CN108389639B - Digital normal and accident operation regulation interface setting system and method for nuclear power station - Google Patents
Digital normal and accident operation regulation interface setting system and method for nuclear power station Download PDFInfo
- Publication number
- CN108389639B CN108389639B CN201710919571.9A CN201710919571A CN108389639B CN 108389639 B CN108389639 B CN 108389639B CN 201710919571 A CN201710919571 A CN 201710919571A CN 108389639 B CN108389639 B CN 108389639B
- Authority
- CN
- China
- Prior art keywords
- interface
- interface type
- type
- module
- basic safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G21—NUCLEAR PHYSICS; NUCLEAR ENGINEERING
- G21D—NUCLEAR POWER PLANT
- G21D3/00—Control of nuclear power plant
- G21D3/04—Safety arrangements
- G21D3/06—Safety arrangements responsive to faults within the plant
-
- G—PHYSICS
- G21—NUCLEAR PHYSICS; NUCLEAR ENGINEERING
- G21C—NUCLEAR REACTORS
- G21C9/00—Emergency protection arrangements structurally associated with the reactor, e.g. safety valves provided with pressure equalisation devices
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E30/00—Energy generation of nuclear origin
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E30/00—Energy generation of nuclear origin
- Y02E30/30—Nuclear fission reactors
Abstract
The invention provides a method and a system for setting a digital normal and accident operation procedure interface of a nuclear power station, wherein the setting method comprises the following steps: s100, defining the range of the operation technical specification; s200, analyzing and determining the range of basic safety functions covered by the interface; s300, determining the type of the interface after each basic safety function in the basic safety function range is lost according to a judgment criterion by combining with the operation technical specification range; s400, setting an interface unit according to the interface type. The invention ensures that the basic safety function of the management of the operation technical specification is more reasonable by redefining the range of the operation technical specification and reasonably setting the interface types, the interface types are various but not complicated, and not only can unnecessary shutdown events be avoided, but also the items of operation limiting conditions in the operation technical specification can be reduced, so that the limitation on normal operation is reduced, and the operation flexibility of a power plant is improved.
Description
Technical Field
The invention relates to the field of a digital man-machine interface of a nuclear power plant, in particular to a digital normal and accident operation regulation interface setting system and method for the nuclear power plant.
Background
At present, more and more nuclear power plants adopt digital man-machine interfaces, and correspondingly adopt a digital operation file system, namely a digital operation regulation, so as to ensure the safety of the nuclear power plants. In the prior art, there are mainly the following two typical schemes: (1) an interface setting scheme of a certain passive third-generation nuclear power plant; (2) the interface setting scheme of certain active three-generation nuclear power plant.
The operation regulations of the passive third-generation nuclear power plant mainly comprise a general operation regulation (GOP), an abnormal operation regulation (AOP), a system operation regulation (SOP), an alarm response regulation (ARP), an emergency operation regulation (EOP), an operation regulation 72 hours after an accident, a serious accident management guide rule (SAMG) and the like. In the operating file system, GOP, AOP, SOP and ARP belong to the category of normal operating regulations, and EOP, operating regulations 72 hours after an accident and SAMG belong to the category of accident operating regulations. During the normal operation of the unit, namely when GOP, AOP, SOP and ARP are executed, the requirements of OTS are required to be met. The management object of the OTS of the power plant is mainly a safety level function and equipment on a unit safety path. The interface of the normal operation regulation and the accident operation regulation of the power plant is the automatic start of unit stack skip (RT) or special protection equipment. The interfaces of the normal operation rules and the accident operation rules of the passive third-generation nuclear power plant are relatively definite, only shutdown and special protection equipment are automatically started and are easy to grasp for an operator, but the interfaces are too extensive, if some simple equipment faults occur during the execution of the normal operation rules, the faults do not have great influence on the operation of the unit, the operator needs to directly jump the unit manually, the accident operation rules are executed for processing, the unexpected shutdown times of the unit are greatly increased, the economy of the unit is seriously reduced, and great influence is also generated on the equipment.
The other active three-generation nuclear power plant operation regulation mainly comprises a general operation regulation (GOP), a special operation guide rule (POR), a system operation regulation (SOP), an alarm response regulation (ARP), an emergency operation regulation (EOP) and a serious accident management guide rule (SAMG). GOP, POR, SOP and ARP belong to the category of normal operation regulations, and EOP and SAMG belong to the category of accident operation regulations. During the normal operation of the unit, namely when executing GOP, POR, SOP and ARP, the OTS requirement also needs to be met, and the OTS management range of the active nuclear power plant not only comprises the safety function on the unit safety path, but also comprises some non-safety functions related to the normal operation of the unit. Because this technical scheme puts into many non-security level functions in OTS management, so its interface of normal operating regulation and accident operation regulation is comparatively abundant. The interface setting mode is relatively clear but is excessively complicated, and a series of additional normal operation limiting conditions are formed due to the fact that a considerable number of non-safety-level functions are incorporated into OTS management, so that the normal operation boundary of the unit is reduced, the flexibility of unit operation is limited, and the operation management is very unfavorable.
Disclosure of Invention
Aiming at the problems, the invention provides a setting method of a digital normal and accident operation regulation interface of a nuclear power station, optimizes operation management, avoids unnecessary unexpected shutdown and avoids increasing excessive normal operation limiting conditions to reduce the flexibility of unit operation.
