This document is the informational asset of Doosan Heavy Industries & Construction. Thus, unauthorized access, revision,
distribution and copying of this document are strictly prohibited.
National Report on
NPP I&C in Korea
IAEA TWG-NPPIC
May 22, 2013
1
Table of Contents
1. Nuclear I&C Business
2. Development of MMIS
1) MMIS Prototype Facility
2) Multistage Tests
3) Evaluation of MMIS Localization
4) IAEA Review
3. Features of DOOSAN’s Rod Control System
4. Cyber Security
5. LDP Application
6. FPGA Application for NPP
7. Response to Fukushima disaster
8. Recommendation
1. Nuclear I&C Business
2
Construction
Operation
Plant in operation & construction in Korea
Seoul
KRN 1 : PWR 587 [MW] KRN 2 : PWR 650 [MW] KRN 3 : PWR 950 [MW] KRN 4 : PWR 950 [MW]
SKN 1 : PWR 1,000 [MW] SKN 2 : PWR 1,000 [MW]
SKN 3 : PWR 1400 [MW] SKN 4 : PWR 1400 [MW]
Uljin
Wolseong
Kori
Yeonggwang
WSN 1 : PHWR 700 [MW] WSN 2 : PHWR 700 [MW] WSN 3 : PHWR 700 [MW] WSN 4 : PHWR 700 [MW] SWN 1 : PWR 1,000 [MW]
SWN 2 : PWR 1000 [MW]
UCN 1 : PWR 950 [MW] UCN 2 : PWR 950 [MW]
UCN 3 : PWR 1,000 [MW] UCN 4 : PWR 1,000 [MW] UCN 5 : PWR 1,000 [MW] UCN 6 : PWR 1,000 [MW]
SUN 1 : PWR 1400 [MW] SUN 2 : PWR 1400 [MW]
YGN 1 : PWR 950 [MW] YGN 2 : PWR 950 [MW]
YGN 3 : PWR 1,000 [MW] YGN 4 : PWR 1,000 [MW] YGN 5 : PWR 1,000 [MW] YGN 6 : PWR 1,000 [MW]
INTEGRAGED MANUFACTURING COMPLEX
DOOSAN has an integrated manufacturing facility which is capable of raw material
production to final assembly of components for Power Plants in Changwon, Korea.
–⊙
Seoul
–◎
– Changwon
–Boiler
–Nuclear
–T/G
–Foundry –Forging
–Main Office
–R & D Center
–Dock Facilities
–Total Area : 1,100 acres
–Floor Space : 137 acres
Introduction : DOOSAN’s Facility
3
4
Nuclear I&C Business
New NPP SUN 1,2 Contract /MMIS: 2009/07
BNPP 1,2,3,4 Inverter System / MG Set / RTSS Supply Contract : 2010
SKN 5,6 Contract /MMIS: (2013)
SUN 3,4 Contract /MMIS: (2014)
Modernization
CRCS/DRCS/CEDMCS modernization for all Korean NPP
KRN 1,2: 2010/06
YGN 3 CRCS Modernization: 2011/03
YGN 4 CRCS Modernization: 2012/04
UCN 1 DRCS Modernization: 2011/12
UCN 2 DRCS Modernization: 2011/06
YGN 5,6 / UCN 3,4,5,6 (OPR1000) CEDMCS Modernization : 2011/06
SKN 1,2 (OPR1000) CEDMCS Modernization : (2015)
SWN 1,2 (OPR1000) CEDMCS Modernization : (2015)
KRN 3,4 / YGN 1,2 CRCS Modernization :(2014)
Digitalized MMIS modernization
Preparing modernization for all Korean NPP in operation
ASTS
Complete for all Korean NPP in operation(20 Units)
Construction (SKN 1,2,3,4 / SWN 1,2)
ASTS: Automatic Seismic Trip System, CEDMCS: Control Element Drive Mechanism Control System
Nuclear I&C Business
5
OL4 Proposal
Reflecting the Finnish Licensing and
Technical issues.
