Welcoming safety over Ethernet to the field

14 February 2023

Ethernet-APL was developed to enable digital communication in process automation from the sensor to the control level. It has all the features required by a process automation network. A recent whitepaper argues that, to exploit the advantages of digitalisation, functionally safe automation should also be implemented utilising the same network architecture.

Figure 1: A possible Ethernet-APL architecture.
Figure 1: A possible Ethernet-APL architecture.

Process control and safety connection of file devices in the process industry has long relied on analogue 4-20mA technology. Even in new plants, in which fieldbuses are used for process control, safety infrastructure continues to rely on 4-20 mA technology, even though NAMUR has been advocating the use of integrated digital communication for years. 

Today, the safety infrastructure from the field device to the controller is built separately from the infrastructure required for process control. This is justified by the recommendations of the standards relevant to safety – such as IEC [2] and IEC 61511 [3], as well as the required reduction in complexity when planning and applying safety systems. A physical separation of both systems increases diversity and independence of hardware and software, which in turn increases availability. However, maintaining two independent technologies increases overall effort.

This status quo looks set to change with the introduction of Ethernet-APL which makes new network concepts available for process automation. The significantly in- creased bandwidth compared to previous fieldbus systems and the suitability for hazardous areas, zones 2/1/0 offer the possibility to establish uniform digital communication in the entire plant. 

The benefits of using Ethernet-APL include:

Applications up to SIL 3:
With its increased performance, Ethernet-APL enables safety data exchange. PROFIsafe is a solution that is widely used in factory automation. The existing requirements for safety applications are handled by such a safety technology, such as: 
Compliance with current requirements according to IEC61784-3[8]; Reaction times sufficient for the process, even with additional acyclic data exchange; Sufficient consistent data quantities for the control and interrogation of actuators and sensors.
Although safety can be used in combination with non-safety protocols, it is recommended that these be set up in physically separate networks for increased safety. 

An agreement on uniform safety communication when using Ethernet-APL offers the most economical solution for all parties involved – component manufacturers and plant operators. 

Increased measurement accuracy: The widespread application of modulating a HART signal to the 4-20 mA signal provides (non-safety) ac- cess to additional parameters and allows better maintenance concepts. Superimposing the HART signal influences the measurement signal and thus leads to reduced measurement accuracy.

With Ethernet-APL, measured process values can be transferred directly to the automation systems without loss of quality, since they are already available in digital form in the field devices. This provides additional measurement accuracy, available for optimised process control and increased safety. Transmission errors can be reliably detected and do not falsify the measurement result.

Increased flexibility: It is a common procedure to perform new HAZOP studies during the life cycle of a plant. Based on the HAZOP findings, it may be necessary to convert operational measuring points into safety measuring points. This currently means a conversion from digital to analogue interfaces. The described conversion does not only mean the physical exchange of the field devices necessary and a revision of the wiring level. The conversion also means that the optimization already implemented in the basic process control system by means of fieldbus technology is partly lost again. This disadvantage can be eliminated with Ethernet-APL as control measurements and safety measurements are based on the same communications technology.

A uniform design of future instrumentation with digital transmission would lead automation back to the original NAMUR approach, as with the introduction of the NE43 [9] signal as a transmission standard.

A new standard device, which is suitable for both operational automation and safety applications, is the basis for an integrated automation concept that can provide an answer to the increased requirements. The variety of devices and technologies in a production plant can be reduced. Diagnostics and maintenance information are available where they can achieve the greatest savings in a plant: with the PCS safety devices.

Optimised diagnostics: A uniform infrastructure for safety and non-safety applications offers the possibility of implementing the same diagnostic concepts for field devices, network technology and automation systems.

With the pure 4-20 mA signals currently used in safety applications, diagnostic information can only be transmitted via a failure signal. This leads to the activation of the affected channel of the safety function. With Ethernet-APL, a differentiated evaluation and reaction to alarms without loss of measured values would be possible. In addition, an evaluation of maintenance messages with the aim of reducing the testing effort can also be realised with Ethernet-APL, allowing for regular and comprehensive inspection of the devices while the system is running.

For self-monitoring and diagnosis of field devices, it is recommended to use NE 107 [10] as a basis. The diagnostic data of this field device generation should be uniformly evaluated independent of the field device manufacturer. NE 131 [11] must also be followed and may have to be extended in this context.

More efficient maintainability: The process industry has been striving to increase the use of automation for many years. However, this increase leads to an overall increase in complexity, both for the network and in the functional and operating requirements of the field devices. At the same time, the industry is struggling with a growing shortage of skilled workers in maintenance units. For predictive maintenance, the transmission of digital additional information to the actual measurement signal is helpful. Support for the requirements of NE 107 has already been mentioned. In addition, extended production runtimes of plants are made possible, since many tests can be performed without interruption during operation.

