Development and Application of POSAFE-Q PLC Platform



Similar documents
Research Institute (KAERI) Daedeok-daero, Yuseong-gu, Daejeon, Republic of Korea

AN APPLICATION STUDY FOR THE CLASS IE DIGITAL CONTROL AND

AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

STANDARD REVIEW PLAN

MDEP Generic Common Position No DICWG 02

U.S. NUCLEAR REGULATORY COMMISSION STANDARD REVIEW PLAN. Organization responsible for the review of instrumentation and controls

Cyber Security Evaluation of the Wireless Communication for the Mobile Safeguard Systems in uclear Power Plants

Regulatory Guide Verification, Validation, Reviews, And Audits For Digital Computer Software Used in Safety Systems of Nuclear Power Plants

Steven A. Arndt Division of Engineering Office of Nuclear Reactor Regulation

A DEVELOPMENT FRAMEWORK FOR SOFTWARE SECURITY IN NUCLEAR SAFETY SYSTEMS: INTEGRATING SECURE DEVELOPMENT AND SYSTEM SECURITY ACTIVITIES

SAFETY SOFTWARE QUALITY ASSURANCE FUNCTIONAL AREA QUALIFICATION STANDARD. DOE Defense Nuclear Facilities Technical Personnel

Announcement of a new IAEA Co-ordinated Research Programme (CRP)

Design Feature and Prototype Testing Methodology of DHIC s Nuclear I&C System

DRAFT REGULATORY GUIDE

IAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD

The Bayesian Network Methodology for Industrial Control System with Digital Technology

Regulatory Guide Configuration Management Plans for Digital Computer Software Used in Safety Systems of Nuclear Power Plants

Applying NQA-1 Requirements for Computer Software Used in Nuclear Facilities ASME 2014 Small Modular Reactors Symposium April 17, 2014

REGULATORY GUIDE (Draft was issued as DG-1267, dated August 2012)

IAEA-TECDOC-1328 Solutions for cost effective assessment of software based instrumentation and control systems in nuclear power plants

Normen & Standards Industrie 4.0 IEEE Standards

RTP s NUCLEAR QUALITY ASSURANCE PROGRAM

Arc Terminator Active Arc-Resistant Switchgear

A CYBER SECURITY RISK ASSESSMENT FOR THE DESIGN OF I&C SYSTEMS IN NUCLEAR POWER PLANTS

ELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL

SECTION PROGRAMMABLE LOGIC CONTROLLERS AND COMPUTER CONTROL SYSTEM PART 1 GENERAL Summary. A. Section Includes:

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

Requirements-driven Verification Methodology for Standards Compliance

PLCs and SCADA Systems

IEC Overview Report

Establishing Great Software Development Process(es) for Your Organization. By Dale Mayes

WordPerfect Document Compare Summary

Agenda. Michele Taliercio, Il circuito Integrato, Novembre 2001

Version: 1.0 Latest Edition: Guideline

Testing Automated Manufacturing Processes

Cyber Security Considerations in the Development of I&C Systems for Nuclear Power Plants

Extended Boundary Scan Test breaching the analog ban. Marcel Swinnen, teamleader test engineering

Cyber Security Design Methodology for Nuclear Power Control & Protection Systems. By Majed Al Breiki Senior Instrumentation & Control Manager (ENEC)

REGULATORY GUIDE (Draft was issued as DG-1207, dated August 2012)

Application of FPGA-based Safety Controller for Implementation of NPPs I&C Systems Vladimir Sklyar, Technical Director

Software Safety Hazard Analysis

University of Paderborn Software Engineering Group II-25. Dr. Holger Giese. University of Paderborn Software Engineering Group. External facilities

Achieving Functional Safety with Global Resources and Market Reach

AUDIT REPORT FOR LIFECYCLE PHASES ONE AND TWO DOCUMENTATION. VALIDATION RELATED TO PROTECTION AND SAFETY MONITORING SYSTEM and

AP1000 European 18. Human Factors Engineering Design Control Document

Series Six Plus Programmable Controller

May 7, SUBJECT: NRC INSPECTION REPORT FOR AREVA-NP GmbH / , NOTICE OF VIOLATION, AND NOTICE OF NONCONFORMANCE

RADIATION MONITORING SYSTEMS

How to read this guide

L5354 ControlNet Communications Interface

Controlling Risks Safety Lifecycle

38 Series - Relay interface modules A

Dependable (Safe/Reliable) Systems. ARO Reliability Workshop Software Intensive Systems

