Rockwell Automation T8444 User Manual
Trusted
TM
PD-T8444
TM
Trusted
TMR Pulse Generator and
Monitoring Module
Introduction
The TrustedTM TMR Pulse Generator and Monitoring module interfaces through special Thyristor
Drivers, to two Stepper Motors, which form an integral part of a damper rod control system. The
module is based upon the Trusted
rod position is provided by the module as a % Movement figure and a series of fault signals.
Triplicated diagnostic tests are performed throughout the module in order to locate and annunciate
hardware failures. Inputs are treated as analogues and are fully tested by the nature of their operation.
Fault tolerance is achieved through a Triple Modular Redundant (TMR) architecture within the module.
The module has been configured to provide the control and interlock requirements for a high power
stepper motor control system which is used to position Damper Rods in a Nuclear reactor. The
functionality of this module is highly specialised and is detailed later in this PD.
Features
TM
T8461 Digital output module. Feedback of Thyristor activation and
• Two Stepper Motor controls
• Special control algorithms and fault diagnostics resident within the module
• Bi-directional Fast and slow movement
• Emergency stop and hold facility
• Rod position Indication
• Thyristor driver fault indications
• ESD Rod release
• 2500V dc optical isolation barrier
• Automatic over-current protection (per channel), no fuses required (outputs)
• Front panel status LEDs for each point indicate status and field wiring faults
• Front panel module status LEDs indicate module health and operational mode (Active,
Standby, Educated)
6V Certified IEC 61508 SIL 3
• T
Issue 9 Apr 10 PD-T8444 1
Trusted
Issue Record
Issue
Number Date Revised by Technical CheckAuthorised by Modification
5 July 05 J W Clark Formatting
6 Dec 06 N Owens I Vince P Stock Weights and Dims
7 Sep 07 N Owens I Vince P Stock Tbl16 Chns rotated
8 Nov 09 S Blackett A Holgate N Owens Table 5 change
9 Apr 10 S Blackett A Holgate N Owens Rack 7 change
TM
Module T8444
Issue 09 Apr 10 PD-T8444 2
Trusted
TM
Module T8444
This page is intentionally blank
Issue 09 Apr 10 PD-T8444 3
Trusted
TM
Module T8444
Table of Contents
1. Description ...................................................................................................................................9
1.1. Field Termination Unit (FTU) .....................................................................................................10
.2.
1
1.3. Host Interface Unit (HIU) ...........................................................................................................11
1.4. Front Panel Unit (FPU) ..............................................................................................................11
1.5. Line Monitoring ..........................................................................................................................12
1.6. Housekeeping............................................................................................................................12
1.7. Fault Detection/Testing..............................................................................................................12
1.8. Sequence of Events Characteristics..........................................................................................13
1.9. Output Switch Structure .............................................................................................................14
1.9.1. Switch Diagnostics.....................................................................................................................15
1.9.2. Short Circuit Protection Issues. .................................................................................................16
1.9.3. Group Fail Safe Switches. .........................................................................................................16
1.10. Input interfaces ..........................................................................................................................16
2. Installation..................................................................................................................................17
2.1. Module Insertion/Removal .........................................................................................................17
2.2. Field Cable Selection .................................................................................................................17
2.3. Module Pinout Connections .......................................................................................................18
2.4. TrustedTM Module Polarisation/Keying.......................................................................................19
3. Application .................................................................................................................................20
3.1. Module Configuration.................................................................................................................20
3.2. T8444 Complex Equipment Definition .......................................................................................20
3.2.1. Rack 1: PG_CTRL .....................................................................................................................21
3.2.2. Rack 2: FIELD ............................................................................ Error! Bookmark not defined.