New technical issues identified during
LFS(Licensing Feasibility Study) are
being resolved and the design
completeness are enhanced
Korea Consortium leaded by KHNP
proposed APR1400 in Korea
Expected formal application for a
construction license be in mid-2015
Technical and Commercial evaluation
for potential bidder is proceeding
MMIS Development
6
1) MMIS Prototype Facility
2) Multistage Tests
3) Evaluation of MMIS Localization
4) IAEA Review
MMIS Prototype Facility
7
MMIS Prototype Configuration for Design verification and Performance Test
APR1400 code simulator, Plant Control System, Safety systems, MCR(Main Control Room)
including LDP(Large Display Panel) and network equipment
LC2LC1
TIP
LC2LC1
TIP
CH B
P2
LEGEND
PPCS PLCS
RPSRCOPS
QIAS-P
PCS,NP
CS
A
B
C
D
PCS(CC,AC,IC,PC) NPCS(FWCS,SBCS,PPCS,PLCS,CVCS)
DASH
6000
COM
PC CVCS
BOP-PCS
RCOPS
CH A
P1
ESFCCS
CH A
GC
ESFCCS
CH B
GC
ESF-
CCS
CH A
DAASH
6000)
DLS BOP(189,190)DLS NIMS(179,180)
ESCM
ROC
ESCM
TOC
ESCM
EOCOA OA OA
ESCM
SSC QIAS-NOA
ESCM
STAC QIAS-NOA
ESCM1,2 RCOPS FPD
QIAS-P,N FPD
TCS
MINI LDP
NI I/O NETWORK
HARD WIRED
COMMUNICATION
INFORMATION
NETWORK
CONTROL
NETWORK
UDP
QIAS-N
NETWORK
UDP(Safety)
DASH6000
NETWORK
QIAS-N NETWORK
PLC
BPCP
CP
RPS
CH A
TIP
BPCP
CP
RPS
CH B
TIP
BPCP
CP
RPS
CH C
TIP
BPCP
CP
RPS
CH D
TIP
P2
RCOPS
CH B
P1
CH B
QIAS-P
CH A
PM&TIPCOM
QIAS-N
CH D
HMI
SERVER
DCS
INTERFACE
PANEL
Server(MDB,AS,HSR,CS)
CGW(185,186,187,188)
Master Node
CC2
CC1
IC
AC1
FWCS2
FWCS1
SBCSP
SBCSM
BPCS
BPCS4BPCS3
BPCS2
BPCS1 ALMS IVMS RCPVMS
APR1400
CODE SIMULATOR
(SERVER PC)
LPMS
SAFETY CONSOLE
NETWORK
INTERFACE PANEL FOR
SIMULATOR
Multistage Test
8
Test Object : 11 systems including PPS
System Test ; Functional test for each system
Interface Test ; Verification of interface status
between each system and simulator
Performance Test ; Verification of interface function
and performance between systems
Integration Test
Verification of MMIS integrated performance
Network Load, Response Time test / MMI, Alarm
Test, etc.
