In PLCs, my understanding is that one 'tick' represents one pass through the equations; every gate is updated once with respect to its inputs.
I've been working with PLCs for over 30 years but never heard of 'tick' used in that context. Most use the term 'program scan' and over the years program scan-times have dropped from around 20 ms to < 1 ms. In general a simple PLC works as follows:
- Read the inputs. Most will make a snapshot copy of the inputs and execute the logic based on the snapshot to ensure that each logic equation sees the same input status. This is important because, unlike relay logic, the PLC logic is executed sequentially rather than in parallel.
- Execute the logic, updating the internal registers including the output map.
- Write the outputs.
- Do any housekeeping.
- Repeat.
We'll have a look at the vital logic when you supply some details.
This does not guarantee that the change-of-inputs has propagated to the outputs. Therefore, a PLC may require several system-ticks for the outputs to stabilize w.r.t. the inputs.
No. The outputs are updated at the end of the scan. Obviously if timers or counters are used there will be a delay in the output response. The other thing is that if an output depends on a condition that will only be true further down the program then that output won't turn on until the following scan. This may be what you are thinking of.
Figure 1. A rather quaint mix of old and new from Μίνθα: A Framework for Auto-Programming and Testing of Railway Controllers for Varying Clients.
The image of Figure 1 shows a controller much like any other except for what it is controlling. SSI, solid-state interlocking was becoming more popular on British Rail when I left Irish Rail but I never worked on any of it. Wikipedia's Solid-state interlocking says:
SSI utilises a 2-out-of-3 redundancy architecture, whereby all safety-critical functions are performed in three separate processing lanes and the results voted upon. An SSI interlocking cubicle comprises three Interlocking Processors or Multi Processor Modules (MPMs), two Panel Processors and a Diagnostics Processor (DMPM). An SSI system can operate on two MPMs in the event of the failure of one. It does not need the DMPM to function as an interlocking, as this drives the technician's terminal only.
Back to your question:
I have been told that vital-logic controllers execute the ladder-logic repeatedly, within one system tick, in order to force the change-of-inputs to propagate all the way to the outputs in one tick.
This seems unlikely.
- I think the program would have to scan through the compiled control tables in a sequential manner.
- Railway signalling doesn't have to update all that quickly. As the leading axle of a train passes a signal it will turn red. A one second delay isn't going to cause any trouble.
The big problems will be ensuring that a processor bug doesn't cause the same problem across all redundant systems. For this reason they may choose processors from a variety of lots or vendors and execute a transformed program (think of de Morgan's equivalent of the logic) in one of the controllers. The other aspect to bear in mind is that the monitoring unit needs a short time delay before reacting to a mismatch in outputs.
This week I was debugging an industrial control solid-state safety circuit (Omron components) and out of curiousity I monitored the dual-channel safety circuit that monitors the machine safety doors. As I expected, every 200 ms the 24 V source signal is switched off for 0.5 ms and if this is not detected by the corresponding input the safety input faults out. Meanwhile the other channel is doing the same test with 100 ms offset. This type of checking will detect open or short-circuits in the safety wiring but, most importantly, it will detect an input stuck "on" due to a failed semi-conductor on the safety controller input.
It's a fascinating topic.
