K-WANG

+086-15305925923
Service expert in industrial control field!
NameDescriptionContent
Adequate Inventory, Timely Service
pursuit of excellence 
Ship control system
Equipment control system
Power monitoring system
Current position:
新闻动态
newS
   
Brand

Rockwell Automation ICS AADvance Controller

From: | Author:Wang | Time :2025-09-20 | 686 visit: | 🔊 Click to read aloud ❚❚ | Share:

Rockwell Automation ICS AADvance Controller 

Basic Information and Usage Standards

1. Scope of application and core objectives

Applicable products: AADvance controller series (T9100/T9110 processor modules, T9401/2 digital input modules, etc.) and supporting software (AADvance Workbench 1.4/2.1, AADvance Robust SIS Workstation 2.00), supporting system version 2.011.

Core objective: Define SIF safety application standards (mandatory) and recommendations to ensure that the system meets and maintains the required Safety Integrity Level (SIL), with a maximum support for SIL 3.

2. Key usage requirements

Personnel qualifications: Installation, configuration, operation and maintenance operations must be carried out by professionally trained personnel who are familiar with relevant regulations (such as IEC 61508, NFPA series standards).

Responsibility statement: If the device is used in a manner that does not comply with the manufacturer's regulations, the protective function of the device may become ineffective; Rockwell is not responsible for indirect/consequential damages, and the examples in the manual are for illustration only and do not represent actual application guarantees.

System core features and authentication

1. Core functions and security design

Application scenarios: Suitable for safety critical scenarios such as emergency shutdown (ESD), fire and gas detection, rotating machinery control, burner management, etc., while supporting non safety but business critical control requirements.

Security Capability:

Both fail safe and fault tolerant architectures are supported, and fault tolerance can be realized through two module (1oo2D) or three module (2oo3D) configurations.

Built in comprehensive diagnostic function, capable of detecting hardware/software faults. The faulty module needs to be replaced within the mean time to repair (MTTR) to avoid a decrease in SIL level.

Supports two configurations: "Power Loss Trip (DTT)" and "Power On Action (ETA)", and the number of modules needs to be selected based on SIL level and demand rate (high/low) (see Table 1).

2. Module configuration and SIL compliance requirements

Minimum module configuration for different application scenarios (simplified version of Table 1):

Application type, number of input modules, number of processor modules, number of output modules

SIL 2/3, Low/high demand, DTT 1 2 1

SIL 2, High demand, ETA 2 2 2

SIL 3, High demand, ETA 2 2 2

Note: The single channel digital output module includes a series switch. The DTT scenario supports SIL 3, while the ETA scenario only supports SIL 2; There are no three module output configuration options.

3. International certification and compliance standards

Functional safety certification: Compliant with IEC 61508 SIL 3, certified by an independent certification body.

Hazardous environment certification:

North America: Class I, Division 2, Groups A-D (UL 61010-2-201, CSA C22.2 standard).

Europe/UK: ATEX (DEMKO 11 ATEX 1129711X, Ex ec IIC T4 Gc), UKCA (UL24UKEX2993).

International: IECEx (certificate number IECEx UL 12.0032X).

Other compliance: Complies with industry standards such as EN 50156 (furnace control), EN 54 (fire alarm), NFPA 85/86/87 (boilers/ovens/fluid heaters), etc.

Safety lifecycle and management system

1. Safety lifecycle stages

The full lifecycle defined by IEC 61508 must be followed, with core stages including:

Scope definition: Clearly define system boundaries, interfaces (with processes/third-party equipment), and environmental requirements (such as temperature and power).

Hazard and Risk Analysis: Identify hazardous events, trigger sequences, and risk levels as inputs for safety requirements.

System Design and Engineering: Divide system architecture, define security requirement levels for each component, and refine hardware/software design.

Integration and Verification: The application is integrated with the controller to test and verify whether SIF meets SIL requirements (such as response time and fault handling).

Operation and Maintenance: Develop an operation/maintenance plan to ensure the SIL level is maintained during operation; Changes must be strictly controlled, and suspensions must follow safety procedures.

2. Requirements for Safety Management System

Policy and Planning: Functional safety policies need to be developed to clarify measures, responsibilities, and record management (including change control) for each stage of the lifecycle.

Personnel capability: Personnel qualifications need to be evaluated, including engineering experience, functional safety knowledge, regulatory familiarity, etc. Higher qualification requirements are required for high-risk scenarios.

Functional Safety Assessment (FSA): Led by senior personnel independent of the project, it reviews whether the entire lifecycle work meets the requirements.


