Operating Reliability Assessment of FPGA-Based NPP I&C Systems: Approach, Technique and Implementation

2017 ◽  
Author(s):  
Eugene Babeshko ◽  
Ievgenii Bakhmach ◽  
Vyacheslav Kharchenko ◽  
Eugene Ruchkov ◽  
Oleksandr Siora
Keyword(s):  
Integrated Circuits ◽  
Nuclear Power ◽  
Power Plants ◽  
Failure Modes ◽  
New Technologies ◽  
Systems Approach ◽  
Reliability Assessment ◽  
Design Stage ◽  
Fpga Design ◽  
Operating Reliability

Operating reliability assessment of instrumentation and control systems (I&Cs) is always one of the most important activities, especially for critical domains like nuclear power plants (NPPs). Intensive use of relatively new technologies like field programmable gate arrays (FPGAs) in I&C which appear in upgrades and in newly built NPPs makes task to develop and validate advanced operating reliability assessment methods that consider specific technology features very topical. Increased integration densities make the reliability of integrated circuits the most crucial point in modern NPP I&Cs. Moreover, FPGAs differ in some significant ways from other integrated circuits: they are shipped as blanks and are very dependent on design configured into them. Furthermore, FPGA design could be changed during planned NPP outage for different reasons. Considering all possible failure modes of FPGA-based NPP I&C at design stage is a quite challenging task. Therefore, operating reliability assessment is one of the most preferable ways to perform comprehensive analysis of FPGA-based NPP I&Cs. This paper summarizes our experience on operating reliability analysis of FPGA based NPP I&Cs.

scholarly journals PRACTICAL ASPECTS OF OPERATING AND ANALYTICAL RELIABILITY ASSESSMENT OF FPGA-BASED I&C SYSTEMS

2020 ◽  
pp. 75-83
Author(s):  
Eugene Babeshko ◽  
Vyacheslav Kharchenko ◽  
Kostiantyn Leontiiev ◽  
Eugene Ruchkov
Keyword(s):  
Integrated Circuits ◽  
Control Systems ◽  
Nuclear Power ◽  
Power Plants ◽  
Nuclear Power Plants ◽  
Failure Modes ◽  
Reliability Assessment ◽  
Operating Reliability ◽  
Analytical Reliability ◽  
And Control

Operating reliability assessment of instrumentation and control systems (I&Cs) is always one of the most important activities, especially for critical domains such as nuclear power plants (NPPs). It is an important source of I&C reliability information preferable to lab testing data because it provides information on I&C reliability under real use conditions. That is the reason that now it is a common practice for companies to have an established process of collecting operating reliability data on a large variety of used components on regular basis, maintaining a database with failure information, total operation time, typical failure modes, etc. The intensive use of complicated components like field-programmable gate arrays (FPGAs) in I&C which appear in upgrades and newly-built nuclear power plants makes the task to develop and validate advanced operating reliability assessment methods that consider specific technology features very topical. Increased integration densities make the reliability of integrated circuits the most crucial point in modern NPP I&Cs. Moreover, FPGAs differ in some significant ways from other integrated circuits: they are shipped as blanks and are very dependent on the design configured into them. Furthermore, FPGA design could be changed during planned NPP outage for different reasons. Considering all possible failure modes of FPGA-based NPP instrumentation and control systems at the design stage is a quite challenging task. Therefore, operating reliability assessment is one of the most preferable ways to perform a comprehensive analysis of FPGA-based NPP I&Cs. Based on information in the literature and own experience, operational vs analytical reliability could be pretty far apart. For that reason, analytical reliability assessment using reliability block diagrams (RBD), failure modes, effects and diagnostics analysis (FMEDA), fault tree analysis (FTA), fault insertion testing (FIT), and other techniques and their combinations are important to meet requirements for such systems. The paper summarizes our experience in operating and analytical reliability assessment of FPGA based NPP I&Cs.

Human reliability in non-destructive inspections of nuclear power plant components: modeling and analysis

2019 ◽  
Vol 7 (2B) ◽  
Author(s):  
Vanderley Vasconcelos ◽  
Wellington Antonio Soares ◽  
Raissa Oliveira Marques ◽  
Silvério Ferreira Silva Jr ◽  
Amanda Laureano Raso
Keyword(s):  
Power Plant ◽  
Nuclear Power Plant ◽  
Human Factors ◽  
Nuclear Power ◽  
Power Plants ◽  
Failure Modes ◽  
Cooling System ◽  
Human Reliability ◽  
Non Destructive ◽  
Plant Components

