E-Book, Englisch, 230 Seiten, Web PDF
Lauber Safety of Computer Control Systems
1. Auflage 2014
ISBN: 978-1-4831-5375-9
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
Proceedings of the IFAC Workshop, Stuttgart, Federal Republic of Germany, 16-18 May 1979
E-Book, Englisch, 230 Seiten, Web PDF
ISBN: 978-1-4831-5375-9
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
Safety of Computer Control Systems is a collection of papers from the Proceedings of the IFAC Workshop, held in Stuttgart, Germany on May 16-18, 1979. This book discusses the inherent problems in the hardware and software application of computerized control to automated systems safeguarding human life, property, and the environment. The papers discuss more specific concerns, such as railway systems, aircraft landing systems, nuclear power stations, chemical reactors, elevators, and cranes. The book also describes the safety and reliability of complex industrial computer systems together with an example showing the application of computers in power plants. One paper presents guidelines in documenting safety related computer systems that will help various parties who are involved in their purchase and operation. Another paper discusses how to detect failures in microcomputer systems such as memory violations and invalid operation code detectors. This book then concludes by discussing the necessity of inspecting process computers used in nuclear power plants, especially when computers are used in reactor protection, control rod, and authentication of log-in systems. This collection can be of interest for students of programming, process-computer analysts, heads of computer technology departments and institutions, and lecturers in industrial computer programming and design.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Safety of Computer Control Systems;4
3;Copyright Page;5
4;Table of Contents;8
5;Preface;10
6;CHAPTER 1. INTRODUCTION INTO THE SUBJECT OF THE WORKSHOP;12
6.1;PROBLEM STATEMENT;12
6.2;CLASSES OF OBSTACLES TO SAFE COMPUTING;12
6.3;STRATEGIES FOR SAFETY-RELATED COMPUTER SYSTEMS;13
6.4;CONCLUSION;13
6.5;REFERENCES;13
7;CHAPTER 2. SAFETY AND RELIABILITY — THEIR TERMS AND MODELS OF COMPLEX SYSTEMS;14
7.1;INTRODUCTION;14
7.2;THE BASIC MODEL OF SAFE AND RELIABLE SYSTEM PERFORMANCE;15
7.3;THE SYSTEM "AUTOMOBILE" AND ITS ENVIRONMENT, AN EXAMPLE;15
7.4;SYSTEM EFFECTIVENESS;16
7.5;DEFINING SAFETY AND RELIABILITY BY THE SET OF SYSTEM FAILURE MODES;16
7.6;QUANTITATIVE EVALUATION OF SAFETY, RELIABILITY AND AVAILABILITY;19
7.7;CONCLUSIONS;19
7.8;LITERATURE;19
8;CHAPTER 3. EXPERIENCE WITH COMPUTERS ON SOME UK POWER PLANTS;22
8.1;INTRODUCTION;22
8.2;DYNAMIC DESIGN TECHNIQUES;25
