CN104360676A - Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode - Google Patents
Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode Download PDFInfo
- Publication number
- CN104360676A CN104360676A CN201410466949.0A CN201410466949A CN104360676A CN 104360676 A CN104360676 A CN 104360676A CN 201410466949 A CN201410466949 A CN 201410466949A CN 104360676 A CN104360676 A CN 104360676A
- Authority
- CN
- China
- Prior art keywords
- cpu
- logic
- parallel redundancy
- nuclear power
- power station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/042—Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
- G05B19/0423—Input/output
- G05B19/0425—Safety, monitoring
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/24—Pc safety
- G05B2219/24187—Redundant processors run identical programs
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/24—Pc safety
- G05B2219/24189—Redundant processors monitor same point, common parameters
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Safety Devices In Control Systems (AREA)
- Hardware Redundancy (AREA)
Abstract
The invention discloses a signal output setting method of nuclear station CPUs (central processing units) in a parallel redundancy mode. The method includes: subjecting a first CPU of a first subsystem and a second CPU of a second subsystem to parallel redundancy setting; allowing the first CPU and the second CPU to acquire nuclear station cabinet signals respectively; setting a logic connection manner of the first and second CPUs, setting output statuses of a first digital output card of the first CPU and a second digital output card of the second CPU respectively so that signal output is for acquisition of the signals acquired by the first and second CPUs. The signal output setting of the nuclear station CPUs in the parallel redundancy mode is achieved flexibly and reliably. In addition, the invention further discloses a signal output setting system of nuclear station CPUs (central processing units) in a parallel redundancy mode.
Description
Technical field
The invention belongs to technical field of nuclear power, be specifically related to a kind of nuclear power station CPU parallel redundancy mode signals and export method to set up and system.
Background technology
Along with the development of digitizing technique, distributed/Digitizing And Control Unit (Distributed/Digital Control System, DCS) the system control field applying to nuclear power station gradually, instead of analogue instrument in the past.In order to improve the reliability of DCS system, general use safety level DCS.Safe level DCS Level 1 layer mainly includes reactor protection rack (RPC) rack; Core cooling Monitor and Control cabinet (CCMS) rack; security function is correlated with rack (SRC), Engineered safety feature actuation rack (ESFAC); security logic process rack (SLC); rack can use two CPU (central processing unit) (Central Processing Unit usually; CPU) redundant configuration is carried out; when a cpu fault; another one CPU can continue to run, thus improves the reliability of DCS.
Redundancy relationship between two CPU is generally divided into: hot backup redundancy and parallel redundancy two kinds.Hot backup redundancy refers to that two CPU are divided into host CPU and spare CPU, and when host CPU normally runs, spare CPU is output information not, and when host CPU fault, spare CPU is taken over host CPU and run.Parallel redundancy refers to that the CPU of two redundancies runs simultaneously, is outputed signal by Digital output (Digital Output, the DO) fastener of each Self management simultaneously, and when wherein CPU-A fault, another redundancy CPU-B can continue to run.But when CPU-A fault, the DO fastener of its management can keep a value, thus the DO that can have influence on CPU-B exports.Such as ESFAC rack and SLC rack are that parallel redundancy CPU controls.
At present, the DCS platform of existing nuclear power station, according to its product performance and default setting, adopt CPU " Fail as is "+DO " OR ", the implementation of an effective value+output or logic is kept after fault, namely CPU-A and CPU-B is the relation of logical OR, and the output keeping another after breaking down when one is effective value, refers to Fig. 1.Certain problem can be there is in this mode for antilogical.When being " 1 " when normal operation, CPU-A fault, its DO keeps exporting for " 1 " according to " Fail as is ", when CPU-B needs to export " 0 ", due to " OR " logic between two DO, the CPU-A that its instruction exports the prior fault of quilt is set to " 1 ", thus instruction output cannot be set to " 0 " by CPU-A.When after CPU-A fault, CPU-B normally runs, but instruction output is set to " 1 ", thus causes CPU-B cannot change last instruction output.In existing nuclear power station DCS platform host CPU and the logic of spare CPU arrange more single, cannot adjust flexibly according to designing needs, reliability is poor.
