DESCRIPTION
Honeywell FTE Training Course
Citation preview
FTE Sales Presentation*
What is “process control”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
Example: heating water
“Actuators” regulate amount of something used in the process
Examples: fuel control valve, damper actuator
A “controller” continually reads data from a transmitter and
calculates actuator adjustments to maintain a property value.
PROCESS
output
input
controller
actuator
transmitter
Read the Process Value (PV)
Calculate
Gov’t regulations- safety, emissions, etc.
Security: must have access restrictions/controls.
PROCESS
output
input
Characteristics of real process plants
The process shown below is very simple, and the controller shown
below is very simple.
In a real plant, many properties of the product are measured:
Temperature, pressure, viscosity, size, weight, color, etc.
…and many properties of the process equipment are measured:
Fuel consumption, up/down time, corrosion, wear, etc.
PROCESS
output
input
controller
actuator
transmitter
Characteristics of real process plants
Paper mill: a series of processes that transform trees into
paper.
Makes many different products (toilet paper to computer
paper).
Must control each process plus interactions between
processes.
*
Characteristics of real process plants
Paper mill: a series of processes that transform trees into
paper.
Makes many different products (toilet paper to computer
paper).
Must control each process plus interactions between
processes.
10’s-100’s of field devices / process; 1000’s of control loops
total
Can’t control the plant with 1000’s of simple controllers!
X
What is “process control”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Via direct Input/Output modules and industrial buses
Multi-loop
Controller
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Supervisory coordinating controllers
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Supervisory coordinating controllers
Operator
Stations
Supervisory
Controller
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Supervisory coordinating controllers
Servers for system data management
System
Server
Operator
Stations
Supervisory
Controller
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Supervisory coordinating controllers
Servers for system data management
Control network for intercommunication
What is a “Distributed Control System (DCS)”?
A DCS is an integrated set of modules with distributed
functions.
Multi-loop controllers (10’s-100’s) that connect to field
devices
Supervisory coordinating controllers
Servers for system data management
Control network for intercommunication
A DCS, throughout the whole system, must provide:
Performance: control must be faster than the process.
Determinism: control must always take the same time.
Fault tolerance: redundancy; must fail to a known state.
Security: must have access restrictions/controls.
Remote
Server
A DCS is designed, sold, maintained as a system, including:
System capacity and performance specifications
System configuration, simulation, and management
Alarms and status of the entire system
System releases (with on-line installation)
System maintenance and support (including 3rd party
equipment)
Remote
Server
Remote
Server
Mfr sells a complete system of integrated components.
Mfr sells some components; an SI acquires others and engineers the
system.
Mfr supports the system.
On-line repair/ maintenance is the norm.
Off-line repair/ maintenance is the norm.
System management built-in.
Users expect to evolve/upgrade/expand a system over 10/20/30
years.
System is a one-off project (like a house). Upgrades / expansions
are new projects.
www
Controllers designed by Honeywell
Proprietary 5 Mbps control networks
Interfaces/gateways required to non-Honeywell equipment
Near performance limits
What is “process control”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
>10x performance, + determinism, security, fault tolerance
Reduce cost of communication infrastructure and support
Reduce cost of connection to PCs and IT networks
Ethernet preferred
Industry bus protocols migrating to Ethernet
FF H1 FF HSE
No suitable fault tolerance approach
*
Analogous to TPS LCN/UCN and PlantScape ControlNet.
Remote
Server
FTE is the control network of Experion PKS.
Analogous to TPS LCN/UCN and PlantScape ControlNet.
Dedicated to the control mission
Fault-tolerant
Deterministic
Secure
Not an IT network, but leverages IT technology to lower cost
of:
FTE network infrastructure
Maintenance and support
3 Cisco switches qualified for R200
100/1000 Mbps; single and multi-mode optical fiber up to 70
km
Security and determinism functions required for control
mission
Preferred supplier by many customers
.
*
An FTE network has redundant switches and cables.
Topology: 2 parallel trees joined at the top to form one
network.
An FTE node connects to both trees.
An Ethernet node (non-FTE) connects to either tree.
Switches
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
Switches
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
Switches
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
Switches
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
4 communication paths between FTE nodes
A - A
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
4 communication paths between FTE nodes
A - B
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
4 communication paths between FTE nodes
B - B
An FTE network has redundant switches and cables.
1 communication path between Ethernet nodes
2 communication paths between an FTE node and an Ethernet
node
4 communication paths between FTE nodes
B - A
What is “process control”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
How Does FTE Work? –FTE path status
Each FTE node continually issues short diagnostic messages to test
each path to every other node, and builds a status table.
Below is a node’s status table. The first 2 nodes are FTE nodes,
and the last 4 nodes are singly-connected Ethernet nodes.
A bad link displays as “SILENT”.