Operation Test
Load Rejection Test
Unit Load Transient Test
Load Cycle Test
Reactor Power Cutback System Test
FWCS Valve Transfer Test
System Test
Integration Test
Multi-failure test for PS, Network, ITP, CPU
Reliability test for functional modules
System Reliability test for redundant architecture
Component control function reliability with single
failure
Long-Term Operation
Performance verification program
Define test steps and execution for compatibility
Execute long term operation to ensure reliability and operating history
Test Step & Type
Large Scale Integration (’08.05~’08.1OE)
Small Scale Integration (’07.7~’07.10E)
• RPS • PCS • NIMS
• RCOPS • ESF-CCS • NPCS • DIS • IPS
• Integration Test • Operating Test
STEP
• P-CCS • QIAS-P • QIAS-N
Final Test (’09.02~’09.06E)
Long Term Reliability Operation Test (’09.08~’10.06E)
System Test (PLC/DCS)
Evaluation of Applicability
9
Evaluation process with customer and system designer
KHNP and KEPCO E&C experts involved in the effort of technical evaluation and
incorporated its review results
Evaluation Process Schedule Feature
Localization Council (Government, KHNP)
2007.06.11 ~
2008.11.21
• Design requirement/Tech. Specification • Evaluation of licensing application • Requirement and functions to be added
Evaluation of business application for SUN12 PJT (KHNP, KEPCO)
2008.10.01 ~
2008.11.28
• Evaluate of Localization activities • Technical/Quality Assessment • Confirmation of action items • Confirmation of reliability, process of
implementation and verification of each systems and network communication of PLC/DCS
IAEA Technical Review (IAEA, KHNP)
2010.02.01 ~
2010.02.06
• Compatibility for Design/Manufacture in compliance with IAEA Safety Guide
• Evaluate on the methodology and result of Integrated Test of MMIS prototype
• GP(Good Practice) selection
IAEA Review
10
No. Good Practice List
1 Third party review throughout lifecycle
2 Diversity of actuation signal path in Component Interface Module
3 Use of an Integrated Performance Validation Facility
4 Use of a Computerized Software Tool to generate the Requirements
Traceability Matrix (RTM)
5 Redundancy of control rod control system to minimize potential for SPV
6 Certification of Safety Qualified Platform
7 Development Process for Programmable Logic Devices
8 Fault tolerant PPS structure of 2 BP and 3 CP
Technical completeness of digitalized MMIS
Self confidence on reliability and safety of MMIS
Large scale stimulated digital MMIS prototype and
more than 3 years operation and verification efforts
were recognized
Shin-Ulchin 1&2 MMIS Configuration
Shin-Ulchin 1&2
RCR: Radwaste Control Room
LCR: Local Control Room
TSC: Technical Support Room
RSR: Remote Shutdown Room
MTP: Maintenance & Test Panel
OM: Operator Module
ES: Engineer Station
PCS: Power Control Sys
NAPS: Nuclear Application Prog. SW
CPS: Computerized Procedure Sys
SODP: Shutdown Overview Display Panel
NPCS: NSSS Process Control Sys
HDSR: Historical Data Storage & Retrieval Sys
FIDAS: Fixed Incore Detector Amplifier Sys
CEDMCS: Control Element Drive Mechanism Control Sys
Sys Design by KHNP
Sys Design by Doosan
Sys Design by T/G Supplier
NSSS I&C integrated in MMIS-BOP
Hardware
MCR
PPS/
RCOPS OM QIAS-P DIS
MCR
Safety
Console
Operator
Console LDP
RSR
RSC SODP
TSC/
EOF
Monitoring
Console ES
• RPS
• ESFAS
• RCOPS
• Power Elec
Equip
ENFMS
RSPT
RTSG
PPS Sensor
Excore Det.
ICI
NIMS Sensor
CEDM Coil
MG-Set
• BOP Control
- NPCS
- DPS
• Database
• HDSR
• CPS
• NAPS
• BOP ESFAS
• Load Seq
Diverse Manual ESF Actuation
Sensor
Actuator
Sensor
Actuator
RCR/
LCR
Operator
Console
- RRS
- RPCS
- CEDMCS
• RMS-N
• RCPSSSS
• NIMS
• FIDAS
• QIAS-P NSSS
ESFAS NAPS
Server
MCR
T/G MMI
Sensor/
Actuator
NSSS-I&C MMIS-BOP
PPS NSSS Mon
Sys
PCS Process-CCS IPS QIAS-N ESF-CCS T/G Control
&
Monitoring
System
PCS
• RMS-B
• CMS
• SMS
• CCTV
• VMS
Sensor/
Actuator
BOP
Mon Sys
CPTR RM
11
KRN1,2 CRCS
UCN1,2 DRCS&DRPI
- CRCS is designed for driving 3-coil type CRDM in a nuclear power plant. The CRCS controls the rod motion by driving CRDM in
response to signals from the MCR and the RCS
(Reactor Control System).
