SACAC WORKSHOP 2010

A Sample Control System Functional Design Specifications

Compiled by AK Schroder Pr. Eng.

SSI Sector Consultant : Control & Instrumentation

June 2010

© Copyright AK Schroder, SSI, 2010

SSI | FDS Section 1 : General 1

CONTENT:

1. FDS Section 1 : General ................................................................................................................... 4

Introduction .................................................................................................................................... 4

Abbreviations .................................................................................................................................. 4

Definitions ....................................................................................................................................... 5

Control System Configuration ......................................................................................................... 6

Tagging System ............................................................................................................................... 7

Control Philosophy .......................................................................................................................... 8

Motor List ........................................................................................................................................ 9

Instrument List ................................................................................................................................ 9

Modes of operation ........................................................................................................................ 9

2. FDS Section 2 : Control System Requirements ............................................................................. 11

PLC Software Structure ................................................................................................................. 11

PLC Input and Output List ............................................................................................................. 12

Data Communications Structure................................................................................................... 13

Software Coding and Function Blocks........................................................................................... 17

Process and Safety Interlocks ....................................................................................................... 22

Alarm handling .............................................................................................................................. 23

Safe Start Warnings....................................................................................................................... 24

3. FDS Section 3 : Visualization System Requirements ..................................................................... 25

SCADA General Features ............................................................................................................... 25

Menu Navigation and Mimic Displays .......................................................................................... 26

Mimic Dynamic Symbols ............................................................................................................... 28

Equipment Display Faceplates ...................................................................................................... 31

Alarm and Event Management ..................................................................................................... 36

SSI | FDS Section 1 : General 2

 Historical and Real Time Trending ................................................................................................ 37

System Reports ............................................................................................................................. 38

Access Security Model .................................................................................................................. 40

DOCUMENT CONTROL

REV DESCRIPTION PREP PM PE CLIENT

SSI | FDS Section 1 : General 3

1. FDS Section 1 : General

Introduction
This control system functional design specification shall be used by the systems integrator to
produce the programmable logic controller code and supervisory control and data acquisition
configurations required for a fully automated Poly mixing plant that is part of the ACME Waste
Water Treatment facility.

Abbreviations
The following abbreviations shall have relevance throughout this document:

FDS Functional Design Specification

PID Proportional, Integral & Derivative Controller

HMI Human Machine Interface

SCADA Supervisory, Control and Data Acquisition

DCS Distributive Control System

PLC Programmable Logic Controller

SSI | FDS Section 1 : General 4

Definitions
The following definitions shall apply throughout this document:

PCS Process Control System - A system consisting of a field mounted

instrumentation, a process controller (such as a PLC or DCS system), a
communications network, and a human / machine interface (such as a SCADA
system) providing integrated control and supervisory functionality.

EQUIPMENT A combination of items controlled and monitored by the controller. These

include but are not limited to:

• Pumps
• Conveyor belts
• Feeders
• Valves
• Gates
HMI HMI stands for Human Machine interface. The HMI is also referred to as
Operator system or Supervisory system.

INTERLOCKS These are devices (with output contact/s), related to the process, integrally
mounted on or near a piece of equipment. Process interlocks may be bypassed
under controlled conditions without endangering human and/or compromising
operating safety of machine/s, whilst Safety interlocks cannot be bypassed.

SEQUENCE A sequence is a part of a software program configured to start-up, control

and/or shut down associated plant equipment in a pre-determined and logical
manner.

DEVICES (software These are software modules encapsulating the functionality of equipment
based) control and diagnostics. E.g. motors, valves, sequences, analogs etc

DCS A Distributed Control System is a grouping of dedicated electronic devices

suited for visualization, interlocking, sequence control, drive control, and
feedback control on processes with high level of instrumentation.

PLC A Programmable Logic Controller (PLC) is a software programmable electronic

device suited for interlocking, sequence control, drive control, and feedback
control. The functionality of these devices has been increased to include fuzzy
logic control, feed forward and multivariable control.

SCADA Supervisory And Data Acquisition (SCADA), is a system that allows operators to
control associated processes by means of keyboard actions and screen
displays. Also referred to as an MMI (Man Machine interface), or HMI (Human
machine Interface).

