You are on page 1of 62

Turnkey Control, Instrumentation and Electrical Solutions

Providers

Technopark , Jebel Ali


P O Box 61314
Dubai, UAE
INTRODUCTION TO ICSS SYSTEM
INTEGRATED CONTROL AND SAFEGUARDING SYSTEMS

ICSS JIHAR consists 3 major systems in this project

1. GTP Jihar
2. SGS Jihar
3. SGS Al Mahr
1. GTP JIHAR
ICSS of GTP Jihar consists of following mutually connected components
i) Distributed control system (DCS) for process monitoring and control on GTP
Jihar
ii) Emergency Shutdown system (ESD) on GTP Jihar
iii) Fire & Gas system (FGS) for fire protection on GTP Jihar
iv) Servers & Work Stations
v) Printers
i) Distributed control system (DCS) on GTP Jihar
• For Process Monitoring & control functions
• ABB 800xA 5.0 SP2 based system
• AC800M controllers (PM 866)
• Duplicated Controllers (Redundancy)
• I/O subsystems containing all types of I/O modules (DI, DO, AI, AO)
connected with CPU’s with duplicated optical ModuleBus
(Redundancy)
• DCS GTP Jihar connected on process LAN and communicates with
other controllers & servers

ii) Emergency Shutdown System (ESD) on GTP Jihar


• To perform process safeguarding functions
• ABB 800xA 5.0 SP2 based system
• AC800M controllers (PM 865)
• Duplicated High Integrity Controllers (Redundancy)
• SIL – 2 System
• High Integrity I/O subsystems (High Integrity – DI, DO, AI)
iii) Fire & Gas System (FGS) on GTP Jihar
• To perform process safeguarding & fire protecting functions
• ABB 800xA 5.0 SP2 based system
• AC800M controllers (PM 865)
• Duplicated High Integrity Controllers (Redundancy)
• SIL – 2 System
• High Integrity I/O subsystems (High Integrity – DI, DO, AI)

iv) Servers & Work Stations


• In order to integrate whole system and to enable execution of higher
level process control functions
• Communication to ensure connectivity of different systems
• Operator workplace enabling high quality and sufficient capacity of
HMI functions
• Data acquisition / engineering and maintenance
• Information management
The following Servers are used in this project
• Aspect server includes Domain Server (Redundant)
• Connectivity server (Redundant)
• Information Management server (Redundant)
• Asset Optimization server
The following work stations are used in this project
• Engineering workstation
• Operator workplace
• F&G Station
• Remote client
v) Printers
• For different applications (Event list , Reports, Screen Hard Copies)
• Different type of printers are available (Matrix, Laser B/W, Laser
Colour)
• Redundancy communication / LAN to printers

2. SGS JIHAR
DCS & ESD systems on SGS Jihar are connected on Process LAN via redundant
fiber optic link between GTP and SGS Jihar

DCS & ESD system will perform the following functions


• Process monitoring & Control
• ESD / Safeguarding function
• Fire Protecting function
• Normal process I/O modules for DCS system to do process
monitoring and Control
• High Integrity controller and I/O Modules for ESD and FGS system
• Operator Touch Screen / HMI for small operator work station
3. SGS AL MAHR
DCS & ESD systems on SGS AL MAHR are connected on Process LAN via
redundant fiber optic link between GTP and SGS Al Mahr

DCS & ESD system will perform the following functions


• Process monitoring & Control
• ESD / Safeguarding function
• Fire Protecting function
• Normal process I/O modules for DCS system to do process
monitoring and Control
• High Integrity controller and I/O Modules for ESD and FGS system
• Operator Touch Screen / HMI for small operator work station
SYSTEM ARCHITECTURE
• Server Configuration
• The Client/Server network is used for communication between
servers and between client workplaces and servers
• Redundant server configuration (1 out of 2) is provided
• Failure of one server will activate the second to carry out it’s
function independently without causing any serious problems in
the process control
• Each server cabinets are provided with single monitor
• System request (Prnt Scrn / SysReg) button can be used to
switchover from one server to next