3.2.3. Rack 3: PI_CTRL .......................................................................................................................23
3.2.4. Rack 4: PG_FAULT ...................................................................................................................23
3.2.5. Rack 5: Line_Flt .........................................................................................................................24
3.2.6. Rack 6: Discrep .........................................................................................................................24
3.2.7. Rack 7: Housekeeping...............................................................................................................25
3.2.8. Rack 8: INFO .............................................................................................................................26
3.3. SYSTEM.INI File Configuration .................................................................................................26
4. Operation ...................................................................................................................................27
4.1. Front Panel ................................................................................................................................27
4.2. Module Status LEDs ..................................................................................................................28
4.3. I/O Status LEDs .........................................................................................................................29
4.3.1. Outputs and Gate Outputs .........................................................................................................29
4.3.2. Feedback Inputs ........................................................................................................................30
4.4. Output and Input separation/Channel allocation........................................................................31
5. Fault Finding and Maintenance..................................................................................................32
5.1. Fault Reporting ..........................................................................................................................32
5.2. Field Wiring Faults .....................................................................................................................32
5.3. Module Faults ............................................................................................................................32
5.4. Companion Slot .........................................................................................................................33
ield Interface Unit (FIU) ...........................................................................................................10
F
Issue 09 Apr 10 PD-T8444 4
Trusted
5.5. SmartSlot ...................................................................................................................................33
5.6. Cold Start...................................................................................................................................33
5.7. Transfer between Active and Standby Modules ........................................................................34
6. Technical specification...............................................................................................................35
6.1. Introduction ................................................................................................................................35
6.2. Phase Rotation ..........................................................................................................................36
6.3. Fail Safe actions ........................................................................................................................37
6.4. Internal testing and Monitoring...................................................................................................37
6.5. Thyristor Driver interfaces/Stepper Motor Drives.......................................................................37
6.5.1. Module Start up..........................................................................................................................37
6.5.2. Minimum output Load ................................................................................................................37
6.5.3. Input Termination Resistance ....................................................................................................37
6.6. Operation with one thyristor driver removed ..............................................................................38
6.7. Detection of a missing pulse......................................................................................................38
6.8. Detection of an extra pulse ........................................................................................................38
6.9. Detection of a short/ long pulse .................................................................................................39
6.10. Analogue Feedback out of limits................................................................................................39
6.11. Motor Voltage Monitoring...........................................................................................................39
6.12. Inference of Position from Motor Pulses....................................................................................40
6.13. Number of Pulses for a full transition of a rod from End to End ................................................40
6.14. Synchronisation/External timing.................................................................................................40
6.15. Setting of Count Position ...........................................................................................................40
6.16. Analogue Input Discrepancy ......................................................................................................40
6.17. Output 2-oo-3 error ....................................................................................................................40
6.18. Module Temperature Measurement ..........................................................................................41
6.19. Diagnostics ................................................................................................................................41
6.20. FTA Output Schematic ..............................................................................................................42
6.21. FTA Input Schematic .................................................................................................................43
7. Specifications.............................................................................................................................44
TM
Module T8444
Issue 09 Apr 10 PD-T8444 5
Trusted
TM
Module T8444
Figures
Figure 1 Module Architecture....................................................................................................................9
Figure 2 Functional Block Diagram ........................................................................................................10
igure 3 Output Switch Structure............................................................................................................14
F
Figure 4 Simplified Switch Circuit Diagram ............................................................................................15
Figure 5 Module polarisation ..................................................................................................................19
Figure 6 Module Front Panel ..................................................................................................................27
Figure 7 PG/M Functional Block Diagram ..............................................................................................35
Figure 8 Field Termination Output Schematic ........................................................................................42
Figure 9 Field Termination Input Schematic ...........................................................................................43
Tab l es
Table 1 Line Monitoring Fault Status ......................................................................................................12
Table 2 Field Connector Pinout ..............................................................................................................18
Table 3 Complex Equipment Definition ..................................................................................................20
Table 4 OEM Parameters .......................................................................................................................21
Table 5 Rack 1: PG_CTRL descriptions.................................................................................................21
Table 6 Rack 2: Field descriptions .........................................................................................................22
Table 7 Rack 3: PI_CTRL descriptions ..................................................................................................23
Table 8 Rack 4: PG_Fault descriptions ..................................................................................................23
Table 9 Rack 5: Line_Flt descriptions ....................................................................................................24
Table 10 Rack 6: Discrepancy descriptions ...........................................................................................24
Table 11 Rack 7: Housekeeping descriptions ........................................................................................25
Table 12 Rack 8: INFO descriptions.......................................................................................................26
Table 13 Module Status Indicators .........................................................................................................28
Table 14 Default I/O Status Indicators....................................................................................................29
Table 15 Feedback Inputs ......................................................................................................................30
Table 16 I/O separation/Channel allocation............................................................................................31
Issue 09 Apr 10 PD-T8444 6
Trusted
TM
Module T8444
Notice
The content of this document is confidential to ICS Triplex Technology Ltd. companies and their
partners. It may not be given away, lent, resold, hired out or made available to a third party for any
purpose without the written consent of ICS Triplex Technology Ltd.
