-
Notifications
You must be signed in to change notification settings - Fork 1
/
RTS.lando
60 lines (51 loc) · 2.61 KB
/
RTS.lando
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
// title: Reactor Trip System high-assurance demonstrator.
// project: High Assurance Rigorous Digital Engineering for Nuclear Safety (HARDENS)
// copyright (C) 2021 Galois
// author: Joe Kiniry <[email protected]>
// Copyright 2021, 2022, 2023 Galois, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
system Reactor Trip System (RTS)
The overall shape of the Reactor Trip System (RTS) is an archetypal
*sense-compute-actuate* architecture. Sensors are in the `Sensors`
subsystem. They are read by the `Instrumentation` subsystem, which
contains four separate and independent `Instrumentation`
components. The "Compute" part of the architecture is spread across
the `Actuation Logic` subsystem—which contains the two `Voting`
components which perform the actuation logic itself—and the `Root`
subsystem which contains the core computation and I/O components, and
the two separate and independent devices that drive actuators.
subsystem RTS Architecture (Architecture)
This RTS architecture specification includes all of the core
concepts inherent to NPP Instrumentation and Control systems.
A system architecture specification often includes a software,
hardware, network, and data architecture specifications.
subsystem RTS Hardware Artifacts (Hardware)
The physical hardware components that are a part of the HARDENS RTS
demonstrator.
subsystem RTS Implementation Artifacts (Implementation)
A summary of the tools, technologies, specifications, and implementations
relevant to this high-assurance demonstrator's development and assurance.
subsystem RTS Requirements (Requirements)
All requirements that the RTS system must fulfill, as driven by the
IEEE 603-2018 standards and the NRC RFP.
subsystem RTS Properties (Properties)
All correctness and security properties of the RTS system are
specified in this subsystem.
subsystem IEEE Std 603-2018 Characteristics (Characteristics)
The IEEE 603-2018 requirements (known as "characteristics" in
the standard) which the RTS demonstrator system must fulfill.
relation RTS contains Architecture
relation RTS contains Hardware
relation RTS contains Properties
relation RTS contains Characteristics