Software based control system for nuclear reactor standby liquid control (SLC) logic processor

US 20050281368A1
Filed: 06/18/2004
Published: 12/22/2005
Est. Priority Date: 06/18/2004
Status: Active Grant

First Claim

Patent Images

1. A method for a nuclear reactor safety related application, said method comprising:

executing two forms of a same application-specific logic, one of the two forms implemented as hardware logic, and another of the two forms implemented as software for execution by microprocessor-based controlling software, each form executed with a same set of inputs;

comparing a result produced from the execution of the hardware-implemented form of application-specific logic to a result produced from the execution of the software-implemented form of application-specific logic;

when the compared results concur, performing actions associated with the concurring results by executing microprocessor-based software; and

when the compared results fail to concur, reporting the failure of the compared results to concur to an operator by executing microprocessor-based software, and thereafter placing the microprocessor-based software into an inoperative (INOP) mode.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system is provided for a nuclear reactor safety related application. The method includes executing two forms of a same application-specific logic, one of the two forms implemented as hardware logic, and the other of the two forms implemented as software instructions for execution by microprocessor-based controlling software. Each form of the application-specific logic is executed with a same set of inputs. The method compares a result produced from the execution of the hardware-implemented form to a result produced from the execution of the software-implemented form. When the compared results concur, the controlling software performs actions associated with the concurring results by executing microprocessor-based software. When the compared results fail to concur, the controlling software reports the failure of the compared results to concur to an operator by executing microprocessor-based software, and thereafter places the microprocessor-based software system into an inoperative (INOP) mode.

Citations

21 Claims

1. A method for a nuclear reactor safety related application, said method comprising:
- executing two forms of a same application-specific logic, one of the two forms implemented as hardware logic, and another of the two forms implemented as software for execution by microprocessor-based controlling software, each form executed with a same set of inputs;
  
  comparing a result produced from the execution of the hardware-implemented form of application-specific logic to a result produced from the execution of the software-implemented form of application-specific logic;
  
  when the compared results concur, performing actions associated with the concurring results by executing microprocessor-based software; and
  
  when the compared results fail to concur, reporting the failure of the compared results to concur to an operator by executing microprocessor-based software, and thereafter placing the microprocessor-based software into an inoperative (INOP) mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method in accordance with claim 1 wherein the same application-specific logic is a nuclear reactor standby liquid control (SLC) application, said method further comprising controlling injection of a liquid into the reactor by the SLC application.
  - 3. A method in accordance with claim 1 wherein the hardware-implemented form of application-specific logic is the control logic of at least one programmable logic device (PLD), and the result produced from the execution of the hardware-implemented form of application-specific logic is obtained by microprocessor-based software from reading the status registers of the at least one PLD.
  - 4. A method in accordance with claim 1 wherein the software-implemented form of application-specific logic is stored in EPROM memory located on a microprocessor card, the microprocessor card also including at least one microprocessor, RAM memory, non-volatile RAM (NVRAM) memory, and at least one programmable logic device (PLD) wherein the hardware-implemented form of application-specific logic is stored.
  - 5. A method in accordance with claim 1 wherein the same set of inputs includes input signals from sensors and equipment external to operational hardware and software that provide for the execution of the application-specific logic.
  - 6. A method in accordance with claim 5 wherein the input signals from sensors and equipment include nuclear reactor related signals in the form of anticipated transient without SCRAM (ATWS) input signals, analog trip module (ATM) input signals, tank level input signals, bypass unit input signals, and operational status signals from low voltage switch gear (LSWG) equipment.
  - 7. A method in accordance with claim 1 wherein the performing actions associated with the concurring results include performing injection of a liquid into a nuclear reactor by operating relays associated with injection pumps, injection valves, overload bypass, and storage tank valves.
  - 8. A method in accordance with claim 1 wherein the performing actions associated with the concurring results include halting of injection of a liquid into a nuclear reactor by operating relays associated with injection pumps, injection valves, overload bypass, and storage tank valves.
  - 9. A method in accordance with claim 1 wherein, when in the INOP mode, software self tests are executed to test hardware and software associated with the operation of the application-specific logic to detect hardware and software faults, and results of the execution of the self tests are made available to an operator.
  - 10. A method in accordance with claim 9 wherein contacts and relays are isolated during the execution of the software self tests to prevent operation of equipment external to the hardware and software associated with the operation of the application-specific logic.
  - 11. A method in accordance with claim 1 wherein when hardware and software associated with operation of the application-specific logic is in standby operating (STANDBY) mode, as indicated by non-existence of critical faults and concurrence of the compared results, software self tests are executed to test the hardware and software associated with operation of the application-specific logic in order to detect hardware and software faults, and results of the execution of the self tests are made available to an operator.
  - 12. A method in accordance with claim 11 wherein contacts and relays are isolated during the execution of the software self tests to prevent operation of equipment external to the hardware and software associated with operation of the application-specific logic.
  - 13. A method in accordance with claim 11 wherein when critical faults are detected via the execution of the software self tests, the software-implemented form of application-specific logic and the microprocessor-based software are placed into the inoperative (INOP) mode by executing the microprocessor-based software.
  - 14. A method in accordance with claim 1 wherein systems and equipment external to hardware and software associated with the operation of the application-specific logic are automatically actuated and tested for correct operation by the hardware and software associated with the operation of the application-specific logic, with results of the testing being made available to an operator.

