66 results about "Common cause failure" patented technology

The invention provides a priority management system of a nuclear power plant; the priority management system of the nuclear power plant is mainly used for managing instruction priorities and interfaces among a digital instrument control system and other systems of the nuclear power plant and driving devices of engineered safety facilities; the priority management system is used for directly receiving instructions from an engineered safety driving cabinet ESFAC, a safety related control cabinet SRC, a diversified driving control cabinet DAC, a serious accident control cabinet SAC and a power plant standard automatic system PSAS in a hard wiring manner, collecting feedback information of a field executor, supporting a self-diagnostic function and a periodic test of a safety system, and transmitting the feedback information, a self-diagnostic result, a quantitative test result and the like of the field executor to a DCS (Data Communication System) of the nuclear power plant; the priority logic part of the priority management system is in the form of a logic circuit; therefore, the priority management system is completely different from the DCS; and thus, software common-cause failures can be effectively avoided.

The invention discloses a protection method for digitalized instrument control diversity of a nuclear power station. The method comprises the following steps that a diverse actuation system (DAS) is used for obtaining a common cause failure (CCF) which is formed by overlapping abnormal working status of the nuclear power station; the DAS is used for driving manual control on operation and control of a key safe function in the CCF, the key safe function comprises at least one of reaction control, waste heat elimination, a reactor coolant device, containment isolation and containment integrity; if the operation and control of the key safe function can not be subjected to the manual control according to the requirement of response time, the DAS is used for implementing automatic driving operation. According to the protection method for the digitalized instrument control diversity of the nuclear power station, occurrence of the CCF can be effectively prevented. Additionally, the invention further discloses a protection system for the digitalized instrument control diversity of the nuclear station.

The invention relates to an accident analysis method for a digital control diversity protection system of a million-kilowatt nuclear power station. The method analyzes that a pile main protection system of a 'digital control system (DCS)' in a million-kilowatt nuclear power project is in software common cause failure, and simultaneously, the method superposes the expected operation transient or design basis accident, in the case that an operator has no time to perform manual intervention, the method further researches on adding a diverse actuation system (DAS) in the DCS to ensure the safety of the pile. A DAS scheme is determined after rounded accident analysis of the nuclear power station, and the DAS scheme comprises corresponding automatic protection signals and setting values, so as to guarantee that the accident consequence meets the requirement of a 'diversity and defense in depth (3D)' acceptance criterion.

The invention relates to a method for evaluating the functional safety of a safety instrument system, belonging to the technical field of functional safety of safety instrument systems. The invention aims at reliably simulating and monitoring the safety instrument system, evaluating the functional safety and studying the variation condition of common cause failure of the safety instrument system. The method comprises the following steps of: controlling the functional safety of a controlled system by a safety instrument system; analyzing the initial risk of the safety instrument system and determining the grade of safety integrity; verifying whether the safety instrument system reaches the determined grade of safety integrity; changing the constituting structures or devices of the safety instrument system; and repeating the above steps. In the technical scheme, the constituting structures or devices of the safety instrument system can be changed according to the studied specific condition to adapt for different application environments and requirements, and the variation condition of the common cause failure characteristic of the safety instrument system can be analyzed under different circumferences so as to provide important basis for studying the topic of common cause failure.

The invention discloses a common cause failure system reliability evaluation method considering environmental factors. The invention fully takes into account the common cause failure and failure ratevariation of the modern complex system due to the characteristics of the multi-task section, the complex environment and the multi-components. Therefore, the present invention has more engineering value than the traditional system reliability evaluation method which assumes that the component failure is independent and is not affected by the environment. At the same time, the invention uses the dynamic Bayesian network modeling method, which can reasoning the complex system, so that the method is applicable to the reliability evaluation of the large-scale complex system.

