ML091050332
| ML091050332 | |
| Person / Time | |
|---|---|
| Site: | Oconee  |
| Issue date: | 04/03/2009 |
| From: | Duke Energy Carolinas |
| To: | Office of Nuclear Reactor Regulation |
| References | |
| Download: ML091050332 (23) | |
Text
TSC 2007-09, Supplement 15 April 3, 2009 Page 1 - Non-Proprietary AREVA NP and Duke Documents
- 1. AREVA NP presentation entitled TELEPERM XS On-line Self-monitoring (non-proprietary version
- 2. ISTec and TUV Nord Certificate No. TXS-SUE-0802-02 for the Digital Safety Instrumentation and Control System TELEPERM XS Software: Self Test, Version 2.00, dated August 14, 2002
_J1
>AREVA NP GmbH ° TELEPERMXS Self-monitoiing, NLTD-G 2008-12-08
- .}AREIVA NP nonpropnietan.y
TELE7PERM XS On-line Selfomonitorng
- T-U!"111
>AREVA NP GmbH,
TELEPERM XS Self-monitoting. NL TD-G 2008-12-08
@AREVA NP nonproprfeta,"y
Onine moonFeatureS
( Ovre~rview
> Self-test of CPU module:
> Exception-Handler:
- Startup self-test Cyclic self-test
> Watchdog
> Cabinet monitoring device:
> Error detection by the runtime environment:
> Engineered monitoring features 8-12-08
© AREVA NP nonproprietary
> AREVA NP GmbH -
'TELEPERMXS Self-monitoring, NLTD-G 200
CPU Self-test Software Purpose and structure
> Automatically checks the operability of CPU board hardware
> Running on each CPU IM during startup 0 "start-up self-test" executing the full scope of implemented self-tests M cyclically during operation 0 "cyclic self-test", implemented in the self-test task (background process)
Cyclic sequence of individual test-steps processed during phase 8 of the CPU processing cycle 0 Contains those kinds of implemented self-tests, which can be performed during cyclic operation of the CPU AREVA NP GmbH TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
ýiD AREVA NP nonproprietary 4
TELEPERM XS Operation Strictly Cyclic Processing
~Service Tas~ks I Read Input Data activation of input drivers m activation of receive channels 7 Write Output-Data.
" activation of output drivers
" activation of send channels Input Checks of Messages CRC check sequence check Prepare Output Messages CRC computation sequence increment 3 Function Diagram Group Input Function 5 Function Diagram Group Output Function I Typical Cycle Time: 50 ms I
> AREVA NP GmbH TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
@' AREVA NP nonproprietary 5
CPU Startup Self-test and Cyclic Self-oest Scope of tests (1)
Test startup selftest cyclic selftest type of test
.1 1
1
> ARE VA NP GmbH TEL EPERMXS Self-monitoring. NLTD-G 2008-12-08
© A~FVA NP not tprophetary AREVA NP GmbH -
I TELEPERMXS Self-monitoring. NLFD-G 2008-12-08
-,c.- AREVA NP nonproprietary
Startup Self-test and Cyclic Self-test Scope of tests (2)
Test startup selftest cyclic selftest type of test
+
4
- 4.
+
.4
- 4.
+
> AREVA NP GmbH
- TELEPERMXS Self-monitoring, NLTD-2A 2008-12-08
,Q AREVA NP nonproprietary
Design of Cyclic Self-test Task ARE VA NP GmbH TELEPERMXS Self-monitoring, NLTD-G 2008-12-08
© ARE VA NP nonpropuietan, S
AREVA NP GmbH -
TEL.EPERMXS Self-monitoring, NLTD-G 2008-12-08
-ýcD AREVA NP nonproprietary
Cyclic Self-tests under Interrupt Disable (DI)
DI times measured for SVE2 Self-Test Mask binary Mask HEX DI time [jis]
4 4
4.
