Alternative technologies for interlocking HIMA Planar 4 T

  • Slides: 15
Download presentation
Alternative technologies for interlocking: HIMA Planar 4 T. Hakulinen, F. Havart, P. Ninin, T.

Alternative technologies for interlocking: HIMA Planar 4 T. Hakulinen, F. Havart, P. Ninin, T. Ladzinski PLC workshop, CERN 02. 2016

Interlock technologies at CERN • PLC – Personnel safety systems (LASS, PASS, SPS, …)

Interlock technologies at CERN • PLC – Personnel safety systems (LASS, PASS, SPS, …) – Machine protection • Relay-based – Personnel safety systems (LASS and PASS redundant chains) • FPGA or ASIC – Machine protection – FPGA being tested in personnel protection • Logic cards – Personnel protection (North Area primary ion interlock)

Planar 4 by HIMA • HIMA Paul Hildebrandt Gmb. H + Co KG –

Planar 4 by HIMA • HIMA Paul Hildebrandt Gmb. H + Co KG – German family-owned enterprise – Only deals in safety systems (PLCs and wired logic) • Planar 4 is a product line of hard-wired logic cards, which can be used to build arbitrary safety logic • All cards are designed safety-related with active monitoring of all critical functions • Most Planar 4 cards are certified for use in SIL 4 systems according to IEC 61508 • Used extensively in critical process safety applications (oil rigs, chemical plants, etc. ) as well as people transport systems • Logic implemented on the rack-level, defective cards can be easily exchanged

Planar 4 modules • Basic logic modules: AND, OR, NOT/block (4 -8 gates per

Planar 4 modules • Basic logic modules: AND, OR, NOT/block (4 -8 gates per module) • I/O: line monitored connections (circuit break, short circuit) • Timing/delay modules (SIL 3 instead of SIL 4 due to a bit of firmware on chip) • Communications / monitoring via Profibus, Modbus, or OPC • Installation in standard 19 inch sub-racks

Safety-related design • All Planar 4 cards implement safety-related logic, i. e. , minimized

Safety-related design • All Planar 4 cards implement safety-related logic, i. e. , minimized failure probabilities and known failsafe states • Example: AND gate A simple relay-based AND gate HIMA Planar 4 AND-gate. The internal design is based on dynamic signaling driven by a signal generator. A simultaneous failure of up to three separate components leads to the output being de-energized.

Programming Planar 4 • The programming interface is “vintage”: – Wrapping or soldering on

Programming Planar 4 • The programming interface is “vintage”: – Wrapping or soldering on the sub-rack backplane – Pro: robust and guaranteed against accidental modifications – Con: even small modifications hard: often have to unsolder other stuff to access the pins Planar 4 rack in the development phase when the connections were not yet soldered but attached with clips

Programming Planar 4 (2) • Performance: – Individual HIMA modules can have internal processing

Programming Planar 4 (2) • Performance: – Individual HIMA modules can have internal processing delays of up to tens of milliseconds (downside of that safety-related design) – Consequently, reaction time of the full logic chain can be hundreds of milliseconds • Optimization: – Implement critical logic paths using OR-gates (simple diode bridge, minimum delay) – Using De Morgan’s theorem: AND-gate = OR-gate with inputs and outputs inverted – Drawback: logic may become somewhat “unnatural” and harder to understand • If you need more complexity… – Remember: only basic gates available – More complicated logic elements (latches, flip-flops, complementary ambivalent I/O) must be constructed from the basic elements

Application: SPS North Area primary ion interlock • Problem: – Need to mix high-intensity

