PLC Based Home Automation

A PROJECT REPORT

Submitted by:

Sameer Patel (100054111001)

In fulfillment for the award of the degree

of

BACHELOR OF ENGINEERING
in
(ELECTRONICS & COMMUNICATION)

Group No: 67

Internal Guide: External Guide:

Prof. Saurabh Shah Mrs. Sejal Borad
H.O.D., Project Coordinator,
E & C Dept., Sofcon India Pvt. Ltd.,
BIT-Varnama. Vadodara.

BITS Edu Campus, Varnama. 391 240

Gujarat Technological University, Ahmedabad
May, 2014
 BITS Edu Campus

Electronics & Communication Engineering Department.

CERTIFICATE

This is to certify that the dissertation entitled “PLC Based Home

Automation” has been carried out by
Sameer Patel (100054111001)
under my guidance in fulfillment of the degree of Bachelor of
Engineering Degree in Electronics & Communication(8th
Semester) of Gujarat Technological University, Ahmedabad,
during the academic year 2013-14.
Date :

Project Guide: Head Of the Department:

Prof. Saurabh Shah Prof. Saurabh Shah
H.O.D H.O.D.
E & C Dept. E & C Dept.
BIT-Varnama BIT-Varnama

Project Coordinator:
Prof. Swarup Pal
Project Coordinator
E & C Dept.
BIT-Varnama
 Acknowledgement

I would like to express my gratitude and appreciation to all those who gave me the possibility
to complete this report. A special thanks to my final year project guide, Prof. Saurabh Shah,
whose help, suggestions and encouragement, helped me to coordinate my project,
especially in writing this report.

A special thanks goes to the head of projects, Mrs. Sejal Borad at Sofcon India Pvt. Ltd., who
has helped me to give crucial suggestions about how I could improve my project.

I am obliged to, and deeply grateful for the cooperation of the faculty members of Babaria
Institute of Technology, for the valuable information provided by them in their respective
fields.

I would also like to express my gratitude to my family for encouragement and support.

I
 Abstract

This project aims at automating many home appliances. The appliances are
controlled automatically and the functioning of the appliances is controlled by
the programmable Logic Controller (PLC). As the functioning of the appliances
is integrated with the working of PLC, the project proves to be accurate,
reliable and more efficient than the existing controllers.

The processes that are proposed to be automated in this project are:-

1. Interior and Exterior Lights
2. Burglar Alarm
3. Fire Alarm
4. AC On/Off, Lights On/Off and Fans On/Off Using DTMF

Also, the functioning of many of these devices will be interconnected depending

upon the events that occur. The monitoring of the complete process will be done
through SCADA.

II
 List of Tables
Table No Table Description Page No

3.1 MT8870DE Pin Details 17

3.2 Details of the PIR Sensor 17
3.3 Details of the Fire Sensor 18
5.1 Output of the DTMF Decoder Circuit 28
5.2 Real World Interpretation of DTMF Decoder Output 29

III
 Table of Figures
Figure No. Figure Description Page No

1.1 Model of a building automation 4

2.1 Control panel with PLC 8
2.2 PLC scan cycle 9
2.3 Complexity and cost Vs. I/O count 10
3.1 Allen Bradley 1761-L32BWA 15
3.2 The MT8870DE pin out 16
3.3 The MT8870DE 16
3.4 A generic PIR sensor 17
3.5 The LM35 Temperature Sensor 18
3.6 A CdS photoresistor/LDR 19
4.8 Block diagram 21
5.1 Schematic of an analog DTMF decoder 27
5.2 Schematic of an LDR operated relay 29
5.3 Schematic of a fire operated relay 30
5.4 Schematic of a PIR operated relay 26
5.5 The output modules 32
6.1 Typical Workspace of RSLogix 500 35
6.2 The Program Developed for Home Automation 42
7.1 SCADA's Schematic Overview 46

IV
 Table of Contents

Acknowledgement .................................................................................................................... I

Abstract .................................................................................................................................... II

List of Tables ......................................................................................................................... III

Table of Figures......................................................................................................................IV

Table of Contents .................................................................................................................... V

Chapter – 1 – Automation and Domotics .............................................................................. 1

1.1 Introduction ...................................................................................................................... 2
1.1 About the organization ..................................................................................................... 2
1.3 What Is Automation? ....................................................................................................... 3
1.4 Domotics .......................................................................................................................... 3
1.5 Literature Review ............................................................................................................. 5

Chapter – 2 – Programmable Logic Controllers .................................................................. 6

2.1 Introduction ...................................................................................................................... 7
2.2 Features ............................................................................................................................ 7
2.3 Scan Time ......................................................................................................................... 9
2.4 Classification of PLCs .................................................................................................... 10
2.5 User Interface ................................................................................................................. 11
2.6 Communications............................................................................................................. 11
2.7 Simulation ...................................................................................................................... 11
2.8 Redundancy .................................................................................................................... 12
2.9 PLC Compared with other Control Systems .................................................................. 12

Chapter – 3 – Overview of the Project ................................................................................. 14

3.1 Components List ............................................................................................................ 15
3.2 Technical Specifications ................................................................................................ 15
3.2.1 Allen Bradley 1761-L32BWA PLC ........................................................................ 15
V
 3.2.2 DTMF Decoder IC MT8870DE .............................................................................. 16
3.2.3 PIR Sensor ............................................................................................................... 17
3.2.4 LM35 Temperature Sensor ...................................................................................... 18
3.2.5 Light Dependent Resistor ........................................................................................ 19

Chapter – 4 – Project Functionality ..................................................................................... 20

4.1 Block Diagram ............................................................................................................... 21
4.1.1 Block Diagram Description ..................................................................................... 21
4.2 Flow Charts .................................................................................................................... 22
4.2.1 Interior Lights Control ............................................................................................. 22
4.2.2 Exterior Lights Control............................................................................................ 23
4.2.3 Fire Alarm ............................................................................................................... 24
4.2.4 PIR/Security/Intruder Alarm ................................................................................... 25

Chapter – 5 – Module Details ............................................................................................... 26

5.1 The DTMF Decoder Schematic ..................................................................................... 27
5.1.1 Details about the DTMF Decoder ........................................................................... 28
5.1.2 Output Format of the DTMF Decoder..................................................................... 28
5.1.3 Role of DTMF Decoder in Automation ................................................................. 28
5.2 The LDR Sensor ............................................................................................................. 29
5.2.1 Details about the LDR Sensor ................................................................................. 29
5.3 The Fire Sensor .............................................................................................................. 30
5.3.1 Details about the Fire Sensor ................................................................................... 30
5.4 The PIR Sensor............................................................................................................... 30
5.4.1 Details about the PIR Sensor ................................................................................... 30
5.5 The Output Modules....................................................................................................... 31
5.5.1 Interior Lights .......................................................................................................... 31
5.5.2 Exterior Lights ......................................................................................................... 31
5.5.3 Fire Alarm ............................................................................................................... 31
5.5.4 PIR/Security/Intruder Alarm ................................................................................... 32
5.5.5 Fans.......................................................................................................................... 32
5.5.6 AC............................................................................................................................ 32

VI
Chapter – 6 - Programming .................................................................................................. 33
6.1 Programming the PLC ................................................................................................... 34
6.2 Ladder Logic .................................................................................................................. 35
6.3 Example of a simple ladder logic program ................................................................... .37
6.4 Limitations and Successor Languages ........................................................................... 40
6.5 Developed Program ........................................................................................................ 41

Chapter – 7 - SCADA ............................................................................................................ 44

