Plc Compare
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Plc Compare as PDF for free.
More details
- Words: 3,364
- Pages: 7
System Comparison
Page 1 of 7
System Comparison Safety Related Programmable Logic Controller (PLC) No.
Main marketing area: Geographical/ Customer
Fault tolerance Main marketing area: area of business/ processes
possible system structures
AK
Chemical, Petro-chemical, Off-Shore, BMS Chemical, Petro-chemical, Off-Shore, BMS Petro-chemical, in Off-Shore Nr.1
1oo1D 1oo2D
4,SIL2 6,SIL3
2oo3 2oo3
6 6
AK5 without
2oo3 2oo3
5 6
without AK5 without
1oo1D 1oo2D 1oo2D 1oo2 1oo2 1oo1, 1oo2 CPU, I/O 2oo2, 2oo2 CPU, I/O
4 5 6 6, SIL3? 6 SIL3 SIL3
without with 72h with 1h 0h 0h 0h without without 72 h 1h without (no cert.)
Manufacturer
Product title
1.
ABB Industri AS
Advant Safeguard 400
world-wide
2.
ABB Industri (former August Systems) ICS Triplex
CS386 Triguard SC300E
world-wide
Regent Trusted ICS (TMR, RISC-µP) Quadlog
Middle East, Russia, USA, Latin America world-wide
S5-95F S5-115F S7-400F
world-wide
Chemical, Off-Shore, FPSO all
all
all
world-wide (>1200 systems)
Chemical, Petro-chemical, Off-Shore, BMS
1oo2D 1oo2D 2oo2D 2oo4D
4 5 6 6,SIL3
world-wide (>2000 systems) Exxon, Shell,Elf world-wide NAM, Shell
Chemical, Petro-chemical, Off-Shore, BMS Petro-chemical, Off-Shore
2oo3 2oo3 2oo3 1oo2 2oo3 1oo1D 1oo2D
5 6 6,SIL3 6 6 4 6
2oo2 2oo4 2oo4
6 6 6
3.
4.
5.
SIEMENS Moore Process Automation SIEMENS AG
6.
SMS (Honeywell)
7.
TRICONEX FoxGuard (Foxboro/Eckardt) YISS (Yokogawa Industrial Safety System bv) (former GTI)
8.
9.
HIMA
S7-400FH FSC100,101 FSC102 FSC202 FSC new CPU with QMRÔ TRICON V.6,7 TRICON V.>7-10 TRIDENT ProSafe-DSP PLS (former GTI) ProSafe-PLC (same system as SIEMENS Moore!) H41q/H51q-MS H41q/H51q-HS H41q/H51q-HRS
world-wide (>4000 systems)
Chemical, Petro-chemical, Off-Shore, BMS
with/without time limit (specialities)
AK5 without
without with
without without without
System structure PLC No. 1. 2. 3. 4. 5. 6. 7.
Fault-free syste 2oo4 (2von4) 1oo3 (3von3) 2oo3 (2von3) 1oo2D (2von2D) 1oo2 (2von2) 2oo2 (1von2) 1oo1 (1von1)
Degradation 1 1oo2 (2von2) Shutdown 1oo2 (2von2) 1oo1D (1von1D) Shutdown 1oo1 (1von1) Shutdown
Degradation 2 Shutdown
System structure Safety related and fault tolerant Safety related Safety related and fault tolerant Safety related and fault tolerant with time restriction Safety related Safety related and fault tolerant with time restriction Safety related
Shutdown Shutdown Shutdown
* PLC with high diagnostic coverage (D)
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
ABB Industri
Triguard SC300E
1.
1. No module for hazardous areas (Ex)i available. 2. Availability: Failures 3 times more with the same complexity. 3. MTTF of Triconex modules approximately 8 times higher as of a comparable HIMA module. 4. External secondary shut down way for safety related outputs required, additional wiring. 5. Every fault activates the time limitation (3-2-0, in redundant operation). 6. Heating problems of the
Large applications with max fifteen chassis up to 9500 I/O.
http://www.spazint.ru/eng/faq04.htm
Specialities in prices
Remarks
5/28/2009
System Comparison
Page 2 of 7
system. 7. Quality problems of the system. 8. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module. 9. Bigger extent on space with small and medium projects (high basic work, I/O subrack 9 units high).
Strength/Weakness, Specialities in prices PLC No.
Manufacture ICS Triplex
Product title Trusted ICS
Strength
Weakness
1. TMR System with 40 channel input card with individual configuration per channel. 2. Remote I/O rack with up to 480 I/O to be located 10km distant, based on 250Mbaud high speed fibre-optic links. 3. Certified for Fire and Gas applications (NFPA72 certification). 4. Channel by channel configurable diagnostic LED´s. 5. SOE with 1ms time solution. 6. Very fast cycle time. No definition about safety time or reaction time. 7. Real calculations with the µP.
1. Availability: Failures 3 times more with the same complexity. 2. MTTF of ICS Triplex modules approximately 8 times higher as of a comparable HIMA module. 3. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module.
Specialities in prices
Remarks
Specialities in prices 1. Cheap and fast digital processing.
