TY - GEN
T1 - Evaluation of I&C architecture alternatives required for the jupiter Icy moons orbiter (JIMO) reactor
AU - Muhlheim, Michael D.
AU - Wood, Richard T.
AU - Bryan, William L.
AU - Wilson, Thomas L.
AU - Holcomb, David E.
AU - Korsah, Kofi
AU - Jagadish, Usha
PY - 2006
Y1 - 2006
N2 - This paper discusses alternative architectural considerations for instrumentation and control (I&C) systems in high-reliability applications to support remote, autonomous, inaccessible nuclear reactors, such as a space nuclear power plant (SNPP) for mission electrical power and space exploration propulsion. This work supported the pre-conceptual design of the reactor control system for the Jupiter Icy Moons Orbiter (JIMO) mission. Long-term continuous operation without intermediate maintenance cycles forces consideration of alternatives to commonly used active, N-multiple redundancy techniques for high-availability systems. Long space missions, where mission duration can exceed the 50% reliability limit of constituent components, can make active, N-multiple redundant systems less reliable than simplex systems. To extend a control system lifetime beyond the 50% reliability limits requires incorporation of passive redundancy of functions. Time-dependent availability requirements must be factored into the use of combinations of active and passive redundancy techniques for different mission phases. Over the course of a 12 to 20-year mission, reactor control, power conversion, and thermal management system components may fail, and the I&C system must react and adjust to accommodate these failures and protect nonfailed components to continue the mission. This requires architectural considerations to accommodate partial system failures and to adapt to multiple control schemes according to the state of nonfailed components without going through a complete shutdown and restart cycle. Relevant SNPP I&C architecture examples provide insights into real-time fault tolerance and long-term reliability and availability beyond time periods normally associated with terrestrial power reactor I&C systems operating cycles. I&C architectures from aerospace systems provide examples of highly reliable and available control systems associated with short- and long-term space system operations. Reliability concepts are discussed, and differences between various redundancy management schemes are compared. Mission time-dependent availability requirements indicate that a SNPP I&C might employ different types of redundancy at different times in a mission. Conclusions are drawn regarding appropriate architectural features relative to mission duration and control system availability requirements.
AB - This paper discusses alternative architectural considerations for instrumentation and control (I&C) systems in high-reliability applications to support remote, autonomous, inaccessible nuclear reactors, such as a space nuclear power plant (SNPP) for mission electrical power and space exploration propulsion. This work supported the pre-conceptual design of the reactor control system for the Jupiter Icy Moons Orbiter (JIMO) mission. Long-term continuous operation without intermediate maintenance cycles forces consideration of alternatives to commonly used active, N-multiple redundancy techniques for high-availability systems. Long space missions, where mission duration can exceed the 50% reliability limit of constituent components, can make active, N-multiple redundant systems less reliable than simplex systems. To extend a control system lifetime beyond the 50% reliability limits requires incorporation of passive redundancy of functions. Time-dependent availability requirements must be factored into the use of combinations of active and passive redundancy techniques for different mission phases. Over the course of a 12 to 20-year mission, reactor control, power conversion, and thermal management system components may fail, and the I&C system must react and adjust to accommodate these failures and protect nonfailed components to continue the mission. This requires architectural considerations to accommodate partial system failures and to adapt to multiple control schemes according to the state of nonfailed components without going through a complete shutdown and restart cycle. Relevant SNPP I&C architecture examples provide insights into real-time fault tolerance and long-term reliability and availability beyond time periods normally associated with terrestrial power reactor I&C systems operating cycles. I&C architectures from aerospace systems provide examples of highly reliable and available control systems associated with short- and long-term space system operations. Reliability concepts are discussed, and differences between various redundancy management schemes are compared. Mission time-dependent availability requirements indicate that a SNPP I&C might employ different types of redundancy at different times in a mission. Conclusions are drawn regarding appropriate architectural features relative to mission duration and control system availability requirements.
UR - http://www.scopus.com/inward/record.url?scp=34047186227&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:34047186227
SN - 0894480510
SN - 9780894480515
T3 - 5th International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology (NPIC and HMIT 2006)
SP - 755
EP - 764
BT - 5th International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology (NPIC and HMIT 2006)
T2 - 5th International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology (NPIC and HMIT 2006)
Y2 - 12 November 2006 through 16 November 2006
ER -