Lab-Scale Design, Demonstration and Safety Assessment of an FPGA-Based Post Accident Monitoring System for Westinghouse AP1000 Nuclear Power Plants

A Field Programmable Gate Array (FPGA) is a type of integrated circuit (IC), which is programmed after it is manufactured. FPGAs are referred to as a form of programmable hardware, as there is typically no software or operating system running on the FPGA itself. A significant amount of design work has been performed regarding the application of FPGAs in the nuclear field in recent years, with much of that work centered around safety related Instrumentation and Control (I&C) systems and safety systems. These new FPGA based systems are considered to be viable alternatives to replace many old I&C systems that are commonly used in Nuclear Power Plants (NPPs). Many of these older analog and digital systems are obsolete, and it has become increasingly difficult to maintain and repair them. FPGAs possess certain advantages over traditional analog circuits, PLCs and microprocessors, when considering nuclear I&C and safety system applications. This paper describes how FPGA technology has been used to construct a lab-scale implementation of a Post-Accident Monitoring System (PAMS), for a Westinghouse AP1000 Nuclear Power Plant, using a National Instruments “cRIO” chassis and I/O modules. This system will perform the major functions of the existing PAMS, including monitoring the vital values such as temperature, water level, pressure, flow rate, radiation levels and neutron flux in the event of a serious reactor accident. These values are required in standards such as United States Nuclear Regulatory Commission (NRC), Canadian Nuclear Safety Commission (CNSC), International Electrotechnical Commission (IEC), and Institute of Electrical and Electronics Engineers (IEEE). All of the input signals are read and processed using the FPGA, which includes alarms if the values go beyond the specified range, or if the values change rapidly. The values were then output to the computer through the FPGA interface to provide information to the operator, as well as being sent through analog and digital output modules for further processing. The system was tested using both simulated and real inputs from sensors. Furthermore, the reliability of the new system has also been analyzed, using the Dynamic Flowgraph Methodology (DFM). DFM has been successfully applied in both the nuclear and aerospace fields, and has been described as one of the best methodologies for modeling software/hardware interactions, by the scientific literature as well as in NRC reports. DFM was applied to fine-tune the design parameters by determining the potential causes of faults in the design, as well as to highlight the effectiveness of DFM in nuclear and in FPGA applications.