industrial networks - control global · isa-95/iec 62264 standard, on which the majority of control...

Industrial Networks

eHANDBOOK

TABLE OF CONTENTSEvolving network architectures 4

IIoT and cloud computing are changing our view of the venerable Purdue model.

Open systems unlock value 8

Standards deliver on the interoperability promised by OPAF and NAMUR.

Wireless IPL 15

ISA-84 offers guidance for emerging for safety and security applications.

The bus in winter 17

HART and fieldbus offer ways to keep instruments honest when temperatures are low.

The brittle panel 19

What’s it worth to be able to touch wiring without causing an incident?

AD INDEXNexans • nexans.us/industrial 3

WAGO CORP. • www.wago.us/IOsystem 7

Newark • newark.com 14

eHANDBOOK: Industrial Networks 2

www.ControlGlobal.com

http://nexans.us/industrial

http://www.wago.us/IOsystem

http://newark.com

Nexans Industrial Ethernet Solutionsnexans.us/industrial • [email protected] White Oak Rd, New Holland, PA 17557 • 717-354-6200

CONNECT & CONVERGEDowntime is los t t ime. And los t t ime means los t prof i tabi l i ty. With Nexans Industr ia l Ethernet Solut ions, you’re get t ing a solut ion you can t rus t ; one that suppor ts your requirement for 100% upt ime.

Nexans gives you the conf idence to make the connect ion. Visi t nexans.us/industrial to learn more.

NETWORK SOLUTIONSFOR ANY ENVIRONMENT.

http://nexans.us/industrial

The Purdue Enterprise Reference

Architecture incorporated in the

ISA-95/IEC 62264 standard, on

which the majority of control system

architectures and subsequent standards

including wireless, cybersecurity, safety,

etc. are based, originated in 1989. Despite

being in use for almost 30 years, many

people still believe it’s based on physical

layers, when it actually defines the func-

tions to be performed at each level of the

architecture. At the time the model was

developed, and in most cases today, it’s still

true that form follows function, and the var-

ious pieces of hardware tend to correlate

closely to their assigned function. The IEC

62443/ISA-99 cybersecurity zone and con-

duit concept also tends to encourage the

maintenance and separation of each of the

function-based layers.

With the changes in processing and com-

puting capability we’ve seen at the different

levels of the enterprise, particularly Level

1, and the introduction of cloud-based sys-

tems, it’s my understanding that ISA-95,

as part of their regular review of the docu-

ment, is revisiting the architecture model,

with particular emphasis on Level 1 and

Level 0.

Another ISA standards body, ISA-112

SCADA Systems (www.isa.org/isa112), also

needed an architecture model on which to

base their work. The present version of this

model, which adds more granularity to the

ISA-95 model, is shown here.

When creating this model, ISA-112 delib-

erately chose to use letters to show the

different layers, in part to avoid confusion

Evolving network architecturesIIoT and cloud computing are changing our view of the venerable Purdue model.

By Ian Verhappen



with the Purdue model (shown for reference

on the side) but also to help the commit-

tee relate the physical equipment against

the function(s) that equipment needs

to perform.

In general, layers A through D will tend

to be at the remote site, which could be

anything from a single point and RTU to a

remote compressor or pump station com-

plete with its own “mini” control system

with wireless SCADA connections to asso-

ciated well pads, isolation valves or remote

storage facilities, thus making “site n” a

small SCADA system, or at least a data con-

centration site on its own.

Similarly, levels F and G identify the typical

SCADA components that reside on the cen-

tral SCADA server(s), typically in the main

control center. Alarms and Historian have

been identified as two typical databases

residing at this level, though as indicated by

the “database” box on the right, they’re by

no means the only ones; they are just the

ones that the committee believes require

particular attention since, from a SCADA

perspective, they will have some unique

External network

Enterprise network

Process information network

Control network

Applications

Communications servers

Wide-area network

Controller network

Local controllers

Field sensor networks

Field devices

K

J

I

H

G

F

E

D

C

B

A

Level 5*

Level 4

Level 3

Level 2

Level 1

Level 0

Purd

ue r

efer

ence

mod

el

Supe

rvis

ory

cont

rolle

rs

External applications

Enterprise network

DMZ/Process information network

Control room network

Backhaul networks

HMI Alarms HistorianDatabases

Drivers

SCADA ARCHITECTURE MODELIn this model by the ISA-112 SCADA Systems standards committee, letters are used to label layers to avoid potential conflict with ISA-95 and other similar models. Routers and firewalls between layers are not shown, nor are other system-specific servers, applications and workstations. Re-mote-hosted external applications (cloud) could be configured to attach to devices at any level with appropriate firewalls, tunneling and routing. * Note that although this shows a Purdue level 5, the true Purdue model only has levels 0 to 4 because it did not anticipate external applications.



constraints and items to be considered

when developing a system.