Application: SPS North Area primary ion interlock • Problem: – Need to mix high-intensity proton (for LHC etc. ) and low intensity primary ion cycles (for NA 61 experiment) within the same SPS supercycle to optimize SPS usage – Primary ions are extracted towards the North Area with the usual secondary beam line elements removed – Accidentally extracting a high-intensity proton beam towards the North Area would create a serious radiation hazard • Solution: – A special safety interlock to measure beam intensity and interlock extraction towards the North Area if intensity too high – Two separate safety chains: PLC (Siemens S 7) and wired (HIMA logic cards) for redundancy and diversity as required by host state nuclear authorities – Pilot implementation of the wired chain with logic cards instead of relays

Primary ion interlock: where • SPS ring is 7 km in circumference • Interlock

Primary ion interlock: where • SPS ring is 7 km in circumference • Interlock sensors at point 5 • Interlock actuators at the opposite side at point 2 • Interlock logic in-between at the CERN Control Center • Cabling in the SPS tunnel (copper for HIMA, Fiber optic for PLC)

Primary ion interlock: equipment Sensors: Two Beam Current Transformers (BCT) at SPS point 5

Primary ion interlock: equipment Sensors: Two Beam Current Transformers (BCT) at SPS point 5 Actuators: Two power converter racks and extraction magnets at point 2 Interlock rack (PLC and wired) at CERN Control Center

Primary Ion interlock: HIMA sub-rack • One HIMA Planar 4 sub-rack to contain all

Primary Ion interlock: HIMA sub-rack • One HIMA Planar 4 sub-rack to contain all modules: Fuse Delay Block AND OR Input Block Profibus

Primary Ion interlock: logic From a simple logic in principle… …to a much more

Primary Ion interlock: logic From a simple logic in principle… …to a much more complicated logic in practice.

Primary ion interlock: supervision • Supervision via the Profibus communications module – Every gate

Primary ion interlock: supervision • Supervision via the Profibus communications module – Every gate of every card can be monitored – Data acquisition by a PLC, which in turn connected to CERN Technical Network • Data/event logging and a simple graphical interface via TIM

Return of experience • In use now since beginning of 2015 during two primary

Return of experience • In use now since beginning of 2015 during two primary ion runs • No malfunctions detected • HIMA Planar 4 pros: – – Certified for use in high safety level systems (SIL 3/4) Maintenance of the finished system is quite straightforward Very easy to supervise and monitor Fairly well scalable • Cons: – Rigid implementation, hard to change – Relatively slow reaction times – Large implementations become costly

Thank You

Thank You

HIMA Products Sales Argumentation Railway segment HIMA PhilosophieHIMA Products Sales Argumentation Railway segment HIMA Philosophie
Railway Signalling Solutions Interlocking Level Crossing HIMA asRailway Signalling Solutions Interlocking Level Crossing HIMA as
Indonesian Gamelan Music Interlocking Rhythms Interlocking Worlds ChapterIndonesian Gamelan Music Interlocking Rhythms Interlocking Worlds Chapter
Indonesian Gamelan Music Interlocking Rhythms Interlocking Worlds ChapterIndonesian Gamelan Music Interlocking Rhythms Interlocking Worlds Chapter
Planar graphs Algorithms and Networks Planar graphs CanPlanar graphs Algorithms and Networks Planar graphs Can
Planar straight line graph A planar straight linePlanar straight line graph A planar straight line
Planar Graphs Graph G is planar if itPlanar Graphs Graph G is planar if it
Planar point location example 1 Planar point locationPlanar point location example 1 Planar point location
Optimization of planar pixel detector T Habermann PlanarOptimization of planar pixel detector T Habermann Planar
Planar point location example 1 Planar point locationPlanar point location example 1 Planar point location
Planar Ultra Res Touch June 2013 Planar UltraPlanar Ultra Res Touch June 2013 Planar Ultra
Alternative Education KIDS Program Alternative Middle School AlternativeAlternative Education KIDS Program Alternative Middle School Alternative
Alternative Education Alternative Middle School Alternative High SchoolAlternative Education Alternative Middle School Alternative High School
HIMA 4160 Fall 2009 Internet and WWW OverviewHIMA 4160 Fall 2009 Internet and WWW Overview