https://www.bentasker.co.uk/posts/blog/general/an-afternoon-in-sizewell-b-control-room-simulator.html Skip to main content [ ][DuckDuckGo Search] [eagle_blac] www.bentasker.co.uk RSS Feed * Home * Blog * Documentation * Videos * Archive * Tags Spending an Afternoon In The Sizewell Control-Room Simulator Ben Tasker 2024-05-06 16:23 [sizewell_b] A few weeks ago, I was fortunate enough to be invited to tag along on a trip to the Operations Training Simulator at Sizewell B Nuclear power station. Located on the Suffolk coast, Sizewell B is currently the UKs only Pressurised Water Reactor (PWR) and is operated by EDF Energy (I've also previously accidentally met some of their police force). The simulator is a high fidelity reproduction of the site's control room. They've reproduced the original to the extent that one of the walls even sports painted-on doors (complete with a view into the "kitchen") because that's where the doors are in the real room. Aside from the carpet being somewhat less worn, a huge amount of effort has been put into ensuring that it is essentially a 1:1 reproduction of the actual control room. --------------------------------------------------------------------- The Reactor The reactor is a Westinghouse PWR, running two steam turbines. As you enter the training centre, there's a model showing the contents of Sizewell's dome Photo of a model of the reactor dome. The reactor is encased in concrete and there're turbines etc. Sizewell currently consists of two sites - A and B. A shut-down back in 2007 and is being decommissioned. The James Bond-esque building on the left is its turbine hall (sadly scheduled for demolition this summer). Photo of Sizewall take from the beach in 2020. There's a large concrete building - A - and just behind it a much shorter blue building with a white dome coming out of it The blue building with the golf-ball dome is Sizewell B. When it's built Sizewell C will be a little bit further down, just beyond B. --------------------------------------------------------------------- The Simulator When someone says "nuclear control room" there's a certain image that springs to mind - one of a room with beige panels covered in switches. Sizewell... does not disappoint: Photo of a bank of control panels. They're L shaped, beige and covered in switches eeeeee Each of the switches can illuminate. If the system detects that something has changed state (for example, a valve has opened) and disagrees with the control, the switch will light up (and an alert will sound). Changes are staged by turning the relevant switch (causing it to flash) and then effectively committed by pushing the switch in. Somewhere in the plant, something moves and the light stops flashing once plant and switch are back in agreement. There's a big panel at the back of the room, covered in gauges and red switches Photo of the panel at the back. The vertical plane is covered in dials and gauges. The horizontal plane has red toggle switches, each with a cover to prevent accidental knocks Each of these switches allow the operator to trigger some form of protection routine if they feel that the system hasn't done something that it should have. The big round button in the bottom left is the Reactor Trip (SCRAM to the Americans) button - hitting it causes the control rods to be dropped into the core, taking the reactor offline and protecting the plant (Obviously this got pressed whilst we were there, simulating a trip). The simulator also includes a reproduction of the backup room Photo of the backup room - it's a straight bank of panels. Very few switches on this one There are very few switches in this room - it's much more about being able to see the state of systems than it is about interacting with them. --------------------------------------------------------------------- Operational Discipline We were extremely fortunate in that we were being shown around by someone who's worked in Sizewell's control room for a long time, making it a hugely educational experience. Unsurprisingly the processes involved in operating a nuclear power station are very strict and well codified. Operating procedures are clearly defined by the regulator (the ONR) and laid out across a massive set of binders in a way that reminded me, very much, of dealing with JSPs. Everything that an operator does is subject to scrutiny: If something happens, there's a (sometimes lengthy) review, with procedures adjusted as needed to mitigate any perceived risk that it highlights. There are simple physical safeguards too. There's a border of purple carpet which runs along the front of all the panels: There's purple carpet just in front of the panels whereas the centre of the room has blue carpet Operators don't step inside this border without permission from the operations manager. The idea being that, outside of this area, a trip or stumble is extremely unlikely to actuate any switches. Similarly, no-one simply