The other addition to the proposed

SCADA model is the concept of cloud

computing, presently shown as the “exter-

nal applications” cloud at the top. Though

a link is only shown to the databases at

the SCADA server, there is the poten-

tial to link to elements at any level, with,

of course, the appropriate cybersecu-

rity protocols.

Lastly, the red lines on either side of level J

are intended to show the clear demarcation

between the OT (SCADA related systems),

IT and public or external networks as a

reminder to pay particular attention to the

cyber requirements when crossing between

different layers and systems.

The virtualization of systems per Open

Process Automation Forum (OPAF), and

arguably IIoT, is changing control system

architectures once more, with the biggest

impact at the top (nonexistent Level 5 at

the top of the model) and again at Level

1, with basic regulatory control moving

closer to the process itself. Because more

functionality in these models will reside

in software versus the hardware-based

representation, the case can be made that

the function-based reference model will

become even more important since the

physical hardware could potentially be

flattened into fewer layers residing in the

cloud and a couple virtual machines for

the hardware above the sensor layer(s).

Early in 2019, we will continue the discus-

sion on how SCADA and control systems are

evolving by having a look at how LTE and 5G

are adding another dimension to the ways

future systems could potentially develop and

be even more tightly integrated with their

associated supply chains.

The virtualization of systems is changing control system architectures once more,

with the biggest impact at the top and again at Level 1.



NO NODES...LIKE OUR NODES.

The WAGO-I/O-SYSTEMThe System that Started the Modular I/O Revolution• Fieldbus independent – supports 16+ protocols• 500+ digital, analog and special function I/O modules• Compact – up to 16 DI or DO in just one 12 mm wide module• XTR Series for eXTReme temperature, shock and vibration• Add-on instruction library for RSLogix 5000® software

www.wago.us/IOsystem

RSLogix 5000® is a registered trademark of Rockwell Automation – no endorsement or affiliation implied.

No Nodes - Control - Print.indd 1 4/17/18 9:28 AM

http://www.wago.us/IOsystem

The well-known “building block”

metaphor may be slightly over-

used by now, but it’s never been

more true than illustrating how the Field-

Comm Group’s protocols and technologies

form the base of the two latest openness

and interoperability efforts in the process

industries. This is because the use of FDI,

FOUNDATION Fieldbus, WirelessHART

and HART can more easily provide long-

sought, often-stranded information from

field devices to systems across the enter-

prise, which is the ultimate goal of openness

and interoperability.

MEET OPAF AND NAMURA revolutionary approach to openness

is being developed by the Open Process

Automation Forum (OPAF, www.open-

group.org/open-process-automation). It

aims to develop an open, interoperable

“standard-of-standards” specification. In the

two years since it was launched, OPAF has

grown to 116 members, including end users,

system integrators, suppliers and sup-

porting organizations. Over the past year,

OPAF’s Business Working Group drafted

its 36-page “OPA Business Guide” (https://

publications.opengroup.org/g182) that

describes a value proposition and business

cases for open process automation (OPA).

During the same period, OPAF’s Techni-

cal Working Group developed the OPAF

Technical Reference Model (TRM), Part

1—Technical Architecture that defines

interfaces between devices, but doesn’t

dictate what’s in those products or inter-

fere with their intellectual property. The

TRM covers regular DCSs and supporting

Open systems unlock valueStandards deliver the interoperability promised by OPAF and NAMUR

By FieldComm Group



PLCs, HMIs, I/O and Ethernet-based net-

works, as well as advanced controls and

manufacturing execution systems (MES).

TRM is expected to deliver openness and

interoperability in three areas: On-Premise

OT Data Center with real-time advanced

computing (RTAC) and distributed con-

trol framework (DCF); OPA Connectivity

Framework (OCF), which is a real-time,

universal service bus like Ethernet using

an OPA-standard communication proto-

col like OPC UA; and Distributed Control

Nodes (DCN) that are configurable I/O

for input/output processing, regulatory

control, logic solving and application

hosting. If successful, OPAF’s architecture

will result in radically different con-

trol systems.