System Architecture Design (SIL 2/3)

1. SIL 2 architecture

Fault safety architecture: single input (1oo1D), dual processor (1oo1D degraded), single output (1oo1D), triggering a safe state in case of a fault.

Fault tolerant input architecture: dual/triple input (1oo2D/2oo3D), dual processors, single output. When a single input module fails, it will operate in a degraded state while still maintaining safety functions.

High demand architecture: dual input, dual processor, dual output, ensuring that faulty modules are replaced within MTTR to avoid SIF shutdown.

2. SIL 3 architecture

Fault safe I/O+fault-tolerant processor: single input/output, dual/triple processor (1oo2D/2oo3D), downgraded in case of processor failure, dual fault triggers safe state.

Fault tolerant I/O architecture: dual input/output, dual processors, both input/output modules support 1oo2D degradation, suitable for high safety requirements scenarios.

TMR architecture: three inputs, three processors (2oo3D), dual outputs, with the strongest fault tolerance. A single module failure does not affect system operation. When there are two failures, it will be downgraded, and when there are three failures, it will trigger a safe state.

3. Secure network communication

SNCP protocol: SIL 3 certified "Black Channel" protocol, supports Ethernet transmission of secure data, achieves data exchange between controllers through "variable binding", and can be configured as single network (fail safe) or dual network (fault-tolerant).

Peer to Peer communication: Supports SIL 3 data transmission between AADdistance and Trusted controllers, based on master-slave mode, and recommends using redundant networks to ensure availability.

Installation and environmental requirements

1. Non hazardous environment

Environmental conditions: temperature -25 ° C~+60 ° C, pollution level ≤ 2 (IEC 60664-1, only non-conductive pollution, occasional condensation); The burner management application requires an enclosure protection level of IP40 (indoor)/IP54 (outdoor).

Installation requirements: The module should be installed vertically (ensuring natural heat dissipation), DIN rail or wall mounted, without the need for forced air cooling.

2. Hazardous environment

Special requirements:

The enclosure protection level is ≥ IP54 (IEC 60079-0/7) and must be marked with "Do not open when powered on".

Grounding wire cross-sectional area ≥ 3.31mm ², wire temperature rating ≥ 85 ° C, only supports vertical installation.

The temperature range is the same as non hazardous environments, and the pollution level is ≤ 2.


Operations and Security Assurance

1. Key daily maintenance items

Fault handling: When the processor/input/output module fails, it needs to be replaced within MTTR; If not replaced in a timely manner, the relevant SIF needs to be shut down (unless there are compensatory measures in the SRS document).

Calibration and testing: Regularly calibrate sensors/actuators, test SIF response time (≤ 1/2 of process safety time PST), and archive test records.

Backup and Update: Regularly backup system configuration (AADvance Workbench/SIS Workstation project) and test backup effectiveness; Firmware updates require the use of the ControlFLASH tool.

2. System security measures

Network security: it is forbidden to connect to the unprotected Internet; Computers need to have firewalls, antivirus software, and password protection enabled; The software license USB key needs to be properly kept.

Port security: Some Ethernet ports (such as TCP 1132, UDP 2010) are open by default, and unused ports need to be closed through a firewall (refer to the configuration guide).

Program Security: The application requires password protection, and the controller needs to insert the "Program Enable Key" to modify the configuration; It is prohibited to force I/O points during operation, and it is recommended to use the program's "override" logic for maintenance.

Supporting documents and resources

1. Key related documents

Document Name Usage Description

AADvance Controller System Build Manual (ICSTT-RM448) System Assembly, Startup, and Operation Verification

AADvance PFH and PFDavg Data (ICSTT-RM449) Fault Probability (PFH/PFDavg) Data and Calculation Example

AADvance Troubleshooting and Maintenance Manual (ICSTT-RM406) System Maintenance, Troubleshooting, and Repair

2. Support channels

Technical support: Get help through rok.auto/support, register an account to subscribe to product security notifications.

Document download: Download the latest manuals and firmware from Rockwell Literature Library (rok.auto/iterative) or Product Compatibility and Download Center (rok.auto/pcdc).


Key Terminology (Glossary Simplified)

SIL (Safety Integrity Level): Safety Integrity Level, levels 1-4, with SIL 3 being the highest level supported by the manual.

PST (Process Safety Time): The maximum time for triggering a hazardous event when a hazardous state exists and there is no protection. The controller defaults to PST=2500ms and needs to be adjusted based on sensor/actuator delay.

MTTR (Mean Time To Repair): The average time to repair, during which faulty modules need to be replaced to maintain SIL.

1oo2D/2oo3D: Fault tolerant configuration, 1oo2D (2 out of 1 with diagnosis), 2oo3D (3 out of 2 with diagnosis).


