System and method for monitoring and control of safety-related components of a nuclear power plant

US 4,957,690 A
Filed: 12/07/1988
Issued: 09/18/1990
Est. Priority Date: 12/07/1988
Status: Expired due to Fees

First Claim

Patent Images

1. In a nuclear power plant installation of a variety having a controllable nuclear reactor, normal operational control means having monitor outputs and responsive to control inputs for effecting nominal mode control over said reactor, divisional operational control means including at least two independent divisions having qualified safety system logic monitoring and control devices for providing safety status parameter outputs and responsive to select safety directive inputs for providing safety mode control over said reactor, an operator manned control region including a console having an operator interface for the assertion of said control inputs and initiation of said safety directive inputs, the improved control method comprising the steps of:

providing a display at said console responsive to display inputs to generate operator readable information;

providing an interface network within each said division having a communications link input means for receiving said operator initiated safety directive inputs in binary format, a non-volatile memory, a display controller, input and output ports, and a logic control means for controlling said memory, display controller, communication link input means and said input and output ports;

providing isolated communications link means between said link input means and said operator interface for transmitting said initiated safety directive inputs to said communications link input means;

providing a directive communications link between said output port and said safety system logic, monitoring, and control devices;

providing a library collection of accessable predetermined valid said safety directive inputs in binary format within said memory;

responding with said logic control means to a said received operator initiated safety directive input by accessing said memory for a corresponding said valid said safety directive;

effecting transmission of said accessed valid safety directive by said logic control means and said display controller to said display to generate operator readable information descriptive thereof; and

effecting transmission by said logic control means of only said accessed valid safety directive from said output port through said directive communications link to said safety system control devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A safety qualified interface device is interposed between an operator manned control position having an operator interface and qualified safety system logic monitoring and control devices. This microprocessor driven interface incorporates a memory carrying a library collection of valid safety directives as well as valid parameter inputs and permissible parameter deviation ranges. Control or parameter requests are asserted by the operator from non-safety related but conveniently positioned interface devices at the control position which are treated as trial inputs which are matched at the interface with memory retained valid directives and parameters. Where a match between memory retained data and the trial input signals occurs, then the operator is apprised through a qualified safety related display and a corresponding acknowledgement is made to the interface. The interface then transmits either the directive or parameter request to the associated divisional safety related components for execution and/or retrieval.

67 Citations

View as Search Results

22 Claims

1. In a nuclear power plant installation of a variety having a controllable nuclear reactor, normal operational control means having monitor outputs and responsive to control inputs for effecting nominal mode control over said reactor, divisional operational control means including at least two independent divisions having qualified safety system logic monitoring and control devices for providing safety status parameter outputs and responsive to select safety directive inputs for providing safety mode control over said reactor, an operator manned control region including a console having an operator interface for the assertion of said control inputs and initiation of said safety directive inputs, the improved control method comprising the steps of:
- providing a display at said console responsive to display inputs to generate operator readable information;
  
  providing an interface network within each said division having a communications link input means for receiving said operator initiated safety directive inputs in binary format, a non-volatile memory, a display controller, input and output ports, and a logic control means for controlling said memory, display controller, communication link input means and said input and output ports;
  
  providing isolated communications link means between said link input means and said operator interface for transmitting said initiated safety directive inputs to said communications link input means;
  
  providing a directive communications link between said output port and said safety system logic, monitoring, and control devices;
  
  providing a library collection of accessable predetermined valid said safety directive inputs in binary format within said memory;
  
  responding with said logic control means to a said received operator initiated safety directive input by accessing said memory for a corresponding said valid said safety directive;
  
  effecting transmission of said accessed valid safety directive by said logic control means and said display controller to said display to generate operator readable information descriptive thereof; and
  
  effecting transmission by said logic control means of only said accessed valid safety directive from said output port through said directive communications link to said safety system control devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 including the steps of:
    - providing an operator actuable acknowledge input means in the vicinity of said display for generating an operator acknowledgment signal representing the correctness of said readable information at said display; and
      
      effecting said logic control means transmission of said accessed valid safety directive from said output port only in response to said operator acknowledgment signal.
  - 3. The method of claim 1 including the steps of:
    - providing a discrete, dedicated input storage register with said interface network;
      
      effecting said response with said logic control means by loading said received operator initiated safety directive input into said input storage register, and determining the presence of a match of said loaded input with said accessed memory retained valid safety directives;
      
      effecting said logic control means transmission of said accessed valid safety directive resulting from a said match to said display to generate said readable information; and
      
      effecting said logic control means transmission of said accessed valid safety directive, only resulting from a said match, from said output port through said directive communications link.
  - 4. The method of claim 3 including the steps of:
    - providing an operator actuable acknowledge input means in the vicinity of said display for generating an operator acknowledgment signal representing the correctness of said readable information at said display; and
      