AQA GCSE in Computer Science Computer Science Microsoft IT Academy Mapping

ALS Configuration Management Plan. Nuclear Safety Related

Independent Verification and Validation of SAPHIRE 8 Software Configuration Management Plan

Software Test Plan (STP) Template

PLC Based Liquid Filling and Mixing

Safety Requirements Specification Guideline

FOUNDATION Fieldbus High Speed Ethernet Control System

SOLARCARE SERIES PRODUCT AND APPLICATION GUIDE

Power network telecommunication

ACCESSION NO.: ML

Foxboro Evo Process Automation System

ELECTRICAL ENGINEERING DESIGN CRITERIA APPENDIX F

Impulse G+/VG+ Series 3, 24 VDC Interface Card Terminal Designations

IV. Software Lifecycles

MSITel provides real time telemetry up to 4.8 kbps (2xIridium modem) for balloons/experiments

Wireless Communications for SCADA Systems Utilizing Mobile Nodes

Design of automatic testing tool for railway signalling systems software safety assessment

Safety Integrated. SIMATIC Safety Matrix. The Management Tool for all Phases of the Safety Lifecycle. Brochure September Answers for industry.

Future grid infrastructure Field tests of LVDC distribution

Eaton s E-Series protective relay family

ABB RTU560A Series CMU & Modules

TABLE OF CONTENT

IN USE: CABLE AGING MANAGEMENT

IEC Functional Safety Assessment. United Electric Controls Watertown, MA USA

Programmable Logic Controller PLC

38 Series - Relay interface modules A

How To Test A Robot Platform And Its Components

emobility WAGO Leading the Charge

7.0 Instrumentation and Controls

How To Write A Contract For Software Quality Assurance

Long term support solutions for Nuclear Instrumentation & Control

How To Protect Power System From Attack From A Power System (Power System) From A Fault Control System (Generator) From An Attack From An External Power System

Electronic Control Devices The European Product Catalogue 2007

LS1024B / LS2024B/ LS3024B. Solar Charge Controller USER MANUAL

Frequently Asked Questions

High voltage tester HA 1800 Table-top device

Recent Technologies in Nuclear Power Plant Supervisory and Control Systems

Published in the Official State Gazette (BOE) number 166 of July 10th 2009 [1]

Options for Cyber Security. Reactors. April 9, 2015

A Regulatory Approach to Cyber Security

Transcription:

Development and Application of POSAFE-Q PLC Platform MyeongKyun Lee a, SeungWhan Song a, DongHwa Yun a a POSCO ICT Co. R&D center, Korea Techno-complex 126-16, 5-ka, Anam-dong, Sungbuk, Seoul, Republic of Korea Abstract. The Safety-grade Programmable Logic Controller(PLC) Platform named POSAFE- Q was developed so that it meets the requirements of the Safety Class 1E, Quality Class 1, and Seismic Category I. Development process of the POSAFE-Q software developed in accordance with software life cycles. The POSAFE-Q meets safety and suitability for design are based on digital I&C laws, guidelines and technical standards. The POSAFE-Q PLC obtained approval for Topical Report from the Nuclear Safety and Security Commission in Korea. 1. Introduction Korea has been continuing nuclear technology research projects in order to keep enhancing the integrity of technology self-reliance in nuclear area. Especially, Korea Nuclear Instrumentation and Control Systems(KNICS) research program has been performed from 2001 to develop hardware platforms for both safety and control systems and the program finished after getting licensing certification in 2009[1] The POSAFE-Q PLC was developed through KNICS with POSCO ICT and Korea Atomic Energy Institute. The POSAFE-Q PLC was developed with the following process. The code and standards for international and domestic nuclear power plant requirements were reviewed, and In according to the criteria, H/W and S/W planning, design, evaluation and test was performed. Figure 1 shows the process of development for POSAFE-Q PLC. Fig. 1. Process of Development for POSAFE-Q PLC 1

