Siemens appendix Redundancy with AS 235 H, Redundancy with the AS 235 H automation system

Page 10

This catalog is out of date, see note on page 1

System architecture

Redundancy with AS 235 H

Central

processing

unit I

I/O bus

Synchronization

Comparison,

cross-coupling

Comparison,

switchover

CS 275 plant bus

Central

processing

unit II

Redundant I/O bus

Comparison,

switchover

I/O bus

Central faults are detected very rapidly using a hardware com- parator. This compares the redundant bus signals for each read or write operation of the central processors operating with syn- chronous clocks. Software test programs are started in the event of a fault in order to established its location.

The synchronous signals of the redundant I/O bus are checked for equality for selective areas of up to 13 I/O modules each and converted to the single-channel I/O bus of the standard I/O mod- ules. Up to 3 selected I/O module areas can be supplied by the redundant I/O bus (A), a further 4 selected I/O module areas can be supplied by extending with a redundant I/O bus 2 (B). A strict division into fault limiting regions thus ensures that single faults can only have an effect within one selective I/O module area.

The AS 235 H system enables maintenance and repair without interfering with process operations. The corresponding partial

 

 

 

 

I/O

 

 

 

 

 

 

 

 

 

I/O

 

 

 

 

 

 

 

 

modules

 

 

 

 

 

 

 

 

 

modules

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Process level

Redundant path

Fig. 2/1 1-out-of-2 redundancy structure with AS 235 H

Redundancy with the AS 235 H automation system

￿Various system characteristics must be considered with regard to the reliability and availability of a system. The requirements for reliability are met by fault-tolerant (high-availability) systems while those for safety are met by fail-safe systems.

According to VDI/VDE 3542 the following applies:

A system is fault-tolerant if occurring faults have no effect on its function. Fail-safe is the ability of a technical system to remain in a safe mode or to switch immediately to another safe mode in the event of a fault.

The AS 235 H automation system is a high-availability system with redundant central units operating with system clocks where execution of the planned automation functions is not interrupted by system faults.

The system operates according to the fault-tolerant 1-out-of-2 principle. The AS 235 H system is equipped with 2 identical cen- tral processing units for this purpose, the master unit and the slave unit (Fig. 2/1). Each of the two CPUs contains a power sup- ply module, central processor, memory module for system soft- ware and user program as well as 1 or 2 interface modules for the I/O bus depending on the number of I/O modules con- nected. The user programs stored in the 2 memory modules are identical.

Process signals are always applied to both CPUs. Only one of these, the master unit, can output commands to the process via the I/O modules. The other operates in hot standby mode and is always able to take over smooth control of the process should the master unit fail.

The fully-synchronous mode of operation of the two partial

AS 235 H systems means that any assignment of the master is possible: master/slave or slave/master. Both partial systems are updated with the same information simultaneously because all input data are applied to both, meaning that online backup data transmission between the two partial systems is superfluous.

system, irrespective of whether it is the master or slave, is removed from the synchronous operation. The partner system then retains the master status, or is assigned it automatically, and thus handles the active process operations. The disabled, passive partial system now operates completely independently, but without the I/O modules since these are required by the mas- ter.

This simplex operation with 2 independent systems enables new user programs to be configured, loaded or tested and to operate on the process either on a trial basis or permanently. This flexi- bility prevents undesirable down times in the process when changing the automation structure.

The backup of a passive partial system (transition from simplex to duplex operation with a slave system ready for operation) is initiated by the operator and is executed without influencing the online processing of the master system. It is terminated by auto- matic synchronization. The second partial system is then the slave and is ready to accept the master status at any time.

When connected to the CS 275 bus system, the redundant AS 235 H system responds like a single participant.

The user software of the AS 235 H automation system is compat- ible with that of the AS 235 and AS 235 K systems, i.e. user con- figurations which have been generated on these systems and which function directly can also be used in the AS 235 H system without limitations.

Important note:

The AS 235 automation system has been optimized for high reliability and availability by means of fault tolerance and a non-interacting design. However, it does not belong – just like any other single or redundant programmable system – to the class of special fail-safe systems approved by independent testing authorities (e.g. TÜV).

It is therefore important when automating processes or pro- cess sections relevant to safety to ensure that suitable sub- ordinate interlocking circuits or protective systems are pro- vided for these areas in the AS 235 H system as in the

AS 235 / AS 235 K systems which make a dangerous operat- ing state impossible should faults occur in the automation system.