If the B cable to the FTE-GUS node fails, A>B and B>B
SILENT.
*
User Mode
Operational Details
For Microsoft applications an intermediate driver is inserted
between layers of NDIS (Network Driver Interface Standard)
The TCP stack and its connection to the OS are unaffected.
The FTE software has the ability to intercept, analyze, and
redirect messages
The location of this driver in the Kernel while still using
standard calls is what gives FTE its openness and
performance.
User Interface
FTE nodes:
There are four possible paths between two FTE Nodes
Sequence numbered messages are periodically sent from both ports to
exercise all four paths
The status of the four paths is sent back in the next “test
message” transmission
Loopback (shown in red) is also checked to diagnose the
inter-switch link.
From this data the best possible path from Node 1 to Node 2 is
determined and used.
Link carrier status can also be checked for rapid detection
(hardware dependent).
6
FTE
Ethernet nodes:
Operational Details
There are two possible paths between an FTE and a non-FTE
Node
The best viable path is chosen (using the data derived from the
test messages)
No test messages are required from the non-FTE nodes.
Singly attached nodes can receive and use test message data to
determine LAN health.
If the inter-switch link is bad, multicast messages are sent via
both ports to maximize the connectivity to singly attached
nodes
FTE
Station
CDA = Control Data Access
DSA = Distributed Systems Architecture
This diagram shows levels of the plant automation system (level 0 –
field devices – is not shown).
FTE is the Experion PKS network for the control and operation
levels (1 and 2 ).
FTE
Control
How Does FTE Work? – Security and Determinism
Firewall hides/secures Level 2 and Level 1-- Only L2 PKS Servers
are visible
PKS server on L3 consolidates and makes available L2 data / alarms
for applications via DSA
Firewall hides all but servers
PKS Server
How Does FTE Work? – Security and Determinism
Firewall hides/secures Level 2 and Level 1-- Only L2 PKS Servers
are visible
PKS server on L3 consolidates and makes available L2 data / alarms
for applications via DSA
FTE switches provide:
Port Filtering between L2 and L1 to allow only CDA and FTE messages
for control
L2 bandwidth allocation to ensure that L2 supervisory traffic is
not disrupted
L1 bandwidth allocation to ensure that L1 control is not
disrupted
Broadcast, Multicast, Unicast storm suppression to maximize FTE
network availability
L1: Restricted to CDA and FTE Traffic Only
Firewall hides all but servers
L1 & L2: Bandwidth Allocation
L2: CDA Traffic Prioritized High
PKS Server
What is “process control”?
What is Fault Tolerant Ethernet (FTE)?
How does FTE work?
How is FTE implemented?
An FTE network interconnects clusters of nodes.
A cluster is a group of nodes with high intercommunication,
typically associated with the same process unit.
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
FTE
Redundant
Servers
Experion
Stations
Application
Control
Environment
Confidential and Proprietary
Basic FTE Configurations
A minimum FTE network is one pair of cluster switches; larger
networks could have several cluster switch pairs connected to
backbone switches.
UNIT #1
Firewall
Cabling: CAT5 STP copper; single and multi-mode fiber optic.
Cisco switches: 24/48 STP ports + 2 GBIC ports; 10 GBIC
ports.
Switches are expandable up to 436 ports; can mix switch types
GBICs: plug-in converters for 0.5 / 10 / 70 km fiber optic
FTE software and dual Network Interfaces per PC node
Cluster
Switches
Ethernet
FTE
FTE
Ethernet
FTE
FTE
Backbone
Switches
Media
Converters
FTE network:
Up to 99 of those can be C200 controllers
up to 511 Ethernet nodes (singly-connected)
Firewall/router: required to connect to other networks
FTE network is a separate IP subnet
Private IP addresses; only servers are visible externally
Cable: shielded twisted pair (STP) or fiber optic recommended for
best noise immunity and performance
Required for CE Mark
Authorization, authentication, encryption, activity logging,
intrusion detection, virus protection
Firewall engineering, configuration, testing and management
Remote Network Administration
Systems (servers, workstations)
Network (switches, routers, firewalls, etc.)
Honeywell network experts can do it all-- for FTE and for all
networks in the plant.
1st
Systems (PlantScape, TPS, PHD, any type of PC)
Applications on PCs (are they running/responding)
Network and System Performance Management
Proactive tracking of system, server, network performance
Work load Characterization & Capacity Planning
Procurement and support of PCs and network equipment
.
Honeywell network experts can do it all-- for FTE and for all
networks in the plant.
1st
Analogous to TPS LCN/UCN and PlantScape ControlNet.
Dedicated to the control mission
Fault-tolerant
Deterministic
Secure
Not an IT network, but leverages IT technology to lower cost
of:
FTE network infrastructure
Maintenance and support
2950G-24
2950G-48
3550-12G
3550-24-FX
2955C-12
*