8.3;REDUNDANT SOFTWARE AND OTHER SOFTWARE CONSIDERATIONS;26
8.4;MODULARITY;27
8.5;THE MAN-MACHINE INTERFACE;28
8.6;RELIABILITY GROWTH;30
8.7;STEADY STATE RELIABILITY;30
8.8;CONCLUSIONS;31
8.9;REFERENCES;31
9;CHAPTER 4. GUIDELINES FOR THE DOCUMENTATION OF SAFETY RELATED COMPUTER SYSTEMS;44
9.1;BACKGROUND;44
9.2;OBJECTIVES;44
9.3;THE GUIDELINES;45
9.4;SELECTING ... OPTIMUM DOCUMENTATION FOR A PROJECT;46
9.5;PRESENT STATE OF DEVELOPMENT;46
9.6;ACKNOWLEDGEMENTS;46
9.7;ANNEX;46
10;CHAPTER 5. SAFETY CONSIDERATIONS IN PROJECT MANAGEMENT OF COMPUTERIZED AUTOMATION SYSTEMS;52
10.1;INTRODUCTION;52
10.2;SPECIAL PROPERTIES OF COMPUTER SYSTEMS FOR INDUSTRIAL APPLICATIONS;52
10.3;DEFINITION OF SAFETY OF A PROCESSCONTROL COMPUTER SYSTEM;53
10.4;STRUCTURE OF PROPOSED GUIDELINES;54
10.5;SAFETY MANAGEMENT DURING LIFE CYCLE;55
10.6;CONCLUSION;60
10.7;APPENDIX;60
10.8;REFERENCES;61
11;CHAPTER 6. STANDARDS FOR THE PRODUCTION OF HIGH QUALITY SYSTEMS;62
11.1;ABSTRACT;62
11.2;INTRCBUCTION;62
11.3;STUDY PHASE SUMMARY;62
11.4;THE STANDARDS;64
11.5;FUTURE DEVELOPMENTS;66
11.6;ACKNCfrZLEDGEMEKTTS;66
11.7;REFERENCES;66
12;CHAPTER 7. FUNCTIONAL REDUNDANCY TO ACHIEVE HIGH RELIABILITY;70
12.1;INTRODUCTION;70
12.2;RELIABILITY, RESOURCES AND FUNCTIONAL UNITS;71
12.3;THE ALLOCATION OF FUNCTIONAL UNITS;72
12.4;FUNDAMENTAL 1-RELIABLE SYSTEM ARCHITECTURE;73
12.5;FAILURE DETECTION AND ASSOCIATED ACTION;73
12.6;THE ANALYSIS OF SINGLE SYSTEM FAILURES;74
12.7;CONCLUSION;75
12.8;REFERENCES;75
12.9;DISCUSSION;75
13;CHAPTER 8. COMMUNICATION PROTOCOLS FOR THE PDV BUS IN NETWORK REPRESENTATION;76
13.1;INTRODUCTION;76
13.2;CHARACTERISTICS OF THE PDV BUS;77
13.3;DEFINITION OF THE NETWORKREPRESENTATION;78
13.4;NETWORK REPRESENTATION OF THECOMMUNICATION PROTOCOL;78
13.5;ANALYSIS OF THE PROTOCOL (VERIFICATION OF THE FAULT TOLERANCE);79
13.6;REFERENCES;80
14;CHAPTER 9. SOFTWARE DIVERSITY IN REACTOR PROTECTION SYSTEMS: AN EXPERMENT;86
14.1;INTRODUCTION;86
14.2;CURRENT SITUATION AND RELATED WORK;86
14.3;REACTOR SAFETY SYSTEMS AND SOFTWARE DIVERSITY;87
14.4;DESCRIPTION OF THE EXPERIMENT;87
14.5;CONCLUSION;89
14.6;REFERENCES;89
15;CHAPTER 10. ON A DIVERSIFIED PARALLEL MICROCOMPUTER SYSTEM;92
15.1;INTRODUCTION;92
15.2;BASIC STRATEGY;93
15.3;IMPLEMENTATION;94
15.4;DIMI-NETWORK;96
15.5;RELIABILITY AND SAFETY CONSIDERATIONS;97
15.6;CONCLUSION;97
15.7;ACKNOWLEDGEMENT;97
15.8;REFERENCES;97
16;CHAPTER 11. AN INVESTIGATION OF METHODS FOR PRO DUCTION AND VERIFICATION OF HIGHLY RELIABLE SOFTWARE;100
16.1;INTRODUCTION;100
16.2;SPECIFICATION;100
16.3;PROGRAMMING;101
16.4;PROGRAMME ANALYSIS;102
16.5;TESTING;102
16.6;RELIABILITY ASSESSMENT;103
16.7;CONCLUSIONS;104
16.8;REFERENCES;104
