Levels of Redundancy

  • Overview
  • PLC redundancy
  • Cabling redundancy
  • Server redundancy
  • Computer network redundancy

Overview

The principle of redundancy in automated systems provides for switchover of functionality to a backup component in case of failure of a primary component. The switchover is considered automatic if no operator intervention is required. Redundancy applies to both hardware and software, and implies minimal loss of continuity during the transfer of control between primary (active) and redundant (standby) components. Redundant systems reduce single points of failure, preventing loss of functionality.

For cell control systems, the major levels of redundancy include:

  • PLC.
  • Cabling (PLC LAN or serial connections to server).
  • Computer server redundancy.
  • Computer networks.

Each level of redundancy provides a failover system that allows continuous system activity with minimal loss of data. The following sections briefly describe each level.

PLC Redundancy

PLC redundancy lets control transfer from a primary programmable controller to a redundant one in case of failure.

When the primary PLC comes back on line, control can be transferred from the redundant PLC back to the primary with minimal loss of data.

The redundancy can be synchronous or independent. Synchronous systems coordinate control and handling of data between CPUs of the active and standby units, while in independent systems each PLC acts like an active unit and is not constrained by the others.

Some CIMPLICITY communication options support PLC redundancy.

Cabling Redundancy

Cabling redundancy involves separate physical connections to the same device.

The devices can be on a LAN (GENIUS, MAP, etc.) or may require serial connections (SNP, CCM, etc.). Redundant cabling provides an alternate communication path to the device in case of primary path failure. The implementation of cable redundancy with respect to host monitoring/control systems differs with the device protocol involved.

Some CIMPLICITY communication options support cabling redundancy.

Server Redundancy

Server redundancy involves a primary factory monitoring server and a secondary "Hot Standby" server.

The secondary server is essentially a mirror image of the primary server, running alternate monitoring/control processes and applications. Data collection is performed via independent or shared network paths to the same devices, depending on the protocol. The characteristics of the selected communications protocol(s) determine the details of the configuration.

Upon detection of failure of the primary server, the secondary server can assume control of data collection, alarm functions, applications, and allow user access with minimal loss of continuity. When the primary server comes back on line, control can be transferred back, and the secondary server will resume its backup role.

Computer Network Redundancy

Computer cabling redundancy is similar to cabling redundancy, except it covers computer to computer communications rather than computer to programmable controller. Computer cabling redundancy provides an alternate network path in case of failure of the primary network.