Appendix G - TRS 09082B - Inverter System Interface to Plant Computer (KIT) Rev 0

®Eskom Generation

KOEBERGNUCLEAR POWER STATION

REVISION 090828 o I I I

NUCLEAR ENGINEERING DEPARTMENT

DESIGN ENGINEERING

Technical Requirements Specification for

Compiled by:

Reviewed by:

Approved by:

Date:

Inverter System

Interface to

Plant Computer (KIT)

~lvJ Peter Harrisankar

B. Trautmann

¥= - R. Goldstein

Zo/3· f!-o8

PAGE

1

TRS No REVISION PAGE

09082B 0 2

KOEBERG NUCLEAR POWER STATION

REVISIONS

Revision Date Scope of the revision Compiler Reviewer Approver

0 2013-11-28 Original Issue. PH BT RG


09082B 0 3


INDEX

1.0 INTRODUCTION

2.0 DEFINITIONS AND ABBREVIATIONS

3.0 REFERENCES - NORMATIVE

4.0 REQUIREMENTS

5.0 VERIFICATION, TESTING AND COMMISSIONING REQUIREMENTS

6.0 TRAINING REQUIREMENTS

7.0 DOCUMENTATION AND CONFIGURATION MANAGEMENT

8.0 OTHER REQUIREMENTS

9.0 ATTACHMENTS


09082B 0 4


1. INTRODUCTION

1.1 Purpose

The purpose of this technical requirement specification (TRS) is to describe the requirements in respect of the interfacing between the replacement Inverter System and the Ovation plant computer (KIT), as well as the associated KIT HMI Requirements.

1.2 Background

The inverter systems at Koeberg consist of electrical components designed to supply and distribute energy at 220 V AC without interruption, which is necessary for:

� The four reactor protection “SIP” channels. (1/2LNA/B/C/D);

� Continuous power supply for regulation, measuring and surveillance instrumentation (LNE);

� Common non-safety related systems of both Units. (9LNi (F/G/H), SSC and SSD).

Except for the various contactor auxiliary switches (48 V circuit contacts) that provide the control room alarms, KIT inputs and T 20 panel mimics, there is currently no data link between the inverter system and the plant computers.

1.3 The Replacement System

The replacement Inverter System is specified in TRS 09082A and includes the requirement for a digital port to interface with the plant computer. Data links between the Inverter System and the Ovation plant computers will be added.

A set of mimics shall be developed and installed on Ovation units 1 and 2. Status mimics and alarms will be implemented on Ovation for Operator information and event logging only.

The control of Inverter System from Ovation is not envisioned at this time. There shall be no data transmitted from Ovation to Inverter System. Inverter System Actions (ISOLATION, ACCEPT/SILENCE and RESET) shall not be implemented on the KIT mimics.

2. DEFINITIONS AND ABBREVIATIONS

2.1. Data Diode : A data diode is a computer security device that restricts the communication along a network connection between two points so that data can only be transmitted in one direction. The data diode is configured to guarantee that no data can be passed, either explicitly or covertly, in the opposite direction.


09082B 0 5


2.2. FAT Factory Acceptance Testing

2.3. FMEA Failure Mode and Effects Analysis

2.4. HMI Human Machine Interface

2.5. KIT Plant Computer (Ovation)

2.6. KNPS Koeberg Nuclear Power Station

2.7. MCR Main Control Room

2.8. MTBF Mean Time Between Failures

2.9. MTR KIT Maintenance Test Rig/Training System

2.10. OPH Ovation Process Historian

2.11. SANS South African National Standard

2.12. SAT Site Acceptance Testing

3. REFERENCES - NORMATIVE

3.1. DSG-318-087 Quality Requirements for the Procurement of Assets, Goods and Services.

3.2. EN 55022 Information technology equipment — Radio disturbance characteristics — Limits and methods of measurement.

3.3. EN 61326-1 Electrical equipment for measurement, control and laboratory use — EMC requirements

3.4. IEC 12207 Systems and software engineering —Software life cycle processes.

3.5. IEEE 1289 Guide for the Application of Human Factors Engineering in the Design of Computer-Based Monitoring and Control Displays for Nuclear Power Generating Stations

3.6. IEC 29148 Systems and software engineering —Life cycle processes — Requirements engineering

3.7. IEC 60812 Analysis techniques for system reliability — Procedure for failure mode and effects analysis (FMEA)

3.8. IEC 60987 Nuclear power plants — Instrumentation and control important to safety — Hardware design requirements for computer-based systems

3.9. IEC 61226 Instrumentation and control important to safety –


09082B 0 6


Classification of instrumentation and control functions

3.10. IEC 61513 Nuclear power plants — Instrumentation and control important to Safety — General requirement for systems

3.11. IEC 62138 Instrumentation and control important for safety – Software aspects for computer-based systems performing category B or C functions