7.1 Introduction to SCADA ................................................................................................. 45
7.2 Common System Components ...................................................................................... 45
7.3 System Concepts ............................................................................................................ 46
7.4 Human-Machine Interface.............................................................................................. 47
7.5 SCADA Architectures .................................................................................................... 49
7.5.1 First generation: “Monolithic” ................................................................................ 49
7.5.2 Second generation: "Distributed" ............................................................................ 49
7.5.3 Third generation: "Networked" ............................................................................... 50
7.5.4 Fourth generation: "Internet of Things" .................................................................. 50
7.6 Security Issues ................................................................................................................ 50
7.7 Developed SCADA Program ......................................................................................... 53

Chapter – 8 – Future Prospects ............................................................................................ 54

8.1 Applications ................................................................................................................... 55
8.2 Additional Information ................................................................................................... 56
8.2.1 Why PLCs and Not Microcontrollers? .................................................................... 56
8.3 Future Expansion............................................................................................................ 57
8.4 Conclusion ...................................................................................................................... 58

References ............................................................................................................................... 59

Appendix ................................................................................................................................. 60

MT8870DE DTMF Decoder Datasheet .......................................................................... 60

MicroLogix 1000 Programmable Controller Datasheet .................................................. 67
78L05 Voltage Regulator Datasheet ............................................................................... 76

VII
LM35 Temperature Sensor Datasheet ............................................................................ 85
D203B PIR Sensor Datasheet ......................................................................................... 94
Patent Drafting Exercise Report ..................................................................................... 99

VIII
Chapter-1-Automation and Domotics

1
 1.1 Introduction

A PLC based home automation system with DTMF control focuses on controlling home
electronic devices whether you are inside or outside your home. Home automation gives an
individual the ability to remotely or automatically control things around the house. A home
appliance is a device or instrument designed to perform a specific function, especially an
electrical device, such as a refrigerator, for household use. The words appliance and devices
can be used interchangeably.

Imagine you forgot to turn the lights/fans off once you leave the house or want to turn on the
AC before getting home so that you can enjoy the pre-cooled environment.

Automation is today’s fact, where things are being controlled automatically, usually the basic
tasks of turning on/off certain devices and beyond, either remotely or in close proximity.
Automation lowers the human judgment to the lowest degree possible but does not completely
eliminate it.

Due to the many inputs and outputs that can be handled by a PLC, it is an ideal device to use
in homes where a lot of appliances are used.

1.2 About the Organization

 SOFCON is professionally run by technocrats having decades of experience in Training

/ process / manufacturing industry. They have a rich experience of over 2 decades in
providing automation solutions to Indian & overseas industries & a strong presence in
rich industrial belt of North, Western & Central India.

 Their fields of training are in:-

a) Industrial Automation

b) Embedded Applications

c) Integrated Building Management Systems

d) VLSI

2
 1.3 What Is Automation?

Automation or automatic control is the use of various control systems for operating equipment
such as machinery, processes in factories, boilers and heat treating ovens, switching in
telephone networks, steering and stabilization of ships or aircraft and other applications with
minimal or reduced human intervention.

Alternatively, automation can be defined as the delegation of human control functions to

technical equipment for increasing productivity, better quality, increasing safety in working
conditions, reducing manpower and cost.

Different types of automation tools exist:-

 ANN - Artificial neural network

 DCS - Distributed Control System

 HMI - Human Machine Interface

 SCADA - Supervisory Control and Data Acquisition

 PLC - Programmable Logic Controller

 Instrumentation

 Motion control

 Robotics

1.4 Domotics

Home automation, also known as domotics, is the residential extension of building automation.
It is automation of the home, housework or household activity. Home automation may include
centralized control of lighting, HVAC (heating, ventilation and air conditioning), appliances,
security locks of gates and doors and other systems, to provide improved convenience, comfort,
energy efficiency and security. Home automation for the elderly and disabled can provide
increased quality of life for persons who might otherwise require caregivers or institutional
care.

3
The popularity of home automation has been increasing greatly in recent years due to much
higher affordability and simplicity through smartphone and tablet connectivity. The concept of
the "Internet of Things" has tied in closely with the popularization of home automation.

An example of remote monitoring in home automation could be triggered when a smoke

detector detects a fire or smoke condition, causing all lights in the house to blink to alert any
occupants of the house to the possible emergency. If the house is equipped with a home theater,
a home automation system can shut down all audio and video components to avoid distractions,
or make an audible announcement. The system could also call the home owner on their mobile
phone to alert them, or call the fire department or alarm monitoring company.

In terms of lighting control, it is possible to save energy when installing various products.
Simple functions such as motion sensors and detectors integrated into a relatively simple home
automation system can save hours of wasted energy in both residential and commercial
applications. For example imagine an auto on/off at night time in all major city office buildings,
say after 10pm. When no motion is detected, lights shut down, and the owner could save
kilowatts of wasted overnight energy. Similar controls on HVAC (Heating Ventilation and Air
Conditioning) in buildings could save even more energy.

Figure 1.1- Model of a building automation (Courtesy-inELS Smart Home Solutions)

4
 1.5 Literature Review

1) PLC - A PLC or Programmable Logic Controller is a digital computer used for automation
of electromechanical processes, such as control of machinery on factory assembly lines,
amusement rides, or light fixtures. PLCs are used in many industries and machines. Unlike
general-purpose computers, the PLC is designed for multiple inputs and output arrangements,
extended temperature ranges, immunity to electrical noise, and resistance to vibration and
impact.

2) DTMF - Dual-Tone Multi-Frequency signaling (DTMF) is used for telecommunication

signaling over analog telephone lines in the voice-frequency band between telephone handsets
and other communications devices and the switching center.

3) Fire Alarm System - An automatic fire alarm system is designed to detect the unwanted
presence of fire by monitoring environmental changes associated with combustion. In general,
a fire alarm system is classified as either automatically actuated, manually actuated, or both.
Automatic fire alarm systems are intended to notify the building occupants to evacuate in the
event of a fire or other emergency, report the event to an off-premises location in order to
summon emergency services, and to prepare the structure and associated systems to control the
spread of fire and smoke.

4) Security Alarm - A security alarm is a system designed to detect intrusion – unauthorized

entry – into a building or area. Security alarms are used in residential, commercial, industrial,
and military properties for protection against burglary (theft) or property damage, as well as
personal protection against intruders.

5) Sensors - A sensor is a converter that measures a physical quantity and converts it into a
signal which can be read by an observer or by an (today mostly electronic) instrument.

6) SCADA- SCADA (Supervisory Control And Data Acquisition) is a type of industrial control
system (ICS). Industrial control systems are computer controlled systems that monitor and
control industrial processes that exist in the physical world.

5
Chapter-2-Programmable Logic Controllers

6
 2.1 Introduction

Early PLCs were designed to replace relay logic systems. These PLCs were programmed in
"ladder logic", which strongly resembles a schematic diagram of relay logic. This program
notation was chosen to reduce training demands for the existing technicians. Other early PLCs
used a form of instruction list programming, based on a stack-based logic solver.

Modern PLCs can be programmed in a variety of ways, from the relay-derived ladder logic to
programming languages such as specially adapted dialects of BASIC and C. Another method
is State Logic, a very high-level programming language designed to program PLCs based
on state transition diagrams.

Many early PLCs did not have accompanying programming terminals that were capable of
graphical representation of the logic, and so the logic was instead represented as a series of
logic expressions in some version of Boolean format, similar to Boolean algebra. As
programming terminals evolved, it became more common for ladder logic to be used, for the
aforementioned reasons and because it was a familiar format used for electromechanical
control panels. Newer formats such as State Logic and Function Block (which is similar to the
way logic is depicted when using digital integrated logic circuits) exist, but they are still not as
popular as ladder logic. A primary reason for this is that PLCs solve the logic in a predictable
and repeating sequence, and ladder logic allows the programmer (the person writing the logic)
to see any issues with the timing of the logic sequence more easily than would be possible in
other formats.

