Allen-Bradley 1711-P05SISID050S, 1711-P05SISID100S, 1711-P05SISID050T, 1711-P05SISID100T, 1711-P05SISOD050S User Manual
...
User Manual
Original Instructions
OptiSIS® Safety Instrumented System
Catalog Numbers 1711-P05SISID050S, 1711-P05SISID050T, 1711-P05SISOD050S, 1711-P05SISOD050T, 1711-P05SISID100S,
1711-P05SISID100T, 1711-P05SISOD100S, 1711-P05SISOD100T
AB PLCs
Important User Information
Read this document and the documents listed in the additional resources section about installation, configuration, and
operation of this equipment before you install, configure, operate, or maintain this product. Users are required to
familiarize themselves with installation and wiring instructions in addition to requirements of all applicable codes, laws,
and standards.
Activities including installation, adjustments, putting into service, use, assembly, disassembly, and maintenance are
required to be carried out by suitably trained personnel in accordance with applicable code of practice.
If this equipment is used in a manner not specified by the manufacturer, the protection provided by the equipment may
be impaired.
In no event will Rockwell Automation, Inc. be responsible or liable for indirect or consequential damages resulting from
the use or application of this equipment.
The examples and diagrams in this manual are included solely for illustrative purposes. Because of the many variables and
requirements associated with any particular installation, Rockwell Automation, Inc. cannot assume responsibility or
liability for actual use based on the examples and diagrams.
No patent liability is assumed by Rockwell Automation, Inc. with respect to use of information, circuits, equipment, or
software described in this manual.
Reproduction of the contents of this manual, in whole or in part, without written permission of Rockwell Automation,
Inc., is prohibited
Throughout this manual, when necessary, we use notes to make you aware of safety considerations.
WARNING: Identifies information about practices or circumstances that can cause an explosion in a hazardous
environment, which may lead to personal injury or death, property damage, or economic loss.
ATTENTION: Identifies information about practices or circumstances that can lead to personal injury or death, property
damage, or economic loss. Attentions help you identify a hazard, avoid a hazard, and recognize the consequence.
IMPORTANT Identifies information that is critical for successful application and understanding of the product.
Labels may also be on or inside the equipment to provide specific precautions.
SHOCK HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that dangerous
voltage may be present.
BURN HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that surfaces may
reach dangerous temperatures.
ARC FLASH HAZARD: Labels may be on or inside the equipment, for example, a motor control center, to alert people to
potential Arc Flash. Arc Flash will cause severe injury or death. Wear proper Personal Protective Equipment (PPE). Follow ALL
Regulatory requirements for safe work practices and for Personal Protective Equipment (PPE).
Table of Contents
Summary of Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
About This Publication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
About the OptiSIS Solution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Catalog Numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
I/O Configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Enclosure Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Additional Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Chapter 1
Safety Requirements Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Safety Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Fail-safe System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Fault Tolerant System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Safe State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Process Safety Lifecycle, Functional Testing, and Validation . . . . . . 15
Safety Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
PFD/PFH Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Password Protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Program Enable Key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Chapter 2
Installation Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Unpack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Storage and Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Wall Mount — 50 I/O Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Floor Mount — 100 I/O Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 3
Connect Power Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Power Distribution and Grounding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Power Cable Types/Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . 26
Cable Entry. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Bottom Entry Conduit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Cable Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Lugs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Power Layout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 3
Table of Contents
Chapter 4
Connect Field Wiring Grounding Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Input Wiring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Analog Output Wiring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Digital and Relay Output Wiring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Contact Derating. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Chapter 5
