Field programmable gate arrays (FPGAs) have drawn wide attention from nuclear power industry for digital instrument and control applications (DI&C), because it’s much easier and simpler than microprocessor-based applications, which makes it more reliable. FPGAs can also enhance safety margins of the plant with potential possibility for power upgrading at normal operation. For these reasons, more and more nuclear power corporations and research institutes are treating FPGA-based protection system as a technical alternative.
As nuclear power industry requires high reliability and safety for DI&C Systems, the development method and process should be fully verified and validated. For this reason, to improve the application of FPGA in NPP I&C system, the specific test methods are critical for the developers and regulators. However, current international standards and research reports, like IEC 62566 and NUREG/CR-7006, which have demonstrated the life circle of the development of FPGA-based safety critical DI&C in NPPs, but the specific test requirements and methods which are significant to the developers are not provided.
In this paper, the whole test process of a pressurized water reactor (PWR) protection sub-system (Primary Coolant Flow Low Protection, Over Temperature Delta T Protection, Over Power Delta T Protection) is described, including detail component and integration tests. The Universal Verification Methodology (UVM) based on System Verilog class libraries is applied to establish the verification test platform. All these tests are conducted in a simulation environment. The test process is driven by the test coverage which includes code coverages (i.e., Statement, Branch, Condition and Expression, Toggle, Finite State Machine) and function coverage. Specifically, Register Transaction Level (RTL) simulation is conducted for Component tests, while RTL simulation, Gate Level simulation, Timing simulation and Static timing analysis are conducted for the integration test. The issues (e.g., the floating point calculation, FPGA resource allocation and optimization) arose in the test process are also analyzed and discussed, which can be references for the developers in this area.
The component and integration tests are part of the Verification and Validation (V&V) work, which should be done by the V&V team separated from the development team. The testing method could assure the test results reliable and authentic. It is practical and useful for the development and V&V of FPGA-based safety DI&C systems.