- CEDMCS is designed for driving 4-coil type CEDM in a nuclear power plant. The CEMDCS controls the rod motion (withdrawal, insertion or hold) by driving CEDM in response to signals from the MCR (Main Control Room) and the RRS
YGN3,4 CEDMCS
KRN, UCN, YGN CRCS Replacement
DOOSAN’s Rod Control System
•12
DOOSAN’s Rod Control System
Existing CEDMCS/CRCS
Analog and old-fashioned design with obsolete components
A large numbers of SPV components
Difficult on-line maintenance by big drawer type and wall-mounted power module design
Needs for additional diagnostic facilities to keep the system healthy
13
Old type CRCS for 3-coil:
Wall mount type power module/Areva/Framatom
Old type CEDMCS for 4-coil:
Big drawer type power module/WEC System
DOOSAN’s Rod Control System
Design Improvement of CEDMCS
Modernization Scope : Power Cabinet, Logic Cabinet, Aux Cabinet & MCB Equipment(OM,
CEAP, RPCCP)
14
Replacement
Modernization Scope PSA - SCR - Fuse - Electronic
circuit
Logic/Aux Cabinet
Operator Module
CEA
Re-Use - Drive Coil - RSPT - MG-Set
Logic Card Cage : Consist with ACTM,
electronic card and
filter panel
DOOSAN’s Rod Control System
CEDMCS Installation
CEDMCS consists of three(3) Logic Cabinets for communication with MCB, ten(10) Power
Switch Cabinets for control of CEDM, two(2) Aux Cabinets for monitoring of RSPT and
one(1) DC Hold Cabinet for prevention of inadvertent trip.
15
DOOSAN’s Rod Control System Design improvement of CEDMCS/CRCS
State-of-the art Design using redundancy scheme
Fault-tolerant Design by SPV Analysis (Zero SPV design)
Improvement of the rod drop protection using automatic DC hold and Double hold function
Improvement of on-line maintainability
Self-diagnostic Features
16
Renovation of YGN unit3 &4
(4-coil type CEDMCS/WEC) Renovation of UCN unit1 &2
(3-coil type DRCS/Areva/Framatom)
Renovation of KRN unit1 &2
(3-coil type CRCS)
Enhancement of the Maintainability
- Easy Replacement of modules
- MMI for Maintenance
Retrofitting for operating NPP
- Removal & Installation
- Testing & Start-up Operation
Enhancement of the Reliability
- CEDM Mock-up & R-L Load for Test
- I/O Simulator for Test
DOOSAN’s Rod Control System
Design Feature of CEDMCS (Controller)
17
Obsolescence CEDMCS Brand-new CEDMCS
Power Cabinet Controller (ACTM)
Logic Cabinet Controller (Modicon PLC) Power Cabinet Controller
(PCU)
Logic Cabinet Controller (Quantum PLC)
Old-Mixed with analog and digital
Partially redundant architecture
Complex architecture due to hard-wired signal
communication
Weakness of diagnostic function
Advanced fully digitalized controller (State-of-Art)
Fully redundant architecture (Hot Swap applicable)
Easy maintenance with network communication with MTP
including on-line maintenance
Enhance self-diagnostic capability
DOOSAN’s Rod Control System
Design Feature of CEDMCS (Circuit)
18
Obsolescence CEDMCS Brand-new CEDMCS
Inadvertent trip
Difficulty for maintenance due to complex architecture
with vertical arrangement of components
Gating power from MG-Set
Open loop voltage control with periodic calibration
Difficult maintenance due to heavy PSA
No CGHV(Continuous Gripper High Voltage) using
monitoring algorithm and redundant zero detection
EMI Improvement/No logic card in PCM
DC gating power
Closed loop current control with protection circuit
Easy replacement with light weight of PCM
Power Switch Ass'y (PSA) Power Converter Module (PCM)
Cyber Security
Applicable Regulations
KINS/GT-N27, “Cyber Security of Digital Instrumentation Control Systems in Nuclear Facilities.”, Korea Institute of Nuclear Safety
Reg. Guide 1.152, Rev. 2, “Criteria for Use of Computers in Safety systems of Nuclear Power Plants”, U.S. Nuclear Regulatory Commission
