Rules and Guidelines
Want to participate in the discussions? Please read our Community Rules and Guidelines. Need some help? Visit Support and Answers.

  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 13 subscribers
  • Views 1284 views
  • Users 0 members are here
Options
You may also be interested in
This discussion is locked.
You cannot post a reply to this discussion. If you have a question start a new discussion

Is it a machine or a system?

Paul Roman
Good afternoon


I am looking for someone who can help advise regarding an installation of materials handling equipment.  Within the installation you have numerous conveyors, automated cranes, robots cells as an example. Each having a control panel which would isolate that individual item.  The question I have is when you take each of these 'machines' so various conveyors and automated cranes aand they are interconnected can you still treat them as individual machines, thus the electrical design falls under the machinery directive, or do you treat it as a distributed systen and therefore it would be classed as a system and perhaps therefore meet different criteria for electrical design.


I am trying to ensure that our designs which are designed within mainland Europe under the machinery directive meet the requirments as an installation in the UK, where some are looking at it as a distibuted system and therefore applying 17th addition for example.


Any help greatly appreciated.


Paul.
Parents
  • 0
    Paul,


    The scope of the question you have raised is quite wide, and I may have misunderstood what you mean by "distributed system".


    This a summary of my approach and understanding... 


    Being from a control and automation background I would tend to always use the term distributed control system (DCS). This will normally be a highly complex networked and distributed computer control and automation system that could be running in continuous or batch mode or both. Even if the wider system has multiple parallel production streams, each with an identical distributed control system, there will still normally be just one upper level supervisory [database] system interfacing with an internet based ordering system or other higher level business management tasking and production scheduling system. In the final analysis there is one big distributed control system. The term SCADA (Supervisory Control and Data Acquisition) is often used for smaller systems in this class. 


    These are generally very complex control systems, classed as safety related systems at best. As such they cannot be directly relied on to guarantee operator or maintenance staff safety. If a crane moving in a crane isle is fitted with a sensor to detect obstacles, including a person in its path, then this safety system should operate completely independent of the main distributed control system, including its failure modes. There is no need to distribute the safety function because the crane motor, braking system and obstacle detection system are located in the same device. 


    The safety systems (including hardware interlocks emergency stop isolation etc) are simple systems that provide the physical constraints to what the DCS can do. They are normally defined independently of the DCS, so that difficult to resolve questions in regard to operating context don't apply. [Context is more relevant to active safety systems required for aircraft fly by wire systems (keep going best endeavor until you land), rather than passive fail-safe systems that generally apply in manufacturing facilities or automated warehouses.]


    Similar ideas can apply to layered cyber security protections as well. For example, if there are hardware settings which if altered maliciously or otherwise could lead to the damage of hardware and thus significant cost and downtime, then I think consideration should be made to fully partitioning these hardware limits/constraints to make them independent of changes/bugs/failures to the DCS control space.


    James


Reply
  • 0
    Paul,


    The scope of the question you have raised is quite wide, and I may have misunderstood what you mean by "distributed system".


    This a summary of my approach and understanding... 


    Being from a control and automation background I would tend to always use the term distributed control system (DCS). This will normally be a highly complex networked and distributed computer control and automation system that could be running in continuous or batch mode or both. Even if the wider system has multiple parallel production streams, each with an identical distributed control system, there will still normally be just one upper level supervisory [database] system interfacing with an internet based ordering system or other higher level business management tasking and production scheduling system. In the final analysis there is one big distributed control system. The term SCADA (Supervisory Control and Data Acquisition) is often used for smaller systems in this class. 


    These are generally very complex control systems, classed as safety related systems at best. As such they cannot be directly relied on to guarantee operator or maintenance staff safety. If a crane moving in a crane isle is fitted with a sensor to detect obstacles, including a person in its path, then this safety system should operate completely independent of the main distributed control system, including its failure modes. There is no need to distribute the safety function because the crane motor, braking system and obstacle detection system are located in the same device. 


    The safety systems (including hardware interlocks emergency stop isolation etc) are simple systems that provide the physical constraints to what the DCS can do. They are normally defined independently of the DCS, so that difficult to resolve questions in regard to operating context don't apply. [Context is more relevant to active safety systems required for aircraft fly by wire systems (keep going best endeavor until you land), rather than passive fail-safe systems that generally apply in manufacturing facilities or automated warehouses.]


    Similar ideas can apply to layered cyber security protections as well. For example, if there are hardware settings which if altered maliciously or otherwise could lead to the damage of hardware and thus significant cost and downtime, then I think consideration should be made to fully partitioning these hardware limits/constraints to make them independent of changes/bugs/failures to the DCS control space.


    James


Children
No Data

Join us to get the best from IET EngX.

Joining EngX lets you personalise your experience so you stay up to date on the topics that interest you, plus you’ll be able to make connections who are looking to collaborate, exchange ideas and more.

Join us Not now

Community Rules & Guidelines