阅读说明：本技术 一种用于执行核电站安全功能的安全自动化系统及方法 (safety automation system and method for executing safety function of nuclear power station ) 是由 周叶翔 王巧燕 梁玲 程琴 任立永 杨震 田亚杰 江辉 邓天 彭华清 刘光明 于 2019-09-04 设计创作，主要内容包括：本发明公开了一种用于执行核电站安全功能的安全自动化系统及方法,该安全自动化系统包括：SPC子系统、SAC子系统和CIC子系统,SPC子系统包括多个独立的SPC控制列,每个SPC控制列与一个对应的核电工艺设备列连接；SAC子系统包括多个独立的SAC控制列,每个SAC控制列均与一个对应的SPC控制列连接；CIC子系统包括多个独立的CIC控制列,每个CIC控制列均分别与一个对应的SAC控制列和一个对应的核电工艺设备列的执行机构连接,用于实现在对应的SAC控制列的控制下,对所对应的核电工艺设备列的执行机构进行安全控制。本发明实现了安全自动化系统与保护系统控制路径的独立性设计,满足国际标准中有关不同安全级仪控系统间的独立性要求,安全功能满足单一故障原则。(The invention discloses a safety automation system and a method for executing the safety function of a nuclear power station, wherein the safety automation system comprises: the system comprises an SPC subsystem, an SAC subsystem and a CIC subsystem, wherein the SPC subsystem comprises a plurality of independent SPC control columns, and each SPC control column is connected with one corresponding nuclear power process equipment column; the SAC subsystem comprises a plurality of independent SAC control columns, and each SAC control column is connected with one corresponding SPC control column; the CIC subsystem comprises a plurality of independent CIC control columns, each CIC control column is respectively connected with a corresponding SAC control column and an actuating mechanism of a corresponding nuclear power process equipment column, and the CIC control columns are used for safely controlling the actuating mechanisms of the corresponding nuclear power process equipment columns under the control of the corresponding SAC control columns. The invention realizes the independence design of the control paths of the safety automation system and the protection system, meets the independence requirements among instrument control systems with different safety levels in international standards, and has the safety function meeting the single failure principle.)

1. A safety automation system for performing safety functions in a nuclear power plant, comprising:

The SPC subsystem comprises a plurality of independent SPC control columns, and each SPC control column is connected with one corresponding nuclear power process equipment column and is used for independently collecting measurement signals of the corresponding nuclear power process equipment column on site;

The SAC subsystem comprises a plurality of independent SAC control columns, and each SAC control column is connected with one corresponding SPC control column and is used for acquiring the measurement signals acquired by the corresponding SPC control column on site;

And the CIC subsystem comprises a plurality of independent CIC control columns, each CIC control column is respectively connected with a corresponding SAC control column and an actuating mechanism of a corresponding nuclear power process equipment column, and is used for safely controlling the actuating mechanism of the corresponding nuclear power process equipment column under the control of the corresponding SAC control column.

2. the safety automation system set forth in claim 1, further comprising:

the DTC subsystem comprises a plurality of independent DTC control columns, each DTC control column is connected with a corresponding SAC control column, and the plurality of independent DTC control columns are connected through safety-level point-to-point communication and used for realizing mutual communication among the plurality of SAC control columns;

The DTC subsystem is also connected with other instrument control systems and is used for realizing signal transmission between the safety automation system and the other instrument control systems.

3. The safety automation system set forth in claim 1, wherein the SAC subsystem comprises: each SAC control column is connected with a corresponding SPC control column through a hard wire, connected with a corresponding CIC control column through a security level IO bus and connected with a corresponding DTC control column through a security level communication ring network, and the control function from the control to the safe shutdown stage in the design benchmark accident of the nuclear power plant is achieved.

4. the safety automation system of claim 2, the DTC subsystem comprising: each DTC control column is connected with a corresponding SAC control column through a security level communication ring network and is also connected with the other two DTC control columns through point-to-point communication respectively.

