Advances in SCADA and RTU Technology for Next Generation Operators |

Advances in SCADA and RTU Technology for Next Generation Operators

By Randy Miller, Honeywell

Much effort has been spent designing, implementing and testing Backup Control Centers for the purpose of business continuity in the face of major or minor disaster. While proven to be effective in a disaster, the full operational transition to a backup control center is unnecessarily disruptive and potentially exacerbates a minor incident if the incident can be avoided in the first place. Several recent technical and human factors advancements are now available for the automation of pipelines and adjacent process industries that enable the next generation of main control center operation. Significant reductions in the frequency of abnormal situations have been attained by understanding and addressing the root causes of all events that involve people, process and equipment. The result is best-in-class availability of the main control center and smooth, predictable response to all events, including low-frequency, high-impact events. These advancements are not bolt-on, custom applications, but rather integrated into the core SCADA solution and the core workflow of operations.

Abnormal Situation Management
Today’s pipeline regulations, such as the PIPES Act of 2006 and subsequent CFR changes came in place between 2006 and 2011. In anticipation of such increased expectations, the Abnormal Situation Management (ASM®) Consortium was formed in 1994, based on research started in 1989. The ASM Consortium is a group of leading companies and universities involved with process industries that have jointly invested in research and development to create knowledge, tools and products designed to prevent, detect and mitigate abnormal situations that affect process safety in the control and SCADA operations environment. By working together to understand and mitigate abnormal situations, fundamental improvements in safety, reliability and efficiency have been attained at an overall low cost to industry.

Root cause analysis in over 20 sites showed that equipment factors account for an average 36 percent of incidents. This includes degradation and failures in equipment, which are often preventable. Process factors account for an average 22 percent of incidents, including process complexity, types of materials and manufacturing,  and state of operation—steady state vs. startups, shutdowns and transitions.  These are mostly preventable. People account for an average 42 percent of incidents. The organizational structure, communications, environment, and documented procedures and practices play a role in operator response. These are almost always preventable. The majority of these incidents are due to the actions or inactions of people.

Over the course of the last 20 years of ASM research, 45 best practice design principles were developed, published and adopted by leading vendors and operators to fundamentally mitigate root causes across categories including equipment, process and people. Honeywell has adopted these principles as core offerings across our SCADA and related portfolio.

Effective Console Operator HMI Design Practices
The HMI that is compliant to ASM and API RP 1165 incorporates features developed from extensive consideration of human factors and cognitive research. Optimal operator situational awareness, minimized fatigue, rapid identification and response to abnormal situations are the primary goals of the ASM HMI. Several case studies have shown intuitive ASM displays to enable all operators to perform at the same responsiveness and consistency as the best operator. These attributes include:

  • Use of bright colors exclusively for alarms and critical process data drawing the operator/pipeline controller’s focus where it is needed
  • Animation that is used exclusively to bring process-critical or safety-related information to the foreground and to the attention of operators
  • Tabbed navigation linked with varied levels of detailed graphics with indication of active alarms
  • Pan and Zoom displays with a thumbnail view for situational awareness by including active alarms across the full display, not just what is currently in view
  • Advanced trending and graphics that promote rapid early event detection
  • Advanced shapes for temperature, pressure, level and flow values and control
  • Displays and trends that include the current target operating envelope so the operator/pipeline controller always knows where a variable should be for optimal performance rather than waiting for an alarm after you move across a boundary

Effective Alarm Management Practices
Effective management of alarms, particularly in alarm flood situations, is a key aspect of operator/pipeline controller effectiveness and the basis of alarm management recommended practices such as EEMUA Publication 191, ISA-18.2 and API RP 1167. Optimal alarm workflow includes:

  • Ability to filter, sort and add comments
  • Routing to other users via e-mail and SMS
  • Next generation alarm interface leveraging the innate benefits of processing patterns, dramatically reducing the time needed to diagnose and resolve upsets
  • Dynamic Alarm Suppression based on preconfigured rules
  • Alarm Shelving to temporarily remove problem alarms to avoid conflict with critical activities
  • Quick access to information on the cause of the alarm, the alarm impact potential and the recommended actions to address the alarm

Effective Procedural Practices
ASM research shows that incorrectly executed procedures contribute to many abnormal situations. Procedures are often complex and executed infrequently. Automating or semi-automating procedures addresses the inconsistency in procedure execution. The current best practice is to integrate procedural operations into the relevant SCADA displays, making it easy for operators to use compared with the standard operating practice (SOP) manual. These well-designed procedures capture the best operator practice, enabling all operators to perform the same way. Steps include manual changes that are confirmed by the operator and transitions that require the process to be in a particular state.

Shift Change
One of the most disruptive daily events in the control center is shift change. Inconsistencies in log books, communications and handover are common. It is not surprising that more abnormal events occur in the period following shift change than any other time during the shift. A best practice leverages an electronic logbook designed to log key information and facilitate effective handover communications. Tight integration with the SCADA system, alarm management and procedural operations makes it more likely that key information is not omitted and the transition to the next shift is smooth.

