The Front-End Software of the DSS Stefan Lüders, EP/SFT & IT/CO DSS Advisory Board, March 17th 2003 Outline The PLC Cycle The Front End Software March 17th 2003 Code Structure The DSS Process Code The DSS Monitoring Code An Example The Front-End Software of the DSS 2/16 Remark This is the Front-End Software V0.9: It is NOT really fancy nor expert friendly. It can’t be. The HMI is the Back-End. Dimensions of arrays, functionalities, … might change. The sizes of the data blocks have direct impact on the cycle time. Optimization has NOT been done yet. Some functionality is NOT even appreciated and will be hidden in the final implementation or by the Back-End. March 17th 2003 The Front-End Software of the DSS 3/16 The PLC Main Cycle The PLC Main Cycle (OB1): PLCs continuously monitor the sensors e.g. temperatures, water flow, sub-detector status PLC: Main cycle T>Tthres T>Tthres T>Tthres AND Alarm Input values are compared to defined thresholds. Several conditions can be logically combined. Their fulfillment will produce an alarm. Alarms will trigger defined actions. Input: Sensors Output: Action Actions are on a coarse level (e.g. (e.g. switching off power) cutting power to a complete sub-detector). End-of-Cycle March 17th 2003 The Front-End Software of the DSS 4/16 The Code Structure DIN DB DIN AIN DB AIN ALE DB ALE ALM DB ALM A2A DB A2A ACT DB ACT PROC status PLC status DSU status DSS status March 17th 2003 PROC status PLC status DSU status DSS status The DSS process code consists of six levels running inside the main cycle. Each level acts on a corresponding data block (“data driven approach”) Four different DSS monitor code routines check the status. All status are stored in additional DBs. The Front-End Software of the DSS 5/16 Data Blocks The #entries are fixed at compile time. Each entry corresponds to e.g. a DIN, AIN, a logical function, an alarm, an action. Sections: State of the entry, e.g. its value, unused flag, error flags Parameter, which can be set by the BackEnd, e.g. inhibits, acknowledges, resets, trigger, enable / disable entry Relations to DBs of lower levels, e.g. of an ALM to DIN, AIN or ALE. Relations are transmitted by the Back-End via a special receive buffer to keep consistency. Collected status of all entries, e.g. an entry has gone off, is inhibited, is in error state All DBs are different. March 17th 2003 The Front-End Software of the DSS 6/16 How a Routine looks like… All routines are written in a FORTRAN / PASCAL like language (“SCL”). Each routine uses the DB structure, i.e. loops on all used entries. State values are determined according the specific rules on relations and parameters. Errors, inhibits, acknowledgements, trigger, resets etc. are considered. The collected status is managed. Entries might be enabled or disabled. The latter only, if the entries has NOT gone off. March 17th 2003 The Front-End Software of the DSS 7/16 The DSS Process Code DIN/AIN: Reading and checking digital and analog inputs ALE: Evaluation of different logical functions with DIN and AIN as inputs ALM: Evaluation of a logical AND with DIN, AIN and DIN DB DIN AIN DB AIN ALE as inputs. ALE DB ALE ALM DB ALM A2A DB A2ATriggering of alarms, managing of ACT DB ACT acknowledges and the alarm sound A2A: Relations between alarms and actions PROC status PROC status PLC status PLC status DSUACT: DSU status status DSS status DSS status Execution of actions, managing of resets March 17th 2003 The Front-End Software of the DSS 8/16 Digital INputs DIN AIN ALE Digital values are sampled from the I/O modules before OB1 starts. DB DIN Only used channels are considered (to save time, DIN are processed DBgroups AIN in of 16). Faulty modules / channels are flagged. The behavior on error DB ALE must be defined by the GLIMOS: ALM A2A TriggerOnError, BeGoodOnError, InhibitOnError. DB ALM ACT March 17th 2003 DB A2A DIN can be inhibited or triggered. Value changes are notified to the DIN history buffer (size currently DB ACT fixed to 1000 entries) The Front-End Software of the DSS 9/16 