Economics of Fault-Tolerant Fieldbus Wiring
Careful and clever analysis of fieldbus segments can yield fault tolerance where it's needed most without adding hardware costs over less effective strategies.
Mike O'Neill, MooreHawke -- Control Engineering, 11/1/2008
It's ironic: Network cables in a safe and well-managed control room environment are almost always made redundant, whereas field cables exposed to the harsh and sometimes corrosive environment of a modern industrial plant have to fend for themselves. Of course, if those field cables carry simple point-to-point communications such as 4-20 mA, then redundancy isn't really a concern in general, and specific devices can be duplicated as required. However, now that the lowest fieldbus physical layer carries data from up to 32 devices, the vulnerability of that cable can constitute a reliability issue, particularly if those devices are safety-related or process-critical. Conventional Foundation Fieldbus (FF) segment design does not lend itself to any version of fault-
|
| Duplex wiring is typically the "conventional" approach but does not offer nearly the protection of fault-tolerant wiring. Data on cable failures in industrial environments used for MTBF calculations comes from "Reliability, Maintainability and Risk" 7th Edition, Dr. David J. Smith |
tolerance except through complete and wholesale duplication. In a fieldbus context, that duplication brings with it special software requirements to implement one-out-of-two and two-out-of-three voting schemes and special measures required for safe maintenance, device replacement, etc.
In late 2007, MooreHawke Fieldbus released a new fault-tolerant segment design that permits a far higher segment MTBF (mean time between failure) than conventional designs without any special software in the DCS and for only the additional cost of an extra trunk cable. Working with a major DCS provider and a large oil & gas end user, this package was installed on a set of platforms in the South China Sea simply to mitigate the huge financial risk associated with loss of control. The question is, does this increase in availability really make a significant difference to the economics of a general fieldbus installation?
The answer is not a simple yes or no, because a fault-tolerant system allows a user to make permutations that match the desire for high plant availability against budget restrictions for the systems hardware. These available permutations (simplex vs. duplex vs. fault-tolerant) were simply not possible in previous fieldbus physical layer products.
A hypothetical example
Let's base an analysis on a hypothetical plant with 120 segments, or about 1440 fieldbus instruments, such as flow transmitters, valve controllers, etc. We should divide these into groups based on how many segments are related to control of the plant, and how many are simple monitoring. Let's say that 80 segments are monitoring-only and 40 segments have control. Of the 40 control segments, let's say that 12 segments have loops which are process-critical — failure in any of those segments would cause immediate plant shut-down or scrap product.
| Total segments | 120 |
| Monitoring only | 80 |
| Control related | 28 |
| Critical control | 12 |
Let's assume the following prices for fieldbus equipment. (Current MooreHawke prices are quoted, but these are comparable with similar systems from other suppliers.)
| $390 | Power Conditioner |
| $240 | Carrier, 4-segment, simplex |
| $320 | Carrier, 4-segment, duplex |
| $280 | Carrier, 4-segment, fault-tolerant |
| $450 | Diagnostics module, standard |
| $350 | TrunkGuard coupler, 12-spur |
| $700 | TrunkSafe coupler, 12-spur |
| $500 | Trunk cable |
We can now start to compare costs between the conventional design and the new approach.
| 30x | $320 | Carriers, 4-segment, duplex (1 per 4 segments) |
| 240x | $390 | Power conditioners (2 per segment) |
| 30x | $450 | Diagnostics module, standard (1 per 4 segments) |
| 120x | $350 | TrunkGuard coupler, 12-spur (1 per segment) |
| 120x | $500 | Trunk cable (1 per segment) |
| Total (conventional) | $218,700 | |
This approach for 120 segments uses 240 power conditioners (see graphic) with two on each segment following a common practice. While this is reasonable for some segments, it can be considered overkill for those that are performing only non-critical monitoring functions, particularly given the cost of each unit. At the same time, it does not offer the same level of availability for critical control loops as the fault-tolerant approach. The new thinking is, use duplex power conditioners only where they are truly necessary.
