State Industries GFK-0827 manual Fault Detection, Fault Categories

Page 83

4

Section 6: Fault Detection and Control Actions

This section describes how faults are handled in a Redundancy system. It discusses how faults affect the operation of the Redundancy system, describes categories of faults, describes how faults are detected, describes the actions taken when faults are detected, and discusses on-line repair of individual components.

Fault Detection

The Hot Standby CPU Redundancy system requires that faults or failures in all critical components be detected and reported so that appropriate control actions may be taken. All components that are involved in the acquisition and distribution of I/O data or are involved in the execution of the control logic solution are considered to be critical components.

In a Redundancy system, fault actions are not configurable as they are in a non-redundancy (Simplex) system. A FATAL fault will cause a switch from the active to the backup unit; a DIAGNOSTIC fault will allow the currently active system to continue operating as the active system.

Faults within the PLC may be such that (1) the PLC has a controlled shutdown, (2) the PLC has an uncontrolled shutdown, or (3) the PLC continues to operate. If the PLC has detected an internal fault and has a controlled shutdown, a fault will be logged in the fault table, the backup system will be notified of the fault and the PLC will go to stop mode and stop driving outputs. This does not normally occur until the top of the sweep following the failure. The exception is when the failure occurs during the input scan. Upon notification, the backup system will immediately take over and start driving outputs.

If the PLC has an uncontrolled shutdown the PLC will log a fault if it can and proceed as described above. If the backup PLC detects that the active PLC has failed to synchronize, it will assume the active unit has failed after timing out all (both) available links. The backup will then start driving outputs and controlling the process. If a fault exists within the PLC, but has not been detected, the system will eventually detect the fault through the background diagnostic procedure. When the fault is detected, the PLC will proceed with the orderly shutdown process if it can.

If the two PLCs fail to synchronize, because the timeout is set too short, then the two systems will begin to act independently. A fault will be logged at the time synchronization failure occurs.

Fault Categories

The detection of faults and failures falls into three basic categories:

1.faults and failures that are detected immediately;

2.faults and failures that are detected as soon as possible, but not necessarily within the current sweep;

72

Series 90-70 Hot Standby CPU Redundancy User's Guide ± December 1993

GFK-0827

Page 82 Page 84
Image 83
Page 82 Page 84
Contents GE Fanuc Automation GFL±002 Related Publications Content of this ManualWe Welcome Your Comments and Suggestions PrefaceContents Chapter System Components Chapter Configuration Chapter Operation System Operation Fault Detection and Control Actions Synchronized Hot Standby CPU Redundancy System Configuration Contents Hot Standby CPU Redundancy Product Chapter IntroductionGFK-0827 Benefits of the Hot Standby CPU Redundancy Product Features of the Hot Standby CPU Redundancy ProductCable Connections Systems for Hot Standby CPU Redundancy SystemsGenius I/O System Local I/O SystemControl Strategy Basic Hot Standby OperationSynchronized Hot Standby CPU Redundancy System Configuration Redundancy Communications Module Redundancy CPU ModuleEffect on Scan Time Bumpless SwitchingSwitch to Backup Unit Time Synchronized CPUsOn-Line Repair Configurable Backup Data SizeOn-Line Programming Programming Considerations Configuration RequirementsTerm Definition Definition of TermsAcronym Definition Commonly Used AcronymsRedundancy CPU Chapter System ComponentsCapacities for Redundancy CPU, IC697CPU780 Watchdog TimerCPU Architecture Redundancy CPU IC697CPU CPU FeaturesValid Operating Mode Selection CPU Mode SwitchCPU Status LEDs Memor y Protect KeyswitchBattery Connectors Expansion Memory Boards for CPU Serial Port ConnectorExpansion Memory Board Redundancy Communications Module RCM FeaturesBoard OK RCM System Status LedsUnit Selection Pushbutton RCM ConnectorsBus Transmitter Module LED Status IndicatorsBus Receiver Module BTM ConnectorsGenius Bus Controller Bus Signal TerminationBRM Connectors Genius Bus Controller User Features Racks GBC ConnectorsConfiguring a Hot Standby CPU Redundancy System Chapter ConfigurationRedundancy System Requirements Basic Redundancy System SetupLogicmaster 90 Configuration System ConfigurationMonitor or Online mode Screens for Fault Category ConfigurationHandling Folders Configuration with LogicmasterConfiguration of a Redundancy CPU Module GFK-0827 Redundant CPU Requirements Background Window Normal Sweep ModeRedund Type Constant Sweep Mode Constant Window Sweep ModeShared I/O Ctrl StrgyFail Wait Shared I/O Reference Values Shared I/O Data ParametersReference Type ReferenceSize CalculationforNumberofBytes Transfer Data SizeConfiguring a CPU Expansion Memory Board Configuration of a Redundancy Communications Module Configuration Paired GBC Parameter Configuration of a Genius Bus ControllerSerial Bus Address Configuring a Primary Redundant PLC Select the Redundancy CPU Module Select an Expansion Memory Board Configure the Redundant Communications Module Configure a Genius Bus Controller Configuration Configure Genius I/O Blocks Configure the Bus Transmitter Module Configuring a Secondary Redundant PLC Change Redund Type GFK-0827 Chapter Operation Power-Up Sequence of a Redundant CPUIncompatible Configurations Resynchronization of the Redundant CPU Hot-Standby Redundancy Control Strategy First Data Transfer %I, %AI and Synchronization Synchronous ScanData Transfer from Backup Unit to Active Unit Second Data Transfer %Q, %AQ, %R, and %M Switching Control to Backup UnitRole Switch Svcreq Definition for% S Reference for Redundancy Status References for CPU RedundancyRedundancy CPU Considerations Differences in Operation for CPU RUN Disabled ModeRUN/ENABLED Locrdy Locact Remrdy Remact Configuration of Fault Actions Background Window Time Stop to RUN Mode Transition Words per Sweep = Ovrpre %S Reference Timed ContactsGenius Bus Controller Switching Fault Categories Fault DetectionChanging Fault Category Actions Fault Zoom Help Text for Redundancy Error Codes PLC Fault TableFaulting RCMs, Losing Links, and Terminating Communications GFK-0827 Maskable Fault Group Descriptions Fault Actions in a CPU Redundancy SystemUserConfigurable Maskable Fault Group ActionsNon-Maskable Fault Action Descriptions Non-Maskable Fault Group DescriptionsOn-Line Repair Recommendations On-Line RepairMaintaining Parallel Bus Termination Redundancy Communications Module and Cables Power SupplyRacks Central Processor UnitGenius Bus Controller Redundancy Communications Link FailuresBus Transmitter Module GeniusBlocks Genius BusRedundancy Alternatives Appendix Redundancy AlternativesRedundancy Option Key See Table PLC RedundancyOptionsSeries 90-70 Redundancy Through Application Logic Index Index Index Index Index
Top Page Image Contents