ICS Engineering Inc.
Electrical Consulting | Communications | Automation

PLC Redundancy

Reliability in process control systems has a different meaning for each industry. Depending on the type of interruption, the severity of the consequences or the governing regulations, some automation systems require PLC redundancy to keep people and equipment safe. Instrumentation & control engineers need to balance the cost of redundant PLCs with the consequences of an outage.

For a relatively small investment, extra control hardware and intelligent software can reduce the damage and inconvenience when a controller fails. After a risk assessment of the specific application, it may make sense to beef up the reliability of a PLC-base control system. The type of redundancy to implement depends on the technical & business consequences of a failure.

The amount of redundancy depends on many factors including the amount of engineering effort required versus the prospect of financial loss and bad PR when a failure does occur. Detrimental consequences may also cause environmental damage and loss of human lives (i.e. sawmill explosions).

Instrumentation and control engineers should take all contributing factors and statistically-possible outcomes into consideration. These may include:

Continuous Process - Food processing, product assembly lines and chlorine-based pulp and paper processing all require synchronization of numerous stages. A stoppage in one section may lead to bottle necks in others and loss of unfinished product throughout the assembly line. Instrumentation engineers need to investigate how much in-process material could be adversely affected if a controller or subsystem malfunctions.

Batch Processing - Surface Mount Technology (SMT) circuit board is a good example where a large number of products is processed all at once, sent to inventory and then the production line halted. PLC redundancy will help ensure that the line will be operational when order output is started again.

Critical Industries - Mining, nuclear and gas control cannot afford an interruption in operation & safety monitoring. A near 100% uptime of the control system, with full backup capabilities, is required to prevent deadly and costly incidents.

Types of PLC Redundancy

Most PLC vendors provide units with built-in redundancy for processor control and power supplies. However, from a system level design, there are four ways to provide higher reliability:

Separate Mode (independent operation) - Again, two PLCs are used but each operate separately and the inputs and outputs are split between both processors (50/50). If one PLC fails (along with its internal back-up systems), only half of the capacity is lost instead of the entire load. This is the easiest redundant controller system to implement but requires duplicate assembly lines, controllers, sensors & actuators.

Shadow Mode - Two identical PLCs run the same software and share the same inputs and outputs. One operates as the primary, the second as a backup. If a heartbeat signal from the first is not received by the second, the backup unit assumes control of the automation system providing uninterrupted operation. These require a bit more design and require an arbitration circuit for the sensors & actuators to avoid conflict.

Split Mode (dependent operation) - As used in the telecom system and banking mainframes, two controllers the share the same inputs and compare independent decisions before setting an output. If a discrepancy is noted, a special system response is exercised. In automation systems, appropriate action may be as a simple reporting or halting/slowing of the assembly line until human intervention can be made.

Voting - Made popular by NASA, an odd-number of independent control systems make self-governing decision and a ballot is posted before a decision is made (majority rule). These systems are the most costly to build as they require redundant control systems which may be too cumbersome and expensive from some applications. And the PLC programming requires a more thorough design.

Tips for higher reliability in PLC Control Systems

Modern PLCs are extremely safe and can easily provide years of uninterrupted service. Failures, however rare, usually take place in the sensors or the connecting hardware back to the control cabinet.

  • To enhance the smooth operation of PLCs, ensure they are in an environmentally controlled cabinet (away from dust, debris & ESD strikes) and are properly cooled to protect the silicon ICs.
  • A control system with redundant PLCs is one way to increase reliability and reduce downtime. A small investment in duplication can avoid large financial impacts when faults do occur.
Secure Industrial Networks
Flaws in PLCs
Harsh Environments
PLC Redundancy

ICS Engineering Inc.
Edmonton 587-557-1152