New optimized approach
The new approach optimizes hardware application in a way that uses duplication and fault-tolerant capabilities where they are most needed, which can reduce the overall cost of hardware depending on process requirements.
| 20x | $240 | Carrier, 4-segment, simplex (1 per 4 segments) |
| 80x | $390 | Power conditioner (1 per segment) |
| 20x | $450 | Diagnostics module, standard (1 per 4 segments) |
| 80x | $350 | TrunkGuard coupler, 12-spur (1 per segment) |
| 80x | $500 | Trunk cable (1 per segment) |
| 28 conventional (duplex) segments: | ||
| 7x | $320 | Carrier, 4-segment, duplex (1 per 4 segments) |
| 56x | $390 | Power conditioner (2 per segment) |
| 7x | $450 | Diagnostics module, standard (1 per 4 segments) |
| 28x | $350 | TrunkGuard coupler, 12-spur (1 per segment) |
| 28x | $500 | Trunk cable (1 per segment) |
| 12 fault-tolerant segments: | ||
| 6x | $280 | Carrier, 4-segment, fault-tolerant (2 per 4 segments) |
| 24x | $390 | Power conditioner (2 per segment) |
| 6x | $450 | Diagnostics module, standard (2 per 4 segments) |
| 12x | $700 | TrunkSafe coupler, 12-spur (1 per segment) |
| 24x | $500 | Trunk cable (2 per segment) |
| Total (new approach) | $198,170 | |
The conventional approach for 120 segments takes 240 power conditioners. The new approach allows savings for the 80 monitoring-only (simplex) segments as these have only one power conditioner. (Of course, the conventional system could also fit single power conditioners, but since they have duplex carriers, two power conditioners are frequently fitted as a matter of routine.)
|
| Simplex wiring is adequate for non-critical monitoring segments. It eliminates the second power conditioner, but doesn't reduce MTBF all that drastically. |
The duplex segments have dual power conditioners, and the fault-tolerant segments also have two power conditioners but they are physically separated onto different carriers and connected to the field through two cables. In total, the new approach has 160 power conditioners rather than 240.
The net result is that this new approach leads to somewhat lower costs, even when allowing for the additional trunk cable used in the fault-tolerant segment layouts. The savings may be greater still. Many end-user specifications restrict process-critical segments (commonly defined as “level 1 criticality”) to having just one valve and one transmitter in that segment. It seems ridiculous to install a fieldbus segment with just two devices, but in the conventional single-trunk configuration, that is deemed necessary to minimize the risk of accidental plant shutdown
|
| Adding fault-tolerant wiring is more expensive, but the increase in availability is huge. When used for process-critical segments, the cost justification is clear. |
Failure analysis
Since we are comparing a conventional fieldbus physical layer with a fault-tolerant physical layer, we can effectively ignore all other sources of plant stoppage (blocked lines, primary power outage, pump seal failure, etc.) in this analysis. We are concerned only with the cost incurred if a fieldbus power conditioner or segment cable fails.
Let's assume that a spurious trip in a plant of this size costs $250,000. The spurious trip rate of a standard fieldbus system is estimated as once every 5 years, and the spurious trip rate resulting from a failure in the fault-tolerant fieldbus system is estimated once every 25 years (we can demonstrate that the fault-tolerant design generates a 10-fold improvement in segment MTBF, so assuming only a five-fold improvement is conservative).
The annual cost of spurious trips for the conventional plant is $250,000 / 5 years = $50,000 / year. The annual cost for a fault-tolerant plant is $250,000 / 25 years = $10,000 / year. The potential benefit is therefore $40,000 / year.
Another analysis concerns the cost benefit over the investment lifecycle of any plant, which modern technology has reduced to something like 10 years. In this case, the fault-tolerant system represents a CAPEX saving ($218,700 - 198,170 = $20,530) which generates $33,441 at, say, 5% for 10 years.
| CAPEX return: | $33,441 (savings in capital expense) |
| OPEX return: | $400,000 (savings in spurious trips) |
| Total: | $433,441 (additional “free” income over 10 years) |
This is, of course, a very simplified argument. I am no accountant, so all the assumptions should be re-interpreted by your financial and operations managers. For example, there is no break-out of system design time, maintenance, repairs, spare parts, etc. However, the fault-tolerant system discussed here does not demand any specialized attention over the standard system, nor does it require any additional design and service costs. No special software is required, and the same power conditioner is used throughout.
The only difference is that the fault-tolerant segments should be tested once a year, typically by unplugging one of the power conditioners or its cable, to demonstrate that the segment and associated process continues to operate even with one failure. This testing helps justify the low probability of failure on demand claimed for the fault-tolerant segments.
It seems very clear that this new approach to segment design does not necessarily increase costs over a conventional design. On the contrary, when the concept is properly applied, it actually costs less. The resulting improvement in real plant availability creates still greater benefit for the plant operator, and the positive cash flow generated is both dramatic and undisputable. Prospective fieldbus users now have further evidence that Foundation Fieldbus technology can be an advantage for their plant and their management, and the uptake rate may increase further, across the landscape of industrial networking & process control.
View All Webcasts
