PLC Technology Ensures the Lifeline of Mines: Designing the Hoist Control System

The mine hoist is the lifeline of safe production in mines. An advanced PLC control system can ensure stable and reliable operation, improving hoisting efficiency and safety.

1. Hardware Configuration

PLC and Expansion Module Selection

For the control requirements of the mine hoist, we selected the Siemens S7-1500 series PLC as the main control unit.

The specific model is CPU 1516F-3 PN/DP, which has powerful computing capabilities and built-in safety functions, meeting the SIL3 safety level requirements, making it very suitable for applications like mine hoists that have extremely high safety requirements.

Expansion module configuration:

• Digital Input Module (DI): SM 521, used for collecting switch signals
• Digital Output Module (DO): SM 522, used for actuator control
• Analog Input Module (AI): SM 531, used for collecting analog quantities such as speed and position
• Analog Output Module (AO): SM 532, used for controlling frequency converter settings

I/O Point Allocation Table

Signal Type	Address	Function Description
DI	%I0.0	Upper limit switch
DI	%I0.1	Lower limit switch
DI	%I0.2	Emergency stop button status
DI	%I0.3	Over-winding protection switch
DI	%I0.4	Rope slack protection switch
DI	%I1.0-%I1.7	Safety door status (8 units)
AI	%IW64	Main motor speed feedback
AI	%IW66	Hoisting height encoder signal
AI	%IW68	Motor current detection
DO	%Q4.0	Main motor start
DO	%Q4.1	Main motor stop
DO	%Q4.2	Safety power-off relay control
DO	%Q4.3	Fault alarm indicator
AO	%QW80	Frequency converter speed setting

This I/O point allocation fully considers the characteristics of hoist control, concentrating on processing safety-related signals, which facilitates system diagnosis and maintenance.

2. Safety and Redundancy Design

Safety Circuit Design

The safety of the mine hoist is crucial, and we adopted a dual safety circuit design:

• Hardwired Safety Circuit: Key safety signals such as emergency stop, over-winding protection, and rope slack protection are directly wired to the safety relay, ensuring that even if the PLC fails, the system can enter a safe state
• PLC Safety Program Circuit: A safety program compliant with IEC 61508 standards is written in the F-CPU, monitoring all safety signals and implementing intelligent safety control

The safety program is written using the safety instruction set (SIMATIC Safety) and employs a dual-channel monitoring principle, where either channel detecting a hazardous state can trigger a safety response.

Redundancy Control Strategy

The hoist control system adopts a multi-level redundancy design:

1. Sensor Redundancy: Key parameters such as position and speed are monitored using dual or triple sensors
2. Communication Redundancy: A ring PROFINET network is used, where disconnection at any point does not affect communication
3. Main Control PLC Hot Backup: Configured with an H system (two CPUs in hot backup), ensuring that when one fails, the other seamlessly takes over

Fail-Safe Mechanism

The system is designed with a comprehensive fail-safe mechanism:

FC123 "Fail-Safe Handling" // Fail-safe function block
BEGIN
    // Speed limit detection
    IF "Actual Speed" &gt; "Maximum Allowed Speed" * 1.1 THEN
        CALL "Emergency Brake Program", "Brake Parameters DB";
        SET "Fault Code".B#16#01;
    END_IF;
    
    // Position deviation detection
    IF ABS("Position Feedback 1" - "Position Feedback 2") &gt; "Position Deviation Allowable Value" THEN
        CALL "Safe Shutdown Program", "Shutdown Parameters DB";
        SET "Fault Code".B#16#02;
    END_IF;
    
    // Over-travel protection
    IF ("Position Feedback" &gt; "Upper Limit Position" OR "Position Feedback" &lt; "Lower Limit Position") AND
       "Running Status" = TRUE THEN
        CALL "Emergency Brake Program", "Brake Parameters DB";
        SET "Fault Code".B#16#03;
    END_IF;
END_FC

This function block is executed in every scan cycle, ensuring that abnormal situations can be detected in a timely manner and trigger the corresponding safety response.

3. Control Program Design

Program Architecture Design

Using a modular programming approach, the hoist control program is divided into the following parts:

Organization Blocks (OB):

• OB1: Main loop program, responsible for calling various function blocks
• OB35: 100ms cycle interrupt, used for speed closed-loop control
• OB82: Diagnostic interrupt, handling module faults
• OB122: I/O access error, handling I/O communication exceptions

Function Blocks (FB):

• FB1: Hoist state control
• FB2: Speed curve generation
• FB3: Position control
• FB10: Safety monitoring
• FB20: Fault diagnosis
• FB30: HMI data exchange

Data Blocks (DB):

• DB1: System parameters
• DB2: Operating data
• DB10: Safety parameters
• DB100: HMI interface data

Variable Definition Specification

Variable naming follows these rules:

• Prefix indicates variable type: b (Boolean), i (Integer), r (Real), s (String)
• Middle part indicates functional module: Hoist, Motor, Safety
• Suffix indicates variable purpose: Cmd (Command), Sts (Status), Para (Parameter)

For example:

rHoistSpeed        // Hoist speed (real)
bMotorRunSts       // Motor running status (boolean)
iSafetyFaultCode   // Safety fault code (integer)

Status Control Design

The hoist status control adopts a state machine design pattern, defining the following main states:

1. Initialization State
2. Standby State
3. Check State
4. Run Preparation State
5. Running State
6. Deceleration Stop State
7. Emergency Stop State
8. Fault State

FB1 "Hoist State Control" // State control function block
VAR
    StateCase : INT;    // Current state of the state machine
    PrevState : INT;    // Previous state of the state machine
    TransitionOK : BOOL; // State transition condition met flag
END_VAR

