• Proceedings of the KIEE Conference
• /
• 2008.07a
• /
• pp.1953-1954
• /
• 2008

The excitation system for class 1E has been developed to apply to the nuclear power plant emergency diesel generator by utilizing the existing digital excitation system. The additional mission was to evaluate the excitation system of safety. It is the safety analysis of the excitaton system, the verification test, the aging test, the safety requirement test and so on. The verification test is classified of hardware and software part for detail.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.464-466
• /
• 2019

Controllers used in nuclear power plants require high reliability. A controller including a Field Programmable Gate Array (FPGA) and a Complex Programmable Logic Device (referred to hereinafter as FPGA) has been applied to many Nuclear Power Plants (NPP) in the past, including the APR1400 (Advanced Power Reactor 1400), a Korean digital nuclear power plant. Initially, the FPGA was considered as a general IC (Integrated Circuit) and verified only by device verification and performance testing. In the 1990s, research on FPGA verification began, and until the FPGA became a chip, it was regarded as software and the software Verification and Validation (V&V) using IEEE 1012-2004 was implemented. Currently, IEC 62566, which is a European standard, has been applied for a lot of verification. This method has been evaluated as the most sensible method to date. This is because the method of verifying the characteristics of SoC (System on Chip), which has been a problem in the existing verification method, is sufficiently applied. However, IEC 62566 is a European standard that has not yet been adopted in the United States and maintains the application of IEEE 1012 for FPGA. IEEE 1012-2004 or IEC 62566 is a technical standard. In practice, various methods are applied to meet technical standards. In this paper, we describe the procedure and important points of verification method of Nuclear Safety Class FPGA applying SoC verification method.

• Journal of KIISE:Computing Practices and Letters
• /
• v.5 no.4
• /
• pp.457-466
• /
• 1999

원자력 발전소 계측 제어 시스템, 의료 관련 시스템, 항공 관련 시스템 등 실생활과 밀접한 시스템에 소프트웨어의 사용이 점차 증가하고 있다. 이러한 시스템에서 소프트웨어의 오류는 예기치 않는 사고를 유발하여 인명, 재산상의 심각한 타격을 줄 수 있다. 그러므로 고신뢰도 소프트웨어의 개발 시에는 반드시 시스템의 안전성을 보장해 주어야 한다. 역방향 안전성 분석 방법은 시스템의 안전성을 분석하는 한가지 방법으로서 시스템의 위험 상태를 정의하고 그 위험의 원인들을 추적, 분석함으로써 안전성에 대한 효율적인 분석을 수행할 수 있는 장점을 갖는다. 이 논문에서는 소프트웨어 개발 초기 단계에서 안전성을 분석할 수 있는 방법으로 Colored Petri Nets(CPN)에 기반을 둔 역방향 안전성 분석 방법을 제시한다. 또한 CPN 역방향 안전성 분석 도구인 SAC(Safety Analyzer for CPN)의 설계 및 구현에 대해 언급한다. SAC은 기존의 상용 CPN 모델링 도구인 Design/CPN과 연계하여 사용될 수 있으므로 CPN으로 모델링된 시스템의 안전성을 분석할 수 있다는 장점이 있다. 이 논문에서는 예제로 자동 교통 제어 시스템의 일부를 CPN으로 모델링하고 SAC을 이용한 분석 과정을 기술한다.Abstract In safety-critical systems such as nuclear power plants, medical machines, and avionic systems which are closely related with our livings, the usage of software in the controlling part is growing rapidly. Since software errors in safety-critical systems may cause serious accidents leading to financial or human damages, system safety should be ensured during and after development of a system. A backward safety analysis technique defines system hazards and tries to trace their causes by analyzing system states backward. In this paper, we provide a backward safety analysis technique based on Colored Petri Nets(CPN), which is applicable to the early software development phase. Also Safety Analyzer for CPN(SAC), the supporting tool, is designed and implemented. Since SAC is compatible with Design/CPN, a commercial tool for supporting CPN, it can be applicable to analyze safety in practical problems. As an example, we model a part of the traffic light control system using CPN and analyze safety properties of the model using the SAC tool.

• Journal of KIISE:Software and Applications
• /
• v.29 no.12
• /
• pp.860-872
• /
• 2002

Fault tree analysis is the most widely used saftly analysis technique in industry. However, the analysis is often applied manually, and there is no systematic and automated approach available to validate the analysis result. In this paper, we demonstrate that a real-time model checker UPPAAL is useful in formally specifying the required behavior of safety-critical software and to validate the accuracy of manually constructed fault trees. Functional requirements for emergency shutdown software for a nuclear power plant, named Wolsung SDS2, are used as an example. Fault trees were initially developed by a group of graduate students who possess detailed knowledge of Wolsung SDS2 and are familiar with safety analysis techniques including fault tree analysis. Functional requirements were manually translated in timed automata format accepted by UPPAAL, and the model checking was applied using property specifications to evaluate the correctness of the fault trees. Our application demonstrated that UPPAAL was able to detect subtle flaws or ambiguities present in fault trees. Therefore, we conclude that the proposed approach is useful in augmenting fault tree analysis.

• Journal of the Korean Society of Systems Engineering
• /
• v.12 no.2
• /
• pp.101-114
• /
• 2016

A model-based systems engineering (MBSE) approach to implementing hardware-based network cybersecurity controls for APR1400 non-safety data network is presented in this work. The proposed design was developed by implementing packet filtering and deep packet inspection functions to control the unauthorized traffic and malicious contents. Denial-of-Service (DoS) attack was considered as a potential cybersecurity issue that may threaten the data availability and integrity of DCS gateway servers. Logical design architecture was developed to simulate the behavior of functions flow. HDL-based physical architecture was modelled and simulated using Xilinx ISE software to verify the design functionality. For effective modelling process, enhanced function flow block diagrams (EFFBDs) and schematic design based on FPGA technology were together developed and simulated to verify the performance and functional requirements of network security controls. Both logical and physical design architectures verified that hardware-based cybersecurity controls are capable to maintain the data availability and integrity. Further works focus on implementing the schematic design to an FPGA platform to accomplish the design verification and validation processes.