The functionality of the PLC has evolved over the years to include sequential relay control,
motion control, process control, distributed control systems and networking. The data handling,
storage, processing power and communication capabilities of some modern PLCs are
approximately equivalent to desktop computers. PLC-like programming combined with remote
I/O hardware, allow a general-purpose desktop computer to overlap some PLCs in certain
applications. Regarding the practicality of these desktop computer based logic controllers, it is
important to note that they have not been generally accepted in heavy industry because the
desktop computers run on less stable operating systems than do PLCs, and because the desktop
computer hardware is typically not designed to the same levels of tolerance to temperature,
humidity, vibration, and longevity as the processors used in PLCs. In addition to the hardware

7
limitations of desktop based logic, operating systems such as Windows do not lend themselves
to deterministic logic execution, with the result that the logic may not always respond to
changes in logic state or input status with the extreme consistency in timing as is expected from
PLCs. Still, such desktop logic applications find use in less critical situations, such as
laboratory automation and use in small facilities where the application is less demanding and
critical, because they are generally much less expensive.

2.2 Features

The main difference from other computers is that PLCs are armored for severe conditions (such
as dust, moisture, heat, cold) and have the facility for extensive input/output (I/O)
arrangements. These connect the PLC to sensors and actuators. PLCs read limit switches,
analog process variables (such as temperature and pressure), and the positions of complex
positioning systems. Some use machine vision [4]. On the actuator side, PLCs operate electric
motors, pneumatic or hydraulic cylinders, magnetic relays, solenoids, or analog outputs. The
input/output arrangements may be built into a simple PLC, or the PLC may have external I/O
modules attached to a computer network that plugs into the PLC.

Figure 2.1- Control panel with PLC (grey elements in the center) (Courtesy-Wikipedia)

8
 2.3 Scan Time

A PLC program is generally executed repeatedly as long as the controlled system is running.
The status of physical input points is copied to an area of memory accessible to the processor,
sometimes called the "I/O Image Table". The program is then run from its first instruction rung
down to the last rung. It takes some time for the processor of the PLC to evaluate all the rungs
and update the I/O image table with the status of outputs. This scan time may be a few
milliseconds for a small program or on a fast processor, but older PLCs running very large
programs could take much longer (say, up to 100 ms) to execute the program. If the scan time
was too long, the response of the PLC to process conditions would be too slow to be useful. As
PLCs became more advanced, methods were developed to change the sequence of ladder
execution, and subroutines were implemented. This simplified programming could be used to
save scan time for high-speed processes; for example, parts of the program used only for setting
up the machine could be segregated from those parts required to operate at higher speed.
Special-purpose I/O modules, such as timer modules or counter modules such as encoders, can
be used where the scan time of the processor is too long to reliably pick up, for example,
counting pulses and interpreting quadrature from a shaft encoder. The relatively slow PLC can
still interpret the counted values to control a machine, but the accumulation of pulses is done
by a dedicated module that is unaffected by the speed of the program execution.

Figure 2.2- PLC Scan Cycle

9
 2.4 Classification of PLCs

PLCs can be classified into two main categories:-

a) Classification by I/O modules.

b) Classification by application ranges.

2.3.1 Classification by I/O Modules

a) Discrete I/O Systems:-

The discrete (I/O) system provides the physical connection between the CPU and field devices
that transmit and receive digital signals.

b) Analog I/O Systems:-

Analog input modules are used in applications where the field equipment’s signal is
continuous, such as Pressure and Temperature.

Analog output modules are used in applications which need continuous voltage or current
levels for control. Examples of these types of field device are electric motor drives.

2.3.2 Classification by Application Ranges

PLCs can be divided into 5 groups as shown in the figure below:-

a) Micro PLCs, which are used in applications controlling up to 32 I/O Devices.

b) Small PLCs which controls 32 to 128 I/O.
c) Medium PLCs which controls 64 to 1024 I/O.
d) Large PLCs which controls 512 to 4096 I/O.
e) Very large PLCs which controls 2048 to 8192 I/O.

Figure 2.3- Complexity and Cost Vs. I/O Count (Courtesy-plantcontrol.blogspot.in)

10
 2.5 User interface
PLCs may need to interact with people for the purpose of configuration, alarm reporting or
everyday control. A human-machine interface (HMI) is employed for this purpose. HMIs are
also referred to as man-machine interfaces (MMIs) and graphical user interfaces (GUIs). A
simple system may use buttons and lights to interact with the user. Text displays are available
as well as graphical touch screens. More complex systems use programming and monitoring
software installed on a computer, with the PLC connected via a communication interface.

2.6 Communications
PLCs have built in communications ports, usually 9-pin RS-232, but optionally EIA-485 or
Ethernet. Modbus, BACnet or DF1 is usually included as one of the communications protocols.
Other options include various fieldbuses such as DeviceNet or Profibus. Other communications
protocols that may be used are listed in the List of automation protocols.

Most modern PLCs can communicate over a network to some other system, such as a computer
running a SCADA (Supervisory Control And Data Acquisition) system or web browser.
PLCs used in larger I/O systems may have peer-to-peer (P2P) communication between
processors. This allows separate parts of a complex process to have individual control while
allowing the subsystems to co-ordinate over the communication link. These communication
links are also often used for HMI devices such as keypads or PC-type workstations.

2.7 Simulation

In order to properly understand the operation of a PLC, it is necessary to spend considerable

time programming, testing, and debugging PLC programs. PLC systems are inherently
expensive, and down-time is often very costly. In addition, if a PLC is programmed incorrectly
it can result in lost productivity and dangerous conditions. PLC simulation software is a
valuable tool in the understanding and learning of PLCs and to keep this knowledge refreshed
and up to date. The advantages of using PLC simulation tools such as PLCLogix are that they
save time in the design of automated control applications and they can also increase the level
of safety associated with equipment since various "what if" scenarios can be tried and tested
before the system is activated.

11
 2.8 Redundancy

Some special processes need to work permanently with minimum unwanted stopping.
Therefore, it is necessary to design a system which is fault tolerant and capable of handling the
process with faulty modules. In such cases to increase the system availability in the event of
hardware component failure, redundant CPU or I/O modules with the same functionality can
be added to hardware configuration for preventing total or partial process shutdown due to
hardware failure from any kind.

2.9 PLC Compared with other Control Systems

PLCs are well adapted to a range of automation tasks. These are typically industrial processes
in manufacturing where the cost of developing and maintaining the automation system is high
relative to the total cost of the automation, and where changes to the system would be expected
during its operational life. PLCs contain input and output devices compatible with industrial
pilot devices and controls; little electrical design is required, and the design problem centers
on expressing the desired sequence of operations. PLC applications are typically highly
customized systems, so the cost of a packaged PLC is low compared to the cost of a specific
custom-built controller design. On the other hand, in the case of mass-produced goods,
customized control systems are economical. This is due to the lower cost of the components,
which can be optimally chosen instead of a "generic" solution, and where the non-recurring
engineering charges are spread over thousands or millions of units.

For high volume or very simple fixed automation tasks, different techniques are used. For
example, a consumer dishwasher would be controlled by an electromechanical cam timer
costing only a few dollars in production quantities.

A microcontroller-based design would be appropriate where hundreds or thousands of units

will be produced and so the development cost (design of power supplies, input/output hardware
and necessary testing and certification) can be spread over many sales, and where the end-user
would not need to alter the control. Automotive applications are an example; millions of units
are built each year, and very few end-users alter the programming of these controllers.
However, some specialty vehicles such as transit buses economically use PLCs instead of

12
custom-designed controls, because the volumes are low and the development cost would be
uneconomical.
Very complex process control, such as used in the chemical industry, may require algorithms
and performance beyond the capability of even high-performance PLCs. Very high-speed or
precision controls may also require customized solutions; for example, aircraft flight controls.
Single-board computers using semi-customized or fully proprietary hardware may be chosen
for very demanding control applications where the high development and maintenance cost can
be supported. "Soft PLCs" running on desktop-type computers can interface with industrial I/O
hardware while executing programs within a version of commercial operating systems adapted
for process control needs.