3.12. ISO 9001 Quality Management Systems – Requirements.

3.13. ISO 90003 Software engineering — Guidelines for the application of ISO 9001:2000 to computer software

3.14. KAA-501 Project Management Process for KNPS Modifications.

3.15. KAA-815 Design Changes to Plant, Plant Structures or Operating Parameters.

3.16. KAA-709 Process for Performing Safety Screenings, Safety Evaluations, Safety Justifications and Safety Cases.

3.17. KSA-011 The Requirements for Controlled Documents.

3.18. OHSA No 85/93 Occupational Health and Safety Act No 85 of 1993.

3.19. SANS 10142-1 Code of practice for the wiring of premises.

3.20. SANS 60950-1 Information technology equipment - Safety Part 1: General requirements.

3.21. WNA-DS-01714-FKOE KIT Process Diagrams Functional Specification.

4. REQUIREMENTS

4.1. General

4.1.1. As the preferred MCR HMI is Ovation, the Inverter System shall be interfaced to Ovation.

4.1.2. This project shall be managed in accordance with KAA-501.

4.1.3. The design process and design output (“the design”) will be in accordance with KAA-815.

4.1.4. Design, installation, testing and commissioning documents are subject to acceptance by Eskom.

4.1.5. The Ovation interface supplier, the Inverter System supplier shall cooperate and coordinate to ensure a successful interface between the systems. Interfacing requirements shall be established at the outset of the project.


09082B 0 7


4.1.6. The scope of this TRS includes 1/2LNi (A/B/C/D), 9LNi(F/G/H), 1/2KRT and 1/2LMK.

4.1.7. If Gutor inverter type is chosen then the supply, installation and setup of the interface module for 1/2LMK and 1/2KRT shall be included in the scope of this TRS.

4.1.8. The Unit 9 Inverter System and mimics shall be included on Unit 1 Ovation only.

4.1.9. SSC and SSD are excluded from the scope of this TRS.

4.2. Ovation Interface and HMI Requirements

4.2.1. The Ovation interface supplier shall design, install, test and commission the scope as described in this section.

4.2.2. The point of interface shall be the RJ45 Ethernet port on the Inverter System interface. The Ovation interface supplier shall be responsible for cabling from this point with the exception of 4.1.7.

4.2.3. The digital path to each inverter shall comprise mainly of optical fibre pair (assume 50 metres per inverter). Any media converters required to accommodate this are included in the scope.

4.2.4. A Data-Diode (see definition in 2.1) shall be included in the connection to each inverter. One-way data direction shall be from the Inverter System to Plant Computer/Ovation DCS.

4.2.5. Each Inverter system shall be associated with its respective plant computer/Ovation DCS of each unit (1/2KIT).

4.2.6. FieldServer devices (or alternates) shall be employed as data concentrators in order to reduce the number of MODBUS connections to Ovation.

4.2.7. The FieldServer devices could potentially incorporate the Data Diodes and perform a protocol conversion function (Modbus TCP to Modbus RTU).

4.2.8. Ovation shall use Ovation Link Controller (LC) modules with the MODBUS protocol over RS-485.

4.2.9. The Ovation Link Controllers shall use Electronics module (EMOD) part number 1C1166G01 and Personality module (PMOD) part number 1C31169G02.

4.2.10. The Ovation system shall initiate and manage communication (monitoring and indication) with the FieldServer devices.

4.2.11. The client machines shall be Ovation controllers.

4.2.12. If an alternate protocol and configuration is mutually preferred by both the Ovation interface supplier and the Inverter System contractor, then such protocol shall be proposed to Eskom for acceptance.


09082B 0 8


4.2.13. Health and condition states (e.g. ALARM, FAULT, BYPASSED) shall be available from the Inverter System.

4.2.14. Analog Variables (e.g. Voltage, Current, load power factor, kW etc.) shall be available from the Inverter System.

4.2.15. The Ovation database point and Alarm naming convention shall follow the existing convention used. Any deviation from the convention must be presented to Eskom for acceptance.

4.2.16. The individual FAULT status represents only the status of the inverter for representation on the mimic. The associated points will not be in bad quality.

4.2.17. The Inverter System shall include a “life variable” (watchdog) in order to allow the DCS to monitor the state of the interface.

4.2.18. Failure of the interface will result in all points being in bad quality.

4.2.19. Failure of the watchdog point will result in all points being in bad quality.

4.2.20. The delay between a change in state occurring on the Inverter System and being presented on the mimic shall be not more than 4 seconds.