This document contains proprietary information that is protected by copyright. All rights are reserved.
Microsoft, Windows, Windows 95, Windows NT, Windows 2000, and Windows XP are registered
trademarks of Microsoft Corporation.
The information contained in this document is subject to change without notice. The reader should, in
all cases, consult ICS Triplex Technology Ltd. to determine whether any such changes have been
made. From time to time, amendments to this document will be made as necessary and will be
distributed by ICS Triplex Technology Ltd.
Information in this documentation set may be subject to change without notice and does not represent
a commitment on the part of ICS Triplex Technology Ltd..
The contents of this document, which may also include the loan of software tools, are subject to the
confidentiality and other clause(s) within the Integrator Agreement and Software License Agreement.
No part of this documentation may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying and recording, for any purpose, without the express
written permission of ICS Triplex Technology Ltd.
Disclaimer
The illustrations, figures, charts, and layout examples in this manual are intended solely to illustrate the
text of this manual.
The user of, and those responsible for applying this equipment, must satisfy themselves as to the
acceptability of each application and use of this equipment.
This document is based on information available at the time of its publication. While efforts have been
made to be accurate, the information contained herein does not purport to cover all details or variations
in hardware or software, nor to provide for every possible contingency in connection with installation,
operation, or maintenance. Features may be described herein which are present in all hardware or
software systems. ICS Triplex Technology Ltd. assumes no obligation of notice to holders of this
document with respect to changes subsequently made.
ICS Triplex Technology Ltd. makes no representation or warranty, expressed, implied, or statutory with
respect to, and assumes no responsibility for the accuracy, completeness, sufficiency, or usefulness of
the information contained herein. No warranties of merchantability or fitness for purpose shall apply.
Issue 09 Apr 10 PD-T8444 7
Trusted
TM
Module T8444
Revision and Updating Policy
All new and revised information pertinent to this document shall be issued by ICS Triplex Technology
Ltd. and shall be incorporated into this document in accordance with the enclosed instructions. The
change is to be recorded on the Amendment Record of this document.
Precautionary Information
WARNING
Warning notices call attention to the use of materials, processes, methods, procedures or limits which
must be followed precisely to avoid personal injury or death.
CAUTION
Caution notices call attention to methods and procedures which must be followed to avoid damage to
the equipment.
Notes:
Notes highlight procedures and contain information to assist the user in the understanding of the
information contained in this document
Warning
RADIO FREQUENCY INTERFERENCE
Most electronic equipment is influenced by Radio Frequency Interference (RFI). Caution should be
exercised with regard to the use of portable communications equipment around such equipment.
Signs should be posted in the vicinity of the equipment cautioning against the use of portable
communications equipment.
MAINTENANCE
Maintenance must be performed only by qualified personnel, otherwise personal injury or death, or
damage to the system may be caused.
Caution
HANDLING
Under no circumstances should the module housing be removed.
Associated Documents
Product Descriptions (PD) provide product specific information.
The Safety Manual contains the recommended safety requirements for the safety system design.
The PD8082B – Toolset Suite provides specific guidance on system configuration and application
generation.
The Operator and Maintenance Manual contains general guidelines on maintenance and diagnostic
procedures.
For technical support email: support@icstriplex.com
Issue 09 Apr 10 PD-T8444 8
Trusted
TM
Module T8444
1. Description
The TMR Pulse Generator and Monitoring module is a member of the TrustedTM range of Input/Output
(I/O) modules. All Trusted
level, all I/O modules interface to the Inter-Module Bus (IMB) which provides power and allows
ommunication with the TMR Processor. In addition, all modules have a field interface that is used to
c
connect to module specific signals in the field. All modules are Triple Modular Redundant (TMR).
