industrial networks - control global · isa-95/iec 62264 standard, on which the majority of control...
TRANSCRIPT
Industrial Networks
eHANDBOOK
TABLE OF CONTENTSEvolving network architectures 4
IIoT and cloud computing are changing our view of the venerable Purdue model.
Open systems unlock value 8
Standards deliver on the interoperability promised by OPAF and NAMUR.
Wireless IPL 15
ISA-84 offers guidance for emerging for safety and security applications.
The bus in winter 17
HART and fieldbus offer ways to keep instruments honest when temperatures are low.
The brittle panel 19
What’s it worth to be able to touch wiring without causing an incident?
AD INDEXNexans • nexans.us/industrial 3
WAGO CORP. • www.wago.us/IOsystem 7
Newark • newark.com 14
eHANDBOOK: Industrial Networks 2
www.ControlGlobal.com
Nexans Industrial Ethernet Solutionsnexans.us/industrial • [email protected] White Oak Rd, New Holland, PA 17557 • 717-354-6200
CONNECT & CONVERGEDowntime is los t t ime. And los t t ime means los t prof i tabi l i ty. With Nexans Industr ia l Ethernet Solut ions, you’re get t ing a solut ion you can t rus t ; one that suppor ts your requirement for 100% upt ime.
Nexans gives you the conf idence to make the connect ion. Visi t nexans.us/industrial to learn more.
NETWORK SOLUTIONSFOR ANY ENVIRONMENT.
The Purdue Enterprise Reference
Architecture incorporated in the
ISA-95/IEC 62264 standard, on
which the majority of control system
architectures and subsequent standards
including wireless, cybersecurity, safety,
etc. are based, originated in 1989. Despite
being in use for almost 30 years, many
people still believe it’s based on physical
layers, when it actually defines the func-
tions to be performed at each level of the
architecture. At the time the model was
developed, and in most cases today, it’s still
true that form follows function, and the var-
ious pieces of hardware tend to correlate
closely to their assigned function. The IEC
62443/ISA-99 cybersecurity zone and con-
duit concept also tends to encourage the
maintenance and separation of each of the
function-based layers.
With the changes in processing and com-
puting capability we’ve seen at the different
levels of the enterprise, particularly Level
1, and the introduction of cloud-based sys-
tems, it’s my understanding that ISA-95,
as part of their regular review of the docu-
ment, is revisiting the architecture model,
with particular emphasis on Level 1 and
Level 0.
Another ISA standards body, ISA-112
SCADA Systems (www.isa.org/isa112), also
needed an architecture model on which to
base their work. The present version of this
model, which adds more granularity to the
ISA-95 model, is shown here.
When creating this model, ISA-112 delib-
erately chose to use letters to show the
different layers, in part to avoid confusion
Evolving network architecturesIIoT and cloud computing are changing our view of the venerable Purdue model.
By Ian Verhappen
eHANDBOOK: Industrial Networks 4
www.ControlGlobal.com
with the Purdue model (shown for reference
on the side) but also to help the commit-
tee relate the physical equipment against
the function(s) that equipment needs
to perform.
In general, layers A through D will tend
to be at the remote site, which could be
anything from a single point and RTU to a
remote compressor or pump station com-
plete with its own “mini” control system
with wireless SCADA connections to asso-
ciated well pads, isolation valves or remote
storage facilities, thus making “site n” a
small SCADA system, or at least a data con-
centration site on its own.
Similarly, levels F and G identify the typical
SCADA components that reside on the cen-
tral SCADA server(s), typically in the main
control center. Alarms and Historian have
been identified as two typical databases
residing at this level, though as indicated by
the “database” box on the right, they’re by
no means the only ones; they are just the
ones that the committee believes require
particular attention since, from a SCADA
perspective, they will have some unique
External network
Enterprise network
Process information network
Control network
Applications
Communications servers
Wide-area network
Controller network
Local controllers
Field sensor networks
Field devices
K
J
I
H
G
F
E
D
C
B
A
Level 5*
Level 4
Level 3
Level 2
Level 1
Level 0
Purd
ue r
efer
ence
mod
el
Supe
rvis
ory
cont
rolle
rs
External applications
Enterprise network
DMZ/Process information network
Control room network
Backhaul networks
HMI Alarms HistorianDatabases
Drivers
SCADA ARCHITECTURE MODELIn this model by the ISA-112 SCADA Systems standards committee, letters are used to label layers to avoid potential conflict with ISA-95 and other similar models. Routers and firewalls between layers are not shown, nor are other system-specific servers, applications and workstations. Re-mote-hosted external applications (cloud) could be configured to attach to devices at any level with appropriate firewalls, tunneling and routing. * Note that although this shows a Purdue level 5, the true Purdue model only has levels 0 to 4 because it did not anticipate external applications.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 5
constraints and items to be considered
when developing a system.
