The Yokogawa Centum CS and CS 3000 control systems have been in the market for more than 10 years and have been used successfully for many strategic and important projects. The Centum CS 3000 controller is using `pair and spare' architecture. This architecture consists of a pair of (redundant) processors in a CPU module, and another same pair of (redundant) processors in a redundant CPU module. Moreover, Centum CS 3000 uses other redundant technologies such as redundant module architecture for CPU module and I/O modules, redundant communication technologies for the system data highway, the back-plane bus in a module rack and the data bus in a module and redundant power supply modules. As a result of these technologies, the field data result shows that the system availability is seven nines, or 99,9999953%. In other words, its makers expect only one minute of system failure during 40 years of operation. Recently, a compact controller was introduced in the latest version of CS 3000. Yokogawa has employed the key hardware and software technologies of the existing Centum CS 3000 controller as a basis for the development of the safety controller ProSafe-RS.
Single SIL3
ProSafe-RS safety controller embeds the same architecture and technologies of Centum CS 3000. In addition to these technologies, every ProSafe-RS processor, input module and output module features a dual architecture inside to achieve high safety level, applicable up to and including SIL3 application.
The CPU module of ProSafe-RS contains a dual processor and a dual set of main memories, additional circuits and software for diagnostics. The ProSafe-RS I/O modules have dual circuits for checking the integrity. This architecture makes ProSafe-RS safety controller very straightforward and simple to understand, design, install and maintain with respect to the safety integrity. The SIL3 safety functions can be covered with single CPU and single I/O cards while fulfilling the requirements of IEC 61508 - such as PFD (probability of failure on demand), SFF (safe failure fraction) and fault tolerance - for SIL3.
IEC 61508 Part1
IEC 61508 Part2
Redundant options for high availability
The issue of availability is very important for the process industry. When higher system availability is required, ProSafe-RS can be configured for dual redundancy for its CPU and I/O modules, in the same manner as Centum CS 3000. Redundancy is used for higher availability and all redundant options can be selected independently. Any combination of I/O module redundant configurations, for example, redundant input with single output, single input with redundant output or redundant input and redundant output can be selected with selection of CPU module redundancy as a separate choice. Full dual redundant configuration offers the maximum process availability.
The high diagnostic coverage factor of more than 99% enables ProSafe-RS to provide rapid fault detection, which means that repairs can be affected within an acceptable period, with minimal impact on the process.
One network, one window - integration with DCS
High safety, high availability, and the tight integration with Centum CS 3000 are advantages of ProSafe-RS, which can be connected directly onto the same V net, the control network of Centum CS 3000. No gateway or interface hardware is required for data exchange between SIS and DCS functions. Safety communication between safety controllers is realised and certified in a mixed DCS - SIS configuration. Communication between ProSafe-RS and DCS is certified to be interference free.
With the integration of DCS and SIS, the operator has access to all plant information via one single window on a Centum CS 3000 HMI station. Separate monitoring of SIS and DCS is no longer necessary. Operators can predict more rapidly which process conditions are likely to reach emergency levels due to this integrated information. This integrated view on the process is useful for quick monitoring and also avoids misjudgement and disoperation. These advantages work to improve the overall plant safety.
TÜV certification
TÜV certification for a safety-instrumented system (SIS) is recognised throughout the world as an independent and credible assessment of the fact that the system complies with the requirements of the standards for safety systems. From the concept phase of the ProSafe-RS, TÜV Rheinland has been involved for the approval of this safety control system.
The TÜV Rheinland verified the ProSafe-RS safety control system according to the IEC 61508 standard, which prescribes the safety requirements for generic and specific safety related applications. Compliance to the IEC 61511 (2004), 'Functional safety - Safety instrumented systems for the process industry sector', is also certified. ProSafe-RS is the world's first SIL3 certified system that includes this standard IEC 61511. The certification also includes various application standards such as IEC61131-2 (2003), EN 298(2004), EN 50156 (2004), NFPA 85 (2001), EN 54-2 (2004) and NFPA 72 (2002).
| Tel: | +27 11 831 6300 |
| Fax: | +27 11 86 411 8144 |
| Email: | [email protected] |
| www: | www.yokogawa.com/za |
| Articles: | More information and articles about Yokogawa South Africa |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version