The invention belongs to the technical field of system reliability analysis and design, and particularly discloses a nuclear power equipment system reliability assessment method, which comprises the following steps: firstly, carrying out fault mode and influence analysis on equipment according to functional structure decomposition and related fault information of nuclear power equipment; establishing a fault tree model of the equipment based on a fault tree analysis method; then, establishing a reliability prediction and distribution model of the equipment; establishing a reliability analysismodel considering common cause failure; On the basis of previous analysis, after maintenance factors in the service period are considered, a maintenance strategy analysis model based on reliability isestablished to formulate a periodic maintenance strategy; and finally, based on a human factor engineering simulation platform, establishing an equipment inspection and maintenance simulation model to analyze a specific inspection and maintenance process. The model established by the invention can provide important reference and guidance for actual nuclear power equipment design, operation, maintenance planning and the like.

The invention discloses a functional security verification method for a safety instrument based on Markov process. The functional security verification method for the safety instrument based on the Markov process includes: using a Markov model to calculate failure rate on demand of a single device in a one-to-one structure, calculating probability of co-failure of multiple devices based on the failure rate on demand of the single device in the one-to-one structure, and calculating failure rate on demand of a redundant structure according to the probability of co-failure of the multiple devices; and verifying functional safety integrality level of the safety instrument according to the average failure rate on demand of the redundant structure based on the requirements in IEC61508. The functional security verification method for the safety instrument based on the Markov process has the advantages that the Markov model covers various statuses of the system to reflect dynamic behaviors of the system, and accordingly precision in calculating the failure rate is improved; the failure rate on demand of the redundant structure is calculated indirectly according to results of calculation on the failure rate on demand of the one-to-one structure, and accordingly the difficulty in direct Markov modeling and model calculation for the redundant structure is avoided; and a beta factor model and a binomial failure rate model are used to consider common cause failures, and the precision in calculating common cause failure rate is improved.

The invention relates to a reservoir group outlet structure failure assessment method based on the Bayesian network. The reservoir group outlet structure failure assessment method includes the steps of establishing a Bayesian network topological structure, determining respective probability, calculating spillway system failure probability, and calculating the integral failure probability. The Bayesian network for failure probability determination is combined with a conventional event tree for determining stepped reservoir group spillway facility failure, and calculating the probability of downstream control step failure caused by upstream dam bursting flood is added as needed to form a complete Bayesian spillway facility failure assessment network. A reservoir group outlet structure failure is a complex multivariable system, and the assessment system can be used to analyze common cause failure and conduct backward inference. The assessment system can scientifically determine the value of information and determine whether new information needs to be acquired, so that the outlet structure failure analysis is gradually improved and becomes more scientific.

The invention discloses a device and a method for parallel decoding of software and hardware. The device comprises a hardware decoding module, a software decoding module, a message comparison module and a data packet composition module, wherein the hardware decoding module is used for decoding a transponder transmission message which is received to obtain a transponder user message; the software decoding module is used for decoding the transponder transmission message which is received to obtain the transponder user message; the message comparison module is used for comparing whether the transponder user message which is obtained by using the hardware decoding module accords with the transponder user message which is obtained by using the software decoding module; and the data packet composition module is used for composing the transponder user message which is obtained by using the hardware decoding module with the transponder user message which is obtained by using the software decoding module into a data packet and sending the data packet to peripheral equipment. By adoption of the device and the method provided by the invention, the problem of safety caused by common-cause failure in the decoding process is solved, potential safety hazard caused by message error in the decoding and dumping processes is further avoided, the safety of the transponder transmission messages is improved, and the safety integrity level required by a train operation control system is achieved.

A continuously variable transmission with high function security is provided with a revolving speed signal generation device, a resolving speed signal generation sensor, a conical plate position signal generation device and a conical plate position signal generation sensor. A signal device is arranged between a lubricating oil pump and an inlet of the lubricating oil pump and is used for detecting whether a filter screen is blocked or not. Moreover, a component is used for judging whether the oil pump fails or not according to a temperature difference value of a temperature sensor. In a whole system, common cause failure on selection and arrangement of the sensors can be avoided to the greatest extent, and the safety and the reliability of the continuously variable transmission are improved.

