AN APPLICATION STUDY FOR THE CLASS IE DIGITAL CONTROL AND



Similar documents
Development and Application of POSAFE-Q PLC Platform

Recent Technologies in Nuclear Power Plant Supervisory and Control Systems

Emulated Digital Control System Validation in Nuclear Power Plant Training Simulators

MDEP Generic Common Position No DICWG 02

Application of FPGA-based Safety Controller for Implementation of NPPs I&C Systems Vladimir Sklyar, Technical Director

231 XA REACTOR ALARM SYSTEM DEVELOPMENT AND APPLICATION ISSUES. J.E. Drexler, G.O. Oicese INVAP S.E. Argentina

IEC Overview Report

Latest Power Plant Control System

Announcement of a new IAEA Co-ordinated Research Programme (CRP)

Harmonics and Noise in Photovoltaic (PV) Inverter and the Mitigation Strategies

Steven A. Arndt Division of Engineering Office of Nuclear Reactor Regulation

Test & Data Management Software

AP1000 European 18. Human Factors Engineering Design Control Document

Testing Automated Manufacturing Processes

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces

EDK 350 (868 MHz) EDK 350U (902 MHz) EnOcean Developer Kit

Degree programme in Automation Engineering

AN AUTOMATIC MAINTENANCE SYSTEM FOR NUCLEAR POWER PLANTS INSTRUMENTATION

REMOTE MONITORING AND CONTROL OF THE KAKKONDA GEOTHERMAL POWER PLANTS

NEW GENERATION PROGRAMMABLE AUTOMATION CONTROLLER

RADIATION MONITORING SYSTEMS

DeltaV SIS for Burner Management Systems

ELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL

SOFTWARE-IMPLEMENTED SAFETY LOGIC Angela E. Summers, Ph.D., P.E., President, SIS-TECH Solutions, LP

AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

TDMS Test & Data Management Software

PLAN REVIEW GUIDE FOR FIRE ALARM

Programming Logic controllers

Cyber Security Design Methodology for Nuclear Power Control & Protection Systems. By Majed Al Breiki Senior Instrumentation & Control Manager (ENEC)

The Bayesian Network Methodology for Industrial Control System with Digital Technology

International standards on technical. documentation. documentation. International Electrotechnical Commission

Océ TCS500. No time to waste. Wide format colour. print, copy and scan. system

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

Electromagnetic Compatibility and International Regulatory Approvals

SECTION FIRE ALARM AND SMOKE DETECTION SYSTEMS

US-APWR Human Performance Monitoring Implementation Plan

Single-phase ( V) voltage monitoring: Undervoltage Overvoltage Window mode (overvoltage + undervoltage) Voltage fault memory selectable

TI 313 (1.0 EN) d&b Remote network - Integration

Selecting Sensors for Safety Instrumented Systems per IEC (ISA )

Design Feature and Prototype Testing Methodology of DHIC s Nuclear I&C System

ESRS guidelines for software safety reviews

Kevin Kochirka, ABB Turbine Automation, June 29, Flexible turbine control retrofits Webinar

SECTION PROGRAMMABLE LOGIC CONTROLLERS AND COMPUTER CONTROL SYSTEM PART 1 GENERAL Summary. A. Section Includes:

Application Note. Line Card Redundancy Design With the XRT83SL38 T1/E1 SH/LH LIU ICs

Design of automatic testing tool for railway signalling systems software safety assessment

ABB PSPS Erich Steinmann; Generator control-2013

PLCs and SCADA Systems

Standards in Marine Power Systems. APEC 2014 Session IS2.1 Power Electronic Standards Roger Dougal University of South Carolina Columbia, SC 29208

TABLE OF CONTENT

GOVERNMENT OF INDIA MINISTRY OF RAILWAYS TI/STR/028. (Revision 1)

Nuclear Power Plant Instrumentation and Control in MEXICO

CONTENTS.

