CN110673565A - Output lockout test device and test method suitable for safety-level DCS (distributed control System) - Google Patents

Output lockout test device and test method suitable for safety-level DCS (distributed control System) Download PDF

Info

Publication number
CN110673565A
CN110673565A CN201911012106.2A CN201911012106A CN110673565A CN 110673565 A CN110673565 A CN 110673565A CN 201911012106 A CN201911012106 A CN 201911012106A CN 110673565 A CN110673565 A CN 110673565A
Authority
CN
China
Prior art keywords
test
selection module
logic selection
permission signal
output
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911012106.2A
Other languages
Chinese (zh)
Inventor
唐涛
肖鹏
赵阳
何正熙
李伟
周玲
熊彦
陈杰
简一帆
陈明虎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nuclear Power Institute of China
Original Assignee
Nuclear Power Institute of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nuclear Power Institute of China filed Critical Nuclear Power Institute of China
Priority to CN201911012106.2A priority Critical patent/CN110673565A/en
Publication of CN110673565A publication Critical patent/CN110673565A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM]
    • G05B19/41865Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM] characterised by job scheduling, process planning, material flow
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/30Nc systems
    • G05B2219/33Director till display
    • G05B2219/33273DCS distributed, decentralised controlsystem, multiprocessor
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention discloses an output lockout test device and method suitable for a safety-level DCS system, wherein the device comprises the following components: the system comprises a control panel, a relay group, a priority logic selection module, a safety display station, a communication module and a processing cabinet; the control panel is used for generating a first test permission signal and transmitting the first test permission signal to the priority logic selection module through the relay group; the safety display station is used for generating a second test permission signal, transmitting the generated second test permission signal to the processing cabinet through the communication module, and transmitting the second test permission signal to the priority logic selection module after being processed by the processing cabinet; the priority logic selection module is used for generating a locking signal output by the priority logic selection module based on the received first test permission signal and the second test permission signal; the device and the method improve the reliability of the system, reduce the risk caused by software common cause faults and improve the economy of the nuclear power plant.