4 4
1" 4
4
.4-
> ARE VA NP Gm~H TELEPERM KS Self-monitoring. NL TO-G 2008-12-08
© ARE VA NP nonpropnetany 9
> AREVA NP GmbH -
TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
ýKD AREVA NP nonproprietary
On-line Self-monitoring Features Watchdog
- Clocked by oscillator that is independent from the processor clock oscillator
- Triggered once every processing cycle
- In case of watchdog activation:
EM activate exception handler ARE VA PJP GmbH TELEPERMXS Seff-monitoring. NLTD-G 2OO8~12-O8 0 ARE VA NP nonproprietary 10
> AREVA NP GmbH
- TELEPERMXS Self-monitoring, NLTD-G 2008-12-08 cl AREVA NP nonproprietary 10
On-line Self-monit oring Features Error Detection by the Runtime Environment (1)
> System errors detected during the cycle activities are indicated on the TXS service unit error codes description i
> Fault indication (error flag) also available on the level of engineered function diagrams (via FB RTE-OUTPUT)
> The system error messages are described in the TELEPERM XS system platform user documentation AREVA NP GmbH
-,i EL-PERMXS Self-monitoring. NL TD-G 2008-12-08 AREVA NP nonpropactary i1 i
On-line Self-monitoring Features Error Detection by the Runtime Environment (2)
> Communication Monitorina:
ARE VA IVP GmbH' TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
© ARE VA NP non proprietaly 12
> AREVA NP GmbH -
TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
-3c AREVA NP nonproprietary 12
rOrion bntimenvo n Features Error Detection by the Runtime Environment (3)
AREVA NP GmbH -
TELEPERMXS Self-monitoring, NLTD-G 2008-12-08 AREIVA NP nonproprierary 13
On-line Self-monitorng Features Cabinet Monitoring Device
> BASP/WDG alarm
> SBGx fan monitoring alarm r
Cabinet door monitoring alarm
-I Plug-in monitoring alarm r
Power supply monitoring
> AREVA NP GmbH
- TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
,ý(D AREVA NP nonproprietary 14
On-line Self-monitoring Features Engineered Monitoring Features
> AREVA NP GmbH -
TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
,ýcD AREVA NP nonpropfietary 15
Purpose of Self-omnitorng Features ARE VA NP GmbH TELEPERMXS Self-monitoring. NLTD-G 2008-12-08
© APE VA NP non proprietan/
16 AREVA NP GmbH,
TELEPERMXS Self-monitoring, NLTD-G 2008-12-08
'D AREVA NP nonproprietary 16
Indication of Self-monitoring Features Failures
> The Runtime Environment (RTE) continuously monitors the operation of the cyclic self-test.
> The communication partners monitor the cyclic operation of the RTE, based on age monitoring of received messages.
ARE VA NP GmbH TELEPERM XS Self-monitoring. NLTD-G 2008-12-08
© ARE VA NP nonproprietan/
17
> AREVA NP GmbH -
TELEPERM XS Self-monitoring, NL TD-G 2008-12-08 (t,)' AREVA NP nonproprietary 17
On-line Self-omnitoring Features Cannot Corrupt Safety Functions in the operating TELEPERM X.S applications, the cyclic self-test has never degraded the safety function.
AREVA NP GmbH,
TELEPERMXS Self-monitoring. NLTD-G 2008-12-08 Cc' AREVA NP nonpropfietary 18
.0-
!Srec Certificate for the Digital Safety Instrumentation and Control System TELEPERM XS Software Certificate No.:
SW-Component:
Manufacturer:
Kind of Test:
Test Report:
Requirements:
Orderer:
Main Contractor:
Project Management:
Test Laboratory:
Test Period:
Test Result:
Datum:
Assessor:
TXS-SUE-0802-02 Self test, V2.00 dated 29.06.2001, (List of documents, module names and versions as well as CRC sums: see appendices 1 to 3)
Siemens AG, I&S IS EDM D&D Type test analogous to KTA 3503 and in compliance with IEC 60880 including evaluation of the test runs performed in a test environment "Supplementary technical test report on the type test of the Self Test for Computers of the Digital Safety I&C System TELEPERM XS", V2.00, ISTec GmbH Garching and TOV Nord Hamburg, August 2002 see test report Bayerisches Staatsministerium fir Landesentwicklung und Umweltfragen Institut ffir Sicherheitstechnologie (ISTec) GmbH, Garching Institut fJr Sicherheitstechnologie (ISTec) GmbH, Garching Institut fOr Sicherheitstechnologie (ISTec) GmbH, Garching TOV Nord e.V., Hamburg September 2001 till August 2002 The test has been passed according to the test report above.
