Programmable Safety and Control Systems for Use in Burner Control. Adam Hallinan Pilz Safe Automation Melbourne



Similar documents
Boiler Preparation, Start-Up and Shutdown

DeltaV SIS for Burner Management Systems

How To Get A Type B Gas Appliance Approved In Western Australia

SECTION PACKAGED ROOFTOP AIR CONDITIONING UNITS NON-CUSTOM

ecomax Instructions for use Wall hung room sealed fan assisted condensing boilers For the user

Version: 1.0 Latest Edition: Guideline

Hardware safety integrity Guideline

TIA Portal vs Studio 5000

BURNER MANAGEMENT SYSTEM SOLUTIONS Increase the Safety and Availability of your Combustion Process. Invensys is now

Factory owners must ensure the boiler is:

Alain Nifenecker - General Electric Manager Controls Engineering

Programming A PLC. Standard Instructions

Logic solver application software and operator interface

Bristol ControlWave Redundant Control

prestige Condensing Water Boiler SERVICE TECHNICIAN S TROUBLE SHOOTING GUIDE TSG-PRESTIGE Date revised: 12/6/10

PART 11: START-UP PROCEDURES FOR THE INSTALLER

Model Description / Applications. Intermittent Pilot Gas Ignition Control

GENERATOR START CONTROL MODULE - MINI (2 Wire to 3 Wire)

1 QPro HelpFile 01.EN COPYRIGHT CONTRIVE

Workshop 7 PC Software - Tracker

ORC TURBOGENERATOR TYPE CHP - Organic Rankine Cycle Turbogenerator fed by thermal oil, for the combined production of electric energy and heat -

WARRANTY BOOKLET. Commercial Water Heaters. Register online at

SOFTWARE-IMPLEMENTED SAFETY LOGIC Angela E. Summers, Ph.D., P.E., President, SIS-TECH Solutions, LP

Operating instructions

Selecting Sensors for Safety Instrumented Systems per IEC (ISA )

Automation, Software and Information Technology. Test report of the type approval safety-related automation devices

Oil and Coolant Circulating Heating System. Model - OCSM

SuperIOr Controller. Digital Dynamics, Inc., 2014 All Rights Reserved. Patent Pending. Rev:

Fisher FIELDVUE Instrumentation Improving Safety Instrumented System Reliability

Safety Requirements Specification Guideline

Value Paper Author: Edgar C. Ramirez. Diverse redundancy used in SIS technology to achieve higher safety integrity

GAS LEAKAGE DETECTION & AUTO ON-OFF GAS SYSTEM

ABB PSPS Erich Steinmann; Generator control-2013

Smart Thermostat page 1

Understanding Safety Integrity Levels (SIL) and its Effects for Field Instruments

C. Burner management system to follow requirements of Industrial Risk Insurers (IRI).

Service & Support. Higher-level safe switch-off of the power supply of functionally nonsafe standard modules? Wiring Examples.

Lockout Tagout Program. Table of Contents

Baxi Platinum Combi HE Range. User s Operating Instructions & Important Warranty Information. Gas Fired Wall Mounted Condensing Combination Boiler

Configuration Management: Best Practices White Paper

BC & BCH SERIES INDOOR / OUTDOOR INSTALLATION

PRODUCT DESIGN. 5. Furnace awaits call from thermostat.

PNOZmulti error messages. Configurable Control System PNOZmulti. Error list EN 01

LOCKOUT/TAGOUT (LOTO) SAFETY PROGRAM

Guidance on Safe Operation of Boilers

ELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL

SmartWire Panel Wiring Solutions the easy way to connect

LMS The modular management system for condensing boilers. Control Products & Systems OEM. Answers for infrastructure.

Programmable Safety Systems PSS-Range

Integrating Control and Safety with Secure System Segregation

Programmable Logic Controllers

Cisco T1 Layer 1 Troubleshooting

I.S. 1 remote I/O system Redundant coupling via PROFIBUS DP

Page85. Lock-out Tag-out Plan

Chapter 2 System Basics

PLC Control Unit for a CSM-C Steam Compact Clean Steam Generator

DKG 972 Gas Burner Safety Control

Cooking at the Speed of light!

OZW30. Central Unit SYNERGYR

Line Monitoring and Control in Subsea Networks

Recovery Boiler Combustion control system(ccs) & Emergency shutdown(esd).

