Date post: | 13-Dec-2015 |
Category: |
Documents |
Upload: | zeroback90 |
View: | 36 times |
Download: | 3 times |
2FTE Confidential and Proprietary
Fault Tolerant Ethernet (FTE) The communication network of Experion PKS
3FTE Confidential and Proprietary
TOPICS
Honeywell Process Solutions are based on “process control”.
What is “process control”?
What is a “Distributed Control System (DCS)”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
4FTE Confidential and Proprietary
What is “process control”?
A “process” transforms material from input to output.– Example: heating water
“Field instruments” measure properties of materials/processes– Examples: flow, pressure, temperature, level transmitters
“Actuators” regulate amount of something used in the process– Examples: fuel control valve, damper actuator
A “controller” continually reads data from a transmitter and calculates actuator adjustments to maintain a property value.
PROCESS outputinput
controller
actuator
transmitter
5FTE Confidential and Proprietary
Requirements of “process control”
Performance: must be faster than the process.
Determinism: must always take the same time.– Read the Process Value (PV) – Calculate – Move the actuator
Fault tolerance: redundancy; must fail to a known state.– Gov’t regulations- safety, emissions, etc.
Security: must have access restrictions/controls.
PROCESS outputinput
“control loop”controller
actuator
transmitter
6FTE Confidential and Proprietary
Characteristics of real process plants
The process shown below is very simple, and the controller shown below is very simple.
In a real plant, many properties of the product are measured: – Temperature, pressure, viscosity, size, weight, color, etc.
…and many properties of the process equipment are measured:– Fuel consumption, up/down time, corrosion, wear, etc.
PROCESS outputinput
controller
actuator
transmitter
“control loop”
7FTE Confidential and Proprietary
Characteristics of real process plants
Paper mill: a series of processes that transform trees into paper.– Makes many different products (toilet paper to computer paper).– Must control each process plus interactions between processes.
10’s-100’s of field devices / process; 1000’s of control loops total
8FTE Confidential and Proprietary
Characteristics of real process plants
Paper mill: a series of processes that transform trees into paper.– Makes many different products (toilet paper to computer paper).– Must control each process plus interactions between processes.
10’s-100’s of field devices / process; 1000’s of control loops total
Can’t control the plant with 1000’s of simple controllers!
X
9FTE Confidential and Proprietary
TOPICS
Honeywell Process Solutions are based on “process control”.
What is “process control”?
What is a “Distributed Control System (DCS)”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
10FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
Multi-loopController
Direct I/O Module
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices
• Via direct Input/Output modules and industrial buses
11FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
SupervisoryController
Multi-loopController
Direct I/O Module
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices– Supervisory coordinating controllers
12FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
OperatorStations
SupervisoryController
Engineering Station
Multi-loopController
Direct I/O Module
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices– Supervisory coordinating controllers – Multi-loop operator stations and engineering stations
13FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
SystemServer
OperatorStations
SupervisoryController
Engineering Station
Multi-loopController
Direct I/O Module
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices– Supervisory coordinating controllers – Multi-loop operator stations and engineering stations– Servers for system data management
14FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
SystemServer
OperatorStations
SupervisoryController
Engineering Station
Multi-loopController
Direct I/O Module
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices– Supervisory coordinating controllers – Multi-loop operator stations and engineering stations– Servers for system data management– Control network for intercommunication
Control Network
15FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
A DCS is an integrated set of modules with distributed functions. – Multi-loop controllers (10’s-100’s) that connect to field devices– Supervisory coordinating controllers – Multi-loop operator stations and engineering stations– Servers for system data management– Control network for intercommunication+ External connections
Control Network
16FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
A DCS, throughout the whole system, must provide:– Performance: control must be faster than the process. – Determinism: control must always take the same time.– Fault tolerance: redundancy; must fail to a known state.– Security: must have access restrictions/controls.
Control Network
17FTE Confidential and Proprietary
What is a “Distributed Control System (DCS)”?
