Operation of Target Safety System (TSS)

Slides:



Advertisements
Similar presentations
Electrical, Control and Information Systems in the Enhanced CANDU 6 ® Electrical, Control and Information Systems in the Enhanced CANDU 6 ® Candu – Official.
Advertisements

NERC Lessons Learned Summary December NERC lessons learned published in December 2014 Three NERC lessons learned (LL) were published in December.
Redundant control system (RCS)
Oak Ridge SNS Experimental Facilities X /arb 1 SNS MPS Review Target-MPS Review WBS Ron Battle Target Controls, Target Systems Experimental.
SNS Integrated Control System SNS Machine Protection System EPICS Workshop April 27, 2005 Coles Sibley.
SNS Integrated Control System EPICS Collaboration Meeting SNS Machine Protection System SNS Timing System Coles Sibley xxxx/vlb.
LSST Workshop Bremerton, WA August, LSST Workshop Bremerton, WA August, 2015 Camera Protection System Martin Nordby Chief Mechanical Engineer LSST.
ITER – Interlocks Luis Fernandez December 2014 Central Interlock System CIS v0.
CONTROL OF HAZARDOUS ENERGY. Types of Energy To Be Controlled  Kinetic – Energy of motion  Potential – Energy of position  Electrical – From generated.
MICE Hydrogen Control System MICE Safety Review Meeting 4 th Oct 2011 PJ Warburton - Daresbury Lab.
GIF++ Control System (GCS) Gilles MAIRE PH-DT-DI1.
Overview of the main events related to TS equipment during 2007 Definition Number and category of the events Events and measures taken for each machine.
I & C.
Target Safety System (TSS) Status TAC9 Linda R. Coney Group Leader – Target Safety and Controls April 2-3, 2014.
Status and Plans for the Target Safety System Linda R. Coney Group Leader – Target Safety and Controls April 1-2, 2015.
Personnel Safety Systems Stuart Birch Senior Engineer, Personnel Safety Systems November 6 th, 2014.
ESS Cooling System - Interface with DTL 1 John Jurns Cooling System Engineer.
ESS Cooling System - Interface with RFQ 1 John Jurns Cooling System Engineer.
Machine Protection Systems (MPS) Arden Warner, and Jim Steimel Project X Machine Advisory Committee March 18-19, 2013.
An overview of I&C Systems in APR 1400 Parvaiz Ahmed Khand December 28, 2007.
Machine Protection Requirements and Concept Annika Nordt et al. European Spallation Source ERIC Machine Protection Review, December 2015 Lund, Sweden.
Reliability and Performance of the SNS Machine Protection System Doug Curry 2013.
European Organization for Nuclear Research - Organisation européenne pour la recherche nucléaire CO 2 IBL plant failures 16/06/ /06/2016 O.Crespo-Lopez.
OPERATES SCADA OPERATION SYSTEM Explain the operational SCADA
Combining safety and conventional interfaces for interlock PLCs
Lock Out / Tag Out The Control of Hazardous Energy
Data providers Volume & Type of Analysis Kickers
Presented by Li Gang Accelerator Control Group
LCLS-II 2K Cold Box Controls Design Review
Recent developments in the Vacuum Control Software
How SCADA Systems Work?.
the CERN Electrical network protection system
MAUVE CO2 cooling review
Presented by: LADWP November 14, 2017
Dept. of Nuclear and Quantum Engineering
Module 1: System Overview
SC1R Cold Box PDR Controls
August 23, 2000 R.N. Dubois Dow Chemical
LHCCWG Meeting R. Alemany, M. Lamont, S. Page
Workshop on Accelerator Operations
Charge 2. Equipment Protection 3. Definition and Documentation
RF Local Protection System
PSS1 overview Stuart Birch
BCM-BIS Interface Szandra Kövecses
Ion Source and LEBT control system topology, Interlock strategy
TS2 PSS Architecture, Concepts of Operations and Interfaces
ESS Per Nilsson CFD Specialist
ISRC and LEBT Vacuum System Design
System Architecture of MPSVac and MPSID
PSS0 Design & Concept of Operations
MPS commissioning at ESS
PSS Verification and validation
Safety Analysis and Safety Functions
TSS System Requirements - TSS CDR1
RSFs & categorisation 20 May, 2019.
Banafsheh Hajinasab Based on presentation by K. Strnisa, Cosylab
Safety Readiness Review (SRR) Thomas Hansson, ESH
Introduction, PDR Recommendations & TS2 PSS Safety Analysis
Ola Ingemansson Electrical & Instrumentation Engineer
Hall C SHMS & Configuration Status
easYgen-3000XT Series Training
Machine Protection PLC Based System Verification and Validation Plan
Software Development Plan and Software Requirements
TS2 PSS; update on concepts of operation and system's architecture
TS2 PSS Software Requirements and Software Design
Mikael Olsson Control Engineer
ESHAC #8 Safety Readiness Review Thomas Hansson, ESH
Target Safety System Interfaces
Vacuum Control System for Monolith Vacuum
Radiation Detectors for the PSS1 at ESS
Presentation transcript:

Operation of Target Safety System (TSS) Mikael Olsson Control Engineer, TSS www.europeanspallationsource.se 5 July, 2019

Outline TSS introduction TSS state machine TSS safety parameters Purpose, layout, functions TSS state machine TSS safety parameters TSS in Main Control Room (MCR) TSS maintenance

TSS purpose Electrical and I&C system that prevents and mitigates radiation doses to the public Allocated to defense in depth level 3 = safety SSC As such, TSS shall be independent of Machine protection (MP, level 2) and Basic process control system (BPCS, level 1) Safety logic - hardware based Safety logic – software based Operation & monitoring - software based Safety sensors Safety actuators Other systems Reset, start Radiation safety system Operational system TSS Independence/isolation

TSS layout MCR - operation Target buidling Klystron gallery (G02) Front end building TSS #1 - application software hub Target utility block - monitoring - manual mode setting Dipole magnet - manual mode setting RFQ - Stop beam Ion source - Stop beam

TSS functions Operational functions Safety functions Reset/start Static beam permit (bypass of TSS safety functions) makes TSS beam permit independent of Target Station conditions to allow operation of the Accelerator during Target maintenance Alarm handling Maintenance Monitoring Archiving Safety functions Automatic stop of proton beam production, in case of abnormal conditions in Target Manual stop (also used to turn off TSS for maintenance reasons) Main reason why TSS exists

TSS state machine - operational modes and mode transitions ‘TSS: No beam’ TSS safe state TSS actuators prevent power supply to Ion source and RFQ TSS maintenance, periodic tests ‘TSS: Allow beam’ TSS allows beam production Transitions: ‘Reset’ Makes the TSS actuators ready for start ‘Start‘ Only possible after Reset Allows power supply to ION-source & RFQ ‘Automatic Trip’ Automatic stop, if safety conditions are not OK ‘Manual Stop’ Emergency stop Controlled stop (to turn off TSS for maintenance) ‘Manual bypass activated’ Static permit for beam production TSS: No beam Auxiliary power supply off Reset & Start & Manual bypass activated Reset & Start Automatic Trip or Manual Stop Manual Stop TSS: Allow beam Allow beam - on Target Allow beam - on Dump Safety functions activated Safety functions activated, but bypassed Prior to allowing beam production, the TSS safety parameters must be verified to be within acceptable limits. The verification is performed manually (via graphical user interfaces in MCR). When all parameters are within acceptable limits, the operator will press ‘Reset’ followed by ‘Start’. This verification implies that systems like the Target wheel, Primary helium cooling loop and Monolith vacuum are fully operational before beam is allowed to the Target.