The other addition to the proposed
SCADA model is the concept of cloud
computing, presently shown as the “exter-
nal applications” cloud at the top. Though
a link is only shown to the databases at
the SCADA server, there is the poten-
tial to link to elements at any level, with,
of course, the appropriate cybersecu-
rity protocols.
Lastly, the red lines on either side of level J
are intended to show the clear demarcation
between the OT (SCADA related systems),
IT and public or external networks as a
reminder to pay particular attention to the
cyber requirements when crossing between
different layers and systems.
The virtualization of systems per Open
Process Automation Forum (OPAF), and
arguably IIoT, is changing control system
architectures once more, with the biggest
impact at the top (nonexistent Level 5 at
the top of the model) and again at Level
1, with basic regulatory control moving
closer to the process itself. Because more
functionality in these models will reside
in software versus the hardware-based
representation, the case can be made that
the function-based reference model will
become even more important since the
physical hardware could potentially be
flattened into fewer layers residing in the
cloud and a couple virtual machines for
the hardware above the sensor layer(s).
Early in 2019, we will continue the discus-
sion on how SCADA and control systems are
evolving by having a look at how LTE and 5G
are adding another dimension to the ways
future systems could potentially develop and
be even more tightly integrated with their
associated supply chains.
The virtualization of systems is changing control system architectures once more,
with the biggest impact at the top and again at Level 1.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 6
NO NODES...LIKE OUR NODES.
The WAGO-I/O-SYSTEMThe System that Started the Modular I/O Revolution• Fieldbus independent – supports 16+ protocols• 500+ digital, analog and special function I/O modules• Compact – up to 16 DI or DO in just one 12 mm wide module• XTR Series for eXTReme temperature, shock and vibration• Add-on instruction library for RSLogix 5000® software
www.wago.us/IOsystem
RSLogix 5000® is a registered trademark of Rockwell Automation – no endorsement or affiliation implied.
No Nodes - Control - Print.indd 1 4/17/18 9:28 AM
The well-known “building block”
metaphor may be slightly over-
used by now, but it’s never been
more true than illustrating how the Field-
Comm Group’s protocols and technologies
form the base of the two latest openness
and interoperability efforts in the process
industries. This is because the use of FDI,
FOUNDATION Fieldbus, WirelessHART
and HART can more easily provide long-
sought, often-stranded information from
field devices to systems across the enter-
prise, which is the ultimate goal of openness
and interoperability.
MEET OPAF AND NAMURA revolutionary approach to openness
is being developed by the Open Process
Automation Forum (OPAF, www.open-
group.org/open-process-automation). It
aims to develop an open, interoperable
“standard-of-standards” specification. In the
two years since it was launched, OPAF has
grown to 116 members, including end users,
system integrators, suppliers and sup-
porting organizations. Over the past year,
OPAF’s Business Working Group drafted
its 36-page “OPA Business Guide” (https://
publications.opengroup.org/g182) that
describes a value proposition and business
cases for open process automation (OPA).
During the same period, OPAF’s Techni-
cal Working Group developed the OPAF
Technical Reference Model (TRM), Part
1—Technical Architecture that defines
interfaces between devices, but doesn’t
dictate what’s in those products or inter-
fere with their intellectual property. The
TRM covers regular DCSs and supporting
Open systems unlock valueStandards deliver the interoperability promised by OPAF and NAMUR
By FieldComm Group
eHANDBOOK: Industrial Networks 8
www.ControlGlobal.com
PLCs, HMIs, I/O and Ethernet-based net-
works, as well as advanced controls and
manufacturing execution systems (MES).
TRM is expected to deliver openness and
interoperability in three areas: On-Premise
OT Data Center with real-time advanced
computing (RTAC) and distributed con-
trol framework (DCF); OPA Connectivity
Framework (OCF), which is a real-time,
universal service bus like Ethernet using
an OPA-standard communication proto-
col like OPC UA; and Distributed Control
Nodes (DCN) that are configurable I/O
for input/output processing, regulatory
control, logic solving and application
hosting. If successful, OPAF’s architecture
will result in radically different con-
trol systems.