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
A DCS is designed, sold, maintained as a system, including: – System capacity and performance specifications– System configuration, simulation, and management– Alarms and status of the entire system– System releases (with on-line installation)– System maintenance and support (including 3rd party equipment)
• Performance• Determinism• Fault tolerance• Security
Control Network
18FTE Confidential and Proprietary
How is a DCS different from a PLC system?
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
Mfr sells a complete system of integrated components.
Mfr sells some components; an SI acquires others and engineers the system.
Mfr supports the system. Mfr supports the components and the SI.
On-line repair/ maintenance is the norm. Off-line repair/ maintenance is the norm.
System management built-in. System management designed per project.
Users expect to evolve/upgrade/expand a system over 10/20/30 years.
System is a one-off project (like a house). Upgrades / expansions are new projects.
DCS PLC system
• Performance• Determinism• Fault tolerance• Security
Control Network
19FTE Confidential and Proprietary
Honeywell DCS Evolution
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
Honeywell DCS architecture before Experion PKS – Controllers designed by Honeywell– Servers and stations had become PC-based – Proprietary 5 Mbps control networks
• Interfaces/gateways required to non-Honeywell equipment• Near performance limits
• Performance• Determinism• Fault tolerance• Security
Control Network
20FTE Confidential and Proprietary
TOPICS
Honeywell Process Solutions are based on “process control”.
What is “process control”?
What is a “Distributed Control System (DCS)”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
21FTE Confidential and Proprietary
Why FTE?
Needed a next generation control network for Experion PKS– >10x performance, + determinism, security, fault tolerance– Reduce cost of communication infrastructure and support– Reduce cost of connection to PCs and IT networks
Ethernet preferred+ Industry trend to “industrial Ethernet”+ Industry bus protocols migrating to Ethernet
• FF H1 FF HSE• Profibus ProfiNet• DeviceNet/ControlNet Ethernet/IP• Modbus Modbus/TCP• Etc.
– Ethernet equipment perceived as not “industrial” enough– No suitable fault tolerance approach
FTE provides the required fault tolerance, using Cisco switches to provide determinism and security.
22FTE Confidential and Proprietary
Experion PKS
RemoteServer
Remote Users SystemServer
OperatorStations
SupervisoryController
Engineering Station
www
Multi-loopController
Direct I/O Module
Other Industrial Devices
[to production management equipment]
FTE is the control network of Experion PKS.– Analogous to TPS LCN/UCN and PlantScape ControlNet.
• Performance• Determinism• Fault tolerance• Security
FTE
23FTE Confidential and Proprietary
.
What is Fault Tolerant Ethernet (FTE)?
FTE is the control network of Experion PKS.– Analogous to TPS LCN/UCN and PlantScape ControlNet.
Dedicated to the control mission– Fault-tolerant– Fast performance– Deterministic – Secure
Not an IT network, but leverages IT technology to lower cost of:– FTE network infrastructure– Connection to IT networks– Connection to 3rd party Ethernet devices– Maintenance and support
3 Cisco switches qualified for R200– 100/1000 Mbps; single and multi-mode optical fiber up to 70 km– Security and determinism functions required for control mission– Preferred supplier by many customers
24FTE Confidential and Proprietary
What is FTE?
An FTE network has redundant switches and cables.– Topology: 2 parallel trees joined at the top to form one network.
– An FTE node connects to both trees.
– An Ethernet node (non-FTE) connects to either tree.
