Automatic Modeling of Fault Tree for NuIEEE Transactions on Power Electronics,Clear Power Safety I&C Configuration

,


Introduction
This paper takes nuclear power safety Instrumentation and Control system, or I&C system for short, as the modeling object.Safety I&C system, a crucial part of the nuclear power plant, guarantees safety, reliability and economic efficiency.Considering the distinctive features of nuclear power plant, safety and reliability of all nuclear power systems must be verified with no exception of the very important nuclear power safety I&C system.In ordinary verification modeling process, fault trees are built manually after analyzing the topology of hardware and the function of the software, which becomes not only time-consuming, but also inconsistent with style, coding, assumption and other factors.To make it worse, the errors usually occur during the manual modeling process gradually.Furthermore, today the whole process of the fault tree modeling is required to be recorded for the reason of simplicity and traceability, which makes manual modeling workload of fault tree for nuclear safety I&C system heavy and cumbersome.In order to solve the problems above, the automatic modeling methods need to be considered [1,2,7].
In this paper, Visio Automation software technology is used to analyze the topology of the nuclear power safety I&C system hardware device and software function to complete the fault tree automatic modeling work [6].The good result in practical implementations shows that the nuclear power safety I&C system fault tree modeling work is successfully simplified.

Automatic Modeling of Fault Tree
According to the designing concept of automatic modeling system of fault tree for nuclear power safety I&C configuration, the structure of automatic modeling process is shown in Figure 1.The new developed modeling system is divided into three main parts: configuration module stencils, configuration drawing and fault tree automatic generation.

Stencils Design
In this paper, nuclear power safety I&C configuration work require to create the Visio visualization stencils, according to the respective characteristics of nuclear power safety I&C system hardware device and software function, ActiveX control technology is used to create the card and logic gates module stencils for configuration.The created module stencils is shown in Table 1.User can drag and drop the module in the stencils and draw the signal line in the configuration diagram.After the nuclear power safety I&C configuration diagram is completed, User can use Visio Automation mechanism to get the IDispatch scheduling interface of ActiveX control, the control's properties, methods and response control events can be accessed.After analyzing the configuration diagrams, the automatic modeling system of fault tree will lead anticipated results [8].

Configuration Object Feature
After configuration drawing is finished, a new Visio Automation program will be needed to analyze the configuration diagram through the object model which contains the attributes, methods, events and hierarchical relationship between the objects.The Visio objects structure is shown in Figure 2. Built on the Visio Automation programming resources, the topmost object acts as an application object (Application).Through the Application user can access to any other objects.User can use the object's properties and methods to perform certain operations after obtain the object reference and identify the features.According to the features of different objects, the objects can be classified as shown in Table 1.
Different types of objects must assigned different properties and methods.

Process of Automatic Modeling
In this paper, the automatic modeling system of fault tree for nuclear power safety I&C configuration is built based on Visio Automation software technology.This technology allows user to extend the visualization functionality of Visio or make it as user program's graphics engine.User can not only create or modify the configuration diagrams based on external data, but also extract the relevant configuration information from diagrams by a special designed program [1].In this paper, VC programming language is used to write VSL library file [6], and run in the way of sharing the same address space with the graphics engine.This method has strong ability to interact with configuration diagrams and high operating efficiency.
The concept of control stream is used to analyze the nuclear power safety I&C configuration diagram during the automatic modeling processing.The fault courses and results transfer in complex I&C configuration system following the way of control streams.The configuration diagram is analyzed based on control streams to organize and classify the information modules.An analysis program is designed to complete the automatic modeling process.
1) User needs to complete the drawing work of device configuration, user use the created module stencils and signal line class to complete the configuration diagram.After the completion of the diagram, assignment function of the form class is used to complete the assignment of the common cause group and module in configuration diagram.According to the objects classification in Table 1, different types of objects must assigned different properties and methods.
2) After the connection relation is checked, user can analyze the configuration diagram.Visio Automation software technology is used to get the object and its properties and methods.The process of analysis is shown as the automatic modeling part in Figure 1.At beginning, the program gets the signal line, then the up-stream and downstream information module is obtained.Then user can analyze the feature of object to get the properties and methods.After the analysis of the module and connection relations and taking the failure mode into account, a fault tree file is generated.
3) User inputs the fault tree files through the interface with Risk Spectrum, the nuclear power safety I&C system configuration fault tree analysis work is completed.

Safety Configurations Implementation
In this paper, the automatic modeling method is used to simplify the modeling work of fault tree for nuclear power safety I&C configuration.The fault tree files are generated follow the process of automatic modeling, the structure of the process is shown in Figure 1.After the fault tree is built, the correctness of automatic modeling of fault tree must be verified.The implementation can be divided into two typical parts: the measurement signals configuration and channel group configuration.After the implementation, the accuracy of automatic modeling work is verified deeply and comprehensively.

Measurement Signals Configuration
The measurement signals configuration is very typical in nuclear power safety I&C configuration system.Figure 3 shows the measurement signals configuration diagram.This diagram has three LT transmitters, three KLPJ cards and a logic gate.In order to complete this diagram, user can drag and drop the module in the stencils and draw the signal lines to connect modules.The completed diagram is shown in Figure 3.The fault tree file is generated after analysis of the configuration diagram.The created fault tree is shown in Figure 4.In this figure, the Top Event corresponds to the logic gate, a KLPJ card generates two Basic Events and an OR Gate, the LT transmitter is in the same situation with cards.The generated fault tree of the measurement signals configuration is proven correct, that means the accuracy of the automatic modeling work is preliminary confirmed.

Channel Groups Configuration
The nuclear power safety I&C system has a lot of channels, the structure of the channels are basically the same.Each channel is divided into A, B groups, the structure of the two groups is identical.The fault tree is generated after analyze the channel groups configuration diagram.Because the overall fault tree is too large, only part of the fault tree is shown in Figure 6, this part is begin with the group A Limiter cards and MEOJ cards ,through the set of K/N logic gates the signal transmitted to the AND gate.   Figure 7 shows the fault tree which is begin with AND output signal, through the PSMJ card and PWNJ card, the PWNJ output signal merge with the signal of group B to PPNJ card.The Top Event is the generated gate by PPNJ card, the input signal is the AND gate.The correctness of the automatic modeling system has been verified comprehensively.

Conclusions
In this paper, ActiveX control technology is used to create the module stencil for configuration and VSL library written in VC language is used as a tool to analyze nuclear power safety I&C system hardware device and software function to build the fault tree.The successful implementation of automatic modeling of fault tree has verified the correctness of the automatically generated fault tree.The method of the automatic modeling of fault tree for nuclear power safety I&C configuration simplifies the modeling work and improves the traceability of the fault tree modeling.This method has been applied to practical work, and with some modifications it can also be applied to other systems such as the logic diagram analysis of electrical system and information system.Therefore, the method of fault tree automatic modeling is bound to have broad application prospects.

Figure 1 .
Figure 1.Structure of automatic modeling process.

5 .
The intermediate portion of a channel group A configuration diagram is shown in Figure The signals of group A and B converges in PPNJ cards.This channel groups configuration is very common with the I&C configuration system.

Figure 6 .
Figure 6.Fault tree of part of channel groups (a).

Figure 7 .
Figure 7. Fault tree of part of the channel groups (b).