The POSAFE-Q PLC installs two independent power modules in a rack. The power module has a 100% power supply capability for each. Accordingly, even when there is a fault in on power module, it does not affect the operation. The POSAFE-Q PLC can extend the number of input/output modules through a local bus extension modules. The Communication modules consist of High Reliability-Safety Data Link(HR-SDL), and High Reliability-Safety Data Network(HR-SDN), Host Data Link(HDL) and Optical Distributer(OD). The processor module uses a Texas Instrument DSP (Military spec.) and the real-time operating system named pcos2 was developed based on the Micro-C real-time operation system. processor module consist of a single or redundant. HR-SDL and HR-SDN modules were developed based on the Fieldbus Protocol(PROFIBUS-FDL)to meet the deterministic requirements. Physical layer mediums are supplied both RS-485 for electrical communication and Optical communication. HDL module were developed based on the RS-232C. The Digital Input and Output modules consist of 24VDC, 48VDC, 120VAC and 230VAC digital input and 24VDC, 48VDC 125VDC, Relay, Solid State Relay digital output module. The Analog Input and Output modules consist of voltage and current input and output module, RTD module and TC module. Also, the POSAFE-Q PLC supports Pulse input module. The engineering tool named pset-ii(posafe-q Software Engineering Tool Version2) was developed. The developers of the application programs can perform programming and debugging on the pset-ii IDE(Integrated Development Environment). The application program on the pset-ii is downloaded into the processor module through RS-232C. configuration of the developed POSAFE-Q is shown as Figure 2. Fig. 2. Configuration of POSAFE-Q PLC 2. Development of POSAFE-Q PLC Platform 2.1 Hardware development of POSAFE-Q PLC The POSAFE-Q PLC was developed and verified following procedure in hardware development. The POSAFE-Q PLC is a platform to perform safety functions so that has to 2

meets single failure criteria and reliability required by safety system in Nuclear Power Plant. Analyzing circuit to Failure Mode and Effect Analysis and Failure rate analysis in detail design phase, if result of analysis was not meet criteria, part were replaced or modified circuit. Issue of POSAFE-Q PLC were analyzed by performing component test, integration test, system test, system interoperability test, function and performance test, equipment qualification test. That result were used to re-design. EQ(Equipment Qualification) test was performed independent test laboratory at KTL(Korea Testing Laboratory). Environment testing was applied to IEEE Std. 323[2] and EPRI TR- 107330[3] approved by Reg. Guide 1.89[4] and Reg. Guide 1.209[5]. Seismic testing was applied to IEEE Std. 344[6] approved by Reg. Guide 1.100[7]. Electromagnetic testing was applied Reg. Guide 1.180[8] and EPRI TR-102323[9]. Function and performance of the POSAFE-Q PLC meet to the requirement and specification was tested in EQ test period. Figure 3 shows Equipment Qualification Testing. The process had iterated that if the problem occurred in EQ testing, It was designed to complement, after Performance test, EQ testing was re-performed. After this iterative process was repeated, end product of the POSAFEQ-Q PLC was made. Fig. 3. Equipment Qualification Testing 2.2 Software development of POSAFE-Q PLC Software development life cycles of the POSAFE-Q PLC were following appropriately combined waterfall model, Prototyping model, Spiral model. Each life cycle activities performed to provide development activities at IEEE Std. 1074[10]. In order to ensure the safety of the software development output, performed quality management, configuration management, validation and verification, safety analysis and cyber security regarding all software development output. Analyzing the contents in IEEE standard and NUREG/CR- 6101[11] that was reflected in each documents. Software development of the POSAFE-Q 3

PLC was progressed in development process of each plan documents. In order to improve the overall quality of the software, independent verification and validation organization was written and verified to Quality assurance, safety, verification and validation, configuration management, test, and cyber security plan. Software quality assurance activities include review, assess, audit to all software meets software quality assurance requirement. All documents related to perform software quality assurance were managed and maintained in accordance with quality assurance procedures. Software configuration management activities include history management, configuration identification, change control and record, and reporting procedures to all configuration items(ex. design documents, source code and drawings) that was generated through the software life cycle. Software V&V(verification and validation) activities was processed by software life cycle phase sequence. Software verification and validation team had performed verification and validation independently software development team in each software life cycle phase. The main activities of the V&V process are preparation of software planning documentations, verification of the Software Requirement Specification (SRS), Software Design Specification (SDS) and codes, and a testing of the software components, the integrated software, and the integrated system. In addition, a software safety analysis and a software configuration management are included in the activities.[12] The requirement phase V&V activities consist of a technical evaluation, an inspection and a traceability analysis, a formal verification, preparation for an software system test plan, a software safety analysis, and a software configuration management. Also, the design phase V&V activities include a technical evaluation, an inspection and traceability analysis, a formal verification, preparation for an software component plan and software integrated test plan, a software safety analysis, and a software configuration management. The Implementation phase V&V activities include a traceability analysis, a source code inspection, a software component and integration test procedure, and a component test report generation, a software safety analysis, and a software configuration management. The Integration phase V&V activities include a traceability analysis, and a software integration and software system test report generation, a software safety analysis, and a software configuration management. The Verification phase V&V activities include a traceability analysis, system interoperability test report generation. Software safety analysis at the requirement and design phases uses the Hazard Operability (HAZOP) method and at the implementation phase the source code has been evaluated using the safety programming guide of NUREG/CR-6463[13]. 2.3 Cyber Scurity of POSAFE-Q PLC The POSAFE-Q PLC had performed detail implementation cyber security activities at each development phases in accordance with Development process are presented in Reg. Guide 1.152[14]. Figure 4 shows cyber security activities following cyber security plan[15]. Cyber Security plan consist of technical plan and management plan. Technical plan had added as a function requirement of development POSAFE-Q PLC and had verified in the same way as general functions. Management plan had performed periodic audits throughout development period and verified management plans that were implemented through frequent inspections and education. The POSAFE-Q PLC had performed cyber penetration test that verified 4