Description

Output lockout test device and test method suitable for safety-level DCS (distributed control System)
Technical Field
The invention relates to the technical field of nuclear power plant instruments and control, in particular to an output lockout test device and an output lockout test method suitable for a safety-level DCS (distributed control system).
Background
The priority logic selection module (PLM) outputs a locking test to operate on a safety display Station (SVDU), test signal injection and test result feedback are completed by the SVDU, and an operator needs to confirm that a special serial processing cabinet (ESFAC) has no real special drive command and the PLM module has no fault before the test. A soft trial enable switch is provided on the SVDU and is operable to generate a soft trial enable signal. After being processed by an ESFAC unit, the PLM output soft latching signal is generated. The PLM output blocking test directly uses the soft blocking signal output by the PLM as the output blocking signal of the PLM module.
During the period of not performing the test, if the digital reactor protection system has a software common cause fault, the PLM module in the normal working state may be in the output locking state, so that the real special driving command sent by the diversified protection system or sent by the manual protection hard logic cannot be executed, thereby affecting the execution of the safety command and having potential safety hazard.
Disclosure of Invention
The invention aims to provide an output lockout test device and a test method suitable for a safety-level DCS (distributed control system), which are used for preventing a PLM (programmable logic controller) from being in a lockout state due to common cause fault of software of a digital reactor protection system during the period of not carrying out a test.
In order to achieve the above object, one aspect of the present invention provides an output lockout test device suitable for a safety level DCS system, the device including:
the system comprises a control panel, a relay group, a priority logic selection module, a safety display station, a communication module and a processing cabinet;
the control panel is used for generating a first test permission signal and transmitting the first test permission signal to the priority logic selection module through the relay group; the safety display station is used for generating a second test permission signal, transmitting the generated second test permission signal to the processing cabinet through the communication module, and transmitting the second test permission signal to the priority logic selection module after being processed by the processing cabinet; the priority logic selection module is used for generating a locking signal output by the priority logic selection module based on the received first test permission signal and the second test permission signal.
In order to avoid the PLM from being in a locked state due to the software common cause failure of the digital reactor protection system during the period of non-testing, the invention improves the traditional PLM output locking test, namely, the system reliability is improved by introducing diversified means. The specific method comprises the following steps: and introducing a hard test permission switch into the conventional control panel, performing logic AND operation on the hard test permission signal and the PLM output soft latching signal (the signal is the SVDU soft test permission signal after being processed by the ESFAC unit), and taking the obtained signal as the PLM output latching signal.
The connection between the control panel and the relay group and the connection between the relay group and the priority logic selection module are all in hard-wired connection.
The point-to-point optical fiber communication link connection mode is adopted between the safety display station and the communication module, between the communication module and the processing cabinet and between the processing cabinet and the priority logic selection module.
In another aspect, the present invention further provides a testing method of an output lockout testing apparatus suitable for a safety level DCS system, the method including:
1) detecting the device before testing;
2) after the device detects normally, pressing a test permission switch on the control panel, and setting a first test permission signal to be 1;
3) clicking a test permission switch on the safety display station to generate a priority logic selection module to output a soft latching signal;
4) performing a locking test of the output of the priority logic selection module through the safety display station;
5) after the test is finished, resetting a test permission switch on the safety display station;
6) the test enable switch on the control panel is reset to set the first test enable signal to 0.
Further, before the test, it is confirmed that the processing cabinet has no real special drive command and the priority logic selection module has no fault.
One or more technical solutions provided by the present application have at least the following technical effects or advantages:
by adopting the output lockout test method provided by the invention, the PLM can be effectively prevented from falling into a lockout state due to the software common cause fault of the digital reactor protection system during the period of no test, so that the real special drive command sent by a diversified protection system or sent by a manual protection hard logic can not be executed, the reliability of the system is improved, the risk brought by the software common cause fault is reduced, and the economy of a nuclear power plant is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention;
fig. 1 is a schematic diagram of the composition of an output lockout test device suitable for use in a safety-class DCS system of the present application.
Detailed Description
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflicting with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described and thus the scope of the present invention is not limited by the specific embodiments disclosed below.
Referring to fig. 1, the basic principle of the output lockout test device suitable for the safety level DCS system is as follows: in order to avoid the PLM from being in a locked state due to the software common cause failure of the digital reactor protection system during the period of non-testing, the invention improves the traditional PLM output locking test, namely, the system reliability is improved by introducing diversified means. The specific method comprises the following steps: and introducing a hard test permission switch into the conventional control panel, performing logic AND operation on the hard test permission signal and the PLM output soft latching signal (the signal is the SVDU soft test permission signal after being processed by the ESFAC unit), and taking the obtained signal as the PLM output latching signal. The PLM output latch signal generation logic is shown in fig. 1.
In the stage of not performing the test, the logic value of a hard test allowable signal generated by the conventional control panel is 0, under the normal condition, the logic value of a PLM output soft latching signal is 0, the logic value of the PLM output latching signal is 0, and the PLM module is in a non-latching state; under the condition of common cause fault of software, the logic value of the PLM output soft blocking signal can be 1, but at the moment, the logic value of the PLM output blocking signal is still 0, and the PLM module is still in an unblocking state.
The basic process of the output lockout test method applicable to the safety level DCS system is as follows:
1) before the test, an operator confirms that the ESFAC unit has no real special drive command and the PLM module has no fault;
2) pressing a hard test permission switch on a conventional control panel, and setting a hard test permission signal to be 1;
3) clicking a soft test permission switch on the SVDU to generate a PLM output soft latching signal;
4) performing PLM output locking test through the SVDU;
5) after the test is finished, resetting a soft test permission switch on the SVDU;
6) the hard test enable switch on the regular control panel is reset and the hard test enable signal is set to 0.
The realization condition is as follows:
the invention is implemented by digital logic circuits.
The invention is now used in the nephelin safety-level DCS project and can be popularized to the safety-level DCS systems of other nuclear power plants.
The invention relates to an output lockout test method suitable for a safety-level DCS (distributed control system). Aiming at the problem that a PLM is possibly in an output lockout state due to a software common cause fault of a digital reactor protection system during a period that a safety-level DCS is not tested, a hard test permission switch is introduced on a conventional control panel by introducing a diversified means, and a hard test permission signal and a PLM output soft lockout signal are subjected to logic AND operation, so that the influence of the software common cause fault is effectively inhibited, and the reliability of the system is improved.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (5)