The second major openness effort,
NAMUR Open Architecture (NOA, www.
namur.net) is scheduled to be released
as an IEC standard in 2021-22. NOA
addresses openness as an evolution, that
is, without impacting what already works.
NOA is trying to maintain the benefits
of existing systems by layering NOA’s
monitoring and optimization (M+O) appli-
cations alongside existing field-level,
basic automation, MES and ERP levels.
NAMUR Open Architecture (NOA)M
onito
ring
and
optim
izat
ion
(M+O
)Central M+O
Further 4.0 use case
4.0 outVibration
Production networksimulation
Advanced analytics
Reliability center
Historian
Scheduling
Central HMI
Verification of request
Core process control
TC 4711 FC 4713
DCS/PLC
HMI
OPC-UAEngineering
Advancedprocess control
Alarmmanagement
4.0 devicemanagementDispatching
Plant-specific M+O
Production plant (4-20 MA / remote IO / fieldbus /wireless / Ethernet in the field)
Los-cost multi-sensor
Highly reliably IT infrastructure
Deterministic control system
App platform
Data directioncontrol
Openinterfaces
Proprietaryinterfaces
OPEN MONITORING AND OPTIMIZATION WITH NOANAMUR Open Architecture (NOA) provides Industrie 4.0 monitoring and optimization by using a reliable IT infrastructure in centrally located plant areas, that does not impact core-process and deterministic controls or proprietary interfaces. Source: NAMUR
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 9
These applications cover M+O functions
like dispatching, alarm management,
advanced process control (APC), and
Industrie 4.0 device management, and
essential M+O functions like advanced
analytics, historian, central HMI, produc-
tion network simulation, reliability center
and scheduling.
FIELDCOMM GROUP BASE FOR OPENNESS“FDI is the next step of device manage-
ment. It provides a unified description, and
allows for field communication standard
independent device management using
one tool. It separates device representation
from the underlying communication tech-
nology, and lays the groundwork for digital
twin representation of the devices,” says
Thoralf Schulz, board chair of the Field-
Comm Group and group vice president
of R&D and technology in the Industrial
Automation Control Technology division at
ABB. “Making these device models avail-
able through OPC UA makes the device
models available, not only to control sys-
tems, but also to further applications as
formulated by NAMUR and OPAF. Field-
Comm Group is working actively with the
OPC Foundation to make this a reality.
The currently ongoing work in standard-
ized semantic identifiers, as defined by
international standard IEX or exl@ss, will
further strengthen this. It enables not only
the data access, but makes it possible to
develop standardized applications.”
Peter Zornio, FieldComm Group board
member and CTO at Emerson Automation
Solutions, adds that, “FieldComm Group
technologies could and should play a major
role in enabling OPA and NOA solutions.
Regardless of whether OPA, NOA or other
open architectures are adopted, users aren’t
planning to replace their installed and oper-
ating field and measurement devices, such
as all the control valves running in their
facilities today. The vast majority of these
components are running some combination
of HART or FOUNDATION Fieldbus, and
that huge installed base isn’t going away.”
Zornio explains that whichever openness
strategy is employed—OPAF’s redefined,
orchestrated control architecture or
NAMUR’s added digital transformation
layer—both plan to build on the installed
base of existing devices. “No one’s talking
about ripping and replacing existing field
devices,” he says. “Openness and interop-
erability will be achieved using established
standards and easier connectivity.”
STANDARDS UNLOCK DATALukas Klausmann, senior marketing
manager for industrial communica-
tion at Endress+Hauser, agrees that the
FieldComm Group has spent years stan-
dardizing data in all kinds of field devices,
which paves the way for NAMUR and
OPAF efforts to also unlock data from
field devices in a standardized way.
“FieldComm Group enables suppliers
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 10
like Endress+Hauser to launch new tools
based on NOA that can cover a wide
range of installed bases, and turn data
into useful plant information,” he says.
For example, Endress+Hauser recently
launched an analytics app that shows a
dashboard of the installed devices in a
facility, and uses a new approach based
on work by FieldComm Group to stan-
dardize device data. “Endress+Hauser
Analytics app shows serial numbers,
tags, manufacturer names, product
code, and often asset type as well,” he
explains. “We’re also about to launch the
Endress+Hauser Health app that works
in accordance with NOA to immediately
display health status, performance history,
root cause and remedy in case of diag-
nostic events on mobile devices. Both of
these app tools are web-based, so dash-
boards can be displayed on tablet PCs
and smart phones.
