BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 1/15 Reliability of Beam Loss Monitors.

Slides:

Advertisements

Similar presentations

26 Apr 2004RSWG G.Guaglio 1/4 Reliability Sub-Working Group False Dumps generation.

Advertisements

Jan Uythoven, AB/BTLHCCWG, 3 May 2006 Page GeV Commissioning Machine Protection Needs to be commissioned to: Prevent damage with the used, higher.

K. Potter RADWG & RADMON Workshop 1 Dec WELCOME TO THE 4th RADWG & RADMON WORKSHOP 1 December 2004.

Circuit Analysis and Troubleshooting A Six Step Procedure Created by Jimmie Fouts Houston County Career Academy for.

LHC Commissioning WG 27/03/ Commissioning of BLM system L. Ponce With the contribution of B. Dehning, E.B. Holzer, M. Sapinski, C. Zamantzas and.

MPSCWG 12/12/ Operational scenario of the BLM system.

Concept & architecture of the machine protection systems for FCC

Vegard Joa Moseng BI - BL Student meeting Reliability analysis summary for the BLEDP.

LECC 2006 Ewald Effinger AB-BI-BL The LHC beam loss monitoring system’s data acquisition card Ewald Effinger AB-BI-BL.

Technical review on UPS power distribution of the LHC Beam Dumping System (LBDS) Anastasia PATSOULI TE-ABT-EC Proposals for LBDS Powering Improvement 1.

The LHC: an Accelerated Overview Jonathan Walsh May 2, 2006.

LHC Beam Dump System Technical Audit Trigger Synchronisation Unit.

Eva Barbara Holzer IEEE NSS, Puerto Rico October 26, Beam Loss Monitoring System of the LHC Eva Barbara Holzer, CERN for the LHC BLM team IEEE Nuclear.

An Example Use Case Scenario

FAULT TREE ANALYSIS (FTA). QUANTITATIVE RISK ANALYSIS Some of the commonly used quantitative risk assessment methods are; 1.Fault tree analysis (FTA)

Beam Loss Monitor System – Preliminary Feedback November 11 th, 2010.

Chamonix Risks due to UPS malfunctioning Impact on the Superconducting Circuit Protection System Hugues Thiesen Acknowledgments:K. Dahlerup-Petersen,

LER Workshop, CERN, October 11-12, 2006Detector Safety with LER - Henryk Piekarz1 LHC Accelerator Research Program bnl-fnal-lbnl-slac Accelerator & Detector.

Reliability of the Quench Protection System for the LHC s.c. Elements F. Rodriguez-Mateos and Antonio Vergara (both TS now, AT when the work was done)

Interlock and Protection Systems for SC Accelerators: Machine Protection System for the LHC l The Risks l The Challenge l The LHC Layout l The Systems.

FED RAL: Greg Iles5 March The 96 Channel FED Tester What needs to be tested ? Requirements for 96 channel tester ? Baseline design Functionality.

PLC Workshop at ITER, 4-5 th of December 2014 A. Nordt, ESS, Lund/Sweden.

MP Questions for LE eCooling. Why talk about this now? Is there additional equipment needed, not yet considered? (nor costed) Interfaces to systems that.

Eva Barbara Holzer ICFA HB2006, Tsukuba, Japan June 1, Eva Barbara Holzer, CERN CLIC Workshop CERN, October 18, 2007 Machine Protection system:

The LBDS trigger and re-trigger schemes Technical Review on UPS power distribution of the LHC Beam Dumping System (LBDS) A. Antoine.

Product & Technology Quality. Excellence. Support SIL Explanation 27.JAN 2006 Automation & Safety.

Acquisition Crate Design BI Technical Board 26 August 2011 Beam Loss Monitoring Section William Vigano’ 26 August

1 Reliability and Availability of the Large Hadron Collider (LHC) MachineProtection System Jan Uythoven CERN, Geneva, Switzerland Thanks to R. Schmidt,

BLM AUDIT 2010Ewald Effinger BE-BI-BL BLM tunnel installation and data acquisition card (BLECF) Ewald Effinger AB-BI-BL.

1 Will We Ever Get The Green Light For Beam Operation? J. Uythoven & R. Filippini For the Reliability Working Group Sub Working Group of the MPWG.

Vegard Joa Moseng BI - BL Student meeting Reliability analysis of the Input Monitor in the BLEDP.

‘Review’ of the machine protection system in the SPS 1 J. Wenninger BE-OP SPS MPS - ATOP 09.