Efficient maintainability should include simple device management. Based on application profiles, devices can be replaced in the event of a fault without additional engineering. In addition to simplified device management, a uniform infrastructure also helps to reduce the effort required for maintenance and servicing.

Uniform infrastructure: Plant operators expect the possibility of a uniform infrastructure with almost identical field devices, both for process control and for safety applications. Two separate field communication technologies should be a thing of the past. For this reason, plant operators can expect an applicable solution for safety communication via Ethernet-APL that should be provided from the very beginning.

High availability: Although Ethernet was not originally developed for the industrial environment, it has proven its robustness during testing and has been in daily use for many years. Ethernet-APL was developed from the outset for the industrial environment. This means that at least as much robustness can be expected.

The flexibility when implementing Ethernet architecture contributes significantly to the availability of a system. This means that previously common star topologies can be selected where the failure of individual devices has no effect on the overall system. Alternatively, it is possible to construct ring topologies which often require less complex cabling, while providing a high level of protection for plant operations from negative of repercussions if one component fails.

Ethernet-APL future proof: The introduction of Ethernet technology into automation and Ethernet-APL extending the same communication to the field within process plants, enables users to leverage all economic advantages of Ethernet everywhere. For example, only one type of infrastructure needs to be maintained and the number of costly point- to-point transmissions can be reduced. This is also guaranteed by high performance and high bandwidth.

Ethernet-APL constitutes a manufacturer-independent, open and expandable technology, which is based on IEEE and IEC standards and backed by major user organisations. This ensures the continuous further development and future-proofing of Ethernet-APL. For this reason, it can be expected that the number of available Ethernet-APL devices will also increase continuously. It is thus only logical to use these advantages for safety applications as well.

Simple device replacement and monitoring: In case of a device exchange it is possible to parameterise it completely digitally – for example, the setting of measuring spans for the analogue measured value is no longer required. It is also possible to automatically detect field devices on the network, generate alarms if devices are used which are not intended for this measurement loop, or if devices are in simulation mode.

Flexible planning and reduced commissioning effort: Experience in existing fieldbus systems with a separate field communication technology and infrastructure for process control (fieldbus) and safety applications (4-20 mA) shows a considerable additional expenditure due to the double planning, maintenance and stock-keeping. It should be noted that these technologies no longer meet the requirements of modern automation solutions, while at the same time causing increased expenditure.

Ethernet-APL technology creates a uniform technological basis for safety and non-safety systems. This significantly simplifies and accelerates the activities associated with planning and commissioning because both, the field component itself and the experience gained from the non-safety infrastructure can be adopted identically for the safety systems.

Application challenges
The field devices should be provided with write protection to prevent accidental or intentional manipulation of the parameters. Ideally, the device should have hardware and software write protection selectable. Acyclic diagnostic queries must be differentiated between pure diagnostics (without influencing the safety function) and test routines (with influence on safety function, e.g. brief freezing of the measured value, slight variation of the signals). Pure diagnostic functionalities should also be available with activated write protection, whereas test routines require deactivation of the write protection.

Because plants have a longer useful lifetime, when compared with field devices, field devices are likely to be replaced during the life cycle of the plant. This can be an exchange with similar devices of a new generation. These devices must operate with parameterisation that is compatible to the previous version. Users may wish or have the need to utilise different measurement methods or manufacturers. Ideally, similar devices can be used in distributed control system (DCS) and safety loop. This makes conversion from DCS to SIS simple. 

The widespread use of Ethernet-APL field devices in both, operational and safety applications, requires that all common measuring principles are available with this technology. These include pressure, temperature, level and flow. To justify the investment in the Ethernet-APL infrastructure, at least 80-90% of the field de- vices in a plant must be connected via Ethernet-APL.

Furthermore, the components must be developed and certified according to IEC 61508 for use in a safety application.

For a high acceptance of the solution on the market it is essential that it is easy to handle. Past experience has shown that a reduction in complexity leads to success and acceptance of new technologies.

Accompanying training opportunities for employees and additional information material (such as installation guidelines) are indispensable when new technologies are introduced. Appropriate commissioning and diagnostic tools facilitate handling of the new technology and thus contribute to increase in acceptance.

Ethernet-APL offers the potential of unifying the infrastructure of safety and non-safety. This is made possible while maintaining full physical separation of safety and process control networks and thus maximum availability and safety. And this is done consistently throughout the entire plant with full transparency of the data over the entire life cycle of the plant. In this way, future solutions in process automation can be created that enable minimum complexity with maximum cost-effectiveness.

A prerequisite for this is that users select Ethernet-APL as the infrastructure of choice across the board for integrating field devices in the plants and that the necessary portfolio for safety applications is also available.

This will arise when the described solution concept is adopted as an industry standard in process automation. A strong support for this would be a NAMUR recommendation, which must be developed afterwards.

Contact Details and Archive...

Print this page | E-mail this page