The invention discloses a key risk factor and key risk transfer path identification method of cascade hydropower stations based on the Bayesian risk network, and relates to the field of hydraulic andhydroelectric engineering. The risk of the cascade hydropower stations is characterized by a common-cause failure problem, the advantage of the Bayesian network in solving the common-cause failure problem is utilized, and disadvantages of the traditional fault, event and decision trees in the aspect of risk analysis of hydroelectric engineering are overcome. On the basis of a Bayesian risk networkmodel of the cascade hydropower station, the key risk factor and key risk transfer path identification method is provided, and theoretical and method support for using the Bayesian network method ofthe cascade hydropower stations in risk identification and prevention is provided. The method is simple, clear and highly operable, and has significant application prospects in using the Bayesian network for risk identification and prevention in systems engineering as cascade hydroelectric engineering and civil engineering.

The invention discloses a universal probabilistic safety assessment model conversion system. With respect to the universal probabilistic safety assessment model conversion system, general probabilistic safety assessment automatic modeling methods and rules are combined with decomposition processing of a rich text probabilistic safety assessment model, computer-assisted modeling of the probabilistic safety assessment model can be carried out to a system including common cause failures. The universal probabilistic safety assessment model conversion system mainly comprises three modules: a model processor analyzes and processes the probabilistic safety assessment mode of a given system, model information of the given system is converted and decomposed into a standard model unit; an automatic modeling expert knowledge base stores construction rules of a universal system probabilistic safety assessment model, design and flow information of the given system, and specific probabilistic safety assessment model check rules of the given system and input by the user; and a model checking device analyzes, checks and arranges the standard model unit, changes the error of the standard model unit, and supplements missing probabilistic safety assessment model information, and a perfect system probabilistic safety assessment model is obtained.

The invention belongs to the technical field of nuclear power, and provides a nuclear power station containment spray system starting method and device. The nuclear power station containment spray system starting method comprises the steps that a containment dose rate signal is acquired in a measurement channel; the shutdown time and the corresponding dose rate of the containment dose rate signalare acquired; threshold comparison is performed on the safe dose rate range corresponding to the dose rate and the shutdown time according to a dose rate time curve; and whether a containment spray system requires to be started is determined according to the result of threshold comparison. Compared with the methods and the devices in the prior art, the dose rate in the containment acts as the judgment basis for starting the containment spray system so that the containment spray system is ensured to be started in time after occurrence of the accident even the containment pressure gauge or the relevant instrument control system has common cause failure, the integrity of the containment can be ensured and releasing of the fission product to the environment can be limited.

The invention provides a method and a system for detecting a random access memory. The method comprises the following steps of monitoring connecting ports of a first processor and a primary random access memory by a second processor; if the first processor is monitored to write data in a first address of the primary random access memory, obtaining the data, reversing the data, and then writing reversed data in a second address of a standby random access memory; if the first processor is monitored to read data from the first address of the primary random access memory, obtaining the data read from the first address by the first processor, read the data from the second address, comparing the data read from the first address with the data read from the second address, and outputting a detection signal according to a comparison result. As being seen, the method and the system for detecting the random access memory can be used for detecting the data transmission of the primary random access memory in real time, moreover, the data are not needed to be written in all addresses, and thus, the time consumption is reduced. Furthermore, a common cause failure factor can be avoided quite well.

The invention belongs to the technical field of system reliability analysis, and particularly relates to a determination method for the reliability of a system with a common cause failure in a GO (goal oriented) method. The determination method comprises the steps that all components in a common cause group are replaced by equivalent common cause failure components, and a replacement GO chart is obtained; the quantification analysis is conducted on the GO chart; the fault probability of the system including only the common cause failure is obtained; and the fault probability of the system considering the common cause failure is the obtained fault probability of the system including only the common cause failure plus the fault probability of the system without the common cause failure. The determination method can process different common cause groups at the same time through the quantification replacement GO chart, and is simple in concept, convenient to implement, high in precision and suitable for engineering application.