The second major openness effort,

NAMUR Open Architecture (NOA, www.

namur.net) is scheduled to be released

as an IEC standard in 2021-22. NOA

addresses openness as an evolution, that

is, without impacting what already works.

NOA is trying to maintain the benefits

of existing systems by layering NOA’s

monitoring and optimization (M+O) appli-

cations alongside existing field-level,

basic automation, MES and ERP levels.

NAMUR Open Architecture (NOA)M

onito

ring

and

optim

izat

ion

(M+O

)Central M+O

Further 4.0 use case

4.0 outVibration

Production networksimulation

Advanced analytics

Reliability center

Historian

Scheduling

Central HMI

Verification of request

Core process control

TC 4711 FC 4713

DCS/PLC

HMI

OPC-UAEngineering

Advancedprocess control

Alarmmanagement

4.0 devicemanagementDispatching

Plant-specific M+O

Production plant (4-20 MA / remote IO / fieldbus /wireless / Ethernet in the field)

Los-cost multi-sensor

Highly reliably IT infrastructure

Deterministic control system

App platform

Data directioncontrol

Openinterfaces

Proprietaryinterfaces

OPEN MONITORING AND OPTIMIZATION WITH NOANAMUR Open Architecture (NOA) provides Industrie 4.0 monitoring and optimization by using a reliable IT infrastructure in centrally located plant areas, that does not impact core-process and deterministic controls or proprietary interfaces. Source: NAMUR



These applications cover M+O functions

like dispatching, alarm management,

advanced process control (APC), and

Industrie 4.0 device management, and

essential M+O functions like advanced

analytics, historian, central HMI, produc-

tion network simulation, reliability center

and scheduling.

FIELDCOMM GROUP BASE FOR OPENNESS“FDI is the next step of device manage-

ment. It provides a unified description, and

allows for field communication standard

independent device management using

one tool. It separates device representation

from the underlying communication tech-

nology, and lays the groundwork for digital

twin representation of the devices,” says

Thoralf Schulz, board chair of the Field-

Comm Group and group vice president

of R&D and technology in the Industrial

Automation Control Technology division at

ABB. “Making these device models avail-

able through OPC UA makes the device

models available, not only to control sys-

tems, but also to further applications as

formulated by NAMUR and OPAF. Field-

Comm Group is working actively with the

OPC Foundation to make this a reality.

The currently ongoing work in standard-

ized semantic identifiers, as defined by

international standard IEX or exl@ss, will

further strengthen this. It enables not only

the data access, but makes it possible to

develop standardized applications.”

Peter Zornio, FieldComm Group board

member and CTO at Emerson Automation

Solutions, adds that, “FieldComm Group

technologies could and should play a major

role in enabling OPA and NOA solutions.

Regardless of whether OPA, NOA or other

open architectures are adopted, users aren’t

planning to replace their installed and oper-

ating field and measurement devices, such

as all the control valves running in their

facilities today. The vast majority of these

components are running some combination

of HART or FOUNDATION Fieldbus, and

that huge installed base isn’t going away.”

Zornio explains that whichever openness

strategy is employed—OPAF’s redefined,

orchestrated control architecture or

NAMUR’s added digital transformation

layer—both plan to build on the installed

base of existing devices. “No one’s talking

about ripping and replacing existing field

devices,” he says. “Openness and interop-

erability will be achieved using established

standards and easier connectivity.”

STANDARDS UNLOCK DATALukas Klausmann, senior marketing

manager for industrial communica-

tion at Endress+Hauser, agrees that the

FieldComm Group has spent years stan-

dardizing data in all kinds of field devices,

which paves the way for NAMUR and

OPAF efforts to also unlock data from

field devices in a standardized way.

“FieldComm Group enables suppliers



like Endress+Hauser to launch new tools

based on NOA that can cover a wide

range of installed bases, and turn data

into useful plant information,” he says.