Startup First-time Powerup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Navigation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Operator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Connect Peripherals. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Application Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Configure User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Log Out Current User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Chapter 6
Configure I/O Configure I/O Points. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Configure an I/O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Configure Analog Input Characteristics . . . . . . . . . . . . . . . . . . . . . 52
Configure Digital Input Characteristics . . . . . . . . . . . . . . . . . . . . . 56
Configure Analog Output Characteristics . . . . . . . . . . . . . . . . . . . 61
Configure Digital Output Characteristics . . . . . . . . . . . . . . . . . . . 63
Validate Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Chapter 7
Configure Logic Using Cause and Effect Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Configuration Methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Configure Cause and Effect Charts by Using the HMI Display 68
Back up and Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Chapter 8
Communication Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Using Modbus Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
HART Protocol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
HART Data Over Modbus Network. . . . . . . . . . . . . . . . . . . . . . . . 76
HART Device Management by Using an AMS . . . . . . . . . . . . . . 77
4 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Table of Contents
Chapter 9
Operation Monitor System State. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
System Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
I/O Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
View Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
View Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Reset after Trip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Reset by Using the HMI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Reset by Using Supplied Modbus Point. . . . . . . . . . . . . . . . . . . . . . 96
Chapter 10
Maintenance Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Technical Support Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Opening the Enclosure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Repair Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Electrostatic Precautions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Processor Module Battery Replacement . . . . . . . . . . . . . . . . . . . . . . . . . 98
Reset OptiSIS Solution Default Settings . . . . . . . . . . . . . . . . . . . . . . . 100
Change Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Preparing Your OptiSIS Solution for Upgrades . . . . . . . . . . . . . . . . . 101
Appendix A
Offline Configuration Tool Begin Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
General Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Configure Inputs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Configure Outputs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Configure Cause and Effect Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Save Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Edit a Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Load or Restore Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Appendix B
Specifications SIL Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Hardware Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
I/O Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
I/O Characteristics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
System Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Environmental . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Approximate Dimensions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Appendix C
Spare Parts List Recommended Spare Parts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 5
Table of Contents
Appendix D
Safety Checklist Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Appendix E
Modbus Communication Address Modbus RTU Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
OptiSIS Solution Modbus Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
6 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Summary of Changes
This manual contains new and updated information as indicated in the
following table.
Top ic Pag e
Updated section: Digital and Relay Output Wiring 32
Updated chapter: Configure I/O (Chapter 6
Updated chapter: Configure Logic (Chapter 7)65
Added chapter: Communication (Chapter 8)75
Added appendix: Offline Configuration Tool (Appendix A
Added appendix: Specifications (Appendix B)115
)47
)103
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 7
Summary of Changes
Notes:
8 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Preface
About This Publication
The OptiSIS® solution is a ready to install configurable logic solver for use in
Safety Instrumented System (SIS) applications. Once installed and wired, it
can be configured and tested to provide a complete SIS solution that can meet
application requirements up to SIL 3.
This manual is intended for engineers or technicians that are directly involved
in the installation, connection, use, and maintenance of the OptiSIS solution.
ATTENTION: To meet any claimed safety integrity level, the OptiSIS solution
must be applied by following the Process Safety Lifecycle phases that are
defined in these resources:
– IEC 61511
– Other applicable sector Functional Safety standards
– Any application sector codes
– This user manual
ATTENTION: To operate the touch screen, use a finger, gloved finger, or
plastic stylus with a minimum tip radius of 1.3 mm (0.051 in.). Use of any
other object or tool can damage the keypad or touch screen.
Terminology
This table defines the terms and abbreviations that are used in this manual.