Non-destructive inspection (NDI) is one of the key elements in ensuring quality of engineering systems and their safe use. This inspection is a very complex task, during which the inspectors have to rely on their sensory, perceptual, cognitive, and motor skills. It requires high vigilance once it is often carried out on large components, over a long period of time, and in hostile environments and restriction of workplace. A successful NDI requires careful planning, choice of appropriate NDI methods and inspection procedures, as well as qualified and trained inspection personnel. A failure of NDI to detect critical defects in safety-related components of nuclear power plants, for instance, may lead to catastrophic consequences for workers, public and environment. Therefore, ensuring that NDI is reliable and capable of detecting all critical defects is of utmost importance. Despite increased use of automation in NDI, human inspectors, and thus human factors, still play an important role in NDI reliability. Human reliability is the probability of humans conducting specific tasks with satisfactory performance. Many techniques are suitable for modeling and analyzing human reliability in NDI of nuclear power plant components, such as FMEA (Failure Modes and Effects Analysis) and THERP (Technique for Human Error Rate Prediction). An example by using qualitative and quantitative assessesments with these two techniques to improve typical NDI of pipe segments of a core cooling system of a nuclear power plant, through acting on human factors issues, is presented.

A Quantitative Approach for Reliability Evaluation of Safety I&C Systems in Nuclear Power Plants

2017 ◽  
Author(s):  
Liu Dongxu ◽  
Xu Dongling ◽  
Zhang Shuhui ◽  
Hu Xiaoying
Keyword(s):  
Probability Theory ◽  
Power Plant ◽  
Nuclear Power Plant ◽  
Boolean Algebra ◽  
Nuclear Power ◽  
Power Plants ◽  
Block Diagram ◽  
Reliability Assessment ◽  
Simple Approach ◽  
Assessment Approach

The probability that the safety I&C system fails to actuate or advertently actuates RT or ESF functions, in part, essentially determines whether a nuclear power plant could operate safely and efficiently. Since more conservative assumptions and simplifications are introduced during the analysis, this paper achieves solid results by performing the modeling and calculation based on a relatively simple approach, the reliability block diagram (RBD) method. A typical safety I&C platform structure is involved in the model presented in this paper. From the perspective of conservation and simplicity, some assumptions are adopted in this paper. A group of formulas is derived in this paper based on Boolean algebra, probability theory, basic reliability concepts and equations, to facilitate the calculations of probabilities that the safety I&C system fails to actuate or advertently actuates RT or ESF functions. All the inputs of the analysis and calculation in this paper, which includes the I&C platform structure, the constitution of the hardware modules, and reliability data, are referenced to the nuclear power plant universal database where applicable. Although the conclusion drawn in the paper doesn’t apply to the I&C platform assessment for a specific plant, the method of modeling and process of analysis provides an illustration of an alternative quantitative reliability assessment approach for a typical safety I&C system installed in the nuclear power plant.

FMEDA and FIT-Based Safety Assessment of NPP I&C Systems Considering Expert Uncertainty

2018 ◽  
Author(s):  
Alexander Yasko ◽  
Eugene Babeshko ◽  
Vyacheslav Kharchenko
Keyword(s):  
Emotional Disorders ◽  
Nuclear Power ◽  
Safety Assessment ◽  
Failure Modes ◽  
Reliability Assessment ◽  
Software Tool ◽  
Critical Systems ◽  
System Specification ◽  
Multiple Faults ◽  
Safety And Reliability

The complexity of modern safety critical systems is becoming higher with technology level growth. Nowadays the most important and vital systems of automotive, aerospace, nuclear industries count millions of lines of software code and tens of thousands of hardware components and sensors. All of these constituents operate in integrated environment interacting with each other — this leads to enormous calculation task when testing and safety assessment are performed. There are several formal methods that are used to assess reliability and safety of NPP I&C (Nuclear Power Plant Instrumentation and Control) systems. Most of them require significant involvement of experts and confidence in their experience which vastly affects trustworthiness of assessment results. The goal of our research is to improve the quality of safety and reliability assessment as result of experts involvement mitigation by process automation. We propose usage of automated FMEDA (Failure Modes, Effects and Diagnostic Analysis) and FIT (Fault Insertion Testing) combination extended whith multiple faults approach as well as special methods for quantitative assessment of experts involvement level and their decisions uncertainty. These methods allow to perform safety and reliability assessment without specifying the degree of confidence in experts. Traditional FMEDA approach has several bottlenecks like the need of manual processing of huge number of technical documents (system specification, datasheets etc.), manual assignment of failure modes and effects based on personal experience. Human factor is another source of uncertainty. Such things like tiredness, emotional disorders, distraction or lack of experience could be the reasons of under- and over-estimation. Basing on our research in field of expert-related errors we propose expert involvement degree (EID) metric that indicates the level of technique automation and expert uncertainty degree (EUD) metric which is complex measure of experts decisions uncertainty within assessment. We propose usage of total expert trustworthiness degree (ETD) indicator as function of EID and EUD. Expert uncertainty assessment and Multi-FIT as FMEDA verification are implemented in AXMEA (Automated X-Modes and Effects Analysis) software tool. Proposed Multi-FIT technique in combination with FMEDA was used during internal activities of SIL3 certification of FPGA-based (Field Programmable Gate Array) RadICS platform for NPP I&C systems. The proposed expert trustworthiness degree calculation is going to be used during production activities of RPC Radiy (Research and Production Corporation). Our future work is related to research in expert uncertainty field and extension of AXMEA tool with new failure data sources as well as software optimization and further automation.

