What is the ideal availability for an operational application? The exchange of data from control systems via the existing IT network is ubiquitous. But who is concerned with ensuring this availability?
Who hasn’t experienced the following scenario in practice: systems and applications have to share information with each other within the company? Every technician has already had to face such challenges. For example, systems in hall A have to exchange data with systems in hall B, or decentralized systems have to communicate with a central master computer.
There are various options here, such as the use of wired bus systems, connection via gateways to the company’s own IT network or wireless connection via radio/WLAN. In my experience, systems that communicate via bus cabling are the most secure. However, this method requires the installation of cabling systems, the laying of countless meters of cable and possibly the creation of firewalls, which can be time-consuming and expensive. In recent years, this complex installation has been replaced by the use of the existing IT network. By using gateways that migrate the fieldbus level to the network, systems and machines can communicate with each other over long distances without the cost and effort of bus cabling.
Hand on heart: when choosing the communication path, who has ever thought about how secure the application is when transmitting data?
| HRG class | Description | Explanation | |
| AEC-0 | Conventional | Function may be interrupted and data integrity is not essential | |
| AEC-1 | Extremely reliable | Function may be interrupted, but data integrity must always be guaranteed | |
| AEC-2 | High availability | Function may only be interrupted minimally or within defined times during main operating hours | |
| AEC-3 | Fault-resistant | Function may only be interrupted outside defined operating times / main operating times at most | |
| AEC-4 | Fault tolerance | Function must be maintained at all times, 24/7 operation (24 hours, 7 days a week) | |
| AEC-5 | Disaster-tolerant | Function must be guaranteed even under unusual circumstances (e.g. in the event of a disaster) | |
Availability of the application
The availability of each task should be determined before the communication channels are defined. The Harvard Research Group’s Availability Environment Classification (AEC) is a good point of reference here. The availability can be divided into HRG classes (AEC-0 to AEC-5).
Let’s take a look at practical applications and try to assign them to an HRG class:
-
- In an energy data management system (EDM), the measured values from measuring devices/meters and other signals are usually transferred to the network and the software database via gateways. At first glance, this may seem like an unproblematic application. On closer inspection, however, it becomes clear that measured values that are not transmitted can lead to incorrect billing, inaccurate evaluations and misinvested resources.The visual energy EDM system from KBR works exclusively with measuring devices, meters and measurement sensors that have an internal memory of at least 4 weeks. This means that in the event of a temporary network interruption, the missing load profiles can be subsequently transferred to the database. For this reason, classification in the AEC-0 or AEC-1 category can be considered here.
However, if an EDM is used that has no internal memory in the measuring sensors for meter reading, it must be classified in category AEC-4. - For commercial and industrial companies, the grid connection and energy supply contract stipulates that the highest 15-minute active power that has occurred once a year is billed.
An energy optimization system is used to minimize the costs of providing power. This system continuously monitors and regulates the energy consumption and thus enables the power peaks to be reduced.This is usually a decentralized solution. Input and output modules are installed at various points in the plant, and these modules can be connected to the central multimax energy optimization system either via bus cabling or using gateways via the existing network. If the network is not available during a quarter of an hour of high power consumption, no optimization can be carried out on these consumers. This can lead to considerable financial losses in the four to five-digit range. Energy optimization therefore falls into the AEC-4 category. - The use of reactive current compensation sometimes requires the control unit and the compensation system to be installed at different locations in the plant. The modular multicomp D6 reactive power controller from KBR can be installed at a remote location from the actual system using a bus system. At first glance, this may seem like an unproblematic application (e.g. falling into the AEC1 category). In practice, however, a failure can be critical, especially if the current consumption of the operation would exceed the power limit of the transformer switch without the reactive current compensation. In such a case, there is a risk of a complete shutdown. In this case, classification in category AEC-4 would be required.
- In an energy data management system (EDM), the measured values from measuring devices/meters and other signals are usually transferred to the network and the software database via gateways. At first glance, this may seem like an unproblematic application. On closer inspection, however, it becomes clear that measured values that are not transmitted can lead to incorrect billing, inaccurate evaluations and misinvested resources.The visual energy EDM system from KBR works exclusively with measuring devices, meters and measurement sensors that have an internal memory of at least 4 weeks. This means that in the event of a temporary network interruption, the missing load profiles can be subsequently transferred to the database. For this reason, classification in the AEC-0 or AEC-1 category can be considered here.
| Availability class | Reliability | Minimum availability | Downtime per month | Downtime per year | |
| VK0 | Without guaranteed availability | ||||
| VK1 | Normal availability | 99,0 % | < 8 h | < 88 h | |
| VK2 | Increased availability | 99,9 % | < 44 min | < 9 h | |
| VK3 | High availability | 99,99 % | < 5 min | < 53 min | |
| VK4 | Maximum availability | 99,999 % | < 26 sec | < 6 min | |
| VK5 | Availability under extreme conditions, even in the event of force majeure | ||||
Conclusion
There are numerous other application scenarios where the availability of the application should be carefully checked. In practice, most people neglect these considerations, even though network outages are unavoidable. In order to become aware of downtimes, let’s take a look at the availability classes of the German Federal Office for Information Security:
A “normal availability” means that the application can theoretically be down for up to 88 hours per year! If we look at the previous example of energy optimization, where every 15-minute value has to be managed throughout the year, a potential downtime of up to 88 hours is simply unacceptable.
This highlights the critical importance of carefully considering the availability of my applications. Only after this consideration can the communication channel be selected.