• Domain Server
• The user handling in a windows Domain is done from a domain
server
• Every Domain must have at least one domain server
• Domain server has Windows server 2003 installed
• Clients will always connect to the 800xA system using domain
accounts
• Aspect Server
• Runs the central Intelligence in the system
• Includes all aspect directory
• Services related to object management, object names & structures
• Stores data on all objects defined in a system
• Client access the data from aspect server
• Redundancy servers (1 out of 2)

• Note
In this project Domain server and Aspect server are combined in one
machine.
• Connectivity Server
• Provides access to controllers and other data sources throughout
the networks
• The OPC server for AC 800M must be installed on connectivity
server
• The OPC server is used for reading run-time data and / or alarms
and events from controllers via OPC interface
• One OPC server is allowed to subscribe to data from a maximum of
24 controllers
• A maximum of three OPC servers are allowed to subscribe to Data
access and/or alarms and event from one controller
• Redundant connectivity servers (1 out of 2) are available
• Information Management Server
• Redundant servers (1 out of 2) are available
• Data access via data providers
• History services
• Logging numeric / process data collected from object properties
• Logging alarms and events
• Storing completed reports executed via the application scheduler
• Asset Management Server
• Redundant servers (1 out of 2) are available
• Provides a method for detecting field devices problems
• Maintenance Workplace and Asset structure
• Asset Reporting
• Asset Viewer
• Asset Monitor – Process
• Asset Monitor – System status
• Asset Monitor – HART devices
• Communication / Networks
• Based on Ethernet and TCP/IP networks
• High system availability through redundancy concepts
• Ethernet is used for the Control Network, the Client / Server
network and AC 800M controllers
• In this project, control network and client / server network be
separated in to different network areas
• The connection between the network areas is provided by
connectivity server
• Reasons to separate the control network from the client / server network
• Fault isolation
• Client / server network will not affect nodes on the control network
• Limitation of broadcast traffic
SYSTEM HARDWARE
1. AC 800M
AC 800M is a hardware platform comprising individual hardware units,
which can be configured and programmed to perform multiple functions.
The following modules are used in this project
• DCS system Processor unit – PM866
• ESD system High Integrity processor unit - PM865
• FGS system High Integrity processor unit - PM865
• Serial Modbus communication unit - CI853
• Modbus TCP/IP communication unit - CI867
• CEX BUS interconnection unit - BC810

1. Various I/O systems can be connected to the AC800M controller,


either directly or via PROFIBUS DP or FOUNDATION fieldbus
2. In AC800M High Integrity controller it is possible to run both SIL and
Non-SIL classified applications
3. SIL classified I/O units are required for SIL applications
4. Normal I/O units can be used with AC800M for Non-SIL applications
PM8xx/TP830 processor unit consists of two basic parts
• Processor unit with processor and power supply boards
• Base Plate (TP830), housing the unit termination board
The CPU board contains the microprocessor and the RAM-memory,
controllers for all built-in communication interfaces, real-time clock, LED
indicators, INIT push button and a compact flash interface.
Processor unit redundancy is available for both PM866 (DCS) and PM865
(ESD, FGS). In this case, the controller contains two processor units, each
including memory for system and application software.
One unit is acting as primary, the other is backup. The primary processor
unit controls the process. The backup stands by, ready to take over in case
of a fault in the primary. The changeover is done bumplessly and in less
that 10ms.
During changeover, the process outputs are frozen. You can replace the
malfunctioning processor unit while the system is running.
Before fault replacement, the system operates as a system without
redundancy with only one processor unit in operation.
After the replacement is carried out, the system once again has a
redundant processor unit. The data will be automatically transferred
to the replaced controller from the other controller through peer to
peer communication.
The primary unit and the backup unit are logically separated from
one another. Hardware errors in the primary processor unit cause the
system to perform a correct changeover.
I/O units are connected to the two CPUs via the optical ModuleBus.
• AC 800M Controller Features
• Modularity, allowing for step-by-step expansion
• Simple DIN rail attachment / detachment procedures, using a unique
slide and lock mechanism
• Fast & simple troubleshooting procedures available via unit/channel
LEDs
• Low Heat dissipation
• All units are fully EMC certified
• Allows connecting a large number of I/Os
• Connection to Modbus TCP
• Connection to IEC 61850
• CPU redundancy (Hot Standby system)
• SIL 2 certified controllers (PM865)