TSS safety parameters Trip levels for TSS safety parameters chosen as far away as possible from operational limits, but with respect to identified accident scenarios Operational limits for BPCS and MP expected to be defined within TSS range, in order to detect and prevent deviations from normal operation This way, TSS acts only if both BPCS and MP fail to act It is assumed that BPCS and MP limits are within OLC, and that TSS limits are outside. TSS trip levels are defined MP and BPCS operational limits are not yet defined TSS MP BPCS Operational Limits and Conditions (OLC)

TSS in MCR TSS dedicated cabinet Monitoring via Operator workstation reset/start stop monitoring via TSS local HMI detailed status alarm handling Monitoring via Operator workstation TSS overview, general status alarm display no action via EPICS network Archiving of TSS data for post-mortem analyses MCR

TSS operational mode - Manual bypass activation Condition 1 + 2: Prevent power supply to dipole magnet by redundant TSS manual breakers Condition 3: Additional bypass setting by TSS manual switches All conditions fulfilled? Pushed? Assures beam directed to Dump Assures bypass of safety functions If YES: override with ‘Allow beam’ If YES: override with ‘Not Allow beam’ TSS safety parameters: Helium mass flow Helium pressure Helium temperature Wheel speed Monolith pressure Beam permit

TSS maintenance Planned maintenance is performed during shutdown In safe state mode ‘TSS: No beam’ Unplanned maintenance concept: It will be possible to isolate and repair one sensor part (channel) of TSS in all modes of operation of the ESS TSS will then operate with limited functionality (1oo2 instead of 2oo3) To avoid spurious trips, i.e. increased availability

Summary - Safety, Availability, Operations TSS operates independently of BPCS and MP ESS relies on BPCS and MP to maintain safe operations of the facility It is expected that MP monitors the same parameters that TSS monitors (and more) and catches a developing event early It is expected that BPCS and MP operating limits are well within the TSS trip points TSS acts only when everything else that should have acted fails TSS trip points are not tuned to beam power – set for 5 MW beam TSS maintenance planned in TSS mode ‘No beam’ (TSS safe state) Asset protection TSS does not address asset protection It is expected that MP monitors Target Station systems to protect equipment Availability & Operations TSS has two modes to ‘Allow beam’ (to Target or Dump) for the sole purpose of benefiting accelerator operations and facility availability TSS is operated mainly from MCR Exception: activate/de-activate ‘Allow beam to Dump’ (bypass) locally in process area TSS has three channels to increase availability – design allows operation with 1oo2 voting

Thank you

Extra slides…

Use case - Allow beam Manual action in process area TSS: No beam Manual action in MCR Operation: Beam request To Target Beam direction? To Dump De-activate bypass of TSS safety functions Activate bypass of TSS safety functions Operational procedure Other operational systems Operator workstation Manual action Check TSS safety parameters TSS HMI Manual action No Process not ready OK? Yes TSS: Reset TSS: Reset Manual action TSS: Start TSS: Start Manual action TSS: Allow beam on Target TSS: Allow beam on Dump

Use case 2 - Stop Manual action in process area Manual action in MCR TSS: Allow beam Manual action in MCR Operation: Shutdown request Low = controlled stop Severity? High = emergency stop Is beam produced? No Yes Stop beam production Other operational systems TSS: Stop TSS: No beam

Use case 3 - TSS alarm during normal operation Manual action in process area TSS: Allow beam Manual action in MCR, TSS local HMI Manual action in MCR, EPICS HMI Supervise TSS TSS alarm Analyze alarm Severity? Low Mid High Acknowledge alarm, and keep running with limited functionality Controlled stop Emergency stop TSS: No beam

Basic process control system TSS architecture RFQ power Ion source power TSS Helium pressure Wheel speed Manual stop Helium mass flow Helium temperature Monolith pressure A Relay PLC Relay 2oo3 Switch 1 B Relay PLC Switch 3 C Relay PLC Safety PLC 2oo3 Switch 4 Switch 2 Dipole magnet Target wheel Beam dump Proton beam RFQ Ion source Machine protection Basic process control system

Target utility area (D02) PLC 2oo3 Relay 2oo3 TSS #1 Ion source RFQ D02.115.4001 D02.115.4003 D02.115.3067 D02.115.3064

Klystron gallery (G02)

Front end building (G01)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.