The Evolution of the APS Beamline Personnel Safety System (PSS) Work supported by U.S. Department of...
-
Upload
gervais-cole -
Category
Documents
-
view
214 -
download
0
Transcript of The Evolution of the APS Beamline Personnel Safety System (PSS) Work supported by U.S. Department of...
The Evolution of theAPS Beamline Personnel Safety
System (PSS)
Work supported by U.S. Department of Energy, Office of Science, Office of Basic Energy Sciences, under Contract No. DE-AC02-06CH11357
Phil McNamara-PresenterKenneth BelcherGreg MarkovichAdvanced Photon SourceSafety Interlocks Group
2
PSS History Overview
GENERATION 1Chain A Chain B
AB PLC 5 GE 90-70ESD ESD
C&C Hardwired I/O Interface
LED & PB HMI2 Day Validations
GENERATION 2Chain A Chain B Chain C
AB PLC 5 GE 90-70 PC .ESD ESD C&C
Hardwired I/O InterfaceTouchpanel HMI2 Day Validations
GENERATION 1UChain A Chain BAB PLC 5 GE RX7i
ESD ESD C&C
Hardwired I/O InterfaceLED & PB HMI
Acceptance Test performedResulting in 1/2 Day Validations
GENERATION 1MChain A Chain B
AB PLC 5 GE 90-70ESD ESD
C&C Hardwired I/O Interface
LED & PB HMI2 Day Validations
Analog Modules & Latch Chain B
GENERATION 3UChain A Chain B Chain C
Contrologix Contrologix ContrologixESD ESD C&C Circuit Board I/O Interface
Touchpanel HMIAcceptance Test performed
Resulting in 1/2 Day Validations
GENERATION 3Chain A Chain B Chain C
Contrologix Contrologix ContrologixESD ESD C&C Circuit Board I/O Interface
Touchpanel HMI2 Day Validations
3
GEN1 PSS Processors:
– Dissimilar: • Chain A - Allen Bradley (AB) PLC5 – ESD, C&C intermixed• Chain B - General Electric (GE) 90-70 – ESD only – Faults were not latched
Programming Languages– Dissimilar :
• Chain A – Ladder Logic• Chain B – State Logic, Ladder Logic and MegaBasic
HMI: – LEDs and mechanical PBs
I/O Interface:– Hardwired to terminal blocks– Inconsistent addressing
DIW Monitoring– LOVE process controllers, binary output, 1 channel per station
Validations– Invasive, 2-3 days
• Hardwired Front-End Simulator• Laptops running DOS (Windows 98)
Communication – Relay isolation for signals between chains (status, permits, and heart beat)– One-way communication to EPICS
• Chain A – DH+ through a Data Communications Module (PLC writes only, no read functions)• Chain B – RS232 through a Processor Control Module (PLC writes only, no read functions)
4
GEN1 PSS
Chain AEmergency Shutdown and
Command and Control PLC
Chain BEmergency Shutdown PLC
ACIS
Air Supply
Global OnlineSolenoid
SafetyShutter 1
SafetyShutter 2
Photon Shutter 2
IntegralShutters
Beam Line
Station A
WD
T
SR Trip/Fault
Photon
Shutter 1
Open status
Closed status
Open status
Open status
Open status
Closed status
Closed status
SR Trip/Fault
WD
T
Stati
on A
Sea
rche
d
Stati
on A
Bea
m R
eady
Closed status
Doo
r clo
sed
Doo
r clo
sed
Esto
pEs
top
Open status
Open status
Closed status
Note: No closed switch status for PS1 to ACIS
5
GEN1 PSS
Beamline vacuum sensors
Beamline components
DIW flow sensors
Beamline EPS
PSSBeamline Control System
( Station Enclosure)
User Panels( Pushbuttons, keyswitches and LED
Indicators)
PSS PLCFront - End Control System
( Mezzanine Rack)
PSS EPICS
IOC
FEEPS EPICS IOC
Storage Ring MPS
Front - End vacuum valves position
( SV , FV , FEV , BIV )
Front - End components
DIW flow sensors
Front - End vacuum sensors
FEEPS ( Mezzanine Rack)
Remote IO link
ACIS Sector Interface Enclosure
ACIS IOC
Front - End Shutters
BL Shutter status
Beamline component DIW flow sensors
Relay contact from Love Controllers
Solenoidcontrol
Solenoid control
Closed switchesFE shutter permit
GOL key status
Open switches
Closed switches(except PS1)
ACIS PLC( Main Control
Room)
FES Closed status
PS 1 open requestFE shutter permit
FES Open status
PSS SR trips
Shutter air supplyPressure sensors
BL Shutterpermits
Beamline Shutters(1 , 2 or 3 )
Hutch doors
Search stations
E - stop buttons
Remote I/O link
ACISControlled Equipment
( RF & Dipole)
FE shutter & vacuum permit
FE shutter & valve status
Beamline PSS interface diagram
Up to 6 stations
Beamline valves
position
Remote Shutter
Interface
Air supply shutoff (except PS1)
6
GEN1 PSS