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
25FTE Confidential and Proprietary
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes
What is FTE? – With Ethernet nodes
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
26FTE Confidential and Proprietary
What is FTE? – With FTE & Ethernet nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
27FTE Confidential and Proprietary
What is FTE? – With FTE & Ethernet nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
28FTE Confidential and Proprietary
What is FTE? – With FTE nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node– 4 communication paths between FTE nodes
A - A
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
29FTE Confidential and Proprietary
What is FTE? – With FTE nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node– 4 communication paths between FTE nodes
A - B
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
30FTE Confidential and Proprietary
What is FTE? – With FTE nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node– 4 communication paths between FTE nodes
B - B
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
31FTE Confidential and Proprietary
What is FTE? – With FTE nodes
An FTE network has redundant switches and cables. – 1 communication path between Ethernet nodes– 2 communication paths between an FTE node and an Ethernet node– 4 communication paths between FTE nodes
B - A
Switches
A tree B tree
EthernetFTEFTE
EthernetFTEFTE
32FTE Confidential and Proprietary
TOPICS
Honeywell Process Solutions are based on “process control”.
What is “process control”?
What is a “Distributed Control System (DCS)”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
33FTE Confidential and Proprietary
How Does FTE Work? –FTE path status
Each FTE node continually issues short diagnostic messages to test each path to every other node, and builds a status table.
Below is a node’s status table. The first 2 nodes are FTE nodes, and the last 4 nodes are singly-connected Ethernet nodes. – A bad link displays as “SILENT”.
• If the B cable to the FTE-GUS node fails, A>B and B>B SILENT. • If the crossover cable fails, A>B and B>A SILENT on all nodes.
37FTE Confidential and Proprietary
Station
CDA = Control Data AccessDSA = Distributed Systems Architecture
How Does FTE Work? – Security and Determinism
This diagram shows levels of the plant automation system (level 0 – field devices – is not shown).
FTE is the Experion PKS network for the control and operation levels (1 and 2 ).
FT
E
ControlLevel 1
OperationLevel 2
Plant Automation System Levels
PKS Server
Station Station Station
ACE PKS Server
Station Station Station
ACE
ManagementLevel 3
Station PKS ServerDomain
Controller APC PHD Server
Switch A Switch B
Layer 3 Switch
38FTE Confidential and Proprietary
Station
CDA = Control Data AccessDSA = Distributed Systems Architecture
FT
E
ControlLevel 1
OperationLevel 2
Plant Automation System Levels
PKS Server
Station Station Station
ACE PKS Server
Station Station Station
ACE
ManagementLevel 3
Station PKS ServerDomain
Controller APC PHD Server
Switch A Switch B
Layer 3 Switch
How Does FTE Work? – Security and Determinism
Firewall hides/secures Level 2 and Level 1-- Only L2 PKS Servers are visible
PKS server on L3 consolidates and makes available L2 data / alarms for applications via DSA
Firewall hides all but servers
39FTE Confidential and Proprietary
Station
CDA = Control Data AccessDSA = Distributed Systems Architecture
FT
E
ControlLevel 1
OperationLevel 2
Plant Automation System Levels
PKS Server
Station Station Station
ACE PKS Server
Station Station Station
ACE
ManagementLevel 3
Station PKS ServerDomain
Controller APC PHD Server
Switch A Switch B
Layer 3 Switch
How Does FTE Work? – Security and Determinism
Firewall hides/secures Level 2 and Level 1-- Only L2 PKS Servers are visible
PKS server on L3 consolidates and makes available L2 data / alarms for applications via DSA
FTE switches provide:
Port Filtering between L2 and L1 to allow only CDA and FTE messages for control
L2 bandwidth allocation to ensure that L2 supervisory traffic is not disrupted
L1 bandwidth allocation to ensure that L1 control is not disrupted
Broadcast, Multicast, Unicast storm suppression to maximize FTE network availability
L1: Restricted to CDA and FTE Traffic Only
Firewall hides all but servers
L1 & L2: Bandwidth Allocation
L1 & L2: Broadcast, Multicast, Unicast Storm Suppression
L2: CDA Traffic Prioritized High
40FTE Confidential and Proprietary
TOPICS
Honeywell Process Solutions are based on “process control”.
What is “process control”?