The invention makes a request of protecting a safety and reliability evaluation method for a flue gas online monitoring system with consideration of a common cause failure. A typical fault mode of a flue gas on-line monitoring system is analyzed; a common cause failure is processed by a display modeling method by combining a fault tree analysis method; fault events are classified into independentfailure events and common cause failure events and a fault tree model considering the common cause failures is established; and an alpha factor model is used for analyzing the common cause failures ofthe system, so that the safety and reliability of the system are evaluated. According to the invention, the reliability evaluation considering the common cause failure is carried out by using a sample processing subsystem in the flue gas online monitoring system as an example; and reliability calculation is carried out on the system considering the common cause failure based on fault maintenancedata, so that a reliability analysis result more conforming to the actual operation condition is obtained.

The invention provides a cell temperature sampling system and an automobile. The cell temperature sampling system comprises a first temperature sensor used for acquiring the first temperature information of the preset cell position, a second temperature sensor used for acquiring the second temperature information of the preset cell position, a sampling circuit which is connected with the second temperature sensor and is used for obtaining the second temperature information and converting the second temperature information into a second temperature detection signal represented in a digital signal, and a cell management unit which is electrically connected with the first temperature sensor and the sampling circuit and is used for determining the real-time temperature of a cell according to afirst temperature signal and a second temperature signal. The cell temperature sampling system is advantaged in that two-path acquisition is carried out, principles of acquiring the two-way temperature information are different, common cause failure is avoided, and safety of temperature acquisition is improved.

A common-cause failure reliability judging system and method based on data drive can perform common-cause failure reliability analysis on a large complex system. The system comprises four modules of a data collector, a common-cause failure analyzer, a failure tree model analyzer and a failure tree analyzer, wherein the data collector acquires common-cause failure data and given system information and provides the common-cause failure data and the given system information for other modules; the common-cause failure analyzer determines elementary event grouping according to common-cause failure data and performs common-cause failure analysis on the elementary event groupings; the failure tree model analyzer modifies a failure tree model of a given system according to the elementary event grouping result; and the failure tree analyzer analyzes a given failure tree model. According to the common-cause failure reliability judging system and method, any types of asymmetrical common-cause failure can be analyzed, and reliability of the large complex system can be more accurately analyzed and monitored.

The invention provides an automobile torque safety control method based on a multi-core CPU. The automobile torque safety control method comprises the following steps that a torque calculation resultis obtained through a first CPU core in the multi-core CPU; whether the torque calculation result of the first CPU core is effective or not is judged through a second CPU core in the multi-core CPU; and whether a working state of the hardware environment where the multi-core CPU is located and / or whether a program running state of the second CPU core are / is effective or not is judged through a third CPU core in the multi-core CPU. According to the technical scheme of the automobile torque safety control method, the problem of the common cause failure risk possibly generated during automobile torque safety control based on the same CPU can be effectively solved, and effectiveness and accuracy of automobile torque safety monitoring are improved.

The invention discloses a high voltage sampling system and method. The system comprises a first voltage sampling circuit which is used for isolating and stepping down a voltage signal of a voltage tobe tested, carrying out signal conditioning on the stepped down voltage signal, and outputting a first sampling signal, a second voltage sampling circuit which is used for carrying out voltage division and signal conditioning on the voltage signal of the voltage to be tested, and outputting a second sampling signal, or directly isolating and sampling the voltage signal of the voltage to be testedand outputting a second sampling signal, and an MCU which is used for determining the output voltage of the voltage to be tested according to the first sampling signal and the second sampling signal.According to the invention, the voltage of the voltage to be tested is sampled through sampling methods of two different physical principles, which ensures sampling instantaneity and avoids common cause failure; and the system and method have strong reliability, satisfy the redundant safety requirement of ISO26262 functional safety, and can be widely applied to the technical field of voltage detection.