The technical scheme for solving the technical problems is that the invention provides a method for setting a digital normal and accident operation procedure interface of a nuclear power station, which comprises the following steps:
s100, defining the range of the operation technical specification;
s200, analyzing and determining the range of basic safety functions covered by the interface;
s300, determining the type of the interface after each basic safety function in the basic safety function range is lost according to a judgment criterion by combining with the operation technical specification range;
s400, setting an interface unit according to the interface type.
Preferably, the operating specification range includes: the initial state of the unit before the accident is supposed to occur in the accident analysis; structures, systems or components that are safe paths in accident analysis; structures, systems or components that ensure shielding integrity and master control room habitability; operational experience or probabilistic safety assessments indicate structures, systems or components that are important to public health and safety.
Preferably, the analyzing and determining the basic security function range covered by the interface comprises the following processes:
s210, determining the basic safety function type of the nuclear power plant;
s220, dividing the operation modes of the nuclear power plant;
and S230, determining each corresponding basic safety function under each operation mode of the nuclear power plant according to the basic safety function type to form the basic safety function range.
Preferably, the interface types include:
the first interface type is the interface type which needs to trigger the action of the protection system immediately;
the basic safety function is managed by operating a technical specification, and the basic safety function can not comply with the interface type when the special protection equipment is required to be manually stopped or started or the special protection equipment is not required to be manually stopped and started;
and the third interface type is used when the basic safety function is not managed by operating a technical specification and needs manual shutdown or starting of special protection equipment.
Preferably, the judgment criteria in the step S300 include:
the first judgment criterion is used for judging whether a system action needs to be triggered immediately or not according to the introduced basic safety function losing signal, and if so, the interface type of the basic safety function is judged to be a first interface type;
and the second judgment criterion is used for judging whether the basic safety function is managed by operating the technical specification or not when the first judgment criterion is not met, and distinguishing the interface type of the basic safety function as a second interface type or a third interface type.
Preferably, the step S300 further comprises the following sub-steps:
s310, introducing a basic safety function losing signal, and judging whether a protection system needs to be triggered immediately to act; if so, executing S320, and determining that the interface type losing the basic security function is the first interface type.
If the step S310 determines that the operation is not required, then S330 is executed to determine whether the unit can be stabilized in the current state; if the judgment in the step S330 is no, the unit needs to be backed up to an operating state lower than the current state, and meanwhile, S340 is executed to further judge whether the basic safety function is managed in the operating technical specification;
if the judgment in the step S340 is no, executing S380, and judging whether the special protection equipment needs to be manually stopped or started; if the judgment in the step S380 is yes, then S390 is executed to determine that the interface type after the basic security function is lost is a third interface type;
if the step S340 is judged to be yes, the step S350 is executed, and whether the manual shutdown or the manual startup of the special protection equipment is needed or not is judged; if the judgment in the step S350 is yes, executing S360, and determining that the interface type of the basic security function is a second interface type; or
If the step S350 is judged to be no, the step S370 is executed to judge whether the operation technical specification can be complied with; if the judgment in the step S370 is no, then S360 is executed to determine that the interface type of the basic security function is the second interface type.
Preferably, when the interface type is determined to be the first interface type, step S400 includes the following sub-steps: s410, setting automatic pile skipping or starting of a special protection device as an interface condition of the first interface type, and triggering first-type alarm information in the interface unit;
when the interface type is determined to be the second interface type, S400 includes the following sub-steps: s420, in an operation technical specification, defining the basic security function under the management item corresponding to the basic security function as NNOF, and triggering second-type alarm information in the interface unit by using that the NNOF cannot be used as an interface condition of the second interface type;
when the interface type is determined to be the third interface type, S400 includes the following sub-steps: and S430, defining the basic security function as NNOF, setting the unavailability of NNOF as an interface condition of the third interface type, and triggering third-type alarm information in the interface unit.
Preferably, also comprises
S500, storing the basic safety functions and the interface units in a one-to-one correspondence mode.
On the other hand, the invention also provides a setting system of the digital normal and accident operation regulation interface of the nuclear power station, which comprises the following steps:
the management module is used for defining the range of the operation technical specification;
the analysis module is used for analyzing and determining the interface function range;
the dividing module is connected with the management module and the analysis module and is used for determining the type of each interface with lost function in the interface function range according to a judgment criterion by combining an operation technical specification range;
the setting module is connected with the dividing module and used for setting an interface unit according to the interface type;
preferably, the operating specification range includes: the initial state of the unit before the accident is supposed to occur in the accident analysis; structures, systems or components that are safe paths in accident analysis; structures, systems or components that ensure shielding integrity and master control room habitability; operational experience or probabilistic safety assessments indicate structures, systems or components that are important to public health and safety.
Preferably, the analysis module comprises:
the first analysis module is used for determining the basic safety function type of the nuclear power plant;
the second analysis module is used for dividing the operation mode of the nuclear power plant;
and the third analysis module is connected with the first analysis module and the second analysis module and is used for determining corresponding basic safety functions of the nuclear power plant under each operation mode according to the basic safety function types.
Preferably, the dividing module includes a judging module, which stores a judging criterion, and is used for successively judging the interface type according to the basic security function loss signal; the interface type module is connected with the judging module and used for determining the interface type according to the judging result of the judging module;
the judgment criterion comprises the following steps: the first judgment criterion is to introduce a basic safety function losing signal and judge whether a system action needs to be triggered immediately, if so, the interface type of the basic safety function is judged to be a first interface type; and if not, distinguishing the interface type of the basic safety function as a second interface type or a third interface type by judging whether the basic safety function is managed by operating the technical specification.
