46
NuclearPlantJournal.com Nuclear Plant Journal, May-June 2014
Safety-grade...
the Departure from Nucleate Boiling
Ratio (DNBR) and Local Power Density
(LPD) of the plant with an improved al-
gorithm and a different system configu-
ration compared to the existing system.
The improved algorithms of RCOPS in-
clude DNBR algorithm improvement for
the core thermal margin, resolution of
the latching problem of the false Control
Element Assembly (CEA) signal, and ad-
dition of a pre-trip alarm generation. It
generates a reactor trip signal when the
condition exceeds the DNBR or LPD de-
sign limit. It consists of four independent
channels employing a two-out-of-four
trip logic.
Each channel of RCOPS consists
of a Core Protection Processor
(COPP), a Control Element Assembly
Processor (CEAP), and two Channel
Communication Processors (CCP).
COPP monitors the CEA positions of
one quadrant of the reactor core. These
CEAs are called the target CEA of that
channel. COPP generates planar radial
peaking factors that are used to calculate
DNBR and LPD. CEAP takes all CEA
positions of the reactor core through CCP
and examines the CEA deviation between
subgroup positions. If this deviation is
higher than a specified value, CEAP will
send the penalty factor to COPP.
Software Qualification
Most of the software embedded in
the PLC is classified as safety-critical
software. All the software and firmware
of the POSAFE-Q PLC were developed
and verified following the software
development life cycle Verification and
Validation (V&V) procedure. The main
activities of the V&V process are the
preparation of the software planning
documentations, verification of the
Software Requirement Specification
(SRS), Software Design Specification
(SDS) and codes, and a testing of the
software components, the integrated
software, and the integrated system. In
addition, a software safety analysis and
a software configuration management are
included in the activities.
The SRS V&V activities consist
of a technical evaluation, a licensing
suitability review, an inspection and a
traceability analysis, a formal verification,
preparation for an integrated system test
plan, a software safety analysis, and a
software configuration management.
Also, the SDS V&V activities include
a technical evaluation, a licensing
suitability review, an inspection and
traceability analysis, a formal verification,
preparation for an integrated software test
plan, a software safety analysis, and a
software configuration management. The
codeV&V activities include a traceability
analysis, a source code inspection, a
component test case, a test procedure, and
a test report generation, a software safety
analysis, and a software configuration
management. Testing is the major V&V
activity of the software integration and
system integration phase. A software
safety analysis at the SRS and SDS phases
uses the Hazard Operability (HAZOP)
method, and at the implementation phase
the source code has been evaluated
using the safety programming guide of
NUREG/CR-6463 (Review Guidelines
on Software Languages for Use in
Nuclear Power Safety Systems). Finally,
the software configuration management
was performed using the Nuclear
Software Configuration Management
(Nu-SCM) tool.
Upgraded PLC
Since the results of the R&D project
applied to the actual nuclear power
plant construction, there are lots of
additional requirements from the utility
for PLC. Some features to improve the
functionality of PLC were added. The
self-diagnostic, heartbeat, and automatic
recovery functions have added for the
HR-SDN module of the PLC. The feature
such as self-diagnostic in HR-SDN is
added for the HR-SDL, and the piggy
back in the form of a single module
has been changed. The input latch and
fail-safe features were added for some
input and output modules. The dual
processor module and a pSET-II as a new
engineering tool were developed.
Conclusions
The POSAFE-Q PLC as a safety-
grade platform in digital safety system
was developed and has obtained
the licensing approval from Korean
regulatory body via a topical report. The
safety evaluation reports were issued in
February 2009. Furthermore, a Korean
utility and vendor company determined
to apply safety-grade PLC to the Shin-
Hanul units 1&2 nuclear power plant in
March 2009.
Contact: Dong-Young Lee, Korea
Atomic Energy Research Institute,
989-111 Daedeok-daero, Yuseong-gu,
Daejeon, 305-353, Republic of Korea;
telephone: 82-42-868-2927, fax: 82-42-
868-8916, email:
One Channel Architecture of Reactor Protection System (RPS).