walks into the room - they have to wait at the red line (on the left) until the manager tells them they can enter (ensuring that someone entering doesn't distract from anything that might be ongoing). --------------------------------------------------------------------- Terminology It's always interesting seeing how things work in a different industry. Operational doctrine is almost always the same (albeit with different levels of rigour), but the terminology used can be very different. The phrase reactor trip, for example, sounds like it could be really bad. But, actually, it refers to the reactor having been made safe: The control rods are fully inserted, absorbing neutrons and essentially stopping the reactor. Something led to that happening, of course, but the trip itself isn't automatically a problem (in fact, it's the safeguard working exactly as intended). Similarly, the word outage was used a lot. But, although it makes me think "oh no, x is down, incident channel now", it's actually referring to planned downtime: Every 18 months, the plant stops supplying the grid for maintenance and refuelling. Clearly, it's quite easy to hear some of the terms and think "DANGER", but actually they're all fairly innocuous in this context. --------------------------------------------------------------------- Technology The simulator is an impressive beast. It's not just a bank of switches and LEDs, they're all controlled by a computer which knows how to work out what should happen if you've opened valve A but closed valve B. It reliably simulates the behaviour of the real plant and wasn't at all phased by our chaos-monkey-esque attempts to introduce problems. The simulator allows operators to build and run scenarios, but also allows trainers to manually change the state of components (perhaps to cause a light to flash on a panel that someone's looking towards and check that they react to it). The control systems can automatically respond to issues - the role that humans play is primarily one of oversight and review: are the control systems reacting to a change in the defined way? If not, then the human intervenes and triggers the necessary actions, even being able to manually raise and lower the control rods if needed There is even a joystick which can be used to manually raise and lower the controls rods. Nuclear tetris eh? To make changes, operators don't need to put the system into any kind of "manual override" mode, so in the unlikely event that they make a mistake, the system is still able to catch and react to it (potentially tripping the reactor and taking the plant offline). There's something very symbiotic about the design really. Both the simulator and the operations room collect copious amounts of time-series data - in principle, it's possible to say what position any given switch was in at any given time since the plant started operating. --------------------------------------------------------------------- Conclusion The control room is built upon 1980's technology (and American technology at that) - after all, it's not exactly cheap or easy to do a hardware refresh in the control room of a tightly regulated and licensed operation. But, it also means that nearly half a century of experience has been poured into ensuring that things can keep running safely. That experience isn't just built locally either, operators and regulators at plants around the world share experience and knowledge in order to help improve safety. If something does happen at a plant, lessons are fed back (for example, systems around the world were updated after Three Mile Island to ensure that pumps couldn't be disabled in the way they had been there). The control system has all sorts of little touches that make you go " oh, that's a good idea". For example, there are multiple alarms that can sound, potentially simultaneously. The timbre and frequency of them has been chosen so that it's easily possible to tell if more than one is sounding (as well as which). Apparently, Sizewell C's control room will use touch screens instead of tactile switches. Although likely easier to maintain and repair, I think it'll lose something as a result of this teslaisation . Still, once it's built, I'd love to get to have a look at that too, this really was an excellent way to spend an afternoon. Share this post on Mastodon Share this post on Twitter Share this post on Reddit Share this post on LinkedIN Share this post via Whatsapp Share this post via Telegram Share this post via QQ Share this post via Email Join The Conversation In The Fediverse [reply-icon] [boost-icon] [favourite-] Discuss on Mastodon * blog * electrical * nuclear * operations * Previous post Find this useful? Click here to buy me a coffee Related Snippets [ ][DuckDuckGo Search] License Privacy Policy Cookies About Me Via Tor Via I2P Service Status Contents (c) 2024 Ben Tasker - Powered by Nikola RSS Feed hit counterMastodon github.com/bentasker