4.2.21. Health and condition states are to be recorded in the OPH.

4.2.22. The set of mimics to be created in Ovation shall be similar to the mimic on the front panel of the Inverter System chosen or one agreed upon by Eskom.

4.2.23. The mimics developed shall comply with the principles established in WNA-DS-01714-FKOE - KIT Process Diagrams Functional Specification.

4.2.24. An additional navigation button for Inverter System shall be introduced on the top-level mimic navigation screen.

4.2.25. The Unit 1 mimics shall be included in the migration to its respective simulator. The SIM model shall provide point status as required.

4.2.26. Eskom shall ensure that the Ovation interface supplier is kept informed of changes during the development of system layouts.

4.2.27. The impact of the points on Ovation system performance shall be evaluated and documented in the design, and measures shall be proposed to mitigate any detrimental impact on response times.

4.2.28. Implementation on Ovation shall include unit outages if unavoidable.

4.2.29. The Ovation interface supplier and Inverter system supplier shall be present during testing of the Inverter System and interface. They shall assist in the correction of any errors discovered in their scope.

4.2.30. Eskom will install the supplied Ovation mimics for the second unit installation [which could be either unit 1 or unit 2], shortening the duration of the project for


09082B 0 9


the Ovation interface supplier.

4.2.31. If the failure rate of any component is significantly higher than the published MTBF, it shall be declared a defect.

4.3. Software Requirements

4.3.1. Even with no control component, the software function for this interface and all KIT software additions and changes is classed as Category C in accordance with IEC 61226. As such, development of all software shall comply with IEC 62138.

4.3.2. All software shall satisfy the requirements of sections 5 of IEC 62138.

4.3.3. The Software Lifecycle applied shall be IEC 12207. The following sections of IEC 12207 are applicable:

4.3.3.1. Section 6.2 - Organizational Project-Enabling Processes.

4.3.3.2. For Section 6.2.5, the Quality Management Process shall be ISO 9001.

4.3.3.3. Section 6.3 - Project Processes.

4.3.3.4. Section 6.4 - Technical Processes.

Note: for Section 6.4.2 - The Systems Requirements Analysis Process shall apply section 5.3 of IEC 62138 with support from sections 8.4 and 9.5 of IEC 29148.

4.3.3.5. Section 7.1 - Software Implementation Processes.

4.3.3.6. Section 7.2 - Software Verification Process.

Note: For section 7.2.3, the Software Quality Assurance Process shall apply ISO 90003.

4.4. Equipment Qualification

4.4.1. The hardware lifecycle processes shall comply with the requirements of IEC 61513 for class 3 systems, category C functions. IEC 60987 shall be used in conjunction with IEC 61513.

4.4.2. The equipment and the installation shall satisfy all Class B ITE emissions requirements of EN 55022.

4.4.3. The equipment shall satisfy all EN 61326-1 Table 2 immunity criteria to Performance Criterion A.

4.4.4. The electrical installation shall comply with SANS 10142-1:2012 and SANS 60950-1.


09082B 0 10


5. VERIFICATION, TESTING AND COMMISSIONING REQUIREMENTS

5.1. Any testing shall be according to test procedures reviewed and accepted by Eskom. Eskom shall be invited to witness any testing performed. Sufficient notice shall be provided in order to accommodate this.

5.2. The following testing configuration is proposed in place of the FAT for interfacing: use a inverter control and interface modules or maintenance Inverter , any interfacing devices and the Ovation MTR at KNPS to validate the communication between devices.

5.3. The Ovation interface supplier shall have an opportunity to test the modbus link to a configured inverter system. This test is best conducted at the KIT MTR at KNPS. An inverter test rig will also be available.

5.4. Both the Ovation interface supplier and the Inverter System contractor shall make use of the inverter I/O testing, by the Inverter System contractor, to validate the interface configuration as well as the mimics.

5.5. The Ovation interface supplier and the Inverter System contractor remain responsible for correction of their respective errors.

5.6. Section 6.2.6 of IEC 61513 (Class 3, Category C) shall be applicable to the hardware.

5.7. Section 5.7 of IEC 62138 and section 6.4.6 of IEC 12207shall be applicable to the software.

5.8. Section 6.3.2.2 of IEC 61513 shall be applicable to the integrated system.

5.9. Testing milestones shall include Factory Acceptance Testing (FAT), Site Acceptance Testing (SAT), cold commissioning and hot commissioning.

6. TRAINING REQUIREMENTS

6.1. Eskom reserves the right to appoint certain staff to the contractor’s team during the installation and commissioning phases. The aim of this will be to allow Eskom personnel to become familiar with the system and components.