“In the same way, NAMUR and OPAF are
seeking to increase device connectivity,
so more field data can make its way to
cloud services and mobile devices. All
these capabilities are made possible by
standardization, which makes sure each
On-premise OT data center(executing ISA 95 Level 2 and 3 functions)
Advanced computing platform
DCFApplication
Application
Application
DCFApplication
Application
Application
DCFApplication
Application
Enterprise IT data centers (executing ISA 95Level 4 functions)
Distributed control node (DCN) = DCP +DCFs
DCPDCF–Distributed control frameworkDCP–Distributed control platform
Business platformTransactional
computing platform
Business platform communicates through Apps running in a DCF, not directly to the OCF
Non-OPAFenvironments
External OT data center(executing ISA 95 Level 2
and 3 functions)
DCFs
External data centers may run DCFs connected to the OCF through a firewall
Standalone DCF environments may be used for tasks like offline engineering and simulation
Distributed control nodes(executing ISA 95Level 2 and 3 functions)
AI/AO/DI/DOtwisted pair
App
DCN
DCN
DCN
DCN
DCN
DCN
DCN
DCN
DCN
App
App
DCN
DCS PLC PLCDCSDCF
AnalyzerDCF
PLCDCF Machinery
monitorField
networksSafety
systemsElectricalsystems
Open Process Automation System (OPAS) Connectivity Framework (OCF)
DCNDCNApp
LegendNon-OPAS
conformantplatform
OPAScomponent
CONTROL, NETWORK AND I/O WITH OPAIn a typical process application with Open Process Automation (OPA) standard devices, OPA’s Technical Reference Model (TRM) includes On-Premise OT Data Center with real-time advanced computing (RTAC) platform and distributed control framework (DCF); OPA Connectivity Frame-work (OCF), which is a real-time, universal service bus like Ethernet running OPC UA; and Distrib-uted Control Nodes (DCN), which are configurable I/O for input/output processing, regulatory control, logic solving and application hosting. Source: OPAF
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 11
device shares its data in the same way.
FOUNDATION Fieldbus is standardized
on its H1 and High-Speed Ethernet pro-
tocols, as well as HART, and FieldComm
Group compliance-tests devices to help
ensure they can connect without issues
to provide field data. In the future, FDI
and OPC UA are going to have more stan-
dardized interfacing, which will make it
easier to connect and access field devices.
The potential here is huge because about
90% of Endress+Hauser field devices are
already equipped with a communication
protocol, such as HART, FOUNDATION
Fieldbus, Profibus/Profinet or EtherNet/
IP. Standardizing their data will mean that
ripping and replacing isn’t necessary.
FDI AND OPC UA TO THE RESCUEZornio adds that two FieldComm Group
technologies can enable any OPA and
NOA strategy. “FDI is a tool that can
configure any device as long as an FDI
package is provided. It helps integrate
existing and new field devices, which aids
everything from configuration to data
access and modeling. Meanwhile, Wire-
lessHART is key to fulfilling NAMUR’s
vision because it provides easy installation
for the incremental sensors that NAMUR
talks about adding on top of the controls
layer,” he says.
Schulz explains, “Existing HART and FOUN-
DATION Fieldbus installations make the
data from the devices available. FDI adds
the system and communication standard
that makes independent device manage-
ment a reality, and available to all HART
and FOUNDATION Fieldbus devices, as
well as to other protocols like Profibus
and Profinet. This is done without need-
ing to replace existing devices, but is still
expandable for advances in future devices.
Adding OPC-UA and a standardized device
representation, independent of the device
standards, provides standardized access,
and ensures that any advanced applications
and capabilities are equally deployable for
existing installations and newly evolved
installations. This ensures the interoperabil-
ity targeted by NAMUR and OPAF.”
FDI adds the system and communication standard that makes independent device management a reality, and available to all.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 12
Scott Saunders, president and CEO of
Moore Industries-International, says,
“OPAF and NAMUR are attempting to
do at higher data exchange levels what
FieldComm Group technologies have been
doing for years at the sensor, device and
DCS levels, which are Layers 0, 1 and 2
of the ISA 95 control information hierar-
chy. FieldComm Group does a wonderful
job of promoting and endorsing open
industrial standards for measurement
and data exchange at Layers 0, 1 and 2.