Summary of the invention
The object of the invention is to: for breaking down in process under nuclear power station CPU parallel redundancy pattern, what provide a kind of CPU flexibly and signal to export fastener arranges technology.
In order to realize foregoing invention object, the invention provides a kind of nuclear power station CPU parallel redundancy mode signals and export method to set up, described method comprises:
Step 1 a: CPU and the 2nd CPU is carried out parallel redundancy setting;
Step 2: a described CPU and described 2nd CPU obtains nuclear power station rack signal respectively;
Step 3: the logic connected mode that a described CPU and the 2nd CPU is set, the output state of the first Digital output fastener of a described CPU and the second Digital output fastener of the 2nd CPU being set respectively, exporting as obtaining according to the acquisition signal of a described CPU and the 2nd CPU to make described signal.
The one exporting method to set up as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, and described step 3 comprises:
Arranging a described CPU and the 2nd CPU is and logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " OFF ".
The one exporting method to set up as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, and described step 3 comprises:
Arranging a described CPU and the 2nd CPU is or logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " ON ".
The one exporting method to set up as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, and the described logic connected mode arranging a described CPU and the 2nd CPU is hardwired logic.
In order to realize foregoing invention object, the invention provides the output of a kind of nuclear power station CPU parallel redundancy mode signals and arrange system, this system comprises:
First arranges module, for a CPU and the 2nd CPU is carried out parallel redundancy setting;
One CPU, for obtaining nuclear power station rack signal;
2nd CPU, for obtaining nuclear power station rack signal;
Second arranges module, if break down for a described CPU, the logic connected mode of a described CPU and the 2nd CPU is set, and the output state of the first Digital output fastener of a described CPU and the second Digital output fastener of the 2nd CPU is set respectively, export as obtaining according to the acquisition signal of a described CPU and the 2nd CPU to make described signal.
The one exporting the system that arranges as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, described second arrange module for:
Arranging a described CPU and the 2nd CPU is and logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " OFF ".
The one exporting the system that arranges as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, described second arrange module for:
Arranging a described CPU and the 2nd CPU is or logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " ON ".
The one exporting the system that arranges as nuclear power station CPU parallel redundancy mode signals of the present invention is improved, and the logic connected mode of a described CPU and the 2nd CPU is hardwired logic.
Compared with prior art, nuclear power station CPU parallel redundancy mode signals of the present invention exports method to set up and has following Advantageous Effects: by the output state of the logic connected mode and described Digital output fastener that arrange a described CPU and the 2nd CPU, make signal output for obtain according to the acquisition signal of a CPU and the 2nd CPU.Jointly obtain according to the acquisition signal of a CPU and the 2nd CPU during output due to signal, after avoiding a cpu fault, output signal the phenomenon controlled by another CPU.Add the rationality of CPU configuration, improve the reliability of nuclear power station, dirigibility and economy.The method is simple, obtains good technique effect.
Accompanying drawing explanation
Below in conjunction with the drawings and specific embodiments, a kind of nuclear power station CPU of the present invention parallel redundancy mode signals output method to set up and system are described in detail, wherein:
Fig. 1 provides the example schematic that a kind of existing nuclear power station CPU parallel redundancy mode signals exports method to set up.
Fig. 2 provides the example flow chart that a kind of nuclear power station CPU parallel redundancy mode signals exports method to set up.
Fig. 3 provides the example schematic that a kind of nuclear power station CPU parallel redundancy mode signals exports the system that arranges.
Embodiment
In order to make goal of the invention of the present invention, technical scheme and Advantageous Effects thereof more clear, below in conjunction with the drawings and specific embodiments, the present invention is further elaborated.It is emphasized that the embodiment described in this instructions is only used to explain the present invention, be not intended to limit use occasion of the present invention.
When CPU card part occurs communication failure to the transmission path that DO fastener exports, DO card failure pattern is As is.Therefore, no matter redundancy DO exports adopt "or" logic or adopt "AND" logic, the configuration that the fault of one piece of CPU card all may affect parallel redundancy CPU redundancy DO loses correct direction of action.