SSI | FDS Section 1 : General 5

Control System Configuration
The control system for the Poly mixing plant shall consist of a single PLC connected to a central
SCADA system which serves as the operator interface to the complete Waste Water Treatment
facility.

The PLC shall be an ABC Model 123 with conventional 24VDC digital inputs and outputs and 4..20mA
current loop analog inputs, all connected via marshaling terminals in a dedicated PLC panel to the
field instrumentation.

The Motor Control Circuits shall consist of conventional wired control circuits with 24VDC PLC inputs
and outputs.

The SCADA system shall be an Allesview Version 10 running on a conventional personal computer
with MS Windows XP professional.

The control system is depicted below:

SSI | FDS Section 1 : General 6

Tagging System
The following tagging system shall be used throughout the PLC and SCADA for identification of all
items of equipment and associated signals and internal variables.

SSI | FDS Section 1 : General 7

Control Philosophy
The Poly mixing plant shall be controlled as described in the process control philosophy provided
below and the PLC and SCADA programmed and configured in such a way as to fully satisfy the
control requirements.

A Poly batch mixing system is required as part of the sludge dewatering facility at the ACME Waste
Water Treatment facility. The Poly mixing system process design is shown on the Piping and
Instrumentation Drawing no 123 and must be read in conjunction with this Control Philosophy.

The Poly mixing system shall be able to operate in Automatic or Manual and shall deliver a solution
of granular poly dissolved in water to the dewatering plant.

The operation shall proceed as follows:

An operator shall deposit a bag of Poly in the empty mixing tank and imitate a mixing sequence via
the control system which shall open the water supply control valve and fill the tank to a preset level.
Once the level has been reached the mixer shall be started and operate for a preset time interval
only. During this time interval the temperature of the solution shall be controlled to exactly 75deg
Celsius by a temperature sensor coupled with an electrical heater in the mixing tank. After the mixing
process has been completed, the extraction pump shall operate to transfer the solution to the
dewatering plant Poly holding tank.

The following interlocks shall apply:

• The level in the tank will be monitored by an ultrasonic level sensor and transmitter. This
shall be used to close the water supply valve if the tank is full and to stop the transfer pump if
the tank is empty.

• The water supply valve and transfer pumps shall also not operate if the mixer is running.

• The mixer may not operate if the Tank is empty.

The following measurement shall be displayed and recorded in the control system:

• The level of the mixing tank.

• The flow of supply water (and total transferred).

• The temperature of the solution in the mixer.

All equipment operating status shall be monitored and faults reported on the control system
visualization system. Alarms will be generated and displayed on the control system which can only be
cleared when the fault conditions have been attended to and the alarm reset.

• Mechanical or electrical failure.

• Mixing Tank Overflow or Over temperature.

Daily and monthly mixing reports shall be provided by the control system.

SSI | FDS Section 1 : General 8

Motor List
The following list of control devices have been identified in the control philosophy and taken from
the P&ID:

Item TAG no Description Type kW

1 DEW-MCV-001 Water Control Valve DOL, REV 0.37
2 DEW-MCV-002 Discharge Control Valve DOL, REV 0.37
3 DEW-MXER-001 Tank Mixer DOL 2.2
4 DEW-PUMP-001 Poly Transfer Pump DOL 3
5 DEW-HTR-001 Poly Tank Heater FDR 1.1

Instrument List
The following instrumentation has been identified from the control philosophy and taken from the
P&ID:

Item TAG no Description Type Location Units Range

Potable Water
1 DEW-FT-001 Flow Transmitter Magflow Line l / sec 0-5
2 DEW-LT-001 Level Transmitter Ultrasonic Mixing Tank m 0-2
3 DEW-TT-01 Temperature Transmitter PT100 Mixing Tank deg C 0-150
4 DEW-LS-001 Level Switch Mercury Float Mixing Tank n/a HH
5 DEW-FS-001 Flow Switch Proximity Poly Line n/a LL

Modes of operation
The control system shall provide the following modes of operation as reflected in the equipment
control circuits.

Maintenance Mode

The control system shall provide for maintenance operation of all equipment where “maintenance”
implies starting and stopping equipment from the MCC pushbuttons or field control stations.

