Redundancy via SCA-RS
SICAM RTUs, SICAM AK Redundancy
Unrestricted
15
DC2-026-2.07, Edition 10.2016
In the case of AU redundancy one differentiates between two types of switchover:
•
Global redundancy switchover
(automatic voting by SCA-RS or application-related voting)
The entire AU is either in the redundancy state
active
or
passive
.
•
Line-by-line redundancy switchover
(automatic voting by SCA-RS or application-related voting)
Only certain elements of an AU are switched to the passive state. In an AU some
elements can be active, others passive.
Prerequisites of Redundancy
Each of the two elements of the redundancy pair is already configured separately.
All redundant elements must have the same HW-FW configuration and be loaded with the
same FW version and the same parameters (state).
In certain redundancy configurations after startup messages in control direction (commands,
setpoint values,…) will be transmitted only to the active component /CPU because only the
active component has replied to the general interrogation and thus, the distribution criteria
(CASDU) has been learned.
If you want to have a transmission also to the passive components/CPUs, the following
solutions are available:
•
selective data flow
•
data flow filter
in the topology just enter "
both directions
" as data flow direction for a communication
interface, then „activation“ will be also sent without learned CASDU.
1.1.2
Synchronization
For the synchronization one can distinguish between two cases:
•
Synchronization via HSL
The High Speed Link (HSL) is used for the synchronization of the redundant elements for
both types of redundancy (CPU redundancy and AU redundancy).
The interface is monitored by means of periodical monitoring messages. These monitoring
messages are generated and monitored by the system elements or automation units at
both sides of the interface.
•
Synchronization via external communication
Here the monitoring time is dependent on the protocol. The system-technical parameter
Redundancy | Synchronization parameters | Red_Sync monitoring timeout
is used for monitoring the redundancy-synchronization interface and defines a time period,
within which a corresponding monitoring message is generated in case an error has
occurred (monitoring timeout for the interface). This means, if no communication takes
place within this parameterized time, the failure is detected. The value is to be set
according to the protocol used.
The control of the passive C-CPU is always timed by the active one, so that the function
diagram (FUD) runs simultaneously. Consequently the passive CPU has the same data as
the active CPU: the input data in the FUD on the active and passive are identical,
consequently the output data also have the same values.
A comparison (or a synchronization or an update) takes place in 2 cases: