ITER CODAC Plant Control Design Handbook October 2008

ITER CODACPlant Control Design HandbookOctober 2008 Anders Wallander & Luigi Scibile CHD Department

PCDH Objectives The Plant Control Design Handbook (PCDH) defines standards, specifications and interfaces applicable to ITER Plant Systems Instrumentation & Control (I&C) • I&C standards are essential for ITER to • Integrate all Plant Systems into one integrated control system • Maintain all Plant Systems after delivery acceptance • Contain cost by economy of scale (spare parts, expertise) The PCDH is applicable to all Procurement Arrangements • ITER International Organization (IO) • Develop • Support • Maintain • Enforce • these standards

History and Future of PCDH • The development of PCDH started from the conceptual design • The process to get consensus within an intercontinental group • takes time • The purpose of the official release IDM v.3 in July was to • communicate current thinking, not to provide a contractual • document • Therefore the current version is conceptual • We have inserted “hold-points” in the first PA • The first ones elapse in April 2009 (hard deadline) • Next release of PCDH IDM v.4 before April 2009 • PCDH is a living document and will be released throughout the • lifetime of ITER • The list of standards and specifications will be extended and • will evolve • PCDH shall address obsolescence management

Three tiers, two layers I&C structure • Segregation of ITER I&C into 3 tiers and 2 layers Conventional Control • Control and monitoring for all ITER PS Interlock • Protects the investment • Independent network and I&C Safety • Protects personnel, and environment • Independent network and I&C • Two train systems Plant Operation Zone (POZ) • Communication, command and control boundary for Tokamak plant

What are the Plant Systems? Product Breakdown Structure A CODAC Plant System has one and only one Plant System Host

IN FUND (PBS 45,46,48) interface CONTROL INTERLOCK SAFETY IN KIND (PBS XX) PLANT SYSTEMS

Plant System Instrumentation & Control

Plant System Instrumentation & Control • Plant System Host • Provided by IO with standard software • Provides single point of entry for • asynchronous communication • Supports set of standard field-buses to Local • Controllers • Data driven (Plant System customization is • done by self-description) • May come on different platforms to address • scalability • PCDH chapter 5.4.1

Plant System Instrumentation & Control • Plant System Host • Mini CODAC • Provided by IO with standard software • Tool to verify functionality and interface at • factory and on site (FAT, SAT) • Provides SCADA functionality including HMI • Can be used as platform for developing • higher level Plant System functionalities • later integrated in proper CODAC • PCDH chapter 2.8.9

Plant System Instrumentation & Control • Plant System Host • Mini CODAC • Local Controller and Field Buses • Selected from catalogue of standard components • Can be “slow” control (PLC) or “fast” control • (embedded) • PCDH chapter 5.4.2-5

Plant System Instrumentation & Control • Plant System Host • Mini CODAC • Local Controller and Field Buses • High Performance Network I/F • Selected from catalogue of standard components • High Performance Networks (HPN) are • SDN – Synchronous Databus Network • TCN – Time Communication Network • EDN – Event Distribution Network • AVN – Audio/Video Network • Not all Plant Systems require HPN • Interface boards/drivers provided for • selected platforms PCDH chapter 4.3

Plant System Instrumentation & Control Plant System Host Mini CODAC Local Controller and Field Buses High Performance Network I/F Actuators, sensors, signal conditionings Selected by Plant System Developer PCDH will provide recommendations PCDH chapter 5.4.7

Plant System Instrumentation & Control • Cubicles • Selected from catalogue of standard components • Racks • Chassis • Power Supply • Cooling • Terminal strips • … • PCDH chapter 5.4.8

Plant System Instrumentation & Control • Cubicles • I&C Bridge • Provided by IO • Patch Panel connecting • to ITER infrastructure • (mainly fiber optics) • Wall mounted or in • “CODAC hutch” close to • I&C cubicles • Specifies cables and • connectors • Plant System developer • provides cables from • cubicle to I&C bridge • PCDH chapter 4.3.4