Remarks
Strength/Weakness, Specialities in prices PLC No.
Manufacturer PILZ
Product title PSS 3000 PSS 3100 PSS 3056 (-1,-2) PSS 3032 (devices)
Strength
Weakness
1. Short cycle times (10 ms upwards) and a very fast response times (Interrupt controlled safety-related digital inputs). 2. Safety related communication via SafetyBusP (open bus structure, serial bus, multi master features, based on CAN fieldbus) open means: different components from different manufactures can be integrated, 64 subscribers, data transfer rate up to 500 kbits/s; (Certification for SafetyBusP not available). 3. Distributed safety-related I/O (on the SafetyBusP). 4. Certification for all safety related components (BUS also): Kat. 4 according to EN 954-1 AK 6 according to DIN V 19250 UL, cUL according to UL 508 5. Low extent of work for installation and wiring. 6. Coupling to all fieldbus: CAN, Interbus or Profibus-DP.
1. No big modular product available. PSS 3000 max. 288 digital I/O, max . 54 analogue I/O; PSS 3100 max. 160 digital I/O, max . 30 analogue I/O; PSS 3056 max. 56 digital I/O; PSS 3032 max. 32 digital I/O. 2. Only 1oo3 (3von3) structure is available (design diversity), AK 6, no availability of the systems/devices (shut down with one failure). 3. Complicated programming software. No software comparison, no Off-line test.
The systems don’t can realise availability applications. The system is only used in factory or machinery automation
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS Moore Process Automation
Product title Quadlog
Strength
Weakness
1. Safety rated I/O module, each channel by choice programmable as input or output. 2. Structured text programming. 3. The shut down function of outputs can be select channel by channel. 4. Low operating temperature down to minus 25°C.
1. System structure with redundant CCM (Critical Control Module) and single channel I/O can only be used to AK4. 2. In a 1oo2D system one CCM is in a „calculate mode“ the second CCM in verify mode. To switch the CPU mode from verify to calculate a „Master Enable Relay“ is required. Failure to activate the verify module via the relay will shut down the system. 3. A detected output circuit failure will cause a 2 cycle glitch (lose of output signal) until the passive output module set is activated. 4. Only the CCM and one I/O module (CDM: Critical Device Module) shall be used in process safety critical circuits. All other hardware modules are only interference free (HIMA term: noninteracting) modules, also the analogue input module, and shall not be used for process safety critical circuits.
http://www.spazint.ru/eng/faq04.htm
Weakness: HIMA solution 1. All system structures can be used up to AK6. 2. Higher test level because of interchanging operation mode of the redundant CPUs. 3. With redundant I/Os no effect to the field. 4. The CPU and different types of I/O modules can be used for critical circuits also analogue
Remarks Structured text programming not admissible for process safety critical circuits
5/28/2009
System Comparison
Page 3 of 7
5. Some of the available elements of the function block programming are not admissible for process safety critical circuits. 6. For fail safe sensors two different CDMs have to be configured in AK5+6. 7. For not fail safe sensors 2 x 2 channels on 2 different CDMs are required in AK5+6. 8. No safety related SIO communication available. 9. For Modbus communication a special hardware module is required. 10. The process safety time is 3.2 seconds + 2 x cycle time or at least 6 x cycle time (the longer time is the valid one). 11. Time limit for the single channel operation in AK 1-5: 72 h, in AK6: no single channel operation or 1 h under specified conditions.
modules. 5. All function block elements of ELOP II-NT are admissible for critical circuits and additionally a lot of software building blocks. 6. One safety related input module required. 7. 2 channels on one safety related input module are required. 8. Safety related communication with HIBUS-FS. 9. Modbus communication is part of the central module (in hardware and opera-ting system. 10. In all HIMA PLCs the safety time is programmable and min. 1 second. 11. No time limit for AK6 single channel operation.
Strength
Weakness
Remarks
1. Inputs with fast response time. 2. Safety-related data communication also possible over communication protocol SINEC-L2 (Profibus-DP). 3. All certifications available according different applications. 4. AK6 or SIL3 or category 4 (EN 954-1) operation is possible. Definition in the TUV report: IEC 61508 part1-3 in accordance with SIL1-3. Safety classes that can be reached... Operating the S5-95F in quasi-safety mode for AK6 or SIL3 or Cat4.
1. I/O modules may only be changed in the deenergized status. 2. Beginning with AK4 SIL2, 2 devices S5 are required (central and extension device), this results in higher extent in work for wiring and a higher price. 3. No availability if one component fails (central, I/O module), no single channel operation. 4. Safety-related parts have to be always in redundant (peripherals, I/O modules), safety-related peripheral only with external wiring. 5. The control of the safety-related outputs requires extent of work for wiring. 6. No diagnostic display exist, error diagnostic via communication module resp. error annunciation module. 7. For the safety-related bus transmission (SINEC-L1), an additional master is necessary (e. g. S5-115U not safety related), with a redundant bus two additional masters are required. 8. No On-line modifications possible. 9. Off-line test intervals for a 2oo2 system is every 3 months (according to IEC 61508). 10. Programming system Step 5 is not a programming system according to IEC 61131-3. 11. Bad support or hotline from SIEMENS.