15. A digital microprocessor-based system for a nuclear reactor safety related application, said system comprising:
- a microprocessor with memory, hardware, circuitry, and software programming that provides for execution of two forms of a same application-specific logic, and provides for the two forms to be executed with a same set of inputs;
  
  the same application-specific logic implemented in one of the two forms as hardware logic, and in another of the two forms as software instructions for execution by the microprocessor;
  
  the software programming further providing for comparison of a result produced from execution of the one of the two forms as hardware logic to a result produced from execution of the another of the two forms as software instructions;
  
  the software programming further providing, when the compared results concur, for the execution of actions associated with the concurring results; and
  
  when the compared results fail to concur, the software programming further providing for the reporting to an operator of the failure of the compared results to concur, thereafter the software programming further executing to place the microprocessor-based system into an inoperative (INOP) mode.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. A system in accordance with claim 15 wherein the same application-specific logic is a nuclear reactor standby liquid control (SLC) application, said SLC application providing for control of injection of a liquid into the reactor.
  - 17. A system in accordance with claim 15 wherein the hardware logic is the control logic of at least one programmable logic device (PLD), and the result produced from the execution of the hardware logic is obtained by microprocessor-based software from reading the status registers of the at least one PLD.
  - 18. A system in accordance with claim 15 further comprising a microprocessor card with EPROM memory for storing the software instructions, at least one microprocessor, RAM memory, non-volatile RAM (NVRAM) memory, and with at least one programmable logic device (PLD) wherein the one of the two forms as hardware logic is implemented.
  - 19. A system in accordance with claim 15 wherein the same set of inputs includes input signals from sensors and equipment external to the system, and wherein the software programming further provides software for receiving the external input signals.
  - 20. A system in accordance with claim 15 wherein the execution of actions associated with the concurring results includes operating relays associated with equipment external to the system via software further provided by the software programming.
  - 21. A system in accordance with claim 15 wherein the software programming further includes self tests for detecting faults in the hardware and software of the system and the software programming further provides, in conjunction with the system hardware, ability to isolate contacts and relays associated with equipment external to the system so as to prevent operation of the equipment during execution of the self tests.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ge-Hitachi Nuclear Energy Americas LLC (GE Vernova, Inc.)
Original Assignee
General Electric Company
Inventors
Frederick, Stanley Anthony, Droba, Gregory Scott

Granted Patent

US 7,437,200 B2
Time in Patent Office

Days
Field of Search
US Class Current

376/260
CPC Class Codes

G05B 19/058   Safety, monitoring

G21C 17/02   Devices or arrangements for...

G21C 7/22   by displacement of a fluid ...

Y02E 30/30   Nuclear fission reactors

Software based control system for nuclear reactor standby liquid control (SLC) logic processor

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Software based control system for nuclear reactor standby liquid control (SLC) logic processor

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links