Plant System Instrumentation & Control • Cubicles • I&C Bridge • Cabling • Rules and • Recommendations • cables and connectors • internal and external • naming & labeling • grounding & earthing • electrical isolation • cable distances • EMC • radiation • PCDH ch. 5.4.9 & Electrical Design Handbook

Plant System Instrumentation & Control • Software environment and development process • Specified by IO • Operating Systems on the different platforms (PSH, PLC, Embedded) • Communication middleware • Open source SCADA/software framework • Format and schemas for Self description data • Programming languages on the different platforms • Programming standards • Methodology • Naming rules • Design and development tools • Testing tools • Configuration control • PCDH chapter 5.5

Interlock Systems • Main system requirements • Highest level interlock functions shall be designed to a high integrity level conforming to a Safety Integrity Level (SIL) 3 according to the standard IEC 61508 • The Central Interlock System shall acquire the critical digital signals from the Plant Interlock Systems and deliver outputs to Plant Systems (either via the corresponding “Plant Interlock Systems” or via direct interlocks) on the basis of boolean logic on the full set of inputs and on the latched outputs. • The Central Interlock Systems are classified as non-SIC • The interlock protective actions shall be graded at three levels: • Level 1 interlock events (Fast shutdown) • Level 2 interlock events (Fast Controlled Pulse Shutdown) • Level 3 interlock events (Inhibit) Covered by PCDH

Equipment required: Interlock Systems • Highly reliable and available PLC systems (SIL3) • Some hardwired systems (2oo3 redundancy) • Various type of transducers and actuators • Various type of networks: TCP/IP, field buses, monitored hardwired links. • Supervisory systems • Short term data storage • Operator synoptic via CODAC + Gateway PCDH chapter 6 Covered by PCDH

Safety Systems • Main system requirements • The CSS for Nuclear risk and Personnel access shall be classified as a SIC system classed as implementing safety functions of category B (IEC 61226) with systems of class 2 (IEC 61513) • The CSS for conventional risks shall be designed to a high integrity level conforming to a Safety Integrity Level (SIL) 3 (IEC 61508). • Safety functions of category A shall be implemented via hardwired logic with systems of class 1. • No Common Cause of Failure • Multiple line of defense Covered by PCDH

Equipment required: Safety Systems • Highly reliable and available PLC systems (Class 2) • Hardwired logic (Class 1) • Various type of transducers • Various type of networks: TCP/IP, Safety field buses, monitored hardwired links. • Supervisory systems • Long term safe data storage • Safety operator’s desks PCDH chapter 7 Covered by PCDH

Plant System I&C – Life Cycle PCDH chapter 2.4 and 3

Plant System I&C – Life Cycle IO -> <- DA Build to print Procurement Arrangement

Plant System I&C – Life Cycle IO -> <- DA Detailed design Procurement Arrangement

Plant System I&C – Life Cycle IO -> <- DA Functional specifications Procurement Arrangement

Plant System I&C – Life Cycle Check points

Short-term Schedule A proper long term plan shall be developed in the next months

Some ideas for 2009-2011 Cooperation agreement CERN Machine Protection Interlock & Safety Support (Framework contract, in-sourcing) CODAC Engineering Support (Framework contract, in-sourcing) SW Tools for packaging and training Customization/improvements CODAC comm middleware and SCADA func. Supply Mini CODAC application layer modules Supply customized Mini CODAC systems for NB, Cryo, PS, etc. Design and supply CODAC networks Study scientific data streaming Prototype Data Acquisition and Data Streaming Architecture Prototype and case study for plasma feedback control Prototype Plasma Control System Architectures Prototype CODAC Supervisor Prototype Integration of Pulse Execution System Analysis of fault scenarios for machine protection Prototype evaluation of highly available interlock architectures Formal models for Instrumented Central Safety Systems Supply of Central Interlock System

Conclusions • The Plant Control Design Handbook (PCDH) defines standards, specifications and interfaces applicable to ITER Plant Systems Instrumentation & Control (I&C) • PCDH is applicable to all Procurement arrangement having any I&C • PCDH covers hardware, software and development process • PCDH contains mandatory standards and recommendations • Next release of PCDH is due in April 2009 • PCDH is a living document and will be released on a regular basis throughout the lifetime of ITER