What is a “Distributed Control System (DCS)”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
41FTE Confidential and Proprietary
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaa
Basic FTE Configurations
An FTE network interconnects clusters of nodes. – A cluster is a group of nodes with high intercommunication,
typically associated with the same process unit.
FTE
RedundantServers
ExperionStations
ApplicationControl
Environment Engineering Tools
FTE
FTE
FTE
FTE
FTE
C200
FTE
FTE
FTE
42FTE Confidential and Proprietary
UNIT #4CLUSTE
R
UNIT #3CLUSTE
R
UNIT #1CLUSTER
UNIT #2CLUSTER
History,Advanced
Control
BackboneSwitches
ClusterSwitches
To Plant Information Network (PIN)Firewall
Basic FTE Configurations
A minimum FTE network is one pair of cluster switches; larger networks could have several cluster switch pairs connected to backbone switches.
43FTE Confidential and Proprietary
How Is FTE Implemented?
Cabling: CAT5 STP copper; single and multi-mode fiber optic.
Cisco switches: 24/48 STP ports + 2 GBIC ports; 10 GBIC ports.– Switches are expandable up to 436 ports; can mix switch types– GBICs: plug-in converters for 0.5 / 10 / 70 km fiber optic
FTE software and dual Network Interfaces per PC node
ClusterSwitches
Typically CAT5 STP, but often fiber optic, single or multi-mode-1000 Mbps- up to 70km
Typically CAT5 STP- 100 Mbps- up to 100m
EthernetFTEFTE
EthernetFTEFTE
BackboneSwitches
MediaConverters
Dual NIC card
Software
GBICs
44FTE Confidential and Proprietary
Main Configuration Rules
Switches: 24/48 ports, expandable up to 432 ports
FTE network: • up to 200 FTE nodes (dual-connected)
• Up to 99 of those can be C200 controllers
+ up to 511 Ethernet nodes (singly-connected)
Firewall/router: required to connect to other networks– FTE network is a separate IP subnet– Private IP addresses; only servers are visible externally
Cable: shielded twisted pair (STP) or fiber optic recommended for best noise immunity and performance – Required for CE Mark
45FTE Confidential and Proprietary
Honeywell network experts can do it all-- for FTE and for all networks in the plant.
Honeywell Network Services
Planning, design, installation, integration– Cabling, testing, training, documentation– Special needs, e.g., video surveillance
Network security assessment, engineering, management – Authorization, authentication, encryption, activity logging,
intrusion detection, virus protection– Firewall engineering, configuration, testing and management
Remote Network Administration – Systems (servers, workstations)– Network (switches, routers, firewalls, etc.)
1st
46FTE Confidential and Proprietary
1st
.
Honeywell Network Services
Remote Monitoring 24/7– Networks (Switches, Routers, VPNs, Firewalls)– Systems (PlantScape, TPS, PHD, any type of PC)– Applications on PCs (are they running/responding)
Network and System Performance Management– Proactive tracking of system, server, network performance– Work load Characterization & Capacity Planning
Procurement and support of PCs and network equipment
Honeywell network experts can do it all-- for FTE and for all networks in the plant.
47FTE Confidential and Proprietary
.
Fault Tolerant Ethernet (FTE)-----
FTE is the control network of Experion PKS.– Analogous to TPS LCN/UCN and PlantScape ControlNet.
Dedicated to the control mission– Fault-tolerant– Fast response– Deterministic – Secure
Not an IT network, but leverages IT technology to lower cost of:– FTE network infrastructure– Connection to IT networks– Connection to 3rd party Ethernet devices– Maintenance and support
48FTE Confidential and Proprietary
Cisco products in FTE
Products being qualified for R200– 2950G-24– 2950G-48– 3550-12G– GigaStack GBIC– 1000BASE-T GBIC– 1000BASE-SX GBIC– 1000BASE-LX GBIC– 1000BASE-ZX GBIC
Potential additional products for qualification or certification– 3550-24-FX– 2955C-12– Other 2950 models with Enhanced Image
Thank You!
.