Preferably, the interface type module includes a first interface type module, configured to determine, when the determining module determines that the basic security function is lost and needs to trigger the protection system to act immediately, that the interface type that loses the basic security function is the first interface type;
the second interface type module is used for determining that the interface type of the basic safety function is the second interface type when the judging module judges that the action of the protection system is not required to be triggered immediately, but the unit cannot be stabilized in the current state, and the unit needs to be withdrawn to the running state lower than the current state, the basic safety function is managed through a running technical specification, and when manual shutdown or starting of special protection equipment is required, or manual shutdown and starting of the special protection equipment are not required, but the running technical specification cannot be complied with;
and the third interface type module is used for determining that the interface type of the basic safety function is the third interface type when the judging module judges that the action of the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, and the unit needs to be withdrawn to the running state lower than the current state, the basic safety function is not managed by running a technical specification, and manual shutdown or starting of special protection equipment is needed.
Preferably, the setting module is connected to the first interface type module, the second interface type module, and the third interface type module, respectively, and is configured to set an automatic stack skipping or a starting of a dedicated protection device as an interface condition of the first interface type after determining that the interface type is the first interface type, and trigger a first type of alarm information in the interface unit; or
After the interface type is determined to be the second interface type, defining the basic security function under the management entry corresponding to the basic security function as NNOF in the operation technical specification, and triggering second-type alarm information in the interface unit by using that NNOF cannot be used as an interface condition of the second interface type; or
And the interface unit is used for defining the basic security function as NNOF after the interface type is determined to be a third interface type, setting the unavailability of NNOF as an interface condition of the third interface type, and triggering a third type alarm in the interface unit.
Preferably, the system also comprises a normal operation rule processing module, which is used for processing by adopting a normal operation rule when the basic safety function is lost, the protection system does not need to be started immediately, manual pile stopping and special protection equipment starting are not needed, and the operation technical specification can be complied with; and the storage module is connected with the setting module and used for storing the basic safety function and the interface unit in a one-to-one correspondence manner.
The digital setting method of the interface of the normal operation regulation and the accident operation regulation can avoid unnecessary shutdown events, and can reduce the items of operation limiting conditions in an Operation Technical Specification (OTS) so as to reduce the limitation on normal operation and improve the flexibility of the operation of a power plant.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a method for setting interfaces of a digital normal operation procedure and an accident operation procedure according to the present invention;
FIG. 2 is a set-up criteria for the OTS of the present invention;
FIG. 3 is a diagram of the steps of the present invention to determine and analyze the basic security function scope covered by an interface;
FIG. 4 is a flow chart of the decision to determine the type of interface of the present invention;
FIG. 5 is a schematic diagram of a first interface type setup according to a preferred embodiment of the present invention;
FIG. 6 is a diagram illustrating a second interface type arrangement in accordance with a preferred embodiment of the present invention;
FIG. 7 is a schematic diagram of a third interface type arrangement according to a preferred embodiment of the present invention;
fig. 8 is a schematic diagram of an interface setup system for the digitized normal operation protocol and the emergency operation protocol according to the present invention.
Detailed Description
The invention provides a method and a system for setting interfaces of a digital normal operation rule and an accident operation rule, wherein the setting method comprises the following steps: s100, defining the range of the operation technical specification; s200, analyzing and determining the basic security function range covered by the interface; s300, determining the type of the interface after each basic safety function in the basic safety function range is lost according to a judgment criterion by combining with the operation technical specification range; s400, setting an interface unit according to the interface type; s500, storing the basic safety functions and the interface units in a one-to-one correspondence mode. The invention ensures that the basic safety function of the management of the operation technical specification is more reasonable by redefining the range of the operation technical specification and reasonably setting the interface types, the interface types are various but not complicated, and not only can unnecessary shutdown events be avoided, but also the items of operation limiting conditions in the operation technical specification can be reduced, so that the limitation on normal operation is reduced, and the operation flexibility of a power plant is improved.
In order that those skilled in the art will more clearly understand the present invention, the present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, the method for setting interfaces of digitized normal operation procedures and accident operation procedures provided by the present invention includes the following steps:
and S100, defining the range of the operation technical specification.
The OTS is a technical specification that must be complied with during the normal operation of the unit, in order to avoid that excessive OTS bring restrictions to the normal operation of the power plant, the OTS is limited to only cover the safety function on the safety path, and the operation experience or the probability safety evaluation indicates important items to public health and safety, specifically as shown in fig. 2, including the initial state of the unit before occurrence of a specified accident in the accident analysis; structures, systems or components that are safe paths in accident analysis; structures, systems or components that ensure the rows after shielding and the habitability of the master control room; operational experience or probabilistic safety assessments indicate structures, systems or components that are important to public health and safety. Therefore, the requirements of laws and regulations can be met, and the flexibility of daily operation of the nuclear power plant can be reduced by avoiding setting excessive management terms.
In an embodiment of the present invention, determining and analyzing the basic security function range covered by the interface specifically includes the following processing steps:
and S200, analyzing and determining the basic security function range covered by the interface.
The purpose of determining the functional range is to screen out functions that have a significant impact on normal operation, the loss of which may cause unacceptable transients on the unit or result in the unit not being able to maintain its current state, and the determination of the functional range is also the basis for the development of interface analysis. Step S200 further comprises the following substeps:
s210, determining the basic safety function type of the nuclear power plant.