The invention discloses a fault tree analysis method taking the failure transition and failure mode common cause into account, which comprises the following steps: analyzing independent irrelevance of basic events on the same layer; establishing grading standards of limit relevant parameters of the intermediate layer event and key bottom event; performing relevance model composition based on basic attributes of the basic events and the classification method of the basic events; performing failure mode common cause failure analysis under the effect of a random disturbance source; performing probability analysis of fault treetop events of the failure mode series system by taking the common cause failure into account. The calculation result is accurate by adopting the analysis method disclosed by the invention, and the preparation method is suitable for popularization and application.

The invention discloses a control system common cause failure analysis method based on factor beta correction. The method comprises the steps that a common cause failure factor beta is estimated through a traditional scoring table; if a system to be analyzed is of a 1oo2 structure, the behavior of the system obtained after diagnosis is considered, namely, whether the system enters a secure state immediately is judged, and if not, manual operation is considered, and the Z value of the factor is judged to obtain a corrected Z value; if the system is of any other structure, the difference between the structure and the 1oo2 structure is considered. Because the difference of the number of channels has great influence on some technical measures (like diversity) but has no influence on other technical measures (like environment) in avoiding the common cause failure, by reclassifying scores in the scoring table, adjustment factors are increased for the technical measures influenced by the difference of the number of channels, original values of the technical measures not influenced by the difference of the number of channels are maintained, and calculation is carried out again so as to obtain a corrected factor beta.

The invention discloses a method for calculating a probability of dangerous failure on demand (PFD) and a probability of dangerous failure per hour (PFH) in a two out of four channel logic structure system. The method includes firstly calculating a common cause failure probability of the PFD and the PFH respectively according to a common cause failure formula of a common channel logic structure, then calculating formulas of probabilities of non-common cause danger failure which occurs in different channels of four channels respectively, and adding the formulas of the probabilities of non-common cause danger failure of different channels and the corresponding common cause failure formula to obtain a calculating method of a danger failure rate of the four channel logic structure. According to the method for calculating the PFD and the PFH in the two out of four channel logic structure system, a result obtained by the method is verified to be completely identical to a standard result and is capable of meeting normative requirements when compared with the result obtained through a reliability basic theory method. Calculating formulas can be directly written without establishing models, and the calculating result is more accurate and low in time consumption.

The invention discloses a method for redundant communication between MCU chips of an EPS system, particularly relates to the technical field of automobile EPS systems, and comprises a main control unit A, a main control unit B, a CAN communication circuit and an SPI communication circuit. According to the invention, data communication between the MCUs is carried out through the CAN and the SPI, and common cause failure of communication between double MCU chips is eliminated. The CAN communication mode between the double MCUs is innovated on the basis of a traditional single-system circuit, RH, RL and RHL resistors are added, and the cost is hardly increased. Meanwhile, the CAN and SPI data protocols are consistent, the communication format and content are unified, the portability of software is high, and the labor cost is reduced. According to the invention, the problem of degradation and even failure of the unmanned driving function caused by disconnection of control data interaction due to inter-chip communication failure of the EPS system can be solved; and the common cause failure problem of the double-path SPI or the double-path CAN can be effectively avoided. Therefore, the EPS system has good safety performance and life support, and has good operation stability and reliability.

An error check bit protocol converter comprises a first error detection and correction module, a check bit encoding module and a fault diagnosis unit, and is characterized in that the first error detection and correction module detects and corrects errors of input data and check bits; the check bit coding module is used for recoding the data output by the first error detection and correction module according to a lower-level coding protocol; and the fault diagnosis unit detects and corrects errors of the data output by the first error detection and correction module and the check bits output by the check bit encoding module, and reports an error detection result. According to the error check bit protocol converter, an extremely high diagnosis coverage rate is provided for check code protocol conversion, and the common cause failure rate is greatly reduced.