How To Write Software

Candle Plant process automation based on ABB 800xA Distributed Control Systems

STANDARD REVIEW PLAN

EDUCATION AND TRAINING OF OPERATORS AND MAINTENANCE STAFF AT COMMERCIAL NUCLEAR POWER STATIONS IN JAPAN

FPGA- based technology and systems for I&C of existing and advanced reactors

Real-time Power Analytics Software Increasing Production Availability in Offshore Platforms

GIORGI-FERMI vocational school. Knowledge and skills to be acquired by the student/trainee during his training

Industrial Automation Training Academy. PLC, HMI & Drives Training Programs Duration: 6 Months (180 ~ 240 Hours)

SHORT TRAINING COURSES

Application Functional Safety IEC 61511

Project Name: Nortrax Section Project No: SURGE PROTECTION DEVICES Page 1

GENERIC REQUIREMENTS FOR UNINTERRUPTIBLE POWER SYSTEMS (UPS) TABLE OF CONTENTS

CReST Developers Guide

Controlling Risks Safety Lifecycle

Long term support solutions for Nuclear Instrumentation & Control

A MODERN DISTRIBUTION MANAGEMENT SYSTEM FOR REGIONAL ELECTRICITY COMPANIES

Welcome to the combined product training module of Linear Technology and Wurth Electronics about their efficient design solution for DC/DC Flyback

Depth and Excluded Courses

Safety Requirements Specification Guideline

Artificial Intelligence Advancements Applied in Off-The-Shelf Controllers

FVSU REPAIR & UPGRADE FIBER OPTIC SECTION FIRE ALARM SYSTEM CONNECTIVITY

Architecture and Technologies for HGW

SAFETY LIFE-CYCLE HOW TO IMPLEMENT A

Fig 3. PLC Relay Output

Part 1 General and Administrative Information. Part 3 Applicant s Environmental Report Combined License Stage

CAD Management Resources, Inc. Overview. Products, Custom Software, and Training

Control of Boiler Operation using PLC SCADA

Hitachi s Involvement in Nuclear Power Plant Construction in Japan

ADVANCED CONTROL TECHNIQUE OF CENTRIFUGAL COMPRESSOR FOR COMPLEX GAS COMPRESSION PROCESSES

Technology for Next-generation Reduced-size High-performance Inverter

Permissible ambient temperature Operation Storage, transport

Volume I, Section 4 Table of Contents

Industrial IT Ó Melody Composer

Setting a New Standard for 2D Design

Engineering Cloud: Flexible and Integrated Development Environment

Océ TCS500. No time to waste. Wide format color. print, copy, and scan. system

Programmable Logic Controllers Definition. Programmable Logic Controllers History

TRY OUR SOFTWARE TAKE IT FOR A TEST DRIVE PRODUCT CATALOG 2015

NATIONAL SUN YAT-SEN UNIVERSITY

Nuclear Energy: Nuclear Energy

Dependable, Open and Real-time Architecture for Power Systems

Class of 2016 Second Year Common CORE

IAEA-TECDOC-1328 Solutions for cost effective assessment of software based instrumentation and control systems in nuclear power plants

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology

StruxureWare Power Monitoring 7.0.1

Paralleling Switchgear

Agenda. Michele Taliercio, Il circuito Integrato, Novembre 2001

HEAVY WATER LEAK DETECTOR

Transcription:

- 39 - AN APPLICATION STUDY FOR THE CLASS IE DIGITAL CONTROL AND MONITORING SYSTEM m,,,.,.., HIROYUKIFUKUMITSU Nuclear Power Plant Department, EISC MITSUBISHI ELECTRIC CORPORATION Kobe, Japan XA9846493 Abstract This paper presents an application study for the Class IE digital control and monitoring system to the next Japanese plants, especially about MMIS. The system architecture of hardware and software is also introduced, which will explain the strategic plan for the necessary software verification and validation according to the latest requirement from Japanese regulatory guide. 1. INTRODUCTION The Man-Machine Interface System(MMIS)s in PWR plants employ the latest technology, such as human engineering, knowledge-based technology and computer technology in each generation, to reduce operator workloads and to reduce human error. The first PWR, started its commercial operation in 1970, the first generation Main Control Board have been applied with many hardware switches, indicators. On the other hand, the latest Japanese PWRs employ microprocessor-based(digital) systems for reactor and turbine control and plant monitoring system. The next plants will also employ those proven technology for the Class IE system; reactor protection system and MMIS. At present time, the construction schedule of the next PWR plants is in the planning phase, however, the basic development of the digital Class IE control and monitoring system has been finished. The digital systems have great advantage for the application to MMIS, for example, use of Visual Display Unit(VDU), improvement of system reliability and operability and reduction of maintenance workload and cost. From the view point of the recent regulatory guide, the application of the digital system for Class IE control and monitoring system will require more investigation concerning plant safety, reliability analysis and verification and validation of software. 2. DESIGN APPROACH 2.1. CONSIDERATION FOR THE DIGITAL INSTRUMENTATION AND CONTROL SYSTEM As the instrumentation and control system has the role of the center nerve in the nuclear power plant, I&C system was designed to have high reliability and safety from the beginning of the nuclear history. At the time of construction of the newly designed PWR plant in Japan, we are trying to upgrade total I&C system design. Digital technology, which is the major upgrading issue in the I&C system, have been applied step by step to Japanese PWR plants from portions of I&C system not important to safety to portions important to safety shown in Fig.l.

Fig.l - 40 - History of the I&C Technology Hardware Technology - Signal ing 1970's 1980's 1990's 2000's Analog (Box Type) - Analog (Card type) Digital (Non-Safety) Analog (Card Type) (Safety) - Protection Logic Magnetic Relay Solid State Circuit Solid State Circuit - Control Sequence Magnetic Relay Magnetic Relay Digital (Non-Safety) Solid State Circuit (Safety) Application of Digital Technology Rad Waste System Main Control System (Control rod, Pressurizer, etc.) Main Control Board Safety System Non-Safety System In the next stage PWR plant, totally digitalized I&C system including Class IE system and soft-operation control room are planned to apply to improve safety, reliability, maintainability and testability, and to reduce plant post. This newly designed I&C system, especially the digital Class IE system is carefully designed, and a large scale qualification test was carried out with cooperation of Japanese PWR/BWR utilities and vendors.* 2.2. DESIGN OF THE DIGITAL CLASS IE CONTROL AND MONITORING SYSTEM When we apply the digital technology into the Class IE on system, we have to consider not only conventional design criteria but also newly started design criteria for safety software into design of the system. Basically, the functional design of the digital Class IE system is almost the same as the design of the conventional system and conventional design criteria is applied. But, concerning about the software, recently started domestic design guideline (JEAG- 4609) is applied to the design process and the V&V activity. In this JEAG-4609, design and manufacturing process shown in Fig.-2 is defined and the V&V activity should be applied to each stage of design and manufacturing, (process in JEAG-4609 is similar to the process in ANSI/IEEE-7.4.3.2)

Fig.2-41 - Verification & Validation Flow System Requirements of the Digital Class IE System (note 1) Requirement Specification of the System Design (note 2) Software V&V plan Verification 1 * Requirement Specification of the Hardware & Software Design Verification 2 Hardware Design & Production Software Design Software Production Verification 3 -* 1 Verification 4 Hardware & Software Integration Verification 5 Validation * Final Products Verification 1: Specification verification of system design requirement Verification 2: Specification verification of hardware & software design requirement Verification 3: Software design verification Verification 4: Software production verification Verification 5: Verification of hardware and software integration note 1) j : indicates the scope of design and production activity. note 2) ; ; indicates the scope of V&V activity.