Number 1 in efficiency

Machine Safety Design: Safety Relays Versus a Single Safety Controller

PLC Based Liquid Filling and Mixing

C3306 LOCKOUT/TAGOUT FOR AUTHORIZED EMPLOYEES. Leader s Guide. 2005, CLMI Training

NC State University Design and Construction Guidelines Division 26 Fire Alarm Systems

CATALYST Frequently Asked Questions

Square D Model 6 Motor Control Centers

1 Application Description Objective Goals... 3

O. Gas boiler. Gaz 6000 W WBN H-E-N/L-S2400. Operating instructions for the end customer (2014/07) en

2011, The McGraw-Hill Companies, Inc. Chapter 5

Overview of IEC Design of electrical / electronic / programmable electronic safety-related systems

Application Technique. Safety Function: Magnetic Door Switch Monitoring

B r u ne n r e Ma M n a a n g a e g m e e m n e t A S t S rai a gh g t h for o wa w r a d A p p r p oa o c a h c h Us U i s ng n g De D l e tav a


GE Intelligent Platforms. PACSystems High Availability Solutions

DMG 970. Gas Burner Safety Control. For 2-stage forced draught and combi oil/gas burners

TIG INVERTER INSTRUCTION MANUAL

3088 Lockout-Tagout Training Program Course Outline

Combined Cycle Control Overview

WARRANTY BOOKLET. Continuous Flow Water Heaters. Register online at

Operating instructions

Manual for Fire Suppression & Methane Detection System

- 1 - SmartStor Cloud Web Admin Manual

Technical Bulletin. Understanding Servo Safety Functionality and SIL ratings

Multizone Application >3. MSR300 System. No Software configurable? GuardPLC. Enet RECOMMENDED PRODUCTS. Time Delay MSR138

SIMATIC Safety Workshop

NFPA Edition Fire dampers shall be permitted to be installed in exhaust systems in the following situations:

Gas Oven Repair Guide

THERMO KING TRUCK & TRAILER UNIT ALARM CODES THIS DOCUMENT SHOWS ALL CURRENT ALARM CODES FOR THERMO KING TRUCK AND TRAILER UNITS.


Intelligent Vibration Monitoring

25 Years of Manufacturing Excellence. Premier Quatro Addressable Fire Alarm System. Assessed to ISO 9001: 2008

PROGRAMMABLE LOGIC CONTROL

UNIFIED FACILITIES GUIDE SPECIFICATIONS

Implementing a Reliable Furnace Monitoring System

Functional Safety Lifecycle of the LCLS PLC PPS Systems E. Michael Saleski * May 31, 2006

Latest Power Plant Control System

An overview of Computerised Numeric Control (C.N.C.) and Programmable Logic Control (P.L.C.) in machine automation

Transcription:

Programmable Safety and Control Systems for Use in Burner Control Adam Hallinan Pilz Safe Automation Melbourne Abstract Programmable controllers for Burner control can simplify the installation of large burners or boilers, due to the flexibility offered by the programmable nature of the system. Using a PSS programmable safety and control system coupled with pre-written and certified function blocks for burner management not only simplifies installation, it also simplifies the approval process as the hardware and pre-written function blocks have been certified by TÜV to IEC/AS 61508 SIL3. The in-built simple diagnostics means any problems can be easily and quickly rectified, minimising any downtime caused by these problems.

Introduction The following paper discusses the use and benefits of Programmable Safety and Control Systems in Burner Management Systems (BMS). There are many BMS systems running today which do not comply with current standards. They are either using non approved standard PLC s or antiquated relay based control systems. Not only is the potential failure to danger a risk to man and machinery but even non dangerous sporadic failures can be difficult to fault find and lead to costly down time. Programmable safety and control systems (PSS) suitable for use in BMS have been available for well over 10 years now. These controllers can identify any dangerous failures before they create a hazardous situation, and also provide a level of diagnostics to minimise downtimes. By taking the I/O into the field, large distributed applications with many burners can be accommodated economically with minimum install time, and also safely. It is important that any system used for the Burner Management System meets the requirements set out under the relevant (Australian) Standards, for example AS3814-2005 Industrial and commercial gas-fired appliances. The relevant parts of this standard in relation to the safety control of BMS is found in chapter 2, section 2.26: 2.26 APPLIANCE/BURNER CONTROL CIRCUITS 2.26.1 Requirements of control circuits Control circuits shall be designed so that a) failure of a single component cannot cause a hazardous condition; b) where programmable electronic system (PES) control circuitry is used for a burner management system, then its performance under fault conditions shall at least match that achieved by conventional technology. Any single failure, or any dormant condition followed by another single failure, shall be protected against, so that critical timings and sequence operations remain safe. This applies right through the electronic system, from the CPU, memory, etc., through to output devices. The safe state is complete burner shutdown with lockout. 2.26.2 Gas-actuated control Gas-actuated controls shall be of a type where there is no continuous bleed during the off period. 2.26.3 Requirements for a programmable electronic system (PES) A Programmable Electronic System (PES) shall not be installed or modified without the approval of the technical regulator. To gain technical regulator acceptance for a PES on a Type B appliance the following conditions apply: a) All systems that perform safety-related functions shall be hard-wired. b) If a PES controller (logic solver and its associated I/O module) is used to perform safety-related functions i) it shall be a safety-related PES controller and possess a TÜV safety certificate to the appropriate safety integrity level (SIL) of AS 61508 or