• Processor Unit - PM865


• 32 MB RAM with internal or external battery back-up facility
• 12 x S800 I/O units can be connected to the electrical ModuleBus
• Four on-board communication ports
• CN 1 + CN 2, Ethernet ports
• Com3, serial port (RS-232C) with modem support
• Com4, serial port (RS-232C) for service tool
• Redundancy control link for use in redundant configuration
• High Integrity controller
• Overvoltage protection
• Internal voltage supervision
• Runs applications code in Non-SIL and SIL-2 applications
• Processor Unit - PM866
• 64 MB RAM with internal or external battery backup facility
• 12 x S800 I/O units can be connected to the electrical ModuleBus
• Four on-board communication ports
• CN 1 + CN 2, Ethernet ports
• Com3, serial port (RS-232C) with modem support
• Com4, serial port (RS-232C) for service tool
• Redundancy control link for use in redundant configuration
• Optical ModuleBus
• In redundant CPU configuration, S800 I/O is connected through
the optical ModuleBus.
• Each CPU is connected to one TB840 on each cluster
• AI895 Analog Input Module
• 8 channels for 4-20mA
• HART communication
• EMC protection
• DIN rail mounting
• Directly interface 2-wire transmitters and with a particular
connection it can also interface 4-wire transmitters without losing
the HART capability
• Includes Intrinsic safety protection
• All 8 channels are isolated from the ModuleBus and power supply in
one group
• Three LEDs indicate module status Fault (Red), Run (Green) and
warning (Yellow).
• Normal Operation mode – Run indication
• Any error input is active – warning indication
• The module is in Init state or not configured state – Fault Indication
• In not configured state the Fault LED is turned off after the first valid
access to the module
• AI845 Analog Input Module

• 8 channels for 0…20A mA, 4…20mA, 0…5V or 1…5V d.c., single


ended unipolar inputs
• Single or redundant operation
• Advanced on-board diagnostics
• EMC Protection
• Din rail mounting
• Each channel can be either a voltage or current input
• If an external power supply is used for feeding HART transmitters, the
power supply must be HART compatible
• The module perform self-diagnostic cyclically
• Three LEDs indicate module status Fault (Red), Run (Green) and warning
(Yellow)
• Normal Operation mode – Run indication
• Any error input is active – warning indication
• The module is in Init state or not configured state – Fault Indication
• In not configured state the Fault LED is turned off after the first valid
access to the module
• AI880A High Integrity Analog Input Module

• 8 channels for 0…20A mA, 4…20mA, single ended unipolar inputs


• Single or redundant operation
• Loop supervised DI functions
• EMC Protection
• Configurable filter time per channel
• Configurable Alarm limit for field power outputs
• Configurable over / under range for current inputs
• Advanced on-board diagnostics
• Din rail mounting
• Certificate for SIL-3 according to IEC 61508
• Input resistances is 250 ohm
• Sensors should be for 24V power supply if it should be powered from the
module
• Shielded field cables are required for process connections

• Self Diagnostic functions


• Errors in External power supply and External shunt error will be reported
as External channel error
• Errors in Low Pass Filter and Test channels will be reported as channel
error
• Errors in Analog to Digital converters, Multiplexer, Analog references,
Internal power supplies, Errors in micro controller and Memory will be
reported as Module error
• Four LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• Primary - Yellow
• AO895 Analog Output Module
• 8 channels of 4-20mA outputs
• HART communication
• EMC protection
• DIN rail mounting
• OSP sets outputs to predetermined state upon error detection
• Module includes Intrinsic Safety protection components on each
channel for connection to process equipment in hazardous areas
• The Module performs self-diagnostic checks cyclically
• LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• OSP - Yellow
• AO845 Analog Output Module

