Safety System Final Design for the ITER Heating Neutral Beam Injector Test Bed

Luchetta, Adriano; Arias, Jesus; Battistella, Manuela; Dal Bello, Samuele; Grando, Luca; Labate, Carmelo; Moressa, Modesto; Paolucci, Francesco

doi:10.18429/JACoW-ICALEPCS2023-TUPDP041

Journals of Accelerator Conferences Website (JACoW)

JACoW is a publisher in Geneva, Switzerland that publishes the proceedings of accelerator conferences held around the world by an international collaboration of editors.

RIS citation export for TUPDP041: Safety System Final Design for the ITER Heating Neutral Beam Injector Test Bed

TY  - CONF
AU  - Luchetta, A.F.
AU  - Arias, J.M.
AU  - Battistella, M.
AU  - Dal Bello, S.
AU  - Grando, L.
AU  - Labate, C.
AU  - Moressa, M.M.
AU  - Paolucci, F.
ED  - Schaa, Volker RW
ED  - Götz, Andy
ED  - Venter, Johan
ED  - White, Karen
ED  - Robichon, Marie
ED  - Rowland, Vivienne
TI  - Safety System Final Design for the ITER Heating Neutral Beam Injector Test Bed
J2  - Proc. of ICALEPCS2023, Cape Town, South Africa, 09-13 October 2023
CY  - Cape Town, South Africa
T2  - International Conference on Accelerator and Large Experimental Physics Control Systems
T3  - 19
LA  - english
AB  - MITICA, the prototype of the ITER heating neutral beam injector, will use an extensive computer-based safety system (MS) to provide occupational safety. The MS will integrate all personnel safety aspects. After a detailed risk analysis to identify the possible hazards and associated risks, we determined the safety instrumented functions (SIFs), needed to mitigate safety risks, and the associated Safety Integrity Levels (SIL), as prescribed in the IEC 61508 technical standard on functional safety of electrical/electronic/programmable electronic safety-related systems. Finally, we verified the SIFs versus the required SIL. We identified 53 SIFs, 3 of which allocated to SIL2, 23 to SIL1, and the others without SIL. Based on the system analysis, we defined the MS architecture, also considering the following design criteria: - Using IEC 61508 and IEC 61511 (Safety instrumented systems for the process industry) as guidelines; - Using system hardware to allow up to SIL3 SIFs; - Using certified software tools to allow programming up to SIL3 SIFs. The SIL3 requirement derives from the need to minimize the share of the hw/sw failure probability, thus allowing maximum share to sensors and actuators. The paper presents the requirements for the MITICA safety systems and the system design to meet them. Due to the required system reliability and availability, the hardware architecture is fully redundant. Given the requirement to choose proven solutions, the system implementation adopts industrial components. 
PB  - JACoW Publishing
CP  - Geneva, Switzerland
SP  - 602
EP  - 606
KW  - software
KW  - SCADA
KW  - hardware
KW  - PLC
KW  - neutral-beams
DA  - 2024/02
PY  - 2024
SN  - 2226-0358
SN  - 978-3-95450-238-7
DO  - doi:10.18429/JACoW-ICALEPCS2023-TUPDP041
UR  - https://jacow.org/icalepcs2023/papers/tupdp041.pdf
ER  -