Specialities in prices 1. Cheaper digital components.
Specialities in prices 1. Expensive components (double price for central rack, digital I/O same price and analogue I/O more expensive than HIMA (with independent
Remarks
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS
Product title S5-95F S5-115F
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS
Product title S7-400F / FH
Strength
Weakness
1. Certification according IEC 61508 up to SIL3. 2. Software redundancy sufficient for SIL3 applications. 3. ProfiSafe driver must be run redundancy for SIL3. 4. Totally integration in the DCS PCS7. Mixed mode with normal S7 systems. 5. Mixed mode single 1oo2 and
1. VDI/VDE2180 says “to make strict division between process control protective equipment and process control operation equipment” and “the hardware must have a modular structure and should be able to be used as an independent individual system”. Then to expensive! 2. I/O modules may only be changed in the deenergized status.
http://www.spazint.ru/eng/faq04.htm
According to a statement of SIEMENS the development of new (Ex)i I/O safety modules for the S7400F/FH (ET200) are
5/28/2009
System Comparison
Page 4 of 7
2oo2 I/O level is possible. 6. Fieldbus master functionality available.
3. The redundant I/O modules are in the same ET200 module board (today). 4. The ET200 must be linked via FO cable (galvanical isolation). 5. Between the central unit and the I/O modules must be a fieldbus with an additional safety layer in the protocol (Profibus-DP with ProfiSafe). 6. Central unit and extension device must be used (ET200 with I/O mod.), this results in higher extent in work for wiring and set up. 7. No availability in 1oo1 CPU and 1oo2 I/O level (SIL3 application). Availability only in 2oo2 CPU and 2oo2 I/O configuration (SIL3). 8. Very complexly programming and configuration of the system. With many safety rules to check. 9. No easy integration. 10. Very high reaction time. Single channel min. 220ms, redundant min. 400ms up to 700ms. 11. Very long compilation time of safety related Step7 programs (bigger projects up to 2h). 12. The control of the safety-related logic requires additional and separate functional logic blocks (limited) in Step7 (prog. Languish). That means extra price. 13. Every hardware units needs separate software license (runtime license). 14. No diagnostic display exist, error diagnostic via ext. HMI or via LED’s. 15. No Off-line test in Step7. 16. Bad support or hotline from SIEMENS. System integrator gets no information’s about the delivery schedule for components.
systems)!
Specialities in prices
aspired. Additional development for digital special version with reaction time min. 100ms.
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
SMS Honeywell (HSMS)
FSC100,101 FSC102 FSC 202 FSC 2oo4D
1. Bigger project by the parent company (package units, complete plants). 2. QMR CPU approved by TÜV for use in AK6 or SIL3. Also UL proofed. 3. QMRÔ is trade marketed by Honeywell. 4. Due to integration better communication possible. 5. UCN bus communication with Honeywell. Connection via interface module in FSC to the UCB bus no PLC gateway required. Coupling also possible in redundant mode. Advantage in prices only for new plants. 6. More memory for the user program because of pluggable memory modules. 7. Mixed configuration HS and HRS possible, only with additional bus communication module. 8. With the new CPU also in single channel systems no time limitation. 9. Provides life-cycle safety service around the world. 10. Safety consulting, for example software “SIL validation tool”. 11. SOE independent from of the scan cycle. Event resolution 1 ms shall be possible.
1. After each modification (also for set points out of the logic an EPROM has to be programmed for the communication module. 2. Only one non safety-related input module available (4-fold) for (Ex)i). 3. Long compiler times (more than 15 min). 4. EMC problems (operation only with closed cabinet). Using cabinets with NEMA 1 certification. 5. Different I/O modules with the same functions are required for the different systems, no upward compatibility. 6. Redundant I/O modules have to be arranged side by side. 7. Separated I/O subracks are required for redundant and non-redundant I/O modules and a combined system with further bus communication modules. 8. No redundancy with power supplies, for each CPU an own power supply. 9. With I/O modules the field signals and the 5 V feeding are wired in one connector. 10. Switching off of redundancy resp. system after the occurrence time for the second failure in case of failures on the output module. 11. Redundant/secondary deenergizing of the safety related outputs. Needs external relays to each output or to a group of outputs. If one output module of one group fails, the whole group will shut down. 12. No Off-line simulation with the engineering software available.
Remarks There is no certification for the new CPU with QMR available. The development of the hardware design is finished, the software is not finished.
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
Specialities in prices
TRICONEX (FoxGuard)
TRICON V.10
1. Much memory for the user program, extendable. 2. Fast new CPU with new µP. Shorter cycle times, but no information’s about safety time or
1. Triconex sales have dropped in 1999-2000 from $90M to $45M. Their European presence has dropped from 17 to 1 technical service person. 2. TRICON bigger extent on space
1.
TRIDENT (for smaller
http://www.spazint.ru/eng/faq04.htm
2.