Digital I&C Operating Experience in the US

2008 ◽  
Author(s):  
Bruce Geddes ◽  
Ray Torok
Keyword(s):  
Nuclear Power ◽  
Power Plants ◽  
Nuclear Power Plants ◽  
Failure Modes ◽  
Operating Experience ◽  
Data Set ◽  
Common Cause ◽  
Hardware Failure ◽  
Common Cause Failure ◽  
Defensive Measures

The Electric Power Research Institute (EPRI) is conducting research in cooperation with the Nuclear Energy Institute (NEI) regarding Operating Experience of digital Instrumentation and Control (I&C) systems in US nuclear power plants. The primary objective of this work is to extract insights from US nuclear power plant Operating Experience (OE) reports that can be applied to improve Diversity and Defense in Depth (D3) evaluations and methods for protecting nuclear plants against I&C related Common Cause Failures (CCF) that could disable safety functions and thereby degrade plant safety. Between 1987 and 2007, over 500 OE events involving digital equipment in US nuclear power plants were reported through various channels. OE reports for 324 of these events were found in databases maintained by the Nuclear Regulatory Commission (NRC) and the Institute of Nuclear Power Operations (INPO). A database was prepared for capturing the characteristics of each of the 324 events in terms of when, where, how, and why the event occurred, what steps were taken to correct the deficiency that caused the event, and what defensive measures could have been employed to prevent recurrence of these events. The database also captures the plant system type, its safety classification, and whether or not the event involved a common cause failure. This work has revealed the following results and insights: - 82 of the 324 “digital” events did not actually involve a digital failure. Of these 82 non-digital events, 34 might have been prevented by making full use of digital system fault tolerance features. - 242 of the 324 events did involve failures in digital systems. The leading contributors to the 242 digital failures were hardware failure modes. Software change appears as a corrective action twice as often as it appears as an event root cause. This suggests that software features are being added to avoid recurrence of hardware failures, and that adequately designed software is a strong defensive measure against hardware failure modes, preventing them from propagating into system failures and ultimately plant events. 54 of the 242 digital failures involved a Common Cause Failure (CCF). - 13 of the 54 CCF events affected safety (1E) systems, and only 2 of those were due to Inadequate Software Design. This finding suggests that software related CCFs on 1E systems are no more prevalent than other CCF mechanisms for which adherence to various regulations and standards is considered to provide adequate protection against CCF. This research provides an extensive data set that is being used to investigate many different questions related to failure modes, causes, corrective actions, and other event attributes that can be compared and contrasted to reveal useful insights. Specific considerations in this study included comparison of 1E vs. non-1E systems, active vs. potential CCFs, and possible defensive measures to prevent these events. This paper documents the dominant attributes of the evaluated events and the associated insights that can be used to improve methods for protecting against digital I&C related CCFs, applying a test of reasonable assurance.

scholarly journals CS Measures for Nuclear Power Plant Protection: A Systematic Literature Review

Signals ◽  
2021 ◽  
Vol 2 (4) ◽  
pp. 803-819
Author(s):  
Nabin Chowdhury
Keyword(s):  
Literature Review ◽  
Systematic Literature Review ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
New Technologies ◽  
Plant Protection ◽  
Security Requirements ◽  
Protection Measures ◽  
Defense In Depth

As digital instrumentation in Nuclear Power Plants (NPPs) is becoming increasingly complex, both attack vectors and defensive strategies are evolving based on new technologies and vulnerabilities. Continued efforts have been made to develop a variety of measures for the cyber defense of these infrastructures, which often consist in adapting security measures previously developed for other critical infrastructure sectors according to the requirements of NPPs. That being said, due to the very recent development of these solutions, there is a lack of agreement or standardization when it comes to their adoption at an industrial level. To better understand the state of the art in NPP Cyber-Security (CS) measures, in this work, we conduct a Systematic Literature Review (SLR) to identify scientific papers discussing CS frameworks, standards, guidelines, best practices, and any additional CS protection measures for NPPs. From our literature analysis, it was evidenced that protecting the digital space in NPPs involves three main steps: (i) identification of critical digital assets; (ii) risk assessment and threat analysis; (iii) establishment of measures for NPP protection based on the defense-in-depth model. To ensure the CS protection of these infrastructures, a holistic defense-in-depth approach is suggested in order to avoid excessive granularity and lack of compatibility between different layers of protection. Additional research is needed to ensure that such a model is developed effectively and that it is based on the interdependencies of all security requirements of NPPs.

