Research And Design Of Digital Output Module With High Safety And Availability

Petrochemical industry is the mainstay industry of the national economy.The production equipment of this industry is large in scale,complicated in process,and it is also accompanied by the features of high temperature and high pressure,inflammable and explosive.As the important equipment to improve the control system safety level of this industry,Safety Instrument System(SIS)is usually used to perform emergency shutdown functions,disaster mitigation measures,etc.With the improvement of the research and development level of domestic SIS products,developing a SIS system that meets the requirements of high safety integrity is no longer a tricky problem for those enterprises with high capabilities of research and development.However,ensuring high safety while also ensuring maximum availability is the key issue in the design of SIS products for the petrochemical industry.The digital output module(DO)is the key section of the SIS system for controlling the external outputs,and the research on its safety and availability is of great significance.This article focuses on the application requirements of functional safety technology and safety instrumented systems in the process industry.Based on literature research and the study of the IEC 61508 standard,this paper investigates the current research status of the system architecture,safety output technology,and safety modeling technology of safety instrumented systems at home and abroad.And the basic structure of the DO module,as well as the specifications and requirements of safety and availability,are also literally analyzed.Aiming at the problem of multi-objective quantitative analysis under the multiple impact factors,a modeling method combining reliability block diagram and Markov model is used to establish double-single,double-double,triple,and double-triple models.Subsequently,focusing on the application characteristics of the petrochemical industry,the Matlab simulation demonstrates that the double-triple architecture has a better overall performance in the condition of untimely maintenance.And the double-triple architecture was proposed as the optimal architecture for the safety DO module in this paper.Furthermore,a double-triple architecture based simulation is implemented for analyzing the impacts of different diagnostic coverage and maintenance time on the specifications.Accordingly,the design requirements of the DO module in this article are proposed.Further in this article,the DO module safety design implementations based on the double-triple architecture are described in details.According to the safety requirements of the output circuit,a short pulse based output state recheck diagnosis method,a CPLD diagnosis method along with a time window watchdog,and a load-independent loop current diagnosis method are proposed.Combined with the diagnosis controlled main switch circuit,these methods properly ensure the system to enter the safety status in fault conditions.Last but not least,through the FMEDA analysis of the output circuit,it is proved that the SFF of the module exceeds 99%.And through the calculation of the overall safety and availability index of the module,the double-triple architecture DO module proposed in this paper is proven to meet the average probability of dangerous failure(PFDavg)below 1E-4 within 10 years,the requirements of SIL3 level,and the availability rate reaching 99.99%,even though with untimely maintenance.In summary,the overall DO module meets the design requirements.