  • Basler Electric DECS-250-CN1SN1N Automatic Voltage Regulator for Generator Excitation Control
  • ADLINK CPCI-6860A - 51-31310-OB10 industrial motherboard CompactPCI SBC
  • ADLINK AmITX-SL-G-H110 - 51-7A104-0A30 Mini-ITX Industrial Motherboard
  • ADLINK PXI-2005-003 - CPCI Industrial PC Data Acquisition Card Multi-Function DAQ
  • ADLINK DININ-814M - 51-14032-0A3D SCSI-100P cable connection Interface Terminal Board
  • ADLINK CPCI-3920NA/C2D15/M1G - 3U CompactPCI Intel Core 2 Duo Single Board Computer
  • ADLINK PCIE-8560 - 51-18014-0A20 Communication Card High Speed DAQ
  • ADLINK PCI-C154+ - Motion Control Card 4-axis Motion Controller Board
  • ADLINK PCI-RTV24 - image capture card Analog Video Frame Grabber
  • ADLINK NuPRO-842LV/P - 51-41360-0B30 Industrial Motherboard CPU Board
  • ADLINK cBP-3208/3208R - CPCI Board 3U 8-Slot CompactPCI Backplane
  • ADLINK PCI-8164 - 4-Axis Motion Controller PCI Card 51-12406-0A40
  • ADLINK PCIe-GIE64+ - 4-CH GigE Vision PoE+ Frame Grabber Video Capture Card
  • ADLINK CPCI-6860 / 6860A - CompactPCI Dual Xeon Single Board Computer
  • ADLINK IEC-915GV - REV 1.1 Industrial motherboard CPU Board
  • ADLINK ND-6520 - Technology RS-232 to RS-422RS-485 Converter NuDAM Module
  • ADLINK RTV-24 / PCI-MP4S - 51-12519-1C30 4-Channel Real Time Video Capture Board
  • ADLINK cPCI-6910 / cPCI-6910AM/M1G - cPCI-6910AM/DXL16/M1G/S80G(G)-3120 BOARD CompactPCI SBC
  • ADLINK NUPRO-A40H - Linghua 51-41807-1A30 Industrial Control Computer Motherboard
  • ADLINK USB-3488A - USB to GPIB INTERFACE USB-3488A(G) Controller Module
  • ADLINK PCI-8134A - motion control card 4-Axis Controller Card
  • ADLINK PCI-7432 - Board 32-Channel input / 32-output Isolated Digital I/O PCI Card
  • ADLINK PCI-8134A - 51-12421-0A10 motion controller card tested
  • ADLINK LPCIe-7230 - 32 CH Isolated Input/output Card 2 Interrupts Low Profile PCIe
  • ADLINK NuPRO-E340 - industrial computer motherboard 51-47807-0A30 PICMG 1.3 SHB
  • ADLINK PCI-7434 - High-speed Digital Acquisition Card 64-CH Isolated DO Card
  • ADLINK NuPRO-E330 - 51-41805-0A20 Indsutrial Board SHB Single Board Computer
  • ADLINK PCI-7248 - OPTO-22 48 CHANNEL DIO DIGITAL TTL/DTL I/O 51-12006-0A40 GP
  • ADLINK PCI-8134 - Motion control card 4-Axis Controller Card
  • ADLINK AMP-208C - Movimiento Control Tarjeta 51-12420-1A20 W/Expansión & Breakout
  • ADLINK PCI-8164 - 51-12406-0A40 PCB Board 4-Axis Motion Controller Card
  • ADLINK DIN-68Y-SGII / DIN-68M-J3A - Terminal Board Connector Interface Block
  • ADLINK PCIe-7432 - Technology 51-18402-0A10 PCIe Card With High Input Range
  • ADLINK PCI-8144 / PCI-8144N - Motion control card 4-Axis Stepper Controller Card
  • ADLINK HSL-HUB3/REPEATER - HIGH SPEED LINK EXTENSION MODULES Distributed Hub Module
  • ADLINK ND-6017 - Data Logging + Acquisition 8CH A/D input Mod NuDAM Module
  • ADLINK LPCIe-7250 - data acquisition card Low Profile 8-CH Relay Output Card
  • ADLINK PCI-7432 - I/O card 64-CH Isolated Digital Input Output PCI Card
  • ADLINK IMB-M43H - industrial control computer motherboard Q87 Chip Micro-ATX
  • ADLINK MP-C154 - Motion control Card 4-Axis Motion Controller Board
  • ADLINK PCI-RTV24 - image capture card Video Frame Grabber Card
  • ADLINK PCI-7250 - 8-CH Relay Output & 8-CH Isolated DI Card