Method to set up is exported incorporated by reference to providing a kind of nuclear power station CPU parallel redundancy mode signals referring to Fig. 2, Fig. 2.Comprise:
201, step 1 a: CPU and the 2nd CPU is carried out parallel redundancy setting.
Parallel redundancy refers to that the CPU of two redundancies runs simultaneously, is outputed signal by the Digital output DO fastener of each Self management simultaneously, and when wherein CPU1 fault, another redundancy CPU2 can continue to run.General, nuclear power station DCS is for reaching single failure principle, and rack carries out two-ways cpu, and dual processors accepts the signal from rack outside simultaneously, carries out logical operation, exports instruction to rack outside simultaneously.One CPU of the first subsystem and the 2nd CPU of the second subsystem is carried out parallel redundancy setting.Concrete, carry out parallel redundancy setting by the CPU1 of the subsystem 1 and CPU2 of subsystem 2.
203, step 2: a described CPU and described 2nd CPU obtains nuclear power station rack signal respectively.
CPU1 and CPU2 obtains nuclear power station rack signal respectively.
205, step 3: the logic connected mode that a described CPU and the 2nd CPU is set, the output state of the first Digital output fastener of a described CPU and the second Digital output fastener of the 2nd CPU being set respectively, exporting as obtaining according to the acquisition signal of a described CPU and the 2nd CPU to make described signal.
Further, arranging a described CPU and the 2nd CPU is and logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " OFF ".Concrete, when nuclear power station occurs without corresponding accident direction of action remain the signaling point → CPU1 of "AND" logic realization subsystem 1 of " ON " and the CPU2 of subsystem 2 break down before for " OFF " state time, if now subsystem 1 breaks down, DO1 output state keeps As is to be " OFF ", owing to adopting "AND" logical operation DO1 and DO2, therefore " OFF " of DO1 by the output of locking DO2, make final Output rusults remain " OFF " state, now parallel redundancy DO exports as failsafe position.Certainly, if time before the CPU2 of the CPU1 of subsystem 1 and subsystem 2 breaks down for " ON " state, if now subsystem 1 breaks down, DO1 output state keeps As is to be " ON ", owing to adopting "AND" logical operation DO1 and DO2, therefore " ON " of DO1 does not affect final Output rusults, and parallel redundancy DO exports and will be taken over by the control of CPU2 completely.CPU1 and CPU2 and logic are arranged, and refer to table 1.
Further, arranging a described CPU and the 2nd CPU is or logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " ON ".Concrete, when nuclear power station occurs without corresponding accident, direction of action remains the signaling point → "or" logic realization of " OFF ".Time before the CPU1 of the subsystem 1 and CPU2 of subsystem 2 breaks down for " ON " state, if now subsystem 1 breaks down, DO1 output state keeps As is to be " ON ", owing to adopting "or" logical operation DO1 and DO2, therefore " ON " of DO1 by the output of locking DO2, make final Output rusults remain " ON " state, now parallel redundancy DO exports as failsafe position.Certainly, if time before the CPU2 that the CPU1 of subsystem 1 and subsystem 2 are breaks down for " OFF " state, if now subsystem 1 breaks down, DO1 output state keeps As is to be " OFF ", owing to adopting "or" logical operation DO1 and DO2, therefore " OFF " of DO1 does not affect final Output rusults, and parallel redundancy DO exports and will be taken over by the control of CPU2 completely.CPU1 and CPU2 or logic are arranged, and refer to table 2.
Wherein, the logic connected mode of a described CPU and the 2nd CPU is hardwired logic.
The embodiment of the present invention, by the output state of the logic connected mode and described Digital output fastener that arrange a described CPU and the 2nd CPU, makes signal export as to obtain according to the acquisition signal of a CPU and the 2nd CPU.Jointly obtain according to the acquisition signal of a CPU and the 2nd CPU during output due to signal, after avoiding a cpu fault, output signal the phenomenon controlled by another CPU.Add the rationality of CPU configuration, improve the reliability of nuclear power station, dirigibility and economy.
