For critical applications, with a 24/7 workload and operating at very high speeds, a failure that involves the plant stopping can result in considerable losses for the company. High availability processes like these, found in Oil & Gas, Sugar & Ethanol , Hydroelectric Power Plants, Agroindústria, among others, demand the use of redundant systems to prevent the plant from stopping working if equipment becomes unavailable. Using this type of architecture practically eliminates the need for system downtime for maintenance, increasing operational safety, increasing the reliability of the automation system and optimizing costs and business performance.
In this article, we will talk about the importance of redundancy in industrial automation systems and the benefits of using an architecture with this characteristic.
What are they and why use redundant systems?
Redundancy, in industrial automation, means maintaining duplicated or tripled systems to guarantee the availability of processes and critical devices. Used in a wide variety of industry segments, such as Petrobras replicating FPSOs in operation in the pre-salt, the functionality guarantees the operability of the plant even if the equipment responsible for control or some part of the network becomes unavailable.
There are several reasons for using redundant architecture systems, but it is common sense that robustness, availability and security form the tripod that supports this type of basis for this type of methodology:
Robustness – ability to tolerate failures and continue operating the process.
Availability – as the name itself makes clear, it is about the full potential of the system being available whenever necessary.
Security – more than just data protection, the word security here occurs in the context of functional security, which protects the physical integrity of both the process operators and the company's assets.
The benefits of using the hot stand-by method
Among the types of redundancy most used in the industry is hot stand-by, a technique in which one or more modules are in standby mode while the main equipment is operational. In this type of architecture, the standby modules work in synchronization with the active equipment and, if a failure is detected, it is ready to become operational immediately. To avoid any type of loss between equipment changes, the stand-by module needs to be synchronized and updated with the same settings as the main equipment.
In addition to the dynamic exchange between primary and standby equipment, the procedures for the startup, operation and maintenance phases are also as simple as for non-redundant systems, saving time during the main use cases.
System initialization
Just one configuration download is enough to configure the controller pair. All configuration received by the primary equipment is transferred to the standby equipment online via the synchronization channel.
Replacing a failed controller
User intervention is not required to update the configuration of a new control module installed in the application. The inserted equipment is automatically recognized by the system, receiving all online configuration and parameterization from the controller in operation from the redundant synchronization channel.
Add new remotes and/or I/O modules without interrupting the process
It is possible to expand the current system to add readings from new sensors without interrupting the process.
In advanced PLC families, I/O modules support hot swapping. The functionality, also known as hot-swapping, allows the replacement or removal of components present in a PLC without the need to turn it off. In other words, these components can be handled while the controller continues to operate.
The procedure consists of updating the reserve controller and then applying synchronism between CPUs. The feature minimizes system downtime for maintenance, further increasing the application's level of availability.
Atualizar as lógicas do controlador sem interrupção do processo
The controllers' software can be updated to add new critical logic without the need for downtime in the process. To do this, simply update the reserve controller and apply synchronization between CPUs.
