Banafsheh Hajinasab Based on presentation by K. Strnisa, Cosylab

Slides:



Advertisements
Similar presentations
SERVICE MANAGER 9.2 PROBLEM MANAGEMENT TRAINING JUNE 2011.
Advertisements

Control System Studio (CSS)
Introduction to Alarm Handlers Randy Flood Karen Schroeder AOD/OPS.
Jan Hatje, DESY AMS – Alarm Management System PCaPAC AMS – Alarm Management System and CSS – Control System Studio Update PCaPAC 2008 J.Stefan Institute,
Best Ever Alarm System Toolkit Kay Kasemir, Xihui Chen, Katia Danilova SNS/ORNL April, 2013.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Jan Control System Studio Training - Alarm System Use.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS April 2013 Control System Studio Training - Alarm System Use.
 Once the system has been installed it will be monitored to check whether it is working correctly. Sometimes problems with a system will not be found.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Oct EPICS Meeting, PAL, Korea Control System Studio Training.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS Oct EPICS Meeting, PAL, Korea Control System Studio Training.
EPICS EPICS Limitations Bob Dalesio Marty Kraimer.
1 1999/Ph 514: Flow of Control EPICS Flow of Control Marty Kraimer APS.
M1G Introduction to Programming 2 3. Creating Classes: Room and Item.
Matthias Clausen, Jan Hatje, DESY CSS Overview – Alarm System and Management CSS Overview - GSI, 11 Februrary CSS Overview Alarm System and CSS.
1 EPICS Flow of Control: EPICS Workshop at IHEP, Beijing, August 2001 EPICS Flow of Control Marty Kraimer APS.
Managed by UT-Battelle for the Department of Energy Kay Kasemir ORNL/SNS 2012, April at SLAC Control System Studio Training - Alarm System.
Managed by UT-Battelle for the Department of Energy Quest for the Best Ever Alarm System Tool Kay Kasemir Oct
Best Ever Alarm System Toolkit Kay Kasemir, Xihui Chen, Katia Danilova, SNS/ORNL ICALEPCS 2009, Kobe, Japan, Oct 2009.
Defects of UML Yang Yichuan. For the Presentation Something you know Instead of lots of new stuff. Cases Instead of Concepts. Methodology instead of the.
Orders – Create Responses Boeing Supply Chain Platform (BSCP) Detailed Training July 2016.
Emdeon Office Batch Management Services This document provides detailed information on Batch Import Services and other Batch features.
Chapter 19: Network Management
Architectures of Digital Information Systems Part 1: Interrupts and DMA dr.ir. A.C. Verschueren Eindhoven University of Technology Section of Digital.
The 8085 Microprocessor Architecture
Software Specification and Configuration Management
Integration Testing.
8085 Interrupts LAKSHMI.B.E..
Ping™ 6.
Clocks A clock is a free-running signal with a cycle time.
Receiving New Lending requests
Single-Area OSPF 1 Cisco Networking Academy program Routing Protocols
ATLAS MDT HV – LV Detector Control System (DCS)
How SCADA Systems Work?.
Georgia Gkioka TE-VSC-ICM National Technical University of Athens
The 8085 Microprocessor Architecture
LCGAA nightlies infrastructure
Introduction of microprocessor
Multiprocessor Cache Coherency
Configuring EtherChannels and Switch Troubleshooting
Troubleshooting IP Addressing
Module 1: System Overview
GTS WebSocket General Guide
Chapter 2: Database System Concepts and Architecture
Completing the tasks for A452 with….
Interrupts Interrupt is a process where an external device can get the attention of the microprocessor. The process starts from the I/O device The process.
Instructor: Alexander Stoytchev
This presentation document has been prepared by Vault Intelligence Limited (“Vault") and is intended for off line demonstration, presentation and educational.
Control System Studio (CSS)
PLC / SCADA / HMI Controllers: Name : Muhammad Zunair Comsats University Date: 28-October-2018.
Digital Chart Recorder Operation
Control System Studio - CSS - Alarm Handling
The 8085 Microprocessor Architecture
GUI Design 24-Feb-19.
RF Local Protection System
ECE 352 Digital System Fundamentals
ECE 352 Digital System Fundamentals
Channel Access Concepts
LHC BLM Software audit June 2008.
Model, View, Controller design pattern
Chapter 22 Object-Oriented Systems Analysis and Design and UML
Coherent caches Adapted from a lecture by Ian Watson, University of Machester.
CREE: HEIRPORT lite Welcome screen:
ECE 352 Digital System Fundamentals
Operation of Target Safety System (TSS)
Commissioning the European XFEL cryogenic system and best practice
Chapter 13: I/O Systems.
Alarm information in CS-Studio
Exceptions and networking
This presentation document has been prepared by Vault Intelligence Limited (“Vault") and is intended for off line demonstration, presentation and educational.
Chapter 13: I/O Systems “The two main jobs of a computer are I/O and [CPU] processing. In many cases, the main job is I/O, and the [CPU] processing is.
Presentation transcript:

Banafsheh Hajinasab Based on presentation by K. Strnisa, Cosylab BEAST Alarm Tool Banafsheh Hajinasab Based on presentation by K. Strnisa, Cosylab www.europeanspallationsource.se February 14, 2019

Outline Purpose of alarms General alarm principles BEAST architecture BEAST graphical interface Alarm system configuration

Purpose of Alarms Meant for problems that require thinking ALARMS ARE NOT AN INTERLOCK SYSTEM Meant for problems that require thinking Notify the operator about a problem Help the operator Must not confuse

Purpose of the Alarm Tool - BEAST Help the operators handle alarms correctly Display Reason for alarm Offer guidance Alarm details Graphical view of hierarchical alarm structure Connect to with tools related to the solution Log alarms and operator actions

Cause For Alarm Deviation from tolerance band for PV Hardware or software error LOSS OF COMMUNICATION Triggered by PVs in the database

Severity And Status There are two parts to an alarm: alarm status severity of that alarm status Status and severity are determined in the database Alarm status and severity are set and checked whenever a record is processed.

Alarm Severity SEVR field of a record – the severity of alarm condition The alarm severity can take one of four values OK: The record is not in alarm. MINOR: Lowest alarm severity. MAJOR: Highest severity condition. INVALID: Invalid data or no communication. This is the highest severity condition.

Alarm Status STAT field holds alarm state of the record, what caused the record to go into alarm STAT field can have one of more than 20 values HIHI HIGH LOW LOLO READ WRITE LINK ...

Alarm States (not status) Three alarm states OK ALARM ACKNWLEDGED Different ways of handling transitions Latching Non-Latching

Latched Alarms Alarm are typically configured to "latch" and behave as shown in the first state diagram. Assume that the alarm is initially OK. As soon as an alarm trigger PV sends for example a MINOR alarm severity, the alarm system will latch the time and value of that occurrence and display the alarm in the user interface. If the alarm was configured for annunciation, the alarm description will be annunciated. Ideally, an operator investigates the alarm, fixes the underlying reason, acknowledges the alarm, the PV returns to OK and the alarm clears. In reality, other things can happen. The PV might only cause a brief nuisance trip, then quickly return to OK on its own. Or the PV might goes in and out of alarm. Either case really indicates a problem in the alarm trigger PV. Still, the alarm system latches the alarm at the original occurrence and annunciates only once to reduce 'chatter’. If the alarm re-occurs while the original alarm is still not acknowledged, it is not annunciated again because we assume that operators are still investigating the initial alarm, or just too busy to look at any alarms right now. In either case, another annunciation would only cause noise. The alarm system can also be configured with delays to only alarm if the trigger PV persists for a certain time, which can be used as a workaround for less than perfect alarm trigger PVs. When a MINOR alarm is followed by a MAJOR alarm, or generally a higher level alarm, that causes another annunciation because it is considered a different, more important situation. On the other hand, if an INVALID alarm relaxes to MAJOR or generally a lower severity, the display will update to reflect the 'current' severity but the alarm severity remains latched to the highest alarm level. Acknowledging an alarm means to acknowledge the current alarm severity. Acknowledge Example 1: A trigger PV goes MAJOR, alarm system goes into MAJOR alarm. When acknowledged, the alarm is MAJOR-acknowledged. Should the PV relax to MINOR, the current state of the alarm will be MINOR, but the overall alarm state stays at MAJOR-acknowledged. If the PV actually cycles between MINOR and MAJOR, there will be no new annuncuations because the operator already acknowledged the MAJOR alarm. Finally, once the PV clears to OK, all will be OK. Acknowledge Example 2: A trigger PV goes MAJOR, alarm system goes into MAJOR alarm. Operator looks at the problem, improves the situation but can't fully fix it, yet, so the PV stays in MINOR alarm. The alarm system will show that there was a MAJOR alarm, and right now the PV is still in MINOR alarm. When acknowledged, the alarm system state changes to MINOR-acknowledged. If the PV clears to OK, all will be OK. On the other hand, should the PV go back into MAJOR alarm, this would cause a new annunciation because we only acknowledged when the PV was at a MINOR severity level. Acknowledged alarms are less visible in the alarm system user interface so that new, not-yet-acknowledged alarms are more obvious. Operators can manually un-acknowledged alarms, which might be useful to make them more visible again when trying to decide how to handle several alarms. In summary, acknowledging an alarm means to acknowledge the current severity of the PV, and an alarm will fully 'clear', i.e. disappear from the alarm table when the alarm trigger PV returns to OK and the alarm is acknowledged. However the whole process is always logged.