TM
I/O modules share common functionality and form. At the most general
Figure 1 Module Architecture
All High Integrity I/O modules are made up of 4 sections: Host Interface Unit (HIU), the Field Interface
Unit (FIU), the Field Termination Unit (FTU), and the Front Panel Unit (or FPU).
Issue 09 Apr 10 PD-T8444 9
Trusted
TM
Module T8444
Fig 2 shows a simplified block diagram of the Trusted
M
T
PG/M Module.
Figure 2 Functional Block Diagram
1.1. Field Termination Unit (FTU)
The Field Termination Unit (FTU) is the section of the I/O module that connects all three FIUs to a
single field interface. The FTU provides the Group Fail-safe switches and passive components
necessary for signal conditioning, over-voltage protection, and EMI/RFI filtering. When installed in a
Trusted
TM
Controller or Expander Chassis, the FTU field connector interconnects to the Field I/O Cable
Assembly attached at the rear of the chassis.
The SmartSlot link is passed from the HIU to the field connections via the FTU. These signals go
directly to the field connector and maintain isolation from the I/O signals on the FTU. The SmartSlot
link is the intelligent connection between active and standby modules for co-ordination during module
replacement.
1.2. Field Interface Unit (FIU)
The Field Interface Unit (FIU) is the section of the module that contains the specific circuits necessary
to interface to the particular types of field I/O signals. Each module has three FIUs, one per slice. For
the TMR Pulse Generator and Monitoring Module, the FIU contains one stage of the output switch
structure, and A/D monitoring circuits for each of the channels. Two additional A/D circuits provide
optional monitoring of the external field I/O supply voltage.
The FIU receives isolated power from the HIU for logic. The FIU provides additional power conditioning
for the operational voltages required by the FIU circuitry. An isolated serial link connects each FIU to
one of the HIU slices.
The FIU also measures a range of on-board “house-keeping” signals that assist in monitoring the
performance and operating conditions of the module. These signals include power supply voltages,
current consumption, on-board reference voltages, board temperature, and condensation
Issue 09 Apr 10 PD-T8444 10
Trusted
ng I/O
Redundant power sharing of dual 24V dc chassis supply voltage and power regulation for logic
ordination during module
board housekeeping, which monitors reference voltages, current consumption and board
TM
Module T8444
1.3. Host Interface Unit (HIU)
The HIU is the point of access to the Inter-Module Bus (IMB) for the module. It also provides power
distribution and local programmable processing power. The HIU is the only section of the I/O module
to directly connect to the IMB backplane. The HIU is common to most high integrity I/O types and has
type dependent and product range common functions. Each HIU contains three independent slices,
commonly referred to as A, B, and C.
All interconnections between the three slices incorporate isolation to prevent any fault interaction
between the slices. Each slice is considered a Fault Containment Region (FCR), as a fault on one
slice has no effect on the operation of the other slices.
The HIU provides the following services common to the modules in the family:
• High Speed Fault-Tolerant Communications with the TMR Processor via the IMB interface.
• FCR Interconnect Bus between slices to vote incoming IMB data and distribute outgoi
module data to IMB.
• Optically isolated serial data interface to the FIU slices.
•
power to HIU circuitry.
• Magnetically Isolated power to the FIU slices.
• Serial data interface to the FPU for module status LEDs.
• SmartSlot link between active and standby modules for co-
replacement.
• Digital Signal Processing to perform local data reduction and self-diagnostics.
• Local memory resources for storing module operation, configuration, and field I/O data.
• On-
temperature.
1.4. Front Panel Unit (FPU)
The Front Panel Unit (FPU) contains the necessary connectors, switches, logic, and LED indicators for
the front panel. For every module, the FPU contains the Slice Healthy, Active/Standby, the Educated
indicators (LEDs), and the module removal switches. Additional bi-colour LEDs provide status
indication for the individual I/O signals. Serial data interfaces connect the FPU to each of the HIU
slices to control the LED status indicators and monitor the module removal switches.