Table 1 - Terms and Abbreviations
Term/Abbreviation Definition
AMS Asset management system: A system that is used to manage (diagnose, configure, and
maintain) smart field devices
CommDTM A communication driver that is installed as part of an AMS. This driver provides a specific
communication interface between the FDT framework and the specific automation
technology the AMS system is connected to
DeviceDTM A software driver that is installed into an AMS that is specific to a manufacturer’s device,
which provides the data interface specific to that model
DTM Device type manager. There are two types of DTM, a DeviceDTM and a CommDTM
F & G Fire and gas
FDT Field device tool: A technology for configuration a nd access of field devices. It allows field
device data to be shared between different technologies. For more information, go to
www.fd tgroup.org
HART Highway Addressable Transducer Protocol
MOC Management of change process
MTTR Mean time to restoration
PSAT Pre-startup acceptance test: A functional test of the Safety Instrumented System
PST Process safety time
PV Process variable
RTU Remote terminal unit
SIL Safety integrity level
SIS Safety Instrumented System
TCP Transmission control protocol
UTC Coordinated universal time
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 9
Preface
1711 - P05 SIS ID 050 S
Bulletin Number
1711: OptiSIS Solution
P05 - Packaged
Solution
SIS - Safety
Instrumented System
Area
ID: Indoor
OD: Outdoor
I/O
050: 50 I/O
100: 100 I/O
Configuration
S: Fail-safe
T: Fault Tol erant
About the OptiSIS Solution
The OptiSIS solution is a packaged, pre-built, pre-programmed safety
instrumented system (SIS) logic solver that you mount, wire, and configure as
part of a complete SIS solution. The solution can meet application
requirements up to SIL 3. The solution uses a Rockwell Automation® industrial
computer, AADvance® controllers, and I/O modules.
Such applications include the following:
• Emergency Shutdown Systems/Safety Instrumented Systems
• Burner Management Systems
• High Integrity Pressure Protection Systems
• Energize to Action Systems
Catalog Numbers
I/O Configurations
The OptiSIS solution is available in two sizes:
• 50 I/O solution (see Table 15 on page 115
• 100 I/O solution (see Table 16 on page 115
for a listing of I/O types)
for a listing of I/O types)
Enclosure Options
The following enclosure options are available for the OptiSIS solution:
Location Solution Enclosure Material Enclosure Rating
Indoor (ID)
Outdoor (OD) ANSI 304 stainless steel IP66 and NEMA 4X
50 I/O and 100 I/O
Powder-coated steel IP66 and NEMA 4
10 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Preface
Additional Resources
These documents contain additional information concerning related products
from Rockwell Automation.
Resource Description
Integrated Display Industrial Computers for Hazardous
Locations User Manual, publication 6181X-UM001
Integrated Display Industrial Computers User Manual,
publication 6181P-UM003
Power Supply reference manual, publication 1606-RM001
Process Safebook 1 - Safety-related control systems in the
process industry reference manual, publication
SAFEBK-RM003
AADvance Safety Manual, publication ICSTT-RM446 Defines how to apply AADvance controllers for a
AADvance Troubleshooting Guide, ICSTT-RM406
PFH avg and PFD avg Data Reference Manual, publication
ICSTT-RM449
HART Protocol, www.fdtg roup.org. Provides details on HART protocol.
Field Loop Configuration application note, publication
AN-T80004
International Electrotechnical Commission
http://www.iec.ch
National Fire Protection Association (NFPA 72),
http://www.nfpa.org
International Society of Automation (ISA 84.00.01),
https://www.isa.org/
National Electric Code, http://www.necconnect.org Provides details on NEC Table 310.15(B)(16).
Industrial Automation Wiring and Grounding Guidelines,
publication 1770-4.1
Product Certifications website,
http://www.rockwellautomation.com/global/
certification/overview.page
Product Compatibility and Download Center (PCDC)
http://www.rockwellautomation.com/global/support/
pcdc.page?.
Contains information on how to install, configure,
operate, and troubleshoot the 6181X integrated
display industrial computers.
Contains information on how to install, configure,
operate, and troubleshoot the 6181P integrated
display industrial computers.
Provides installation, operation, and features
information for switched mode power supplies.
Provides information, guidance, and examples to
understand and apply Functional Safety and Process
Safety standards.
Safety Instrument Function.
Provides maintenance and troubleshooting
information for AADvance controllers.
Provides information on AADvance controller
reliability.
Provides information for line monitoring and includes
advice for fire detectors, which are not simple
volt-free contacts.
Provides details on IEC 61511.
Provides details on NFPA 72.
Provides details on ISA 84.00.01.
Provides general guidelines for installing a
Rockwell Automation industrial system.
Provides declarations of conformity, certificates, and
other certification details.
