high reliability fpga based reactor protection system · 2014-11-20 · 16th igorr 2014/iaea...
TRANSCRIPT
![Page 1: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/1.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Based Reactor Protection System Architecture
Instrumentation & Control Department
Ezeiza Atomic Center
Comisión Nacional de Energía Atómica
C.A. Verrastro, D.S. Estryk, G.F. Rodriguez, F.N. Ferrucci,
J.E. Alarcón, G.E. Ríos, J.J. Lee
![Page 2: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/2.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Outline
• Reactor Protection System (RPS) Introduction
• FPGA Introduction
• Background of FPGA based RPS
• CNEA I&C RPS Architecture
• Diverse FPGA Implementation
• Conclusions
![Page 3: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/3.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Reactor Protection System Introduction
Reactor Protection System’s (RPS) primary goal -> fulfillment of the safety functions of a nuclear reactor:
• Reactivity Control
• Core Cooling
• Radionuclide contention
• Monitors the evolution of variables and detects deviations beyond safe limits
• Implements the protection logic which automatically demand the actuation of front safety systems
![Page 4: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/4.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Reactor Protection System Introduction
• RPS functions are classified as “Category A” as defined in IEC 61226
• Design criteria:
– Redundancy
– Fail-safe
– Single failure criterion
– Design simplicity
– Well known technology
– Separation
– Independence
– Diversity
![Page 5: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/5.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Reactor Protection System Introduction
• RPS functions are classified as “Category A” as defined in IEC 61226
• Design criteria:
– Redundancy
– Fail-safe
– Single failure criterion
– Design simplicity
– Well known technology
– Separation
– Independence
– Diversity
![Page 6: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/6.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
RPS
Voting and
trigger logic
Voting and
trigger logic
Compara-tors
Compara-tors
Inst. Neutrónica
Reactor Protection System Introduction
Sensores convencionales
Sensores convencionales
Inst. Neutrónica
Conventional sensors
Voting and
trigger logic
Final Actuation
Logic
Control Rooms
Control System
Configuration of set-points values
Nuclear instrumentation
Compara-tors
Actuator
Reactor
Final Actuation
Logic Actuator
![Page 7: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/7.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Introduction
FPGA: Field-programmable gate array
• Logic blocks implement
combinational
and sequential logic
• Routing resources to interconnect
inputs, outputs and logic blocks
• I/O blocks to provide external
connections to the chip
FPGA chip basic scheme
![Page 8: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/8.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Introduction
FPGA: Field-programmable gate array
• Logic blocks implement
combinational
and sequential logic
• Routing resources to interconnect
inputs, outputs and logic blocks
• I/O blocks to provide external
connections to the chip
FPGA chip basic scheme
![Page 9: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/9.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Introduction
FPGA: Field-programmable gate array
• Logic blocks implement
combinational
and sequential logic
• Routing resources to interconnect
inputs, outputs and logic blocks
• I/O blocks to provide external
connections to the chip
FPGA chip basic scheme
![Page 10: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/10.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Introduction
FPGA: Field-programmable gate array
• Logic blocks implement
combinational
and sequential logic
• Routing resources to interconnect
inputs, outputs and logic blocks
• I/O blocks to provide external
connections to the chip
FPGA chip basic scheme
![Page 11: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/11.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
FPGA Introduction
Microprocessors(Software) vs FPGA
Microprocessors(Software) FPGA
Sequential execution Parallel
Interrupts -
Memory Access -
Context switching -
Operating System -
Short product life cycles Long term support
Time consuming and expensive V&V process
More attainable and affordable V&V process
![Page 12: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/12.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS
• FPGA advantages for RPS implementation – High reliability (As keep simple using only Finite State Machines and
Combinational Logic)
– Parallel nature
– Portability using Hardware Description Languages (HDL)
– Long term support
• IEC 62566 standard – IEC 62566 – Nuclear power plants – Instrumentation and control important to
safety – Development of HDL –programmed integrated circuits for systems performing category A functions
– The design process follows a Verification and Validation process similar to software V&V process.