1. The Front-End Shutter (FES) Simulator is connected.• The Front-End Shutters are critical devices that can’t be operated during the validation. Therefore
their operations and statuses must be simulated.• The connectors on the Front-End Relay Distribution Panel (FERDP) for the Front-End Shutters (FES),
Access Control Interlock System (ACIS), Front-End Equipment Protection System (FEEPS), De-Ionized Water (DIW) and Beamline Equipment Protection System (BLEPS) systems are unplugged and the simulator connectors are plugged in their place.
• The simulator allows the operator to manipulate and monitor the signals normally supplied by these devices and/or systems.
2. An Input/Output Validation is performed.• Verify that each device is properly functioning and wired to the assigned input or output of the
Emergency Shut Down (ESD) system’s PLC.• Verify chain independence.
3. A Functional Test (Validation) is performed.• The system is monitored for proper response to inputs from the field devices and/or the simulator
for each test case.• In order to facilitate specific test cases for critical devices, the Station User Panel (15U) connectors
are unplugged, and a test box is plugged in series with the existing devices.• This test box is used to interrupt the signals from the field devices to simulate individual tests cases.• After these particular tests are done, the test box is unplugged and the connectors are plugged back
into their original receptacles.• This process is repeated at each 15U several times during the validation.
4. At the end of the Functional Validation, the FERDP simulator is unplugged and the connectors are plugged back in, and a functional test of the front end components is performed.
Testing Methodology
11
1. Disconnecting the real I/O for validation is invasive.2. Problems in reconnecting the real I/O.
• Not reconnected in the proper location• Not seated fully• Connectors or wires broken during the process
3. Maintaining laptops that are compatible with Windows 98 & DOS.
GEN1 PSS Testing Methodology Problems
12
GEN2 PSS Processors:
– Dissimilar• Chain A - AB PLC5, ESD• Chain B - GE 90-70, ESD• Chain C - Industrial computer utilizing Siemens I/O, Command & Control
Programming Languages– Dissimilar :
• Chain A – Ladder Logic• Chain B – State Logic, Ladder Logic and MegaBasic• Chain C – Cimplicity soft PLC (Wonderware)
HMI: – Soft Panel displays & controls
I/O Interface:– Hardwired to terminal blocks
DIW Monitoring– LOVE process controllers, binary output, 1 channel per station
Validations– Invasive, 2-3 days
• Front-End Simulator• Laptops running DOS (Windows 98)
Communication – Relay isolation for signals between chains (status, permits, and heart beat)– One-way communication from ESD systems to Chain C using Profibus (ESD systems write only, no read functions)– Profibus between Chain C and EPICS
13
GEN3 PSS Processors:
– Similar - AB ControlLogix L61• Chain A – ESD• Chain B – ESD • Chain C – Command & Control
Programming Languages– Ladder Logic
HMI: – Soft Panel displays and controls
I/O Interface:– Hardwired to Circuit Boards– Consistent locations
DIW Monitoring– Initially LOVE process controllers, binary output,
1 channel per station– Migrated quickly to Analog modules in the ESD PLCs
Validations– 2-3 days
• All I/O simulated (Diode injection)• Touch Panel HMI
Communication – Electronic isolation for signals between chains (status, permits, and heart beat)– One-way communication from ESD systems to Chain C using Profibus (ESD systems write only, no read functions)– Profibus between Chain C and EPICS
14
Chain-CCommand & Control (C&C) PLC
E
P
I
C
S
Chain AEmergency Shutdown (ESD) PLC
ACIS –PSSInterface
Air Supply
Global On/Off Line
Station A Door Control
HMI &Non Critical I/O
PhotonShutter 2,
SafetyShutter 1,
SafetyShutter 2
IntegralShutters
Beam Line
Station BSafety I/O
HMI
Station ASafety I/O
HMI
WDT, Cross Trip,
Search Status, etc
GEN3 PSS
FES limit switches are not shown but are interfaced the same as GEN1 PSS with ACIS connected directly to FES closed limit switches. ACIS does not monitor PS1 closed limit switches.