• Journal of the Korean Society of Safety
• /
• v.33 no.3
• /
• pp.92-98
• /
• 2018

The flow of cooling water in a passive containment cooling system (PCCS), used to remove heat released in design basis accidents from a concrete containment of light water nuclear power plant, was conducted in order to investigate the thermo-fluid equilibrium among many parallel tubes of PCCS. Numerical simulations of the subcooled boiling flow within a coolant loop of a PCCS, which will be installed in innovative pressurized-water reactor (PWR), were conducted using the commercially available computational fluid dynamics (CFD) software ANSYS-CFX. Shear stress transport (SST) and the RPI model were used for turbulence closure and subcooled flow boiling, respectively. As the first step, the simplified geometry of PCCS with 36 tubes was modeled in order to reduce computational resource. Even and uneven thermal loading conditions were applied at the outer walls of parallel tubes for the simulation of the coolant flow in the PCCS at the initial phase of accident. It was observed that the natural circulation maintained in single-phase for all even and uneven thermal loading cases. For uneven thermal loading cases, coolant velocity in each tube were increased according to the applied heat flux. However, the flows were mixed well in the header and natural circulation of the whole cooling loop was not affected by uneven thermal loading significantly.

• Nuclear Engineering and Technology
• /
• v.45 no.6
• /
• pp.795-802
• /
• 2013

For the improvement of APR1400 Diverse Protection System (DPS) design, the Advanced DPS (ADPS) has recently been developed to enhance the fault tolerance capability of the system. Major fault masking features of the ADPS compared with the APR1400 DPS are the changes to the channel configuration and reactor trip actuation equipment. To minimize the fault occurrences within the ADPS, and to mitigate the consequences of common-cause failures (CCF) within the safety I&C systems, several fault avoidance design features have been applied in the ADPS. The fault avoidance design features include the changes to the system software classification, communication methods, equipment platform, MMI equipment, etc. In addition, the fault detection, location, containment, and recovery processes have been incorporated in the ADPS design. Therefore, it is expected that the ADPS can provide an enhanced fault tolerance capability against the possible faults within the system and its input/output equipment, and the CCF of safety systems.

• Journal of the Korean Society of Manufacturing Technology Engineers
• /
• v.24 no.6
• /
• pp.682-686
• /
• 2015

The objective of this study is to validate the performance of the current $k-{\epsilon}$ turbulence model for a single-phase turbulent natural convection, which has been considered an important phenomenon in nuclear safety. As a result, the natural convection problems in the 2D and 3D cavities previously studied are calculated by using the ANSYS Fluent software. The present results show that the current $k-{\epsilon}$ turbulent model accounting for the buoyancy effect is in good agreement with the previous results for the natural convection problems in the 2D and 3D cavities although some improvements should be required to get better prediction.

• Nuclear Engineering and Technology
• /
• v.39 no.4
• /
• pp.327-336
• /
• 2007

The influence of density differences on the mixing of the primary loop inventory and the Emergency Core Cooling (ECC) water in the downcomer of a Pressurised Water Reactor (PWR) was analyzed at the ROssendorf COolant Mixing (ROCOM) test facility. ROCOM is a 1:5 scaled model of a German PWR, and has been designed for coolant mixing studies. It is equipped with advanced instrumentation, which delivers high-resolution information for temperature or boron concentration fields. This paper presents a ROCOM experiment in which water with higher density was injected into a cold leg of the reactor model. Wire-mesh sensors measuring the tracer concentration were installed in the cold leg and upper and lower part of the downcomer. The experiment was run with 5% of the design flow rate in one loop and 10% density difference between the ECC and loop water especially for the validation of the Computational Fluid Dynamics (CFD) software ANSYS CFX. A mesh with two million control volumes was used for the calculations. The effects of turbulence on the mean flow were modelled with a Reynolds stress turbulence model. The results of the experiment and of the numerical calculations show that mixing is dominated by buoyancy effects: At higher mass flow rates (close to nominal conditions) the injected slug propagates in the circumferential direction around the core barrel. Buoyancy effects reduce this circumferential propagation. Therefore, density effects play an important role during natural convection with ECC injection in PWRs. ANSYS CFX was able to predict the observed flow patterns and mixing phenomena quite well.

• Journal of the Korean Society of Systems Engineering
• /
• v.15 no.1
• /
• pp.51-59
• /
• 2019

After Fukushima Dai-ichi NPP accident, the need for implementation of diverse and flexible coping strategies (FLEX) became evident. However, to ensure the effectiveness of the safety strategy, it is essential to quantify the uncertainties associated with the station blackout (SBO) scenario as well as the operator actions. In this paper, a systems engineering approach for uncertainty analysis (UA) of a SBO scenario in advanced pressurized water reactor is performed. MARS-KS is used as a best estimate thermal-hydraulic code and is loosely-coupled with Dakota software which is employed to develop the uncertainty quantification framework. Furthermore, the systems engineering approach is adopted to identify the requirements, functions and physical architecture, and to develop the verification and validation plan. For the preliminary analysis, 13 uncertainty parameters are propagated through the model to evaluate the stability and convergence of the framework. The developed framework will ultimately be used to quantify the aleatory and epistemic uncertainties associated with an extended SBO accident scenario and assess the coping capability of APR1400 and the effectiveness of the implemented FLEX strategies.