      effecting said logic control means transmission of said accessed valid safety directive from said output port only in in response to said operator acknowledgment signal.
  - 5. The method of claim 3 including the steps of:
    - providing a parameter communications link between said input port and said safety systems monitoring devices;
      
      providing a collection of accessable predetermined valid said safety status parameter designations in binary format within said memory;
      
      responding with said logic control means to a received operator initiated input representing a request for the value of a said safety status parameter by accessing said memory for a corresponding valid said safety status parameter designation;
      
      effecting retrieval of the value of a said safety status parameter corresponding with said accessed valid safety status parameter designation into said input port; and
      
      effecting transmission of said retrieved value of said safety status parameter by said logic control means to said display to provide operator readable information corresponding therewith.
  - 6. The method of claim 5 including the steps of:
    - providing an operator actuable acknowledge input means in the vicinity of said display for generating an operator acknowledgment signal representing the correctness of said readable information at said display; and
      
      effecting said logic control means transmission of said accessed valid safety directive from said output port only in response to said operator acknowledgment signal.
  - 7. The method of claim 1 including the steps of:
    - providing a parameter communications link between said input port and said safety systems monitoring devices;
      
      providing a collection of accessable predetermined valid said safety status parameter designations in binary format within said memory;
      
      responding with said logic control means to a received operator initiated input representing a request for the value of a said safety status parameter by accessing said memory for a corresponding valid said safety status parameter designation;
      
      effecting retrieval of the value of a said safety status parameter corresponding with said accessed valid safety status parameter designation into said input port; and
      
      effecting transmission of said retrieved value of said safety status parameter by said logic control means to said display to provide operator readable information corresponding therewith.

8. In a nuclear power plant installation of a variety having a controllable nuclear reactor, normal operational control means having parameter monitor outputs and responsive to control inputs for effecting nominal mode control over said reactor, divisional operational control means including at least two independent divisions having qualified safety system logic, monitoring and control devices for providing safety status parameter outputs and responsive to select safety directive inputs for providing safety mode control over said reactor, and an operator manned control region including a control position having an operator interface for the assertion of said control inputs, the intiation of said safety directive inputs and initiation of safety status parameter inputs, the improved control system, comprising:
- display means located at said control position, responsive to display inputs for deriving operator readable information;
  
  isolated communication link means for providing electrically isolated communication of said initiated safety directive inputs from said operator interface to each said division;
  
  communications input means within each said division for receiving said initiated safety directive inputs and providing corresponding trial safety directive signals;
  
  memory means within each said division for retaining a library collection of accessible predetermined valid said safety directive inputs;
  
  register means within each said division for retaining said received trial safety directive signals;
  
  display controller means within each said division for deriving said display inputs in response to information inputs transferred thereto;
  
  input and output port means within each said division for effecting control and monitoring communication with said safety system logic, monitoring and control devices;
  
  control means within each said division responsive to said communications input means for locating said trial safety directive signal at said register means, responsive to access said memory means library collection to retrieve a said valid safety directive input corresponding with said register means retained trial safety directive, responsive to effect transmission only of said retrieved valid safety directive input from said output port means to effect said safety mode control over said reactor.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The control system of claim 8 in which said control means is responsive to transfer said retrieved valid safety directive input as a said information input to said display controller means for deriving said display inputs in correspondence therewith.
  - 10. The control system of claim 8 including:
    - acknowledge input means within each said division, located at said control position, manually actuable by said operator for conveying an acknowledge signal to said control means representing the correctness of said operator readable information;
      
      said control means is responsive to transfer said retrieved valid safety directive input as a said information input to said display controller means for deriving said display inputs in correspondence therewith to provide said operator readable information, and is responsive to effect said transmission only of said retrieved valid safety directive input from said output port means only subsequent to said conveyance of said acknowledge signal.
  - 11. The control system of claim 8 in which:
    - said memory means further retains a library collection of accessible predetermined valid said safety status parameter inputs;
      
      said isolated communications link means is responsive to said initiated safety status parameter inputs from said operator interface for effecting the conveyance thereof to said communications input means;
      
      said communications input means is responsive to said conveyed initiated safety status parameter inputs for providing corresponding trial safety status parameter signals;
      
      said register means is configured for retaining said trial safety status parameter signals;
      