• 8 channels of 4…20mA outputs


• Single or redundant applications
• OSP sets outputs to predetermined state upon error detection
• Advanced on-board diagnostics
• EMC Protection
• DIN rail mounting
• Four LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• OSP - Yellow
• The module performs self-diagnostic cyclically
• External Error - If the process power supply that supply voltage to output
circuitry is too low or the output current is less than output set value and
the output set value > 1 mA (open circuit)
• Internal Error - If the output circuit can not give the right current value.
• Module Error - Output transistor error, short circuit, internal power
supply failure, status link error, watchdog error
• DI890 Digital Input Module
• 8 channels for switch or proximity sensor inputs
• All channels fully isolated
• Input and fault status indicators for each channels
• Volt-free contact interface
• EMC protection
• DIN rail mounting
• Module includes Intrinsic Safety protection components on each
channel for connection to process equipment in hazardous areas
• Three LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• In addition there are two LEDs for each channel to show channel
state and channel fault
• The channel fault indication can be disabled when not required
• DI810 Digital Input Module

• 16 channels for 24V d.c inputs


• Input status indicators
• EMC protection
• DIN rail mounting
• Input voltage range is 18 to 30V d.c
• Input current is 6mA at 24V d.c
• Three LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• One LED per channel indicate input state (ON = 1 and OFF = 0)
• DI880 High Integrity Digital Input Module

• 16 channels for 24V d.c inputs


• Input status indicator
• Advanced on-board diagnostics
• EMC protection
• Sequence of Events
• DIN rail mounting
• Single or redundant applications
• Certified SIL-3 according to IEC 61508
• Input Voltage range is 18 to 30 V d.c
• Input current is 7mA at 24V d.c
• The sequence of Events function (SOE) can collect with a resolution
of 1ms
• The input signals can be digitally filtered. This means that pulses
shorter than the filter time will be filtered out and pulses longer than
specified will get through the filter.
• Self Diagnostic Functions
• External Error - Error in external power supply
• Internal Error - Errors in circuit only affecting specific channels on
the module (short circuit, open circuit)
• Module Error - Error in internal power supplies, Error in micro
controller
• DO890 Digital Output Module
• Channels for 11V, 40mA digital outputs
• All channels fully isolated
• Power to drive Ex certified solenoid valves and alarms sounders
• Output and fault status indicators for each channel
• EMC protection
• DIN rail mounting
• OSP sets outputs to predetermined state upon error detection
• Module includes Intrinsic Safety Protection components on each
channel for connection to process equipment in hazardous areas
• Open and short circuit detection can be configured for each channel
• Four LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• OSP - Yellow
• In addition there are two LEDs for each channel to show channel state and
channel fault.
• The channel fault indication can be disabled when not required
• Module include performs self-diagnostic checks cyclically
• DO810 Digital Output Module

• 16 channels for 24V d.c current sourcing outputs


• Output status indicators
• OSP sets outputs to predetermined state upon error detection
• Short-circuit protection to ground
• Over-voltage and over-temperature protection
• EMC protection
• DIN rail mounting
• Output voltage range is 10 to 30 V
• Four LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow
• OSP - Yellow
• The outputs are current limited and protected against over temperature
• DO880 High Integrity Digital Output Module

• 16 channels for 24V d.c current sourcing outputs


• Loop monitoring supervision of short and open load with
configurable limits
• Diagnostic of output switches without pulsing on outputs
• Advanced on-board diagnostics
• Output status indicator
• Single or Redundant configuration
• EMC protection
• DIN rail mounting
• Certified for SIL-3 according to IEC 61508
• Three LEDs indicates module status
• Fault - Red
• Run - Green
• Warning - Yellow