For example, Endress+Hauser recently

launched an analytics app that shows a

dashboard of the installed devices in a

facility, and uses a new approach based

on work by FieldComm Group to stan-

dardize device data. “Endress+Hauser

Analytics app shows serial numbers,

tags, manufacturer names, product

code, and often asset type as well,” he

explains. “We’re also about to launch the

Endress+Hauser Health app that works

in accordance with NOA to immediately

display health status, performance history,

root cause and remedy in case of diag-

nostic events on mobile devices. Both of

these app tools are web-based, so dash-

boards can be displayed on tablet PCs

and smart phones.

“In the same way, NAMUR and OPAF are

seeking to increase device connectivity,

so more field data can make its way to

cloud services and mobile devices. All

these capabilities are made possible by

standardization, which makes sure each

On-premise OT data center(executing ISA 95 Level 2 and 3 functions)

Advanced computing platform

DCFApplication

Application

Application

DCFApplication

Application

Application

DCFApplication

Application

Enterprise IT data centers (executing ISA 95Level 4 functions)

Distributed control node (DCN) = DCP +DCFs

DCPDCF–Distributed control frameworkDCP–Distributed control platform

Business platformTransactional

computing platform

Business platform communicates through Apps running in a DCF, not directly to the OCF

Non-OPAFenvironments

External OT data center(executing ISA 95 Level 2

and 3 functions)

DCFs

External data centers may run DCFs connected to the OCF through a firewall

Standalone DCF environments may be used for tasks like offline engineering and simulation

Distributed control nodes(executing ISA 95Level 2 and 3 functions)

AI/AO/DI/DOtwisted pair

App

DCN

DCN

DCN

DCN

DCN

DCN

DCN

DCN

DCN

App

App

DCN

DCS PLC PLCDCSDCF

AnalyzerDCF

PLCDCF Machinery

monitorField

networksSafety

systemsElectricalsystems

Open Process Automation System (OPAS) Connectivity Framework (OCF)

DCNDCNApp

LegendNon-OPAS

conformantplatform

OPAScomponent

CONTROL, NETWORK AND I/O WITH OPAIn a typical process application with Open Process Automation (OPA) standard devices, OPA’s Technical Reference Model (TRM) includes On-Premise OT Data Center with real-time advanced computing (RTAC) platform and distributed control framework (DCF); OPA Connectivity Frame-work (OCF), which is a real-time, universal service bus like Ethernet running OPC UA; and Distrib-uted Control Nodes (DCN), which are configurable I/O for input/output processing, regulatory control, logic solving and application hosting. Source: OPAF



device shares its data in the same way.

FOUNDATION Fieldbus is standardized

on its H1 and High-Speed Ethernet pro-

tocols, as well as HART, and FieldComm

Group compliance-tests devices to help

ensure they can connect without issues

to provide field data. In the future, FDI

and OPC UA are going to have more stan-

dardized interfacing, which will make it

easier to connect and access field devices.

The potential here is huge because about

90% of Endress+Hauser field devices are

already equipped with a communication

protocol, such as HART, FOUNDATION

Fieldbus, Profibus/Profinet or EtherNet/

IP. Standardizing their data will mean that

ripping and replacing isn’t necessary.

FDI AND OPC UA TO THE RESCUEZornio adds that two FieldComm Group

technologies can enable any OPA and

NOA strategy. “FDI is a tool that can

configure any device as long as an FDI

package is provided. It helps integrate

existing and new field devices, which aids

everything from configuration to data

access and modeling. Meanwhile, Wire-

lessHART is key to fulfilling NAMUR’s

vision because it provides easy installation

for the incremental sensors that NAMUR

talks about adding on top of the controls

layer,” he says.

Schulz explains, “Existing HART and FOUN-

DATION Fieldbus installations make the

data from the devices available. FDI adds

the system and communication standard

that makes independent device manage-

ment a reality, and available to all HART

and FOUNDATION Fieldbus devices, as

well as to other protocols like Profibus

and Profinet. This is done without need-

ing to replace existing devices, but is still

expandable for advances in future devices.

Adding OPC-UA and a standardized device

representation, independent of the device

standards, provides standardized access,

and ensures that any advanced applications

and capabilities are equally deployable for

existing installations and newly evolved

installations. This ensures the interoperabil-

ity targeted by NAMUR and OPAF.”

FDI adds the system and communication standard that makes independent device management a reality, and available to all.



Scott Saunders, president and CEO of

Moore Industries-International, says,

“OPAF and NAMUR are attempting to

do at higher data exchange levels what

FieldComm Group technologies have been

doing for years at the sensor, device and

DCS levels, which are Layers 0, 1 and 2

of the ISA 95 control information hierar-

chy. FieldComm Group does a wonderful

job of promoting and endorsing open

industrial standards for measurement

and data exchange at Layers 0, 1 and 2.

OPA is the same concept, but it consists

of platform-agnostic data exchange and

analytics using open standards and off-

the-shelf software components.”

Saunders adds that FieldComm Group

can help interoperability initiatives like

OPA because its planned DCNs will serve

as gateways between Layers 0, 1 and 2

and higher levels. This is where contin-

ued support for its open technologies like

HART Internet Protocol (HART-IP), Wire-

lessHART, FOUNDATION Fieldbus and

FDI can be most beneficial. “The future

of process control and automation is big

data and analytics, but you can’t take

advantages of those without accessing

data from Layers 0, 1 and 2, and getting

it to the cloud and corporate wide area

networks,” explains Saunders. “OPAF has

already outlined a number of requirements

for its standards, and I understand that

HART is going to be part of OPAF’s physi-

cal platform requirements.”

Moore has been developing a gateway

that supports open protocols like HART-IP,

Modbus TCP/IP and HTTP via Ethernet,

which lets users take process data from

field devices and more easily make it avail-

able to higher-level control and information

systems. This HES HART-to-Ethernet gate-

way will communicate with up to 64 HART

field devices, and allow immediate access

to real-time HART variables and diagnostics

over Ethernet.

Zornio concludes, “FOUNDATION Fieldbus, HART,

WirelessHART and FDI are available today, but they’re

also set up to meet future needs. The best avenue for

field instruments and devices to achieve openness and

interoperability is FieldComm Group technologies.”



Call us at 1-800-463-9275

newark.com

Engineering ProductsDiscover Over a Million

from Suppliers You Know and Trust § 900+ new products added each week

§ Custom services such as kitting, panel meters,enclosures, and many more!

§Market-leading online community of over500,000 engineers

http://newark.com

For many people, the words “wire-

less” and “security” in the same

project remain incompatible. Yet,

as we continue to advance and gain confi-

dence in these new technologies, it’s likely

only a matter of time. As we know, safety

systems are based on the concept of inde-

pendent protection Layers (IPL). ISA-84,

which is responsible for development of

safety system standards, has taken the

first step by developing Technical Report

(TR) “ISA-TR84.00.08-2017, Guidance for

Application of Wireless Sensor Technol-

ogy to Non-SIS Independent Protection

Layers” (www.isa.org/store/isa-tr840008-

2017,-guidance-for-application-of-wire-

less-sensor-technology-to-non-sis-inde-

pendent-protection-layers/58724515) that

was published last year.

The report describes additional lifecycle con-

siderations that should be addressed when

wireless technology is used in an IPL where

the risk reduction claimed is less than or

equal to 10, which is similar to what’s claimed

by a basic process control system (BPCS).

The TR assumes that the risk analysis team

has already determined that the protection

layer, including the wireless sensor, network

and communications, meets the specificity

and independence criteria. The authority

having jurisdiction (typically the owner/oper-

ator or local regulatory authority), as part of

their layers of protection analysis (LOPA), can

assign a risk reduction factor of less than or

equal to 10 (non-SIS IPL) to wireless-based

systems, with the TR providing the guidance

and considerations for the use of wireless in

the process sector.

Wireless IPLISA-84 offers guidance for emerging for safety and security applications.

By Ian Verhappen



To assist in achieving the benefits of IPL,

the TR provides information on how to

establish a design that satisfies depend-

ability and auditability criteria. Those

considerations include:

• Mesh as well as point/multipoint systems

access the control system at Level 1 (I/O)

or Level 3 (process control), and are part

of the control network entering the con-

trol system on the same side of the DMZ.

Some organizations connect their wire-

less sensor networks through the DMZ,

in which case this TR would no longer

be valid without added analysis by the

owner/operator.

• Some means should be provided to auto-

matically detect and flag stale data at the

host end of the data path.

• A network manager and security manager

are necessary for each wireless system.

• The host interface should incorporate

diagnostic notifications (i.e. stale data,

low battery, loss of signal, unautho-

rized configuration changes and loss

of gateway connection) necessary to

monitor the basic health of the wireless

sensor network.