LHC Beam Loss Monitors, B.Dehning 1/15 LHC Beam loss Monitors Loss monitor specifications Radiation tolerant Electronics Ionisation chamber development.

Beam Interlock System MPP Internal ReviewB. Puccio17-18 th June 2010.

1 Commissioning and Early Operation – View from Machine Protection Jan Uythoven (AB/BT) Thanks to the members of the MPWG.

Chamonix 2006, B.Dehning 1 Commissioning of Beam Loss Monitors B. Dehning CERN AB/BDI.

Machine Protection Review, R. Denz, 11-APR Introduction to Magnet Powering and Protection R. Denz, AT-MEL-PM.

CLIC Interlock System study: from Principle to Prototyping Patrice Nouvel TE-MPE-EP TE-MPE Technical Meeting : 22/03/2012.

LHC Radiation Day, B. Dehning1 Beam Loss Monitors B. Dehning.

LHC machine protection close-out 1 Close-out. LHC machine protection close-out 2 Introduction The problem is obvious: –Magnetic field increase only a.

Fault Tree Analysis for Fatality Prevention Dr. Steven A. Lapp President - Design Sciences, Inc.

BLM System R2E and Availability Workshop, B.Dehning 1 Bernd Dehning CERN BE-BI

RF Commissioning D. Jacquet and M. Gruwé. November 8 th 2007D. Jacquet and M. Gruwé2 RF systems in a few words (I) A transverse dampers system ACCELERATING.

16 December 2005 IntroductionIntroduction System Layout Dependable Design Dependability Analysis Sensitivity ConclusionsSystem LayoutDependable DesignDependability.

NMLTA Protection System Update -Loss Monitors- Arden Warner September 2 nd, 2009.

Machine Protection Review, Markus Zerlauth, 12 th April Magnet powering system and beam dump requests Markus Zerlauth, AB-CO-IN.

2007 IEEE Nuclear Science Symposium (NSS)

BEAM LOSS MONITORING SYSTEM

Dependability Requirements of the LBDS and their Design Implications

Powering the LHC Magnets

Beam Loss Monitor System Reliability and False Signals

LHC BLM system: system overview

BEAM LOSS MONITORING SYSTEM

External Review on LHC Machine Protection, B.Dehning

Initial Experience with the Machine Protection System for LHC

Interpretation and use of BLM Data

Collimator Control (SEUs & R2E Outlook)

Remote setting of LHC BLM thresholds?

Machine Protection Xu Hongliang.

J. Emery, B. Dehning, E. Effinger, G. Ferioli, C

BEAM LOSS MONITORS DEPENDABILITY

C.Octavio Domínguez, Humberto Maury Cuna

BLM changes HV software interlock (SIS)

Beam Loss Monitoring Eva Barbara Holzer, CERN

Will We Ever Get The Green Light For Beam Operation?

Commissioning of the Beam Conditions Monitor of the LHCb Experiment at CERN Ch. Ilgner, October 23, 2008 on behalf of the LHCb BCM group at TU Dortmund:

Report on Beam Loss Monitors

Irradiated Components

Presentation transcript:

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 1/15 Reliability of Beam Loss Monitors System for the Large Hadron Collider

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 2/15 LHC Superconductive Magnets In LHC there are: 514 main quadrupoles (MQ), 1232 main dipoles (MD). Favorite loss location: quadrupole and transitions. We will monitor only the MQ (and some other critical locations). If losses exceed a threshold, a dump signal is generated. RF Cleaning section Proton injection Dump Cleaning section Proton injection

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 3/15 SIL approach Safety Integrity Levels (IEC 61508): our guideline for LHC protection systems. Events definition Event gravity Event frequency Suggested system failure rate Expected (LHC) system failure rate Faced risk Magnet Destruction False Dump Substitution downtime Recovering downtime Dangerous losses/y False dump/y Suggested/Tolerable failure rates Unavailability of protection system Failure rate frequency Destruct magnets/y False dumps/y

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 4/15 Events Definition Prevent superconductive magnet destruction (MaDe) due to an high loss (~30 downtime days for substitution). Avoid false dumps (FaDu) ( ~3 downtime hours to recover previous beam status). System fault events

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 5/15 Frequency TABLE 1). Frequency table used for LHC risk definition. CategoryDescriptionIndicative frequency level (per year) FrequentEvents which are very likely to occur > 1 ProbableEvents that are likely to occur OccasionalEvents which are possible and expected to occur – RemoteEvents which are possible but not expected to occur – ImprobableEvents which are unlikely to occur – Negligible / Not credibleEvents which are extremely unlikely to occur < 10 -4