  • ADLINK PCI-6308V - 8-CH 12-Bit Isolated Analog Output PCI Card PCB-I-E-1148=6EX2
  • ADLINK PCI-7248 - capture card 48-CH Opto-22 Compatible DIO Card
  • ADLINK HSL-AI16A02-M-VV - Analog Input Output Distributed Module
  • ADLINK NuPRO-A301 - Rev:1.4 NUPRO-A301 PICMG Full-Size Single Board Computer
  • ADLINK PCI-6208V-GL - 8-CH Voltage Analog Output PCI Card
  • ADLINK PCI-8134A - 51-12421-0A10 4-Axis Motion Controller Card
  • ADLINK MNET-S23 - TECHNOLOGY MNET S23 - SERVO DRIVER CONTROL MODULE
  • ADLINK M-342 - ATX I3 I5 I7 Q67 Industrial Motherboard
  • ADLINK NUPRO-780 - Industrial Motherboard CPU Board PICMG SBC
  • ADLINK MP-C154 / MP-C152 - 4-Axis Motion Control Card Pulse-Train Controller
  • ADLINK NuPRO-935A/LV10B0 - Motherboard 51-41802-0A10 GP w/RAM Industrial Control Board
  • ADLINK MP-C154 - Motion control card 4-Axis Motion Controller Mainboard
  • ADLINK PCI-7250 - PCI Acquisition Card 8-CH Relay Output Isolated DI Card
  • ADLINK ACL-7124 - Technology Inc.24 DIO Card Digital Input Output Card
  • ADLINK PCI-8554 A2 - Timer/Counter Data Acquisition Card
  • ADLINK DIN-825-GP4 - Terminal Block Interface Board Breakout Module
  • ADLINK NuPR0-761 - REV:1.1 Industrial motherboard Full-Size PICMG SBC
  • ADLINK MXE-1401/M8G (G) - Matrix Fanless Embedded Computer Industrial PC
  • ADLINK HSL-DI16DO16-UD-NN - Digital 16 Channel I/O Mod Distributed I/O Module
  • ADLINK ND6520 - NUDAM INTELLIGENT DA&C MODULE RS232-RS-422/RS485 CONVERTOR
  • ADLINK NUPRO-761 - REV:1.1 Industrial Motherboard CPU Board
  • ADLINK AMP-208C - Motion Control Card 51-12420-1A20 DSP-based 8-axis
  • ADLINK NuPRO-A301REV 1.4 - with packaging industrial computer motherboard PICMG SBC
  • ADLINK PCM-9112+ - 51-12300-0A2 industrial motherboard Multi-Function DAQ PC/104 Module
  • ADLINK PCM-7250+ - 8-CH Relay Outputs & 8-CH Isolated DI Module PC/104
  • ADLINK PCI-RTV24 - Image capture card Analog Video Frame Grabber
  • ADLINK PCI-8134 - Motion Controller PCI Card 4-Axis Controller Board
  • ADLINK PCI-7432 - Isolated Digital I/O PCI Card
  • ADLINK PCI-8554 A2 - acquisition card Timer/Counter Card
  • ADLINK PCI-8132 - Rev.A2 2-Axis Servo & Stepper Motion Controller Card
  • ADLINK PCI-8132 - Data Acquisition card 2-Axis Motion Controller Card
  • ADLINK EBP-13E4 - 51-46703-0A30 Industrial Backplane Board Passive Backplane
  • ADLINK PCI-800L - Electronic Card Interface Controller Card
  • ADLINK PCIe-GIE72 - 51-18531-0A10 PCB Board GigE Vision Frame Grabber
  • ADLINK DAQ-2010(G)-OOBO - Simultaneous-Sampling Multi-Function DAQ Card
  • ADLINK PCI-9112 - REV.B1 Multifunction DAQ Card Data Acquisition Card
  • ADLINK PCI-7230 - 51-12003-DA60 32-CH Isolated Digital I/O Card
  • ADLINK PCI-7432 - Data Acquisition Card Isolated Digital I/O PCI Card
  • ADLINK ETX-AT-N270-18/LXE - 51-71111-0A20 ETX CPU Module Motherboard
  • ADLINK HSL-DI32-UD-N - DIGITAL INPUT 32 POINTS MODULE Distributed I/O
  • ADLINK AMP-204C - Motion Control card DSP-Based 4-Axis Advanced Controller
  • ADLINK MNET-4XMOG-0050 - Four-axis Motion Controller Distributed Motion Module
  • ADLINK AMP-204C - Motion control card DSP-Based 4-Axis Pulse-Train Controller
  • ADLINK PCI-7442 - Switch card 64-Channel Datalogging & Acquisition Card