![Page 13: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/13.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS
IEC 62566 standard
![Page 14: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/14.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS
• CNEA I&C previous experience: – 2002: SCRAM Logic for RA-1 Research Reactor (CPLD Based Module)
– 2012: Alternative Instrumentation for Atucha II NPP Boron Injection Safety System (Similar architecture to current project for RA10 and CAREM RPS)
• Other implementations examples: – Radiy (Ukrainian)
– Lungmen (Taiwan)
– Rolls-Royce (UK)
– Toshiba (Japan)
![Page 15: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/15.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS
• CNEA I&C previous experience: – 2002: SCRAM Logic for RA-1 Research Reactor (CPLD Based Module)
– 2012: Alternative Instrumentation for Atucha II NPP Boron Injection Safety System (Similar architecture to current project for RA10 and CAREM RPS)
• Other implementations examples: – Radiy (Ukrainian)
– Lungmen (Taiwan)
– Rolls-Royce (UK)
– Toshiba (Japan)
![Page 16: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/16.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS SCRAM Logic for RA-1 Research Reactor (2002)
![Page 17: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/17.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Background of FPGA based RPS
Alternative Instrumentation for Atucha II NPP Boron Injection Safety System (2012)
![Page 18: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/18.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
CNEA I&C RPS Architecture Triple Redundancy Architecture for RA10
![Page 19: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/19.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
The Common Cause Failure (CCF) is an important issue in safety systems based on software and FPGA technology. It is known that the implementation of diversity reduces the probability of CCF occurrences (IEC 61508 Part 7 Section B.1.4 [12]).
![Page 20: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/20.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
• Developers team
• FPGA Manufacture & Technology
• PCB Board Technology
• Most of other components
Diversification styles in CNEA I&C RPS:
![Page 21: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/21.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
• Each pair of modules work in parallel in the same train
• There is no priority between diversities
• Real time cross-verification between diverse modules
Comparators Diversity A
Comparators Diversity B
Real-time cross-verification
Eg.
![Page 22: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/22.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
Train Diagram Block
![Page 23: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/23.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
![Page 24: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/24.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
![Page 25: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/25.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Diverse FPGA Implementation
![Page 26: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/26.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
• The use of FPGA technology, as the main component of RPS design, has proven to be very effective
• The goal of a simple design was achieved by using FPGAs, finite states machines and one-way communication channels.
• CCF issue is addressed using diverse FPGA implementation running in parallel in each train
• The requirements for independence, isolation and wiring complexity reduction are fulfilled using serial transceivers over optical fiber.
Conclusions
![Page 27: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/27.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Daniel Sebastián ESTRYK
Instrumentation & Control Department
Ezeiza Atomic Center
Comisión Nacional de Energía Atómica
![Page 28: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/28.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Daniel Sebastián ESTRYK
Instrumentation & Control Department
Ezeiza Atomic Center
Comisión Nacional de Energía Atómica
![Page 29: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/29.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
Daniel Sebastián ESTRYK
Instrumentation & Control Department
Ezeiza Atomic Center
Comisión Nacional de Energía Atómica
![Page 30: High Reliability FPGA Based Reactor Protection System · 2014-11-20 · 16th IGORR 2014/IAEA Technical Meeting –Bariloche - Argentina Reactor Protection System Introduction Reactor](https://reader030.vdocuments.us/reader030/viewer/2022040906/5e7b00f6273ebc401856cc39/html5/thumbnails/30.jpg)
16th IGORR 2014/IAEA Technical Meeting – Bariloche - Argentina
• The use of FPGA technology, as the main component of RPS design, has proven to be very effective
• The goal of a simple design was achieved by using FPGAs, finite states machines and one-way communication channels.
• CCF issue is addressed using diverse FPGA implementation running in parallel in each train
• The requirements for independence, isolation and wiring complexity reduction are fulfilled using serial transceivers over optical fiber.
Conclusions