BEGIN
    CASE #StateCase OF
        0:  // Initialization State
            "Initialization Indicator" := TRUE;
            IF "Initialization Complete" THEN
                #StateCase := 1;  // Transition to Standby State
            END_IF;
            
        1:  // Standby State
            "Initialization Indicator" := FALSE;
            "Standby Indicator" := TRUE;
            IF "Start Command" AND "Safety Conditions Met" THEN
                #StateCase := 2;  // Transition to Check State
            END_IF;
            
        2:  // Check State
            "Standby Indicator" := FALSE;
            "Check Indicator" := TRUE;
            // Perform safety check
            CALL "Safety Check Program", "Safety Parameters DB";
            IF "Check Result OK" THEN
                #StateCase := 3;  // Transition to Run Preparation State
            ELSIF "Check Timeout" OR "Check Failed" THEN
                #StateCase := 7;  // Transition to Fault State
            END_IF;
            
        3:  // Run Preparation State
            "Check Indicator" := FALSE;
            "Preparation Indicator" := TRUE;
            "Motor Ready" := TRUE;
            IF "Preparation Complete" THEN
                #StateCase := 4;  // Transition to Running State
            END_IF;
            
        4:  // Running State
            "Preparation Indicator" := FALSE;
            "Running Indicator" := TRUE;
            // Call speed control program
            CALL "Speed Control Program", "Speed Parameters DB";
            IF "Stop Command" THEN
                #StateCase := 5;  // Transition to Deceleration Stop State
            ELSIF "Safety Exception" THEN
                #StateCase := 6;  // Transition to Emergency Stop State
            END_IF;
            
        5:  // Deceleration Stop State
            "Running Indicator" := FALSE;
            "Stop Indicator" := TRUE;
            // Call deceleration stop program
            CALL "Deceleration Stop Program", "Stop Parameters DB";
            IF "Speed is Zero" AND "Position Stable" THEN
                #StateCase := 1;  // Return to Standby State
            END_IF;
            
        6:  // Emergency Stop State
            "Running Indicator" := FALSE;
            "Emergency Stop Indicator" := TRUE;
            // Call emergency brake program
            CALL "Emergency Brake Program", "Brake Parameters DB";
            SET "Fault Alarm";
            IF "Fault Confirmed" AND "Speed is Zero" THEN
                #StateCase := 7;  // Transition to Fault State
            END_IF;
            
        7:  // Fault State
            "Emergency Stop Indicator" := FALSE;
            "Fault Indicator" := TRUE;
            IF "Fault Reset" AND "Safety Conditions Met" THEN
                #StateCase := 0;  // Return to Initialization State
            END_IF;
    END_CASE;
END_FB

4. HMI Design

Interface Layout Description

The HMI interface is divided into the following areas:

1. Status Display Area: Displays the current operating status, position, speed, and other key parameters of the hoist
2. Operation Control Area: Contains operation buttons such as start, stop, and reset
3. Parameter Setting Area: Used for configuring operating parameters
4. Alarm Information Area: Displays real-time system alarm information

Multiple functional screens are designed, including:

• Main Screen: Overview of system status
• Operation Monitoring: Detailed monitoring of operating data
• Parameter Settings: Configuration of system parameters
• Alarm Information: Fault alarm query
• Trend Curve: Historical curves of key parameters
• System Diagnosis: System diagnostic functions

Parameter Setting Description

Parameter settings are divided into different permission levels:

• Operator Level: Basic operating parameters
• Engineer Level: Control parameter adjustments
• Administrator Level: System configuration parameters

Key parameter settings include:

• Speed Setting (m/s): Set maximum speed, acceleration, and deceleration
• Position Parameters (m): Set travel upper and lower limits, deceleration points, etc.
• Time Parameters (s): Start delay, stop delay, etc.
• Safety Parameters: Overspeed limit, overload limit, etc.

All parameter modifications have input range checks and permission controls to prevent misoperations that could lead to safety issues.

5. System Debugging Methods

Step-by-Step Debugging Method

The debugging of the hoist system is divided into the following steps:

1. I/O Point Testing:

• Test signals by forcing input/output settings
• Verify the wiring and functionality of each I/O point

2. Unit Function Testing:

• Motor control testing: Verify start/stop control
• Position detection testing: Verify encoder feedback
• Safety function testing: Verify emergency stop, limit functions, etc.

3. System Integration Testing:

• State transition testing: Verify transitions between states
• Human-Machine Interface testing: Verify monitoring and parameter setting functions
• Network communication testing: Verify PLC communication with the host computer

4. Load Testing:

• No-load operation testing: Verify basic operating functions
• Light load testing: Verify performance under low load
• Full load testing: Verify performance under full load

Abnormal Simulation Testing

To verify the system’s response under abnormal conditions, the following simulation tests are conducted:

1. Safety Exception Simulation:

• Simulate triggering the emergency stop button
• Simulate over-winding protection action
• Simulate opening the safety door

2. Device Fault Simulation:

• Simulate encoder failure
• Simulate frequency converter communication interruption
• Simulate PLC power failure

3. Network Exception Simulation:

• Simulate network disconnection
• Simulate HMI communication interruption
• Simulate remote I/O failure

After each type of abnormal simulation, record and analyze the system response time and safety measures actions to ensure compliance with safety requirements.

Conclusion and Outlook

The PLC control system for mine hoists is key to ensuring safe production in mines.

Through reasonable hardware configuration, modular program design, comprehensive safety mechanisms, and user-friendly operation interfaces, efficient and reliable operation of the hoist has been achieved. Engineers are welcome to share their implementation experiences!