Remarks
Digital I/O HIMA cheaper. Analogue I/O equal
5/28/2009
System Comparison
applications up to 450 points)
Page 5 of 7
complete reaction time from Triconex! 3. Remote I/O coupling via optical conductors with Triconex module (RXM). 4. Floating point processor available. 5. Direct communication with Foxboro DCS I/A series. Connection via redundant Ethernet module (ACM) within the Triconex system to the Foxboro I/A series nodebus. Coupling may also be in redundant. 6. Communication to the Honeywell PLS TDC3000 directly with Triconex module (SMM) to the UCN bus Honeywell. Coupling may also be in redundant. 7. Intelligent communication module with 4 serial ports (MODBUS) and 1 parallel port (Centronics, EICM). 8. Event recording (SOE) integrated. 9. Programming interface according to IEC 61131-3 on Windows NT. Currently 4 programming languages are realised: Structured text, function block diagram, cause and effect matrix (CAE) and ladder diagram. 10. The TRICON fulfils the NRC guidelines in compliance with EPRI TR-107330 (requirements ... safety related app. In nuclear power plants). 11. TRIDENT certified up to SIL3 according IEC 61508 (new standard for safety related PLC). 12. 3oo3 (3-2-1-0) is possible only done via software, but not allowed for safety functions.
http://www.spazint.ru/eng/faq04.htm
with small and medium projects (high basic work, I/O subrack 9 units high). 3. No input modules with line supervision available. 4. No safety related relay outputs available. 5. No special modules for proximity switches available (possible only with a very expensive analogue input module) 6. No module for hazardous areas (Ex) i available. 7. To get the possibility to interchange I/O modules always a redundant slot has to remain free directly near by the active module (hot spare) weather it is used or not. 8. Complete redundancy can only be made if the backup slots are populated. Normally the hot spare is not installed. 9. Availability: Failures 3 times more with the same complexity. 10. MTTF of Triconex modules approximately 8 times higher as of a comparable HIMA module. 11. External relay required for the secondary means of de-energization in AK6. In addition periodical test of the relay (every 6 months). 12. No mixing approved and not approved modules. If you decide to mix them, you must check that it will not affect the safe functions. 13. Test of the memory by processing 2 kB data per processor and cycle. It takes up to 25 s to test the existing 1 MB memory.
price.
5/28/2009
System Comparison
Page 6 of 7
14. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module. The three µP are on the same backplane. External communication channels are single. 15. Error in one channel on one module > no further tests of the other channels. 16. An unresolved fault is only detected with comparison. No diagnostic where the fault has occurred. 17. TMR is loading data through the EICM interface, which is not triplicated or diagnosed. The interface is only once tested during booting 18. Every fault activates the time limitation. 19. Many limitations of on-line modifications: no removing of parts of applications, software only can be added but not deleted on-line, no changes of function blocks, no changes at the amount of signals to exchanged via serial communication, no change of the system software (operating system, I/O driver,...). 20. PID function and other “control algorithms” are not suitable for safety related functions. 21. Triconex will not guarantee upward compatibility (V8 to V9, V10 new CPU, Trident is not compatible with anything).
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
YISS (Yokogawa Industrial Safety System bv) (former GTI)
ProSafeDSP PLS (2oo3 system)
1. Reload of empty CPU automatically with second CPU in red. Systems 2. Program can be read out of the CPU 3. Link to DCS with time stamp 4. In- and outputs can be chosen
1. AK5/6 only with red. Systems 2. No safety related data transfer 3. No revision comparer 4. For AK5/6 single channel operation with time limit
Specialities in prices 1. Redundant version very expensive.
Remarks
Specialities in prices 1. Very cost effective because individual configuration (scalable availability).
Remarks
* The YISS ProSafe-PLC system is the same as the SIEMENS Moore System Quadlog.
General information’s PLC Manufacturer
Product title
Strength
Weakness
HIMA Paul Hildebrandt GmbH + Co KG
H41q-S H51q-S
1. Good support or hotline (short response time for help or answering questions). 2. Very good service, worldwide. 3. Flexible engineering (individual planning and construction of applications), integration of company norms (end user).
1. For big projects it is a strength for the competitor to work with a powerfully parent company (about the financing and discounts).
No.
Sources: Abbreviations:
System documentations PLC
MTBF
Programmable logic controller Programmable electronic systems (according IEC61508) Time between two faults
MTTF
Time till a fault occurs
EMC
Electromagnetic compatibility
I/O
Input/Output
AK
Risk class according DIN 19250
SIL
Safety integrity level according IEC 61508
2oo4
2 out of 4 system structure (in German 2 from 4)
TMR
triple modular redundant
PES
http://www.spazint.ru/eng/faq04.htm
5/28/2009
System Comparison
Page 7 of 7
QMR
quadruple modular redundant
FSC
fail safe controller by Honeywell
HSMS
Honeywell safety management system
SOE
sequence of events
Copyright © 2002 Open Join Stock Company "Spaz-Integrator" Revised: 02-10-2002, Tel: (7 095) 728-4717 [email protected]
http://www.spazint.ru/eng/faq04.htm
5/28/2009
Page 1 of 7
System Comparison Safety Related Programmable Logic Controller (PLC) No.