1. An output lockout test device suitable for use in a safety level DCS system, the device comprising:
the system comprises a control panel, a relay group, a priority logic selection module, a safety display station, a communication module and a processing cabinet;
the control panel is used for generating a first test permission signal and transmitting the first test permission signal to the priority logic selection module through the relay group; the safety display station is used for generating a second test permission signal, transmitting the generated second test permission signal to the processing cabinet through the communication module, and transmitting the second test permission signal to the priority logic selection module after being processed by the processing cabinet; the priority logic selection module is used for generating a locking signal output by the priority logic selection module based on the received first test permission signal and the second test permission signal.
2. The output lockout test device of claim 1, wherein the connection between the control panel and the relay set and the connection between the relay set and the priority logic selection module are hard wired connections.
3. The output lockout test device suitable for a safety level DCS system of claim 1, wherein point-to-point optical fiber communication link connection is adopted between the safety display station and the communication module, between the communication module and the processing cabinet, and between the processing cabinet and the priority level logic selection module.
4. A method of testing an output lockout test device suitable for use in a safety level DCS system as claimed in any one of claims 1 to 3, the method comprising:
1) detecting the device before testing;
2) after the device detects normally, pressing a test permission switch on the control panel, and setting a first test permission signal to be 1;
3) clicking a test permission switch on the safety display station to generate a priority logic selection module to output a soft latching signal;
4) performing a locking test of the output of the priority logic selection module through the safety display station;
5) after the test is finished, resetting a test permission switch on the safety display station;
6) the test enable switch on the control panel is reset to set the first test enable signal to 0.
5. The output lockout test method for a safety level DCS system of claim 4, wherein before testing it is confirmed that the processing cabinet has no real dedicated drive command and the priority logic selection module has no fault.
CN201911012106.2A 2019-10-23 2019-10-23 Output lockout test device and test method suitable for safety-level DCS (distributed control System) Pending CN110673565A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911012106.2A CN110673565A (en) 2019-10-23 2019-10-23 Output lockout test device and test method suitable for safety-level DCS (distributed control System)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911012106.2A CN110673565A (en) 2019-10-23 2019-10-23 Output lockout test device and test method suitable for safety-level DCS (distributed control System)

Publications (1)

Publication Number Publication Date
CN110673565A true CN110673565A (en) 2020-01-10

Family

ID=69083808

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911012106.2A Pending CN110673565A (en) 2019-10-23 2019-10-23 Output lockout test device and test method suitable for safety-level DCS (distributed control System)

Country Status (1)

Country Link
CN (1) CN110673565A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115359932A (en) * 2022-08-19 2022-11-18 中国核动力研究设计院 P11 non-allowable signal generation device and method and related system for nuclear power plant