In maintenance mode all process interlocks shall not apply however safety interlocks shall apply.

In this mode the PLC shall monitor the operation of the equipment but cannot control it. Status such
as running, tripped and e-stop shall be monitored and passed on to the visualization system for
display.

In Maintenance mode the SCADA system shall clearly indicate that the equipment is under
“Maintenance” control and all start and stops from the SCADA shall be inhibited.

“Maintenance” mode shall be selected from the MCC via a Maintenance / Off / Normal selector
switch on each starter with an input to the PLC to indicate “normal” mode.

SSI | FDS Section 1 : General 9

Manual Mode

The control system shall provide for manual operation of all equipment where “manual” implies
starting and stopping equipment from the visualization system.

In manual mode both process and safety interlocks shall apply.

In this mode the PLC shall monitor and control the operation of the equipment. Status such as
running, tripped, failed to start and e-stop shall be monitored and passed on to the visualization
system for display.

In manual mode the SCADA system shall clearly indicate that the equipment is under “Manual”
control and all start and stops from the SCADA shall be initiated via equipment faceplates.

“Manual” mode shall be selected from the SCADA device faceplate via an Auto/ Manual selector
switch which will be inhibited if the overriding sequence control is in Auto.

Automatic Mode

The control system shall provide for automatic operation of all equipment where “auto” implies
starting and stopping equipment from internal logic within the PLC.

In auto mode both process and safety interlocks shall apply.

In this mode the PLC shall monitor and control the operation of the equipment. Status such as
running, tripped, failed to start and e-stop shall be monitored and passed on to the visualization
system for display.

In auto mode the SCADA system shall clearly indicate that the equipment is under “Auto” control
and all manual start and stops from the SCADA shall be inhibited on the equipment faceplates.

“Auto” mode shall be selected from the SCADA device faceplate via an Auto/ Manual selector switch
which will be overridden if the hierarchical sequence control is switched between auto and manual.

Note: Switching a control sequence between auto and manual will switch the mode of all items of
equipment controlled by that sequence.

SSI | FDS Section 1 : General 10

2. FDS Section 2 : Control System Requirements

PLC Software Structure

The PLC software shall be structured in such a manner that initialization logic and analog processing
logic shall be processed first, thereafter all control sequences and closed loop control logic followed
by equipment function blocks and finally data marshalling to the visualization system.

CODE SEGEMENT DESCRIPTION

INITIALIZE Logic to initialize all internal registers, timers and parameters.

DATA_RECEIVE Logic to retrieves commands from the visualization system and

marshal it to internal registers for use in the ensuing code. Also
acknowledge receipt of SCADA commands (+ve feedback)

DEW_FT_001 Logic that marshals SCADA parameters to the analogue Function

Block, evaluates the raw analogue input value for FT_001, converts
to engineering units, does limit value monitoring and writes alarms
signals to internal registers. This segment invokes FB_ANALOG

Etc for all analog inputs

DEW_PSEQ_001 Logic that marshals SCADA parameters to the Poly Transfer

Sequential control logic, evaluates the internal registers for all
controlled devices, evaluates modes and commands and writes
status and alarms signals to internal registers. This segment shall
invoke SFC code.

DEW_PID_001 Logic that marshals SCADA parameters to the Poly Mixing Tank
temperature control PID evaluates the internal registers for the PV,
SP and OP values for controlled devices, evaluates modes and
commands and writes status and alarms signals to internal registers.
This segment shall invoke FB_PID.

DEW_PUMP_001 Logic that marshals SCADA parameters to the Poly Transfer Pump
Function Block, evaluates the digital I/O values for PUMP_001,
evaluates modes and commands and writes status and alarms signals
to internal registers. This segment invokes FB_MOTOR

Etc for all motors

DATA_SEND Logic to send status (and command acknowledge) from internal

registers to the visualization system

SSI | FDS Section 2 : Control System Requirements 11

PLC Input and Output List
The following Input and output addresses shall be used for the programming of the Poly mixing PLC
logic:

SSI | FDS Section 2 : Control System Requirements 12

Data Communications Structure
The PLC and SCADA system shall interchange status and command information for each controlled
item of equipment and measured value as follows:

SSI | FDS Section 2 : Control System Requirements 13

SSI | FDS Section 2 : Control System Requirements 14
SSI | FDS Section 2 : Control System Requirements 15
The above Data Structure shall inform the status text and displays of all dynamic elements and
faceplates on the SCADA system. To improve communications efficiency and reduce SCADA TAG
count, packed data arrays (multi-states) shall be used as shown. i.e. The individual status bits shall be
bit masked from common data words as shown.