Managing multiple pipeline assets with Distributed System Architecture (DSA)
A common challenge in pipeline SCADA is managing large complex systems and incrementally scaling these systems over the lifecycle of the asset. It may be required to have multiple SCADA systems, such as one for each pipeline asset and one for each compressor station. Often, assets are acquired over time and a legacy of different brands of SCADA is brought into the enterprise. Attempts to integrate the SCADA from various assets and sub-stations are typically very constrained by generalized industry protocols and interfaces such as OPC.  Advancements in distributed system architecture provide multi-site, tight integration of clustered SCADA systems so that they function and appear to operators as a single, cohesive system. DSA supports zero engineering of remote tags, an integrated security model that retains individual user permissions, integrated alarms and acknowledgements, and efficient publish-subscribe algorithms. These advancements are enabled by a true global database for tags, alarms, functions and events that also supports seamless expansion and scalability from small point counts up to the world’s largest systems. DSA supports all permutations of hierarchical and peer control room strategies, as well as Backup Control Center. DSA is the best foundation for Collaborative Work Environment and Remote Operations strategies.

Improving Security of Pipeline Assets
Given the rise in number and increasing sophistication of attacks and threats, it is critical to have cyber security protection built in to the SCADA system rather than an afterthought added later. The old approach of building a hard shell with a soft core results in multiple avenues for outside attacks. The best practice starts at the core, embedding security into the infrastructure employing the same rigorous processes that are designed for safe industrial operations. In addition, the current state-of-the-art approach employs layers of proven solutions to strengthen industrial cyber security with a portfolio of security controls supported by a team of global experts and sustained by technology. Leading vendors are playing a key role in developing industry standards.

Effective security requires effective integrated physical security. Standalone security systems deployed across a pipeline pose a challenge to operators requiring them to access information from multiple systems when needed. Geographically distributed sites integrated into DSA allows autonomous security systems to communicate alarms and cardholder information, enabling multiple facilities to be operated in an efficient and consistent way across the entire organization without sacrificing the independence of each site. Effective integration into the operator’s SCADA HMI increases incident detection rates and improves response times during an incident or emergency, while reducing operator workload and dependency on manual actions by enabling automated actions in one system. In addition, digital video and analytics, tightly integrated with SCADA, can now allow cameras to function as process sensors. Digital video that is specifically designed to integrate at the database level embeds alarms, events and digital recording triggers natively to the control system, adding another dimension of situational awareness for improved response time and decision-making.

No pipeline is truly safe without holistic security. The final layer of defense is operator and station based security. Specific levels of access and permissions are assigned to individual operators/pipeline controllers based on responsibility. Complete operational integration of cyber Third Party Interference (TPI) protection, physical TPI protection, access control and operator security in a single dashboard provides the only truly integrated safety and security solution for the process automation industry, while not being overly intrusive to normal operations.

Simplified SCADA Configuration with Equipment Templating
Cost, schedule and management of change are key criteria when selecting a SCADA system including the initial configuration and expansion over time. Intersecting this trend is API RP 1168, “Recommended Practice for Pipeline Control Room Management”, where section 7 is on SCADA system management of change, including a configuration audit log. Equipment templates radically simplify all aspects by enabling configuration by equipment rather than by points. Through a simple template driven concept, templates can include all the related SCADA configuration for that equipment – all the points, any calculations, display elements, trend definitions, relationships, such as what is upstream/downstream, key parameters for this equipment,  operations task based filters, plus the SCADA communication setting for the RTU or PLC. It is then possible to configure a system by adding a single piece of equipment, requiring just a few details, instead of separately building many points and operator displays. Working with upstream oil and gas customers, Honeywell monitored how operators were managing their wells. It was observed to be a very labor intensive process for the tasks being performed and, ultimately, other tasks that could add more value were sacrificed. By using task based filters, configured as part of the equipment templates specifically for that equipment, finding the wells that needed attention could be completed in minutes instead of hours with true exception based monitoring. As best practice evolves, the task filters in the template just need updating. Due to the inherent consistency, every operator becomes your best operator.

A critical component of pipeline automation is integration with RTUs and other field devices. Many legacy RTU offerings currently used in upstream and pipelines are very dated. This motivated Honeywell to introduce a new RTU in 2014, engineered to be best in class, that complements our high availability and low long term cost SCADA platform. A few of the design objectives include lowest power consumption in its class, largest processing capacity, operating temperature range up to 75C, built-in HART I/O, very flexible communications and bulk automated configuration. The HART feature allows pipeline operators to deploy intelligent pipeline instruments that can be remotely diagnosed and maintained, as well as enabling more effective Reliability Centered Maintenance strategies.

Several technology advances inspired by two decades of fundamental abnormal situation research have been discussed. Collectively, these modern technologies and practices have been proven to reduce incidents in the main control center by more than 30 percent and sustain safe, optimal availability. Furthermore, capturing best operator practices in a procedural operations framework and equipment based templates helps retain best practices for future generations. Implementing these best practices in an infrastructure that supports bulk configuration and scales at pace with the growing operation, promotes minimal disruption over the lifetime of the asset.

About the Author
Randy Miller started his career in 1985 as an Instrumentation Journeyman working in the Judy Creek oil and gas field near Swan Hills, Alberta, Canada for Esso Resources Canada Limited. Here he was engaged in basic instrumentation, radio telemetry, chromatograph maintenance in the oil field and gas plant. After completing his B.Sc. and M.Sc. in Chemical Engineering at the University of Alberta in 1995, Randy then spent three years with Mitsubishi Chemical Corporation at their Development and Engineering Research Center in Mizushima, Japan. Here he led the control strategy analysis and design for several novel chemical processes. This work resulted in ten international patents and 15 publications. Since 1998 Randy has been with Honeywell Process Solutions in Thousand Oaks, California. At Honeywell, Randy has taken on many different roles in applied research, product development, product management, sales, business development and sales management. In his current role of global marketing director, he leads product portfolio strategy and business growth in the gas value chain.

Back to top
Posted in:
Related Portals:
Process Automation, SCADA & RTU