Letters to the Editor – 2009-03-01 – 2009-03-01

Readers sound off on relays and PLCs; water and waste water redundancies

By Plant Engineering Staff March 1, 2009

Relays vs. PLCs in safety systems

I can’t believe what I just read in your magazine “Selecting safety system designs” by Charles M. Fialkowski (January 2009 AppliedAutomation ).

Please allow me to take issue with the preposterous theory that relay based controls are safer and more reliable than PLC based systems as follows:

Charles states: “While PLCs did offer many advantages for many different applications, most were not suited for safety due to their failure mode characteristics, as they have a much higher degree of failing dangerously as compared to a relay (Fig 2).”

Old fashion coil-type relays are:

  • Unreliable compared to solid-state relays

  • Slow to react compared to solid-state relays

  • Create electronic noise

  • Consume cabinet space

  • Expensive to install

  • Once a system is wired, very expensive to change.

    • Nearly all PLC-based systems use solid-state relays for outputs.

      “Mean Time Between Failures” on hard-wired coil relay system is accumulative based on the number of relays in the system. Whereas PLCs have no moving parts, “Mean Time Between Failures” can be measured in decades.

      Anyone who has “trouble shot” a relay control system knows you must be on site, cabinet open, drawings in hand and there are very few clues to the root cause of the problem.

      With a PLC based system, you can look at the I/O LEDs to see what is going on. If necessary, plug in the laptop (or dedicated device), view the program in “real time” and trace the logic to the root cause of the problem in one-tenth the time of a relay system.

      PLCs can be set up to perform in a number of modes if there is a “power failure” or “Emergency Stop” condition:

    • Hold status

    • Turn off all outputs

    • Startup in a safe mode requiring operator input

    • Etc.

      • The PLC programmer has many built in tools to create scenarios to handle process failures:

      • Monitor process conditions and react to limits set in the PLC program

      • Timers, counters, mathematical and logic functions are available

      • Trend possible failures using built in features such and PID loops

      • Analyze historical information gleaned by the PLC.

        • In Figure 2, “Relay, PLC failure comparison” shows relays are many times safer than PLCs. Was this a misprint?

          The engineer determines how safely a control system is designed. The PLC is far superior tool to relays every time.

          James E. Hulings
          President, Hulco Design Inc.
          Zelienople, PA

          Author’s response

          Good question and I’m sorry for the confusion.

          My intent was to communicate that in the world of safety, things may not always appear as they seem. I tried to explain this in my example of comparing a relay with a PLC. As many of us know, PLCs are generally more reliable than relays, however they are not as safe. For this to make sense, one needs to evaluate not only the failure rate , but also must understand the failure mode (dangerous versus safe).

          The graph in Figure 2 was trying to illustrate this point by showing how different technologies (relay vs. solid state) have different failure rates and failure modes. The relay was shown to have a total failure rate of 100 failures per million hours (which is a little less than once per year). Of these 100 failures, only two were shown as dangerous (which happens to work out to about once every 60 years). In comparison, I showed the impact it would have if you choose to replace the relay with a PLC (using solid state switches). The PLC offered 10 times better reliability (only 10 failures per million hours), but five of those failures were dangerous (which works out to about once every 20 years).

          In other words, the more reliable PLC system can actually be “less safe” than the relay (in this case by a factor of almost three times).

          Unfortunately, while many designers are quick to take advantage of the reliability, diagnostics capability, communications, programming flexibility, etc., that a PLC might offer, they need to understand the potential safety impact this could pose on their design.

          Safety certified PLCs were developed for this reason, to provide both high levels of safety and reliability to the process industry market, offering the capability to monitor and detect for both types of failures (safe and dangerous) and respond accordingly.

          Charles Fialkowski
          Safety systems specialist
          Siemens Energy & Automation

          From Talkback —PlantEngineering.com

          In response to “Water/wastewater: achieving the three levels of redundancy,” Jan. AppliedAutomation :

          “Hot redundancy” is best controlled by a system with redundant processors built in. This is even more a consideration in the power generation field especially nuclear. A DCS control system built from the ground up with redundant processing, program and database and with automatic switchover is required.

          (Edited for length. For full comment, go to PlantEngineering.com .)

          John Schott, PE
          WW control systems engineer
          Emerson Process Management
          Pittsburgh, PA