1. Manuals
  2. Brands
  3. GE Manuals
  4. Control Systems
  5. Mark VIe
  6. Instruction manual

Triple Modular Redundancy - GE Mark VIe Instruction Manual

System redundancy options
Hide thumbs Also See for Mark VIe:
Table of Contents

Advertisement

6.2 Triple Modular Redundancy

Controllers, power supplies, networks, and I/O are physically separate, which is the origin of the term triple modular
redundancy (TMR) that is often used when describing the control system. Triple redundancy controls offer a higher degree of
fault tolerance than dual redundant controls. The primary advantages are the ability to ride-through a soft (partial) failure of a
controller, network, or I/O component with an unexpected failure mode, and the ability to identify the origin of the fault with
greater precision.
Since triple redundant controls are applied in a wide variety of applications, the I/O is flexible and can be implemented with
single, dual, or triple sensors that are connected to one or multiple I/O modules. Obviously, triple redundant sensors are more
fault tolerant than dual redundant or single sensors, but there is also a tradeoff between the cost of redundant sensors and the
historical reliability of a particular sensor type for a specific application. Identical application software in each controller read
sensor inputs, and diagnostics compares the data. Discrepancies are reported as system / process alarms.
Each sensor can be transmitted in parallel to the three IONETs (fanned) or transmitted individually. Fanned inputs are
transmitted on the IONET with three I/O packs on the I/O module. Therefore, a failure of an I/O pack does not inhibit any
controller from seeing all of the sensors. In addition, any disagreement between the data values for the same sensor in the
three controllers is identified as an internal diagnostic fault. Non-fanned inputs have less electronics (lower MTBF) but also
less diagnostic precision, because there is only one I/O pack per sensor. Since the precision of the diagnostics impacts the
MTTR, it also impacts the availability of the control system and the process.
The Mark VIe is also available as a SIL-3 capable safety controller, Mark VIeS, in simplex, dual, and triple redundant
configurations. Both systems share common architectures, configuration and diagnostic software tools, and can share input
data from I/O modules on a common IONET to simplify operations and maintenance. When sharing I/O, the controllers from
the Mark VIe and Mark VIeS can read inputs from all I/O modules, but write outputs only to their own I/O modules.
Instruction Guide
GEI-100728A
11
Public Information
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for GE Mark VIe

Related Content for GE Mark VIe

Table of Contents