.
Issue 09 Apr 10 PD-T8444 11
Trusted
TM
Module T8444
1.5. Line Monitoring
The module automatically monitors the channel line fault status. These are reported back to the
application and are represented below.
Description Line Fault Status
Field Short Circuit 1
Output Energised (On) 0
No Load, Field Open Circuit 1
Output De-energised (Off) 0
No Field Supply Voltage 1
Table 1 Line Monitoring Fault Status
1.6. Housekeeping
The module automatically performs local measurements of several on-board signals that can be used
for detailed troubleshooting and verification of module operating characteristics. Measurements are
made within each slice’s HIU and FIU to determine the condition of the power supplies and common
services such as the temperature of the HIU.
1.7. Fault Detection/Testing
From the IMB to the field connector, the I/O module contains extensive fault detection and integrity
testing. Most testing is performed in a non-interfering mode. Data input from the IMB is stored in
redundant error-correcting RAM on each slice portion of the HIU. Received data is voted on by each
slice. All data transmissions include a confirmation response from the receiver.
Periodically, the TMR Processor commands the onboard DSPs to perform a Safety Layer Test. The
SLT results in the DSP verifying with the TMR Processor its ability to process data with integrity. In
addition, the DSP uses Cyclical Redundancy Checks (CRC) to verify the variables and configuration
stored in Flash memory.
Between the HIU and FIU are a series of optically isolated links for data and power. The data link is
synchronised and monitored for variance. Both FIU and HIU have onboard temperature sensors to
characterise temperature-related problems. Each FIU is also fitted with a condensation sensor.
The power supplies for both the HIU and FIU boards are redundant, fully instrumented and testable.
Together these assemblies form a Power Integrity Sub System.
Issue 09 Apr 10 PD-T8444 12
Trusted
TM
Module T8444
1.8. Sequence of Events Characteristics
Each Boolean Variable can be configured for automatic Sequence of Events (SOE) logging. This
applies to the Input/Output Status and Line Fault Status variables. A Boolean variable is configured for
SOE during the variable definition in the Data Dictionary Editor. To select SOE, press the Extended
Button in the Boolean Variable Definition Dialog Box to open the Extended Definition Dialog. Then
check to box for Sequence of Events to enable the variable for automatic SOE logging.
During operation, the module automatically reports time-stamped change of state information for the
output data. The TMR Processor automatically logs change of state for configured SOE variables into
the system SOE Log. The SOE Log can be monitored and retrieved using the SOE and Process
Historian Package running on the EWS. This software package is described in PD-8013.
Issue 09 Apr 10 PD-T8444 13
Trusted
TM
Module T8444
1.9. Output Switch Structure
The outputs of the Pulse Generator and Monitoring Module provides a TMR switch topology where the
load is driven by a total of three fully monitored, fail-safe (6 element) switch channels, one physically
resident on each OFIU in the module. Any single switch or entire slice failure is designed to leave two
of the three fail-safe switch channels operational to power the load.
Figure 3 Output Switch Structure
The upper switches as shown in are denoted as N.O. (Normally Open), and are controlled by the FIU
1
on which they are physically resident.
and are controlled by the “upstream” neighbouring FIU.
The lower switches are depicted as N.C. (Normally Closed),
2
Note:
In this context, N.O. is defined as being in the off state in the absence of control signal power,
and similarly, N.C. is the on state in the absence of control signal power. These switches are
constructed from enhancement mode MOSFETs and are both guaranteed to be off in the
3
absence of module power to create gate voltage signals to bias them on
(unlike
electromechanical relays for example).
The reason that the lower switches are specified to be on in the absence of control signal power is to
allow two channels to power the load should an entire slice fail. Even if an entire slice fails, the
surviving output circuits will carry the necessary control. The structure of each OFIU output is shown
below:
1
Their “home” FIU.
2
The home FIU, supplies an independent control signal for the “downstream” FIU FSS.
3
For an un-faulted transistor.
Issue 09 Apr 10 PD-T8444 14
Loading...