• Self Diagnostic Functions


• External Error - Error in external power supply
• Internal Error - Errors in circuit only affecting specific channels on the
module (short circuit, open circuit)
• Module Error - Error in internal power supplies, Error in micro
controller
Communication Modules
• CI867 – Modbus TCP Interface
• Provides one 10/100Mbps fast Ethernet port
• Provides one 10Mbps Ethernet port
• DIN rail mounting
• Provides communication with Modbus TCP protocol via Ethernet
• Support hot swap
• CI853 – RS-232C Interface
• Two RS-232C ports implemented with RJ45 connectors
• Modem support
• DIN rail mounting
• Transmission speed selectable between 75 baud and 19200 baud
• BC810 – CEX-BUS Interconnection Unit
• Supports redundant communication interface units
• Supports on-line replacement of the CPU
• Supports hot swap
• DIN rail mounting
OPERATOR WORKPLACE
• Operator Workplace
• The operator workplace is the environment from which the operator
views and control the plant process
• It may have single or a multi-screen setup
• It comes in two versions
• Full client
• Remote client
• The remote client only supports one monitor
• In this project two monitors are used for operating work stations
• In operator mode (operator logged in) two screens in two monitors
will open automatically
• If others logged in this operator station can select Operator
workplace 1x2 screens
• The operator workplace window is divided in to four main parts
• Application Bar
• Display Bar
• Display Area
• Status Bar
• Application Bar
• It occupies the area at the top of the operator workplace windows

• It is used for showing important information about your systems


• Main use is to show the alarms, give access to the alarm situation for
a process area as well as direct links to displays or other aspects and
tolls

• Alarms

• It is Alarm list with special configuration that shows the three latest
alarms
• Alarm Band
• It provides a summary display for selected alarm lists and provides a
link to the corresponding alarm list display

• The number on a button represents the number of currently


unacknowledged alarms
• The colour of the button shows the highest priority alarm presented
at the moment
• To go to alarm list, click on the button
• Tool Bar

• Find Tool - It is a tool used for finding the objects and


aspects in a system based on name, path
• All Process Alarms - It shows a listing of all alarms from the
process
• All Process Events - It shows a listing of all events in the
process
• System Alarms list - It shows a listing of all alarms in the
control system
• System Event List - It shows a listing of all events in the
system
• System Status - It shows a listing of status information for
system services in the service structure
• External Alarms silence - It is used to silence all external alarms
• The Replacement Strategy Tool - It allows selection of pop-up window
behavior. Selection of replace will cause the pop-up window to replace its
content if the asked for aspect is of the same type
• The Aspect Browser - It switches the aspect browser on and off. When
it is switched on, the aspect browser is opened in a pop-up window. You
can then browse the object structures. The tool has two states (up and
down). When the button is down the aspect browser is displayed in a
separate window. When the button is up the aspect browser is closed.
• The Aspect Menu - It shows a listing of the aspects that you have
chosen to place in the favorites list for fast access
• Print Screen - It is used to print the operator workplace contents. The
screen where the tool is clicked will be printed.
• Show Help - It shows the on-line help
• About Industrial IT - It shows information about the installed
systems and extensions
• Close Workplace - Close the operator workplace
• Display Bar

• Back to Previous Display - It shows the previous display in the


aspect history list
• Forward to Next Display - It shows the next display in the aspect
history list
• Aspect History List - It shows a listing of the most recently
viewed aspects or type of information (the latest used display on
top)
• Drop Target - By dragging an aspect to the Drop Target,
it will be displayed in the Display Area
• Pinned Tool - It pins the display like a note on a billboard. The display
can not be changed by clicking on the Backward or Forward button or drop
a display on the Drop Target Tool. To enable change of display, first you
have to remove the pinning of the display
• View Selector - It shows a drop-down menu of the available views for the
aspect you have selected. If you place the pointer on the view selector a
tool tip will show the current view
• Aspect Icon Tool - Add the aspects as a favorite by selecting add to
aspect menu in the drop-down menu
• Shortcuts - It provides shortcuts to specific displays.
Shortcuts can be added and configured to point out specific displays
• Status Bar

• It occupies the lower part of the Operator Workplace Window


• Operator message line - It shows the latest Operator message
from the control system
• Current User Tool - It shows the current user