Mission-Critical PLCs: REGUL RX00


Alexey Elov and Dmitriy Dobriyan elaborate upon the development of a line of high-availability PLCs (Regul) with focus on redundancy, speed, and cost.

  • Client

    GP Systems GmbH

  • Services

    Ways to overcome the existing limitations.

  • Technologies

    Industrial Automation

  • Dates




In today’s saturated PLC market, one can find devices and solutions for almost any application and need. PLCs are the most universal instruments for automating processes, and they allow more accurate and transparent management of operations. The segment of the market with controllers for critical applications includes such devices as the Siemens Simatic S400, the Modicon Quantum, ControlLogix, and others. The typical characteristics shared by these types of PLCs are:

  • A virtually unlimited number of I/Os (over 10,000 discrete I/O channels and over 1,000 analog I/O channels)
  • High processing power
  • Support of a wide variety of communication protocols
  • Support of hot-swapping of all the modules
  • Support of hot standby, and
  • Redundancy.


While this market segment is full of well-known brands, and it is quite difficult to offer anything new in this area, we at GP Systems GmbH have found the ways to overcome the existing limitations. We have implemented our ideas in the REGUL RX00 line of PLCs. Let’s go into step-by-step detail about building a PLC for critical applications.


Internal bus

The base of every PLC is its internal bus, used to exchange data between all the modules of the controller. The bus defines the maximum functional speed of the PLC. Eventually, the processor can be upgraded, but the internal bus cannot be replaced when it reaches 100% capacity, as replacing it would change the design of all the I/O modules and require significant changes to the software. Thus, this would be the same as developing a whole new PLC.


The internal bus of REGUL PLCs not only has an ultra-rapid performance speed, with a typical cycle time starting at just 50 μs, but it also operates in strict real time and has a high synchronisation accuracy (a difference of less than 100 ns in most cases).


Another advantage of the REGUL internal bus is that the number of nodes does not have any impact on the cycle time. Therefore, a PLC with hundreds of I/O modules will have a speed similar to that of a small controller with just a few I/Os. Also, the internal bus in REGUL controllers can be used in racks and between them; the signal just travels through a different physical carrier, and there is no difference in the module placement. Whether the module is placed in the CPU rack or in a remote I/O several kilometres away from the CPU (e.g., the controllers could be used with small form-factor pluggable (SFP) modules for fibre-optic communication lines), the functionality and availability of the modules will be the same.

Another interesting feature of the REGUL internal bus is its ring structure, which allows a redundant communication channel in case of line failure. We should note here that REGUL controllers use two independent internal buses in the ring. When the PLC is running in hot-standby mode, the processors communicate with the modules over independent channels with a bus exchange cycle time of 1 ms.



REGUL PLCs support several types of redundancy:

1. 100% mirror redundancy. In this case, every CPU has its own set of I/O modules and is a full mirror of another CPU (Figure 1).

2. CPU and bus controller/power supply unit redundancy. In this case, both CPUs are located in the same rack and exchange data with the same I/O modules over two independent buses (Figure 2).

3. Mixed redundancy. In this case, options 1 and 2 are mixed (Figure 3).


REGUL CPU modules have high processing power. Their core is a CPU with 1-GHz speed and 2 GB of RAM.


Moreover, the user can use up to 64 GB for application programs, archives, and databases (on an SSD). Module CU 00 061 supports communication over four independent Ethernet ports, out of which two can be used for fibre-optic connections. Also, the module has onboard RS-485 and RS-232 ports and an internal GPS/GLONASS receiver. The CU 00 071 module has two USB ports and a DVI connection (with touch-display support) instead of the RS-232 port.


We would like to note that all the events and archived data are stored in the internal SSD with time stamps and can be made available to the upper level of the system.


All the I/O modules, including the discrete I/O modules, have microprocessors. As such, every module is a microcontroller operating with a 1-ms cycle time. Initial signal processing is performed within this time and includes:

  • Signal diagnostics for range overshooting and abrupt value changes
  • A “debounce” function for digital signals
  • Programmable averaging time
  • Conversion of the signal values into engineering units
  • Support of the redundant network with data transmission over two ports, and
  • The assignment of a timestamp with an accuracy of 1 ms to the signal and to the event on this signal.


Certainly, in most cases, such speed is not required, but it helps to achieve a high accuracy and stability of the measurements. For example, when an analog input signal is to be measured with a cycle of 100 ms, then one can obtain 100 measurements from the module, filter them for surges, and obtain a sliding average.


Other Technical Specifications

Figure 1. 100% mirror redundancy.

Figure 2. CPU redundancy.

Figure 3. Mixed redundancy.


REGUL PLCs use a real-time operating system. Its key characteristics are:

  • Predetermined behaviour in the worst external conditions
  • A typical reaction time of around 5 μs for interruptions
  • A predictable reaction time for events
  • Implementation of the algorithms with pre-emptive multitasking and prioritisation
  • Implementation of memory protection, and
  • Microkernel operating system architecture: error in one software module does not lead to a blockage of the entire operating system.


