1 / 11

Status on CERN-ITER collaboration for Machine Protection

Status on CERN-ITER collaboration for Machine Protection. Acknowledgments: J.Burdalo , R.Schmidt , S.Wagner , M.Zaera Sanz, M.Zerlauth and Critical Systems Lab. EDMS 1283934. Overview of current agreement. Collaboration agreement with duration from 2010 to end 2012

coyne
Download Presentation

Status on CERN-ITER collaboration for Machine Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Status on CERN-ITER collaboration for Machine Protection Acknowledgments: J.Burdalo, R.Schmidt, S.Wagner, M.Zaera Sanz, M.Zerlauth and Critical Systems Lab EDMS 1283934

  2. Overview of current agreement Collaboration agreement with duration from 2010 to end 2012 • Task-1: Consultancy for the setup of a Machine Protection Working Group Proposal and recommendations sent to ITER • Task-2: Definition of the overall architecture of the Machine Protection and Central Interlock System The overall architecture of these systems is defined • Task-3: Specifications for the fault scenarios simulations Done for the magnet interlock system, new methods were developed to assess architectures of interlock systems + external consultant from system safety domain • Task-4 Definition of tools for diagnostics of the machine protection systems Partially done, combined with the development of a prototype

  3. Recap - Powering Layout

  4. Recent activities 1/5 • Prototype for magnet powering interlocks has been completed and delivered to Cadarache(fully documented) • Following individual commissioning, system is awaiting first connection and tests with quench detectorsbefore being shipped to India & China Based on redundant safety PLCs + 2oo3 I/O module configuration (down to and including client connections) Fault tolerant to any single component failure Redundancy of programming through safety matrix + standard logic Local SCADA system + touch screen Standard user interface (DLUI) for client connections and diagnostics Redundant S7400 PLCs Local supervision I/Os in 2oo3 Standard User Interface

  5. Recent activities 1/5 • Prototype for magnet powering interlocks has been completed and delivered to Cadarache(fully documented) • Following individual commissioning, system is awaiting first connection and tests with quench detectors before being shipped to India & China Based on redundant safety PLCs + 2oo3 I/O module configuration (down to and including client connections) Fault tolerant to any single component failure Redundancy of programming through safety matrix + standard logic Local SCADA system + touch screen Standard user interface (DLUI) for client connections and diagnostics

  6. Recent activities 2/5 • Different HW architectures tested in order to find the fastest and more dependable solution N Discharge loop based on Standard + Failsafe components Implementation based on Safety Matrix + AWL

  7. Recent activities 3/5 • Different HW architectures tested in order to find the fastest and more dependable solution Discharge loop using only standard components but diversity of components Implementations based on AWL for Boolean Processors and CPU

  8. Recent activities 4/5 • Working on 2nd version of User Interface Box (only non COTS component), including Profinet connectivity for diagnostic purposes • PCB already produced and currently being tested Profbus in V1.0 Profinet in V2.0 User connectivity Rad tolerant FPGA Mechanics + redundant power supplied

  9. Recent activities 5/5 • Completed dependability analysis of magnet powering interlock system with external company from system safety domain (CSL – Critical Systems Lab), including Dependability analysis and review of functional specification, definition of Investment Protection functions Definition of state machines for system functionality (concurrency between circuits) Study of interfaces and dependencies with main client systems (QD, PC, FDU,…) Catalogue of (unresolved) design issues Failure Mode and Effect Analysis (FMEA) for backbone architecture

  10. Budget and resources • CERN resources invested to date: 2200 hours of CERN staff (system design, meetings,…) 400 hours of student/Fellow for analysis of interlock architectures 1200 hours of Fellow (50% since Aug 2011) for development of interface box 960 hours of PJAS + 880 hours of external consultant for PLC SW and SCADA • Additional external resources invested to date: 300 hours of system safety consultancy (through direct contract of CSL with ITER) • Budget and expenses evolved as planned

  11. Conclusions • The collaboration agreement ended in 2012, all deliverables completed • Collaboration has been fruitful learning experience for CERN in many fields (COTS vs voting in interlock systems, radiation tolerant FPGAs, Profinet, studies of architecture and system dependability,..) • Due to delay of China test and ITER wish for a V2.0 of user interface, agreed on extension of collaboration by 1 year • Possible continuation as of 2014 on following topics (tbd): Analysing + feed back the performance from the China tests into final design Provision of full-scale system including full monitoring part Definition of the entire powering interlock system (includes clarification of open questions) Other topics related to Machine Protection (towards interlocking of Plasma)

More Related