Provides help to find product-related downloads
including firmware, release notes, associated
software, drivers, tools, and utilities.
You can view or download publications at
http://www.rockwellautomation.com/literature/
. To order paper copies of
technical documentation, contact your local Allen-Bradley distributor or
Rockwell Automation sales representative.
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 11
Preface
Notes:
12 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Safety Requirements
Sensors
I/P
A
CPU
A
CPU
B
V
V
O/P
A
Final
Elements
I/P = Input Module
CPU = Processor Modules
O/P = Output Modules
V = Vote
Chapter 1
Introduction
Safety Architecture
The certification authority Technischer Überwachungs-Verein (TÜV)
independently certifies that the AADvance control system meets the
requirements of IEC 61508 SIL 3.
The OptiSIS solution is designed and implemented in accordance with the
requirements of the AADvance Controller Safety Manual, publication
ICSTT-RM446
certifications.
The OptiSIS solution is available in both Fail-safe and Fault Tolerant
configurations.
. See the AADvance Controllers Safety Manual for
ATTENTION: Personnel responsible for deploying a Process Safety solution
must verify that the SIS is tested against the Safety Requirements
Specification (SRS) before the introduction of Hazardous materials into the
Process.
ATTENTION: The Safety Architecture defines how the system behaves under
fault conditions. The correct architecture must be selected based on the
requirements that are defined in the SRS.
Fail-safe System
The Fail-safe architecture option means that the failure of a channel or module
can degrade the applied safety integrity level, or can result in the loss of
function where the Fail-safe system brings the process to the safe state.
The actual behavior under fault conditions is also dependent on configuration
options.
Figure 1 - Fail-safe System
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 13
Chapter 1 Safety Requirements
Sensors
Final
Elements
I/P
A
I/P
B
CPU
A
CPU
B
CPU
C
V
V
V
V
V
V
V
O/P
A
O/P
B
I/P = Input Module
CPU = Processor Modules
O/P = Output Modules
V = Vote
Fault Tolerant System
The Fault Tolerant architecture option means that the failure of a channel or
module does not degrade the applied safety integrity level, or result in the loss
of function and the resulting taking the process to the safe state.
The actual behavior under fault conditions is also dependent on configuration
options.
Figure 2 - Fault Tolerant System
Safe State
The internal configuration of the AADvance system that is used in the
OptiSIS solution is that the safe-state is OFF (de-energize-to-action).
De-energize-to-action is the state that an input or output assumes during a
channel or module failure. The OptiSIS solution does however, let you
configure digital inputs and digital outputs to operate in either a normally
energized (de-energize-to-action) or a normally de-energized (energize-toaction).
See Configure I/O on page 47
state.
ATTENTION: Use Energize-to-action configurations only if the following
conditions apply:
• At least two independent power sources to the OptiSIS solution panel must
be used.
• At least one of the power feeds to the panel must be a secure power source
(for example, a UPS or a battery). The power supply hold-up time must
provide power for long enough to bring the process to a safe state.
• OptiSIS solution power supplies generate an alarm when power is lost
(either due to power feed failure or PSU failure). Any power failure alarm
must be responded to and rectified within the mean time to restoration
(MTTR).
• For SIL 3 and high demand energize-to-action applications, the Fault
Tolerant option must be used.
for the configuration of the normal operating
14 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Safety Requirements Chapter 1
Process Safety Lifecycle, Functional Testing, and Validation
Safety Data
ATTENTION: Follow the Process Safety Lifecycle as described in the
AADvance Controller Safety Manual, publication ICSTT-RM446
Before putting the system into operation, perform a pre-startup acceptance
test (PSAT) which is a functional test of the safety instrumented system (SIS).
The PSAT must be a documented and recorded test procedure that includes
(but is not limited to) the following:
• All power, signal, and ground wiring is checked and secure.
• All input/output loops are functionally exercised through their entire
operating range (including field device calibration).
• All safety functions are tested, including timing properties.
• All functions such as bypasses, alarms, and communication interfaces
(where appropriate) are tested and recorded.