And decomposing and combing out the functions contributing to the basic safety function in various operation modes of the nuclear power plant from the basic safety function of the nuclear power plant. The three basic safety function types of a nuclear power plant are: reactivity control, reactor core waste heat derivation and radioactivity containment. Taking the derivation of the residual heat of the reactor core as an example, the basic safety function type can be further decomposed and determined as follows: the control of the degree of supercooling of the reactor coolant, the control of the charge of primary water and the coolant circulation capacity.
And S220, dividing the operation mode of the nuclear power plant.
The normal operation of a typical nuclear power plant can be broken down into 6 operating modes, respectively: reactor power run mode (RP), steam generator cool down normal shutdown mode (NS/SG), RIS/RHR cool down normal shutdown mode (NS/RIS-RHR), maintenance shutdown Mode (MCS), refueling shutdown mode (RCS), and reactor full dump mode (RCD).
And S230, determining each corresponding basic safety function under each operation mode of the nuclear power plant according to the basic safety function type to form the basic safety function range.
Because the states of the units in the respective operation modes are different, and the systems and functions to be operated are also different, the corresponding basic safety functions in the respective basic safety function modes can be found out according to the system design and function distribution of the nuclear power plant in the format of the following table, the following table analysis is performed by taking RP as an example, and the basic safety functions in the other operation modes can be analyzed by referring to the following table 1, which is not described herein again.
TABLE 1
The functions listed in the above table are exemplary only and not for every nuclear power solution. In addition, these functions need to contain an analysis of their support functions, i.e. the unavailability of a support function may also be one of the important factors that lead to the unavailability of the function, where no separate analysis of the support function is performed.
And S300, determining the type of the interface after each basic safety function is lost in the basic safety function range according to a judgment criterion by combining the range of the operating technical specification.
The judgment criterion includes: the first judgment criterion is used for judging whether a system action needs to be triggered immediately or not according to the introduced basic safety function losing signal, and if so, the interface type of the basic safety function is judged to be a first interface type; and a second judgment criterion, when the judgment result in S310 is negative, distinguishing whether the interface type of the basic security function is a second interface type or a third interface type by judging whether the basic security function is managed by operating a technical specification.
As shown in fig. 4, each function in the table above is analyzed at this step for its consequences following loss of function, and then the interface type is determined. Specifically, S300 includes the following substeps:
and S310, judging whether the basic safety function is lost or not and immediately starting to protect the system to act. The immediate triggering protection system action means that the shutdown is automatically triggered or the special protection equipment is automatically started.
If the determination in step S310 is yes, step S320 is executed to determine that the interface type of the basic security function is the first interface type.
If the determination in step S310 is no, step S330 is executed to determine whether the unit can be stabilized in the current state. If the determination in step S330 is yes, the accident operation procedure is not required to be entered, and the normal operation procedure is used for processing.
If the judgment in the step S330 is no, the unit needs to be backed up to an operating state lower than the current state, and meanwhile, the step S340 is executed to further judge whether the basic security function is managed in the OTS;
on one hand, if the function is managed in the OTS, it indicates that a countermeasure for the function loss has been specified in the OTS, so the method further includes the following steps: if the judgment in the step S340 is yes, executing a step S350, and judging whether the pile is required to be manually stopped or the special protection equipment is required to be manually started; if the judgment in the step S350 is yes, S360 is executed to determine that the interface type of the basic security function is the second interface type. If the determination in step S350 is no, step S370 is executed, and it is determined whether the OTS can be complied with, if the OTS can be complied with, the function can be repaired according to the requirement of the OTS, or the operation state that the function does not need to be used can be backed up, and then the accident operation procedure does not need to be entered. If the measure in the OTS fails to repair the function or cannot be backed up to the operating state in which the function is not needed to be used, it indicates that the OTS cannot be followed, and the function is required to be lost as an interface between the normal operating procedure and the accident operating procedure. Therefore, the method further comprises the following steps: if the judgment in the step S370 is no, step S360 is executed to determine that the interface type of the basic security function is the second interface type.
On the other hand, if the judgment in the step S340 is no, the step S380 is executed to judge whether the pile is required to be manually stopped or the special protection equipment is required to be manually started; if the judgment in the step S380 is yes, S390 is executed to determine that the interface type of the basic security function is the third interface type.
Obtaining three interface types through the analysis, wherein the first interface type is suitable for the condition that the protection system is triggered to act immediately after the function is lost; the second interface type is suitable for the condition that after the managed function in the OTS is lost, the processing process of the second interface type needs to be manually shutdown or started special protection equipment, or the second interface type does not need to be manually shutdown and started protection equipment but cannot comply with the OTS condition; the third interface type is suitable for the situation that after the unmanaged function of the OTS is lost, the processing process needs to be manually shut down or a special protection device needs to be started.
Likewise, through the above analysis, it can also be obtained that the normal operation procedure processing steps are entered in the following three cases: when the basic function is lost, the protection system does not need to be started immediately to act, and the unit can be stabilized in the current state; or the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, the unit needs to be withdrawn to the running state lower than the current state, the lost basic safety function is managed by running the technical specification, manual shutdown and starting of special protection equipment are not needed, and the running of the technical specification can be followed; or the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, the unit needs to be withdrawn to the running state lower than the current state, the lost basic safety function is not managed by running a technical specification, and manual shutdown or starting of special protection equipment is not needed.
S400, setting an interface unit according to the interface type.
According to the method shown in fig. 4, three interface types can be screened out, and in this step, three interface units are respectively arranged corresponding to the three interface types.