technical cyber protection ability. Result of cyber security activities has described in cyber security assessment report. Fig. 4. cyber security activites 3. Certification and Application of POSAFE-Q PLC Platform POSAFE-Q PLC acquired Certification of KEPIC(Korea Electric Power Industry Code) to meet Q-Class Criteria at Korea Electric Association. POSAFE-Q pass Equipment Qualification to meet Safety Class 1E Criteria at Korea Testing Laboratory. Topical Report of POSAFE-Q PLC has approved from the Nuclear Safety and Security Commission in Korea. The POSAFE-Q PLC applied to 3 rd wire rod control system of POSCO. Also, Integrated performance validation Facility of Nuclear Power Plant Safety I&C System as a platform(posafe-q) for applying to planned Nuclear Power Plant in Korea with Doosan Heavy Industries & Construction. Figure 5 show the overview the Integrated performance validation Facility and implemented with the POSAFE-Q. The POSAFE-Q PLC applied to Safety I&C System as platform SUN 1/2 Nuclear Power Plant in Korea. 5

Fig. 5. Integated Performance Validation Facility implemented with the POSAFE-Q PLC 4. Conclusion Development and V&V of the POSAFE-Q PLC was successfully performed as a compliance with the nuclear code and standard, IEEEs and IECs. To improve Reliability of the POSAFE- Q PLC, result of Failure Mode and Effect Analysis and Failure rate analysis were reflected in circuit design. Performing Software Hazard Analysis to Safety-Critical Software, confirmed that the Hazard element has been removed. The POSAFE-Q PLC had performed cyber security activities in accordance with Reg. Guide 1.152. The POSAFE-Q PLC obtained the licensing approval from the Korean regulatory body via topical report. The POSAFE-Q PLC applied to Safety System at SUN 1/2 Nuclear Power Plant in Korea. REFERENCES [1] Nuclear Power Plant Control and Instrumentation in Korea, Hang-bae Kim, KOPEC, 2009. [2] IEEE Std 323, Standard for Qualifying Class 1E Equipment for Nuclear Power Generating Stations, 2003. [3] EPRI TR 107330, Generic Requirements Specification for Qualifying a Commercially Available PLC for Safety Related Applications in Nuclear Power Plants, 1996. [4] USNRC Reg. Guide 1.89, Environment Qualification of Certain Electric Equipments Important to Safety for Nuclear Power Plants, Jun 1984. [5] USNRC Reg. Guide 1.209, Guidelines for Environmental Qualification of Safety-Related Computer-Based Insrumentation and Control Systems in Nuclear Power Plants, March 2007. [6] IEEE Std 344, Recommended Practices for Seismic Qualification of Class 1E Equipment for Nuclear Power Generating Stations, 1987(Reaffirmed 1993). 6

[7] USNRC Reg. Guide 1.100, Seismic Qualification of Electric and Mechanical Equipment for Nuclear Power Plants, Jun 1988. [8] USNRC Reg. Guide 1.180, Guideline for Electromagnetic and Radio-Frequency Interference in Safety Related I&C System, Oct 2003. [9] EPRI TR 107330, Generic Requirements Specification for Qualifying a Commercially Available PLC for Safety Related Applications in Nuclear Power Plants, 1996. [10] IEEE Std 1074, Standard for Developing Software Life Cycle Processes, 2006. [11] NUREG 6101, S/W Reliability and Safety in Nuclear Reactor Protection Systems, 1993. [12] Technical Review on the Localized Digital Instrumentation and Control Systems, KEE- CHOON KWON, KAERI, 2009. [13] NUREG/CR-6463, Review Guideline on Software Languages for Nuclear Use in Power Plant Safety Systems, 1996. [14] USNRC Reg. Guide 1.152, Criteria for Digital Computers in Safety Systems of Nuclear Power Plants, Jan. 2006. [15] Reg. Guide 5.71 Cyber Security Programs for Nuclear Facilities. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information