SSI | FDS Section 2 : Control System Requirements 16

Software Coding and Function Blocks
The PLC software shall be modular and make use of standard function blocks for each type of
equipment.

Motor Control Function Block

Each motor shall be controlled and monitored by a motor function block with basic logic as follows:

The motor function block shall have as its base control element a Set-Reset Latch with Reset
dominance to drive the final output that will close the contactor in the MCC to energize the motor.

The logic shall allow for Automatic and Manual starts where Auto starts and stops shall be taken
from other PLC logic (such as PID controllers and Sequence Controllers) and Manual start and stop
commands shall be accepted from the visualization system. In Maintenance mode the motor
function block shall only monitor the motor status and report back to the visualization system.

Failed to start and stop and safety trips shall be latched in the motor function block and cleared only
after a reset from the visualization system.

The motor logic shall also include a run-hour counter.

Physical Inputs and Outputs shall be marshalled to a call of the motor function block for each motor
in the poly mixing plant and external logic shall be used to evaluate and set the parameters to the
function block (such as interlocks) and to integrate it with the visualization system faceplate as
shown in the data structure.

SSI | FDS Section 2 : Control System Requirements 17

Valve Control Function Block

Each motorized valve shall be processed by a valve Function Block with basic logic as follows;

The above logic shall be repeated for the CLOSE action of the valve and the OPEN and CLOSE latches
shall be cross interlocked such that both commands cannot be simultaneously issued.

The valve function block shall have as its base control element a Set-Reset Latch with Reset
dominance to drive the final output that will close the contactor in the Valve to energize the motor.

The logic shall allow for Automatic and Manual open and close where Auto open and close shall be
taken from other PLC logic (such as PID controllers and Sequence Controllers) and Manual open and
close commands shall be accepted from the visualization system. In Local mode the valve function
block shall only monitor the valve status and report back to the visualization system.

Failed to open and close and safety trips shall be latched in the valve function block and be cleared
only after a reset from the visualization system.

Physical Inputs and Outputs shall be marshalled to a call of the valve function block for each valve in
the poly mixing plant and external logic shall be used to evaluate and set the parameters to the
function block (such as interlocks) and to integrate it with the visualization system faceplate as
shown in the data structure.

SSI | FDS Section 2 : Control System Requirements 18

Analog Measurement Function Block

Each Analog input (measured value) shall be processed by an Analog Function Block with basic logic
as follows:

The Analog Function Block shall invoke the PLC’s built-in Analog processing block and report on the
status of the measured value (ie healthy, line break or open circuit). It shall furthermore convert the
Raw value into engineering values for display on the visualization system and to perform limit value
monitoring on set engineering value limits. The limit alarms shall be processed by an Alarm function
block as described further below.

External logic shall be provided for each call to the Analog Function block to integrate it with the
Visualization system faceplate as described in the data structure.

SSI | FDS Section 2 : Control System Requirements 19

Closed Loop Controllers

An ON-OFF closed loop controller shall be programmed in the PLC to control the temperature in the
mixing vessel.

The PLC’s build in PID function block shall be used for this purpose and external logic shall be
provided to connect the Controller to the temperature sensor (PV) in the mixing vessel and the
Heater controller (Output) in the MCC. The PID loop shall control the temperature in the mixing
vessel to the set-point (SP) temperature entered by the Operator on the visualization system.
Further logic shall be provided to integrate the Controller with the Visualization system faceplate as
described in the data structure.

The implementation of the PID control function block shall be generally as follows:

SSI | FDS Section 2 : Control System Requirements 20

Sequence Control

The Poly Mixing plant shall be controlled by a mixing and transfer sequence to be implemented in
Sequential Flow Chart (SFC) in the PLC as described in the Flow Chart below:

The sequence control logic shall provide for automatic and manual mode and pass start and stop
commands to other sub logic blocks. Start-up, current step and transitioning status shall be
integrated to the visualization system faceplate as defined in the data structure.