5. the safety automation system set forth in claim 1, wherein the CIC subsystem comprises: each CIC control column is connected with a corresponding SAC control column through a security level IO bus and is also connected with other instrument control systems through hard wiring.

6. The safety automation system set forth in claim 1, wherein the SPC subsystem comprises: and each SPC control column is connected with a corresponding SAC control column through hard wiring and is also connected with other instrument control systems through hard wiring.

7. the safety automation system set forth in claim 2, further comprising:

the CCMC subsystem comprises a plurality of independent CCMC control columns, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column and used for calculating the monitoring parameters after the complex accident.

8. The safety automation system set forth in claim 7, wherein the CCMC subsystem comprises: the CCMC control columns are connected with each other through security level point-to-point communication, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column through a security level communication ring network.

9. The safety automation system set forth in claim 7, further comprising:

an HMI, the HMI including:

The safety level control and information display module is respectively connected with the SAC subsystem and the DTC subsystem and is used for realizing the manual operation and information display functions of the safety automation system;

and the post-accident monitoring display module is connected with the CCMC subsystem and is used for displaying post-accident monitoring parameters.

10. The safety automation system set forth in claim 9 wherein the safety level control and information display module comprises: 3 independent security level control and information display control columns, wherein each security level control and information display control column is respectively connected with a corresponding SAC control column and a corresponding DTC control column;

the post-accident monitoring display module comprises: and 2 independent post-accident monitoring display control columns, wherein each post-accident monitoring display control column is respectively connected with one corresponding CCMC control column.

11. a safety automation method for performing safety functions of a nuclear power plant, comprising the steps of:

Independently acquiring measurement signals of corresponding nuclear power process equipment columns on site;

Acquiring a measurement signal acquired on site by the corresponding SPC control column;

and under the control of the corresponding SAC control column, safely controlling an actuating mechanism of the corresponding nuclear power process equipment column.

12. the safety automation method according to claim 11, wherein the field independent acquisition of the measurement signal of the corresponding nuclear power process equipment train, the acquisition of the measurement signal acquired by the corresponding SPC control train on site, and the safety control of the actuator of the corresponding nuclear power process equipment train under the control of the corresponding SAC control train are performed by:

Establishing an SPC subsystem, an SAC subsystem and a CIC subsystem, wherein the SPC subsystem comprises a plurality of independent SPC control columns, and each SPC control column is connected with one corresponding nuclear power process equipment column; the SAC subsystem comprises a plurality of independent SAC control columns, and each SAC control column is connected with one corresponding SPC control column; the CIC subsystem comprises a plurality of independent CIC control columns, and each CIC control column is respectively connected with a corresponding SAC control column and an actuating mechanism of a corresponding nuclear power process equipment column;

Independently acquiring measurement signals of corresponding nuclear power process equipment columns on site through each SPC control column;

Acquiring a measurement signal acquired by a corresponding SPC control column on site through each SAC control column;

and under the control of the corresponding SAC control column, the CIC subsystem carries out safety control on an actuating mechanism of the corresponding nuclear power process equipment column.

13. The safety automation method set forth in claim 12 further comprising the steps of:

the method comprises the steps that a DTC subsystem is established, the DTC subsystem comprises a plurality of independent DTC control columns, each DTC control column is connected with a corresponding SAC control column, the plurality of independent DTC control columns are connected through safety-level point-to-point communication, and the DTC subsystem is further connected with other instrument control systems;

the mutual communication among a plurality of SAC control columns is realized through each DTC control column;

And signal transmission with other instrument control systems is realized through the DTC subsystem.

14. The safety automation method of claim 12, wherein the SAC subsystem comprises: each SAC control column is connected with a corresponding SPC control column through a hard wire, connected with a corresponding CIC control column through a security level IO bus and connected with a corresponding DTC control column through a security level communication ring network, so that the control function from the control to the safe shutdown stage in the design basis accident of the nuclear power plant is realized.