      said control means is responsive to said communications input means for locating said trial safety status parameter signals at said register means, is responsive to access said memory means library collection to retrieve a said predetermined valid safety status parameter input corresponding with said register means retained trial safety status parameter signal, is responsive to effect transmission only of said retrieved valid safety status parameter input from said output port means to a corresponding said safety system monitoring device and retrieve therefrom a corresponding said safety status parameter output at said input port means, is responsive to convey said retrieved safety status parameter output from said input port means as a said information input to said display controller means for deriving said display inputs in correspondence therewith.
  - 12. The control system of claim 11 in which:
    - said display means includes alarm means responsive to a select said display input for providing an alarm output perceptible to said operator;
      
      said memory means retains a collection of accessible predetermined permissible deviation ranges corresponding with select said retained valid safety status parameter inputs; and
      
      said control means is responsive to compare a said permissible deviation range corresponding with the value of a said retrieved safety status output with the value of a corresponding said parameter monitor output of said normal operational control means and derive an alarm designated said information input when said parameter output value is without said permissible deviation range, is responsive to transfer said alarm designated information input to said display controller means for deriving said select display input so as to provide said alarm output at said display means.
  - 13. The control system of claim 12 including:
    - acknowledge input means within each said division located at said control position, manually actuable by said operator for conveying an alarm acknowledge signal to said control means representing an acknowledgment of said alarm output; and
      
      said control means is responsive to said alarm acknowledge signal for terminating said alarm designated information input.

14. In a nuclear power plant installation of a variety having a controllable nuclear reactor, normal operational control means having parameter monitor outputs and responsive to control inputs for effecting nominal mode control over said reactor, divisional operational control means including at least two independent divisions having qualified safety system logic, monitoring and control devices for providing safety status parameter outputs and responsive to select safety directive inputs for providing safety mode control over said reactor, and an operator manned control region including a control position having an operator interface for the assertion of said control inputs, the initiation of said safety directive inputs and initiation of safety status parameter inputs, said safety directive inputs and said safety status parameter inputs being transmissible over an optical isolation communications link within each said division, and said operator interface including a display providing visual readouts to said operator in response to display inputs, and each said division including a manually actuable operator acknowledge device at said control position, the division safety system interface apparatus comprising:
- communications input means for receiving said initiated safety directive inputs and providing corresponding trial safety directive signals;
  
  first register means controllable to selectively retain said received trial safety directive signals;
  
  memory means for retaining a compilation of accessible valid said safety directive inputs;
  
  input and output port means for effecting communications with said safety system logic, monitoring and control devices; and
  
  control means responsive to said communications input means for locating said trial safety directive signals at said first register means, responsive to access said memory means compilation to retrieve a said valid safety directive input corresponding with said register means retained trial safety directive signal, responsive to effect transmission only of said retrieved valid safety directive input from said output port means to effect said safety mode control over said reactor.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The division safety system interface apparatus of claim 14 including:
    - display controller means for deriving said display inputs in response to information inputs transferred thereto;
      
      second register means controllable to selectively retain a said retrieved valid safety directive; and
      
      said control means is responsive to transfer said retrieved valid safety directive to effect the positioning thereof in said second register means, responsive to transfer said retrieved valid safety directive from said second register means to said display controller means as a said information input for deriving said display inputs.
  - 16. The division safety system interface apparatus of claim 14 including:
    - display controller means for deriving said display inputs in response to information inputs transferred thereto; and
      
      second register means controllable to selectively retain a said retrieved valid safety directive;
      
      said control means is responsive to transfer said retrieved valid safety directive to effect the positioning thereof in said second register means, responsive to transfer said retrieved valid safety directive from said second register means to said display controller means as a said information input, and is responsive to effect said transmission only of said retrieved valid safety directive input from said output port means only subsequent to the said actuation of said operator acknowledge device by said operator.
  - 17. The division safety system interface of claim 14 in which:
    - said communication input means effects reception of said initiated safety status parameter inputs and provides corresponding trial safety status parameter signals;
      
      including third register means controllable to retain said trial safety status parameter signals;
      
      display controller means for deriving said display inputs in response to information inputs transferred thereto;
      
      said memory means further retains a compilation of accessible valid said safety status parameter inputs; and
      
      said control means is responsive to said communications input means for locating said trial safety status parameter signals at said third register means, is responsive to access said memory means compilation to retrieve a said valid safety status parameter input corresponding with said third register means retained trial safety status parameter signal, is responsive to effect transmission only of said retrieved valid safety status parameter input from said output port means to a corresponding said safety system monitoring device and to retrieve therefrom a corresponding said safety status parameter output at said input port means, and is responsive to convey said retrieved safety status parameter output from said input port means to said display controller means for deriving said display inputs in correspondence therewith.
  - 18. The division safety system interface of claim 17 including:
    - fourth register means controllable to selectively retain said retrieved safety status parameter output; and
      
