In light of a recent conversion between experts from HIMA and TÜV, we have been analyzing the companies’ historical partnership, picking apart key moments in the development of functional safety and its relevant standards. Now, we tackle an ongoing debate which has been a major talking point among many plant operators: hardwire or software?
Reduced to the Max
A modern safety PLC is likely the most capable and cost-efficient way of managing increasingly complex automation systems and control networks. Not only do they assure safety via a single controller; they present a fast track for compliance with functional safety standards, massively reduce the likelihood of human error, and are fully scalable for simple upgrades. Without the need for safety relays – the physical device that implements safety functions – operators can save time and money by cutting out complicated field wiring.
However, key selection criteria needs to be considered before jumping at a shiny, new safety PLC. For example, in the IoT-era, software needs to fortify networks against the risk of potentially devastating cyberattacks. This could mean that internal safety stakeholders require lengthy training to manage the new system.
Why, then, has this shift even taken place?
A Simple Case of “Out with the Old in with the New”?
It may come as no surprise that the main advantage of hard-wired safety controls is simplicity. They are also – more often than not – familiar to most operating personnel. HIMA continues to provide, and operators continue to use hard-wired safety technology because all necessary safety instrumented functions are streamlined in a proven device. Additionally, the technology requires very little space and can be installed easily. Take the Planar4, for example. This safety controller is housed in a 19-inch rack. All of its modules can be redundantly structured to increase plant availability.
On the other hand, wiring makes system modifications a challenge and a larger portion of time is allocated to upgrading a hard-wired safety controller. There are far more motors, switches, and other control devices that need to be considered. Each device may require a relay that is wired individually, creating potential troubleshooting issues as technicians attempt to identify and repair faults or issues with just a multimeter at their disposal.
Therefore, it could be that many end-users continue to use this technology purely because it is what they are used to. They could also be unaware of the reliability and cost advantages of a tailored safety PLC. The most likely reasons for safety purism, in this sense, are because the logic only serves to secure a limited number of safety functions – or because operators are wary of the cyber risks involved with deploying the new technology.
TÜV: Safety is Shifting Towards Software
When it came to securing industrial plants, cybersecurity used to be simply a concern of physical access control. But given the ongoing trend of automation, it has become a properly tiered overall concept with systematic threat analysis.
While the concept of functional safety – i.e. error prevention – has hardly changed, this rapid development of technology presents new hurdles for stakeholders. That includes end-users, product suppliers, and even certification bodies like TÜV Rheinland – with whom HIMA has enjoyed
Heinz Gall is a functional safety and cybersecurity expert who, until recently, was employed at TÜV Rheinland. Having worked at the certification body since the 1980s, he is well positioned to comment on the evolution of safety technology. For Gall, increasing plant interconnectivity and the networking capabilities of today’s systems are key drivers for proactive cybersecurity.
“Under no circumstances should one make things more complex than necessary. The same applies to functional safety,” says Gall. The basic requirements to bring a plant to a safe state have remained the same. But Gall did add that: “the use of more software also leads to increased error possibilities.” The introduction of IEC 61508 Edition 2 was the reaction to this.
Solutions are now in place to turn all the data acquired by field device software into real-time diagnostics, meaning vulnerabilities can be spotted before they turn into a risk. Only through deploying networked safety PLCs is this possible.
Unfortunately, however, there is no single winner in the hardwire vs. software debate. While it does seem that hard-wired system limitations can be solved by deploying a modern safety PLC – the story doesn’t end there.
If you have any questions regarding system selection – whether designing a plant or planning an upgrade of an existing SIS – HIMA’s team of experts are on hand to assist your decision-making.