1 / 25

Safety Instrumented System for the Superconducting Magnet Test Plant (SMTP)

This workshop discusses the development and implementation of a safety instrumented system for the Superconducting Magnet Test Plant (SMTP) at CERN. It covers the process description, requirements, standards, methodologies, and technology used in the development of the system. Challenges, conclusions, and future work are also discussed.

philh
Download Presentation

Safety Instrumented System for the Superconducting Magnet Test Plant (SMTP)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Safety Instrumented System for the Superconducting Magnet Test Plant (SMTP) Borja Fernández Adiego (CERN BE/ICS) 3rd edition PLC/COTS based Interlock and Protection Systems Workshop 01/02/2016 CERN Joint work of Enrique Blanco, Daniel Darvas, Roberto Speroni, Jeronimo Ortola and Maryline Charrondiere

  2. Outline • Safety Instrumented System (SIS) • Context: Process description + requirements • SIS development: standards, methodologies and technology • Challenges, Conclusions and Future work

  3. Context • SMTP (Superconducting Magnet Test Plant) • Cryogenics, Vacuum, 14KA and 600A Power converters, C&V, etc. • 15 years old installation

  4. Context Goal: achieve a higher level of safety

  5. Context Process description “Safety information” Availability + budget • Specifications – requirements from the process experts

  6. Context • Specifications – requirements from the process experts

  7. SIS development • Safety standards (IEC 61508, IEC 61511, IEC 62061, etc.) • IEC 61511: Functional safety - Safety instrumented systems for the process industry sector

  8. Safety life cycle11 steps SIS development

  9. SIS development Existing installation (including instrumentation) No exhaustive information • Risk analysis. Several techniques: • HAZOP (Hazard & Operability) • FTA (Fault Tree Analysis) • FMEA (Failure Mode and Effect Analysis)

  10. SIS development • Risk analysis. FMEA

  11. SIS development Severity Find techniques to get into the acceptable risk zone SIS Prevention Risk S Protection unacceptable risk Risk acceptable risk P Probability • 2 kind of safety actions:

  12. SIS development • How to prove the reduction of risk? • Hardware. Probabilistic approach: SIL (Safety Integrity Level) • Software. Determinist approach. Testing and formal methods techniques.

  13. SIS development Define the SIL target Prove it • Hardware. SIL (IEC 61511)

  14. SIS development SIF Specification SIL Target Safety Evaluation Tool (Siemens) • Safety Instrumented Function (SIF) • Specification & Formalization • If the cable temperature is higher than 80°C, then shut down the main power converter. • AG((PLC_END & (Temp_Cable_x1 = FALSE)) -> OK_for_Main_power = FALSE); • Temporal Logic • (Useful for software verification)

  15. SIS development Standard control & Safety in the same device Sensors Actuators • 2 kinds of instrumentation: • Industrial, certified devices • “Home-made” devices

  16. SIS development Distributed Safety Library S7 317F • Graphical language (Ladder or FBD) • Code generation is not allowed

  17. UNICOShttp://unicos.web.cern.ch/ SIS development OB1 OB35

  18. SIS development UNICOS Supervision

  19. SIS development Safety Function 1. SIL 2: 10-7 ≤ PFH < 10-6 sensor PC 14 KA ? 1.3* 10-8 7.3* 10-9 ? Safety Integrity Level (SIL) verification for SLAC radiation safety system http://icalepcs.synchrotron.org.au/papers/tuc3o07.pdf

  20. SIS development Safety Evaluation Tool

  21. SIS development Software verification IEC 61508

  22. SIS development Software verification • How do we verify the software? • Testing • Model checking = Formal verification technique • Complex (highly trained engineers in formal methods) • How do we apply Model Checking? • Methodology + tool (PLCVerif) • Hides any complexity related to formal methods

  23. Conclusions, Challenges & Future • Safety “enforcement” for SMTP • Challenges - Non-Safety instrumentation Redundant information Reengineering/replacement of instrumentation (2nd phase) • Future • “Proper” integration of WinCCOA (SIL3) in the Safety chain • SIS for future projects: e.g. FAIR (GSI accelerator) test bench facility

More Related