15. The safety automation method of claim 13, wherein the DTC subsystem comprises: each DTC control column is connected with a corresponding SAC control column through a security level communication ring network and is also connected with the other two DTC control columns through point-to-point communication respectively.

16. The safety automation method set forth in claim 12, wherein the CIC subsystem comprises: each CIC control column is connected with a corresponding SAC control column through a security level IO bus and is also connected with other instrument control systems through hard wiring.

17. the safety automation process of claim 12, the SPC subsystem comprising: and each SPC control column is connected with a corresponding SAC control column through hard wiring and is also connected with other instrument control systems through hard wiring.

18. The safety automation method set forth in claim 13 further comprising the steps of:

establishing a CCMC subsystem, wherein the CCMC subsystem comprises a plurality of independent CCMC control columns, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column;

and calculating the monitoring parameters after the complex accident through each CCMC control column.

19. the safety automation method set forth in claim 18, wherein the CCMC subsystem comprises: the CCMC control columns are connected with each other through security level point-to-point communication, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column through a security level communication ring network.

20. the safety automation method set forth in claim 18 further comprising the steps of:

establishing an HMI (human machine interface), wherein the HMI comprises a security level control and information display module and a post-accident monitoring display module, the security level control and information display module is respectively connected with a SAC (self-service computer control) subsystem and a DTC (digital control transmitter) subsystem, and the post-accident monitoring display module is connected with a CCMC (controller and controller card) subsystem;

the manual operation and information display functions of the safety automation system are realized through the safety level control and information display module;

and displaying post-accident monitoring parameters through the post-accident monitoring display module.

21. the safety automation method set forth in claim 20, wherein the safety level control and information display module comprises: 3 independent security level control and information display control columns, wherein each security level control and information display control column is respectively connected with a corresponding SAC control column and a corresponding DTC control column;

the post-accident monitoring display module comprises: and 2 independent post-accident monitoring display control columns, wherein each post-accident monitoring display control column is respectively connected with one corresponding CCMC control column.

Technical Field

The invention relates to the technical field of nuclear power station instrument control system design, in particular to a safety automation system and a safety automation method for executing a safety function of a nuclear power station.

Background

The Safety Automation System (SAS) of a nuclear power plant reactor is one of the key instrumentation and Control systems (I & C) of a nuclear power plant, and its structural design is closely related to the overall design, Safety classification, and design of a Distributed Control System (DCS) platform.

however, the safety automation system of the existing nuclear power station executes the automatic control of safety level and safety related level, the protection function of the nuclear power station and the safety function of lower level share a control path, and the safety automation system and the protection system are not independently designed, so that the reliability of the protection system cannot be ensured, and the requirement of the independent design of instrument control systems of different safety levels in international regulations cannot be met.

disclosure of Invention

to solve the problems of the prior art, the present invention provides a safety automation system and method for performing safety functions of a nuclear power plant.

The technical scheme of the invention for solving the technical problems is as follows:

In one aspect, a safety automation system for performing safety functions of a nuclear power plant is provided, comprising:

the SPC subsystem comprises a plurality of independent SPC control columns, and each SPC control column is connected with one corresponding nuclear power process equipment column and is used for independently collecting measurement signals of the corresponding nuclear power process equipment column on site;

the SAC subsystem comprises a plurality of independent SAC control columns, and each SAC control column is connected with one corresponding SPC control column and is used for acquiring the measurement signals acquired by the corresponding SPC control column on site;

and the CIC subsystem comprises a plurality of independent CIC control columns, each CIC control column is respectively connected with a corresponding SAC control column and an actuating mechanism of a corresponding nuclear power process equipment column, and is used for safely controlling the actuating mechanism of the corresponding nuclear power process equipment column under the control of the corresponding SAC control column.