Incorporated by reference to providing the output of a kind of nuclear power station CPU parallel redundancy mode signals referring to Fig. 3, Fig. 3, system is set.Comprise: first arranges module 301, a CPU303, the 2nd CPU305 and second arrange module 307.Concrete:
First arranges module 301, for a CPU303 and the 2nd CPU305 is carried out parallel redundancy setting.
One CPU303, for obtaining nuclear power station rack signal.
2nd CPU305, for obtaining nuclear power station rack signal.
Second arranges module 307, if break down for a described CPU303, the logic connected mode of a described CPU303 and the 2nd CPU305 is set, and the output state of the first Digital output fastener of a CPU303 and the second Digital output fastener of the 2nd CPU305 is set respectively, export as obtaining according to the acquisition signal of a described CPU303 and the 2nd CPU305 to make described signal.
Further, second arrange module 307 arrange a described CPU303 and the 2nd CPU305 for and logic, if a described CPU303 breaks down, the first Digital output fastener output state is set for keeping As is for " OFF ".
Further, second arrange module 307 arrange a described CPU303 and the 2nd CPU305 for or logic, if a described CPU303 breaks down, the first Digital output fastener output state is set for keeping As is for " ON ".
Optionally, the logic connected mode of a described CPU303 and the 2nd CPU305 is hardwired logic.
The implementation method of system and flow process see the embodiment of the method introduced in previous embodiment, can repeat no more herein.
Can find out in conjunction with above detailed description of the present invention, relative to prior art, the present invention at least has following Advantageous Effects: by the output state of the logic connected mode and described Digital output fastener that arrange a described CPU and the 2nd CPU, and signal is exported as to obtain according to the acquisition signal of a CPU and the 2nd CPU.Jointly obtain according to the acquisition signal of a CPU and the 2nd CPU during output due to signal, after avoiding a cpu fault, output signal the phenomenon controlled by another CPU.Add the rationality of CPU configuration, improve the reliability of nuclear power station, dirigibility and economy.The method is simple, obtains good technique effect.
According to above-mentioned principle, the present invention can also carry out suitable change and amendment to above-mentioned embodiment.Therefore, the present invention is not limited to embodiment disclosed and described above, also should fall in the protection domain of claim of the present invention modifications and changes more of the present invention.In addition, although employ some specific terms in this instructions, these terms just for convenience of description, do not form any restriction to the present invention.
Claims (8)
1. nuclear power station CPU parallel redundancy mode signals exports a method to set up, and it is characterized in that, described method comprises:
Step 1 a: CPU and the 2nd CPU is carried out parallel redundancy setting;
Step 2: a described CPU and described 2nd CPU obtains nuclear power station rack signal respectively;
Step 3: if a described CPU breaks down, the logic connected mode of a described CPU and the 2nd CPU is set, the output state of the first Digital output fastener of a described CPU and the second Digital output fastener of the 2nd CPU being set respectively, exporting as obtaining according to the acquisition signal of a described CPU and the 2nd CPU to make described signal.
2. the method for claim 1, is characterized in that, described step 3 comprises:
Arranging a described CPU and the 2nd CPU is and logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " OFF ".
3. the method for claim 1, is characterized in that, described step 3 comprises:
Arranging a described CPU and the 2nd CPU is or logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " ON ".
4. method as claimed in claim 2 or claim 3, it is characterized in that, the described logic connected mode arranging a described CPU and the 2nd CPU is hardwired logic.
5. nuclear power station CPU parallel redundancy mode signals exports and arranges a system, and described system comprises:
First arranges module, for a CPU and the 2nd CPU is carried out parallel redundancy setting;
One CPU, for obtaining nuclear power station rack signal;
2nd CPU, for obtaining nuclear power station rack signal;
Second arranges module, if break down for a described CPU, the logic connected mode of a described CPU and the 2nd CPU is set, and the output state of the first Digital output fastener of a described CPU and the second Digital output fastener of the 2nd CPU is set respectively, export as obtaining according to the acquisition signal of a described CPU and the 2nd CPU to make described signal.
6. system as claimed in claim 5, is characterized in that, described second arrange module for:
Arranging a described CPU and the 2nd CPU is and logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " OFF ".
