the consequences of any one component failing. unplanned downtime
Some of the main consequences are measured in factors such as loss of production capacity, production waste, and worker and facility safety. The higher the business cost of these factors, the more likely it is that redundancy will be critical to maximizing system production.
There is no limit to how much you can spend on redundancy, but all decisions must consider the cost of failure without a redundant system.
A common term in redundancy is “collision”. “Collision” refers to process interruptions such as unplanned shutdowns, machine downtime
. Every industrial process is different in the consequences of a collision. If you are in a continuous steel plate production process with a constant flow of input raw material, continuous plate output, and downstream machines cutting the steel into different sizes, you can imagine how havoc a shutdown of any one component can cause!
Continuous processes usually use accumulators
to buffer a certain amount of product to allow short stops or pauses, but even those can only go so far. In paper production, which involves the continuous feeding of wet pulp onto a web moving at extremely high speeds, collisions of more than a few hundred milliseconds may be unacceptable. The shorter the “bumps” your production process can tolerate, the more important the redundancy in your automation system will be.
Another factor that affects redundancy requirements is how long it takes to restart the production process if it stops. There are some continuous processes that may take hours or even days to restart after a shutdown. The longer the restart, the more important the redundancy.
Also, the requirement for process shutdown is important. Chemical and refining processes cannot shut down in a disorderly manner without catastrophic consequences. Through these systems you will find specialist suppliers who manufacture triple redundant safety shutdown systems with triple redundant inputs and outputs and complex two thirds voting schemes to ensure that the process is kept orderly no matter what reduce! Logically, there is no single point of failure in a fully redundant system. Every hardware or software component needs to be redundant, or support a redundant architecture as needed.
as a control engineer
, your job is to find the level of redundancy that is right for your process, and then determine which system components are most likely to cause failure, and how much redundancy those components need to achieve the desired level of system reliability.
Common redundant areas, these are areas that users often hear when integrating software applications into automation systems.
Network redundancy:
The goal of network redundancy is to prevent loss of connectivity to other systems over the network. Whether this matters to you mostly depends on the type of system you’re running. A standalone HMI communicating with a single PLC, directly connected to the PLC, otherwise only has network access as a “nice” feature, redundancy may not be needed.
with multiple operator stations via Ethernet
Multiple PLCs connected, PLCs connected to drives via Ethernet, multiple servers or systems communicating between systems can have severe redundancy requirements. If the cost associated with losing network connectivity means that your process may stall and spin out of control is unacceptable, then you will need to have a redundant network at this point.
This may involve redundant network cabling
, switches, possibly rings, and any other network infrastructure to ensure that network traffic will always work even if one of the networks fails. The goal is to provide redundant communication paths
At the PC or server level, you may need redundant network cards in the computer
(NIC). That way, if the primary NIC fails, network traffic can use the backup NIC.
No matter how much redundancy you have, the software you use for data collection, logging and reporting needs to be able to work smoothly with your architecture through failover. Some parts of the network infrastructure are transparent to computers and software, and may not require any special functionality in the software. Typically, redundant network switches falls into this category.
When you start using redundant network cards in your computer and redundant network paths with different IP addresses
When reaching the same target device, your data collection software (such as OPC server software) may need to be set up to know when it should fail over to the backup network.
Control hardware redundancy:
PLCs running tasks critical to production are also common. The idea is to provide redundancy for control equipment. Typically, this is an area where your data collection software also needs to support redundancy.
If you are using OPC server software and have redundant PLCs, the software that communicates with those PLCs must be able to support the architecture. The software needs to know which PLC is the primary and which is the secondary, what conditions would cause a failover to the secondary PLC, and when to switch back to the primary PLC.
Ideally, the software will also provide you with the means to monitor and display the PLC (primary or secondary) that the OPC server is communicating with in your HMI, SCADA or alarm system.
Software and IT hardware system redundancy:
We don’t want to stop here and let the computer our OPC server runs be a single point of failure. This means we need redundant OPC servers on redundant PCs. For this purpose, our OPC clients are able to support redundant OPC servers.
Support for redundant OPC servers means that OPC clients – your HMI/SCADA system, alarm system, MES system or other systems – will need to know which OPC server to communicate with. You’ll also need to decide if you want two OPC servers to poll your device at the same time, or if you want one OPC server to poll, with backups on standby instead of polling. This is the OPC client in the OPC master-slave architecture by managing the active status of items in the OPC server
(OPC client to OPC server), so it is possible to achieve the above two situations.
Most OPC clients do not handle these details of redundancy management. Some HMI/SCADA systems support redundancy, but sometimes it involves scripts and other custom-written code. Therefore, in many cases, you need a software to manage and optimize the connection to two OPC servers. Your OPC client and redundancy management software
Dialogue as if it were an actual OPC server.