the safety automation system of the present invention further includes:

the DTC subsystem comprises a plurality of independent DTC control columns, each DTC control column is connected with a corresponding SAC control column, and the plurality of independent DTC control columns are connected through safety-level point-to-point communication and used for realizing mutual communication among the plurality of SAC control columns;

The DTC subsystem is also connected with other instrument control systems and is used for realizing signal transmission between the safety automation system and the other instrument control systems.

in the safety automation system according to the present invention, the SAC subsystem includes: each SAC control column is connected with a corresponding SPC control column through a hard wire, connected with a corresponding CIC control column through a security level IO bus and connected with a corresponding DTC control column through a security level communication ring network, and the control function from the control to the safe shutdown stage in the design benchmark accident of the nuclear power plant is achieved.

In the safety automation system according to the present invention, the DTC subsystem includes: each DTC control column is connected with a corresponding SAC control column through a security level communication ring network and is also connected with the other two DTC control columns through point-to-point communication respectively.

In the above safety automation system of the present invention, the CIC subsystem includes: each CIC control column is connected with a corresponding SAC control column through a security level IO bus and is also connected with other instrument control systems through hard wiring.

in the safety automation system according to the present invention, the SPC subsystem includes: and each SPC control column is connected with a corresponding SAC control column through hard wiring and is also connected with other instrument control systems through hard wiring.

The safety automation system of the present invention further includes:

the CCMC subsystem comprises a plurality of independent CCMC control columns, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column and used for calculating the monitoring parameters after the complex accident.

In the above safety automation system of the present invention, the CCMC subsystem includes: the CCMC control columns are connected with each other through security level point-to-point communication, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column through a security level communication ring network.

The safety automation system of the present invention further includes:

an HMI, the HMI including:

The safety level control and information display module is respectively connected with the SAC subsystem and the DTC subsystem and is used for realizing the manual operation and information display functions of the safety automation system;

and the post-accident monitoring display module is connected with the CCMC subsystem and is used for displaying post-accident monitoring parameters.

in the safety automation system of the present invention, the safety level control and information display module includes: 3 independent security level control and information display control columns, wherein each security level control and information display control column is respectively connected with a corresponding SAC control column and a corresponding DTC control column;

The post-accident monitoring display module comprises: and 2 independent post-accident monitoring display control columns, wherein each post-accident monitoring display control column is respectively connected with one corresponding CCMC control column.

in another aspect, a safety automation method for performing a safety function of a nuclear power plant is provided, including the steps of:

independently acquiring measurement signals of corresponding nuclear power process equipment columns on site;

Acquiring a measurement signal acquired on site by the corresponding SPC control column;

and under the control of the corresponding SAC control column, safely controlling an actuating mechanism of the corresponding nuclear power process equipment column.

In the above safety automation method of the present invention, the field-independent acquisition of the measurement signal of the corresponding nuclear power process equipment train, the acquisition of the measurement signal of the corresponding SPC control train, and the safety control of the actuator of the corresponding nuclear power process equipment train under the control of the corresponding SAC control train are performed as follows:

Establishing an SPC subsystem, an SAC subsystem and a CIC subsystem, wherein the SPC subsystem comprises a plurality of independent SPC control columns, and each SPC control column is connected with one corresponding nuclear power process equipment column; the SAC subsystem comprises a plurality of independent SAC control columns, and each SAC control column is connected with one corresponding SPC control column; the CIC subsystem comprises a plurality of independent CIC control columns, and each CIC control column is respectively connected with a corresponding SAC control column and an actuating mechanism of a corresponding nuclear power process equipment column;

Independently acquiring measurement signals of corresponding nuclear power process equipment columns on site through the SPC subsystem;

acquiring a measurement signal acquired on site by a corresponding SPC control column through the SAC subsystem;

and under the control of the corresponding SAC control column, the CIC subsystem carries out safety control on an actuating mechanism of the corresponding nuclear power process equipment column.

