Last updated on May 14, 2021

How to select a safety PLC

When it comes to implementing safety instrumented systems (SIS) to comply with functional safety standard IEC 61511, the safety PLC is a pivotal device to specify. So, what are the key questions that you need to ask if choosing a new system supplier? Read more here.

What is the difference between standard and safety PLC?

A standard PLC (programmable logic contoller) is designed for regular control, whereas a safety PLC has additional hardware and software design features to self-diagnose failure and trip safely when the need arises.

With a standard PLC, selection is based on performance; such as the capacity of the program, number of inputs and outputs (I/O) it can handle, communications capability and speed.

With a safety PLC, the selection criteria are more related to Safety Integrity Level (SIL) capability, reliability and fault tolerance of the system.

The choice of a safety PLC with a capability for meeting a Safety Integrity Level of SIL 1, SIL 2 or SIL 3 is a crucial early decision for any company implementing a new SIS, or for a major system upgrade project.

Why safety PLC systems are needed

A safety PLC comes into its own when implementing numerous Safety Instrumented Functions (SIF). Where sequences, time delays or more complex logic are a requirement of the application.

The safety PLC can efficiently transmit data and alarms to an associated control system and operator workstation via serial communications links. The safety system can send useful diagnostics to the control layer without being compromised.

Safety PLC's can readily accept analog sensor signals, where a single instrument can provide alarm and trip points at different levels. Analog signals also enable dynamic display of the process variable and diagnostic alarm information that can give early operator warnings that may help to avoid spurious trips.

Why programmable systems?

Hard-wired systems are very effective when there are very few safety functions and little need for remote monitoring of status.

However, in many applications such as offshore oil and gas platforms or large chemical complexes, the choice of programmable or hard-wired system is usually easy to make. Due to the likely number of safety functions and the complexity of achieving both control and safety, the hard-wired option isn't practical or cost-effective.

Programmable logic solver system and software suppliers

There are many providers of SIL capable Safety PLC logic solvers. Choices range from single-channel systems with in-built safety circuits to triplicated systems designed for achieving high availability and safety.

As there is no "one-size-fits-all", users must carefully select the system and supplier that best meets both their application requirements, and the need for initial and ongoing support.

At the end of this article are links to some logic solver suppliers that have SIL capability certification; some of them with several different products. It's best to contact each company directly; making sure you ask appropriate questions such as the ones below.

Product and technical questions to ask suppliers

  • What is the claimed SIL capability of the system (e.g. SIL 1, SIL 2 or SIL 3)?
  • Who completed the SIL capability certification of this system (e.g. TÜV Rheinland / exida)?
  • What level of Hardware Fault Tolerance (HFT) is required to meet the SIL capability claimed?
  • How are you assuring the latest cyber-security requirements are met with your safety PLC?
  • Can you provide a functional safety manual that conforms with IEC 61508-2 edition 2 Annex D?
  • Does the SIS logic solver have a sister control system (BPCS) with approved communications links?
  • Are there any Application Program restrictions to implement in software or hardware to achieve the claimed SIL?
  • What uttility software is needed to program and/or compile the application program?
  • What is the programming language for the SIS logic solver (e.g. Function Block Diagram / Ladder / Other)?
  • What are the ongoing proof test requirements for the system?

Support and general questions to ask suppliers

  • How is the system & software supported in your region?
  • What specialist training and is needed to program the system?
  • What specialist training is needed to maintain the system hardware?
  • Do you have recommended 3rd party integrators who can configure the system?
  • Do you provide direct configuration / programming support for the system?
  • How long do you plan to support this system?
  • Do you have a functional safety management system (FSMS) for SIS project implementation?
Safety PLC / Logic Solver Suppliers List (2021)

Conclusions

Like everything in life, there are sometimes trade-offs when you narrow down the search for a new safety PLC.

Some suppliers have a more significant presence than others in specific regions of the world. Some rely on 3rd party system integrators to implement their software, whereas others will want to provide more of a "turn-key" package.

Many companies have legacy products that they will push to the background whilst pointing you at the "latest new thing".

The good news is that selecting a SIL capable safety PLC from a reputable supplier and reputable certification company should mean few issues with meeting SIL targets because of the logic solver.

The bad news; the logic solver is rarely the main issue when it comes to safety and availability. Achieving SIL targets and assuring maximum uptime is typically related much more to the field sensors and final elements.

About the author 

Jon Keswick, CFSE

Jon Keswick is a Certified Functional Safety Expert (CFSE) and founder of eFunctionalSafety. Feel free to make contact via Linked-In or comment on any of the eFunctionalSafety blog pages.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
>