It is recommended to evaluate your PSAT with the checklist in Appendix D
This evaluation helps you to meet safety requirements for the OptiSIS
solution.
The OptiSIS solution has a process safety time (PST) of 1.5 seconds. The PST
brings the system to its safe state (off ) in the event a dangerous fault is
detected. The PST of the safety functions the SIS performs should be equal to,
or less than, the OptiSIS PST of 1.5 seconds. This value is not configurable in
the standard system.
.
.
Mean time to restoration (MTTR) is the maximum allowed time between the
occurrence of a failure and the completion of the repair of that failure, to
maintain the assigned safety integrity level. The allowed time includes the time
to detect the failure, initiate the repair, and fully complete the repair. This
configurable parameter has a range of 0…168 hours (no decimals).
ATTENTION:
• Faulty output modules in a dual configuration that is used in energize to trip
applications must be replaced within the MTTR to maintain SIL 3
performance.
• Faulty processors in a dual configuration must be replaced within the MTTR
to maintain SIL 3 performance.
• The MTTR timer is provided in the human machine interface (HMI). You can
configure the MTTR time according to your SIL level from the System Status
display when you are logged in as the Engineer user in the HMI. If you want
to maintain SIL 3 performance, act on the timer alarm. For more information
on Maintenance displays, see Chapter 8
.
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 15
Chapter 1 Safety Requirements
PFD/PFH Data
Reliability, PFD, and PFH data is published in the PFHavg and PFDavg Data
for AADvance Controllers, publication ICSTT-RM449
.
Password Protection
The HMI has a security model that is built in to restrict access to specific
functions. The model relies on user roles as defined in this table. The password
is case-sensitive.
ATTENTION: For security reasons, we recommend that you change the
default passwords.
Table 2 - HMI User Roles and Passwords
User Role Default
Default (not logged in)
Operator operator X
Supervisor supervisor X X
Maintenance maintenance X X X
Engineer engineer X X X X
Administrator administrator
RA Administrator raadmin X X X X X X
(1) For HMI version B10 and earlier, the password for Administrator is pass word.
Passwor d
Force I/O
Apply Configurations
Acknowledge/Reset Alarms
Remove Suppress and Force
(1)
XX X XX
Access Diagnostic Functions
Suppress I/O
Shutdown System
Table 3 - Windows User Passwords
User Password
Administrator 1ADMINISTRATOR
Operator 1OPERATOR
The Windows Administrator has complete control over the industrial personal
computer. They can change settings and access the files and programs that are
stored in the personal computer.
Operator has limited control over the industrial personal computer and its
intended purpose is to execute the OptiSIS solution application.
See Application Accounts on page 42
16 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
for login and password information.
ATTENTION: The OptiSIS has an auto-logout feature. The User Logon Session
Timeout Warning display automatically appears after 20 minutes of
inactivity and lets you refresh the application before completing the
automatic log-off process. All users are automatically logged off after 20
minutes of inactivity to Default.
Figure 3 - User Session Timeout Warning
Safety Requirements Chapter 1
Program Enable Key
The Program Enable Key is a security device that is required to be present in an
OptiSIS solution when applying Rockwell Automation supplied application
and firmware updates. The key is a 9-way 'D' type plug and is supplied with the
processor base unit.
The key must be plugged into the processor base unit to allow upgrades to be
performed. The key is installed if the controller appears in yellow on the
Overview display (see Figure 43 on page 80
IMPORTANT The Program Enable Key is shipped in the base unit. Do not leave the
Program Enable Key in place. Store the key in a safe place with controlled
access.
).
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 17
Chapter 1 Safety Requirements
Diagnostics
Certification
The AADvance controller embodies sophisticated internal diagnostic systems
to identify faults that develop during operation and raise appropriate alarm and
status indications. The diagnostic systems run automatically and check for
system faults that are associated with the controller (processor and I/O
modules) and field faults that are associated with field I/O circuits. The
internal diagnostics detect and reveal both safe and dangerous failures.
