Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

PLC Electronic Basics

  1. Home
  2. Articles
  3. Web Hacking
  4. PLC Electronic Basics

PLC Electronic Basics

By CapnDelete avatarCapnDelete | 37503 Reads |
2     1

Electronic Basics in Relation to the PLC

Before diving into developing control software for a PLC, you need to understand at least the basics of electricity: I won’t be diving into that too deeply as it goes beyond the scope of this document and there is a great deal of information available online: So if you want to know the theory and calculations such as Ohms law, Google: What I will be going over is the basics needed in order to understand PLC development:

First a little history: Before PLC’s came about, controls were done by an array of relays: A relay is nothing more than a switch that is controlled electro-magnetically: I won’t get into too much detail because: well Google will help keep this document from being ridiculously long: But, basically when you apply power to a relay, it powers up the electro-magnet and mechanically moves a rocker arm that will either provide continuity or completely remove continuity: They are arranged in variations of poles and throws: Think of the pole as the path that provides continuity and the throw as the direction of continuity: You have a huge variety of relay types, but some of the most common are:

  • SPST: Single Pole, Single Throw:
  • SPDT: Single Pole, Double Throw:
  • DPST: Double Pole, Single Throw:
  • DPDT: Double Pole, Double Throw:

Anyways, electricians would arrange the relays in such a way that would control a process: So say when a float in a tank provided power to a relay, it would then provide power that turned a warning light on and closed a valve: After all, who wants to watch their fresh drafted brew pour all over the floor because Bubba forgot to shut it off:

As you can imagine, this was a major overhaul every time they needed to change something: You generally had to rewire the entire rack and arrange the relays in a different pattern: So the PLC came to life: Instead of relays, there is a computer that you can program: In fact the most common programming language for the PLC is called Ladder Logic The bane of my existence, but more on that later : Ladder Logic is a graphical representation that looks and feels similar to a relay array:

Now to the electrical part: PLC’s control IO through the same basic methods: Why? Because it is consistent and predictable: You don’t have to worry if there’s too much noise in the line because there’s no digital communication with conventional IO: It’s a very forgiving and stable way to identify the state: Now there’s quite a few devices that will either carry digital communications and or provide the state such as HART Highway Remote Transducer Protocol , but I’ll get to those later:

When talking devices, its always referring to itself: So an input is something it is expecting to get data on and and output is something it’s trying to either control or give data to: When I say data, it can be on off Discrete or a variance Analog :

  • DI Discrete IN : An applied voltage represents a true state and lack of voltage represents a false state: This doesn’t have to be a great deal of voltage: It all depends on the PLC and the devices: 12VDC Volts Direct Current and 24VDC are common voltages to use across a control scheme: An example would be if a tank is full, continuity is provided applying voltage to the DI to tell the PLC that the float isn’t triggered this is known as normally closed: This is common because if the wire is cut, it will flag an alarm : Once the float lifts, continuity is broken telling the PLC that the tank is too full and it needs to do something:

  • DO Discrete Out : This is what the PLC uses to output power to a device to control it: So say the DI was triggered and it wants to turn on the air conditioner: It provides power through the DO to a DI on the air conditioner and it turns on:

  • AI Analog In : Lets say we wanted to know how full the tank is or how warm it is in a building: This is done by either adjusting the voltage or the amperage think of voltage like the pressure in your water line and the amperage as the amount of water flow : There’s quite a few different variations in this, but let’s take 0-10VDC as an example: Let’s say at 1VDC the tank is empty not 0VDC so you can tell if you’re getting a signal or if the wire is broke and at 10 VDC the tank is full: The PLC looks at that voltage and determines what the level is: You can convert those voltages to a more human readable format by converting them to EU Engineering Units : So the zero in EU in this case meters, feet, or whatever is measured at 1VDC: The span is the height of the tank, which is measured at 10VDC: Based off of those values you can make more decisions such as when do I take action and when do I just warn: The resolution is how accurate the AI is: It’s measured in steps: Without going into great detail, a 16 bit resolution gives you 65, 536 different possible answers or steps in relation to the voltage: Think about it mathematically, you can have infinite numbers between 1 and 2: The resolution says I’m going to look at x amount of points between 1 and 2:

  • AO Analog Out : If you wanted to tell a smart valve or control the speed on a motor, you can use an AO to go to 50% open or tell the VFD Variable Frequency Drive - used for controlling motors to run at 500RPM you need something more than just on off: AO works off of the same principle as the AI only it’s controlling something instead of monitoring: So in the 0-10VDC example, 5V would be telling the valve to go to 50% open in EU:

-HSC High Speed Counter : You can only look at a DI so often: Just like the resolution, there are an infinite amount of times during a second you can look to see if a DI has changed state: This, of course, is limited by the processor frequency: Generally you don’t need an extremely high rate: Take a valve for instance: You only need to look at it so often as it’s not going to change state in 1 1000 of a second: A HSC is a DI that says I’m going to look at this at a much higher frequency to see if it changes state: So say you have a water rate that uses a turbine: The fins on the turbine passing through a magnetic sensor tells you the rate of the water: In this case you need to look at the state at a much higher frequency:

Hopefully this gives you an idea why basic electronic skills are so handy to have: The logic is converted to different variations of electricity in order to control something else: Once we start diving into the how to do development, it will probably be more apparent: Remember that PLC’s were designed to help electricians and engineers control a process: Next Article I write will start diving into the types of communication protocols used and then on to the languages:

Comments
Sorry but there are no comments to display