Digital I&C in Nuclear Power Plants and Fuel Cycle Facilities
Digital instrumentation and controls (I&C) systems have been in use for over three decades in various applications. Fossil power plants and refineries have been using integrated digital I&C systems since the 1980s. Digital I&C systems are widely used in almost all industrial applications in one form or another. The use of microprocessors and computers is not new in nuclear power plants. The early applications were limited to the use of programmable logic controllers and plant process monitoring computers. In the 1980s, digital technologies were integrated into control systems for various subsystems, starting with the auxiliary systems and then moving to primary systems. By the 1990s, microprocessors were being used for data logging, control, and display for many nonsafety-related functions. In Japan, the first fully digitalized I&C system was integrated into the Kashiwazaki-Kariwa Unit 6 advanced boiling-water reactor (ABWR) in 1996. This was followed by Kashiwazaki-Kariwa Unit 7. France, the United Kingdom, Korea, Sweden, and other countries have also implemented digital I&C systems in their nuclear power plants.
In the United States, digital I&C systems have been used in many applications, including feedwater control systems, recirculation control systems, demineralizer control systems, main turbine controls, and many other nonsafety systems. With the NRC approval of the Eagle Series, the Common Qualified Platform (Common Q), Triconex, and the Teleperm XS system for safety-related applications, operating nuclear power plants may consider their use in retrofitting digital I&C systems at their facilities. All new nuclear power plants are being designed with integrated digital I&C systems as the backbone of protection, controls, alarms, and display and monitoring.
Several fuel cycle facilities make extensive use of distributed control systems and programmable logic controllers (PLCs) based on digital design technology both in their normal process control systems and safety control systems. An example of the use of digital technology in process control in a fuel cycle facility would be controlling the moisture content of steam used in a process vessel through control of the steam temperature. Digital technology could also be used to perform a safety function as an interlock that prevents filling of a vessel if it is not in the proper location.
The digital I&C systems raise issues that were not relevant to analog systems. For example, a common-cause failure attributable to software errors was not possible with analog systems. This potential weakness may require a consideration of diversity and defense in depth in the application of digital I&C systems. Digital system network architectures also raise issues, such as, interchannel communication, communication between nonsafety and safety systems, and cyber security that must be reviewed closely to ensure that public safety is preserved. Highly integrated control room designs with safety and nonsafety displays and controls will be the norm for new reactor designs. Quality assurance during all phases of software development, control, and validation and verification is critical to minimize the possibility of common-cause failures. Qualification and dedication of commercial off-the-shelf equipment in safety-related applications are other important aspects of the implementation of digital I&C systems.
The NRC has taken several actions to supplement and enhance the review and licensing of safety-related digital I&C designs. Revision 2 of Regulatory Guide 1.152, “Criteria for Use of Computers in Safety Systems of Nuclear Power Plants,” was issued in January 2006. Standard Review Plan updates are well under way and are expected to be completed early in 2007. Draft Regulatory Guide DG-1145, “Combined License Applications for Nuclear Power Plants (LWR Edition),” was issued in September 2006. This regulatory guide provides guidance regarding required information to be submitted in a combined operating license (COL) application for a nuclear power plant. Furthermore, the NRC is updating various other regulatory guides on an expedited basis to support licensing of new reactors.
Several research projects are also under way that will augment and supplement review criteria for licensing digital I&C systems. These research initiatives will also solicit insights from international nuclear regulators and will build on their licensing experiences with digital I&C systems. These include, but are not limited to, risk assessment of digital systems, highly integrated control room, diversity and defense in depth, and security aspects of digital systems.
The NRC is actively working with industry groups and other stakeholders to resolve technical issues with licensing digital I&C systems. This public Web site has been established to enhance stakeholder communication and participation during these ongoing efforts to develop associated regulatory guidance. Furthermore, the NRC will conduct periodic public meetings with stakeholders to review progress by the agency and industry in resolving these issues.