Programmable controllers are widely used in motion control, positioning control and torque
control. Some manufacturers produce motion control units to be integrated with PLC so that
G-code (involving a CNC machine) can be used to instruct machine movements.

PLCs may include logic for single-variable feedback analog control loop, a "proportional,
integral, derivative" or "PID controller". A PID loop could be used to control the temperature
of a manufacturing process, for example. Historically PLCs were usually configured with only
a few analog control loops; where processes required hundreds or thousands of loops, a
distributed control system (DCS) would instead be used. As PLCs have become more powerful,
the boundary between DCS and PLC applications has become less distinct.

PLCs have similar functionality as Remote Terminal Units. An RTU, however, usually does
not support control algorithms or control loops. As hardware rapidly becomes more powerful
and cheaper, RTUs, PLCs and DCSs are increasingly beginning to overlap in responsibilities,
and many vendors sell RTUs with PLC-like features and vice versa. The industry has
standardized on the IEC 61131-3 functional block language for creating programs to run on
RTUs and PLCs, although nearly all vendors also offer proprietary alternatives and associated
development environments.

13
Chapter-3-Overview of the Project

14
 3.1 Components List

1. Allen-Bradley 1761-L32BWA PLC

2. DTMF Decoder IC MT8870DE
3. PIR Sensor
4. Temperature Sensor
5. LEDs posing as interior and exterior lights
6. DC Fans
7. LDR

3.2 Technical Specifications

3.2.1 Allen-Bradley 1761-L32BWA PLC

a) Input Voltage – 120/240 VAC

b) Max. No. of Inputs – 20 inputs; 24V DC sink/source
c) Max. No. of Outputs – 12 Contact Outputs
d) Type – Discrete Inputs, Discrete Contact Outputs

Figure 3.1- Allen Bradley 1761-L32BWA (Courtesy -

Rockwell Automation)

15
 3.2.2 DTMF Decoder IC MT8870DE

The MT8870D/MT8870D-1 is a complete DTMF receiver integrating both the band-

split filter and digital decoder functions. The filter section uses switched capacitor
techniques for high and low group filters; the decoder uses digital counting techniques
to detect and decode all 16 DTMF tone-pairs into a 4-bit code.

Figure 3.2- The MT8870DE Pin Out Figure 3.3- The MT8870DE (Courtesy- Motorola Corporation)

16
 Table 3.1- MT8870DE Pin Details

3.2.3 PIR Sensor

The pyro-electric infrared sensor detects infrared radiation on the basis of the
characteristics that the polarization of pyro-electric material changes with temperature.
Dual compensated sensing elements are applied to suppress the interference resulting
from temperature variation. As a result, the operating stability of the sensor is greatly
improved. It is be used in many applications, such as insecurity systems, burglar alarms,
visitor acknowledgements, light switch control and intellectualized toys, etc.

Figure 3.4- A Generic PIR Sensor

Table 3.2- Details of the PIR Sensor

17
3.2.4 LM35 Temperature Sensor

The LM35 series are precision integrated-circuit temperature sensors, with an output
voltage linearly proportional to the Centigrade temperature. Thus the LM35 has an
advantage over linear temperature sensors calibrated in ° Kelvin, as the user is not
required to subtract a large constant voltage from the output to obtain convenient
Centigrade scaling. The LM35 does not require any external calibration or trimming to
provide typical accuracies of ±¼°C at room temperature and ±¾°C over a full −55°C
to +150°C temperature range. Low cost is assured by trimming and calibration at the
wafer level. The low output impedance, linear output, and precise inherent calibration
of the LM35 make interfacing to readout or control circuitry especially easy. The device
is used with single power supplies, or with plus and minus supplies. As the LM35 draws
only 60 μA from the supply, it has very low self-heating of less than 0.1°C in still air.
The LM35 is rated to operate over a 55°C to +150°C temperature range, while the
LM35C is rated for a −40°C to +110°C range (−10° with improved accuracy).

Table 3.3- Details of the Temperature Sensor

Figure 3.5- The LM35 Temperature Sensor

18
3.2.5 Light Dependent Resistor

A photoresistor or light-dependent resistor (LDR) or photocell is a resistor whose

resistance decreases with increasing incident light intensity; in other words, it exhibits
photoconductivity.

A photoresistor is made of a high resistance semiconductor. If light falling on the device

is of high enough frequency, photons absorbed by the semiconductor give bound
electrons enough energy to jump into the conduction band. The resulting free electron
(and its hole partner) conduct electricity, thereby lowering resistance.

Figure 3.6- A CdS Photoresistor/LDR (Courtesy-Google Images)

19
Chapter-4-Project Functionality

20
 4.1 Block Diagram

Figure 4.1- Block diagram depicting connection of a centralized PLC to various I/O modules

4.1.1 Block Diagram Description

The PLC lies at the center of the system, controlling the function of all devices connected to it.

The exterior lights will be connected to an LDR (light dependent resistor) as well so that they
turn on automatically during dusk and turn off automatically during dawn.

A fire/smoke detector will detect the possibility/ occurrence of a fire and will sound the fire
alarm. This will also switch off all the other devices except the interior lights, fire alarm and
the PLC itself in order to reduce the risk of an electrically induced fire.

The intruder detector, basically the PIR sensor, mounted at a window, will be triggered if the
LOS (line of sight) of its detection breaks and will trigger the security alarm. The PLC will
also be programmed in a way that when the intruder detector is triggered, the interior and
exterior lights will flash on/off so that people can raise an alarm.

A cell phone will be connected via a 3.5mm audio jack to the DTMF decoder circuit, on which
when pressed a number on its dial pad, will send a DTMF signal to the circuit, which in turn
will be sent to the PLC in order to control the interior lights, exterior lights, fans and the AC
(emulated by an LED).

21
In addition to all the automata, all devices will be connected to their manual on/off switches
respectively, with the alarms being connected to a reset switch and the PLC itself being
connected to a start/stop switch, all of these placed on a control panel.

A SCADA Program will then be written to monitor all the processes.

4.2 Flow Charts

4.2.1 Interior Lights Control

Start

Off
Manual
Switch

On

Burglar On
Alarm
State

Lights on
Off (Flashing)

Lights on
(Steady)

End

22
4.2.2 Exterior Lights Control

Start

Off Manual Switch

On

On
Fire Alarm
State

Off

Burglar
On
Alarm State
Lights on
(Flashing)

Off

Lights on
(Steady)

End

23
4.2.3 Fire/Smoke Alarm

Start

No Reset

Fire Sensor
Trip?

Yes

Sound Fire Alarm

Switch off all devices

except PLC, Fire
Alarm and Interior
Lights

End

24
4.2.4 Intruder/Security/Burglar Alarm

Start

No Reset

PIR Sensor
Trip?

Yes

Sound Burglar Alarm

Flash Interior &

Exterior Lights

End

25
Chapter-5-Module Details

26
 5.1 The DTMF Decoder

5.1.1 Details about the DTMF decoder

This circuit designed will decode the numbers pressed on the keypad of a cell phone through
the audio jack and the corresponding BCD will be displayed through the LEDs. The outputs of
the decoder can be connected to a PLC as inputs in order to provide for automation.