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 6/15 Gravity TABLE 1). Gravity table used for LHC risk definition. CategoryInjury to personnelDamage to equipment CriteriaN. fatalities (indicative) CHF LossDowntime CatastrophicEvents capable of resulting in multiple fatalities 11> 5*10 7 > 6 months MajorEvents capable of resulting in a fatality 0.1 (or 1 over 10 accidents) 10 6 – 5* days to 6 months SevereEvents which may lead to serious, but not fatal, injury 0.01 (or 1 over 100 accidents) 10 5 – to 20 days Minor Events which may lead to minor injuries (or 1 over 1000 accidents) 0 – 10 5 < 3 days

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 7/15 SIL levels Event LikelihoodConsequence Catas- trophic MajorSevereMinor FrequentSIL 4SIL 3 SIL 2 ProbableSIL 3 SIL 2 OccasionalSIL 3 SIL 2SIL 1 RemoteSIL 3SIL 2 SIL 1 ImprobableSIL 3SIL 2SIL 1 Negligible / Not CredibleSIL 2SIL 1 SILProbability of a dangerous failure per hour < Pr < < Pr < < Pr < < Pr < For high demand / continuous mode of operation systems

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 8/15 LHC Systems MaDe Loss Duration <10ms >10s middle FaDu Resistive magnets Lifetime RF Beam position Access Timing Experiments Collimation Vacuum Dump Beam Energy Interlocks Cryogenics Quench protection Beam Loss 4 first line systems: average 2.5E-8/h ~20 dump generator systems: average 5E-8/h Power converter

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 9/15 BLMS Current to frequency converter Multi- plexer LASER Diode Demulti- plexer Threshold comparator BIC (Dump) Beam Permit Beam Energy VME Bus Analogue ElectronicsDigital Electronics Below Quad. in ARC Ionization chamber At surface (SR, SX) Switch I in (t) Reference current Treshold comparator One-shot  T I ref Integrator f out 7 TeV 450 GeV

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 10/15 Availability improvements Test (continuously, 20 hours and yearly) of detector and analog electronic, to face integral dose degradation; voting for digital part, to avoid single event effects. Actions against the weakest elements (lasers, CRC, decisions table,…):redundancy.

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 11/15 Failure Rates Element Failure rate  [ /h] Inspection interval [h] Notes SingleNot redundantRedundant IC+cable+terminations Experience SPS Integrator2.0 Continuous (40  s) Dose and fluence tested Switch8.7 FPGA TX* Laser510 2 Optical connectors20 Optical fibre20 Photodiode3.2 FPGA RX*70 Reference:MIL-HDBK-217F IC calculated with 60% confidence level of no fails over 140 IC in 30 years in SPS

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 12/15 Component failure rate predictions. Assembly failure mode. System dependability. References: MIL-217 (electronic), Telcordia (telecommunication), IEC (electronic), NSWC (mechanical) Failure Mode Effect and Criticality Analysis Reliability Block Diagram Fault Tree Software possibilities Front end electronic Monitor Surface electronic Dump electronic Laser line 1 Laser line 2 Dump line 1 Dump line 2 Dump line 3 2 System failure FPGA TX FPGA RX Com- biner 2oo3 IC Beam interlock DUMP

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 13/ IC JFET1JFET2 OPA1OPA2 LASER1LASER2 Relative importance Software outputs Time profiles Importance diagram Unreliability 40  s80  s 20 h40 h Unavailability, failure rate,…

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 14/15 Results FaDu ( no Power Supply ): /h * 4000 h/y * 3200 = 3/y Foreseen event frequency: “Focused” dangerous losses per years: pessimistic! Number of channels Beam hours: 200 d*20 h/d We are beyond the Functional limits, but tolerable for Malfunction approach: good confidence that in 20 year we will lose (less than) the 16 spares magnets and BLMS generate around 3 false dump per year. SIL suggested rate: /h SIL suggested rate: /h /h * 4000 h/y * 100 = 0.2/yMaDe (single channel):

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 15/15 Conclusions 1.Probable multi-detection per loss (further simulations on going): MaDe OK. 2.FaDu improving with better electronic components (and better power distribution). 3.The systematic reliability approach guide the BLMS design (redundancies, testing, sensitivity evaluations).

BIW May 2004 LHCSILSystemsBLMSSoftwareResults Reliability of BLMS for the LHC. G.Guaglio, B Dehning, C. Santoni 16/15 Questions? Don’t shoot the messenger.