1 4 th August 2002 A. Lindner E.-U. Mainka Project Leader:
...... a y.
M. Kersken (ISTec)
z~
!Srec Certificate for the Digital Safety Instrumentation and Control System TELEPERM XS Software Certificate No:
TXS-SUE-0802-02 Appendix 1:
Development documents:
SILT-Lastenheft Selbst0berwachung Pflichtenheft Selbstuberwachung fOr Rechner in der digitalen Sicherheitsleittechnik Design-/Implementierungsunterlage Selbst0berwachung fOr Rechner in der digitalen Sicherheitsleittechnik Testspezifikation Selbst0berwachung fOr Rechner in der digitalen Sicherheitsleittechnik Erganzung Testspezifikation,Selbst(Jberwachung for Rechner in der digitalen Sicherheitsleittechnik Testbericht SelbstUberwachung fOr Rechner in der digitalen Sicherheitsleittechnik V 1.00 V 2.00 22.06.94 19.05.00 V 2.00 13.09.01 V 2.00 20.09.01 V 2.00 17.10.01 V 1.03 06.07.01 Appendix 2:
List of the C-and Assembler source files of the Self Test for Computers of the Digital I&C System TELEPERM XS with status (latest date in the file header and versions no.):
C modules:
S_BGRPO.C (15.01.98, V1.00)
S_BRUECK.C (15.01.98, V1.00)
S_BWD.C (15.01.98, V1.00)
S_CRC.C (27.03.96, V1.00)
S_EA.C (22.05.00, V2.00)
Include files:
S_UTIL.H (15.01.98, V1.00)
S_TEST.H (05.04.01, V2.00)
S_CONFIG.H (21.02.01, V2.00)
[Srec Certificate for the Digital Safety Instrumentation and Control System TELEPERM XS Software Certificate No:
TXS-SUE-0802-02 C modules:
S_FLASH.C (22.05.00, V2.00)
S_GEOPAR.C (27.03.96, V1.00)
S IOR.C (27.03.00, V2.00)
SLED.C (15.01.98, V1.00)
S_NDP.C (15.01.98, V1.00)
S_RAM.C (15.01.98, V1.00)
S_SIR.C (27.03.96, V1.00)
S_SPAD.C (15.01.98, V1.00)
S_SYSPO.C (13.05.97, V1.00)
S_TCount.C (29.06.00, V2.00)
C modules:
S_TIM.C (29.06.01, V2.00)
S_UTIL.C (15.01.98, V1.00)
SAKSP.C (15.01.98, V1.00)
SAMain.C (05.04.01, V2.00)
SASCC.C (15.01.98, V1.00)
SAVIR.C (27.03.96, V1.00)
SB_KSP.C (27.03.96, V1.00)
SBMain.C (29.06.01, V2.00)
SB_SSC.C (05.04.01, V2.00)
SZMain.C (05.04.01, V2.00)
Assembler modules A_UTIL.AH (27.03.96, V1.00)
A_UTIL.ASM (27.03.96, V1.00)
S_CPU.ASM (15.01.98, V1.00)
SBSTRT.ASM (27.03.96, V1.00)
Z
[STeC Certificate for the Digital Safety Instrumentation and Control System TELEPERM XS Software Certificate No:
TXS-SUE-0802-02 Appendix 3:
CRC sums and sizes in i&C System TELEPERM and versions no.):
bytes: Self Test for Computers of the Digital XS with status (latest date in the file header Modules:
S_CONFIG.H S_TEST.H S_BASIS.LNK S_CTRL.LNK Version:
V 2.00 V 2.00 V 2.00 V 2.00 Date:
21.02.2001 05.04.2001 29.06.2001 05.04.2001 Size in bytes:
5.261 38.167 24.975 62.302 CRC sums:
D870 OBEA 63FE B2C5