Nuclear Plant Journal, January-February 2016 NuclearPlantJournal.com
33
Steve Yang
Dr. Steve Yang is Sr. Vice President of
Operations of Doosan HF Controls
Corp. Steve has more than 20
years of digital
Instrumentation
& Control (I&C)
engineering
and managerial
experience in the
nuclear safety-
related and non-
safety-related
digital I&C program
planning, digital
I&C systems design,
HMI firmware
development,
computer simulation
and modeling, safety-
related software
Verification & Validation (V&V),
Commercial-Off-The-Shelf (COTS)
software dedication, digital control RPS/
ESFAS implementation, DCS factory
acceptance testing, and digital I&C
licensing.
controller) design. A new retrofit board
containing firmware and patch-panel
EPROMs removed from the existing
AFS-SBC01 board must function as a
drop-in replacement for it when inserted
into the safety sub-system (an AFS-1000
system where AFS-SBC01 is the single
board controller in a control loop).
In such upgrade case, FPGAs
emulated the process of the existing
microprocessors and interpreted the
execution of CPU processing.
The
most
common
FPGA
architecture consists of an array of logic
blocks [called Configurable Logic Block
(CLB), or Logic Array Block (LAB),
depending on the vendor], I/O pads,
and routing channels. Generally, all the
routing channels have the same width
(number of wires). Multiple I/O pads
may fit into the height of one row or the
width of one column in the array.
Fromthelifecycleprocessperspective
(e.g., IEEE Std 1074-1995, which is
endorsed by the US Regulatory Guides
1.173,
Developing Software Life Cycle
Processes for Digital Computer Software
used in Safety Systems of Nuclear Power
Plants
), FPGA, as a system element
when used in nuclear I&C applications,
design and programing is part of the
System Implementation Process in the
overall I&C system design. The purpose
of the System Implementation Process
is to produce a specified system element
implemented as a software and hardware
product or service. Within the System
Implementation Process as in the FPGA
applications, FPGAs are themselves
developed using the full lifecycle process
(requirements, architecture and design,
implementation, integration, and test).
During the System Implementation
Process, the design of FPGA products
start with System of Interest functional
and performance requirements (from the
end user aspect), which are derived from
overall safety I&C system requirements.
The System of Interest functional
and performance requirements are
then developed into the FPGA specific
requirements as FPGA Requirements
Specification.
Based on the FPGA Requirements
Specification, FPGA architecture and
detailed design are developed.
The implementation of the FPGA
design is what distinguishes FPGAs from
the microprocessors. The implementation
of the FPGA architecture and design is the
process for the FPGAprogramming, coding,
simulation and binary file generation.
Once the implementation is com-
pleted, the FPGA
product is integrated
into the system for
system
integration
test and subsequently
for qualification and
acceptance test.
During this FPGA
design and implemen-
tation process, where
FPGA being treated as
System of Interest ele-
ment, V&V has to per-
form in sync with the
development to maxi-
mize the V&V bene-
fits. The V&V process
aims at building quality
into FPGA design and ensures correctness
of the FPGA products.
The implementation of FPGA design
itself consists of the following steps:
To implement FPGA design,
designers use a hardware description
language (HDL) or a schematic
design. IEC 62566,
Nuclear Power
Plants–Instrumentation and Control
Important to Safety–Development
of HDL-Programmed Integrated
Circuits for Systems Performing
Category A Functions
, provides
guidance for programming HDL.
The HDL form is well suited to
work with large structures because
it’s possible to just specify them
numerically rather than having to
draw every piece by hand.
Then, using an electronic design
automation tool, a technology-
mapped netlist is generated. This
process is called synthesis, in which
the HDL or schematic design is
translated to logic gates, memory
units, registers and connections.
The netlist can then be implemented
by the FPGA manufacturer’s
proprietary software to fit to the actual
FPGA architecture. This includes
translation, map and place-and-route
processes. The designer will verify
the map, place-and-route results via
timing analysis, simulation, and other
verification methodologies.
Once the design and verification
process is complete, the programming
file generated (also using the FPGA
manufacturer’s proprietary software) is
employed to (re)configure the FPGA.
This file is transferred to the FPGA via a
serial interface (JTAG) or to an external
memory device like an EEPROM.
In a typical design flow, an FPGA
application developer will simulate the
design at multiple stages throughout
the design process. Initially the RTL
description in VHDL or Verilog is
simulated by creating test benches to
simulate the system and observe results.
Then, after the synthesis engine has
mapped the design to a netlist, the netlist is
translated to a gate level description where
simulation is repeated to confirm the
synthesis proceeded without errors. Finally
the design is laid out in the FPGA at which
point propagation delays can be added and
the simulation run again with these values
back-annotated onto the netlist.
More than 160 of the FPGA-based
SBC-01 controllers replacing the Intel
8085 Microprocessor-based Printed
Circuit Boards (PCBs) have been installed
efficiently and running successfully
for safety I&C applications over the
last five years. In this upgrade, the new
