The focus of the work of this Cand. scient. thesis has been placed upon understanding and developing a concept for using digital communication in safety-critical applications. It is increasingly common to use programmable technology in a safety-critical control system. These new software-based components are in many cases replacing existing hard-wired and analogue components that have safety-critical functions. Implementing these software-based safety-critical systems require more in-depth methods and concepts than what traditionally has been used in software engineering.
I have concentrated my studies around problems concerned with using fieldbus technology between the subsystems in a software-based safety-critical system. During the work on this thesis I have had to acquire a substantial amount of knowledge about subjects not previously covered in my studies. I have gained knowledge about industrial process control systems, safety-critical systems, international IEC standards for safety systems, various fieldbus technologies, coding theory and hardware related programming. The basic knowledge required to appreciate the contents of this thesis is presented as background information in the introductory chapters. One of the main goals of this thesis has been to analyse and find out if it is possible to implement a safe communications protocol for Foundation Fieldbus fulfilling the stringent requirements of a SIL 3 application. My studies are based on a concept of a general communication protocol called a "Safety Layer." A safety layer defines methods for increasing the probability of detecting errors that may occur between two communicating fieldbus devices. The safety layer’s objective is to make the transmission "safer" between two nodes in a fieldbus network. This involves enabling the communication parties to determine that messages have the right value, they are sent in the correct sequence and to the right time and have correct origin/destination. In my thesis I have further developed the basic idea behind the safety layer in a general sense so that it can in principle be used on top of any communication protocol to provide safe communication.
This study has furthermore been extended with an implementation of a safety layer prototype for Foundation Fieldbus. The purpose of this implementation is to demonstrate how Foundation Fieldbus can be made safer and that the concept and ideas of the general safety layer are feasible. The protocol incorporates a method for enabling two-way communication between two function blocks and new CRCs for improved error detection. The choice of generator polynomials for these CRCs has been based on probabilistic considerations. The safety layer also specifies a communication mode that sanctions transmissions of amounts of data larger that the maximum allowed transmission unit. The implementation of the safety layer is unique in its kind. Similar work has never before been done for Foundation Fieldbus.
I do not assume any liability for any accidents, loss or damage caused as a result of any errors or omission in this thesis.