ATTENTION: When the OptiSIS solution is located in a normally unmanned
area, a method for reporting diagnostic alarms into a normally manned area
must be provided to make sure that the defined MTTR is met.
The OptiSIS solution does not carry a specific ‘Product’ certification as it is a
Solution, which is composed of standard products. Each product that is used in
the solution carries specific certifications. To find more information, go to the
Rockwell Automation Product Certification website:
http://www.rockwellautomation.com/global/certification/
Each of the products that are used to create the solution have been installed,
wired, and programmed in accordance with the appropriate user manuals.
Specifically, the AADvance equipment has been designed, installed,
programmed, and tested according to both the AADvance Controller Safety
Manual, publication ICSTT-RM446
phases of IEC61511.
, and following the appropriate lifecycle
18 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Chapter 2
Installation
This chapter provides basic background information about the solution and
instructions for installation.
ATTENTION: You must use installation and commissioning procedures that
comply with applicable standards of the country of installation. The
applicable standards can include, for example, IEC 61511, NFPA72, and ISA
84.00.01, depending on the location.
ATTENTION: Radio Frequency Interference can influence most electronic
equipment. Exercise caution regarding the use of portable communication
equipment around such equipment. Post signs in the vicinity of the
equipment to provide caution against the use of portable communications
equipment.
Introduction
IMPORTANT These guidelines are not intended to supersede local electrical codes.
Figure 4, Figure 5, and Figure 6 show the solution and its components:
• AADvance controller CPU
• Flexible inputs (analog/digital)
•Analog outputs
• Digital outputs
•Industrial computer (HMI)
• Enclosure and accessories
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 19
Chapter 2 Installation
AADvance Controller CPU
and I/O Modules
Industrial Computer
(Mounted on Door)
Power Distribution
Logic Write Keyswitch
(Mounted on Door)
Power Suppli es
Power Feeds
Customer Field Terminals
•Analog Output
•Modbus RTU
• Modbus TCP/IP
• Digital Output
Customer Field Terminals
Flexible Inputs
Figure 4 - OptiSIS Solution – External View
Figure 5 - OptiSIS Solution – Internal View
20 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Installation Chapter 2
Hinged Door Covering
the USB Ports
6181X Bottom View 6181P Front View6181P Bottom View
USB Ports
Figure 6 - HMI- USB Port Location
ATTENTION: The bottom side USB ports on the 6181X HMI are functionally
hot-pluggable in an environment that is known to be nonhazardous. For
European Zone 2 applications, do not use the USB ports unless the area is
known to be nonhazardous.
All required components are mounted, wired, and installed inside the solution
enclosure.
Installation
The 50 I/O system is contained within a wall-mounted cabinet. The 100 I/O
system is contained within a floor-standing panel. See Table 23 on page 117
enclosure dimensions.
for
Unpack
Before unpacking any items, the packaging must be inspected for damage that
can occur during shipment.
If any packaging is damaged, the package identification marks (such as box
number or crate number) must be noted and communicated to
Rockwell Automation. The package must be stored in a suitable storage area in
the condition it was received. Rockwell Automation then contacts the shipping
agent who can request to inspect the damage. The package must not be opened
without the express written permission of Rockwell Automation.
If packaging is not damaged, the OptiSIS solution must be removed from the
packaging. Verify that all items on packing list are included. If any items are
missing, contact Rockwell Automation.
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 21
Chapter 2 Installation
Inspection
• Visually inspect the cabinets for mechanical damage. Check the
paintwork for scratches and abrasions.
• Verify that the cabinet door opens and closes and that all latches operate
smoothly.
• Verify that cable assemblies were not damaged during shipment and that
they are appropriately dressed with cable ties and/or spiral wrap.
• Verify that all wire ducts are fitted with covers.
Storage and Operation
Consider the environmental characteristics that are listed in Table 20 on
page 117 when you select the device and the mounting location.