      said control means is responsive to transfer said safety status parameter output from said input port to said fourth register means, and subsequently to effect conveyance of said safety status parameter from said fourth register means to said display controller means to effect said derivation of said display inputs in correspondence therewith.
  - 19. The division safety system interface of claim 18 in which:
    - said communications input means effects reception of said parameter monitor outputs of said normal operational control means corresponding with a said initiated safety status parameter inputs;
      
      including fifth register means controllable to retain a select said parameter monitor output of said normal operational control means;
      
      sixth register means controllable to retain parameter deviation range signals;
      
      said memory means retains a compilation of accessible permissible parameter output deviation ranges corresponding with select said retrieved valid safety status outputs; and
      
      said control means is responsive to said communications input means for locating a said parameter monitor output corresponding with a said trial safety status parameter signal at said fifth register means;
      
      is responsive to access said memory means compilation to retrieve a said parameter output deviation range corresponding with said valid safety status parameter input transferred to said fourth register means and effect transfer of said retrieved parameter output deviation range to said sixth register means;
      
      is responsive to said fifth and sixth register to derive an alarm parameter deviation signal when the value of said parameter monitor output at said fifth register is without said permissible parameter output deviation range at said register means, and is subsequently responsive to effect conveyance of said alarm parameter deviation signal to said display controller means or a said information input to effect deviation of said display inputs as an alarm signal.

20. In a nuclear power plant installation of a variety having a controllable nuclear reactor, normal operational control means having parameter monitor outputs and responsive to control inputs for effecting nominal mode control over said reactor, divisional operational control means including at least two independent divisions having qualified safety system logic, monitoring and control devices for providing safety status parameter outputs, and an operator manned control region including a control position having an operator interface for the assertion of said control inputs and the initiation of safety status parameter inputs, the improved control system comprising:
- display means located at said control position, responsive to display inputs for deriving operator readable information;
  
  isolated communications link means for providing electrically isolated communication of said initiated safety status parameter inputs from said operator interface to each said division;
  
  communications input means within each said division for receiving said intiated safety status parameter inputs and providing corresponding trial safety status parameter signals;
  
  memory means within each division for retaining a library collection of accessible predetermined valid said safety status parameter inputs;
  
  register means within each said division for retaining said trial safety status parameter signals;
  
  display controller means within each said division for deriving said display inputs in response to information inputs transferred thereto;
  
  input and output port means within each said division for effecting control and monitoring communication with said safety system logic, monitoring and control devices;
  
  control means within each said division responsive to said communications input means for locating said trial safety status parameter signals at said register means, responsive to access said memory means library collection to retrieve a said predetermined valid safety status parameter input corresponding with said register means retained trial safety status parameter signal, responsive to effect transmission only of said retrieved valid safety status parameter input from said output port means to a corresponding said safety system monitoring device and retrieve therefrom a corresponding said safety status parameter output at said output port means, responsive to convey said retrieved safety status parameter output from said input port means as a said information input to said display controller means for deriving said display inputs in correspondence therewith.
- View Dependent Claims (21, 22)
- - 21. The control system of claim 20 in which:
    - said display means includes alarm means responsive to a select said display input for providing an alarm output perceptible to said operator;
      
      said memory means retains a collection of accessible predetermined permissible deviation ranges for said parameter monitor outputs of said normal operational control means corresponding with select said retained valid safety status parameter inputs; and
      
      said control means is responsive to compare a said permissible deviation range corresponding with the value of a said retrieved safety status output with the value of a corresponding parameter monitor output and derive an alarm designated said information input when said value of said compared monitor output is without said permissible deviation range, is responsive to transfer said alarm designated information input to said display controller means for deriving said select display input so as to provide said alarm output at said display means.
  - 22. The control system of claim 20 including:
    - acknowledge input means within each said division located at said control position, manually actuable by said operator for conveying an alarm acknowledge signal to said control means representing an acknowledgment of said alarm output; and
      
      said control means is responsive to said alarm acknowledge signal for terminating said alarm designated information input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Electric Company
Original Assignee
General Electric Company
Inventors
Fennern, Larry E.
Primary Examiner(s)
Walsh, Donald P.

Application Number

US07/280,800
Time in Patent Office

650 Days
Field of Search

376/215, 376/216, 364/138, 364/146, 364/188 X, 364/492 X, 364/551
US Class Current

376/216
CPC Class Codes

G21C 17/00   Monitoring; Testing measuri...

G21D 3/008   Man-machine interface, e.g....

Y02E 30/00   Energy generation of nuclea...

Y02E 30/30   Nuclear fission reactors

System and method for monitoring and control of safety-related components of a nuclear power plant

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for monitoring and control of safety-related components of a nuclear power plant

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links