For the first interface type, after the function is lost, step S400 further comprises the following sub-steps:
s410, setting the automatic pile skipping or starting of the special protection device as an interface condition of the first interface type, and triggering first type alarm information in the interface unit.
As shown in fig. 5, in a preferred embodiment of the present invention, the first type of alarm information includes: the alarm system comprises an alarm number, an alarm name, a reason, an operation, a logic diagram, an effect and the like, and indicates 'execute an accident operation procedure immediately' in the operation, but the alarm system is not limited to the above alarm mode, and the alarm system can be set to other structures, text contents, sound contents, image contents, even virtual display contents as long as the alarm function is played, and the alarm system is not limited herein.
For the second interface type, S400 further comprises the sub-steps of:
s420, after the interface type is determined to be the second interface type, S400 comprises the following substeps: and S420, in the OTS, defining the basic security function under the management entry corresponding to the basic security function as NNOF, and triggering second-type alarm information in the interface unit by using that the NNOF is not available as an interface condition of the second interface type.
And triggering a basic security function of the second type of alarm information, namely the basic security function is managed in the OTS, defining the function as NNOF when the situation that the OTS cannot be observed but the basic security function is lost due to the fact that manual shutdown or special protection equipment is required or manual shutdown and protection equipment starting are not required, setting an interface unit in the OTS, and prompting the second type of alarm information. As shown in fig. 6, in a preferred embodiment of the present invention, in the measure of the management entry corresponding to the basic security function of the OTS, the indication "consider NNOF to be unavailable and execute the accident operation procedure" may also be set to other structures, text contents, audio contents, image contents, or even virtual display contents, as long as the alarm function is performed, which is not limited herein.
For the third interface type, the function is not managed in the OTS, and the loss of the function requires manual shutdown or startup of the dedicated protection device, the step S400 further includes the following sub-steps:
and S430, defining the basic safety function as NNOF, setting the unavailability of NNOF as an interface condition of the third interface type, triggering a third type of alarm in the interface unit, and defining the third type of alarm as an alarm entering an accident operation rule. As shown in fig. 7, in a preferred embodiment of the present invention, in operation, the indication "consider NNOF to be unavailable and execute the accident operation procedure" indicates that the third type of alarm information is not limited to the above alarm manner, as long as it can play a role of alarm.
S500, storing the basic safety functions and the interface units in a one-to-one correspondence mode.
The basic security functions and the corresponding interface units are stored one by one, which may be stored as paper records, or may be stored in a hardware or software manner, without limitation, as long as a worker can call the interface units to operate when losing the basic security functions. Further, the validation process for each interface type is as follows.
Example one
This section demonstrates the application of the method of the patent, using the boost function of RCV (chemical and volume control system) as an example.
The charging function of the RCV system is matched with the discharging function of the RCV system in RP, NS/SG and NS/RIS-RHR (primary loop biphase) modes and is used for controlling the liquid level of the voltage stabilizer; and in the NS/RIS-RHR (primary circuit single-phase) mode, the system is matched with the letdown function of the RCV system and is used for controlling the pressure of the primary circuit.
Under RP, NS/SG and NS/RIS-RHR (return circuit diphase) mode, it can not trigger the guard action immediately to fill the loss on the RCV, but will lead to the stabiliser liquid level to descend, stabiliser liquid level control passageway lets off the RCV isolation down, stabiliser liquid level control function will lose, REA also can not pour into boric acid solution into the return circuit through RCV simultaneously, return circuit boron concentration will lose regulatory function, the unit can not stabilize at current state, need to withdraw the unit after, start RBS (emergent boronizing system, it establishes protection system specially to belong to) to return circuit injection boric acid solution, and the coolant shrink that the cooling of compensation return circuit arouses.
Under NS/RIS-RHR (single-phase primary circuit) mode, RCV fills on and loses, can not trigger the protection action immediately, but will lead to the primary circuit pressure to descend rapidly, keeps apart RCV and lets down, and primary circuit pressure loses control, REA also can not pour into boric acid solution into the primary circuit through RCV simultaneously, and primary circuit boron concentration will lose regulatory function, and the unit can not be stabilized at current state, need the set of withdrawing after, starts RBS and pours into boric acid solution into the primary circuit.
The RCV charging function is in the management range of the OTS, so that the RCV charging function in RP, NS/SG and NS/RIS-RHR modes is required to be used as an interface for importing the accident operation rule and belongs to a second interface type. An interface for importing the accident operation rule is required to be set in the entry of the OTS, that is, a description of "consider NNOF unavailable and execute the accident operation rule" is added in the entry of the OTS.
The invention provides a more optimized normal operation regulation and accident operation regulation interface setting method, which optimizes an operation file system, can optimize and process part of unnecessary pile-skipping accidents, and avoids unnecessary unexpected pile-stopping; and entries of the OTS can be reduced, so that the limitation condition of normal operation is reduced, and the flexibility of the operation of the power plant is improved.