SSI | FDS Section 2 : Control System Requirements 21

Process and Safety Interlocks
The following Process and Safety interlocks shall be programmed in the system:

SSI | FDS Section 2 : Control System Requirements 22

Alarm handling
The following alarm processing shall be programmed in the system:

SSI | FDS Section 2 : Control System Requirements 23

All alarm shall be lathed as shown and require a Reset command. The Fault shall not reset if the
original fault condition still exists. Events need not be latched and shall be cleared as soon as the
original signal has been restored. The logic shall be able to distinguish between alarms and events.

Safe Start Warnings

The start of the mixer shall be preceded by a start up siren.

The siren shall sound for 3 seconds before the mixer starts and shall inhibit the mixer by way of an
Interlock signal.

SSI | FDS Section 2 : Control System Requirements 24

3. FDS Section 3 : Visualization System Requirements

SCADA General Features

The control system’s architecture shall be based on a conventional automation hierarchy with
several PLC’s distributed throughout the ACME Waste Water Treatment facility, all connected to a
single central SCADA server computer. The size of the facility does not warrant a client /server
SCADA architecture hence a single SCADA computer providing both the Data Acquisition (TAG
server) as well as the Visualization (Workstation services) functionality shall be provided.

The SCADA server shall be connected to the PLC’s via Industrial Ethernet configured for static IP
addressing as shown below.

Data will be collected from the PLC by the SCADA server on a cyclical basis by the TAG server using
the Industrial Ethernet Protocol driver provided with the SCADA for the ABC PLC. Data shall be
collected in accordance with the data structure as described in Section 2 above.

The SCADA server shall run on a licensed copy of Microsoft Windows Profession version 2003 with
Service Pack 3.

All SCADA TAGS shall based on the convention described for naming in the PLC in section 2 above.

SSI | FDS Section 3 : Visualization System Requirements 25

Menu Navigation and Mimic Displays
The SCADA system configuration shall provide for a number of screens consisting of an overview of
the plant and detailed representations of each plant section.

Mimic displays shall be based on the P&ID’s for the plant and a standard layout shall be adopted as
shown below:

A mimic hierarchy shall be provided consisting of a complete facility overview mimic followed by
individual plant detail mimics and within each plant mimic further detailed may be selected (such as
for the Poly Mixing plant) with final elements of control being displayed by way of equipment
faceplates.

All operator actions shall be via mouse clicks or keyboard entry. Left mouse clicks shall select
dynamic objects on the mimic and display a “tool-tip” with the element’s assigned unique identifier
TAG) along side it. Left mouse double clicks shall initiate actions where these are enabled on the

SSI | FDS Section 3 : Visualization System Requirements 26

mimic (by way of “hotspot”), either following a link, changing the objects’ state or displaying a pop-
up control faceplate.

Where the process flow is from one mimic onto the other a suitable link shall be provided with an
appropriate description and clicking the link shall take the user to that mimic.

e.g.

All Mimics shall be drawn in colour on a light grey background. Non dynamic elements shall be
displayed in standard MS windows palette colours that are not used for displaying status
(animation), and all line thickness and font sizes for descriptive text shall be a minimum of 1pt black
and 10pt Arial Black respectively.

Pipe colours shall represent the materials they convey as follows:

Pipe Colours Description

Air Lines

Process Water

Potable Water

Dilute Media

Fire Fighting

Drains & Sewers

FeSi Slurries / Correct Media

Gravel Slimes Slurries

Fuel Oil

Flocculent

Hydraulic Oil

Ventilation

All controlled elements shall be represented by dynamic symbols with colour changes representing
status as described next.