Performance Evaluation of Japanese Nuclear Power Plant Based on Open Data and Information (3)

2010 ◽  
Author(s):  
Tadahisa Nagata ◽  
Ken-ichiro Sugiyama
Keyword(s):  
Renewal Process ◽  
Calculation Method ◽  
Nuclear Power ◽  
Power Plants ◽  
Failure Modes ◽  
Continuous Data ◽  
Weibull Analysis ◽  
Improved Method ◽  
Early Failure ◽  
Restoration Process

The excessive maintenance of the nuclear power plants (NPPs) may cause the early (infant) failure in Japan. An easy analysis; the Weibull analysis was applied to the evaluation of the failure mode. The Weibull analysis needs the hazard data. The maintenance information of the equipment which caused plant shutdown was required for the hazard calculation. However, maintenance information of the equipment was not open. Therefore, all equipment was assumed to be maintained during every shutdown. This assumption was based on renewal process. However, a repair after unplanned shutdown of NPP is generally a restoration of only failed function without system overhaul. The system must be considered to age continuously. The system was not renewed. The operation data must be regarded as one continuous data before and after unplanned shutdown. An improvement of the Weibull analysis was required for NPPs. The model of the Weibull analysis was investigated. The competitive model in which shutdown caused by other than focused equipment/cause may be supposed to be continuous data could not be applied for a comprehensive analysis. Furthermore, the calculation method of the Weibull analysis was investigated. The calculation method of the hazard was viewed. A denominator of the hazard is the number of data which is cut for every continuous data by renewal process. However, multiple considerations of operation periods before unplanned shutdowns might cause underestimation of the failure rate in case of restoration process. Therefore, a dominator of the hazard was not supposed to be the number of data but the number of survived equipments (plants) at each time according to the definition of the hazard. This improved method is for the restoration process. The performance of Japanese NPPs was evaluated by improved method. The failure modes of Japanese NPPs were early failure modes. Moreover, performances of U.S. NPPs was tried to be evaluated by improved method. Operation data was collected from “NRC Power Reactor Status Reports”. However, many “maintenance outage”s which are the shutdowns of unknown origin were found. Therefore, DOE information was supplemented to investigate the “maintenance outage”. Failure modes of U.S. NPPs were the early failure modes, and failure rates were larger than Japanese NPPs.

Power Maximization of Fully Passive Lead-Bismuth Eutectic Cooled Small Modular Reactor

2014 ◽  
Author(s):  
Jaehyun Cho ◽  
Yong-Hoon Shin ◽  
Il Soon Hwang
Keyword(s):  
Nuclear Power ◽  
Power Plants ◽  
Natural Circulation ◽  
Reactor Core ◽  
Design Stage ◽  
Pressurized Water ◽  
Small Modular Reactor ◽  
Power Maximization ◽  
Lead Bismuth Eutectic ◽  
Water Reactors

Although the current Pressurized Water Reactors (PWRs) have significantly contributed to the global energy supply, PWRs have not been considered as a trustworthy energy solution owing to its several problems; spent nuclear fuels (SNFs), nuclear safety, and nuclear economy. In order to overcome these problems, lead-bismuth eutectic (LBE) fully passive cooling Small Modular Reactor (SMR) system is suggested. It is possible to not only provide the solution of the problem of SNFs through the transmutation feature of LBE coolant, but also increase the safety and economy through the concepts of the natural circulation cooling SMRs. It is necessary to maximize the advantages (safety and economy) of this type of Nuclear Power Plants for several applications in future. Accordingly, objective of the study is to maximize the reactor core power while the limitations of shipping size, materials endurance, long-burning criticality as well as safety under Beyond Design Basis Events must be satisfied. Design limitations of natural circulating LBE-cooling SMRs are researched and power maximization method is developed based on obtained design limitations. It is expected that the results are contributed to reactor design stage with providing several insights to designers as well as the methods for design optimization of other type of SMRs.

Sign in / Sign up

Export Citation Format

Share Document