The invention discloses an in-loop dual-backup system. Two peripheral device controllers and two peripheral device structures are adopted; the two peripheral device controllers work in a dual-core lock step mode; the peripheral devices are respectively controlled by different peripheral device controllers; and one of the peripheral devices negates the written data according to bits. According to the in-loop dual-backup system, the dual-backup peripheral device is seamlessly connected to the loop of the dual-core lockstep peripheral device controller, so that the fault diagnosis rate of peripheral device access is greatly improved, and meanwhile, due to the isomerism of data stored in the peripheral device, the risk of common cause failure is greatly reduced.

The invention discloses a reliability assessment method considering common cause failure PMS, which assesses the reliability of a multi-stage task based on a discrete time Bayesian network method, analyzes common causes by adopting a random common cause model on this basis, and calculates the reliability of a common cause failure multi-stage task system by applying an implicit method. The PMS in the method is a typical complex system and is mostly applied to large-scale equipment such as aerospace equipment, unpredictable loss can be brought to a real system even if a small error exists, the method provided by the invention evaluates the reliability of a common cause failure system of elements, so that a calculation result is closer to an actual working environment of the system, and the problem that the system reliability obtained when common cause failure is not considered is not consistent with the actual system reliability is solved.

The present invention relates to a method for designing safety buses in consideration of common cause failures, in which various design schemes are applied to safety-related buses, and a safety bus connected to an emergency diesel generator and a safety bus connected to an alternate alternating current generator are arranged to be completely separated, thereby considering the common cause failuresof the buses themselves and ensuring the diversity of an emergency power source. Accordingly, even if a common cause failure of the safety bus occurs, the safety bus is designed to supply power to anessential load necessary for a safety shutdown of a powerplant through the alternate alternating current generator, and an effect can be obtained such that as the safety buses connected to the emergency diesel generator and the alternate alternating current generator are separated from each other, the load is divided, thereby reducing the capacity of the alternate alternating current generator.

The invention belongs to the technical field of probabilistic safety analysis of nuclear power safety level control and instrumentation systems, and particularly relates to a method for calculating the probability of failure to operate on command of a reactor protection system. The method comprises the steps that the probability of failure to operate on command of a channel caused by non-diagnosedand non-common cause failures of the channel is analyzed; the probability of failure to operate on command caused by the non-diagnosed and non-common cause failures which simultaneously occur in three channels or four channels among four channels is calculated under the situation that periodic tests are alternately conducted on each channel of the reactor protection system; the probability of failure to operate on command caused by diagnosable and non-common cause failures of the channel is calculated through failure repair rates; the probability of failure to operate on command caused by thediagnosable and non-common cause failures which simultaneously occur in three channels or four channels is calculated; the probability of failure to operate on command caused by the non-diagnosed andcommon cause failures and the probability of failure to operate on command caused by the diagnosable and common cause failures of the occurrence of failure to operate of the channel are calculated byanalyzing non-diagnosed and non-common cause failure factors and diagnosable and non-common cause failure factors; the probability of failure to operate on command of each part are added to obtain the probability of failure to operate on command of the reactor protection system. The method improves calculation efficiency.

The invention provides a system fault rate allocation method and device based on an autonomous operation control mode, and the method comprises the steps: determining a top event, building a fault tree model according to the top event, optimizing the fault tree model, carrying out the system hazard THR allocation according to the system fault tree model, and carrying out the system function TFFR allocation based on the system hazard THR allocation and a function fault tree model. And determining each security function SIL level and a basic event based on the TFFR distribution result, guiding a security-related system design process according to the security function SIL levels, and performing evaluation verification on the TFFR distribution result according to the basic event. The method solves the problems of incomplete hazard analysis, common cause failure of the system, strong human subjectivity and the like in the prior art, defines a specific operation process and an available method, establishes a system fault tree and a function fault tree, completes THR value distribution of system hazard according to the system fault tree, and improves the system hazard assessment efficiency. And completing the TFFR value of the function module and the fault rate distribution of the independent physical component according to the function fault tree, and verifying the validity of the distribution result.