Main marketing area: Geographical/ Customer
Fault tolerance Main marketing area: area of business/ processes
possible system structures
AK
Chemical, Petro-chemical, Off-Shore, BMS Chemical, Petro-chemical, Off-Shore, BMS Petro-chemical, in Off-Shore Nr.1
1oo1D 1oo2D
4,SIL2 6,SIL3
2oo3 2oo3
6 6
AK5 without
2oo3 2oo3
5 6
without AK5 without
1oo1D 1oo2D 1oo2D 1oo2 1oo2 1oo1, 1oo2 CPU, I/O 2oo2, 2oo2 CPU, I/O
4 5 6 6, SIL3? 6 SIL3 SIL3
without with 72h with 1h 0h 0h 0h without without 72 h 1h without (no cert.)
Manufacturer
Product title
1.
ABB Industri AS
Advant Safeguard 400
world-wide
2.
ABB Industri (former August Systems) ICS Triplex
CS386 Triguard SC300E
world-wide
Regent Trusted ICS (TMR, RISC-µP) Quadlog
Middle East, Russia, USA, Latin America world-wide
S5-95F S5-115F S7-400F
world-wide
Chemical, Off-Shore, FPSO all
all
all
world-wide (>1200 systems)
Chemical, Petro-chemical, Off-Shore, BMS
1oo2D 1oo2D 2oo2D 2oo4D
4 5 6 6,SIL3
world-wide (>2000 systems) Exxon, Shell,Elf world-wide NAM, Shell
Chemical, Petro-chemical, Off-Shore, BMS Petro-chemical, Off-Shore
2oo3 2oo3 2oo3 1oo2 2oo3 1oo1D 1oo2D
5 6 6,SIL3 6 6 4 6
2oo2 2oo4 2oo4
6 6 6
3.
4.
5.
SIEMENS Moore Process Automation SIEMENS AG
6.
SMS (Honeywell)
7.
TRICONEX FoxGuard (Foxboro/Eckardt) YISS (Yokogawa Industrial Safety System bv) (former GTI)
8.
9.
HIMA
S7-400FH FSC100,101 FSC102 FSC202 FSC new CPU with QMRÔ TRICON V.6,7 TRICON V.>7-10 TRIDENT ProSafe-DSP PLS (former GTI) ProSafe-PLC (same system as SIEMENS Moore!) H41q/H51q-MS H41q/H51q-HS H41q/H51q-HRS
world-wide (>4000 systems)
Chemical, Petro-chemical, Off-Shore, BMS
with/without time limit (specialities)
AK5 without
without with
without without without
System structure PLC No. 1. 2. 3. 4. 5. 6. 7.
Fault-free syste 2oo4 (2von4) 1oo3 (3von3) 2oo3 (2von3) 1oo2D (2von2D) 1oo2 (2von2) 2oo2 (1von2) 1oo1 (1von1)
Degradation 1 1oo2 (2von2) Shutdown 1oo2 (2von2) 1oo1D (1von1D) Shutdown 1oo1 (1von1) Shutdown
Degradation 2 Shutdown
System structure Safety related and fault tolerant Safety related Safety related and fault tolerant Safety related and fault tolerant with time restriction Safety related Safety related and fault tolerant with time restriction Safety related
Shutdown Shutdown Shutdown
* PLC with high diagnostic coverage (D)
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
ABB Industri
Triguard SC300E
1.
1. No module for hazardous areas (Ex)i available. 2. Availability: Failures 3 times more with the same complexity. 3. MTTF of Triconex modules approximately 8 times higher as of a comparable HIMA module. 4. External secondary shut down way for safety related outputs required, additional wiring. 5. Every fault activates the time limitation (3-2-0, in redundant operation). 6. Heating problems of the
Large applications with max fifteen chassis up to 9500 I/O.
http://www.spazint.ru/eng/faq04.htm
Specialities in prices
Remarks
5/28/2009
System Comparison
Page 2 of 7
system. 7. Quality problems of the system. 8. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module. 9. Bigger extent on space with small and medium projects (high basic work, I/O subrack 9 units high).
Strength/Weakness, Specialities in prices PLC No.
Manufacture ICS Triplex
Product title Trusted ICS
Strength
Weakness
1. TMR System with 40 channel input card with individual configuration per channel. 2. Remote I/O rack with up to 480 I/O to be located 10km distant, based on 250Mbaud high speed fibre-optic links. 3. Certified for Fire and Gas applications (NFPA72 certification). 4. Channel by channel configurable diagnostic LED´s. 5. SOE with 1ms time solution. 6. Very fast cycle time. No definition about safety time or reaction time. 7. Real calculations with the µP.
1. Availability: Failures 3 times more with the same complexity. 2. MTTF of ICS Triplex modules approximately 8 times higher as of a comparable HIMA module. 3. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module.
Specialities in prices
Remarks
Specialities in prices 1. Cheap and fast digital processing.
Remarks
Strength/Weakness, Specialities in prices PLC No.