The invention further provides an interface setting system for the digital normal and accident operation regulations of the nuclear power station, as shown in fig. 8. The method comprises the following steps: a management module 100 for defining a range of operational specifications; an analysis module 200 for analyzing and determining the interface function range; a dividing module 300, connected to the management module 100 and the analysis module 200, for determining an interface type of each function in the interface function range according to a judgment criterion in combination with an operating specification range; a setting module 400, connected to the dividing module 300, for setting an interface according to the interface type; and a storage module 500 connected to the setting module 400, for storing the basic security function and the interface type in a one-to-one correspondence. Wherein the analysis module 200 further comprises: a first analysis module 201 for determining the basic safety function type of the nuclear power plant; a second analysis module 202 for dividing the operation mode of the nuclear power plant; and the third analysis module 203 is connected with the first analysis module 201 and the second analysis module 203 and is used for determining corresponding basic safety functions of the nuclear power plant under each operation mode according to the basic safety function types. The decision flow to determine the interface is implemented in the partitioning module 300. The operating specification ranges include: the initial state of the unit before the accident is supposed to occur in the accident analysis; structures, systems or components that are safe paths in accident analysis; structures, systems or components that ensure shielding integrity and master control room habitability; operational experience or probabilistic safety assessments indicate structures, systems or components that are important to public health and safety.
The partitioning module 300 further includes: a judging module 310, which stores a judging criterion for successively judging the interface type according to the basic security function loss signal; an interface type module 320, configured to determine the interface type according to the determination result of the determining module. The judgment criterion comprises the following steps: the first judgment criterion is to introduce a basic safety function losing signal and judge whether a system action needs to be triggered immediately, if so, the interface type of the basic safety function is judged to be a first interface type; and if not, distinguishing the interface type of the basic safety function as a second interface type or a third interface type by judging whether the basic safety function is managed by operating the technical specification.
The interface type module 320 includes a first interface type module 321, and the interface type module includes a first interface type module, and is connected to the determining module, and is configured to determine, when the determining module determines that the basic security function is lost and needs to trigger the protection system to act immediately, that the interface type that loses the basic security function is the first interface type. And the second interface type module 322 is connected with the judging module, and is used for judging that the protection system does not need to be triggered immediately when the judging module judges that the unit cannot be stabilized in the current state and needs to be withdrawn to the running state lower than the current state, wherein the basic safety function is managed through the running technical specification, and when manual shutdown or starting of special protection equipment is needed, or manual shutdown and starting of special protection equipment are not needed, but the running technical specification cannot be followed, the interface type of the basic safety function is determined to be the second interface type. And the third interface type module 323 is connected with the judging module and is used for determining that the interface type of the basic safety function is the third interface type when the judging module judges that the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, and the unit needs to be withdrawn to the running state lower than the current state, the basic safety function is not managed by the running technical specification, and manual shutdown or starting of specially-arranged protection equipment is required.
The partitioning module 300 further includes a normal operation procedure processing module 330, configured to, after the basic security function is lost, perform processing by using a normal operation procedure when the following determination conditions are satisfied: the protection system does not need to be started immediately to act, and the unit can be stabilized in the current state; or the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, the unit needs to be withdrawn to the running state lower than the current state, the lost basic safety function is managed by running the technical specification, manual shutdown and starting of special protection equipment are not needed, and the running technical specification can be followed; or the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, the unit needs to be withdrawn to the running state lower than the current state, the lost basic safety function is not managed by running a technical specification, and manual shutdown or starting of special protection equipment is not needed.
A setting module 400, connected to the interface type module, specifically, respectively connected to the first interface type module, the second interface type module and the third interface type module, for setting an automatic stack jump or starting a special protection device as an interface condition of the first interface type and triggering a first type of alarm information in the interface unit when it is determined that the interface type after the loss of the basic security function is the first interface type; or the basic security function module is connected to the second interface type module, and is configured to define, in the OTS, the basic security function under the management entry corresponding to the basic security function as an NNOF after determining that the interface type after the basic security function is lost is the second interface type, and trigger second-type alarm information in the interface unit with the NNOF being unavailable as an interface condition of the second interface type; or the basic security function module is connected with the third interface type module and used for defining the basic security function as NNOF after the interface type after the basic security function is lost is determined to be the third interface type, setting the unavailability of NNOF as an interface condition of the third interface type, and triggering a third type alarm in the interface unit.
The first type of alarm information, the second type of alarm information and the third type of alarm information comprise: alarm number, alarm name, reason, operation, logic diagram, consequence, etc.
In conclusion, by applying the method and the device, unnecessary shutdown events can be avoided, and the items of the operation limiting conditions in the Operation Technical Specification (OTS) can be reduced, so that the limitation on normal operation is reduced, and the flexibility of the operation of the power plant is improved.
It will be understood that modifications and variations can be made by persons skilled in the art in light of the above teachings and all such modifications and variations are intended to be included within the scope of the invention as defined in the appended claims.
Claims (3)
1. A nuclear power station digital normal and accident operation regulation interface setting method is characterized by comprising the following steps:
s100, defining the range of the operation technical specification;
s200, analyzing and determining the range of basic safety functions covered by the interface; the method specifically comprises the following steps: determining basic safety function types of a nuclear power plant, dividing operation modes of the nuclear power plant, and determining each corresponding basic safety function of the nuclear power plant under each operation mode according to the basic safety function types to form a basic safety function range;
s300, determining the type of the interface after each basic safety function in the basic safety function range is lost according to a judgment criterion by combining with the operation technical specification range; the interface types include: the first interface type is the interface type which needs to trigger the action of the protection system immediately; the basic safety function is managed by operating a technical specification, and the basic safety function can not comply with the interface type when the special protection equipment is required to be manually stopped or started or the special protection equipment is not required to be manually stopped and started; a third interface type, wherein the basic safety function is not managed by an operation technical specification and is the interface type when a special protection device needs to be manually stopped or started; the judgment criterion comprises the following steps: the first judgment criterion is used for judging whether a system action needs to be triggered immediately or not according to the introduced basic safety function losing signal, and if so, the interface type of the basic safety function is judged to be a first interface type; a second judgment criterion, when the first judgment criterion is not satisfied, distinguishing whether the interface type of the basic safety function is a second interface type or a third interface type by judging whether the basic safety function is managed by operating a technical specification;
s400, setting an interface unit according to the interface type;
when the interface type is determined to be the first interface type, the method comprises the following substeps: setting automatic pile skipping or starting of a special protection device as an interface condition of the first interface type, and triggering first type alarm information in the interface unit;
when the interface type is determined to be the second interface type, the method comprises the following substeps: in an operation technical specification, defining the basic security function under the management entry corresponding to the basic security function as NNOF, and triggering second-type alarm information in the interface unit by using that NNOF cannot be used as an interface condition of the second interface type;
when the interface type is determined to be the third interface type, the method comprises the following substeps: and defining the basic security function as NNOF, setting the unavailability of NNOF as an interface condition of the third interface type, and triggering third-type alarm information in the interface unit.