For the configuration and programming, we developed Epsilon LD software, based on Codesys, that:

  • Supports five IEC 61131-3 languages (IL, LD, ST, SFC, and FBD)
  • Outputs machine code
  • Provides tools for project configuration (task managers, PLC configuration, library manager)
  • Has an integrated debugger that operates in online mode
  • Supports object-oriented programming
  • Supports network protocols such as Modbus TCP, Modbus RTU, TCP/IP, CAN, etc., and
  • Has a visualisation editor for small stand-alone systems.



The REGUL R600 controller is a set of modules installed on a 19-inch rack with a Eurocard standard 6U height (Figure 4). One rack contains 14 slots. The ingress protection of the modules is rated as IP20.


The rack can be made in two ways:

  • For installation on a mounting panel
  • For installation on a 19-inch rack


The modules have uniform dimensions and are made of printed circuit boards in steel casings. This configuration results in controllers with a good level of EMI protection and stable operation in an industrial setting.


The REGUL R600 PC has passed laboratory tests for electromagnetic compatibility and has verified operation and metrological capabilities at operating temperatures from -40 to +60°C.



The R500 series was developed to provide more flexibility when building automation systems and is a modified version of the REGUL R600. The types of modules and their functionality are the same as for the R600.


The modules in the R500 series (Figure 5) have plastic cases of smaller dimensions than R600 and are installed on individual expandable chassis locked onto a DIN rail. The number of modules in one row is not, in this case, limited by the size of a 19-inch rack.


Technical decisions made during the development of the R500 series allow the design of a system with any configuration of modules on the rack and allow automation systems to be built with a more flexible structure.


Figure 4. REGUL R600.

Figure 5. REGUL R500.



When a project requires small modules to be used or has a small number of I/O channels and no redundancy requirements, the R200 series (Figure 6) comes into play. A compact housing with up to 8 I/Os per module, but with the same speed and bus specifications as in the R500 and R600, offers everything you need.


Systems built with the R600 or R500 can be extended with R200 I/O modules. Or, you can use their own R200 CPU modules. The R200 is always compact, with a GPS/GLONASS receiver and two Ethernet ports.



When we turn to the real-life implementations of the REGUL PLCs, the high availability systems are the most obvious candidates. REGUL PLCs are already being used in:


  • Electric power industry:

o Steam turbine automation

o Emergency shutdown systems

o Automation of steam boilers for hydroelectric power stations


  • Oil and gas:

o Smart metering for LACT units

o Automated firefighting systems

o Fault-tolerant automation for oil pumping stations, tank farms of any scale


  • Utilities:

o Combined heat and power plants

o Water treatment facilities


Getting to a more specific solution would like to bring an example of steam turbine control. It was designed for automatic control of a steam turbine (from small to large, such as 800 MW and higher) in standard and emergency modes. Cycle time in this system is as low as 10 ms, while operating 50…200 channels, switchover in 20 ms, event archiving at 10 ms/100 ms/1 s, and covered with full redundancy with solution’s MTBF of 100,000 hours.


Another task in operating turbine is the most critical for the operation of the station – overspeed protection.


For this task was developed turbine emergency trip mechanism, based on three separate DA modules, providing Triple Modular Redundancy (TMR). The mechanism, detecting critical speed while measuring rotation frequency, sends a signal to stop the turbine (accounting for its acceleration). Operating as a triple emergency shutdown system. The CPU module in this system is used only for diagnostics and generation of test tasks.


Both solutions are based on the custom-designed triple-channel analog DA module, with integrated frequency generator and built-in algorithms for:

  • Three-channel frequency measurement in two ranges (up to 10 kHz and up to 500 kHz)
  • Overspeed protection with protection verification on a stopped turbine or during idling
  • Reading signals from incremental encoder (position of actuator), and
  • Control of calibration unit and signal reading from flow meters.


Figure 6. REGUL R200.



All REGUL PLCs are designed by our in-house development team of electronics and software engineers. This design practice allows us to take an open approach to your project requirements and build customised modules.


After production, every board is tested on an optical control machine, and boards with BGA components are tested on an x-ray machine. Smaller batches are assembled on a selective soldering machine. During production, every board is marked with a QR code for system traceability, providing us with a full picture of the product’s life cycle from the purchase of the components to the on-site installation and what has happened to the module at each step.


After production, every single module is tested in the test laboratory for at least 48 hours (including a test run in a climatic chamber) and up to the customer’s specifications. In some cases, it takes two weeks to run all the tests.


This manuscript from GP Systems GmbH, Germany, is based on the experience of the engineers that developed the PLCs and reviewed a number of technical solutions, before deciding on the way to move forward.


GP Systems GmbH



Alexey Elov And Dmitriy Dobriyan

Alexey Elov is Technical Director, Department of Industrial Automation, GP Systems GmbH. Dmitriy Dobriyan is Head of Engineering, GP Systems GmbH.