Risk Detection

How PLCs Help to Avoid Hazards and Increase Plant Safety

Page: 3/4

Related Companies

Applications for Fail-safe PLCs

The fail-safe PLC system is used in critical safety applications in refineries, petrochemical/chemical plants and other industrial processes. For example, in reactor and compressor units, plant trip signals – for pressure, product feed rates, expander pressure equalization and temperature – are monitored and shutdown actions taken in the event of an upset condition. Though traditional shutdown systems implemented with mechanical or electronic relays provide shutdown protection, these can cause dangerous, nuisance trips.

The fail-safe PLC system increases integrity, providing automatic detection and verification of field sensor integrity, integrated shutdown and control functionality, and direct connection to the supervisory data highway for continuous monitoring of safety critical functions. Some major applications areas include:


Boiler Flame Safety

Process steam boilers function as a critical component in most refinery and process applications. Protection of the boiler from upset conditions, safety interlock for normal startup and shutdown, and flame safety applications are combined into a single integrated PLC system. In traditional applications, these functions would be provided in individual, non-integrated components.

But with a fault-tolerant, fail-safe controller, the boiler operations staff can use a critical resource more productively while maintaining safety at or above the level of electromechanical systems.

Turbine Control Systems

The control and protection of gas or steam turbines require high integrity as well as safety. Continuous non-stop operation of the fault-tolerant controller provides turbine operator with maximum availability while maintaining equivalent levels of safety. Speed control as well as startup and shutdown sequencing are implemented in a single integrated system. Unscheduled outages are avoided by using hot-spare modules for the I/O. If a fault occurs in a module, a replacement module is automatically activated without operator intervention.