Chain BEmergency Shutdown (ESD) PLC
Station B Door Control
data
data
15
Beamline vacuum sensors
Beamline components
DIW flow sensors
Beamline EPS
PSSBeamline Control System
( Station Enclosure)
User Panels( HMI’s and key
Switches)
PSS PLCFront - End Control System
( Mezzanine Rack)
PSS EPICSIOC - RSI & Clock Sync
FEEPS EPICS IOC
Storage Ring MPS
Front - End vacuum valves position
( SV , FV , FEV , BIV )
Front - End components
DIW flow sensors
Front - End vacuum sensors
FEEPS ( Mezzanine Rack)
Remote IO link
ACIS Sector Interface Enclosure
ACIS IOC
Front - End Shutters
BL Shutter status
Beamline component DIW flow sensors
Analog PLC modulesdirect to transducers (8)
Solenoid control
Closed switchesFE shutter permit
GOL key status
Open switches
Closed switches (except PS1)
ACIS PLC( Main Control
Room)
FES closed status
PS1 Open requestFE shutter permit
FES Open status
PSS SR trips
Shutter air supply Pressure sensors
Chain A only
BL Shutterpermits
Beamline Shutters (1,2 or 3)
Hutch doors
Search stations
E - stop buttons
Remote I/O link
ACISControlled Equipment
( RF & Dipole)
FE shutter & vacuum permit
FE shutter & valve status
Up to 8 stations
Beamline valves
position
Air supply shutoff (except PS1)
GEN3 PSSBeamline PSS interface diagram
PSS Trip Test
SolenoidControl
MEZZIE
16
1. A testing system is connected in parallel.• The Front-End Shutters are critical devices that can‘t be operated during the validation.• A HMI & PLC are connected to all 3 PLCs via Ethernet.• When the Test Cover is lifted the Front-End Shutters solenoid outputs and ACIS SR Permit are disconnected through
relays.• The HMI system will allow the operator to monitor signals coming from the PSS.
2. An I/O Validation is performed.• This will still be done to verify that each device is properly functioning and wired to the assigned input or output of the
Emergency Shut Down (ESD) system’s PLC.• Verify chain independence.
3. A Functional Test (Validation) is performed.• The Validation injection hardware is connected with no field device disconnections. • The power supplies are disconnected from the field devices via electro-mechanical relays via the Validation system.• The Validation system will allow the operator to manipulate all inputs going to the PSS.• The ESD system can be monitored for proper response to inputs.• All test case scenarios can be simulated.
4. At the end of the Functional Test, the Validation system is disconnected.
5. The field devices, inputs and outputs are re-enabled with none of the PSS wiring being disturbed.
6. The method of disabling and re-enabling the PSS inputs and outputs is failsafe.
GEN3 PSSTesting Methodology
17
1. Once the Validation system is connected, there is no unplugging and plugging in of connectors during the functional test.