Non-Latched Alarms The second diagram shows the behavior of alarms that are not configured to latch. You will notice that it is very similar to the latched alarm behavior except that non-latching alarms do not require acknowledgement. They may be acknowledged to remove them from the list of 'active' alarms, but they clear automatically once the trigger PV relaxes to "OK" without requiring a manual alarm acknowledgement. The difference is actually only one extra automatic state transition, noted in the diagram. Typical use cases for non-latching alarms: *Something else in the control system already latches the alarm trigger PV. For example, the alarm trigger PV could be an "overtemperature" indicator of a power supply where the power supply already latches this indicator until it is reset at the power supply. *A trigger PV is known to cause frequent brief alarms, and it would be too much work for operators to acknowledge each occurrence. In this case, configuring the alarm not to latch is a workaround, but in an ideal world you would fix the root cause: Remove noise from the alarm trigger PV, or configure the alarm system with a delay.

Maintenance Mode Sometimes parts of the machine have to be turned off This will produce A LOT of alarms – mostly INVALID Implement automatic disabling in the database turn off every alarm manually Time consuming The alarm system has a special maintenance mode INVALID alarms are not annunciated INVALID alarms are automatically acknowledged If PV leaves the INVALID state it is considered a new alarm

Architecture Technically, the alarm system consists of several elements: IOC: Control System IOCs provide the Alarm Trigger PVs which indicate alarm conditions. Alarm Server The Alarm Server receives alarms from IOCs via Channel Access and sends alarm messages to a JMS Server. It also receives the acknowledgements from Alarm System GUIs. Most of the alarm logic is performed by the alarm server. It includes a Relational Database. It stores the alarm configuration as well as the current state of all alarms. The configuration includes information for the Alarm Server (what PVs to monitor, whether to latch or annunciate alarms) as well as the Alarm Client GUI (user guidance on an alarm, related display links). The Alarm Server also updates the current alarm state of each PV in the RDB. While the RDB is good for storing this type of information, it is technically unsuited for triggering GUI updates in response to alarm changes. The GUI would have to poll the RDB at a high rate to learn about alarm state changes. Instead, a more suitable Java Message System (JMS) is used to communicate alarm system changes. JMS Server: The JMS Server is the message bus that allows the Alarm Server, GUI, JMS2Speech to communicate. Alarm System GUI: The Alarm System GUI, basically a table and tree view of current alarms in CSS, allows users to view current alarms, acknowledge them, invoke operator displays related to the alarm, browse the alarm history, or change the alarm configuration. Annunciator - JMS2Speech: The Annunciator included in the CSS alarm GUI or an alternate stand-alone JMS2Speech tool is used to annunciate new alarms. Whenever a PV's severity changed to a higher severity, the PV's description will be annunciated once. JMS2RDB: This tool can write all JMS traffic to a Relational Database (RDB), allowing analysis of the most frequent alarms, reconstruction of the time line of a specific alarm, and more.

The Alarm Perspective A set of views related to alarm management Alarm tree Alarm table Message history Alarm related preferences

Alarm Tree Hierarchical view Sync with RDB configuration on the Alarm Server

Alarm Table

Message history

Conclusion Alarms are meant for situations that require the operator Conditions and severities configured in EPICS database Two basic types of alarms – Latching and Non-Latching BEAST tool is more than just a GUI

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.