2. The setup method of claim 1, wherein the operating specification range comprises: the initial state of the unit before the accident is supposed to occur in the accident analysis; structures, systems or components that are safe paths in accident analysis; structures, systems or components that ensure shielding integrity and master control room habitability; operational experience or probabilistic safety assessments indicate structures, systems or components that are important to public health and safety.
3. A digital normal and accident operation procedure interface setting system for a nuclear power station is characterized by comprising:
the management module is used for defining the range of the operation technical specification;
the analysis module is used for analyzing and determining the interface function range;
the dividing module is connected with the management module and the analysis module and is used for determining the type of each interface with lost function in the interface function range according to a judgment criterion by combining an operation technical specification range;
the setting module is connected with the dividing module and used for setting an interface unit according to the interface type;
the analysis module includes:
the first analysis module is used for determining the basic safety function type of the nuclear power plant;
the second analysis module is used for dividing the operation mode of the nuclear power plant;
the third analysis module is connected with the first analysis module and the second analysis module and used for determining corresponding basic safety functions of the nuclear power plant under each operation mode according to the basic safety function types, and the division module comprises a judgment module which stores judgment criteria and is used for gradually judging the interface types according to basic safety function loss signals; the interface type module is connected with the judging module and used for determining the interface type according to the judging result of the judging module;
the judgment criterion comprises the following steps: the first judgment criterion is to introduce a basic safety function losing signal and judge whether a system action needs to be triggered immediately, if so, the interface type of the basic safety function is judged to be a first interface type; if not, distinguishing whether the interface type of the basic safety function is a second interface type or a third interface type by judging whether the basic safety function is managed by operating a technical specification or not; the interface type module comprises a first interface type module and is used for determining the interface type losing the basic safety function as a first interface type when the judging module judges that the basic safety function is lost and needs to trigger the protection system to act immediately;
the second interface type module is used for determining that the interface type of the basic safety function is the second interface type when the judging module judges that the action of the protection system is not required to be triggered immediately, but the unit cannot be stabilized in the current state, and the unit needs to be withdrawn to the running state lower than the current state, the basic safety function is managed through a running technical specification, and when manual shutdown or starting of special protection equipment is required, or manual shutdown and starting of the special protection equipment are not required, but the running technical specification cannot be complied with;
the third interface type module is used for determining that the interface type of the basic safety function is the third interface type when the judging module judges that the action of the protection system does not need to be triggered immediately, but the unit cannot be stabilized in the current state, and the unit needs to be withdrawn to the running state lower than the current state, the basic safety function is not managed by running a technical specification, and manual shutdown or starting of special protection equipment is needed; the setting module is respectively connected with the first interface type module, the second interface type module and the third interface type module, and is used for setting automatic stack skipping or starting of a special protection device as an interface condition of the first interface type after the interface type is determined to be the first interface type, and triggering first-type alarm information in the interface unit; or
After the interface type is determined to be the second interface type, defining the basic security function under the management entry corresponding to the basic security function as NNOF in the operation technical specification, and triggering second-type alarm information in the interface unit by using that NNOF cannot be used as an interface condition of the second interface type; or
And the interface unit is used for defining the basic security function as NNOF after the interface type is determined to be a third interface type, setting the unavailability of NNOF as an interface condition of the third interface type, and triggering a third type alarm in the interface unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710919571.9A CN108389639B (en) | 2017-09-30 | 2017-09-30 | Digital normal and accident operation regulation interface setting system and method for nuclear power station |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710919571.9A CN108389639B (en) | 2017-09-30 | 2017-09-30 | Digital normal and accident operation regulation interface setting system and method for nuclear power station |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108389639A CN108389639A (en) | 2018-08-10 |
| CN108389639B true CN108389639B (en) | 2020-04-14 |
Family
ID=63075868
