Regardless of the process, downtime always means a loss of productivity for a process application. Unplanned downtimes, whether due to component failure or human error, are the most costly ones.
Consequently, fault tolerant systems were developed to reduce the occurrence of one of the root causes of unplanned downtime – component failure. When it comes to discrete and process control, controller and power supply redundancy are the first keystones that come to mind to achieve a highly available architecture, along with other components such as networking and server redundancy. Originally costly and complex to engineer, controller and power supply redundancy are increasingly becoming a commodity, with more and more PLC vendors now offering these features natively embedded in their products. Selecting the most appropriate vendor for any given application can be quite tricky as offers look remarkably similar on the surface.
One common and easy-to-use selection criteria is the overall system’s availability rate. Typically expressing this criteria as a percentage (i.e. “99.9967%”) makes it easier to compare the different solutions as engineers, especially, tend to rationalize everything down to equations and numbers in order to make the “right” choice. However, the catch is not to forget what lies behind this number, namely other factors which are key to truly maintaining the availability of a process system.
One such factor that should be taken into account is the “MTBF” (Mean Time Between Failures) of each component. A shortcut often utilized by system integrators, or in certain project specifications, to avoid complex availability calculations is to compare the MTBF of CPUs from different vendors in order to see which would be the best option. This is a mistake. First of all, application availability rates depend on every single product used, so a CPU MTBF of close to one million hours – as some vendors advertise – is useless if its power supply only has an MTBF of 200,000 hours.
Secondly, MTBF and availability are linked, though not directly. Consider this scenario: A candle has an infinite MTBF (when lit, and without any external factors, it is impossible for it to fail by itself). However, the availability of light from the candle may only be around a dozen minutes, depending on its size. This illustrates a situation in which even high MTBF products might not lead to high availability of the process.
This brings me to my second point: Each component has an operating lifetime, completely unrelated to the MTBF value, and once it reaches its useful life, it will enter a wear out period where its failure rate (λ) will grow exponentially, decreasing the availability of the entire system. In other words, the availability rate is a time dependant percentage, so even though a process might have a theoretical availability of 99.999% (equivalent to five minutes of downtime per year) at commissioning, it can fall under 99.990% (equivalent to 50 minutes of downtime per year) after a couple of years of operation.
As such, lighting two candles at the same time is actually useless when trying to achieve highly available systems in the long run. Even if they are technically “redundant” (i.e. if one fails, the second will still be able to provide light), they have nearly identical lifetimes so that by the time the first one reaches its end of life, the second won’t be able to provide light for much longer. In this case, if maintenance isn’t on the ball, darkness will fall… and we all know that maintenance is under constant pressure to reduce costs.
So what then is the solution? In our candle scenario, one option is to light just one candle, and as it nears its end of life or fails, to light the second one. The only problem is that we don’t want to have someone watching over the first candle all day long, so we need smart ones.
Some automation vendors are now innovating with new in-rack intelligent power supplies for their automation controller ranges. These controllers, as well as their related remote I/O drops, are equipped with in-rack redundant power supplies, but instead of sharing the current load of the racks and wearing down simultaneously (like our two candles), only one actively delivers current at a time. The second redundant power supply just monitors, ready to provide power if the first one fails.
On top of that, both supplies are smart and can calculate and communicate their remaining lifetimes (as well as numerous other parameters), making the process aware of when it’s time to replace them. Proactively. Before they fail.
These unique features make maintenance predictive rather than reactive, and this can drastically reduce maintenance costs within a highly available process application.
Embracing this new kind of PLC offer will certainly help prevent your processes from slipping into the darkness of unplanned downtime…