SSI | FDS Section 3 : Visualization System Requirements 27

Mimic Dynamic Symbols
Each controlled or monitored item of equipment shall be represented on the SCADA mimic by a
dynamic symbol. The symbols shall conform to the ISA symbol standard and shall be animated as
follows:

Motors

Motor status shall be represented as per the table below. In addition to the dynamic colour changes,
flashing GREEN and RED shall be used to indicate the STARTING and STOPPING state. The flashing
state shall be inherent in the SCADA to provide immediate operator feedback when a device
command is initiated and will only revert to the steady state when the confirmation of the command
is received from the PLC. Any element that can NOT be animated shall be shown in the transparent
state for UNKNOWN (e.g. communications failure with the PLC)

SSI | FDS Section 3 : Visualization System Requirements 28

Valve

Motorized, Actuated and Solenoid Valve status shall be represented as per the table below. In
addition to the dynamic colour changes, flashing GREEN and RED shall be used to indicate the
OPENING and CLOSING states. The flashing state shall be inherent in the SCADA to provide
immediate operator feedback when a device command is initiated and will only revert to the steady
state when the confirmation of the command is received from the PLC. Any element that can NOT
be animated shall be shown in the transparent state for UNKNOWN (e.g. communications failure
with the PLC)

Switch

All digitally switched signals (e.g. a flow switch) shall be represented on the mimic by way of a simple
semaphore whose state is indicated as per the table below. Communications failure to the PLC shall
be indicated in the “transparent” state. Digital states shall all be “fail safe” such that a positive signal
is given when the operational condition is normal and /or safe.

SSI | FDS Section 3 : Visualization System Requirements 29

Analog Instruments

Each analog instrument shall be represented on the SCADA mimic by a dynamic text field indicating
the current instantaneous measurement, in engineering value, including its units. The display shall
include a status block along side indicating whether the instantaneous value is “healthy” (ie no Line
Break or Short circuit in the current loop between the PLC and instrument) and whether the reading
is in an alarm range. Alarm values shall be entered via the instrument’s faceplate as described
further below.

When the measured value is unknown (e.g. communications break) the text representing the
instantaneous value shall indicate ###.## so as to clearly indicate no reliable reading is available.

SSI | FDS Section 3 : Visualization System Requirements 30

Equipment Display Faceplates
Each controlled or monitored item of equipment shall be represented on the SCADA by a Faceplate.
The faceplate shall reflect the controlled item unique identifier TAG, the equipment status, alarms
and run hours as well as provide more mode of operation selection and control commands.

Proposed layouts for each type of faceplate are presented below:

Motors

Each motor on the mimic shall be linked to a faceplate which shall be displayed when the motor
symbol is double clicked. The faceplate shall be positioned at the bottom right hand size of the
mimic display by default but shall be repositioned by the operator as and when required. When
another motor is double clicked, it’s faceplate shall be displayed and any other faceplates
automatically closed such that the mimic screen is not cluttered with control faceplates. The
individual elements of the faceplates shall be dynamic as described in the annotations.

Equipment TAG name as per the naming

convention

Status Text - UNAVAILABLE, RUNNING,

STOPPED, TRIPPED, FAILED TO START

MODE of operation, MAINTENANCE,

AUTOMATIC, MANUAL

Equipment run-hours

MODE selection (Maintenance is selected on

the MCC)

Command Buttons, START, STOP only

available in MANUAL mode otherwise greyed
out

SSI | FDS Section 3 : Visualization System Requirements 31

Control Valves

Each control valve on the mimic shall be linked to a control faceplate which shall be brought up
when the motor symbol is double clicked. The faceplate shall be positioned at the bottom right hand
size of the mimic display by default but shall be repositioned by the operator as and when required.
When another valve is double clicked, it’s faceplate shall be displayed and any other faceplates
automatically closed such that the mimic screen is not cluttered with control faceplates. The
individual elements of the faceplates shall be dynamic as described in the annotations.

