Rockwell Automation products on the ESD offshore oil platform system / PSD

Rockwell Automation products on the ESD offshore oil platform system / PSD

Abstract: This paper presents the application of Rockwell Automation products in the CACT sea oil ESD / PSD system.
Keywords: PLC ESD / PSD system

I. Preface

Offshore oil platform production operations have fewer operators, high level of automation capabilities. In the production process, the medium treated is often a high temperature and high pressure, flammable gas or liquid, and the particularity of offshore oil operations, if a problem occurs, marine escape land and sea rescue difficult than the production of much higher, issues of personal safety, equipment safety and environmental safety are even more prominent. When the system is abnormal working conditions, fast and reliable emergency stop device used to achieve the protection effect is even more important.

Second, an overview

Emergency Emergency Control System (ESD) Stop function (ESD) is in an accident or failure condition (including failure of the device control system and accident itself), so that production can be safely and closed down orderly and in a safe state, in order to prevent disaster occurs, that is, to prevent damage to production equipment and personnel and the impact on the environment and so on, so that the control system itself should be designed to follow the fail-safe principle, the system's hardware and software reliability are high.
Programmable logic controller (PLC) as an alternative to conventional first-order control of product relay control occurs, the system can change the resistance, the properties of repeated use (flexibility) is very strong, and its relatively high stability and time of life. In recent years, the speed of the system itself calculates PLC, analog processing capacity, and increased the development of related art HMI network functions such PLC systems has a broader application in the field of industrial control space.

Thirdly, the system is

The system controller selects Rocco Rockwell Automation PLC-5 PLC-5 / 40C series, by the warm standby mode BCM processor module, under normal circumstances, both processors run at the same time the main processor of the remote I / O and for read and write data in the updated intermediate data files by a high speed data channel (HSSL) transmitted from the processor. When the main processor takes the place of a remote processor I / O failed to immediately upgrade the main processor.

The configuration of a system operator station as an alarm registers, status indication, the operator station mounted configuration software and the HMI RSView32 Rockwell PLC RSLogix programming software 5. ControlNet PLC network via other redundant PLC and exchange of workstation / server data on the platform, consider the independence and security of the emergency shutdown system, the DH HMI + network connection directly to the CPU communicate with the processor. To save space, the operating station is mounted directly on the control panel, and connected to the printer via an RJ45 Ethernet network interface, for recording and recording alarm printing operation.

In addition, other equipment may affect the operation of the signal field system, the location of the system control cabinet designed for signal bypass of the local switch-off switch, when the field is used to signal instability or solve the mask signal, so that do not interrupt production, while in the system startup can be used to establish instrument air compressor to start and continue production.

To have more clearly a more intuitive understanding of the operation of the platform equipment, establish a rigid installed alarm system, all platform alarm at the top of a list of critical equipment, as well as a relatively high level of state of the equipment shutdown. With this alarm, the operating state can quickly know the operation of the operating system of the device and make the process of correlation.

In addition to switching off the production equipment control system, but also specially designed and broadcast system (PA), submarine well head control system (ECS), flame / fuel gas detection interface (FOGO / GAS). When the flame / fuel gas detection (FIRE / GAS) system detects a related request for d

connect and issue an alarm, closing the operation of the ESD system to make the appropriate levels according to the request, the relevant shut down the fire alarm system is generally higher than the level in the other Level of shutdown. When shut down the system or fire alarm system motion alarm triggered transmission system to alert people.
The structure of the system system is shown in the following figure:

Fourth, the features of the PLC product of the ESD system:

Hot standby system PLC-5 / 40C15 control system. The series of PLC and I / O modules are UL, CE safety certification and the United States, a number of sets to run stably mounted on various types of oil and gas production control system, security has been a operation for many years, which has the following characteristics:

PLC-5/40 processor supports the program ladder logic control, function flow programming programming sequence and structured text.

Embedded DH + programming interfaces are available, or the network composition of peer communications. Built-in remote I / O port can be controlled as much as 3 km, I / O.