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710919571.9A Active CN108389639B (en) | 2017-09-30 | 2017-09-30 | Digital normal and accident operation regulation interface setting system and method for nuclear power station |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108389639B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109524140B (en) * | 2018-11-08 | 2020-04-17 | 深圳中广核工程设计有限公司 | Nuclear power station primary loop abnormal state tracking and monitoring method and system |
| CN110085340B (en) * | 2019-04-22 | 2020-11-06 | 中国核电工程有限公司 | Execution method for nuclear power plant when support system is unavailable |
| CN113707348B (en) * | 2020-05-22 | 2024-02-27 | 华龙国际核电技术有限公司 | Nuclear power plant safety factor determination method and device |
| CN114418521B (en) * | 2021-12-13 | 2023-06-30 | 华能核能技术研究院有限公司 | Data processing method and device for nuclear power plant operation technical specification |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101188148A (en) * | 2007-04-28 | 2008-05-28 | 广东省电力设计研究院 | Special logic control device for nucleus electromotor unit drive |
| CN101217064A (en) * | 2007-12-27 | 2008-07-09 | 大亚湾核电运营管理有限责任公司 | A fatal accident disposal for improved type gigawatt-level PWR nuclear power plant |
| KR20080074347A (en) * | 2007-02-08 | 2008-08-13 | 한국원자력연구원 | Digital engineered safety feature - component control system and method for testing the system |
| CN103325428A (en) * | 2013-05-27 | 2013-09-25 | 中国核电工程有限公司 | Function analysis method for total operation state display of nuclear power plant using digitized man-machine interface |
| CN104538072A (en) * | 2014-12-08 | 2015-04-22 | 中广核工程有限公司 | Multifunctional interface and control method of nuclear power station safety level DCS |
| CN104898633A (en) * | 2015-06-16 | 2015-09-09 | 中广核工程有限公司 | Nuclear power plant non-security-level DCS configuration testing method and system |
| CN106547236A (en) * | 2016-10-19 | 2017-03-29 | 中国核电工程有限公司 | A kind of nuclear power plant digitizes the method for designing of accident program elements |
-
2017
- 2017-09-30 CN CN201710919571.9A patent/CN108389639B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20080074347A (en) * | 2007-02-08 | 2008-08-13 | 한국원자력연구원 | Digital engineered safety feature - component control system and method for testing the system |
| CN101188148A (en) * | 2007-04-28 | 2008-05-28 | 广东省电力设计研究院 | Special logic control device for nucleus electromotor unit drive |
| CN101217064A (en) * | 2007-12-27 | 2008-07-09 | 大亚湾核电运营管理有限责任公司 | A fatal accident disposal for improved type gigawatt-level PWR nuclear power plant |
| CN103325428A (en) * | 2013-05-27 | 2013-09-25 | 中国核电工程有限公司 | Function analysis method for total operation state display of nuclear power plant using digitized man-machine interface |
| CN104538072A (en) * | 2014-12-08 | 2015-04-22 | 中广核工程有限公司 | Multifunctional interface and control method of nuclear power station safety level DCS |
| CN104898633A (en) * | 2015-06-16 | 2015-09-09 | 中广核工程有限公司 | Nuclear power plant non-security-level DCS configuration testing method and system |
| CN106547236A (en) * | 2016-10-19 | 2017-03-29 | 中国核电工程有限公司 | A kind of nuclear power plant digitizes the method for designing of accident program elements |
Non-Patent Citations (3)
| Title |
|---|
| AP1000应急运行规程接口分析;叶成;《核动力工程》;20130630;164-167 * |
| 核电厂应急运行规程与严重事故管理指南接口分析;种毅敏;《核安全》;20131231;14-18 * |
| 核电厂运行规程标准化开发的研究;施锦;《核安全》;20160930;89-93 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108389639A (en) | 2018-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108389639B (en) | Digital normal and accident operation regulation interface setting system and method for nuclear power station | |
| CN102110485B (en) | Automated periodic surveillance testing method and apparatus in digital reactor protection system | |
| CN109597393B (en) | Design implementation method for key safety function in accident handling strategy of nuclear power plant | |
| CN108470592B (en) | Post-accident expansion application method for nuclear power plant system | |
| CN107884672A (en) | A kind of routine test method of nuclear power plant's reactor protection system link circuit | |
| EP4258289A1 (en) | Nuclear power plant intelligent technical specification method and system | |
| CN113972019B (en) | Nuclear power plant accident handling strategy generation method and device and electronic equipment | |
| CN106683727B (en) | Fault monitoring method in accident processing | |
| CN111681794A (en) | Full-range SGTR accident handling method and system for pressurized water reactor nuclear power plant | |
| CN110570960A (en) | Fault degradation operation method and system for nuclear power station control room | |
| CN109087721A (en) | A kind of PWR nuclear power plant method for diagnosing faults | |
| CN104966158B (en) | Screening method for influencing time-sensitive accidents without intervention of operators | |
| Kral | Analysis and Implementation of Design Extension Conditions (DEC) at Czech NPPS and Contribution of DEC to Enhancement of Defense-In-Depth | |
| CN113299419B (en) | Switching method, device, equipment and medium of nuclear power plant operator console | |
| JP2012073874A (en) | Alarm processing system | |
| JP2022072554A (en) | Emergency action level establishment timing evaluation device, method, and program | |
| JPH06194493A (en) | Failure support system for nuclear power plant | |
| Wei et al. | Study and Application of Classification Method in SSG-30 | |
| Solovjanov et al. | Implementation of Severe Accident Management Guidelines to Shutdown and Low-Power Modes for VVER and PWR Plants | |
| Liu et al. | Application of Risk-Informed Technology in Emergency Operating Procedure Development | |
| CN108492900A (en) | The interface method and system of PWR nuclear power plant failure regulation and accident treatment code | |
| Živko et al. | Regulatory view of hydrogen management at the Krško NPP | |
| JPH06201892A (en) | Nuclear power plant accident management support system | |
| Bukrinsky et al. | Development of deterministic approach to the Beyond design basis accident management in application to NPP units with WWER-1000 | |
| JPH01166199A (en) | Alarm device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |