Managing Automation - February 2008 - (Page 28) [ SPECIAL REPORT ] vision. Other staunch safety vendors, such as not combine a regular control or motion apTriconex, a division of Invensys, and even auplication with the safety function.” tomation vendor Schneider Electric, prefer the Others would beg to differ. Siemens, for extraditional approach of keeping controllers ample, is incorporating the term “safety intephysically and logically separated. grated” across its entire line of PLCs, as well as For advocates of keeping safety separate, motion devices, drive devices, and networks. certification is a huge factor in their decision. “The entire architecture is evolving to have Safety controllers are certified by organizathe safety component integrated in,” says J.B. tions such as TUV Rheinland Group, an indeTitus, manager of business development and pendent approval agency that assesses safety industry standards at Siemens Energy & Ausystems based on industr y standards. These include the “In the area of plant operations and general safety standard, IEC demonstrated safety performance of 61508, as well as the IEC manufacturing facilities, automation 61511, specific to the process industry. Another certification is critical.” — Jerry Gipson at Dow layer is the safety integrity level (SIL), ranked in four levels of risk reduction tomation division. “Siemens has no conflict provided by the controller, SIL1 being the least with this it brings value to the end user, to dependable and SIL4 the most dependable. suppliers, to machinery manufacturers, and Schneider Electric’s safety product, the to OEMs. It brings value to everybody in the Quantum PLC, was recently certified for SIL2. chain because it reduces effort and provides a But certifying safety systems is an expensive higher level of safety.” proposition, and it is risky to introduce new How could it be safer? Titus says it’s a natvariables into the mix, says Haroon Rashid, ural evolution of technology. The control deproduct marketing manager for automation signs are more reliable than they were in the and safety at Schneider Electric’s North Amer1970s, and there is more intelligence built in to ican operating division. analyze data, which makes it less risky to in“Not only is the cost higher to make sure a tegrate the technologies. And sometimes less system performs to certain SIL levels, but we equals more. “By embedding safety into the don’t want to compromise that task of safety,” product, you’ve eliminated hundreds of comRashid says. “If we involve a standard applicaponents that would otherwise have to be added tion in a safety- or SIL-rated PLC, it may not to the machine control system,” Titus says. perform according to expectation. Because of But the debate is ongoing and is not cutthese reasons, it is my opinion that we should and-dried. Issues such as discrete vs. process To Separate or to Integrate? Before choosing a safety solution, consider the pros and cons of the various approaches. Level of Integration Separate Advantages No common cause of failure; better protection against cyber-attacks; failure of *BPCS has no impact on * SIS; fewer management challenges Reduced common cause failures Drawbacks Higher installation, engineering, and training costs; higher lifecycle costs due to the need to manage and maintain two separate systems Higher engineering and installation costs; additional training and maintenance; gateway issues and potential throughput issues Requirement for very vigorous user management capability; increased risk of common cause failures; some BPCS failures will impact SIS; greater management challenges; need careful design to ensure that BPCS failure modes do not lead to dangerous conditions Photo courtesy: Dow Chemical Interfaced Integrated Lower engineering and lifecycle costs; lower training and maintenance expenses; easier time synchronization; improved asset and event management; lower cost of hardware through common backplanes and communications Lowest system and lifecycle expenses; significantly lower installation and engineering costs; little need for additional training and maintenance; improved asset and event management * Safety instrumented system Common Reduction in the number of layers of protection; failure due to common cause can be a significant issue; increased expenses and management challenges as whole system may need to be treated as an SIS * Basic process control system Source: ARC Advisory Group white paper, “Business Issues Driving Safety System Integration,” February 2006 ma February 28 2008
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.