• IPL response time (IRT) including wire-

less sensor latency should include failure

detection and interference.

• Systems relying on a publication method

should be designed to respond in a fail-

safe manner whenever it’s determined

that data is stale.

• An operator response plan to wireless

notifications should include response

time and actions required to mitigate

safety issues. A critical scenario that

should be considered is the case of a

general failure of the wireless network

that results in complete loss of view to

an area.

• A revision management system should be

in place to keep devices and systems at

the proper revision and embedded soft-

ware levels. When changes are made to

application, embedded or utility software,

those changes should be reviewed to

identify any impact on the overall safety

availability or reliability of the equipment.

Additional guidance includes Table 3,

which shows a matrix of security threats

and countermeasures for wireless sensor

networks as well as two tiers of suggested

key performance indicators (KPIs) with five

high-priority and eight low-priority KPIs

intended to indicate the health of the system.

Due to the uncertainties of measurement and

communication timing inherent in wireless

technology, safety instrumented functions

(SIF) have been specifically been excluded

from the document. Though wireless isn’t yet

quite ready for safety systems, at least in the

process realm, it will likely only be a matter

of time. Applying wireless as an IPL is simply

step one in the process.



Every winter when ambient tempera-

tures sank into the teens (below -7

°C), the differential pressure (DP)

across the reactor became erratic. With

millions of dollars’ worth of relatively soft

precious-metal catalyst contained inside,

no one wanted to believe this reading

was for real. Both reactors’ DP showed

fluctuations—was the cold causing some

phenomenon in the reactor beds, or was

this just a measurement anomaly?

If you’re reading this column anywhere

north of the 40th parallel, chances are

you’ve already had enough winter to be

dreaming of tropical escapes. More cold

weather looms, and it will likely take its

toll on unprotected process equipment

and instrumentation. Putting practically

the entire process indoors is sometimes

a necessity, but even such enclosures are

subject to the extremes of the environment,

as is their supply of energy—it seems every-

one has a story about when the boilers all

went down in January. For those caught off

guard, thawing out a process plant in winter

is motivation enough to ensure it doesn’t

happen twice.

If you watch the videos on the Chemi-

cal Safety Board website (www.csb.gov/

videos/winterization-safety-message),

you can see examples where unforeseen

freeze-ups are not only a nuisance, but

also potentially deadly. As the instrument

or controls specialist, you may not be per-

sonally accountable for winterization of

the process vessels and piping, but frozen

instruments derail control schemes, and

errant indications can create distractions

The bus in winterHART and fieldbus offer ways to keep instruments honest when temperatures are low.

By john Rezabek



and unwarranted worry. You have a respon-

sibility to ensure they work equally well in

the extremes of the weather.

If accuracy or precision is important—for

example, a DP today of 2.1 versus a DP

of 2.0 last month is meaningful to those

watching and analyzing the process—con-

sider the raw effect of temperature on your

transmitters. If you’re employing a 20-year-

old transmitter, the effect might be more

than you think. Consider specifying ther-

mostatically controlled, electrically heated

boxes to maintain the transmitter sensor

and electronics at a fixed temperature of

±5-10 degrees. If you heat instrument boxes

with steam, you can obtain thermostats for

steam heaters—check with your favorite

instrument enclosure manufacturer. With

sensitive instrumentation, maintaining rel-

atively constant temperatures is an aid

to accuracy and repeatability as well as

freeze protection.

If you can use the digital HART signal or

employ WirelessHART or fieldbus, many

if not most devices provide a temperature

measurement as a secondary variable. If

these can be displayed on the DCS, opera-

tors can be encouraged to monitor them as

an early warning of failed tracing or impend-

ing freeze-ups. I’d refrain from creating any

alarms per se unless said alarms pass muster

with your site’s alarm philosophy. How you

bring them in is important—we’ve tried OPC

over the years and the reliability of servers

can diminish the credibility of the indications.

Bring in a status for these secondary mea-

surements as well.

Some extra clever devices have even more

capabilities that can whisper to us about

subtle changes, some of which can indi-

cate issues. You can purchase pressure

transmitters that monitor the (relatively)

high-frequency noise in the pressure signal.

With a little “training” and tuning—effort

that may only be justified for the most

critical measurements—the device can

distinguish between normal noise and

increasing or decreasing noise resulting

from one or both impulse lines freezing up.

