HIMA HIMax Safety Control System



HIMA HIMax Safety Control System

System Overview and Core Positioning

HIMax is a flexible safety control system platform launched by HIMA, designed specifically for critical production processes. Its core value lies in balancing "high safety" and "full lifecycle availability" - meeting SIL 3/PL e (some scenarios support SIL 4 CENELEC) safety level requirements, and supporting hardware/software changes during system operation (such as module replacement and program updates) without interrupting production. The system is adaptable to both centralized and distributed applications, and can be flexibly configured based on I/O points, response time, and fault tolerance requirements. It covers a full range of scenarios from small safety applications (such as single machine interlocking) to large complex systems (such as oil and gas pipeline control), and is typically used in safety critical areas such as emergency shutdown (ESD), fire and gas monitoring (F&G), and high pressure protection (HIPPS).

Core advantages and technological highlights

（1） Full lifecycle availability design

Continuous operation capability

Adopting XMR (eXtended Modular Redundancy) architecture and integrated redundancy management, key modules (such as CPU and system bus) support hot plugging and can be replaced without downtime;

The CPU module has a "self-learning function" that automatically adapts to system configuration after replacement, reducing manual intervention time;

Online Proof Test: supports testing of safety functions during operation without the need to pause production, in compliance with IEC 61508 standard requirements.

Flexible scalability and compatibility

Modular design: Supports applications ranging from small (X-CPU 31 module) to large (X-CPU 01 module), with flexible expansion of I/O points through the expansion rack. A single system can support a maximum of a large number of I/O channels;

Cross system integration: Establish redundant links with HIMatrix controllers through SafeEthernet, support remote rack deployment in star topology, and adapt to distributed factory layouts;

Historical data storage: The processor module can store 2500 diagnostic records, and each I/O module can store 500 records. The SOE (Sequence of Events) function supports storing 5000 events with a resolution of 1ms, making it easy to trace faults.

（2） Security and Performance Assurance

Security Design and Certification

Safety level: Complies with SIL 3 (IEC 61508/61511), PL e (EN ISO 13849-1), and some scenarios (such as railway and maritime) have passed SIL 4 certification (EN 50126/50129);

Explosion proof and environmental adaptability: Supports explosion-proof standards such as ATEX Zone 2 (T4), IEC Ex Zone 2 (T4), UL Class I Div 2, and can withstand tropical environments (ANSI/ISA-S 71.04 Class G3). The working temperature range covers industrial scene requirements;

Common cause fault protection: Reduce the risk of common cause faults through hardware isolation and software redundancy algorithms, ensuring that a single fault does not affect the system's safety functions.

High performance control capability

Multi tasking: supports running 32 user programs simultaneously, meeting the segmented control requirements of complex processes;

Fast response: The resolution of the sequence of events (SOE) is 1ms, the accuracy of analog processing (such as 4-20mA signals) is high, and it is suitable for high-speed control scenarios (such as turbine machinery control TMC);

Dual logic support: Simultaneously compatible with both "De energy to trip" and "Energize to trip" safety control logics, adapted to different industry safety standards.

Hardware module classification and key parameters

The HIMax module is divided into a central module and an input/output (I/O) module, with a unified size of 310 × 29 × 230mm for easy rack installation and replacement. The core module functions are as follows:

（1） Central module (control and communication core)

Module type, model, core function, applicable scenarios

The processor module X-CPU 01 has high performance, supports complex control algorithms, and has redundant configurations for large systems and critical controls such as HIPPS and TMC

Lightweight design of processor module X-CPU 31, cost optimized for small and medium-sized safety applications such as single machine interlocking and fire and gas monitoring

The system bus module X-SB 01 manages system bus communication and supports redundant buses (dual module configuration) for all systems, ensuring reliable bus communication

Communication module X-COM 01 has 4 RJ-45 interfaces, 2 9-pin D-Sub interfaces, and supports 6 protocol systems for communication with third-party devices (such as PLC, HMI, SCADA)

（2） I/O module (signal acquisition and control execution)

Digital Input Module

Covering multiple voltage levels and functional requirements, the core models are as follows:

X-DI 64 01/51: 64 channel 24VDC, 01 type supports SIL 3, 51 type is standard;

X-DI 32 01/02/03/04/05: 32 channels, supporting 24VDC (SIL 3), 8.2VDC (proximity switch+line monitoring, SIL 3), 48VDC (SIL 3), 24VDC (with SOE, SIL 3), 8.2VDC (proximity switch+line monitoring+SOE, SIL 3) respectively;

X-DI 32 51/16 01:32 channel 8.2VDC (standard type), 16 channel 120VAC (SIL 3), compatible with different types of field sensors.