Analog INputs DIN AIN Analog values are sampled during the AIN routine. Only used channels are considered. The value is compared to… ALE ALM A2A ACT March 17th 2003 upper and lower thresholds, the so-called Virtual AIN (VAIN), physical boundaries and the previous value, to detect faulty sensors. The behavior in case of an error, inhibits or trigger is the same as for DIN. Changes of a VAIN are notified in the AIN history buffer. The Front-End Software of the DSS 10/16 ALarm Evaluation DIN The DIN, AIN and VAIN can be combined by four functions: 4fold AND, 4fold OR 2 of 3 analog value comparison Each function has its own DB. AIN ALE ALM The access is done by an unique addressing scheme, e.g. A2A ACT March 17th 2003 DIN: [1…8192] AIN: [8193…10240,-8193…-10240] Access errors, i.e. the access to unavailable or unused entries are notified and treated as inhibited. The Front-End Software of the DSS 11/16 ALarM Trigger DIN AIN The DIN, VAIN and ALE are combined by a 8fold AND (t.b.c.). Again access via the unique addressing scheme, e.g. ALE ALM A2A ACT March 17th 2003 ALE (AND): [10241…11264] ALE (2of3): [12289…13312] Access errors are again notified and treated as inhibited. ALM can be acknowledged at any time. The alarm is reset after all actions have been executed and the 8fold AND results FALSE. ALM can be inhibited or triggered. Changes of an ALM are notified in the ALM history buffer. The Front-End Software of the DSS 12/16 A2A and ACT DIN AIN ALE ALM A2A ACT March 17th 2003 Each ALM can start several actions with different delays (up to 600 seconds in steps of 10s). A pending A2A inhibits the reset of the corresponding ALM / ACT. ACT executes the action on the hardware. ACT can be reset, if no A2A are pending and the corresponding ALM has been acknowledged. The behavior in case of an error, inhibits or trigger is the same as for DIN. Changes of a ACT are notified in the ACT history buffer. The Front-End Software of the DSS 13/16 The DSS Monitor Code DIN Every status is collected in a corresponding DB. The status is determined by… AIN ALE ALM The PROC, DSU and DSS status are queried every second. The PLC status is queried… A2A PROC status PLC status DSU status ACT DSS status March 17th 2003 event-based interrupts in case of coming / going failures periodic interrupts to queries specific information every second for the H-CPUs every minute for the communication every hour for all modules All statuses are queried at warm or cold start, when the system enters the redundant mode or on Back-End request. PROC status PLC status DSU status DSS status The Front-End Software of the DSS 14/16 The DSS Monitor Code “PROC” is based on the collected state of the DBs. PROC status “PLC” monitors the CPU / ET crates and the communication to the OPC server. PLC status Errors are persistent and must be reset. Fatal errors harm the PROC chain. Some I/Os are unprocessable. DSU status “DSU” monitors all entities inside a DSU. wraps up all of the DSS “DSS” status above and provides an alive signal. PROC status: PROC status Channel / module error Access / Value error Alarms, Actions Inhibits PLC HW / SW status: PLC status Warm / Cold starts Power failure Module failure I/O access error Redundancy error CPU memory mismatch CPU timing error OK flag DSU status: DSU status PS / UPS status CPU / ET crate status DSS status: DSSAlive status signal PROC status PLC status DSU status March 17th 2003 The Front-End Software of the DSS 15/16 An Example DIN AIN ALE ALM A PT100 (ET #4, Module #2, Channel #1, HW addres #1024) is monitoring the temperature of a bottle of wine. The upper threshold is set to 30°C (SORRY!). If T>30°C “ValueTooHigh” goes off and leads to an alarm. After 20s, the action (ET #4, Module #3, Channel #1, HW address #257) is triggered. The action can be reset if the alarm has been acknowledged. Remarks: Positive safety is currently NOT applied here. And the Back-End will NOT allow for delayed actions. A2 ACT March 17th 2003 The Front-End Software of the DSS 16/16
© Copyright 2024 Paperzz