7. system as claimed in claim 5, is characterized in that, described second arrange module for:
Arranging a described CPU and the 2nd CPU is or logic, if a described CPU breaks down, arranges the first Digital output fastener output state for keeping As is for " ON ".
8. system as claimed in claims 6 or 7, it is characterized in that, the logic connected mode of a described CPU and the 2nd CPU is hardwired logic.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466949.0A CN104360676A (en) | 2014-09-12 | 2014-09-12 | Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466949.0A CN104360676A (en) | 2014-09-12 | 2014-09-12 | Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104360676A true CN104360676A (en) | 2015-02-18 |
Family
ID=52527944
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410466949.0A Pending CN104360676A (en) | 2014-09-12 | 2014-09-12 | Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104360676A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108303971A (en) * | 2018-02-28 | 2018-07-20 | 中国船舶重工集团公司第七〇九研究所 | The nuclear safety engineer operation bench and control system of ocean nuclear power platform |
| CN109581923A (en) * | 2018-12-05 | 2019-04-05 | 深圳中广核工程设计有限公司 | Nuclear power station feed water control system |
-
2014
- 2014-09-12 CN CN201410466949.0A patent/CN104360676A/en active Pending
Non-Patent Citations (2)
| Title |
|---|
| 王振营,等: "红沿河核电站反应堆保护系统的DCS实现", 《中国高新技术企业》 * |
| 董伟鹤,等: "CPR1000核电站安全级DCS冗余DO配置单一故障分析", 《自动化博览》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108303971A (en) * | 2018-02-28 | 2018-07-20 | 中国船舶重工集团公司第七〇九研究所 | The nuclear safety engineer operation bench and control system of ocean nuclear power platform |
| CN108303971B (en) * | 2018-02-28 | 2023-11-03 | 中国船舶重工集团公司第七一九研究所 | Nuclear safety engineer control console and control system of ocean nuclear power platform |
| CN109581923A (en) * | 2018-12-05 | 2019-04-05 | 深圳中广核工程设计有限公司 | Nuclear power station feed water control system |
| CN109581923B (en) * | 2018-12-05 | 2021-10-15 | 深圳中广核工程设计有限公司 | Water supply control system for nuclear power station |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10576990B2 (en) | Method and device for handling safety critical errors | |
| CN109872150B (en) | Data processing system with clock synchronization operation | |
| US10761925B2 (en) | Multi-channel network-on-a-chip | |
| US9952579B2 (en) | Control device | |
| CN108021406B (en) | Dual-redundancy hot backup CPU system suitable for onboard computer | |
| EP3198725B1 (en) | Programmable ic with safety sub-system | |
| US9625894B2 (en) | Multi-channel control switchover logic | |
| US9195553B2 (en) | Redundant system control method | |
| CN104182305A (en) | Triple modular redundancy control and data management computer and using method thereof | |
| AU2017313189B2 (en) | Method and apparatus for redundant data processing | |
| CN103235591A (en) | Online fault injection method on basis of combination of hardware fault injection and software fault injection | |
| CN104125049A (en) | Redundancy implementation method of PCIE (Peripheral Component Interface Express) device based on BRICKLAND platform | |
| US10173692B2 (en) | Microcontroller system and method for safety-critical motor vehicle systems and the use thereof | |
| CN104360676A (en) | Signal output setting method and system of nuclear station CPUs (central processing units) in parallel redundancy mode | |
| CN110147343B (en) | Full-comparison Lockstep processor architecture | |
| CN117111525A (en) | Multi-CPU-based trusted redundant control system and control method | |
| US9128838B2 (en) | System and method of high integrity DMA operation | |
| CN103631668A (en) | Multicomputer system priority chain voting device applied to space application | |
| US10313095B2 (en) | Control system | |
| US9378102B1 (en) | Safety hardware and/or software fault tolerance using redundant channels | |
| TW200832128A (en) | Redundant system | |
| JP5325032B2 (en) | High reliability controller for multi-system | |
| CN103678049A (en) | Fault isolating and switching method of redundancy fault-tolerant computer system | |
| JP5287198B2 (en) | Information processing device | |
| JP2011081705A (en) | Memory control device and method for controlling the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150218 |