Analog Input Module

Focusing on industrial standard analog signals, supporting isolation and monitoring functions:

X-AI 16 51:16 channel, supports 0/4-20mA, ± 280mV signals, galvanic isolation, compatible with thermocouples (TC) and Pt100 temperature sensors;

X-AI 32 01/02/51: 32 channels 4-20mA, Type 01 with line monitoring (SIL 3), Type 02 with line monitoring+SOE (SIL 3), Type 51 is standard.

Counter module

X-CI 24 01/51:24 channel, maximum counting frequency 20kHz, 01 type supports SIL 3, 51 type is standard, suitable for speed and pulse counting scenarios (such as encoder signal acquisition).

Digital/Relay Output Module

Emphasize safety control and fault monitoring:

X-DO 32 01/51:32 channel 24VDC/0.5A, 01 type with short circuit monitoring+single channel shutdown (SIL 3), 51 type with output protection+group shutdown;

X-DO 24 01/02:24 channels, supporting 24VDC/0.5A (line monitoring+single channel shutdown, SIL 3) and 48VDC/0.5A (line monitoring+single channel shutdown, SIL 3) respectively, SIL 3）；

X-DO 12 01/51:12 channel 230VAC/DC, 01 type with current measurement+cycle counting (SIL 3), 51 type is standard type;

X-DO 12 02:12 channel 24VDC/2A, equipped with short circuit monitoring and single channel shutdown (SIL 3), suitable for high-power loads.

analog output module

X-AO 16 01/51:16 channel 4-20mA, 01 type supports paired galvanic isolation, 51 type is standard, used to control actuators such as valves and frequency converters.

Special function module

X-HART 32 01:32 HART modems, supporting cooperation with X-AI/X-AO series modules to achieve HART protocol communication (SIL 3);

X-MIO 7/6 01: Overspeed trip module, including 3 counter channels, 4 digital inputs, 5 digital outputs, and 1 relay channel (SIL 3), suitable for turbine and motor overspeed protection.

Software and Programming Support

（1） Programming Tools and Languages

Adopting the HIMA unified engineering tool SILworX, it supports multiple programming methods that comply with the IEC 61131-3 standard:

Function Block Diagram (FBD): intuitive drag and drop programming, suitable for logic control;

Sequential Function Diagram (SFC): used for sequential control scenarios (such as step flow);

Structured Text (ST): a high-level programming language suitable for complex algorithms;

C code (optional): Meets customized control requirements and requires HIMA certification.

（2） Communication Protocol and Integration Capability

The X-COM 01 communication module supports running 6 protocols simultaneously, covering security and standard communication requirements:

Safe communication: SafeEthernet (HIMA safety protocol, used for redundant communication between systems), PROFIsafe (industrial safety protocol);

Standard communication: OPC DA/A&E, Modbus TCP (master/slave), PROFINET, PROFIBUS DP (master/slave), Modbus RS485 (master/slave), TCP/UDP transceiver, SNTP (time synchronization);

Customized communication: ComUserTask (CUT), supports user programming of custom protocols (RS422/RS485 interface), HART over IP (supported by V7 version), compatible with third-party smart devices.

Compliance certification and typical applications

（1） Global Compliance Certification

The system has passed multiple international safety and industrial standard certifications, covering major global market demands:

Safety standards: IEC 61508（SIL 3）、IEC 61511（SIL 3）、EN ISO 13849-1（PL e）、EN 62061（SIL 3）、EN 50126/50129（SIL 4）；

Industry standards: EN 298 (Burner Control), EN 54-2 (Fire Alarm), NFPA 72/85/86 (North American Fire and Boiler Standards), ANSI/ISA-84.00.01 (Process Safety);

Explosion proof and Environmental Protection: ATEX Zone 2（T4）、IEC Ex Zone 2（T4）、UL 508、CSA-C22.2 No.142、FM Class I Div 2、Achilles Level I（ Network security);

Special fields: DNV (Maritime), Lloyd's Register (Classification Society), Russia EAC (Russian Market), ABS (Marine Equipment Certification).

（2） Typical application scenarios

Process industry: Emergency Shutdown System (ESD), Fire and Gas Monitoring System (F&G), High Voltage Protection System (HIPPS), Pipeline Management and Control (PMC);

Energy and Power: Turbomachinery Control (TMC), Boiler Protection and Burner Control System (BCS);

Transportation and infrastructure: railway level crossing control, rail vehicle safety control;

General industry: equipment interlocking, safety door control, robot protection.

Summary

The HIMax system is centered around "safety and reliability," "flexible scalability," and "full lifecycle availability." Through modular hardware, redundant architecture, multi protocol support, and comprehensive certification, it has become an ideal safety control platform for critical production processes. It not only meets strict safety standards, but also reduces downtime losses through uninterrupted operation and maintenance, online testing, and other designs, adapting to the full scenario requirements of complex systems from small and medium-sized to large. It is widely used in industries such as petrochemicals, energy, and transportation that require high safety and availability.