Environmental Engineering Reference
In-Depth Information
Figure 6. Software-hardware complex SHC E&PRP: external appearance
Operability preservation in case of failure or
removal of any sensor and any system related to
SHC E&PRP (or such system redundant channel) is
provided by application of separate independence
input signal sources for each of three redundant
channels and organization of separate indepen-
dence outputs for each protective command sent
to redundant channel of the adjacent system.
In SHC E&PRP the
diversity principle
is
provided: software and hardware diversity is
provided, which is realized due to element base
difference used in the first (primary) and second
(diverse) set, and eliminates common cause failure
caused by possible mistakes during design and /
or factory defects of purchased components (as
operating experience shows, nowadays they pose
one of the most real danger). For this purpose in
diverse set are used purchased components of other
types and / or received from other manufacturers.
The accepted diversity variant has, in comparison
with the others, the advantage that in both sets the
unity of main system, circuit, and design solutions,
external communications and connection methods
is saved, that substantially simplifies and reduces
cost of design, approbation, manufacture, testing,
NPP personnel preparation and performance of the
main and diverse sets, at the same time decreasing
risk of errors during their maintenance.
In the software development (low-level),
including electronic design of FPGA, the sub-
ject, design and program diversity is provided.
Subject diversity is attained due to that software
and electronic design of FPGA, which are used in
main and diversity set, is done by different groups
of specialists. Design diversity is provided by a
range of used instrumental software development
tools and means for FPGA logic structure design.
In SHC E&PRP development the
preventive and
protective common cause failure
means are pro-
vided, which include:
• Possible personnel mistakes during opera-
tion and maintenance;
• Inluence of abnormal natural phenomena
(earthquakes, lightning strokes);
• Operation conditions in place of autono-
mous items location;
•
Errors during software development.
In order to prevent common cause failures, the
means required to resistance of function perfor-
mance of operating stand-alone component parts
are provided: to temperature, pressure, humidity,
mechanical vibrations and shocks (including the
ones caused by earthquakes), electromagnetic
interference and other factors possible during op-
Search WWH ::
Custom Search