ICS Triplex T8110B
ICS Triplex T8110B
ICS Triplex T8110B
ICS Triplex T8110B
ICS Triplex T8110B

ICS TRIPLEX T8110B | Trusted TMR Processor – Specifications & Wiring Manual

  • Manufacturer: ICS Triplex (now part of AVEVA)
  • Part Number: T8110B
  • System Platform: ICS TRIPLEX Trusted® TMR (Triple Modular Redundant) system
  • Hardware Type: Trusted TMR Processor Module
  • Architectural Role: Core processing unit for safety-critical control systems, executing logic and managing I/O modules via triple modular redundancy.
  • Key Specifications: 100 MHz processor, 16 MB DRAM, IEC 61508 SIL 3 certified, -40°C to +70°C operating temperature.
Get a Quote
Manufacturer:

Our extensive catalogue, including , is available now for dispatch to the worldwide.

Description

System Architecture & Operational Principle

The ICS TRIPLEX T8110B is a Trusted TMR (Triple Modular Redundant) Processor Module​ designed for safety-critical industrial applications, serving as the central processing unit in the ICS TRIPLEX Trusted® system. It operates at Purdue Model Level 2–3​ (Basic Control/Supervisory Control), acting as the bridge between field devices (sensors, actuators) and higher-level systems (e.g., SCADA, DCS).

Architectural Role

The T8110B is installed in a Trusted® chassis​ (e.g., T8100 series) and interfaces with:
  • Upstream: Field devices (e.g., emergency stop buttons, fire detectors) via I/O modules (e.g., T8461 digital output module).
  • Downstream: Higher-level control systems (e.g., plant DCS) via redundant communication links (e.g., Ethernet, serial).
Its primary role is to execute safety logic​ (e.g., emergency shutdown, interlock) using triple modular redundancy—three independent processing lanes run in parallel, with a 2-out-of-3 voting mechanism to mask single-lane faults. This ensures continuous operation even if one lane fails, critical for applications where downtime can lead to catastrophic consequences.

Operational Principle

The T8110B uses a lock-step TMR architecture:
  1. Parallel Processing: Three identical processors execute the same logic simultaneously.
  2. Voting Logic: A dedicated voter compares the outputs of the three processors. If two or more agree, the output is sent to the field devices. If one processor disagrees (e.g., due to a hardware fault), the voter ignores its output, and the system continues to operate.
  3. Fault Handling: The module performs continuous self-diagnostics (e.g., memory checks, communication monitoring) and isolates faulty lanes automatically. Hot-swap capability allows replacement of a faulty processor without shutting down the system.
The Trusted® backplane provides redundant power and data paths, ensuring that a backplane fault in one lane does not affect the others. This architecture delivers fault tolerance​ and deterministic performance, essential for safety-critical applications.

ICS Triplex T8110B

ICS Triplex T8110B

Core Technical Specifications

  • Processor: 100 MHz triple modular redundant (TMR) processor
  • Memory: 16 MB DRAM (program/data storage), 2 MB Flash (firmware)
  • Safety Certification: IEC 61508 SIL 3 (TÜV Rheinland)
  • Operating Temperature: -40°C to +70°C (-40°F to +158°F)
  • Power Supply: 20–32 V DC (redundant power inputs)
  • Communication: Redundant triple module interface (backplane), IRIG-B002/122 time sync
  • Hot-Swap: Supported (online replacement without reloading programs)
  • Dimensions: 266 mm × 93 mm × 303 mm (10.5 in × 3.6 in × 12.0 in)
  • Weight: ~2.94 kg (6.5 lbs)

Customer Value & Operational Benefits

1. Uncompromised Safety with TMR Architecture

The T8110B’s triple modular redundancy ensures fault tolerance—even if one processor lane fails, the other two maintain control. This is critical for emergency shutdown (ESD) systems, where a single point of failure could lead to explosions or toxic releases. For example, in an offshore oil platform, the T8110B monitors pressure sensors; if one lane fails, the voting mechanism ignores it, preventing unnecessary shutdowns while alerting maintenance teams.

2. Reduced Downtime with Hot-Swap Design

The module supports online hot-swapping—technicians can replace a faulty T8110B without shutting down the entire system. This is a game-changer for continuous process industries (e.g., power generation, petrochemicals), where even a 1-hour outage can cost millions in lost production. The Trusted® backplane automatically reroutes communication to the replacement module, minimizing disruption.

3. Simplified Maintenance with Advanced Diagnostics

The T8110B features comprehensive self-diagnostics​ (e.g., processor health checks, memory integrity tests) and time-stamped fault logging. Maintenance teams can quickly identify faulty lanes using the front-panel LEDs or via the Trusted® configuration software. For instance, if a processor lane fails, the fault log pinpoints the exact time and cause, eliminating guesswork during troubleshooting.

4. Scalability for Growing Systems

The T8110B’s modular design allows easy expansion—additional I/O modules (e.g., T8461) can be added to the Trusted® chassis to accommodate more field devices. This scalability is ideal for industries like chemical processing, where production lines often expand to meet demand. The redundant communication links support up to 512 I/O points per chassis, making the T8110B a future-proof solution.

ICS Triplex T8110B

ICS Triplex T8110B

Field Engineer’s Notes (From the Trenches)

When installing the T8110B, always verify the backplane power supply—the module requires 20–32 V DC, and low voltage can cause intermittent resets. I once saw a technician install the module in a chassis with a faulty power supply, leading to hours of downtime. Use a multimeter to measure the backplane voltage (should be 24 V DC ±10%) before powering up.
Check the processor’s firmware version—older firmware may not support new I/O modules. Use the Trusted® configuration software to update the firmware to the latest version (available on the AVEVA website). I’ve spent hours troubleshooting “module not recognized” faults only to find the firmware was outdated.
Test the hot-swap feature​ after installation—power down one processor lane and verify that the system continues to operate. This ensures that the voting mechanism works correctly, which is critical for safety.

Real-World Applications

1. Offshore Oil Platform Emergency Shutdown (ESD)

On an offshore oil platform, the T8110B is used as the core of the ESD system. It monitors pressure sensors​ (on pipelines) and emergency stop buttons​ (on equipment). If a pressure sensor detects a dangerous overpressure, the T8110B executes the shutdown sequence—closing valves, stopping pumps, and activating alarms—within milliseconds. The TMR architecture ensures that even if one processor lane fails, the system continues to monitor critical signals.

2. Chemical Reactor Safety Interlock

In a chemical reactor, the T8110B monitors temperature switches​ (on the reactor vessel) and level sensors​ (in the feed tank). If the temperature exceeds the safe limit, the T8110B sends a signal to the T8461 digital output module, which closes the steam valve and opens the cooling water valve—preventing a runaway reaction. The time-stamped fault log helps engineers identify the root cause of any faults (e.g., a faulty sensor or process deviation).

3. Power Plant Turbine Protection

In a gas-fired power plant, the T8110B monitors turbine vibration sensors​ and bearing temperature switches. If a vibration sensor detects excessive vibration, the T8110B triggers the turbine shutdown sequence—opening the bleed valves and stopping the fuel supply. The hot-swap design allows technicians to replace a faulty T8110B without shutting down the turbine, minimizing downtime.

Related products