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080002014U (en) * 2006-12-18 2008-06-23 한전케이피에스 주식회사 A separator text device
CN103794255A (en) * 2012-10-31 2014-05-14 中国广东核电集团有限公司 T3 test loop of reactor protection system in nuclear power station and optimization method thereof
CN104409123A (en) * 2014-11-15 2015-03-11 北京广利核系统工程有限公司 Priority management system of nuclear power plant
CN109596517A (en) * 2017-11-27 2019-04-09 合肥智慧龙图腾知识产权股份有限公司 A kind of test device and its application method of viscose plate
CN109739205A (en) * 2019-03-04 2019-05-10 华能山东发电有限公司烟台发电厂 Electric Actuator intelligent locking control method based on DCS system
CN110286634A (en) * 2019-08-12 2019-09-27 中国核动力研究设计院 A kind of lock-in control preferred module for nuclear power plant's I&C system
CN110308695A (en) * 2019-08-07 2019-10-08 中国核动力研究设计院 Nuclear safe level preferred module routine test exports blocking diagnostic system and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080002014U (en) * 2006-12-18 2008-06-23 한전케이피에스 주식회사 A separator text device
CN103794255A (en) * 2012-10-31 2014-05-14 中国广东核电集团有限公司 T3 test loop of reactor protection system in nuclear power station and optimization method thereof
CN104409123A (en) * 2014-11-15 2015-03-11 北京广利核系统工程有限公司 Priority management system of nuclear power plant
CN109596517A (en) * 2017-11-27 2019-04-09 合肥智慧龙图腾知识产权股份有限公司 A kind of test device and its application method of viscose plate
CN109739205A (en) * 2019-03-04 2019-05-10 华能山东发电有限公司烟台发电厂 Electric Actuator intelligent locking control method based on DCS system
CN110308695A (en) * 2019-08-07 2019-10-08 中国核动力研究设计院 Nuclear safe level preferred module routine test exports blocking diagnostic system and method
CN110286634A (en) * 2019-08-12 2019-09-27 中国核动力研究设计院 A kind of lock-in control preferred module for nuclear power plant's I&C system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115359932A (en) * 2022-08-19 2022-11-18 中国核动力研究设计院 P11 non-allowable signal generation device and method and related system for nuclear power plant
CN115359932B (en) * 2022-08-19 2023-09-26 中国核动力研究设计院 P11 non-permission signal generation device and method and related system for nuclear power plant

Similar Documents

Publication Publication Date Title
CN107884672B (en) Periodic test method for nuclear power plant reactor protection system connection loop
CN111081401B (en) Nuclear power station reactor control debugging method
EP1573407B1 (en) Method to increase the safety integrity level of a control system
EP2343712A2 (en) Protection system and protection method of power plant using fpga
KR100848881B1 (en) Digital Security System for Nuclear Power Plant
CN110673565A (en) Output lockout test device and test method suitable for safety-level DCS (distributed control System)
KR101469175B1 (en) Simulation system for protection system of nuclear power plant
CN111665816A (en) DCS (distributed control system) engineering configuration verification method based on nuclear power simulation technology
CN110610769B (en) Safety accident protection method based on nuclear power plant protection system
CN105513659A (en) Output control method and system of nuclear power plant reactor protection system
CN113688521B (en) High-reliability reactor protection system test permission function design method and system
Park et al. Software FMEA analysis for safety-related application software
KR100875467B1 (en) Digital Reactor Protection System with Independent Redundancy Structure Redundancy
US6766210B2 (en) Process error prevention method in semiconductor fabricating equipment
CN110308695B (en) System and method for diagnosing locking state of periodic test output of nuclear safety level optimization module
KR101960020B1 (en) Plant Protection System and Reactor Trip Switchgear System
Todd et al. The architecture, design and realisation of the LHC beam interlock system
CN110767338A (en) DCS (distributed control system) architecture for nuclear power reactor
CN110444305B (en) Optimized digital reactor protection system
CN106782702B (en) A kind of reactor protection system external output signal test loop design method
Hwang et al. System and software design for the plant protection system for shin-hanul nuclear power plant units 1 and 2
Werner et al. „Development and commissioning of the Wendelstein 7-X safety control system”
CN211529626U (en) DCS (distributed control system) architecture for nuclear power reactor
CN113341891B (en) System, method and device for realizing first-out interlocking
CN110794790A (en) DCS-based signal simulation mode optimization system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200110