Equipment TAG name as per the naming

convention

Status Text - UNAVAILABLE, OPENING,

OPEN, CLOSING, CLOSED, TRIPPED,
FAILED TO OPEN, FAILED TO CLOSE

MODE of operation, MAINTENANCE,

AUTOMATIC, MANUAL

Valve Position, in percentage where 0=closed,

100-opened

MODE selection (Local /Remote is selected

on the Control Valve)

Command Buttons, START, STOP only

available in MANUAL mode otherwise greyed
out

SSI | FDS Section 3 : Visualization System Requirements 32

Analog Values

Each measured valve (analog input) on the mimic shall be linked to a faceplate which shall be
brought up when the instrument symbol is double clicked. The faceplate shall be positioned at the
bottom right hand size of the mimic display by default but shall be repositioned by the operator as
and when required. When another instrument is double clicked, it’s faceplate shall be displayed and
any other faceplates automatically closed such that the mimic screen is not cluttered with control
faceplates. In addition, a single mimic page with all the analog faceplates permanent arranged
alongside one another shall also be provided. The individual elements of the faceplates shall be
dynamic as described in the annotations.

Instrument TAG name as per the naming

convention

Instantaneous reading (engineering value,

including unit e.g. %, Deg C etc)

Analog Value, depicting instantaneous

reading, the bar to change color as the value
increases or decreases

Limit Value Monitoring settings, reflect

current settings in the PLC and can be
changed by double clinking when logged in as
Supervisor.

Limit Value alarm Acknowledge and Reset.

This button’s text and function changes to
comply with the alarm handling concept

SSI | FDS Section 3 : Visualization System Requirements 33

 Closed Loop Controller

Each closed loop controller in the PLC shall be linked to a faceplate which shall be brought up when
the control loop symbol is double clicked. The faceplate shall be positioned at the bottom right hand
size of the mimic display by default but shall be repositioned by the operator as and when required.
When another controlled element is double clicked, it’s faceplate shall be displayed and any other
faceplates automatically closed such that the mimic screen is not cluttered with control faceplates.
The individual elements of the faceplates shall be dynamic as described in the annotations.

Derived TAG name as per the naming

convention

Status Text – CONTROLLING or OUT-OF-

RANGE

MODE of operation, AUTOMATIC or

MANUAL

Controller Setpoint (SP), in engineering units

Controlled Process Value (PV)

Loop Output Value (PV), can be manipulated in

MANUAL mode

Controller Parameters in PLC, can be set in

Supervisor mode.

Controller Mode selection, AUTO or Manual Control Loop Trend, can be “shown” or
“hidden” by clicking the “TREND>” button

SSI | FDS Section 3 : Visualization System Requirements 34

Sequence Control

Each group of equipment that must operate together, whether sequentially or continuously shall be
linked to a faceplate which shall be brought up when a controller symbol on the mimic is double
clicked. The faceplate shall be positioned at the bottom right hand size of the mimic display by
default but shall be repositioned by the operator as and when required. When another controller
symbol is double clicked, it’s faceplate shall be displayed and any other faceplates automatically
closed such that the mimic screen is not cluttered with control faceplates.

Sequence and Control face plates shall clearly indicate to the operator the control that is being
executed in the PLC. All step commands and transition conditions, as defined in the control system
requirements, shall be clearly indicated and any wait states or time-outs indicated such that the
operator is never left in any doubt as to the automatic control state. Control logic shall also be safe-
guarded such that the control can always be reset or cleared if the sequence or control operation is
perceived to have become “hung-up” or “in-deterministic”.

The individual elements of the faceplates shall be dynamic as described in the annotations.

Derived TAG name as per the naming

convention

Status Text – NOT READY, READY TO

START, STARTING, RUNNING, STOPPING,
STOPPED, PAUSED, FAULT

MODE of operation, AUTOMATIC or

MANUAL

Current STEP and TRANSITION text plus

any other info to inform the operator. E.g.
Count Down Timer Value

Sequence Mode selection, AUTO or MANUAL

Sequence Command Buttons, To START,

STOP, PAUSE or RESUME the sequence.
RESET will abort the sequence and return to
the starting step

SSI | FDS Section 3 : Visualization System Requirements 35

Alarm and Event Management
Alarms and Events shall be configured as required by the ISA/ANSI 18.2 Alarm Management
Standard and as implemented in the Allesview SCADA Package. Three classifications of alarms shall
be provided for as follows:

• Event : Any change in state of controlled equipment such as starting, stopping, opening or
closing which is NOT as a result of a fault condition.

• Warning : A change of state that warrants operator attention and possibly action but poses
no immediate threat to production.

• Alarm : A change of state that warrants operator intervention and poses a real threat to
production.