Applicable coverage
Monitoring and control system which performs safety function
Digitalized equipment for development, test and analysis of safety system
Cyber threat analysis to ensure that it has no impact for safety function
19
LDP Application
20
Design Feature
Monitoring the status of NPP for plant operation in MCR(Main Control Room)
Multi-Screen(4x2) for Fixed Display Section to enhance the visibility of operator
Seamless screen Fixed Display Section to prevent identification error of operator
Color, Brightness, Contrast, Anti-glare spec in accordance with HFE(Human Factor
Engineering) guide line
Seismic Category II (IEEE 344)
Seismic requirements for the operator’s safety due to the missle impact by LDP screen (Reg
Guide 1.29)
LDP Application
21
Design Improvement
Customized Design for severe seismic requirement
Enhance maintenance ability
1. Screen Improvement
Screen bracket changed with screen guard
Easy replacement of the screen
SKN3,4 SUN1,2
2. Slide Mounting Type Screen
Prevent cracking the screen
Maintenance ability
Easy replacement during operation
LDP Application
22
Seismic Qualification
Passed SUN1,2 FRS(5 OBE, 1 SSE)
Prototype Full Assembly
Implication
Continuous design improvement is needed
Reflecting advanced technology of display, regulation requirement to be specific in detail.
FPGA application for NPP
23
FPGA Controller developed by DOOSAN
Simple circuit configuration
Fast calculation due to parallel architecture
Flexibility for design environment
Easy V&V for the application software due to absence of operating system
Response to Fukushima Event
24
Description
• DID strategy enhancement • Independence of licensing body with specialty • Safety design philosophy preventing severe accident - design basis for natural disaster - diversity and reliability • Public acceptability regardless with safe design (analyzed value)
Safety philosophy
• Enhance the realistic ability to cope with severe accident • Various severe accident scenarios, including improvement of procedures • Reinforce the monitoring system such as instruments to cope with • Enhancing communication system for accident of NPP
Severe accident Ability & Emergency
Response System
• Constitution of safety culture and independent assessment. • Enhancing safety Research and Development • Promote understanding with sharing of the results
Nuclear safety foundation
IAEA TM on AMS (Accident Monitoring
System
• Period : May 6-9, 2013 • Place : Doosan Heavy Industries & Construction Co. Nuclear I&C H/Q • Sharing about best practices & strategies of Accident Management •Discuss about Operating experience, Knowledge, Practices, Design, Implementation and Issue & the challenges of Accident Monitoring Systems
Recommendation
25
Digitalized MMIS for NPP with safety, reliability and maintenance ability
Modernization of NPP with digitalized MMIS
Based on unification design of PLC/DCS Platform, fully digitalized MMIS system replacement is recommended.
Considering overhaul schedule and limited installation period, the scale of target systems should be selected at each phase in detail.
Integrated MMIS prototype facility could be used.
Licensing requirements for cyber security
Technical standard and strict requirement for cyber security including penetration test is essential for PJT execution in advance.
Seismic requirements for LDP
Operator’s safety coverage during seismic event
Just falling down of LDP screen not be considered as missile hazard behavior
3rd party controller for NPP using FPGA platform
Practice for Verification method for the commercial tool for FPGA logic transplant should be shared
Fault detection and self-diagnostic method suited for the FPGA platform should be shared also