some equivalent certificate using only TÜV certified firmware (or equivalent); ii) where a customer/contractor insists on using a non-safety-related PES controller to perform safety-related functions the safety-integrity of the PES controller shall be independently verified, to the required SIL, by an appropriate institution. Programmable safety and control systems (PSS), safe distributed I/O modules for SafetyBUS p and most dual channel PNOZ safety relays are designed so that a single failure internally cannot cause the loss of safety i.e. cannot cause a hazardous condition as per point 2.26.1 (a) and can also be configured to monitor external devices to meet the same conditions. The following case study shows how a large existing Burner installation was brought up to current standards by retrofitting a TÜV approved PES controller in conjunction with a distributed safe I/O system. TÜV approved Safe software functions allow for ease of programming, excellent diagnostics and assist in the approval process. Figure 1 below shows typical functions covered in the BMS software package. SB - 154 Valve SB 156 - Seal control P+ SB 159 - Operation P - SB 150 Flame Monitoring SB 151 Transient suppression SB 158 - Ignition SB 153 air flow SB 160 - Ventilator SB 155 Purging Figure 1: Typical BMS software package function SB 153 air These functions include: SB 150 for monitoring the presence of a flame, from burner startup until the burner is shutdown SB 151 (transient suppression) for monitoring a N/C contact such as that on a pressure monitor SB 152 for monitoring the burner start and stop commands SB 153 for control and position monitoring of the flaps/dampers SB 154 for control and position monitoring of valves SB 155 to monitor limit switches for pre-purge and purging SB 156 for seal/tightness control of valves (safety, main and exhaust) SB 158 for controlling and monitoring the ignition process

SB 159 for controlling the operation of the burner SB 160 to control the operation of the blower/fan. The fact BMS are installed which do not fulfil appropriate safety levels is not the only reason to change such a BMS: often the existing relay based control systems have reached a life cycle stage where relays do not work reliably any longer. For small BMS it is rather easy to fix such an error. But as many modifications are done during time critical situations (unexpected downtime due to a failure - the system has to be made operational again) changes are often not documented which makes the next repair more difficult. Therefore even small BMS applications with traditional relay control are not maintainable after a certain time. A different reason for a renovation is to reduce emissions and make the system more efficient. Safety can be an additional aspect. Calculations show that after 3 years the investment has paid off for a new BMS system which offers better control possibilities and is efficient. Besides a relay based control system there are special components in use for the complete system: flame detection, flame control, burner control. The objective is to replace the relay based control systems and to integrate the safety functions into one system. Depending on the size of the BMS different solutions are possible. The case study system is based on a safety PLC. The safety requirements for the new system were: Replacement of the burner control device Control of the flame detectors Control of the safety sequence Control of E-stops Beside the safety aspects the system fulfilled some non safety related functions: Communication to the SCADA system First level error diagnostics It is an appropriate example to show how in new solutions software replaces hardware functions. In the safety system there is software function blocks used which offer typical BMS functions. A major concern certainly is to be sure that the software is safe. This includes application software (program, programming tool, and software blocks) as well as the operating system. There are two major possibilities why software can be unsafe: 1. technical reasons like changed signals during download or upload from the program editor hardware to the controller; or 2. human mistakes such as incorrect operands being used etc. Alterations in the application can lead to unexpected results such as an E-stop perhaps will not shut down the system or other actions are not performed. Therefore software based systems for safety require certain measurements which prevent unsafe conditions. These controller/software based safety systems are able to serve small burner applications with just one oven or many ovens in larger applications, even for power and steam generation. The example BMS application shows a system with 69 individual burners.

To summarize: BMS electronic safety devices such as safety PLC s offer a good foundation to optimize a relay based control system. Flexibility and the available diagnostics are of great benefit for maintenance. From the point of view of production it is obvious that these wearfree solutions offer a clear advantage in availability.