IMPORTANT The standard unit is meant to be installed in a nonhazardous environment.
For additional environmental needs for your SIS, contact your local
Allen-Bradley distributor or Rockwell Automation sales representative.
Wall Mount — 50 I/O Solution
ATTENTION: Crush hazard!
Dropping of the unit can lead to personal injury and/or component damage.
Always support the unit fully during installation; use an assistant.
To mount the 50 I/O OptiSIS solution to the wall, follow these steps.
1. Determine the mounting location and verify that the location is suitable
for the solution by checking the following :
• The site is free from excessive dirt and moisture.
• Sufficient room on all sides of the enclosure is available for the cable
to exit the enclosure and to open the door.
The door swing radius is 800 mm (32 in.) and extends to 110°
without forcing.
22 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Installation Chapter 2
800 mm (32 in.)
1199 mm (47 in.)
Wal l Mou nt Br acke t
2. Place the enclosure on the wall in the desired location and verify that it is
level.
3. Secure the wall mount bracket.
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 23
Chapter 2 Installation
800 mm (32 in.)
2006 mm
(79 in.)
Floor Mount — 100 I/O Solution
ATTENTION: Crush hazard!
Dropping of the unit can lead to personal injury and/or component damage.
Always support the unit fully during installation; use an assistant.
1. Determine the mounting location and verify that the location is suitable
for the solution by checking the following :
• The site is free from excessive dirt and moisture.
• The enclosure stands level after installation.
• Sufficient room on all sides of the enclosure is available for the cable
to exit the enclosure and to open the door.
The door swing radius is 800 mm (32 in.) and extends to 110°
without forcing.
2. Place the enclosure in the position where it is to operate and verify that
the enclosure is level.
Leveling feet allow you to fine-tune the level of the enclosure due to
unevenness at the installation site.
24 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Connect Power
Chapter 3
Introduction
Power Distribution and Grounding
The OptiSIS solution uses standard Allen-Bradley® power supplies and
redundancy modules. The OptiSIS solution accepts dual power feeds of the
same, or different, voltages. See detailed power distribution drawings for power
details.
IMPORTANT The A and B power feeds do not have to be the same.
IMPORTANT These guidelines are not intended to supersede local electrical codes.
Connect power to terminals shown in the supplied wiring drawings. Terminal
locations are shown in Figure 7
Figure 7 - Terminal Locations
.
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 25
Chapter 3 Connect Power
There are two ground connections that must be connected before power is
applied to the system.
• The AC safety ground is provided to help protect personnel from
electric shock under fault conditions. Internally, all exposed metal
surfaces, for example, cabinets, racks, and chassis ground connections,
are connected to this termination point.
ATTENTION: The AC Safety Ground must be terminated to a suitable ground.
The recommended/minimum wire size to use for the Protective (Safety)
Earth is 6 mm² (10 AWG).
• The instrument ground is provided to minimize electrical noise for all
DC analog/digital signals. The shields/screens for incoming and
outgoing cables can be connected to the supplied ground termination,
which are internally connected to this point.
Power Cable Types/ Recommendations
Connect to a clean (low noise) ground by using a minimum of 6 mm
2
(10 AWG) conductor.
ATTENTION: Good ground connections must be verified before any work is
conducted. Failure to comply can cause serious injury.
This section includes information about the major issues for proper selection
of cable, and provides recommendations to address these issues. Consider these
conditions and requirements when you choose cable material and construction
for your installation:
• Environment: moisture, temperature, and harsh or corrosive chemicals.
• Mechanical needs: geometry, shielding, flexibility, and crush resistance.
• Electrical characteristics: cable capacitance/charging current, resistance/
voltage drop, current rating, and insulation.
• Safety issues: electrical code requirements, grounding needs, and others.
Choosing incorrect cabling can be costly and can adversely affect the
performance of your installation.
