HIMA HIMax Safety Control System

HIMA HIMax Safety Control System

System Overview and Core Positioning

HIMax is a flexible safety control system platform launched by HIMA, designed specifically for critical production processes. Its core value lies in balancing "high safety" and "full lifecycle availability" - meeting SIL 3/PL e (some scenarios support SIL 4 CENELEC) safety level requirements, and supporting hardware/software changes during system operation (such as module replacement and program updates) without interrupting production. The system is adaptable to both centralized and distributed applications, and can be flexibly configured based on I/O points, response time, and fault tolerance requirements. It covers a full range of scenarios from small safety applications (such as single machine interlocking) to large complex systems (such as oil and gas pipeline control), and is typically used in safety critical areas such as emergency shutdown (ESD), fire and gas monitoring (F&G), and high pressure protection (HIPPS).

Core advantages and technological highlights

（1） Full lifecycle availability design

Continuous operation capability

Adopting XMR (eXtended Modular Redundancy) architecture and integrated redundancy management, key modules (such as CPU and system bus) support hot plugging and can be replaced without downtime;

The CPU module has a "self-learning function" that automatically adapts to system configuration after replacement, reducing manual intervention time;

Online Proof Test: supports testing of safety functions during operation without the need to pause production, in compliance with IEC 61508 standard requirements.

Flexible scalability and compatibility

Modular design: Supports applications ranging from small (X-CPU 31 module) to large (X-CPU 01 module), with flexible expansion of I/O points through the expansion rack. A single system can support a maximum of a large number of I/O channels;

Cross system integration: Establish redundant links with HIMatrix controllers through SafeEthernet, support remote rack deployment in star topology, and adapt to distributed factory layouts;

Historical data storage: The processor module can store 2500 diagnostic records, and each I/O module can store 500 records. The SOE (Sequence of Events) function supports storing 5000 events with a resolution of 1ms, making it easy to trace faults.

（2） Security and Performance Assurance

Security Design and Certification

Safety level: Complies with SIL 3 (IEC 61508/61511), PL e (EN ISO 13849-1), and some scenarios (such as railway and maritime) have passed SIL 4 certification (EN 50126/50129);

Explosion proof and environmental adaptability: Supports explosion-proof standards such as ATEX Zone 2 (T4), IEC Ex Zone 2 (T4), UL Class I Div 2, and can withstand tropical environments (ANSI/ISA-S 71.04 Class G3). The working temperature range covers industrial scene requirements;

Common cause fault protection: Reduce the risk of common cause faults through hardware isolation and software redundancy algorithms, ensuring that a single fault does not affect the system's safety functions.

High performance control capability

Multi tasking: supports running 32 user programs simultaneously, meeting the segmented control requirements of complex processes;

Fast response: The resolution of the sequence of events (SOE) is 1ms, the accuracy of analog processing (such as 4-20mA signals) is high, and it is suitable for high-speed control scenarios (such as turbine machinery control TMC);

Dual logic support: Simultaneously compatible with both "De energy to trip" and "Energize to trip" safety control logics, adapted to different industry safety standards.

Hardware module classification and key parameters

The HIMax module is divided into a central module and an input/output (I/O) module, with a unified size of 310 × 29 × 230mm for easy rack installation and replacement. The core module functions are as follows:

（1） Central module (control and communication core)

Module type, model, core function, applicable scenarios

The processor module X-CPU 01 has high performance, supports complex control algorithms, and has redundant configurations for large systems and critical controls such as HIPPS and TMC

Lightweight design of processor module X-CPU 31, cost optimized for small and medium-sized safety applications such as single machine interlocking and fire and gas monitoring

The system bus module X-SB 01 manages system bus communication and supports redundant buses (dual module configuration) for all systems, ensuring reliable bus communication

Communication module X-COM 01 has 4 RJ-45 interfaces, 2 9-pin D-Sub interfaces, and supports 6 protocol systems for communication with third-party devices (such as PLC, HMI, SCADA)

（2） I/O module (signal acquisition and control execution)

Digital Input Module

Covering multiple voltage levels and functional requirements, the core models are as follows:

X-DI 64 01/51: 64 channel 24VDC, 01 type supports SIL 3, 51 type is standard;

X-DI 32 01/02/03/04/05: 32 channels, supporting 24VDC (SIL 3), 8.2VDC (proximity switch+line monitoring, SIL 3), 48VDC (SIL 3), 24VDC (with SOE, SIL 3), 8.2VDC (proximity switch+line monitoring+SOE, SIL 3) respectively;