17;CHAPTER 12. A SURVEY OF METHODS FOR THE VALIDATION OF SAFETY RELATED SOFTWARE;106
17.1;INTRODUCTION;106
17.2;SPECIFICATION;106
17.3;PROGRAM CONSTRUCTION;106
17.4;SOFTWARE DIVERSITY;107
17.5;STATISTICAL METHODS;107
17.6;ANALYTICAL METHODS;108
17.7;PROOF TECHNIQUES;110
17.8;SUMMARY AND FUTURE DEVELOPMENTS;111
17.9;ACKNOWLEDGEMENT;112
17.10;REFERENCES;112
18;CHAPTER 13. AN EXPERIENCE IN DESIGN AND VALIDATION OF SOFTWARE FOR A REACTOR PROTECTION SYSTEM;114
18.1;INTRODUCTION;114
18.2;SOFTWARE REQUIREMENTS;114
18.3;SOFTWARE DESIGN;115
18.4;SOFTWARE CODING;115
18.5;CODE VERIFICATION FOR THE PURELY "COMBINATORIAL MODULES";116
18.6;CODE VERIFICATION FOR "TIME DEPENDINGMODULE;117
18.7;SYSTEM TESTING;117
18.8;REFERENCES;119
19;CHAPTER 14. GRAPHS OF DATA FLOW DEPENDENCIES;128
19.1;1. INTRODUCTION;128
19.2;2.SEVERAL METHODS FOR THE ANALYSIS OF DATA FLOW;128
19.3;3.ELEMENTS OF DATA FLOW GRAPHS;129
19.4;4. WORST CASE DATA TREES;129
19.5;5. THE CONSTRUCTION OF DATA TREES WITH REGARD TO THE CONTROL FLOW GRAPH;130
19.6;6. DATA TREES OF AFFECTED DATA;131
19.7;7. CONCLUDING REMARKS;131
19.8;8. REFERENCES;131
20;CHAPTER 15. SAFETY PROGRAM VALIDATION BY MEANS OF CONTROL CHECKING;140
20.1;INTRODUCTION;140
20.2;THE PROPOSAL;141
20.3;THE PROGRAM INSTRUMENTATION PROBLEM;141
20.4;DATA FLOW CHECKING;145
20.5;GENERAL REMARKS;145
20.6;PRELIMINARY RESULTS;147
20.7;REFERENCES;148
21;CHAPTER 16. A PROCESS COMPUTER FOR EXPERIMENTAL USE;150
21.1;INTRODUCTION;150
21.2;THE MULTIPROCESSOR STRUCTURE;151
21.3;THE MICROPROCESSOR TMS 9900;152
21.4;PROCESSOR BOARD;153
21.5;CONCLUSION;157
21.6;REFERENCES;158
22;CHAPTER 17. CONTROL OF NUCLEAR REACTION BY PATTERN RECOGNITION METHODS;160
22.1;INTRODUCTION;160
22.2;PATTERN RECOGNITION METHODOLOGY;160
22.3;IMPLEMENTATION ON THE NUCLEAR REACTOR;161
22.4;RESULTS;162
22.5;CONCLUSION;163
22.6;ACKNOWLEDGEMENTS;163
22.7;DISCUSSION;163
23;CHAPTER 18. SPECIFICATION, DESIGN AND IMPLEMENTATION OF COMPUTERBASED REACTOR SAFETY SYTEMS;164
23.1;INTRODUCTION;164
23.2;FAULT-TOLERANCE;165
23.3;REACTOR SAFETY SYSTEMS;165
23.4;SYSTEM ARCHITECTURE;166
23.5;SPECK A SYSTEM SPECIFICATION AID;167
23.6;SELF-CHECKING PROCESSORS;168
23.7;DATA COMMUNICATION;169
23.8;CONCLUSIONS;169
23.9;ACKNOWLEDGEMENTS;169
23.10;REFERENCES;169
24;CHAPTER 19. EXPERIENCE WITH A SPECIFICATIONLAN GUAGE IN THE DUALDEVELOPMENT OF SAFETY SYSTEM SOFTWARE;172
24.1;INTRODUCTION;172
24.2;FUNCTIONAL REQUIREMENTS - LESSONS LEARNED;173
24.3;REPRESENTATIVE APPLICATION;172
24.4;DEVELOPMENT METHODOLOGY;172
24.5;FUNCTIONAL REQUIREMENT PHASE;173
24.6;PRELIMINARY DESIGN PHASE;173
24.7;REQUIREMENTS SPECIFICATION LANGUAGE;174
24.8;USE OF RSL IN THE PROJECT;174
24.9;RSL PATH ENUMERATION;175
24.10;PRELIMINARY DESIGN STATISTICS;175
