Redundancy in Manufacturing Control Systems

Mnet 130388 Lynch Lead

Reliability in process control systems has a different meaning in each industry. Depending on the type of interruption and the severity of the consequences, some manufacturing systems require PLC redundancy to keep people and equipment safe. Instrumentation and manufacturing engineers need to balance the cost of redundant PLCs with the consequences of an outage.

For a relatively small investment, extra control hardware and intelligent software can reduce the damage and inconvenience when a controller fails. Depending on the specific manufacturing application, a risk assessment may determine that a beefed-up PLC-base control system is necessary. The amount of redundancy in a manufacturing control system depends on many factors including the extent of engineering effort required versus the prospect of financial loss and/or bad PR when a failure does occur (i.e. pipeline ruptures or explosions).

Instrumentation and control engineers should take all contributing factors and statistically-possible outcomes into consideration. These may include:

Continuous Process — Food processing, product assembly lines and chlorine-based pulp and paper processing all require synchronization of numerous stages. A stoppage in one section may lead to bottle necks in others and loss of unfinished product throughout the assembly process.

Instrumentation engineers need to investigate how much in-process material could be adversely affected if a controller or subsystem malfunctions.

Batch Processing — Surface Mount Technology (SMT) circuit board is a good example where a large number of products is processed all at once, sent to inventory and then the production line halted. PLC redundancy will help ensure that the line will be operational when the manufacturing facility is started again.

Critical Industries — Mining, nuclear and gas control can’t afford an interruption in operation and safety monitoring. A near 100 percent uptime of the control system, with full backup capabilities, is required to prevent deadly and costly incidents.

Types of PLC Redundancy

Most PLC vendors provide units with built-in redundancy for processor control and power supplies. However, from a system level design, there are four ways to provide higher reliability:

Separate Mode (independent operation) — Again, two PLCs are used but each operate separately. The inputs and outputs are split between both processors (50/50). If one PLC fails, only half of the capacity is lost instead of the entire system. This is the easiest redundant controller system to implement but requires duplicate equipment.

Shadow Mode — Two identical PLCs run the same software and share the same inputs and outputs. One operates as the primary, the second as a backup. If a heartbeat signal from the first is not received by the second, the backup unit assumes control of the automation system to provide uninterrupted operation. These require a bit more design and an arbitration circuit for the sensors & actuators to avoid conflict.

Split Mode (dependent operation) — As used in the telecom system and banking mainframes, two controllers share the same inputs and compare independent decisions before setting an output. If a discrepancy is noted, a special system response is exercised. In automation systems, appropriate action may be a simple reporting or halting/slowing of the assembly line until human intervention can be made.

Voting — Made popular by NASA, an odd-number of independent control systems make self-governing decision and a ballot is posted before a decision is made (majority rule). These systems are the most costly to build as they require redundant control systems and may be too cumbersome & expensive from some applications. And the PLC programming requires a more thorough design.

Manufacturing engineers concentrate on efficiency and quality but also need to take into consideration failures and appropriate the system response. Planning for breakdowns is necessary because they will eventually happen.

Greg Lynch is a professional engineer with over 18 years of experience in control system design, manufacturing support and reliability engineering design. He is based in Kelowna, BC and operates the engineering firm Industrial Control Systems Engineering Corp.

More in Operations