Case Study: Steel Metal Coating Line Furnace Upgrade This example discusses the upgrade of the control system on a Metal Coating Line where a series of 69 burners are used as part of a heat treatment process. Figure 2: System Layout Schematic Reason for Upgrade The Metal Coating Line Furnace had been in operation for many years using traditional control devices which did not meet current standards. It was decided to upgrade this line to increase its operational efficiency and bring into line with current gas safety standards. Choice of control system Several different options were investigated. A Pilz Programmable Safety and Control System (PSS) with SafetyBUS p was chosen. The PSS system offered a number of key attributes and advantages: TÜV Approval of Hardware to IEC/AS 61508 allowing it to be accepted for use by the Office of Gas Safety based on the requirements of AS3814. TÜV approved Software functions for Burner Management Systems making the programming task not only simpler in application but aiding in the approval process. Distributed Safe IO (also approved by TÜV) allowing for lower installation costs due to much less wiring and faster installation time. Interrogation and Diagnostic capabilities and the ability to integrate this information into the existing SCADA system. System availability.

System Description The 69 burners are broken down into 3 zones of 23 (see Figure 2). One remote I/O module on SafetyBUS p is used per burner. The Zone CPU Panels are located in the furnace control room where operators initiate Start/Stop sequences and have feedback on the operating status of each burner via local text displays. Figure 3: One zone schematic Zone I/O panels are distributed along the line; each of these panels houses a series of remote I/O modules for the nearby burners. Control panels house UV relays and Ignition Transformers. Controls located on these panels allow operators direct access to start/stop and restart zones without the need to enter the main control room. Ammeters indicate the status of the UV flame detectors.

Burner Equipment The Burner Equipment consists of Burner Gas Isolation Valve, Start Gas Regulator, Start Gas Double Block Safety Shut Off Valve, Main Gas Double Block Safety Shut Off Valve (SSOV), Spark Electrode and U.V. Detector. Figure 4: Basic Schematic for One Burner

Burner Run Sequence The TÜV approved safe function blocks (SB s) from the Pilz Burner Management Package are used to create a Step by Step functionality that ensures the correct operational sequence is performed every time. SB152 Start SB156 Leak Test SB160 Fan SB153 Damper SB155 Prepurge SB153 Damper SB158 Ignition SB159 Run position SB154 SSOV SB154 SB150 Flame SB152 Stop SB160 Blower off SSOV Figure 5: Example Burner Software Sequence SB 149 is used to tie all the burner functions together and ensures that one function cannot be started unless the previous required function has been completed without errors e.g the fan will not turn on unless the leak test has been performed and returned a positive result. SB 152 must accept the Start command to initiate the burner sequence, and the same function block is used to monitor the Stop command 1. In conjunction with these burner management function blocks, other safe functions such as for Emergency Stop monitoring can also be included. 1 For descriptions of the BMS function blocks see Figure 1.

Special requirements on MCL4 Upgrade To test for failures in single devices such as the flame detector each burner is switched off in a controlled shutdown once every 24 hours for self checking. This takes place automatically as it is programmed in the Fail Safe (FS) section of the PSS. Diagnostics The Standard function blocks include in-built diagnostics which provide clear diagnostic status of all modes. This information is displayed on text displays in the control room to minimise any down-time due to errors. For example, if one of the Safety Shut Off Valves sticks slightly and takes too long to switch over, the text display will display the message Valve 3 change in position time has been exceeded. Each function block has a number of possible different error messages, and the function block operating manual also includes detailed remedy actions for these errors. Apart from the many pre-configured texts, user text has also been created to define certain specific operating modes. A Profibus-DP connection links the PSS systems to an existing SCADA network, allowing for information on the operating status of the burner system to be received anywhere on the site. Conclusion The Metal Coating Line project has been successful in improving reliability of the system. If a problem occurs with a burner it is recognised quickly with the diagnostics helping to resolve problems in the least amount of time. The approved and pre-written software functions meant the actual amount of PLC programming and debugging was minimized. By using Fail Safe distributed I/O over SafetyBUS p the upgrade installation was able to take place in a very short time frame. Cabinets were built off site with the connection between them all and the main control room being a single 3 core cable providing huge time savings compared with traditional hard-wired solutions. For more information please contact: Pilz Safe Automation C1/756 Blackburn Rd. Clayton, VIC, 3168 PH: 03 9544 6300 www.pilz.com.au

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information