Alarms shall be grouped per process module and shown on a page accessible from that module.

Alarms shall be prioritized such that the latest occurring alarm be displayed on the top of the list and
historically alarms at the bottom of the list.

The latest three alarms shall always be displayed along the bottom of the SCADA screen as described
in the standard layout.

Alarms shall be suppressed for equipment that is out of service or where communications with the
PLC has failed.

Alarms shall be date and time stamped and written to a log file from where they can be exported in
a common data interchange format such as XLS or CSV (Comma Separate Values)

Alarm states shall be represented in colour as follows:

Type Text Status Description

(Background)

Event Black Blue Event Active

Opaque Historical event
Warning Black Yellow Flash Active and unacknowledged
Yellow Active and acknowledged
Yellow Opaque Historical warning
Alarm Black Red Flashing Active and unacknowledged
Red Active and acknowledged
Green Opaque Historical alarm

The alarm page columns shall be laid out as follows:

SSI | FDS Section 3 : Visualization System Requirements 36

Historical and Real Time Trending
All measured values shall be configured for real time and historical trending. Trends shall be
accessible via a TREND button in the mimic navigation menu.

Trends shall be grouped per process area and process module and each trend shall be drawn in a
“line” style with different pen colour.

Trend screens shall clearly indicate the engineering value and full range of measured values on their
X-Y axis and the trend shall provide for a cursor position sliding bar indicating the instantaneous
values at the point of selection.

The trend shall furthermore include a legend along the bottom where the trend and pen colours are
identified and the minimum, maximum, average and instantaneous trend value reading over the
selected period shall be shown.

It shall furthermore be possible to select the trend resolution, range and starting date and time for
each group of measured values.

All of the Analog inputs listed in Section 1 shall be logged and trended for the Poly Mixing Plant.

The trend shall be laid out as follows:

Trend Navigator

Trend Graphic

Trend Legend

SSI | FDS Section 3 : Visualization System Requirements 37

System Reports
The Allesview SCADA system’s default reporting system shall be configured to provide the following
reports:

• Equipment Run Time and Down Time data

• Process Values
• Alarm and Events

Reports shall be compiled from the SCADA system log file and shall be invoked by clicking on the
REPORT button in the mimic navigation menu.

It shall be possible to chose the time interval for each report and the reports shall be layout out as
follows:

SSI | FDS Section 3 : Visualization System Requirements 38

SSI | FDS Section 3 : Visualization System Requirements 39
Access Security Model
The SCADA system shall provide access security to prevent unauthorised access to the system.
Securing the system through usernames and passwords shall prevent accidental reconfiguring by the
operators and provide administrators with a traceable log of all SCADA activity.

Security shall be provided by the underlying MS Windows Operating System as integrated with the
Allesview SCADA Package. At least three levels of security shall be provided.

System:

When the system boots up the SCADA Server shall start as an OS service. The SCADA user interface
shall then be automatically loaded.

After the UI has been loaded a “logon” mimic shall be displayed. This will force the operator,
supervisor or administrator to logon before accessing the live mimics so that an audit log of all users
activities can be kept.

All SCADA system configuration menu items shall be inaccessible.

All conventional OS Desktop operations shall be inaccessible. The Task Manager shall not be
accessible from the keyboard. The OS Explorer application shall not be accessible.

Operators:

All plant operators must logon to be able to perform the following functions:

• Move from mimic to mimic.

• Stop, start and reset all equipment.
• Change value settings.
• Acknowledge alarms.
• Reconfigure TREND periods.
• Print TRENDS and REPORTS

Supervisors:

In addition to the permissions of operators, supervisors shall be able to perform the following
functions:

• View the EVENTS list.

• Reconfigure the EVENTS list.
• Print the EVENTS list.
• Make Parameter and Set point changes

SSI | FDS Section 3 : Visualization System Requirements 40

Administrators:

Shall have access to all SCADA design time/ configuration menu items and functionality.

A mimic shall be available with buttons for easy access to the following:

• Operating System Task Manager.

• Operating System Explorer.
• Operating System User Manager.
• SCADA Software Setup.
• SCADA Protocol Monitor.

SSI | FDS Section 3 : Visualization System Requirements 41