6. REDUNDANCY WITH NX3030 CPU
6.2.6. General Characteristics of a Redundant CP
Redundant CPU General Features
Allowed CPUs NX3030
Redundancy type Hot-standby
Failure tolerances
Tolerates, at least, simple failures in doubled equipment in
the half-clusters. In specific cases, it can tolerate multiple
failures.
Half-cluster 5 redundancy
states
- Not-configured: initial state, also considered when the
CPU is off or isn’t executing the MainTask.
- Starting: temporary state assumed after Not-configured,
where some tests will define the next state (Inactive, Active,
Stand-by or back to Not-configured.
- Inactive: state reached after some types of failures or for
programming maintenance.
- Active: controlling the user process.
- Stand-by: ready to switch to Active and control the user
process, in case there’s such demand (e.g. Active CPU fail-
ure).
Main failures which cause
switchover between the Active
CPU and the Reserve CPU.
The reserve CPU switches for
the Active and the Active
can go to Inactive or Not-
configured.
- Supplying failure.
- Power supply.
- CPU (stop in the MainTask execution).
- NX4010.
- Failure in both synchronism channels (NETA and NETB)
and the cause isn’t in the Reserve CPU. In this case the Re-
serve CPU, besides assuming the Active state, switches the
other CPU off.
- Failure of some synchronism channel (NETA and NETB)
and the cause is in the Active CPU.
- Failure in some vital PROFIBUS network.
- Failure in some vital Ethernet network.
Commands that cause
switchover between the
Active CPU and the Reserve
CPU
- Commands via redundancy control panel (PX2612).
- Commands received from MasterTool or from a SCADA
system, through this CPU (local) or the other CPU (remote).
- Commands generated by user application (e.g.: in case
of other diagnostics as Ethernet communication failure)
through this CPU (local) or the other CPU (remote).
Main failures which prevents
a CPU to go to the reserve
state or remain in it. Such
failures drive the CPU to a
Not–Configured or Inactive
state.
- Supplying failure.
- Power supply.
- CPU (stop in the MainTask execution).
- NX4010.
- Failure in both synchronism channels (NETA and NETB)
and the cause is in the Reserve CPU.
- Failure in the synchronism service for redundancy data.
- Failure in the synchronism service for the redundant forc-
ing list.
- Total failure in some vital PROFIBUS network.
- Total failure in some vital Ethernet network.
- Different project from the Active CPU, with project auto-
matic synchronization enabled.
- Firmware version incompatible with the Active CPU.
275
To Next Page
Loading...
Need help?
General