2/4

Siemens PLT 111 · 1999

Page 9 Page 11
Image 10
Page 9 Page 11
Contents Teleperm M Introduction Brief descriptionConfiguring Functions of the AS 235 systemSystem data General system dataTechnical data of automation systems Or user-configured with own Configuring System architecturePerformance characteristics Operation and monitoring TML languageScope of performance Redundancy with the AS 235 H automation system Redundancy with AS 235 HImportant note Standard function blocks ConfiguringStandard function blocks Blocks for analog and digital processingBlocks for signal exchange via CS Data blocksDriver blocks for I/O modules Type Designation Function For modules with Order NoDriver blocks for configurable Teleperm ME I/O modules Driver blocks for I/O modules with standardized displayOutput blocks for printer and process monitor Organization blocksSystem architecture Performance characteristics Summary of system properties Redundancy with AS 235 H Configuring Data blocks Driver blocks for I/O modules Driver blocks for configurable Teleperm ME I/O modules Output blocks for printer and process monitor AS 235 K Connection diagramsAS 235 H ES 100 KGeneral GeneralBasic cabinet Basic cabinetAS 235 automation system Basic unitStandard I/O devices Extension unitsPower supply components Bus componentsAS 235 automation system Ordering data for basic cabinetOrdering data Basic cabinet6DS9 002-8BB Options for basic cabinetOptions for AS 235 basic Cabinet See page 6/6Extension cabinet Extension cabinetExtension cabinet Options for AS 235 extension CabinetAS 235 H AS 235 H automation systemAS 235 H automation system, design 6DS3 305-8BA Redundant process I/Os Example of redundancy withInterface modules for 20-m local bus N-AS AS 235 H automation system Options for AS 235 H basic Cabinet AS 235 H extension cabinet System Extension cabinet Ordering data for extension cabinetAS 235 H automation Options for AS 235 H exten Sion cabinetAS 235 K automation system AS 235 KBasic system Basic systemInterface module for ES 100 K AS 235 K automation system, designAS 235 K automation HousingOrdering data for AS 235 K SystemES 100 K extension system ES 100 KES 100 K extension system ES 100 K extension Ordering data for ES 100 KES 100 K options System cabinet accessories Standard cabinets and accessoriesStandard cabinets and accessories Standard cabinetsOrdering data for system cabinet accessories Permissible thermal loading Configuring values for thermal loadStandard cabinet with heat exchanger Standard cabinets IP 20 without heat exchanger Technical dataDesign Standard cabinets IP 54 with heat exchanger 12 Standard cabinet with heat exchangerProcess connection systems Connections for process signal cablesProcess connection systems Process connection systemsConnection diagrams for standard I/O devices to AS AS 235 K Connection diagramsStandard I/O devices to AS 235 / AS 235 K Connection of personal computer Connection of personal computerConnection of process monitors and parallel monitors Connection of process monitors and parallel monitorsConnection diagrams for standard I/O devices to AS 235 H Standard I/O devices to AS 235 HConnection diagrams Summary of connecting cables Connecting cable Plug Cable Max. cable Order No From LengthFunction modules Signal modulesProportioning Counter modules Summary General technical data Configurable I/O modulesModules from other systems Power supply, earthingLightning protection with distributed configuration Selection criteria for I/O modulesFunction modules Function modulesClosed-loop control modules Closed-loop control modulesSignal modules Signal modulesAnalog input and output modules Binary input module, testable, 6DS1 618-8CA Binary input and output modulesBinary input and output modules Binary output module with 16 relays, 6DS1 605-8BAProportioning counter module, metering pulse input module STRUK-AS 220 EA configuring programProportioning and counter modules Metering pulse input module with 8 channels, 6DS1 607-8ABModules which can be used on the I/O bus Modules which can be used on the I/O busExplanations for the column Release Explanations for the column Remarks6DS1 342-1BD With S5KE Operation unit Mode of operationTest mode PBT 65 process operation keyboardConfiguring keyboard Configuring unitConfiguring keyboard Mini floppy disk unit 6DS3 900-8AE Mini floppy disk unitMini floppy disk unit Floppy disksBus communication Application ApplicationLocal range Remote range DesignSingle remote bus Bus converter Ul Connector board AF Remote busConnection distributor AV Redundant remote busBus configurations, examples Bus configurationsApplication Other conditions Connecting cables Connecting cables for 20-m local bus Connecting cablesConnecting cables for remote bus Central controllers Expansion unitsSimatic S5 I/Os ET 100U Interface modules for coupling with other systems, summary Coupling of other systemsParallel coupling with S5-115U I/O modules Simatic S5 expansion unitsParallel coupling with Simatic S5-115U I/O modules Digital output modules Simatic S5-115U I/O modules appropriate for couplingDigital input modules Digital input/output modulesParallel coupling with S5-135U/155U I/O modules Parallel coupling with Simatic S5-135U/155U I/O modulesSimatic S5-135U/155U I/O modules appropriate for coupling Interface module for Simatic S5 expansion units Interface module for Simatic S5 expansion unitsSerial coupling With Simatic S5/S7 central controllers Simatic S5/S7 central controllersSerial coupling with Simatic S5/S7 central controllers Interface module for Simatic S5/S7 central controllers Interface module for Simatic S5/S7 central controllersSimatic S5 I/Os / ET 100U Serial coupling with Simatic S5 I/OsET 100U I/O modules appropriate for coupling Exi modulesInterface module for ET 100U Interface module for ET 100UOrdering information Ordering of complete systems AS 235 standard configurationOrdering of options
Top Page Image Contents