- •Selector controls
- •Override controls
- •Techniques for analyzing control strategies
- •Explicitly denoting controller actions
- •Determining the design purpose of override controls
- •Review of fundamental principles
- •Process safety and instrumentation
- •Explosive limits
- •Protective measures
- •Concepts of probability
- •Mathematical probability
- •Laws of probability
- •Applying probability laws to real systems
- •Practical measures of reliability
- •Failure rate and MTBF
- •Reliability
- •Probability of failure on demand (PFD)
- •High-reliability systems
- •Design and selection for reliability
- •Preventive maintenance
- •Redundant components
- •Overpressure protection devices
- •Rupture disks
- •Safety Instrumented Functions and Systems
- •SIS sensors
- •SIS controllers (logic solvers)
- •Safety Integrity Levels
- •SIS example: burner management systems
- •SIS example: water treatment oxygen purge system
- •SIS example: nuclear reactor scram controls
- •Review of fundamental principles
- •Instrumentation cyber-security
- •Stuxnet
- •A primer on uranium enrichment
- •Gas centrifuge vulnerabilities
- •The Natanz uranium enrichment facility
- •How Stuxnet worked
- •Stuxnet version 0.5
- •Stuxnet version 1.x
- •Motives
- •Technical challenge
- •Espionage
- •Sabotage
- •Terrorism
- •Lexicon of cyber-security terms
- •Design-based fortifications
- •Advanced authentication
- •Air gaps
- •Firewalls
- •Demilitarized Zones
- •Encryption
- •Control platform diversity
- •Policy-based fortifications
- •Foster awareness
- •Employ security personnel
- •Cautiously grant authorization
- •Maintain good documentation
- •Close unnecessary access pathways
- •Maintain operating system software
- •Routinely archive critical data
- •Create response plans
- •Limit mobile device access
- •Secure all toolkits
- •Close abandoned accounts
- •Review of fundamental principles
- •Problem-solving and diagnostic strategies
- •Learn principles, not procedures
- •Active reading
- •Marking versus outlining a text
- •General problem-solving techniques
- •Working backwards from a known solution
- •Using thought experiments
- •Explicitly annotating your thoughts
31.8. TECHNIQUES FOR ANALYZING CONTROL STRATEGIES |
2597 |
31.8.2Determining the design purpose of override controls
Override control strategies are a source of much confusion for students first learning the concept. Perhaps the most fundamental question students find di cult to answer when faced with an override strategy is how to determine the intended purpose for that strategy if no explanation is given.
Take for example this surge tank level/flow control system. While it may be obvious that the flow controller is there for the purpose of regulating flow out of the tank, it is not so clear what the two level controllers are doing, or what purposes are served by the two selector functions:
Feed in
Surge
tank LG
LT
ATO
SP = 10%
50%
LIC |
LIC |
SP = 90% FT |
|
< |
> |
LY |
LY |
RSP |
FIC |
Low-select High-select
A good starting point in our analysis is to first determine the proper directions of action for each controller. This is wise because the selector functions perform their tasks based on the relative values of the controller output signals: controllers become selected or de-selected on the basis of their output signals being greater or less than some other signal. Therefore, before we may be able to determine the purpose of a selector function, we must know how the loop controller feeding that selector function is supposed to react to process conditions. Once we have determined each controller’s proper action, we may then interpret each selector’s function in light of what process conditions will cause a particular controller to become selected.
2598 |
CHAPTER 31. BASIC PROCESS CONTROL STRATEGIES |
When choosing the proper action for each controller, we must consider each controller in this system – one at a time – as though it were the one being selected. In other words, we may give ourselves license to ignore the selector functions and just concentrate for the time being on how each controller needs to act in order to do its job when selected. Looking at the system from this perspective, we see that each level controller (when selected) acts as a master to the flow (slave) controller. Thus, what we have here is a cascade level/flow control system, with two master controllers selected on the basis of their output signals.
The flow controller (FIC) needs to be reverse-acting, because in order to counter-act an increase in flow rate it must close o the valve (i.e. decreasing output with increasing input = reverse action). Each level controller needs to be direct-acting, because in order to counter-act an increase in level it must call for more flow exiting the tank (i.e. increasing output with increasing input = direct action). Denoting these actions using “+” and “−” labels at each PV and SP input line:
Feed in
Surge
tank LG
LT
ATO
PV PV
SP = 10%
50%
|
Direct |
|
LIC |
LIC |
SP = 90% FT |
|
< |
PV |
|
> |
|
LY |
LY |
RSP |
FIC |
Low-select |
High-select |
Reverse |
Only now are we prepared to analyze the purpose of each selector function. Let’s begin with the low-select first. It selects the lowest of two values, either a fixed value of 50% or the output of the level controller with the 10% setpoint. Since we know this level controller is direct-acting, we may conclude that it will be selected if it sees a low level at its PV input. More specifically, it will be surely be selected if the measured tank level drops significantly below the setpoint value of 10%. Thus, we may conclude that the purpose of this level controller is to take over control if the tank level reaches or drops below the 10% mark.
Next, let us analyze the purpose of the other level controller (connected to the high-select function). Since the high-select function will select this level controller only if its output signal