The secondary temperature can only alert

us to a cold box, but the noise signal can

tell us when the tracing on the impulse lines

is failing.

If only the plant’s reactor DP transmitters

had such intelligence, the cause of erratic

readings in cold weather might have been

apparent. It was eventually revealed that

the long capillaries connecting each leg of

the DP transmitter to the remote seals used

a fill fluid that became extremely viscous

at low temperatures, causing a phase shift

between the unequal lengths of capillary.

A little insight could have saved the plant

manager some heartburn. Help your pro-

cess stakeholders listen to the subtle ways

instruments can get us through the winter

unscathed.



Jake and his assistant were search-

ing. The outbuilding had some

ambient monitors for oxygen and

carbon monoxide (CO), since it housed

the continuous emission monitoring

system (CEMS) for the nearby boiler. The

stack sample being analyzed was poten-

tially suffocating or otherwise lethal, so

sirens would sound locally and beacons

would flash, alerting any occupants that

they should leave and seek fresh air imme-

diately. Jake calibrated the monitors every

quarter, but a recent corporate audit rec-

ommended that this was insufficient if

the alarm did not also show in the control

house—a continuously attended location.

Soon, the operations manager entered

a work order to bring this alarm into

the house.

If your facility has been around for more

than a couple of decades, it’s not uncom-

mon that the 20% spares left in local panels

by the original builders have long ago

been consumed. Projects come through,

process specialists come up with other

points to monitor, and before long, local

junction boxes have every spare pair occu-

pied. In Jake’s case, the next nearest place

with a spare for a new alarm was in the

panel for the crude furnace preheater. This

panel accompanied the addition of the air

preheater decades ago, which was itself

installed many years after the original fur-

nace was constructed. Inside, it was still full

of relays wired for burner management and

the orderly startup of the preheater. When

Jake opened the panel, it was like a journey

back in time. A routine task got interesting

The brittle panelWhat’s it worth to be able to touch wiring without causing an incident?

By John Rezabek



when he tried to move some wires to check

if they were spares; a boring day became

exciting when the furnace unexpectedly

shut down.

No instrument specialist or operator

wants an exciting day. And so, it’s become

common that no one is eager to poke at

anything for fear that some unforeseen

interconnection will cause a process upset

or shutdown. Over years of operation, con-

tacts corrode, vibration loosens once-tight

terminations, and heat, cold, humidity and

time take their toll on every sensor and

logic solver. What had been shiny, tight and

certifiable decades ago is now a liability—

it’s “brittle.”

How do we deal with brittle? Should we

do nothing until months or years in the

future when the process is offline? What

if a vital measurement or interlock means

we must open and work in such scarily

fragile enclosures while the process is run-

ning profitably? Although we have cultures

where instrument and electrical—I&E—is

considered infrastructure (a perspective I

would argue is less than optimal), it remains

that the consequences of brittle or shabby

delivery of measurements and interlocks

have grave consequences for productiv-

ity—not to mention other priorities such as

safety and the environment.

If Jake had foreseen the impact of his

actions before opening the preheater panel,

what might he have done differently? 20/20

hindsight says, why wasn’t someone doing a

tug-test and retorqueing of all the terminals

in the panel during the last process outage?

Often the issue is, people you’d entrust with

such tasks are consumed with putting out

fires—attending to the hot issues of recent

memory. When production is profitable, the

business has little patience for downtime,

so “nice to do” preventive care is usu-

ally postponed.

Let’s try imagining what robustness—

the opposite of brittle—would be like.

Robustness would mean even when we

inadvertently trigger some otherwise spuri-

ous (false) signal, the control system/logic

solver doesn’t invoke a trip. But old relay

logic and skid-mounted PLCs don’t nor-

mally attempt to use even simple voting to

invoke a trip—mechanical equipment sup-

pliers and consultants would sooner protect

their liability than employ any cleverness

(or expense) to avoid a spurious trip, unless

specifically directed by the client.

Do your specifications address terminal

blocks? Some of us experience pushback

from electrical contractors when we sug-

gest spring-clamp terminals, but perhaps

this can be overcome with a little invest-

ment in tools and training. If our projects

endure for decades, this relatively mun-

dane choice of terminal blocks might be a

simple and effective bulwark against future

brittleness.



industrial networks - control global · isa-95/iec 62264 standard, on which the majority of control...

Documents