24.11;PRELIMINARY DESIGN EXPERIENCES- BENEFITS;175
24.12;PRELIMINARY DESIGN STATISTICS;175
24.13;PRELIMINARY DESIGN EXPERIENCE- PROBLEMS OR DISADVANTAGES;176
25;CHAPTER 20. OVERVIEW OF HARDWARE-RELATED SAFETY PROBLEMS OF COMPUTER CONTROL SYSTEMS;180
25.1;INTRODUCTION;180
25.2;FAILURE MODES;180
25.3;COMPARISON OF SAFETY PROBLEMS OF COMPUTER SYSTEMS;181
25.4;HARDWARE DIVERSITY;187
26;CHAPTER 21. THE COMBINED ROLE OF REDUNDANCY AND TEST PROGRAMS IN IMPROVING FAULT TOLERANCE AND FAILURE DETECTION;190
26.1;INTRODUCTION;190
26.2;STATE DIAGRAMS FOR SINGLE SYSTEMS;191
26.3;STATE DIAGRAMS FOR M OUT OF N SYSTEMS;191
26.4;THE INFLUENCE OF REDUNDANCY AND OF FAILURE DETECTION ON SAFETY FIGURES;192
26.5;SPECIAL RESULTS;192
26.6;LITERATURE;192
27;CHAPTER 22. A FAIL-SAFE COMPARATOR FOR ANALOGOUS SIGNALS WITHIN COMPUTER CONTROL SYSTEMS;198
27.1;INTRODUCTION;198
27.2;REQUIREMENTS FOR ANALOG COMPARATORS RELEVANT TO SAFETY;199
27.3;VARIOUS CONCEPTS OF ANALOG COMPARATORS;200
27.4;ANALOG COMPARATORS WITHOUT SECONDARY ENERGY;200
27.5;ANALOG COMPARATORS WITH SECONDARY ENERGY;201
27.6;COMPARATOR WITH A CHOPPER CONTROLLED BY AN EXTERNAL OSCILLATOR;201
27.7;SELF-OSCILLATING COMPARATOR;201
27.8;NON-INTRINSICALLY SAFE COMPARATOR WITH FAIL-SAFE MONITORING;202
27.9;ANALOG COMPARATOR WITH DIGITALIZATION OF THE INPUT VARIABLES;202
27.10;PROPOSAL FOR A FAIL-SAFE ANALOG COMPARATOR;203
27.11;SUMMARY;204
27.12;REFERENCES;204
27.13;DISCUSSION;204
28;CHAPTER 23. FAILURE DETECTION IN MICROCOMPUTER SYSTEMS1;206
28.1;INTRODUCTION;206
28.2;RESULTS OF EXPERIMENTS;207
28.3;DISCUSSION ABOUT FAILURE HYPOTHESIS;207
28.4;CONCLUSION;209
28.5;REFERENCES;209
29;CHAPTER 24. TEST POLICY VS MAINTENANCE POLICY AND SYSTEM RELIABILITY;212
29.1;INTRODUCTION;212
29.2;OPERATING AND MAINTENANCE PROCEDURES;212
29.3;STATE PROBABILITIES;212
29.4;TRANSITION RATES;213
29.5;EXOGENEOUS NON CONDITIONAL PROBABILITIES;213
29.6;STATE EVOLLTTIONS;213
29.7;INITIAL CONDITIONS AND STEADY-STATE SOLUTION;214
29.8;MEAN TIME BETWEEN UNSCHEDULED REPAIRS;214
29.9;CRITERIA APPLYING TO PREVENTIVE MAIMENANCE DECISIONS;214
29.10;COST MINIMIZATION OF THE DECISION BETWEEN UNSCHEDULED ON-THE-SITE REPAIR AND OVERHAUL;214
29.11;FAILURE DETECTION AND TESTING;215
29.12;APPLICATION TO THE SPECIFICATION OF RECALIBRATION INTERVALS;215
29.13;REFERENCES;215
30;CHAPTER 25. OPTIMISATION OF A SERVOSYSTEM;218
30.1;INTRODUCTION;218
30.2;COMPOSING OF THE MODEL;218
30.3;CONCLUSIONS;221
30.4;REFERENCES;221
31;CHAPTER 26. INSPECTION OF PROCESS COMPUTERS FOR NUCLEAR POWER PLANTS;224
31.1;INTRODUCTION;224
31.2;HARDWARE - SOFTWARE;225
31.3;COMPUTERIZED REACTOR PROTECTION SYSTEMS;225
31.4;CONTROL ROD CONTROL COMPUTERS;226
31.5;TROUBLE LOGGING;227
31.6;DISCUSSION;228
32;AUTHOR INDEX;230