Figure 5.1- Schematic of an analog DTMF decoder

27
5.1.2 Output Format of the DTMF Decoder
Key Pressed LED 4 LED 3 LED 2 LED 1

0 Off Off Off Off

1 Off Off Off On

2 Off Off On Off

3 Off Off On On

4 Off On Off Off

5 Off On Off On

6 Off On On Off

7 Off On On On

8 On Off Off Off

9 On Off Off On

Table 5.1- Output of the DTMF Decoder Circuit

5.1.3 Role of DTMF Decoder in Automation

Here, the DTMF decoder circuit will be interfaced to the PLC In order to control the interior
lights, exterior lights, fans and the AC remotely. The interpretation of the DTMF signals and
the real world outputs is as follows:-

Key Pressed Output

1 Interior Lights On

2 Interior Lights Off

3 Exterior Lights On

4 Exterior Lights Off

5 Fans On

28
 6 Fans Off

7 AC On

8 AC Off

Table 5.2- Real World Interpretation of DTMF Decoder Output

5.2 The LDR Sensor

5.2.1 Details about the LDR Sensor

This circuit is designed to trigger the relay during the night-time, i.e. when there is not enough
light falling on the LDR, and the relay will remain in the N/O mode during day-time, i.e. when
there is a considerable amount of light falling on the LDR. It is to be connected to the exterior
lights of a house and supposed to be switched on during dusk and switched off during dawn
automatically. Also, the sensitivity of the sensor can be changed via the variable resistor on the
PCB. The output of this circuit is connected to the PLC as input.

Figure 5.2- Schematic of an LDR operated relay

29
 5.3 The Fire Sensor

5.3.1 Details about the Fire Sensor

The heart of the circuit is the LM35DZ temperature sensor which is factory-calibrated in the
Celsius (or Centigrade) scale with a linear Degree-Volt conversion function. The output voltage
(at pin 2) changes linearly with temperature from 0V (0oC) to 1000mV (100oC). This greatly
simplifies the circuit design as we only need to provide a precision voltage reference (TL431)
and an accurate comparator (A1 of LM358) in order to construct a complete thermal-controlled
switch. The preset (VR1) & resistor (R3) from a variable voltage divider which sets a reference
voltage (Vref) form 0V ~ 1.62V. The op-amp (A2) buffers the reference voltage so as to avoid
loading the divider network (VR1 & R3). The comparator (A1) compares the reference voltage,
Vref (set by VR1) with the output voltage of LM35DZ and decides whether to energize or de-
energize the relay (LED1 ON or OFF respectively). The purpose of R2 is to provide a bit of
hysteresis which helps to prevent relay chattering. Hysteresis is inversely proportional to the
value of R2. Lower value of R2 gives higher hysteresis. The relay used here is in the form of
N/C condition. The output of this circuit is connected to the PLC as input.

Figure 5.3- Schematic of a fire operated relay

30
 5.4 The PIR Sensor

5.4.1 Details about the Fire Sensor

This circuit is designed to trigger the relay during the event of an infrared detection. When a
human approaches the sensor, the pyro-electric ability of the sensor allows it to develop a
temporary voltage, thus triggering the relay. The relay used here is in the form of N/C
condition. The output of this circuit is connected to the PLC as input.

Figure 5.4- Schematic of a PIR operated relay

5.5 The Output Modules

5.5.1 Interior Lights (LEDs)

Two LEDs are used to emulate the interior lights of a home. These interior lights are
controllable via a manual switch, the DTMF module, and also flash on-off when the PIR sensor
is triggered. They are connected as outputs from the PLC.

5.5.2 Exterior Lights (LEDs)

Two LEDs are used to emulate the exterior lights of a home. These exterior lights are
controllable via a manual switch, the DTMF module, the LDR sensor, and also flash on-off
when the PIR sensor is triggered. They are switched off in the event of a fire. They are
connected as outputs from the PLC.

31
5.5.3 Fire Alarm (Buzzer)

A buzzer (hooter) is used to indicate that the fire alarm has been triggered. It can be reset via a
manual pushbutton. It is connected as an output from the PLC.

5.5.4 PIR/Security Alarm (Buzzer)

A buzzer (hooter) is used to indicate that the PIR alarm has been triggered. It can be reset via
a manual pushbutton. It is connected as an output from the PLC.

5.5.5 Fans (DC Fans)

Two fans have been used in order to emulate a part of the HVAC system. They are controllable
via a manual switch, the DTMF module, and is switched off when the fire alarm has been
triggered. They are connected to an electromagnetic relay, which is in turn connected as output
from the PLC.

5.5.6 AC

An electromagnetic relay, which is used to emulate an AC, has been connected as an output
from the PLC in order to emulate a part of the HVAC system. It is controllable via a manual
switch, the DTMF module, and is switched off when the fire alarm has been triggered.

Figure 5.5- The o/p modules

(Top-Fans, Interior Lights, PIR Alarm, Fire Alarm
Left-Relay used to emulate AC)
32
Chapter-6-Programming

33
 6.1 Programming the PLC

A Programmable Logic Controller, or PLC, is more or less a small computer with a built-in
operating system (OS). This OS is highly specialized to handle incoming events in real time,
i.e. at the time of their occurrence.

The PLC has input lines where sensors are connected to notify upon events (e.g. temperature
above/below a certain level, liquid level reached, etc.), and output lines to signal any reaction
to the incoming events (e.g. start an engine, open/close a valve, etc.).

The system is user programmable. It uses a language called "Relay Ladder" or RLL (Relay
Ladder Logic). The name of this language implies that the control logic of the earlier days,
which was built from relays, is being simulated. The different programming languages with
which PLCs can be programmed are listed as follows:-

a) LD: Ladder Diagram

b) IL: Instruction List

c) ST: Structure Test

d) STL: Statement List

e) FBD: Function Block Diagram

f) SFC: Sequential Function Chart

Since the PLC being used in the project is Allen Bradley 1761-L32BWA, the programming
software used is RSlogix 500, which uses ladder diagram as the programming language.

34
 Figure 6.1- Typical Workspace of RSLogix 500 (Courtesy- Rockwell Automation)

6.2 Ladder Logic

Ladder logic was originally a written method to document the design and construction of relay
racks as used in manufacturing and process control. Each device in the relay rack would be
represented by a symbol on the ladder diagram with connections between those devices shown.
In addition, other items external to the relay rack such as pumps, heaters, and so forth would
also be shown on the ladder diagram. Although the diagrams themselves have been used since
the days when logic could only be implemented using switches and electromechanical relays,
the term 'ladder logic' was only latterly adopted with the advent of solid state programmable
logic.

Ladder logic has evolved into a programming language that represents a program by a graphical
diagram based on the circuit diagrams of relay logic hardware. Ladder logic is used to develop
software for programmable logic controllers (PLCs) used in industrial control applications. The
name is based on the observation that programs in this language resemble ladders, with two
vertical rails and a series of horizontal rungs between them. While ladder diagrams were once
the only available notation for recording programmable controller programs, today other forms
are standardized in IEC 61131-3.

Ladder logic is widely used to program PLCs, where sequential control of a process or
manufacturing operation is required. Ladder logic is useful for simple but critical control

35
systems or for reworking old hardwired relay circuits. As programmable logic controllers
became more sophisticated it has also been used in very complex automation systems. Often
the ladder logic program is used in conjunction with an HMI program operating on a computer
workstation.

The motivation for representing sequential control logic in a ladder diagram was to allow
factory engineers and technicians to develop software without additional training to learn a
language such as FORTRAN or other general purpose computer language. Development, and
maintenance, was simplified because of the resemblance to familiar relay hardware systems.
Implementations of ladder logic have characteristics, such as sequential execution and support
for control flow features, that make the analogy to hardware somewhat inaccurate. This
argument has become less relevant given that most ladder logic programmers have a software
background in more conventional programming languages.

Manufacturers of programmable logic controllers generally also provide associated ladder

logic programming systems. Typically the ladder logic languages from two manufacturers will
not be completely compatible; ladder logic is better thought of as a set of closely related
programming languages rather than one language. (The IEC 61131-3 standard has helped to
reduce unnecessary differences, but translating programs between systems still requires
significant work.) Even different models of programmable controllers within the same family
may have different ladder notation such that programs cannot be seamlessly interchanged
between models.