Conclusions ITER IO is committed to • develop • support • maintain • enforce PCDH standards in order to successfully • integrate • maintain • contain the cost of the ITER control system First prototype in IO lab Sep’08

END

Backup Slides

Contract strategy (1/2) 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Start Integrated commissioning Start of Tokamak assembly First Plasma Assistance Contracts I&C Support for Plant Systems CODAC Support Central Interlock and Safety Systems Support Procurement Contracts Prototypes realization (x 10) Prototypes realization (x 10) Central Interlock Systems realization (x 3) Central Interlock Systems realization (x 3) Central Interlock Systems realization (x 3) Central Safety Systems realization (x 3) Central Safety Systems realization (x 3) Central Safety Systems realization (x 3) CODAC sub-systems Development CODAC sub-systems Development CODAC sub-systems Development CODAC sub-systems realization (~x 10) I&C Plant Systems Development I&C Plant Systems Development I&C Plant Systems Development I&C Plant Systems realization (~ x100) In fund, contracts placed by ITER IO In kind, contracts placed by ITER DAs Task agreements, most probably no contracts with with Industry

Support: Technical Specifications Engineering design Engineering studies Performance evaluations Safety studies Modeling and simulations Pre-construction drawings PID and Functional drawings Security engineering technical reviews Provisioning and logistics Quality Assurance Contract preparation Planning and Scheduling Verification and Validation Commissioning coordination Contract strategy (1/2) • Realization: • Final Design • Software (SW) development • Procurement of equipment • Hardware (HW) assembly • SW & HW Integration • Configuration and data management • Overall documentation • Detailed design documents • PID and Functional drawings • Construction drawings • As built folders • Installation procedures • Commissioning procedures • Operation manuals • Maintenance manuals • Factory and site acceptance • Site installation • Site Commissioning

Equipment required: Interlock Systems • Highly reliable and available PLC systems (SIL3) • Some hardwired systems • Various type of transducers and actuators • Various type of networks: TCP/IP, field buses, monitored hardwired links. • Supervisory systems • Short term data storage • Operator synoptic via CODAC + Gateway

Interlock Systems • Equipment required: • Highly reliable and available PLC systems (SIL3) • Some hardwired systems • Various type of transducers and actuators • Various type of networks: TCP/IP, field buses, monitored hardwired links. • Supervisory systems • Short term data storage • Operator synoptic via CODAC + Gateway

Equipment required: Safety Systems • Highly reliable and available PLC systems (Class 2) • Hardwired logic (Class 1) • Various type of transducers • Various type of networks: TCP/IP, Safety field buses, monitored hardwired links. • Supervisory systems • Long term safe data storage • Safety operator’s desks

CODAC contracts today

Self-description dataflow: development CODAC test data PS development progress 12 12 12 PS requirements and needs 10 Regular transfer 11 Problem report PS parameters 4 1 9 PS description PS response PS dynamic parameters PSH static configuration 5 2 2 Devel tools project files PS data PS data PS devices dynamic parameters 6 3 PS devices programs + static configuration 7 8

ITER CODAC Plant Control Design Handbook October 2008

ITER CODAC Plant Control Design Handbook October 2008

Presentation Transcript

October 2008

US ITER DCLL TBM Design

October 2008

ITER Control System Technology Study

Air Pollution Control Board October 1, 2008

Status of ITER Core Software (“CODAC Core System”)

FINAL DESIGN REVIEW OF ITER PBS 45 CODAC – PART 1

ITER CODAC CO ntrol, D ata A ccess and C ommunication System for ITER Anders Wallander

The Control System of ITER Overview, status and PS integration CODAC team ITER IO

Status of the ITER CODAC conceptual design Jo Lister

ITER CODAC Development Environment – CODAC Core System

ITER CODAC

ITER CODAC Plant Control Design Handbook October 2008

ITER CODAC

October 2008

Requirements for ITER CODAC

Diurnal Emission Control October 7th, 2008

October 2008

FINAL DESIGN REVIEW OF ITER PBS 45 CODAC – PART 1

Examples of ITER CODAC requirements for diagnostics

ITER CODAC