Manufacturer PILZ
Product title PSS 3000 PSS 3100 PSS 3056 (-1,-2) PSS 3032 (devices)
Strength
Weakness
1. Short cycle times (10 ms upwards) and a very fast response times (Interrupt controlled safety-related digital inputs). 2. Safety related communication via SafetyBusP (open bus structure, serial bus, multi master features, based on CAN fieldbus) open means: different components from different manufactures can be integrated, 64 subscribers, data transfer rate up to 500 kbits/s; (Certification for SafetyBusP not available). 3. Distributed safety-related I/O (on the SafetyBusP). 4. Certification for all safety related components (BUS also): Kat. 4 according to EN 954-1 AK 6 according to DIN V 19250 UL, cUL according to UL 508 5. Low extent of work for installation and wiring. 6. Coupling to all fieldbus: CAN, Interbus or Profibus-DP.
1. No big modular product available. PSS 3000 max. 288 digital I/O, max . 54 analogue I/O; PSS 3100 max. 160 digital I/O, max . 30 analogue I/O; PSS 3056 max. 56 digital I/O; PSS 3032 max. 32 digital I/O. 2. Only 1oo3 (3von3) structure is available (design diversity), AK 6, no availability of the systems/devices (shut down with one failure). 3. Complicated programming software. No software comparison, no Off-line test.
The systems don’t can realise availability applications. The system is only used in factory or machinery automation
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS Moore Process Automation
Product title Quadlog
Strength
Weakness
1. Safety rated I/O module, each channel by choice programmable as input or output. 2. Structured text programming. 3. The shut down function of outputs can be select channel by channel. 4. Low operating temperature down to minus 25°C.
1. System structure with redundant CCM (Critical Control Module) and single channel I/O can only be used to AK4. 2. In a 1oo2D system one CCM is in a „calculate mode“ the second CCM in verify mode. To switch the CPU mode from verify to calculate a „Master Enable Relay“ is required. Failure to activate the verify module via the relay will shut down the system. 3. A detected output circuit failure will cause a 2 cycle glitch (lose of output signal) until the passive output module set is activated. 4. Only the CCM and one I/O module (CDM: Critical Device Module) shall be used in process safety critical circuits. All other hardware modules are only interference free (HIMA term: noninteracting) modules, also the analogue input module, and shall not be used for process safety critical circuits.
http://www.spazint.ru/eng/faq04.htm
Weakness: HIMA solution 1. All system structures can be used up to AK6. 2. Higher test level because of interchanging operation mode of the redundant CPUs. 3. With redundant I/Os no effect to the field. 4. The CPU and different types of I/O modules can be used for critical circuits also analogue
Remarks Structured text programming not admissible for process safety critical circuits
5/28/2009
System Comparison
Page 3 of 7
5. Some of the available elements of the function block programming are not admissible for process safety critical circuits. 6. For fail safe sensors two different CDMs have to be configured in AK5+6. 7. For not fail safe sensors 2 x 2 channels on 2 different CDMs are required in AK5+6. 8. No safety related SIO communication available. 9. For Modbus communication a special hardware module is required. 10. The process safety time is 3.2 seconds + 2 x cycle time or at least 6 x cycle time (the longer time is the valid one). 11. Time limit for the single channel operation in AK 1-5: 72 h, in AK6: no single channel operation or 1 h under specified conditions.
modules. 5. All function block elements of ELOP II-NT are admissible for critical circuits and additionally a lot of software building blocks. 6. One safety related input module required. 7. 2 channels on one safety related input module are required. 8. Safety related communication with HIBUS-FS. 9. Modbus communication is part of the central module (in hardware and opera-ting system. 10. In all HIMA PLCs the safety time is programmable and min. 1 second. 11. No time limit for AK6 single channel operation.
Strength
Weakness
Remarks
1. Inputs with fast response time. 2. Safety-related data communication also possible over communication protocol SINEC-L2 (Profibus-DP). 3. All certifications available according different applications. 4. AK6 or SIL3 or category 4 (EN 954-1) operation is possible. Definition in the TUV report: IEC 61508 part1-3 in accordance with SIL1-3. Safety classes that can be reached... Operating the S5-95F in quasi-safety mode for AK6 or SIL3 or Cat4.
1. I/O modules may only be changed in the deenergized status. 2. Beginning with AK4 SIL2, 2 devices S5 are required (central and extension device), this results in higher extent in work for wiring and a higher price. 3. No availability if one component fails (central, I/O module), no single channel operation. 4. Safety-related parts have to be always in redundant (peripherals, I/O modules), safety-related peripheral only with external wiring. 5. The control of the safety-related outputs requires extent of work for wiring. 6. No diagnostic display exist, error diagnostic via communication module resp. error annunciation module. 7. For the safety-related bus transmission (SINEC-L1), an additional master is necessary (e. g. S5-115U not safety related), with a redundant bus two additional masters are required. 8. No On-line modifications possible. 9. Off-line test intervals for a 2oo2 system is every 3 months (according to IEC 61508). 10. Programming system Step 5 is not a programming system according to IEC 61131-3. 11. Bad support or hotline from SIEMENS.
Specialities in prices 1. Cheaper digital components.
Specialities in prices 1. Expensive components (double price for central rack, digital I/O same price and analogue I/O more expensive than HIMA (with independent
Remarks
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS
Product title S5-95F S5-115F
Strength/Weakness, Specialities in prices PLC No.
