User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo Building Automation System 6.2 - Technical Principles

Control concept

Superposed plant controls

CM110664en_07 77 | 353

Stage Function Action

1 Safety function Check AllLifeSafety plant operating modes.

2 Preview Checks if the aggregates in question can be switched.

3 Abort sequence Incomplete sequences are interrupted.

4 Reset sequence Switch off unneeded aggregates.

5 Step-up sequence Switch on the newly needed aggregates.

6 Monitor switch-on states Start monitoring of countdown of delay period.

Step 1: Safety function AllLifeSafety

If all switch commands for a given plant operating mode have the priority Life

safety, it is referred to as the AllLifeSafety plant operating mode.

A pending AllLifeSafety plant operating mode in the [ValPgm] is executed

immediately in all cases and maintained regardless of previously existing and

newly occurring faults in the plant – human life takes precedence over plant

safety.

If the AllLifeSafety mode includes switch-on commands, then the preset delay

times (Delay and Timeout) will be observed. However, in the case of the

Timeout setting, the switching sequence will continue even in the absence of

any feedback signal. Interlocks cannot therefore be guaranteed, with the

exception of local interlocks implemented via Priority 1 (life safety, manual).

Priority 1 (life safety, manual) cannot be overwritten in the AllLifeSafety.

Step 2: Preview Look Ahead

Before changing to a different plant operating mode, in which referenced blocks

are to be enabled, block CMD_CTL checks to ensure that all the aggregates can

actually be enabled. For this purpose, the entries in the priority array [PrioArr]

for the switching sequence blocks are checked in advance. If switch commands

of a higher priority are found to be active (e.g., a minimum switch-off time or

the OFF-command of a repair switch), then CMD_CTL waits to implement the

new plant operating mode until the full switching sequence can be

implemented. Only referenced blocks, for which a switch-on command exists in

the new plant operating mode, are checked, and only if the operating-state

monitoring feature has been enabled.

The following priorities are checked:

● Priority 1 [EnSfty/ValSfty], life safety, manual.

● Priority 7 [EnSwi/ValSwi], manual operation, e.g., manual switch.

● Priority 8 [EnOp/ValOp], manual operation, operating unit.

● Priority 6 [TiMinOff], minimum switch off time.

Priority 6 is checked only for a switch on command to determine whether the

aggregate is still within the minimum switch off time. In this case, it waits until

the switch off time expires and only then switches on.

There is no Look Ahead for Desigo 7.

Priority 4 (plant safety, manual [EnCrit/ValCrit]) is not considered during the

check, since local mutual locking via data flow interconnection, such as

depicted in the figure

Cross-aggregate interlocking of damper/fan

, would

change this value during the switch-on process.

The present operating mode remains until it is certain that all impacted

aggregates with active operating state supervision can be switched to the new

set state. A process alarm is triggered in CMD_CTL of a monitored block is not

switched on. The exception value [EcptVal] is active as the new plant operating

mode in this case. The online diagnostics for the Plant Control Editors

determines which element is the cause of the fault.