2. The I/O Validation uses a touch panel HMI instead of laptop computers.3. All inputs are disabled via relays instead of being unplugged. 4. All functional testing is done via injection of test signals. This allows for a full functional test of the system
to be performed. 5. Upon completion of the functional test, the critical devices are re-enabled instead of reconnected.
GEN3 PSSTesting Methodology – Key Changes
18
Door Switch
Shutter ClosedLimit Switch
Shutter OpenLimit Switch
+24V
PSS
1 Power is supplied to the PSS field device inputs via CR12 Signals from the field devices pass through the series diodes
D1
D2
D3
CR1
1
Connections for the Validation System
2
GEN3 PSSTesting Methodology
Normal Operation-Validation System not connected
19
Door Switch
Shutter ClosedLimit Switch
Shutter OpenLimit Switch
+24V
PSS
Disable power to
field devices
Injected Test Signals
Test Mode
Enabled
Bus Monitor
1 Power is still supplied to the PSS field device inputs via CR12 Chain C verifies Validation System is connected to turn OFF its outputs
CR1
1
Removable Test Connector
2
GEN3 PSSTesting Methodology -Validation System connected
20
Door Switch
Shutter ClosedLimit Switch
Shutter OpenLimit Switch
+24V
PSS
Disable power to
field devices
InjectTest Signals
Test Mode
Enabled
Bus Monitor
CR1
1
Removable Test Connector
GEN3 PSSTesting MethodologyValidation System connected
1 Power is removed from the PSS field device inputs via CR12 The Validation System verifies field device power is disabled3 Test signals can now be injected for functional testing
32
21
1 Front-End Shutter (FES) operations and Storage Ring Permit enabled via 4-pole relays
2 All systems can verify FES is disabled3 Outputs are monitored for proper operation
GEN3 PSSTesting Methodology - Disabling of FES
Validation System connected
1
P S 1 O P E N TO V A L I D A TI O N S Y S TE M
O A _ P S 1 _ P E R M I TO B _ P S 1 _ P E R M I T
I N J E C TE D F R O M V A L I D A TI O N S Y S TE M
O C _ P S 1 _ O P E N _ C O M M A N D
V C
PS1 Solenoid
M e zz Te s t C o v e r M E Z Z I E O v e rr id e S t a t io n A Te s t C o v e r S t a t io n X Te s t C o v e r
V C -C O M
V C -C O M
I A _ F E S _ C O N N E C TE D
V B -C O MV A -C O M
O A _ S TO R A G E _ R I N G _ P E R M I TESD-A STORAGE RING PERMIT TO ACIS
V A
32
26
1. The connectors used in the Validation system are Multi Pin (~120) and are very fragile.
2. Real equipment is only exercised during the I/O validation.
GEN3 PSSTesting Methodology Problems
27
The GEN1 Mini-UpgradeGEN1 PSS with the following important but quick and cheap fixes
Hardware Changes– Changed the DIW monitoring to analog modules in the ESD PLCs (default set points are loaded at power up and allow adjust
via HMI thereafter).– Added Chain B Fault Lights to the Panel.
Software Changes– Modified Chain B code to require a reset before re-granting Storage Ring Permit .– Modified Chain B code to indicate a flow fault condition by blinking the new Chain B Minor Fault LED. – Modified Chain B code so that any remote block to PLC communication loss will latch a fault, remove all shutter permits, and
indicate a fault via blinking Chain B Fault LED. – Modified Chain A code so that the Storage Ring Permit was not a latched signal.– Modified Chain A code to lose station "Searched" status when it sees a Crash button pressed.– Modified Chain A code to generate a “Chain B Shutter Permit Lost" minor fault when a shutter is open and the
corresponding Chain B shutter permit goes low. – Modified Chain A code to add a “quick search” when a signal, only available when the FES simulator is connected to the
FERDP during validations, is asserted.– Modified Chain A code to lose search status for all stations any time a remote I/O communications fault exists.– Modified both Chains A & B to add a DIW bypass signal which is only available when the FES simulator is connected to the
FERDP during validations, is asserted.– Modified both Chains A & B to remove all Shutter permits when the Storage Ring Permit is removed.