Manufacturer SIEMENS
Product title S7-400F / FH
Strength
Weakness
1. Certification according IEC 61508 up to SIL3. 2. Software redundancy sufficient for SIL3 applications. 3. ProfiSafe driver must be run redundancy for SIL3. 4. Totally integration in the DCS PCS7. Mixed mode with normal S7 systems. 5. Mixed mode single 1oo2 and
1. VDI/VDE2180 says “to make strict division between process control protective equipment and process control operation equipment” and “the hardware must have a modular structure and should be able to be used as an independent individual system”. Then to expensive! 2. I/O modules may only be changed in the deenergized status.
http://www.spazint.ru/eng/faq04.htm
According to a statement of SIEMENS the development of new (Ex)i I/O safety modules for the S7400F/FH (ET200) are
5/28/2009
System Comparison
Page 4 of 7
2oo2 I/O level is possible. 6. Fieldbus master functionality available.
3. The redundant I/O modules are in the same ET200 module board (today). 4. The ET200 must be linked via FO cable (galvanical isolation). 5. Between the central unit and the I/O modules must be a fieldbus with an additional safety layer in the protocol (Profibus-DP with ProfiSafe). 6. Central unit and extension device must be used (ET200 with I/O mod.), this results in higher extent in work for wiring and set up. 7. No availability in 1oo1 CPU and 1oo2 I/O level (SIL3 application). Availability only in 2oo2 CPU and 2oo2 I/O configuration (SIL3). 8. Very complexly programming and configuration of the system. With many safety rules to check. 9. No easy integration. 10. Very high reaction time. Single channel min. 220ms, redundant min. 400ms up to 700ms. 11. Very long compilation time of safety related Step7 programs (bigger projects up to 2h). 12. The control of the safety-related logic requires additional and separate functional logic blocks (limited) in Step7 (prog. Languish). That means extra price. 13. Every hardware units needs separate software license (runtime license). 14. No diagnostic display exist, error diagnostic via ext. HMI or via LED’s. 15. No Off-line test in Step7. 16. Bad support or hotline from SIEMENS. System integrator gets no information’s about the delivery schedule for components.
systems)!
Specialities in prices
aspired. Additional development for digital special version with reaction time min. 100ms.
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
SMS Honeywell (HSMS)
FSC100,101 FSC102 FSC 202 FSC 2oo4D
1. Bigger project by the parent company (package units, complete plants). 2. QMR CPU approved by TÜV for use in AK6 or SIL3. Also UL proofed. 3. QMRÔ is trade marketed by Honeywell. 4. Due to integration better communication possible. 5. UCN bus communication with Honeywell. Connection via interface module in FSC to the UCB bus no PLC gateway required. Coupling also possible in redundant mode. Advantage in prices only for new plants. 6. More memory for the user program because of pluggable memory modules. 7. Mixed configuration HS and HRS possible, only with additional bus communication module. 8. With the new CPU also in single channel systems no time limitation. 9. Provides life-cycle safety service around the world. 10. Safety consulting, for example software “SIL validation tool”. 11. SOE independent from of the scan cycle. Event resolution 1 ms shall be possible.
1. After each modification (also for set points out of the logic an EPROM has to be programmed for the communication module. 2. Only one non safety-related input module available (4-fold) for (Ex)i). 3. Long compiler times (more than 15 min). 4. EMC problems (operation only with closed cabinet). Using cabinets with NEMA 1 certification. 5. Different I/O modules with the same functions are required for the different systems, no upward compatibility. 6. Redundant I/O modules have to be arranged side by side. 7. Separated I/O subracks are required for redundant and non-redundant I/O modules and a combined system with further bus communication modules. 8. No redundancy with power supplies, for each CPU an own power supply. 9. With I/O modules the field signals and the 5 V feeding are wired in one connector. 10. Switching off of redundancy resp. system after the occurrence time for the second failure in case of failures on the output module. 11. Redundant/secondary deenergizing of the safety related outputs. Needs external relays to each output or to a group of outputs. If one output module of one group fails, the whole group will shut down. 12. No Off-line simulation with the engineering software available.
Remarks There is no certification for the new CPU with QMR available. The development of the hardware design is finished, the software is not finished.
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
Specialities in prices
TRICONEX (FoxGuard)
TRICON V.10
1. Much memory for the user program, extendable. 2. Fast new CPU with new µP. Shorter cycle times, but no information’s about safety time or
1. Triconex sales have dropped in 1999-2000 from $90M to $45M. Their European presence has dropped from 17 to 1 technical service person. 2. TRICON bigger extent on space
1.
TRIDENT (for smaller
http://www.spazint.ru/eng/faq04.htm
2.