6.2. Some ad-hoc training might be required during installation and commissioning.

6.3. Operator Training

6.3.1. The contractor shall familiarise the operating staff and their appointed trainers with the new set of mimics.

6.3.2. The training shall enable the operator to identify any inverter in alarm or fault and respond appropriately.


09082B 0 11


7. DOCUMENTATION AND CONFIGURATION MANAGEMENT

7.1. The Prospective supplier shall submit a statement of compliance, indicating a clause by clause acceptance of this specification. All deviations are to be clearly indicated in the submission with explanatory comments.

7.2. The Prospective supplier shall explain any additional features, not covered by this specification, which are included in their system proposal.

7.3. Documentation deliverables

7.3.1. All documents listed below shall be subject to an acceptance review and acceptance by Eskom.

7.3.2. A System Quality Assurance Plan and a Software Quality Assurance Plan (section 7.2.3 of IEC 12207) shall be established.

7.3.3. Note: In the context of IEC 12207 section 7.2.3, ISO 90003 shall be used to apply ISO 9001 to the software.

7.3.4. A software requirements specification (SRS) shall be produced in accordance with section 7.1.2 of IEC 12207.

7.3.5. A Verification and Validation (V&V) plan shall be produced which includes system integration.

7.3.6. All completed factory and site acceptance tests shall be provided.

7.3.7. In addition to adherence to contractor internal procedures, design documents shall be produced using and complying with the latest versions of the applicable Eskom procedures and templates. Currently KAA 815 revision 2 is the design procedure and KAA 501 revision 10 is the modification process.

7.3.8. An FMEA in accordance with IEC 60812 shall be developed.

7.3.9. All plant documents shall be identified and updated to reflect the replacement system.

7.3.10. An indexed equipment manual shall be supplied. All data sheets and configuration guides shall be included.

7.3.11. All user manuals shall be provided.

7.3.12. All operation manuals shall be provided.

7.3.13. All system administration manuals shall be provided.

7.3.14. All operating system software and drivers shall be supplied with all required licenses.

7.3.15. Hardware configuration and settings shall be documented.


09082B 0 12


7.3.16. Software setup for all devices shall be documented, including BIOS configuration.

7.3.17. All software developed for this modification shall be supplied in executable form as well as in source code form. Eskom shall be the owner of this software.

7.3.18. A critical spares list for the system shall be provided.

7.3.19. All dates used in documents and software created for this project shall comply with the extended date format YYYY-MM-DD.

7.3.20. All documents created for this project shall be supplied in pdf format as well as in the original source format.

7.3.21. All drawings and drawing updates shall be submitted in soft copy in one of the following types of files (*.dxf, *.dwg, *.dgn).

7.3.22. Documents created for this project shall not be supplied in secured pdf format.

7.3.23. Documents created for this project shall not be password protected.

7.3.24. Documents created for this project and supplied in pdf format shall have searchable text.

8. OTHER REQUIREMENTS

8.1. Nuclear Safety

8.1.1. A nuclear safety screening and safety evaluation (if required) shall be performed in accordance with KAA-709 and supplier shall submit the document/s to the system user for this interface project.

8.2. Conventional Safety and Security

8.2.1. The interface shall not introduce additional risks to personnel or plant integrity.

8.3. Qualification and competency of staff

8.3.1. The Contractor shall be certified as an ISO 9001:2008 service provider.

8.3.2. Contractor staff performing the design and/or installation work shall be qualified by means of formal technical qualifications and have sufficient experience with work of a similar nature and who have been evaluated and authorised by the Contractor.

8.3.3. The Contractor shall provide details of their key staff experience with design and installation of similar qualified components in the tender submittal.

8.3.4. All persons compiling the design shall be appropriately professionally registered.


09082B 0 13


8.4. Site and Installation Requirements

8.4.1. All staff requiring access to the site for design and installation purposes shall be subject to security requirements as well as to Plant Access Training (PAT).

8.4.2. All Eskom procedures and standards applicable to plant and personnel on the Koeberg site shall be complied with.

8.5. Quality assurance

8.5.1. The contractor shall have current, certified compliance with the requirements of ISO 9001-2008, “Quality Management Systems - Requirements” for the duration of the project.

8.6. Site familiarization

8.6.1. The onus shall be on the contractor to familiarise themselves with site layout and working conditions.

8.6.2. Eskom will not accept any liabilities for any claims arising out of misjudgement, misconceptions or ignorance of these factors.

8.6.3. Eskom will arrange a site visit for all tenderers/contractors.

8.7. Confidentiality

8.7.1. All Eskom information and property made available to the vendor and works done by the vendor for Eskom are confidential, and may not be disclosed to third parties

9. ATTACHMENTS

Attachment 1 : KIT System Architecture

TRS No REVISION ATT. PAGE

09082B 0 2 1


Attachment 1: KIT System Architecture