The Emergency Shut Down or ESD system operates only there is a failure in the plant. ESD can by-pass the system in order to keep the plant running if there is a failure in the system.
There are two types of ESD system:
Dual redundant Emergency shut down PLC system
Triple Redundant Emergency Shut down PLC system
Dual Redundant Emergency Shut down PLC system:
There are two identical parallel PLC systems in dual ESD system as shown in above figure. Both work simultaneously.
The program written in the system is applied to both the microprocessor.
Plant operates until the field inputs are correct. If there is an input failure then both the PLC detects this and output control element will shut down the plant. Because there is only a less chance for failing the both PLC.
And if there is a fault in one of the PLC systems then the PLC will indicate it, but will not cause a shut down because the good system will still hold the output control elements in the correct position.
Dual redundant ESD system is used in oil/gas production unit.
Triple Redundant Emergency Shut down PLC system:
Triple redundant ESD system is an advanced ESD system only used where the highest safety is needed. It is much more secure and it ensures plant only shut down because of the plant failure but not because of an equipment failure.
Here PLC command shut down if one or none gives the correct output, which improves the reliability. The plant continues the running if 3 or 2 of the parallel systems are working correctly.
All the units have fault indicators so that they can be changed if one of the systems fails and the system continues to work using the good units.