The safety automation method of the invention further comprises the following steps:

The method comprises the steps that a DTC subsystem is established, the DTC subsystem comprises a plurality of independent DTC control columns, each DTC control column is connected with a corresponding SAC control column, the plurality of independent DTC control columns are connected through safety-level point-to-point communication, and the DTC subsystem is further connected with other instrument control systems;

the mutual communication among a plurality of SAC control columns is realized through each DTC control column;

And signal transmission with other instrument control systems is realized through the DTC subsystem.

in the above safety automation method of the present invention, the SAC subsystem includes: each SAC control column is connected with a corresponding SPC control column through a hard wire, connected with a corresponding CIC control column through a security level IO bus and connected with a corresponding DTC control column through a security level communication ring network, so that the control function from the control to the safe shutdown stage in the design basis accident of the nuclear power plant is realized.

in the above safety automation method of the present invention, the DTC subsystem includes: each DTC control column is connected with a corresponding SAC control column through a security level communication ring network and is also connected with the other two DTC control columns through point-to-point communication respectively.

in the above safety automation method of the present invention, the CIC subsystem includes: each CIC control column is connected with a corresponding SAC control column through a security level IO bus and is also connected with other instrument control systems through hard wiring.

in the above safety automation method according to the present invention, the SPC subsystem includes: and each SPC control column is connected with a corresponding SAC control column through hard wiring and is also connected with other instrument control systems through hard wiring.

The safety automation method of the invention further comprises the following steps:

establishing a CCMC subsystem, wherein the CCMC subsystem comprises a plurality of independent CCMC control columns, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column;

And calculating the monitoring parameters after the complex accident through each CCMC control column.

In the above safety automation method of the present invention, the CCMC subsystem includes: the CCMC control columns are connected with each other through security level point-to-point communication, and each CCMC control column is connected with a corresponding SAC control column and a corresponding DTC control column through a security level communication ring network.

the safety automation method of the invention further comprises the following steps:

establishing an HMI (human machine interface), wherein the HMI comprises a security level control and information display module and a post-accident monitoring display module, the security level control and information display module is respectively connected with a SAC (self-service computer control) subsystem and a DTC (digital control transmitter) subsystem, and the post-accident monitoring display module is connected with a CCMC (controller and controller card) subsystem;

The manual operation and information display functions of the safety automation system are realized through the safety level control and information display module;

And displaying post-accident monitoring parameters through the post-accident monitoring display module.

in the above safety automation method of the present invention, the safety level control and information display module includes: 3 independent security level control and information display control columns, wherein each security level control and information display control column is respectively connected with a corresponding SAC control column and a corresponding DTC control column;

The post-accident monitoring display module comprises: and 2 independent post-accident monitoring display control columns, wherein each post-accident monitoring display control column is respectively connected with one corresponding CCMC control column.

The technical scheme provided by the embodiment of the invention has the following beneficial effects:

According to the invention, through the independent design of each control path in the reactor safety automatic system of the nuclear power station, the control paths are not influenced mutually, the independent design of the control paths of the safety automatic instrument control system and the protection system can be realized, and the independence requirements of instrument control systems with different safety levels in international standards are met; the three-row control corresponds to the three-row process system, so that the safety function controlled to the safe shutdown period can meet the single fault principle; the inter-column communication between the safety automation systems can be realized, the capacity of realizing the grouping control of different column devices and the redundancy attenuation display design between different columns can be realized, and the hard wiring scale between different columns can be obviously reduced; in addition, the safety automation system is integrated to realize the post-accident monitoring function, and the DCS platform structure and the control path of the nuclear power plant are simplified.

drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.

FIG. 1 is a schematic diagram of a safety automation system for performing safety functions of a nuclear power plant according to an embodiment of the present invention;

FIG. 2 is a diagram illustrating an example of a safety automation system for performing safety functions of a nuclear power plant according to an embodiment of the present invention;

Fig. 3 is a flowchart of a safety automation method for performing a safety function of a nuclear power plant according to a second embodiment of the present invention.

Detailed Description

in order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.