Global Interlock System Implementation Plan GIS SDR 24
Global Interlock System Implementation Plan GIS SDR 24 September 2009 Scott Bulau
Agenda • 8: 35 - 9: 00 Brief description on ATST (Mark Warner) 9: 00 – 9: 45 Hazard Analysis (Rob Hubbard) 10: 00 – 10: 15 Break 10: 15 – 11: 30 GIS Specifications and Interfaces (Scott Bulau) 11: 30 – 11: 45 Safety Management (Chuck Gessner) 11: 45 – 12: 45 GIS Design (Scott Bulau) 12: 45 – 1: 30 Lunch 1: 30 – 2: 00 GIS Design (cont. ) 2: 00 – 2: 45 Plan of implementation (Scott Bulau) 2: 45 – 3: 00 Break 3: 00 – 4: 30 Executive Session (Committee) Generate Draft Report 4: 30 – 5: 00 Brief Project (Committee) • 5: 00 • • • September 24, 2009 Adjourn ATST GIS SDR 2
For Each Subsystem: • System Design Specification – • Design Phase Hazard Analysis and Risk Assessment – – • “The level of protection affordable by interlocks shall be appropriate for the level of hazard based on MIL-STD-882 D…” “A risk reduction category shall thus be established through mapping to hazard severity and risk reduction tables provided in ANSI/RIA R 15. 061999…” Safety Requirements Specification (ICD) – – • “Conform to ICD x. x/x. x Global Interlock System to subsystem” “… design Vendor shall provide complete listing of all interlocks and safety limits. ” “… design Vendor shall provide AURA with any and all critical sequences associated with the interaction of the subassembly and safety interlocks and limits associated therein. ” Verification – The Vendor’s subsystem design shall be subjected to a review of the hazard analysis … by persons, approved by AURA, experienced in the design and operation of safety shutdown systems. There shall be a record kept of the findings of the review and response to each finding. ” 3
For GIS with inputs from subsystems: • Safety System Design – • System Build – – • Fabrication of each LIC Fabrication GIC Functional Testing – • GIS Final Design with Global controller incorporating influence matrix Verification after all local controller and global controls have been completed For subassemblies that have factory preassembly to level allowing functional level testing: • Safety System Functional Testing and Verification – – Factory tests of all interlocks to safety I/O modules Verification of ICD September 24, 2009 ATST GIS SDR 4
For Each Subsystem: • Installation of local controller on site – Functionally test with safety I/O – Functionally test with global control – Verification meets requirements • Integration Test and Commissioning – Validation of entire safety system * Verification reviewed by independent CFSE September 24, 2009 ATST GIS SDR 5
For GIS of ATST: • Validation of risk assessment • Safety System Training • Safety System Maintenance and Verification • Periodic Safety Reviews and Risk Assessment Updates September 24, 2009 ATST GIS SDR 6
Schedule September 24, 2009 ATST GIS SDR 7
Basis of Design • Design is based on modified, previous, similar sized telescope systems. – Distributed system – Independent subsystems – Separate safety network • PAC design (safety PLC) – Specified hardware and software – Hardware and software safety certified – Hardware is built control reliable September 24, 2009 ATST GIS SDR 8
Cost Estimate for Global Interlock System • Hardware and software license $419 K Then-Year-Dollars – Based on current costs quoted by distributor (Border-States, 2009) – Does not account for subsystem contractor cost of interlock and safety I/O • Labor Estimate $ 577 K Then-Year-Dollars – Based on 5 FTE of Electrical Engineer and Electrical Technician over 8 years, some in AZ and some in HI • GIS Total Cost Estimate $ 996 K Then-Year-Dollars September 24, 2009 ATST GIS SDR 9
Risks • Technical risk – Architecture of design for observatory is new, however it is supported by a well developed, existing product line • Cost risk – Based on needs of similar sized systems (other telescopes) using vendor prices for principal components • Schedule risk – Interlocks must function on subsystem level, then on global level – As more systems are added, combinations of interactions increase – Time to test will increase • Risk assessment assigns contingency of 26% – Based on risk factors technical 4, Cost 10, Schedule 8 September 24, 2009 ATST GIS SDR 10
Global Interlock System - END - September 24, 2009 ATST GIS SDR 11
- Slides: 11