Ladder logic can be thought of as a rule-based language rather than a procedural language. A
"rung" in the ladder represents a rule. When implemented with relays and other
electromechanical devices, the various rules "execute" simultaneously and immediately. When
implemented in a programmable logic controller, the rules are typically executed sequentially
by software, in a continuous loop (scan). By executing the loop fast enough, typically many
times per second, the effect of simultaneous and immediate execution is achieved, if
considering intervals greater than the "scan time" required to execute all the rungs of the
program. Proper use of programmable controllers requires understanding the limitations of the
execution order of rungs.

36
 6.3 Example of a simple ladder logic program

The language itself can be seen as a set of connections between logical checkers (contacts) and
actuators (coils). If a path can be traced between the left side of the rung and the output, through
asserted (true or "closed") contacts, the rung is true and the output coil storage bit is asserted
(1) or true. If no path can be traced, then the output is false (0) and the "coil" by analogy to
electromechanical relays is considered "de-energized". The analogy between logical
propositions and relay contact status is due to Claude Shannon.

Ladder logic has contacts that make or break circuits to control coils. Each coil or contact
corresponds to the status of a single bit in the programmable controller's memory. Unlike
electromechanical relays, a ladder program can refer any number of times to the status of a
single bit, equivalent to a relay with an indefinitely large number of contacts.

So-called "contacts" may refer to physical ("hard") inputs to the programmable controller from
physical devices such as pushbuttons and limit switches via an integrated or external input
module, or may represent the status of internal storage bits which may be generated elsewhere
in the program.

Each rung of ladder language typically has one coil at the far right. Some manufacturers may
allow more than one output coil on a rung.

 —( )— A regular coil, energized whenever its rung is closed.

 —(\)— A "not" coil, energized whenever its rung is open.
 —[ ]— A regular contact, closed whenever its corresponding coil or an input which
controls it is energized.
 —[\]— A "not" contact, closed whenever its corresponding coil or an input which
controls it is not energized.

The "coil" (output of a rung) may represent a physical output which operates some device
connected to the programmable controller, or may represent an internal storage bit for use
elsewhere in the program.

37
Here is an example of what two rungs in a ladder logic program might look like. In real world
applications, there may be hundreds or thousands of rungs.

Typically, complex ladder logic is 'read' left to right and top to bottom. As each of the lines (or
rungs) are evaluated the output coil of a rung may feed into the next stage of the ladder as an
input. In a complex system there will be many "rungs" on a ladder, which are numbered in
order of evaluation.

1. ----[ ]---------+----[ ]-----+----( )

Switch | HiTemp | A/C
| |
+----[ ]-----+
Humid
2. ----[ ]----[\]--------------------( )
A/C Heat Cooling

Line 1 realizes the function: A/C = Switch AND ( HiTemp OR Humid )

Line 2 realizes the function: Cooling = A/C AND ( NOT Heat )

This represents a slightly more complex system for rung 2. After the first line has been
evaluated, the output coil "A/C" is fed into rung 2, which is then evaluated and the output coil
"Cooling" could be fed into an output device "Compressor" or into rung 3 on the ladder. This
system allows very complex logic designs to be broken down and evaluated.

Additional functionality can be added to a ladder logic implementation by the PLC

manufacturer as a special block. When the special block is powered, it executes code on
predetermined arguments. These arguments may be displayed within the special block.

+-------+
-----[ ]--------------------+ A +----
Remote Unlock +-------+
Remote Counter
+-------+

38
 -----[ ]--------------------+ B +----
Interior Unlock +-------+
Interior Counter
+--------+
--------------------+ A + B +-----------
| into C |
+--------+
Adder

In this example, the system will count the number of times that the interior and remote unlock
buttons are pressed. This information will be stored in memory locations A and B. Memory
location C will hold the total number of times that the door has been unlocked electronically.

PLCs have many types of special blocks. They include timers, arithmetic operators and
comparisons, table lookups, text processing, PID control, and filtering functions. More
powerful PLCs can operate on a group of internal memory locations and execute an operation
on a range of addresses, for example,to simulate a physical sequential drum controller or a
finite state machine. In some cases, users can define their own special blocks, which effectively
are subroutines or macros. The large library of special blocks along with high speed execution
has allowed use of PLCs to implement very complex automation systems.

Ladder notation is best suited to control problems where only binary variables are required and
where interlocking and sequencing of binary is the primary control problem. Since execution
of rungs is sequential within a program and may be undefined or obscure within a rung, some
logic race conditions are possible which may produce unexpected results; complex rungs are
best broken into several simpler steps to avoid this problem. Some manufacturers avoid this
problem by explicitly and completely defining the execution order of a rung, however
programmers may still have problems fully grasping the resulting complex semantics.

Analog quantities and arithmetical operations are clumsy to express in ladder logic and each
manufacturer has different ways of extending the notation for these problems. There is usually
limited support for arrays and loops, often resulting in duplication of code to express cases
which in other languages would call for use of indexed variables.

39
As microprocessors have become more powerful, notations such as sequential function charts
and function block diagrams can replace ladder logic for some limited applications. Very large
programmable controllers may have all or part of the programming carried out in a dialect that
resembles BASIC or C or other programming language with bindings appropriate for a real-
time application environment.

6.4 Limitations and Successor Languages

Ladder notation is best suited to control problems where only binary variables are required and
where interlocking and sequencing of binary is the primary control problem. Since execution
of rungs is sequential within a program and may be undefined or obscure within a rung, some
logic race conditions are possible which may produce unexpected results; complex rungs are
best broken into several simpler steps to avoid this problem. Some manufacturers avoid this
problem by explicitly and completely defining the execution order of a rung, however
programmers may still have problems fully grasping the resulting complex semantics.

Analog quantities and arithmetical operations are clumsy to express in ladder logic and each
manufacturer has different ways of extending the notation for these problems. There is usually
limited support for arrays and loops, often resulting in duplication of code to express cases
which in other languages would call for use of indexed variables.

As microprocessors have become more powerful, notations such as sequential function charts
and function block diagrams can replace ladder logic for some limited applications. Very large
programmable controllers may have all or part of the programming carried out in a dialect that
resembles BASIC or C or other programming language with bindings appropriate for a real-
time application environment.

40
6.5 Developed Program

41
42
Figure 6.2- The Program Developed for Home Automation

43
Chapter-7-SCADA

44
 7.1 Introduction to SCADA

SCADA (supervisory control and data acquisition) is a type of industrial control

system (ICS). Industrial control systems are computer controlled systems that monitor and

control industrial processes that exist in the physical world. SCADA systems historically
distinguish themselves from other ICS systems by being large scale processes that can include
multiple sites, and large distances. These processes include industrial, infrastructure, and
facility-based processes, as described below:

 Industrial processes include those of manufacturing, production, power

generation, fabrication, and refining, and may run in continuous, batch, repetitive, or
discrete modes.
 Infrastructure processes may be public or private, and include water treatment and
distribution, wastewater collection and treatment, oil and gas pipelines, electrical power
transmission and distribution, wind farms, civil defense siren systems, and large
communication systems.
 Facility processes occur both in public facilities and private ones, including
buildings, airports, ships, and space stations. They monitor and control heating, ventilation,
and air conditioning systems (HVAC), access, and energy consumption.

7.2 Common System Components

A SCADA system usually consists of the following subsystems:

 A human–machine interface or HMI is the apparatus or device which presents processed

data to a human operator, and through this, the human operator monitors and controls the
process.
 SCADA is used as a safety tool as in lock-out tag-out
 A supervisory (computer) system, gathering (acquiring) data on the process and sending
commands (control) to the process.
 Remote terminal units (RTUs) connecting to sensors in the process, converting sensor
signals to digital data and sending digital data to the supervisory system.
 Programmable logic controller (PLCs) used as field devices because they are more
economical, versatile, flexible, and configurable than special-purpose RTUs.