28
The GEN1 Upgrade Processors:
– Redundant and Dissimilar: • Chain A - AB PLC5 ESD and C&C in Separate routines• Chain B - GE RX7i, ESD
Programming Languages– Similar :
• Chain A – Ladder Logic• Chain B – Ladder Logic and C++
HMI: – LEDs and mechanical PBs
I/O Interface:– Hardwired to terminal blocks– Software mapping of all I/O for standardization
DIW Monitoring– Analog modules in the ESD PLCs
Acceptance testing– Done in Lab (when changes are made or every 5 years) using a Wonderware-based software simulator
Validations– Annual, Noninvasive, 1/2 day
• Touch Panel HMI Simulating the Front-End Shutters Communication
– Relay isolation for signals between chains (status, permits, and heart beat)– One-way communication to EPICS
• Chain A – DH+ through a Data Communications Module (PLC writes only, no read functions)• Chain B – RS232 through a Processor Control Module (PLC writes only, no read functions)
29
The GEN1 Upgrade A thorough and concise specification document Each PLC chain separates logic routines - functionally
– Input and Output map(s)– ESD – immediate radiation hazard - logic
• Storage Ring Permit removing faults and trips– ESD – potential radiation hazard - logic
• Front-End Shutter Permit removing faults and trips• Beamline Shutter Permit removing faults and trips
– Command and Control logic (Chain A only)– Status logic– Warning logic
Major, Serious, and Minor Faults were changed to Faults, Trips, and Warnings with much clearer diagnostics for troubleshooting
ESD Permits driven by real equipment status rather than resulting fault codes Standardized station addressing (100s = Station A, 200s = Station B) Chain B reports the faults and trips Chain B looks at Search status from Chain A at the leading edge of the searched signal Doors locked when the search is complete, eliminating many Lock and Unlock buttons. Each station now has Beam Ready, Fault/Trip, and No Access Allowed indicators.
Software Changes
GEN 1 Upgrade PSS
30
Chain AEmergency Shutdown and
Command and Control PLC
Chain BEmergency Shutdown PLC
ACIS
Air Supply
Global OnlineSolenoid
SafetyShutter 1
SafetyShutter 2
Photon Shutter 2
IntegralShutters
Beam Line
Station A
WD
T
SR Trip/Fault
Photon
Shutter 1
Open status
Closed status
Open status
Open status
Open status
Closed status
Closed status
SR Trip/Fault
WD
TStati
on A
Sea
rche
d
Cros
strip
Cros
strip
Stati
on A
Bea
m R
eady
Closed status
Doo
r clo
sed
Doo
r clo
sed
Esto
pEs
top
Closed status
Open status
Open status
Closed status
ACIS now monitors PS1 as a backup for PS2Chain B PS1 Permit addedSearch Status from A to B is now leading edge triggerCross-trips were added
Hardware Changes
31
Beamline vacuum sensors
Beamline components
DIW flow sensors
Beamline EPS
PSSBeamline Control System
( Station Enclosure)
User Panels( Pushbuttons, keyswitches and LED
Indicators)
PSS PLCFront - End Control System
( Mezzanine Rack)
PSS EPICS
IOC
FEEPS EPICS IOC
Storage Ring MPS
Front - End vacuum valves position
( SV , FV , FEV , BIV )
Front - End components
DIW flow sensors
Front - End vacuum sensors
FEEPS ( Mezzanine Rack)
Remote IO link
ACIS Sector Interface Enclosure
ACIS IOC
Front - End Shutters
BL Shutter status
Beamline component DIW flow sensors
Analog PLC modulesdirect to transducers (8)
Solenoidcontrol
Solenoid control
Closed switchesFE shutter permit
GOL key status
Open switches
ALL Closed switches
ACIS PLC( Main Control
Room)
FES closed status
PS1 Open requestFE shutter permitEPICS clock sync
FES Open status
PSS SR trips
Shutter air supply Pressure sensors
Chain A only
BL Shutterpermits
Beamline Shutters (1,2 or 3)
Hutch doors
Search stations
E - stop buttons
Remote I/O link
ACISControlled Equipment
( RF & Dipole)
FE shutter & vacuum permit
FE shutter & valve status
Up to 6 stations
Beamline valves
position
Remote Shutter
Interface
Air supply shutoff (except PS1)
GEN1 Upgrade PSSBeamline PSS interface diagram
32
• Internal memory tables were created to map all beamline I/O to a common addressing scheme (I/O wiring is not consistent across all beamlines).