In general, follow these temperature ratings for installations:
Surrounding Air Temperature Recommended Wire
50 °C (122 °F) 90 °C (194 °F)
40 °C (104 °F) 75 °C (167 °F)
The OptiSIS solution is rated for use with 75 °C (167 °F) cable. Cable must be
sized by using the 75 °C (167 °F) column in NEC Table 310.15(B)(16)
(formerly Table 310.16). The temperature rating of the lugs is not relevant.
IMPORTANT The temperature rating of the wire affects the required gauge. Verify that
your installation meets all applicable national, state, and local codes.
26 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Connect Power Chapter 3
Cable Entry
Verify that cable sizes, wires, and cabinet penetrations for incoming cables are
to local regulations, specifications, and requirements.
Bottom Entry Conduit
Cable entry is through the bottom gland plate (NEMA 4 models only) for
both the 50 I/O and 100 I/O solutions. To route your cable through the
bottom gland plate, follow these steps.
1. Prepare the installation site so the foundation is level.
2. Remove gland plate, drill holes.
IMPORTANT The outdoor NEMA 4X model does not come with a gland plate. Cable entry
locations are placed at the time of installation.
3. Before the OptiSIS solution is installed, place and stub up conduit
approximately 2 in. (51 mm) above floor level and confirm that all
incoming conduit is clear of any internal components.
For approximate section base dimensions and ground bus locations, see
Installation on page 21
shipped with the solution.
, or elevation and floor plan drawings that are
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 27
Chapter 3 Connect Power
Cable Installation
Verify that cabinet penetrations for incoming cables are to local regulations,
specifications, and requirements. Size cables and wires per local codes,
specifications, and requirements.
The OptiSIS solution is rated for use with 75 °C (167 °F) cable. Cable must be
sized by using the 75 °C (167 °F) column in NEC Table 310.15(B)(16)
(formerly Table 310.16). The temperature rating of the lugs is not relevant.
ATTENTION: Properly connect all line and load cables to avoid a bolted fault
and equipment damage.
Lugs
Follow this procedure to install the lugs. The lug accepts a wire size from
2…50 mm
2
(14…2/0 AWG).
1. Verify the compatibility of wire size, type, and stranding versus the
power lugs furnished.
Use correct lugs in all applications.
Power Layout
2. Crimp compression lugs with manufacturer recommended tools.
3. To verify field wire connection points, use the electrical schematics.
The OptiSIS solution uses standard Allen-Bradley power supplies and
redundancy modules. The system design accommodates dual inputs of
24V DC, 110…240V AC, and/or 110…300V DC.
28 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Connect Field Wiring
Chapter 4
Grounding Requirements
Input Wiring
IMPORTANT Analog and digital inputs support a signal ground (default) and also provide
a place to terminate a shield/screen to maintain signal quality.
When external field device power is used, it must be kept separate from the
signal wiring to minimize signal noise.
Field input signals are individually referenced to the instrument ground
(OptiSIS Field Power common, 0V), each has a removable link to allow them
to float regarding instrument ground. The recommended/minimum wire size
to use for the instrument ground (on the instrument ground bus bar) is 6 mm2
(10 AWG).
See the Industrial Automation Wiring and Grounding Guidelines, publication
1770-4.1
The device type and where the field wire lands determine whether the flexible
inputs can be wired as analog or digital.
Figure 8 - Digital Input (OptiSIS Solution Powered)
Channel
, for additional information.
Input
24V DC
+
–
0V DC
AB PLCs
Rockwell Automation Publication 1711-UM004B-EN-P - September 2016 29
Chapter 4 Connect Field Wiring
24V DC
0V DC
Input
Channel
+
–
24V DC
0V DC
24V DC
0V DC
End-user to remove jumper
Input
Channel
+
–
Figure 9 - Digital Input (Field Powered)
Input
24V DC
Channel
+
–
24V DC
0V DC
End-user to remove jumper
Figure 10 - Analog Input (OptiSIS Solution Powered)
Figure 11 - Analog Input (Field Powered)
0V DC
30 Rockwell Automation Publication 1711-UM004B-EN-P - September 2016
Loading...