OPA is the same concept, but it consists
of platform-agnostic data exchange and
analytics using open standards and off-
the-shelf software components.”
Saunders adds that FieldComm Group
can help interoperability initiatives like
OPA because its planned DCNs will serve
as gateways between Layers 0, 1 and 2
and higher levels. This is where contin-
ued support for its open technologies like
HART Internet Protocol (HART-IP), Wire-
lessHART, FOUNDATION Fieldbus and
FDI can be most beneficial. “The future
of process control and automation is big
data and analytics, but you can’t take
advantages of those without accessing
data from Layers 0, 1 and 2, and getting
it to the cloud and corporate wide area
networks,” explains Saunders. “OPAF has
already outlined a number of requirements
for its standards, and I understand that
HART is going to be part of OPAF’s physi-
cal platform requirements.”
Moore has been developing a gateway
that supports open protocols like HART-IP,
Modbus TCP/IP and HTTP via Ethernet,
which lets users take process data from
field devices and more easily make it avail-
able to higher-level control and information
systems. This HES HART-to-Ethernet gate-
way will communicate with up to 64 HART
field devices, and allow immediate access
to real-time HART variables and diagnostics
over Ethernet.
Zornio concludes, “FOUNDATION Fieldbus, HART,
WirelessHART and FDI are available today, but they’re
also set up to meet future needs. The best avenue for
field instruments and devices to achieve openness and
interoperability is FieldComm Group technologies.”
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 13
Call us at 1-800-463-9275
newark.com
Engineering ProductsDiscover Over a Million
from Suppliers You Know and Trust § 900+ new products added each week
§ Custom services such as kitting, panel meters,enclosures, and many more!
§Market-leading online community of over500,000 engineers
For many people, the words “wire-
less” and “security” in the same
project remain incompatible. Yet,
as we continue to advance and gain confi-
dence in these new technologies, it’s likely
only a matter of time. As we know, safety
systems are based on the concept of inde-
pendent protection Layers (IPL). ISA-84,
which is responsible for development of
safety system standards, has taken the
first step by developing Technical Report
(TR) “ISA-TR84.00.08-2017, Guidance for
Application of Wireless Sensor Technol-
ogy to Non-SIS Independent Protection
Layers” (www.isa.org/store/isa-tr840008-
2017,-guidance-for-application-of-wire-
less-sensor-technology-to-non-sis-inde-
pendent-protection-layers/58724515) that
was published last year.
The report describes additional lifecycle con-
siderations that should be addressed when
wireless technology is used in an IPL where
the risk reduction claimed is less than or
equal to 10, which is similar to what’s claimed
by a basic process control system (BPCS).
The TR assumes that the risk analysis team
has already determined that the protection
layer, including the wireless sensor, network
and communications, meets the specificity
and independence criteria. The authority
having jurisdiction (typically the owner/oper-
ator or local regulatory authority), as part of
their layers of protection analysis (LOPA), can
assign a risk reduction factor of less than or
equal to 10 (non-SIS IPL) to wireless-based
systems, with the TR providing the guidance
and considerations for the use of wireless in
the process sector.
Wireless IPLISA-84 offers guidance for emerging for safety and security applications.
By Ian Verhappen
eHANDBOOK: Industrial Networks 15
www.ControlGlobal.com
To assist in achieving the benefits of IPL,
the TR provides information on how to
establish a design that satisfies depend-
ability and auditability criteria. Those
considerations include:
• Mesh as well as point/multipoint systems
access the control system at Level 1 (I/O)
or Level 3 (process control), and are part
of the control network entering the con-
trol system on the same side of the DMZ.
Some organizations connect their wire-
less sensor networks through the DMZ,
in which case this TR would no longer
be valid without added analysis by the
owner/operator.
• Some means should be provided to auto-
matically detect and flag stale data at the
host end of the data path.
• A network manager and security manager
are necessary for each wireless system.
• The host interface should incorporate
diagnostic notifications (i.e. stale data,
low battery, loss of signal, unautho-
rized configuration changes and loss
of gateway connection) necessary to
monitor the basic health of the wireless
sensor network.
• IPL response time (IRT) including wire-
less sensor latency should include failure
detection and interference.