This allows the Acceptance and Validation Systems to have a single program for all beamlines. This allows the Acceptance and Validation Systems to control where the inputs to the ESD logic
originate (i.e., from either real world devices or software signals). This allows the Acceptance and Validation Systems to simulate the Front-End Shutters and other
critical signals.
Testing Methodology
GEN1 Upgrade PSS
33
• Before PLC code is downloaded for testing at a beamline, testing is performed in a lab simulator called the Acceptance Test System (ATS)
• The ATS procedures tests ALL of the PLC logic
• ESD – immediate radiation hazard - logic (each fault and trip tested n+1 times)• Storage Ring Permit removing faults and trips
• ESD – potential radiation hazard - logic (each fault and trip tested n+1 times)• Front-End Shutter Permit removing faults and trips• Beamline Shutter Permit removing faults and trips
• Command and Control logic
• Warning logic
Testing Methodology – The ATS
GEN1 Upgrade PSS
34
Acceptance Test SystemGEN1 Upgrade PSS
SIMULATED OUTPUTS
ALLLOGIC
FAULT/TRIP DISABLE
QUICKSEARCH
ACCEPTANCE TEST SYSTEM HMI
AllInputs
INTERNAL INPUT STATUS
Cross Trip INHIBIT
INTERNAL OUTPUT STATUS
DISABLE REALINPUTS
SIMULATED ALL INPUTS
INTERNAL INPUT TABLE
INTERNAL OUTPUT TABLE
OUTPUT IMAGE TABLE
INPUTIMAGE TABLE
35
• I/O validation is performed first to verify that all beamline input and output devices operate correctly and are mapped properly to internal memory tables
• The VTS procedures perform testing for ONLY the following PLC logic• ESD – immediate and potential radiation hazard - logic
• Storage Ring Permit removing faults and trips• Shutter Permit removing faults and trips
• After a Validation is complete, the Validation System is disconnected from the PSS and the PSS returns to normal with no residual data (created by the Validation System) remaining in the data tables of the PLCs.
• It is of utmost importance to ensure the real inputs are mapped to the internal files/bits and no faults or trips are blocked after the Validation System is removed. This is accomplished by the following method: – A pulse, originating from the Validation System, must be present to activate any of these Validation System
functions in the PLCs.– Perform End-to-End Test (PSS input through ACIS output to dump beam).
