P
We have SIL-3 certified Honeywell Safety Manager installed at site. A total of 6 each SMs are installed in redundant configuration i.e on controller as well as I/O levels. Since commissioning we have been facing frequent I/O module failures.
As a part of investigation, we have observed following few discrepancies in the system configuration and like to have your advice on the same.
We have checked the DC voltages (+/ -) w.r.t to ground and found floating voltages as below for each SM controller cabinet;<pre>
SM1:
Postitive Terminal with ref to Gnd 10 VDC
Negative Terminal with ref to Gnd 14.5VDC
SM 2:
Postitive Terminal with ref to Gnd 1.1VDC
Negative Terminal with ref to Gnd 23.4VDC
SM 3:
Postitive Terminal with ref to Gnd 7.45VDC
Negative Terminal with ref to Gnd 16.8VDC
SM 4:
Postitive Terminal with ref to Gnd 24.5VDC
Negative Terminal with ref to Gnd 0VDC</pre>
2.If this is the root cause, we need some solution & actions that need to follow to resolve this matter.
3.We have also found that in few controllers configuration CP becomes halt whenever any digital output alarm appear, but in other units, repair timer starts and CP remains running which is desirable case. How can we change such configuration to ensure system availability?
4.As a part of configuration, on failure of one digital output card (redundant), complete series of cards related to that particular CP went into bad state until we restore the card fault. Can we change this configuration in which rest of cards (redundant) should be available with CP running? Rather shutting down of whole configuration to non-redundant.
Would highly appreciate your response on this.
Thanks & regards
As a part of investigation, we have observed following few discrepancies in the system configuration and like to have your advice on the same.
We have checked the DC voltages (+/ -) w.r.t to ground and found floating voltages as below for each SM controller cabinet;<pre>
SM1:
Postitive Terminal with ref to Gnd 10 VDC
Negative Terminal with ref to Gnd 14.5VDC
SM 2:
Postitive Terminal with ref to Gnd 1.1VDC
Negative Terminal with ref to Gnd 23.4VDC
SM 3:
Postitive Terminal with ref to Gnd 7.45VDC
Negative Terminal with ref to Gnd 16.8VDC
SM 4:
Postitive Terminal with ref to Gnd 24.5VDC
Negative Terminal with ref to Gnd 0VDC</pre>
2.If this is the root cause, we need some solution & actions that need to follow to resolve this matter.
3.We have also found that in few controllers configuration CP becomes halt whenever any digital output alarm appear, but in other units, repair timer starts and CP remains running which is desirable case. How can we change such configuration to ensure system availability?
4.As a part of configuration, on failure of one digital output card (redundant), complete series of cards related to that particular CP went into bad state until we restore the card fault. Can we change this configuration in which rest of cards (redundant) should be available with CP running? Rather shutting down of whole configuration to non-redundant.
Would highly appreciate your response on this.
Thanks & regards