• Systems relying on a publication method
should be designed to respond in a fail-
safe manner whenever it’s determined
that data is stale.
• An operator response plan to wireless
notifications should include response
time and actions required to mitigate
safety issues. A critical scenario that
should be considered is the case of a
general failure of the wireless network
that results in complete loss of view to
an area.
• A revision management system should be
in place to keep devices and systems at
the proper revision and embedded soft-
ware levels. When changes are made to
application, embedded or utility software,
those changes should be reviewed to
identify any impact on the overall safety
availability or reliability of the equipment.
Additional guidance includes Table 3,
which shows a matrix of security threats
and countermeasures for wireless sensor
networks as well as two tiers of suggested
key performance indicators (KPIs) with five
high-priority and eight low-priority KPIs
intended to indicate the health of the system.
Due to the uncertainties of measurement and
communication timing inherent in wireless
technology, safety instrumented functions
(SIF) have been specifically been excluded
from the document. Though wireless isn’t yet
quite ready for safety systems, at least in the
process realm, it will likely only be a matter
of time. Applying wireless as an IPL is simply
step one in the process.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 16
Every winter when ambient tempera-
tures sank into the teens (below -7
°C), the differential pressure (DP)
across the reactor became erratic. With
millions of dollars’ worth of relatively soft
precious-metal catalyst contained inside,
no one wanted to believe this reading
was for real. Both reactors’ DP showed
fluctuations—was the cold causing some
phenomenon in the reactor beds, or was
this just a measurement anomaly?
If you’re reading this column anywhere
north of the 40th parallel, chances are
you’ve already had enough winter to be
dreaming of tropical escapes. More cold
weather looms, and it will likely take its
toll on unprotected process equipment
and instrumentation. Putting practically
the entire process indoors is sometimes
a necessity, but even such enclosures are
subject to the extremes of the environment,
as is their supply of energy—it seems every-
one has a story about when the boilers all
went down in January. For those caught off
guard, thawing out a process plant in winter
is motivation enough to ensure it doesn’t
happen twice.
If you watch the videos on the Chemi-
cal Safety Board website (www.csb.gov/
videos/winterization-safety-message),
you can see examples where unforeseen
freeze-ups are not only a nuisance, but
also potentially deadly. As the instrument
or controls specialist, you may not be per-
sonally accountable for winterization of
the process vessels and piping, but frozen
instruments derail control schemes, and
errant indications can create distractions
The bus in winterHART and fieldbus offer ways to keep instruments honest when temperatures are low.
By john Rezabek
eHANDBOOK: Industrial Networks 17
www.ControlGlobal.com
and unwarranted worry. You have a respon-
sibility to ensure they work equally well in
the extremes of the weather.
If accuracy or precision is important—for
example, a DP today of 2.1 versus a DP
of 2.0 last month is meaningful to those
watching and analyzing the process—con-
sider the raw effect of temperature on your
transmitters. If you’re employing a 20-year-
old transmitter, the effect might be more
than you think. Consider specifying ther-
mostatically controlled, electrically heated
boxes to maintain the transmitter sensor
and electronics at a fixed temperature of
±5-10 degrees. If you heat instrument boxes
with steam, you can obtain thermostats for
steam heaters—check with your favorite
instrument enclosure manufacturer. With
sensitive instrumentation, maintaining rel-
atively constant temperatures is an aid
to accuracy and repeatability as well as
freeze protection.
If you can use the digital HART signal or
employ WirelessHART or fieldbus, many
if not most devices provide a temperature
measurement as a secondary variable. If
these can be displayed on the DCS, opera-
tors can be encouraged to monitor them as
an early warning of failed tracing or impend-
ing freeze-ups. I’d refrain from creating any
alarms per se unless said alarms pass muster
with your site’s alarm philosophy. How you
bring them in is important—we’ve tried OPC
over the years and the reliability of servers
can diminish the credibility of the indications.
Bring in a status for these secondary mea-
surements as well.
Some extra clever devices have even more
capabilities that can whisper to us about
subtle changes, some of which can indi-
cate issues. You can purchase pressure
transmitters that monitor the (relatively)
high-frequency noise in the pressure signal.
With a little “training” and tuning—effort
that may only be justified for the most
critical measurements—the device can
distinguish between normal noise and
increasing or decreasing noise resulting
from one or both impulse lines freezing up.
