A flexible architecture for the rapid prototyping of ...
Transcript of A flexible architecture for the rapid prototyping of ...
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
1
A flexible architecture for the rapid
prototyping of control systems in fusion
experiments
July 7, 2010 – ISIE 2010 – Bari – Italy
G. Ambrosino1 M. Banfi2 G. Carannante 1
G. De Tommasi1 A. Mandelli2 A. Pironti11CREATE – Universita di Napoli Federico II
2National Instrument Italy
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
2
Outline
Motivations
Rapid Prototyping of the ITER Central Safety SystemITER overviewSystem requirementsArchitecture overviewExamples
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
3
Development of control systems – V Cycle 1/2
The traditional development cycle of control systems followsthe three phases:
I design
I implementation
I testing
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
4
Development of control systems – V Cycle 2/2
I the design phase ends with the functional requirementspecification;
I the implementation phase starts with the softwarerequirements;
I the test and validation phase is mainly carried outon-site, except for standard single modules testing.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
5
Motivations – 1/2
The V-cicle has several drawbacks:
I Uncertainty of the control system performance:due to the absence of simulation tools;
I Incompleteness in the specification of FunctionalRequirements: plant situations neglected and/or notidentified;
I Mistranslation of the Functional Requirements in SWSpecifications;
I Errors in the Implementation Phase (SW coding andinstallation on dedicated HW) not detected beforeon-site tests;
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
6
Motivations – 2/2
Due to the additional efforts and costs, often thearchitectural design is carried out without anymodeling and simulation support.
However, if
I the system to be controlled is non-conventional or new;
I the required performances are very demanding;
I the plant is not yet available and/or the testing on-siteis very risky;
then the use of modeling and simulation tools duringthe design phase becomes highly recommended.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
7
Design phase with modeling and simulation tools
I A simulation model development cycle runs in parallel with acontrol system development cycle.
I A simplified mathematical model aides the requirementdefinition and the preliminary control design.
I The algorithm validation is carried out by means of detailedsimulations model.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
8
Rapid prototyping
The following step is the Rapid Prototyping:
I The prototypical model is tested against a plantsimulator whose detail level can be chosen by thedesigner.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
9
Prototype of the control system as formal description ofthe requirements
I The high-level description of the prototype representsan unambiguous description of the control systembehaviour.
I It can be used as formal specification of therequirements.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
10
Tools – 1/2
The proposed approach is based on the availability of
I several plant models (at different level of details);
I automatic tools for the rapid prototyping of bothcontrol system and plant simulator.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
11
Tools – 2/2
Once the real implementation of the control system will bedelivered by the contractors, it can be tested against thereal-time simulator before the installation on the plant.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
12
Tokamak
A tokamak is an electromagnetic machine containing a fullyionised gas (plasma) at about 100 million degrees within atorus shaped vacuum vessel. Poloidal and toroidal field coils,together with the plasma current, generate a spirallingmagnetic field that confines the plasma.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
13
ITER
ITER is a joint venture of 7 participant teams (EU plusSwitzerland, Japan, the People’s Republic of China, India,the Republis of Korea, Russia and USA). It has beendesigned to demonstrate the feasibility of fusion energy forpeaceful purposes.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
14
ITER Central Safety System - System Requirements
The functional requirements for the ITER CSS have beenspecified in terms of
I Mitigation Actions - are the actions that must becarried out by the CSS after the occurrence of a safetyrelevant fault. Hence the Mitigation Actions provide thespecification for the control system prototype(CSS-PROT).
I Fault Conditions - are the initiating events that followthe occurrence of relevant faults for nuclear safety. TheFault Conditions represent the specifications for theplant simulator (CSS-OPS).
Example: a safety relevant fault is a malfunction of thecooling system, while the related initiating event can bean overpressure in the pipeline.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
15
Setup 1/3
Two operational setups have been provided
I the offline setup to perform the design of the controlsystem;
I the real-time setup to perform test and validation withhardware-in-the-loop (HIL) simulations.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
16
Setup 2/3
In the offline setup:
I the prototype of the control system is written in a high levellanguage, such as Sequential Functional Charts (SFCs) orStateflow. This is an high level description of the controlsystem functional requirements;
I the whole control system is tested against the plantsimulator.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
17
Setup 3/3
By using automatic code generation (ACG) tools, the control
system prototype and the plant simulator are deployed on
real-time targets, in order to validate the real implementation of
the safety control system by means of HIL simulations.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
18
Experimental setup deployed at ITER for the rapidprototyping of the CSS
I The controller runs on the Siemens PLC.
I The plant simulator runs on the NI Real-Time Target.
I Several users can connect remotely to the HMI to monitoringand/or control (inject faults, switch on manual actions ...).
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
19
High concentration of tritium and/or contaminatedproducts in the Tokamak Gallery
Two Mitigation Actions have to be performedI Service Vacuum Vent Detritiation SystemI Relief to Normal Vent Detritiation System
The specifications for the CSSare described by two SFCs,which represent also a formaldescription of the CSS-PROTbehaviour.
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
20
Offline and HIL simulations
Two different values of the tritium inlet flow in the TokamakGallery are set, at t ∼= 99 s and t ∼= 200 s, respectively. Thefirst change causes the trespass of the guard limit, while thesecond causes the safety limit to be exceeded.
Offline (left) and HIL simulation (right).
A flexiblearchitecture for therapid prototypingof control systems
in fusionexperiments
G. De Tommasi
Outline
Motivations
Rapid Prototypingof the CSS
ITER
Requirements
Setup
Examples
21
Conclusions
I Questions ?
Thank you!