Testing Methodology – The VTS
GEN1 Upgrade PSS
36
Validation Test System GEN1 Upgrade PSS
ACIS SRPERMIT
L E D S
A L L O TH E R I N P U TS
I/O TESTENABLE
ESDLOGIC
SIMULATED OUTPUTS(for I/O check)
KEYSW
FESsolenoids& manualdoor lockcommands
QUICKSEARCH
DISABLE REALOUTPUTS
ALL OTHER OUTPUTS
L E D
VALIDATION SYSTEM HMI
Some inputsdepends ontest type
INPUTMODULE
All others
OUTPUTMODULE
INTERNAL INPUT STATUS
INTERNAL OUTPUT STATUS
Cross Trip INHIBIT
L I M I T S W I TC H E S
P U S H B U TTO N S
All others
MEZZIE
DISABLE REALINPUTS
DOOR LOCKS
V+
SIMULATED INPUTS
PS
S F
EIL
D I
/O
OUTPUT IMAGE TABLE
INPUTIMAGE TABLE
INTERNAL INPUT TABLE
INTERNAL OUTPUT TABLE
SHUTTERSOLENOIDS
Trapped DoorLimit SW Disable
38
Functional Validation screen manipulates FES switches to create trips and faults
GEN1 Upgrade PSS
39
Main Functional Validation screen contains mezzanine based signals and allows Validator to monitor SR Permit status
GEN1 Upgrade PSS
40
Processors: – Similar - AB ControlLogix L61
• Chain A – ESD• Chain B – ESD • Chain C – Command & Control
Programming Languages:– Ladder Logic
HMI: – Soft Panel displays and controls
I/O Interface:– Hardwired to Circuit Boards– Software mapping of all I/O– Diagnostic Modules on Front-End Shutter I/O
DIW Monitoring– Analog modules in the ESD PLCs
Acceptance Testing– Done in Lab (when changes are made or every 5 years) using a Wonderware-based software simulator
Validations– Annual, Noninvasive, 1/2 day
• Touch Panel HMI simulating the Front-End Shutters Communication
– Electronic isolation for signals between chains (status, permits, and heart beat)– One-way communication from ESD systems to Chain C using Produced and Consumed Tags over Ethernet– Ethernet between EPICS and Chain C using Produced and Consumed Tags
GEN3 Upgrade PSS
41
APS PSS ComparisonGen 1 Gen 2 Gen 3 Gen 1U Gen 3U
Hardware
AB - PLC5-30 AB - PLC5-30 3 - AB Contrologix L61‘ AB - PLC5-30 3 - AB Contrologix L61
GE - 90-70 GE - 90-70 GE - RX7i
Industrial Computer with Semiens I/O
Discrete panel interfaces GE - Soft panel displays AB - Soft Panel displays Discrete panel interfaces AB - Soft Panel displays
Love Controllers Love Controllers Love Controllers /Analog Modules Analog Modules Analog Modules
I/O Interface Hardwired - No Standard Hardwired - No Standard Circuit board - Standardized Hardwired - No Standard Circuit board - Standardized
Mapped in Logic to standardize Mapped in Logic
Communication to EPICS
AB - DH+ Profibus through Chain C Profibus through Chain C AB - DH+ Ethernet through Chain C
GE - Serial GE - Serial Produce & Consumed Tags
Software
Chain A - ESD and C&C combined Chain A - ESD only Chain A - ESD onlyChain A - ESD and C&C in separate
routines Chain A - ESD only
Ladder logic Ladder logic Ladder logic Ladder logic Ladder logic
Chain B - ESD only Chain B - ESD only Chain B - ESD only Chain B - ESD only Chain B - ESD only
State, Ladder and MegaBasic State, Ladder and MegaBasic Ladder logic Ladder logic & C++ Ladder logic
Chain C - C&C Chain C - C&C Chain C - C&C
Wonderware Ladder logic Ladder logic
Acceptance TestingNone None None Done in Lab utilizing Wonderware Done in Lab utilizing Wonderware
Testing All Logic (safety, C&C and
diagnostic)Testing All Logic (safety, C&C and
diagnostic)
System Validation
Invasive Invasive Non invasive Non invasive Non invasive
- DOS Based PCs - DOS Based PCs Touch Panel HMI Touch Panel HMI Touch Panel HMI
- Hardwired FES Simulator - Hardwired FES Simulator - Diode injection - simulating FES - simulating FES
- all other I/O is real - all other I/O is real- Contrologix processor with Seimens
I/O - all other I/O is real - all other I/O is real
- simulating all I/O All Logic is tested (safety, C&C and
diagnostic)All Logic is tested (safety, C&C and
diagnostic)All Logic is tested (safety, C&C and
diagnostic)Only ESD – prompt radiation hazard -
logic is testedOnly ESD – prompt radiation hazard -
logic is tested