- 42-23. CONSIDERATION IN THE ENVIRONMENTAL QUALIFICATION Environmental withstand capability of the digital Class IE system is considered in the design according to some domestic standard on seismic, radiation etc. There are no domestic standard for EMI in the nuclear power plant, but based on some investigation and analysis for magnitude of the noise or surge in the nuclear power plant, we choose some standards about thunder impulse and electro-magnetic surge, and applied them in the qualification test. In addition, some conditions as seismic design are individually checked site by site. There are no domestic standard for RFI in nuclear power plant also, but we carried out qualification test with some handy talkies used in operating nuclear power plants. These EMI and RFI qualification is same as the qualification for the non-class IE digital I&C system in operating nuclear power plants, so judging from satisfactory operating experiences we think that these qualification is applicable to the digital reactor protection system. 2.4. CONSIDERATION IN THE DESIGN OF THE SOFTWARE As mentioned before, reliability of the safety software is obtained by tough V&V activity. But some design criteria shown below are applied to the software design itself to carry out the V&V activity effectively. (1) Class IE software should have single task architecture and execute the task in a fixed time interval. Interrupt operation should be inhibited. (2) The system software which controls or manages the system operating mode should be separated from the application software which describes the function of each system. (3) The system software should only have required features for the I&C system in the nuclear power plant, (dedicated system software for nuclear application should be used) (4) The system software should have modular and structural architecture, and each module should be written in high level language. (5) The application software should be written as combination of functional modules (subroutines) which represent functional element of the I&C system of the nuclear power plant. (6) Each functional modules should be written in high level language. (7) Combination of the functional modules should be visible in a graphical image like CAD. Graphical symbols which represent functional modules are put on the CRT of software tool. 3. DESIGN Documentation structure same as the conventional system will be applied to equipment specification of the digital Class IE system. Important specifications such as system functions, functional boundary between hardware and software, and system interfaces are described in composite block diagrams. Structure of these diagrams are similar to the non-class IE digital applications in the operating plants and have sufficient experiences. In this composite block diagram, function to be installed is described as the connection of graphical symbols which represent basic functional elements generally used in the design. This approach enables easy understanding and review of the functions of equipment not only for experts of the digital I&C system but also for the people who has experiences in the conventional I&C system including operational staff or maintenance people.

- 43 - This documentation is widely effective in the use of design, manufacturing, testing, operation and maintenance. For the system software which determine basic system operation, the same software is used as the non-safety system in the operating plants which experienced intensive verification tests and sufficient experiences. There are no need to change the specification of the system software for Class IE application, so only required specifications for each Class IE system are described in the specification documents.

- 44-3.1. SOFTWARE SPECIFICATION Software specification of the application software is directly created from equipment specification described in the composite block diagram. Software modules which correspond to the graphical symbols in the composite block diagram are connected together. Programming of the application software is achieved at a software design/programming tool like a manner as CAD drawing tool to select each module symbols and connect them. Completed application software is readable and reviewable not only by the designer of the software but also by the system designer and utility people. This approach have been applied since the design of the software of the non-class IE application for the operating plants, and has sufficient experiences. Fig.3 shows an example of software architecture. Fig.3 An example of software architecture Basic S/W Initial ing H/W Initialize Main Control ing (Periodic) S/W Initialize Calibration ing Initial Checking Input Control Checking Output Application S/W m (Displays) (Symbol Packages) <Fixed Symbols> V, / U^\i i I #1 #2 #N <Variable Symbols> ON (Control Switches) CXI [OFF ON OFF

3.2. HARDWARE SPECIFICATION - 45 - As mentioned in section 2.3, several measures are alsotaken into the hardware specification. - EMI/RFT -seismic The hardware configuration is shown in Fig.4 below. Fig. 4 An example of digital system for MMI-S (with Touch Panel) J I TT (with Flat Display Panel) Management (with I&C) (with another VDU)

