Introduction

Can wireless technology be used for enhancing plant safety? The answer is YES. However, different wireless technologies may best be suited for particular types of applications, especially for safety applications. It also depends on what particular type of safety application is suitable and/or tangible for using wireless technology. 

First, let’s take look what type of safety applications are suitable and tangible for using wireless technology.

The ISA84 committee was established to develop standards and technical reports for use in applying Electrical/Electronic/Programmable Electronic Systems (E/E/PES) for use in process safety applications.  The ISA84 Working Group 8 (WG8) and ISA100 (Wireless Systems for Automation) committee have a joint partnership to address wireless technology for safety applications. The ISA84 WG8 developed the Technical Report, “Guidance or Applications of Wireless Sensor Technology to Non-SIS Independent Protection Layers”. This Technical Report documented guidance and considerations for users in application and implementation of wireless sensor technologies for full non-Safety Instrumented System (SIS) processes and Independent Protection Layers (IPL).  The recommendation is not intended for the use of wireless as a Safety Instrumented Function (SIF). At the same time, the Technical Report clearly indicated that “wireless system is sufficiently robust to support meeting the requirements of a Non SIS IPL”.  Therefore, industrial applications such as Process Monitoring & Control, Asset Health Monitoring & Analytics, and Safety Related Alerts & Alarms, are suitable applications for wireless technology. Today, the top use case of wireless for safety applications are used for safety Alerts & Alarms. Those applications include gas detection, fire prevention, level detection, safety showers, etc.

In order to support safety related Alerts & Alarms applications, it requires wireless communication at high reliability and high availability.  That means wireless communication should be able to support a safety-related communication method such as IEC 61784-3; and should be sufficiently controlled over the deployment environment; and should support the right parameters in the network settings and configurations as derived during site surveys and commissioning work.  Let’s take a look at some of the critical requirements for wireless networks for safety applications.

Quality of Service (QoS) Through Limits for Bandwidth, Latency, and Priority is Essential

QoS are very important for managing the network traffic effectively, especially for battery powered wireless local area networks. QoS can set a priority for data packages from devices to the server based on its service and applications. In the field, not all sensors are equally important. Even the same type of sensor may play a different priority based on its service and applications.  It is essential to control QoS in order to prioritize different types of data traffic from sensors as well as networks.  For safety-related data, this is important to give priority, reserve bandwidth to ensure low latency compared to other types of data. ISA100 wireless has two levels of priority: message priority and contract priority.  This is one of the essential features to support safety-related applications.

Latency and Availability – to support safety applications, it requires wireless system that are highly available and highly reliable with manageable, low and deterministic latency that also balance battery life

The data latency in a wireless sensor network is the time between the acquisition of a measurement value and the delivery of that data via the wireless network to a gateway.  The percentage of value received within the required response time can be measured per device or for an overall system. High availability means communication patterns allow for fast response times with little/no loss of package.  It requires balanced with battery lifetime for wireless applications.  It requires long maintenance intervals with little/no drift in between test intervals.  High reliability means no false alarms and suitability for SIL applications.  In order to manage the latency of the network, the wireless technology should effectively support multiple topologies especially star topology.  Self-organizing mesh topology can be very difficult to predict time delay.  It is not recommended to use for safety applications. Therefore, the single wireless system should support flexibility and mix type of topologies based on its applications needs. To enhance the availability, the redundant network path is recommended.  ISA100 wireless build in “Duocast” feature for serving this purpose.

End-to-end safety protocol to support communication of devices from multiple vendors in one system (interoperability) in an Open Architecture environment

Layered open architecture should obey the ISO/IEC Open Systems Interconnection (OSI) methodology. One key concept of OSI methodology is to split the communication into seven abstraction layers based on the communication functions such as a Physical layer, Date Link layer, Network layer, Transport layer, Session Layer, Presentation Layer, and Application layer. The goal is to support the interoperability of diverse communication systems with variety standard protocols. Each layer serves the layer above it and below it. Each layer is designed functionally independent, therefore, when any layer of technology changes, the layer above or below can have little/no impact.  Since process control industry has many legacy applications protocols, the concept of having independent layers are essential for today and future to approve. One great example is ISA100 Wireless technology that is able to support ProfiSAFE as the application on top of the ISA100 communication infrastructure.

Security – integrity and encrypt wireless communication

The ISA100 wireless standard has well-considering security features such as Authentication, Verification (Integrity Check, TAI--atomic international time), Encryption, Access Control, Key Management, etc. Those features are well designed to protect against Sniffing, Tampering, Spoofing, Replay Attack, Routing Attack, and Denial of Service (DOS) Attack. In general, DOS in wireless needs to be considered in two parts: unintentional interference (coexistence) and intentional interference (denial of service attack). The common strategic methods are spread across a spectrum modulation, using redundant routing, channel blacklisting, Listen Before Talk (in ISA100 this feature is configurable), diagnostics based on radio signal strength and indicator, data quality diagnostics, also network diagnostics. Pick a wireless technology such as ISA100 wireless with a built in capability of “Clear Channel Assessment” to mitigate potential interference from other wireless technology or sometimes environment.

Well-Designed Network – follow network design with common best practice to achieve comparable level of performance

It is critical to closely adhere to a manufacturer’s best practice when designing and laying out a wireless sensor network.  Some points of consideration are: always conservative communication ranges and design network with plenty of margin; well-considered network design while specifying the reporting rates of each sensor base on the device and router battery capacity, wireless channel capacity, infrastructure capacity; control hop depth; design path redundancy; avoid bottlenecks; use network layout and simulation tools; documentation; etc. Because most of the sensors are battery based, battery management is one very important consideration.  Not only sensor data rating consumes power, the network design also very much affects battery life for a self-organizing mesh network.  Avoid communication bottlenecks that can dramatically improve battery power and predict battery life.

Successful Application

Today, one of the very successful applications is using ISA100 wireless technology for gas detection.  ISA100 wireless technology is designed to support a wide range of applications from monitoring to safety alerts and alarms.  Using ISA100 wireless technology, Draeger developed an innovative SIL2 certified wireless gas detector. By partnering with Draeger, Yokogawa developed the world first SIL2 certified wireless gas detection system. It used black channel method to support ProfiSAVE over ISA100 wireless.  See Figure 1.   

The Black channel principle includes three major elements:  independent of the communication method; covers the entire communication path from the sensor to gateway needs to support ProfiNET; protects for eventual failures in communication to SIL capability. If it is used in the SIL environment, an error handling mechanism needs to address safety related protocol that need to be able to mitigate a range of errors such as repetition, deletion, insertion, resequencing, data corruption, delay, addressing, etc. Today, the combination of ISA100 and ProfiSAFE has reached this status.

This wireless SIL2 gas detection system has been deployed all over the world.  It is one of the most successful wireless applications to adopting wireless for safety. 

For successful applications examples by end users, please visit the IS100 WCI website at https://isa100wci.org/en-US/News-Events/Past-Events/ISA100-Wireless-End-User-Conference-Rotterdam,-The. 

PETRONAS has also done research study on using ISA100 wireless to enhance offshore platform safety. The applications paper can be downloaded from the following link. https://isa100wci.org/en-US/Learning-Center/White-Papers/PETRONAS-Research-Study.

Read other articles on safety and security here.