Siemens ST PCS 7 manual 10/25, Redundant stations

The safety-related SIMATIC PCS 7 automation systems at the controller level are categorized in accordance with the two de- sign versions as follows:

•Single stations

AS 412F, AS 414F and AS 417F with only one CPU (safety- related)

•Redundant stations

AS 412FH, AS 414FH and AS 417FH with two redundant CPUs (safety-related and fault-tolerant)

Single stations and redundant stations are available as preas- sembled and tested all-in-one systems (AS bundles) without extra charge. They are based on the hardware of the AS 412H, AS 414H or AS 417H fault-tolerant automation systems ex- panded by safety functions with S7 F Systems.

Similar to the fault-tolerant systems used as a basis, the RAM of the safety-related AS bundles varies as follows:

AS 412F/FH 768 KB (512 KB for program and 256 KB for data)

AS 414F/FH 2.8 MB (1.4 MB each for program and data)

AS 417F/FH 30 MB (15 MB each for program and data)

All F/FH systems are TÜV-certified and comply with the safety requirements up to SIL 3 according to IEC 61508.

In the systems with multitasking capability, several programs can be executed simultaneously in one CPU – basic process control (BPCS) applications or also safety-related applications. The programs are reaction-free, i.e. faults in BPCS applications have no effect on safety-related applications, and vice versa. Special tasks with very short response times can also be imple- mented.

The redundant FH systems operating according to the 1-out-of- 2 principle consist of two subsystems of identical design. These are electrically isolated from each other to achieve optimum EMC, and are synchronized with each other via fiber-optic ca- bles. A bumpless switchover is made from the active subsystem to the standby subsystem in the event of a fault. The two sub- systems can be present in the same rack or separated by up to 10 km. The spatial separation provides additional security in the case of extreme influences in the environment of the active sub- system, e.g. resulting from a fire.

The redundancy of the FH systems is only used to increase the availability. It is not relevant to processing of the safety functions and the associated fault detection.

Runtime licenses

Each AS bundle is already provided as standard with the SIMATIC PCS 7 AS Runtime license for 100 process objects (PO). The number of process objects can be extended by addi- tional Runtime licenses for 100, 1000 or 10000 POs. The process objects of additional Runtime licenses can be added to process objects which already exist. The number and type (e.g. 100 or 1000) of additional Runtime licenses are irrelevant. The

AS Runtime licenses are administered on a SIMATIC PCS 7 engineering system or in the SIMATIC PCS 7 BOX.

Communication over the plant bus

The safety-related automation systems are connected as stan- dard to the plant bus using one communications processor per AS (F-systems) or sub-AS (FH-systems).

The plant bus can be implemented in the form of a ring structure, which can also be configured with redundant architecture if the availability requirements are high. When there are two redundant rings it makes sense to use two communications processors per AS (F-systems) or sub-AS (FH-systems) and to distribute their connections between the two rings(4-way connection). Double faults such as failure of the OSM/SCALANCE switch on ring 1 with simultaneous interruption in the bus cable on ring 2 can thus be tolerated.

Individual configuration of AS bundles

The equipment of the safety-related automation systems as well as their Order Nos. can be individually compiled by selecting preconfigured ordering units. System-specific ordering configu- rations are available for this purpose in the following Section "Selection and ordering data".

These are divided into:

•Single stations: AS 412F, AS 414F and AS 417F with only one

CPU

•Redundant stations: AS 412FH, AS 414FH and AS 417FH with two redundant CPUs, mounted on one common rack (UR2-H) or two separate racks (UR2)

In order to rapidly access the recommended preferred configu- rations, these are additionally listed with their complete order numbers.

As an alternative to the ordering data in this catalog, the configurator offered in the catalog & online ordering system "A&D Mall" (www.siemens.com/automation/mall) can also be used to select and order safety-related automation systems for

SIMATIC PCS 7.

Ordering information

sync modules with a range up to 10 m. Fiber-optic sync cables longer than 1 m must always be ordered separately (2 of each required).

Siemens ST PCS 7 · Update November 2008

10/25