Built-in RS-232/422/423 port can be used to program or display ASCII, instruction, data files for advanced processing instruction, sequencer, diagnostics, shift, input, output and program control instructions and the like immediately.

PLC5 / 40 main processor functions include multiple interrupt processor input, programmable timer interrupt and failure response, ambient temperature, 0 ° C - 60 ° C, can support RAM battery backup or EEPROM.

Without interrupting the connection when the I / O transducer module, with the wired module arm sent.

Between the I / O module the AC / DC sensors / actuators wide range of signal interface may be suitable for many applications.

Each I / O has LEDs that indicate input / output status for easy maintenance.

solid state output relay outputs already in fuses, circuit protection module.

Points on the module can be varied configured, the maximum point 32 can be configured to allow a user to obtain maximum flexibility.

.

Main functions of the operator station:

Maintenance of the PLC program.

Record and manage alarm data and provide relevant reports.

The imaging process shows the operation or shutdown status of each production facility.

Displays the system shutdown level and the operating status of the system itself.

Registration and first consultation and management of the first failed message;

Record and manage system operations and provide relevant reports.

The causal system causes dynamic FIG (Cause & Effect) causes the system to shut down and the correlation results at a glance.

Provide a full permission mechanism to ensure safe and reliable system operation.

In addition, Rockwell Automation provides emulator software to simulate 5 family PLC-5 processors. Such design and production to finish before arriving at the site, gives us factory testing and simulation of the system is running to provide good test conditions, success lay a good foundation for a system put into operation in the system.

Fifth, control and implementation logic

The ESD / PSD system is divided into pre-alarm and shutdown (shutdown process), an emergency shutdown (emergency shutdown) depending on the production environment, fire / gas leakage (FIRE / GAS ESD) and give the platform (ABANDONO PLATAFORMA) four Level of disconnection.

Consider the operation of the system security and production environments particularity, the control cabinet of the PLC is placed in the central control room, from the production site to the input signal of the alarm / shut-off switch to the PLC through a pressure of the electrical system; off of the signal from all field devices is output to the control panel the local pneumatic scene, which controls the supply of the pneumatic control disk circuit; off from the signal to the electrical device (such as compressors and pumps) is the output to the electric control room (MCC) by contact or as a dry start permission Directly control the control circuit of the electrical device.

To ensure reliable operation of the system, in full consideration of the principle of the whole system failsafe design, has the following main measures:

When the pressure is insufficient air instrument systems, the field of pressure switch signal becomes unstable, then the emergency shutdown system;

All input signals are set to live normal, trigger an alarm and safety-related actions when the fault line or pr

connection problems, eliminate the error due to signal problems caused by incoming line or cable caused accidents;

All output signals from the system are normally used open contact (normal load), the correlation output is triggered when the output line failure or the system itself fails, closing the control device corresponding to the output point.

PLC system reset I / O rack failure, when the PLC processor fails, remove all outputs to the control device off.

set alarms for open alarm, which may timely inform and alert the input operator when a system fault or the processing of the field or the PLC to the PLC for fault in the alarm line.

Based on the above, the entire power supply system problems, to ensure that all equipment can be turned off to a safe state.

In addition, the facilities to ensure system reliability are:

The system uses two-way UPS power supply power supply, in which, when failure mode, automatically switches to the other side.

24V DC 1605 power supply uses the A-B system redundant power company, in which, when a failure of one power component, automatically switch to the other, without affecting the normal operation of the system.

In addition to conventional alarm systems to make shutdown start the critical signal recording, shut down when the accident occurred accurate and timely understanding of the reasons to shut down and start the recording accuracy of approximately 25 ms.

Complete subroutine handling set of failures, the program runs when scanning or recoverable failure occurs at the time of running the recovery program does not affect normal production.

system hot standby processors each rack, power separation. From the master processor, the state of the module exchange backup data and synchronized communication, when processor power failure or processor failure itself, the processor will take over from the main processor and I / network control system S.

-