45
 Communication infrastructure connecting the supervisory system to the remote terminal
units.
 Various process and analytical instrumentation.

7.3 System Concepts

The term SCADA usually refers to centralized systems which monitor and control entire sites,
or complexes of systems spread out over large areas (anything from an industrial plant to a
nation). Most control actions are performed automatically by RTUs or by PLCs. Host control
functions are usually restricted to basic overriding or supervisory level intervention. For
example, a PLC may control the flow of cooling water through part of an industrial process,
but the SCADA system may allow operators to change the set points for the flow, and enable
alarm conditions, such as loss of flow and high temperature, to be displayed and recorded. The
feedback control loop passes through the RTU or PLC, while the SCADA system monitors the
overall performance of the loop.

Data acquisition begins at the RTU or PLC level and includes meter readings and equipment
status reports that are communicated to SCADA as required. Data is then compiled and
formatted in such a way that a control room operator using the HMI can make supervisory
decisions to adjust or override normal RTU (PLC) controls. Data may also be fed to a Historian,
often built on a commodity Database Management System, to allow trending and other
analytical auditing.

SCADA systems typically implement a distributed database, commonly referred to as a tag

database, which contains data elements called tags or points. A point represents a single input
or output value monitored or controlled by the system. Points can be either "hard" or "soft". A
hard point represents an actual input or output within the system, while a soft point results from
logic and math operations applied to other points. (Most implementations conceptually remove
the distinction by making every property a "soft" point expression, which may, in the simplest
case, equal a single hard point.) Points are normally stored as value-timestamp pairs: a value
and the timestamp when it was recorded or calculated. A series of value-timestamp pairs gives
the history of that point. It is also common to store additional metadata with tags, such as the
path to a field device or PLC register, design time comments, and alarm information.

46
SCADA systems are significantly important systems used in national infrastructures such as
electric grids, water supplies and pipelines. However, SCADA systems may have security
vulnerabilities, so the systems should be evaluated to identify risks and solutions implemented
to mitigate those risks.

Figure 7.1- SCADA's Schematic Overview (Courtesy - Wikipedia)

7.4 Human-Machine Interface

A human–machine interface or HMI is the apparatus which presents process data to a human
operator, and through which the human operator controls the process.

HMI is usually linked to the SCADA system's databases and software programs, to provide
trending, diagnostic data, and management information such as scheduled maintenance
procedures, logistic information, detailed schematics for a particular sensor or machine, and
expert-system troubleshooting guides.

47
The HMI system usually presents the information to the operating personnel graphically, in the
form of a mimic diagram. This means that the operator can see a schematic representation of
the plant being controlled. For example, a picture of a pump connected to a pipe can show the
operator that the pump is running and how much fluid it is pumping through the pipe at the
moment. The operator can then switch the pump off. The HMI software will show the flow rate
of the fluid in the pipe decrease in real time. Mimic diagrams may consist of line graphics and
schematic symbols to represent process elements, or may consist of digital photographs of the
process equipment overlain with animated symbols.

The HMI package for the SCADA system typically includes a drawing program that the
operators or system maintenance personnel use to change the way these points are represented
in the interface. These representations can be as simple as an on-screen traffic light, which
represents the state of an actual traffic light in the field, or as complex as a multi-projector
display representing the position of all of the elevators in a skyscraper or all of the trains on a
railway.

An important part of most SCADA implementations is alarm handling. The system monitors
whether certain alarm conditions are satisfied, to determine when an alarm event has occurred.
Once an alarm event has been detected, one or more actions are taken (such as the activation
of one or more alarm indicators, and perhaps the generation of email or text messages so that
management or remote SCADA operators are informed). In many cases, a SCADA operator
may have to acknowledge the alarm event; this may deactivate some alarm indicators, whereas
other indicators remain active until the alarm conditions are cleared. Alarm conditions can be
explicit—for example, an alarm point is a digital status point that has either the value
NORMAL or ALARM that is calculated by a formula based on the values in other analogue
and digital points—or implicit: the SCADA system might automatically monitor whether the
value in an analogue point lies outside high and low limit values associated with that point.
Examples of alarm indicators include a siren, a pop-up box on a screen, or a colored or flashing
area on a screen (that might act in a similar way to the "fuel tank empty" light in a car); in each
case, the role of the alarm indicator is to draw the operator's attention to the part of the system
'in alarm' so that appropriate action can be taken. In designing SCADA systems, care must be
taken when a cascade of alarm events occurs in a short time, otherwise the underlying cause
(which might not be the earliest event detected) may get lost in the noise. Unfortunately, when
used as a noun, the word 'alarm' is used rather loosely in the industry; thus, depending on
context it might mean an alarm point, an alarm indicator, or an alarm event.

48
 7.5 SCADA Architectures

SCADA systems have evolved through four generations as follows:-

7.5.1 First generation: “Monolithic”

Computing was done by mainframe computers. Networks did not exist at the time SCADA
was developed. Thus SCADA systems were independent systems with no connectivity to other
systems. Wide Area Networks (WAN) were later designed by RTU vendors to communicate
with the RTU. The communication protocols used were often proprietary at that time. The first-
generation SCADA system was redundant since a back-up mainframe system was connected
at the bus level and was used in the event of failure of the primary mainframe system. Some
first generation SCADA systems were developed as "turn key" operations that ran on
minicomputers like the PDP-11 series made by the Digital Equipment Corporation These
systems were read only in the sense that they could display information from the existing
analog based control systems to individual operator workstations but they usually didn't attempt
to send control signals to remote stations due to analog based telemetry issues and control
center management concerns with allowing direct control from computer workstations. They
would also perform alarming and logging functions and calculate hourly and daily system
commodity accounting functions.

7.5.2 Second generation: "Distributed"

The processing was distributed across multiple stations which were connected through a LAN
and they shared information in real time. Each station was responsible for a particular task thus
making the size and cost of each station less than the one used in First Generation. The network
protocols used were still mostly proprietary, which led to significant security problems for any
SCADA system that received attention from a hacker. Since the protocols were proprietary,
very few people beyond the developers and hackers knew enough to determine how secure a
SCADA installation was. Since both parties had vested interests in keeping security issues
quiet, the security of a SCADA installation was often badly overestimated, if it was considered
at all.

49
7.5.3 "Third generation: "Networked"

Similar to a distributed architecture, any complex SCADA can be reduced to simplest

components and connected through communication protocols. In the case of a networked
design, the system may be spread across more than one LAN network and separated
geographically. Several distributed architecture SCADAs running in parallel, with a single
supervisor and historian, could be considered a network architecture. This allows for a more
cost effective solution in very large scale systems.

7.5.4 Fourth generation: "Internet of Things"

With the commercial availability of cloud computing, SCADA systems have increasingly
adopted Internet of Things technology to significantly reduce infrastructure costs and increase
ease of maintenance and integration. As a result SCADA systems can now report state in near
real-time and use the horizontal scale available in cloud environments to implement more
complex control algorithms than are practically feasible to implement on traditional
programmable logic controllers. Further, the use of open network protocols such as TLS
inherent in Internet of Things technology provides a more readily comprehendible and
manageable security boundary than the heterogeneous mix of proprietary network protocols
typical of many decentralized SCADA implementations.