- 46-4. SOFTWARE TEST In the software verification test, the software should be executed on the system which has the same configuration as the target system to verify system function. Module of the system software and functional modules are tested in the V&V activity through structural tests (white box tests) and functional tests (block box tests) carried out at object code level. Total system function of the application software is verified using test bed which has the same configuration as the target system using simulated input signals. System software of the digital Class IE system is the dedicated one which is designed for the use of I&C system in nuclear power plants, and this system software operate in single task and fixed time interval without any interrupt operation. So test condition is able to be established easily without any consideration for the timing of related signals and the operation of the target system to perform sufficient verification test with relatively small numbers of test cases. Fig.5 shows an example of testing procedure. Fig. 5 An example of testing procedure [ Periodic Single Task Operation J Input J Symbol Selection Input Control Request [ Control j Display Symbol/Color change Output Creation Checking J Output J Output

- 47 - REFERENCES [1] INTERNATIONAL STANDARD, "Design for Control Rooms of Nuclear Power Plants", IEC-964. [2] INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC STANDARD, "Software for Computers in the Safety Systems of Nuclear Power Stations", IEC-880. [3] JAPANESE STANDARD, "Guideline of Computer Application for the Class IE System", JEAG-4609. [4] K. INUFUSA and others, "Total Instrumentation and Control Systems for Future PWR Plants", Mitsubishi Denki Giho, Vol.64, No.3, p.13-17. [5] M. MATSUMIYA, "Steps toward Reliability Improvement in Electrical Instrumentation Equipment", Mitsubishi Denki Giho, Vol.69, No.9, p.2-5.

AN APPLICATION STUDY FOR THE CLASS IE DIGITAL CONTROL AND MONITORING SYSTEM (1) Digital technology, which is the major upgrading issue in the I&C system, have been applied step by step to Japanese PWR plants from portions of I&C system not important to safety to portions important to safety. (2) Design and manufacturing process should be defined and the V&V activity should be applied to each stage of design and manufacturing. (3) Software architecture applicable to V&V (4) Simplified digital system for MMI-S (5) Testing procedure of software

Hardware Technology - Signal ing 1970's - Analog (Box Type) 1980's - Analog (Card type) 1990's (Non-Safety) - Analog (Card Type) (Safety) 2000's - Protection Logic - Magnetic Relay - Solid State Circuit - Solid State Circuit p- - Control Sequence - Magnetic Relay - Magnetic Relay (Non-Safety) - Solid State Circuit (Safety) Application of Digital Technology j i, -Rad Waste System -Main ODntrol S) /stem (C'ontrol rod, Pressurizer, et< -Mairi Control Board -Safe ty System -Non--Safety System

System Requirements of the Digital Class IE System I (note 1) Requirement Specification of the System Design (note 2) Software V&V j Verification 1 Requirement Specification of the Hardware & Software Hardware Design & Production Software Design Software Production Hardware & Software Integration I Validation f Final Products 1 Verification 2h 1 1 Verification 3p 1 [Verification 4r [Verification 5p _J Verification 1: Verification 2: Verification 3: Software design verification Verification 4: Specification verification of system design requirement Specification verification of hardware & software design requirement Software production verification Verification 5: Verification of hardware and software integration note 1) ^."."." indicates the scope of design and production activity. note 2) indicates the scope of V&V activity. o I

Basic S/W Initial ing I Main Control ing (Periodic) H/W Initialize S/W Initialize Calibration ing Initial Checking I Input Control i Checking Output I Application S/W (Symbol Packages) <Fixed Symbols> <Variable Symbols> ON (Control Switches)

MMI-S VDU Management -L L (with Touch Panel) E E (with I&C) T (with Flat Display Panel) 3 E at (with another VDU) I

[ Periodic Single Task Operation J { Input ) Symbol Selection Input Control Request Control J Display Symbol/Color change Output Creation Checking J HI Output j Output

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information