The secondary temperature can only alert
us to a cold box, but the noise signal can
tell us when the tracing on the impulse lines
is failing.
If only the plant’s reactor DP transmitters
had such intelligence, the cause of erratic
readings in cold weather might have been
apparent. It was eventually revealed that
the long capillaries connecting each leg of
the DP transmitter to the remote seals used
a fill fluid that became extremely viscous
at low temperatures, causing a phase shift
between the unequal lengths of capillary.
A little insight could have saved the plant
manager some heartburn. Help your pro-
cess stakeholders listen to the subtle ways
instruments can get us through the winter
unscathed.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 18
Jake and his assistant were search-
ing. The outbuilding had some
ambient monitors for oxygen and
carbon monoxide (CO), since it housed
the continuous emission monitoring
system (CEMS) for the nearby boiler. The
stack sample being analyzed was poten-
tially suffocating or otherwise lethal, so
sirens would sound locally and beacons
would flash, alerting any occupants that
they should leave and seek fresh air imme-
diately. Jake calibrated the monitors every
quarter, but a recent corporate audit rec-
ommended that this was insufficient if
the alarm did not also show in the control
house—a continuously attended location.
Soon, the operations manager entered
a work order to bring this alarm into
the house.
If your facility has been around for more
than a couple of decades, it’s not uncom-
mon that the 20% spares left in local panels
by the original builders have long ago
been consumed. Projects come through,
process specialists come up with other
points to monitor, and before long, local
junction boxes have every spare pair occu-
pied. In Jake’s case, the next nearest place
with a spare for a new alarm was in the
panel for the crude furnace preheater. This
panel accompanied the addition of the air
preheater decades ago, which was itself
installed many years after the original fur-
nace was constructed. Inside, it was still full
of relays wired for burner management and
the orderly startup of the preheater. When
Jake opened the panel, it was like a journey
back in time. A routine task got interesting
The brittle panelWhat’s it worth to be able to touch wiring without causing an incident?
By John Rezabek
eHANDBOOK: Industrial Networks 19
www.ControlGlobal.com
when he tried to move some wires to check
if they were spares; a boring day became
exciting when the furnace unexpectedly
shut down.
No instrument specialist or operator
wants an exciting day. And so, it’s become
common that no one is eager to poke at
anything for fear that some unforeseen
interconnection will cause a process upset
or shutdown. Over years of operation, con-
tacts corrode, vibration loosens once-tight
terminations, and heat, cold, humidity and
time take their toll on every sensor and
logic solver. What had been shiny, tight and
certifiable decades ago is now a liability—
it’s “brittle.”
How do we deal with brittle? Should we
do nothing until months or years in the
future when the process is offline? What
if a vital measurement or interlock means
we must open and work in such scarily
fragile enclosures while the process is run-
ning profitably? Although we have cultures
where instrument and electrical—I&E—is
considered infrastructure (a perspective I
would argue is less than optimal), it remains
that the consequences of brittle or shabby
delivery of measurements and interlocks
have grave consequences for productiv-
ity—not to mention other priorities such as
safety and the environment.
If Jake had foreseen the impact of his
actions before opening the preheater panel,
what might he have done differently? 20/20
hindsight says, why wasn’t someone doing a
tug-test and retorqueing of all the terminals
in the panel during the last process outage?
Often the issue is, people you’d entrust with
such tasks are consumed with putting out
fires—attending to the hot issues of recent
memory. When production is profitable, the
business has little patience for downtime,
so “nice to do” preventive care is usu-
ally postponed.
Let’s try imagining what robustness—
the opposite of brittle—would be like.
Robustness would mean even when we
inadvertently trigger some otherwise spuri-
ous (false) signal, the control system/logic
solver doesn’t invoke a trip. But old relay
logic and skid-mounted PLCs don’t nor-
mally attempt to use even simple voting to
invoke a trip—mechanical equipment sup-
pliers and consultants would sooner protect
their liability than employ any cleverness
(or expense) to avoid a spurious trip, unless
specifically directed by the client.
Do your specifications address terminal
blocks? Some of us experience pushback
from electrical contractors when we sug-
gest spring-clamp terminals, but perhaps
this can be overcome with a little invest-
ment in tools and training. If our projects
endure for decades, this relatively mun-
dane choice of terminal blocks might be a
simple and effective bulwark against future
brittleness.
www.ControlGlobal.com
eHANDBOOK: Industrial Networks 20