7.6 Security Issues

SCADA systems that tie together decentralized facilities such as power, oil, and gas pipelines
and water distribution and wastewater collection systems were designed to be open, robust, and
easily operated and repaired, but not necessarily secure. The move from proprietary
technologies to more standardized and open solutions together with the increased number of
connections between SCADA systems, office networks, and the Internet has made them more
vulnerable to types of network attacks that are relatively common in computer security. For
example, United States Computer Emergency Readiness Team (US-CERT) released a
vulnerability advisory that allowed unauthenticated users to download sensitive configuration
information including password hashes on an Inductive Automation Ignition system utilizing
is a standard attack type leveraging access to the Tomcat Embedded Web server. Security
researcher Jerry Brown submitted a similar advisory regarding a buffer overflow vulnerability

50
in a Wonderware InBatchClient ActiveX control. Both vendors made updates available prior
to public vulnerability release. Mitigation recommendations were standard patching practices
and requiring VPN access for secure connectivity. Consequently, the security of some
SCADA-based systems has come into question as they are seen as potentially vulnerable to
cyber-attacks.

In particular, security researchers are concerned about:

 The lack of concern about security and authentication in the design, deployment and
operation of some existing SCADA networks
 The belief that SCADA systems have the benefit of security through obscurity through
the use of specialized protocols and proprietary interfaces
 The belief that SCADA networks are secure because they are physically secured
 The belief that SCADA networks are secure because they are disconnected from the
Internet.

SCADA systems are used to control and monitor physical processes, examples of which are
transmission of electricity, transportation of gas and oil in pipelines, water distribution, traffic
lights, and other systems used as the basis of modern society. The security of these SCADA
systems is important because compromise or destruction of these systems would impact
multiple areas of society far removed from the original compromise. For example, a blackout
caused by a compromised electrical SCADA system would cause financial losses to all the
customers that received electricity from that source. How security will affect legacy SCADA
and new deployments remains to be seen.

There are many threat vectors to a modern SCADA system. One is the threat of unauthorized
access to the control software, whether it be human access or changes induced intentionally or
accidentally by virus infections and other software threats residing on the control host machine.
Another is the threat of packet access to the network segments hosting SCADA devices. In
many cases, the control protocol lacks any form of cryptographic security, allowing an attacker
to control a SCADA device by sending commands over a network. In many cases SCADA
users have assumed that having a VPN offered sufficient protection, unaware that security can
be trivially bypassed with physical access to SCADA-related network jacks and switches.
Industrial control vendors suggest approaching SCADA security like Information Security with
a defense in depth strategy that leverages common IT practices.

51
The reliable function of SCADA systems in our modern infrastructure may be crucial to public
health and safety. As such, attacks on these systems may directly or indirectly threaten public
health and safety. Such an attack has already occurred, carried out on Maroochy Shire Council's
sewage control system in Queensland, Australia. Shortly after a contractor installed a SCADA
system in January 2000, system components began to function erratically. Pumps did not run
when needed and alarms were not reported. More critically, sewage flooded a nearby park and
contaminated an open surface-water drainage ditch and flowed 500 meters to a tidal canal. The
SCADA system was directing sewage valves to open when the design protocol should have
kept them closed. Initially this was believed to be a system bug. Monitoring of the system logs
revealed the malfunctions were the result of cyber-attacks. Investigators reported 46 separate
instances of malicious outside interference before the culprit was identified. The attacks were
made by a disgruntled ex-employee of the company that had installed the SCADA system. The
ex-employee was hoping to be hired by the utility full-time to maintain the system.

Many vendors of SCADA and control products have begun to address the risks posed by
unauthorized access by developing lines of specialized industrial firewall and VPN solutions
for TCP/IP-based SCADA networks as well as external SCADA monitoring and recording
equipment. The International Society of Automation (ISA) started formalizing SCADA
security requirements in 2007 with a working group, WG4. WG4 "deals specifically with
unique technical requirements, measurements, and other features required to evaluate and
assure security resilience and performance of industrial automation and control systems
devices".

The increased interest in SCADA vulnerabilities has resulted in vulnerability researchers

discovering vulnerabilities in commercial SCADA software and more general offensive
SCADA techniques presented to the general security community. In electric and gas utility
SCADA systems, the vulnerability of the large installed base of wired and wireless serial
communications links is addressed in some cases by applying bump-in-the-wire devices that
employ authentication and Advanced Encryption Standard encryption rather than replacing all
existing nodes.

52
 7.7 Developed SCADA Program

Figure 7.2- Developed SCADA HMI for Home Automation

53
Chapter-8-Future Prospects

54
 8.1 Applications

With modifications in programming a PLC and interfacing of various sensors and appliances,
PLCs can be made to handle many tasks pertaining to home automation like:-

a) Adjusting the thermostat while you lie in bed or from a cell phone on your way home
from work.

b) Heating the hot tub or turning on the oven on the way home from work through the
cell phone.

c) Eliminating the need to walk around the house turning off lights before exiting the
home or going to sleep, turning off all house lights with the touch of a single button.

d) Setting a series of events for morning routines, designating the thermostat to warm
the room, have lights gradually increase intensity, ensure the coffee begins brewing and
the television turns on.

e) Programming the security system to alert you through e-mail or phone when the
system detects activity in the home while you are away.

f) Organizing and controlling every component of the home entertainment system--

television, DVD, VCR and whole-house audio -- with a single touch-screen remote
from anywhere in the home.

g) Seeing who is at the front door without leaving the comfort and safety of the couch
through a display on your TV screen showing the visitor at the front door.

h) Controlling all scheduled tasks, such as watering the lawn and outdoor lighting.

55
 8.2 Additional Information

8.2.1 Why PLC and not Microcontrollers?

There are ample reasons behind choosing a PLC over a microcontroller:-

a) Ease of programming.

b) Ease of interfacing devices and sensors.

c) Wide range of operating voltages- both AC and DC.

d) Number of inputs and outputs that can be connected much larger than
microcontrollers.

e) The provision of both discrete and analog I/Os.

f) Can be controlled and supervised through HMI (Human Machine Interface) and
SCADA.

56
 8.3 Future Expansion

 Can include more modules to control the automation over the internet (using CANopen
protocol) and/or an Android powered smartphone.
 These modules can be home stereo system, garage opener (using dtmf).
 Adjusting a thermostat according to the weather changes (HVAC control).
 Automatic door opener based on proximity sensor.
 Automatic water sprinklers for lawn and in buildings in the event of a fire.
 Building automation with complete SCADA monitoring.

57
 8.4 Conclusion

 This project aims to automate the basic necessities required in a generic home using a
much simpler system-a PLC, rather than using complicated microcontrollers.
 Also, adding more modules to the expansion slots of a PLC doesn’t need to reprogram
the PLC from scratch, as would what be required if one was using
microcontrollers/embedded systems.
 Also, the complete process can be monitored using SCADA, which is a proprietary
software that is provided with each PLC.

58
 References
[1] Irmak, E.; Kabalci, E.; Kose, A., "Design and implementation of a computer interacted
smart home system based on PLC," Application of Information and Communication
Technologies (AICT), 2010 4th International Conference on, vol., no., pp.1,5, 12-14 Oct. 2010

[2] Mateos, F.; Gonzalez, V.M.; Poo, R.; Garcia, M.; Olaiz, R., "Design and development of
an automatic small-scale house for teaching domotics," Frontiers in Education Conference,
2001. 31st Annual, vol.1, no., pp.T3C,1-5 vol.1, 2001

[3] Sharma, R.; Kumar, K.; Vig, S., "DTMF Based Remote Control System," Industrial
Technology, 2006. ICIT 2006. IEEE International Conference on, vol., no., pp.2380, 2383, 15-
17 Dec. 2006

[4] ^ "The father of invention: Dick Morley looks back on the 40th anniversary of the PLC",
Manufacturing Automation, 12 September 2008.

59
 Appendix

MT8870DE DTMF Decoder

60
Micrologix 1000 Programmable Controllers

67
7L805 Voltage Regulator

76
LM35 Temperature Sensor

85
D203B PIR Sensor

94
Patent Drafting Exercise Report

99
100
101
102
103
104
105
106
107
108
109
110
111
112
113