  • ADLINK M-302 - Industrial control motherboard ATX PC Board
  • ADLINK NUPRO-852 / NUPRO-852LV - Industrial motherboard Single Board Computer
  • ADLINK PCI-8134 - REV.B1. 4-Axis Motion Controller Card
  • ADLINK PCI-GIE62 + - 51-18502-0A20 2-CH GigE Vision Frame Grabber PoE Card
  • ADLINK PCI-MPG24 - 51-12523-0B20 MPEG4 Card Video Compression Hardware
  • ADLINK HSL-TB32-M-DIN - 32-CH I/O TERMINAL W/ HSL-AI16AO2-M-VV MODULE
  • ADLINK PCI-M114-GL - PCB Ver 2.1 Motion Controller Axis Card
  • ADLINK IMB-M40H - SYM76996H61 motherboard Industrial Computer Mainboard
  • ADLINK NUPRO-A40H - 51-41807-1A20 industrial control motherboard H61 Chip
  • ADLINK PCI-M114-GL - Axis Card Data Acquisition Card PCB VER2.2 Motion Controller
  • ADLINK PCI-8134 - Motion Controller PCI Card 4-Axis Controller Board
  • ADLINK PCI-8102 - Motion control card 2-Axis Servo & Stepper Controller
  • ADLINK NuPRO-841REV:3.0 - motherboard Industrial Control PC Board
  • ADLINK HSL-TB32-U-DIN REV A1 - Breakout Terminal Board Field I/O Module
  • ADLINK AMP-204C - Motion Control card DSP-Based 4-Axis Pulse-Train Controller
  • ADLINK NUPRO-A40H - 51-41807-1A20 industrial control motherboard H61 PC Board
  • ADLINK PCI-6308A / PCI-6308V - 51-12202-0A50 Isolated Analog Output Card
  • ADLINK AMP-204C - DSP-Based 4-Axis Advanced Pulse-Train Motion Controller
  • ADLINK PCI-7434 - Technology 64-Channel Isolated Digital I/O PCI Cards
  • ADLINK CPCI-6840 / CPCI-6840V / PM16/M1G-12G0 - CompactPCI Single Board Computer CPU Module
  • ADLINK PCIE-GIE74 - Motherboard Video Capture Card 51-18531-0A10 Frame Grabber
  • ADLINK NuPRO-E330 - industrial computer equipment motherboard Control Mainboard
  • ADLINK AMP-208C / 51-12420-1A20 - Motion Control Card W/ Expansion & Breakout Board
  • ADLINK HPCI-14S12U - industrial computer baseboard Passive Backplane 14 Slots
  • ADLINK PCI-8164 - 4-Axis Motion Controller PCI Card W/ 1x Cable, 1x Breakout Box
  • ADLINK PCIe-RTV24 - 51-18016-0A20 Image Acquisition Video Capture Card
  • ADLINK M-342 - 5 PCI ATX Motherboard Industrial PC Mainboard
  • ADLINK PCI-FIW64 - 4/2 Channel IEEE1394B Image Capture Card FireWire Frame Grabber
  • ADLINK PCI-7432 - digital IO card 64-CH Isolated Digital Input Output Card
  • ADLINK 51-12001-0C20 - Circuit Board PCI-7200 Data Acquisition Controller Card
  • ADLINK PXI-3920 - PXI 3U cPCI Industrial Controller Embedded System CPU Board
  • ADLINK NuPRO-841REV:2.0 - motherboard Industrial Control PC Board
  • ADLINK NuPro-E330 - 51-41805-0A20 PCB Industrial Control Computer Motherboard
  • ADLINK PCI-RTV24 - Image capture card Analog Video Frame Grabber
  • ADLINK PCI-7442 - Switch card 64-Channel Datalogging & Acquisition Card
  • ADLINK HPX-13S4 - device baseboard Passive Backplane Riser Card
  • ADLINK PCI-9112 REV A.1 - Multi Function DA&C Board Data Acquisition Card
  • ADLINK PCI-7248 - 51-12006-0A40 Card Control 48-CH Digital I/O Module
  • ADLINK CPCI-6860 / 6860A - motherboard CompactPCI Dual Xeon Single Board Computer
  • ADLINK DPAC-3020-11(G) - Embedded PC Automation Controller Machine Control Board
  • ADLINK NuPRO-841 REV:1.0 - industrial control motherboard CPU Board
  • ADLINK MNET-4XMOG-0050 - Four-axis Motion Controller MNET Motion Control Card