Remarks
Digital I/O HIMA cheaper. Analogue I/O equal
5/28/2009
System Comparison
applications up to 450 points)
Page 5 of 7
complete reaction time from Triconex! 3. Remote I/O coupling via optical conductors with Triconex module (RXM). 4. Floating point processor available. 5. Direct communication with Foxboro DCS I/A series. Connection via redundant Ethernet module (ACM) within the Triconex system to the Foxboro I/A series nodebus. Coupling may also be in redundant. 6. Communication to the Honeywell PLS TDC3000 directly with Triconex module (SMM) to the UCN bus Honeywell. Coupling may also be in redundant. 7. Intelligent communication module with 4 serial ports (MODBUS) and 1 parallel port (Centronics, EICM). 8. Event recording (SOE) integrated. 9. Programming interface according to IEC 61131-3 on Windows NT. Currently 4 programming languages are realised: Structured text, function block diagram, cause and effect matrix (CAE) and ladder diagram. 10. The TRICON fulfils the NRC guidelines in compliance with EPRI TR-107330 (requirements ... safety related app. In nuclear power plants). 11. TRIDENT certified up to SIL3 according IEC 61508 (new standard for safety related PLC). 12. 3oo3 (3-2-1-0) is possible only done via software, but not allowed for safety functions.
http://www.spazint.ru/eng/faq04.htm
with small and medium projects (high basic work, I/O subrack 9 units high). 3. No input modules with line supervision available. 4. No safety related relay outputs available. 5. No special modules for proximity switches available (possible only with a very expensive analogue input module) 6. No module for hazardous areas (Ex) i available. 7. To get the possibility to interchange I/O modules always a redundant slot has to remain free directly near by the active module (hot spare) weather it is used or not. 8. Complete redundancy can only be made if the backup slots are populated. Normally the hot spare is not installed. 9. Availability: Failures 3 times more with the same complexity. 10. MTTF of Triconex modules approximately 8 times higher as of a comparable HIMA module. 11. External relay required for the secondary means of de-energization in AK6. In addition periodical test of the relay (every 6 months). 12. No mixing approved and not approved modules. If you decide to mix them, you must check that it will not affect the safe functions. 13. Test of the memory by processing 2 kB data per processor and cycle. It takes up to 25 s to test the existing 1 MB memory.
price.
5/28/2009
System Comparison
Page 6 of 7
14. The triplicated channels are susceptible to common cause faults, because they are linked together for voting, or all 3 input and output channels reside on the same module. The three µP are on the same backplane. External communication channels are single. 15. Error in one channel on one module > no further tests of the other channels. 16. An unresolved fault is only detected with comparison. No diagnostic where the fault has occurred. 17. TMR is loading data through the EICM interface, which is not triplicated or diagnosed. The interface is only once tested during booting 18. Every fault activates the time limitation. 19. Many limitations of on-line modifications: no removing of parts of applications, software only can be added but not deleted on-line, no changes of function blocks, no changes at the amount of signals to exchanged via serial communication, no change of the system software (operating system, I/O driver,...). 20. PID function and other “control algorithms” are not suitable for safety related functions. 21. Triconex will not guarantee upward compatibility (V8 to V9, V10 new CPU, Trident is not compatible with anything).
Strength/Weakness, Specialities in prices PLC No.
Manufacturer
Product title
Strength
Weakness
YISS (Yokogawa Industrial Safety System bv) (former GTI)
ProSafeDSP PLS (2oo3 system)
1. Reload of empty CPU automatically with second CPU in red. Systems 2. Program can be read out of the CPU 3. Link to DCS with time stamp 4. In- and outputs can be chosen
1. AK5/6 only with red. Systems 2. No safety related data transfer 3. No revision comparer 4. For AK5/6 single channel operation with time limit
Specialities in prices 1. Redundant version very expensive.
Remarks
Specialities in prices 1. Very cost effective because individual configuration (scalable availability).
Remarks
* The YISS ProSafe-PLC system is the same as the SIEMENS Moore System Quadlog.
General information’s PLC Manufacturer
Product title
Strength
Weakness
HIMA Paul Hildebrandt GmbH + Co KG
H41q-S H51q-S
1. Good support or hotline (short response time for help or answering questions). 2. Very good service, worldwide. 3. Flexible engineering (individual planning and construction of applications), integration of company norms (end user).
1. For big projects it is a strength for the competitor to work with a powerfully parent company (about the financing and discounts).
No.
Sources: Abbreviations:
System documentations PLC
MTBF
Programmable logic controller Programmable electronic systems (according IEC61508) Time between two faults
MTTF
Time till a fault occurs
EMC
Electromagnetic compatibility
I/O
Input/Output
AK
Risk class according DIN 19250
SIL
Safety integrity level according IEC 61508
2oo4
2 out of 4 system structure (in German 2 from 4)
TMR
triple modular redundant
PES
http://www.spazint.ru/eng/faq04.htm
5/28/2009
System Comparison
Page 7 of 7
QMR
quadruple modular redundant
FSC
fail safe controller by Honeywell
HSMS
Honeywell safety management system
SOE
sequence of events
Copyright © 2002 Open Join Stock Company "Spaz-Integrator" Revised: 02-10-2002, Tel: (7 095) 728-4717 [email protected]
http://www.spazint.ru/eng/faq04.htm
5/28/2009
Related Documents
Plc Compare
May 2020 5
Compare Plc And Dcs
May 2020 3
Compare
May 2020 18
Compare
November 2019 28
Compare
April 2020 16