Abstract
In this work, the functional requirements of the integrated management of physical protection system has been studied, by analyzing the composition of the physical protection system, as well as the development status and trend of the integrated management system. The design scheme is studied from two aspects of the composition of the physical protection integrated management system and the software architecture, so as to provide reference for the construction of the integrated management system of nuclear facilities.
Access provided by Autonomous University of Puebla. Download conference paper PDF
Similar content being viewed by others
Keywords
1 Physical Protection System
1.1 Definition of Physical Protection System
Physical protection system is an important measure to achieve nuclear security in nuclear facilities, which is used to prevent criminal from robbing, stealing, illegally transferring nuclear materials, or destroying nuclear facilities and materials, as the basic guarantee for ensuring the safe and stable operation of nuclear facilities and the safe and scientific use of nuclear materials [1]. The physical protection system is composed of subsystems such as detection, delay and response. Each subsystem needs data sharing, functional linkage, intelligent analysis and auxiliary decision-making. In addition, the physical protection system of nuclear facilities usually has the characteristics of wide protection scope, large number of covered devices, and large amount of fusion information. It requires continuous and effective all-weather and all-region protection to prevent the existence of weak links and loopholes in protection. Therefore, it is necessary to build a comprehensive physical protection management system to achieve the organic integration of physical protection subsystems and improve the effectiveness of physical protection systems and operation and maintenance efficiency [2].
1.2 Composition of Physical Protection System
The physical protection system is composed of detection, delay, response and integrated management subsystem, as shown in Fig. 1. According to the definition of Nuclear Safety Guide "physical protection of nuclear facilities", the detection refers to the judgment of an unauthorized act that has occurred or is taking place, which includes: detecting this behavior, sending an alarm to the security control center, and evaluating the alarm; the delay refers to the measures to extend or delay the occurrence process of risk events; the response refers to the rapid action taken to stop the occurrence of risk events; and the integrated management is used to integrate and manage the functional modules of physical protection with the information process of physical protection system data sharing and function linkage of the existing system [2].
Structure diagram of physical protection system
1.3 Function Realization of Physical Protection System
The realization of the function of the physical protection system requires that the unauthorized behavior can be detected and accurately checked under the monitoring and linkage of the integrated management subsystem. After the detection of unauthorized behavior, the effective delay should be immediately carried out, and the security forces are quickly deployed to intercept and stop. The earlier detection of unauthorized behavior, the more beneficial for the physical protection system to function. Only the detection alarm that has been reviewed is an effective alarm, and only the delay after the detection alarm is an effective delay. The index of the effectiveness of physical protection system is to intercept and stop the enemy through the response of the security force before the enemy achieves its goal [3]. Figure 2 shows the relationship between the enemy's crime time and the function time of the physical protection system. It can be seen that in order to achieve the protection purpose of physical protection system, TL must appear before TC, and T0, Ta as well as TL should be as close to the left end of the time axis as possible [4].
The function realization of physical protection system
An effective and reliable physical protection system requires detection, delay and response functions, which can be integrated into an organic whole, realize unified management and efficient linkage, timely detect intrusion and destruction actions, implement delay in the alarm detection area, and quickly notify the security forces to carry out response actions [5, 6]. And the physical protection system has a large number of equipment. Taking a physical protection system of a nuclear power plant as an example, its investment is about 100 million yuan, about 220 sets of cameras, 85 sets of detectors, 44 sets of access card readers, etc., only relying on manual operation by the staff on duty Realizing the independent management of each functional module has a huge workload, and it is difficult to guarantee accuracy and timeliness in complex situations. This has become a major bottleneck restricting the effectiveness of the physical protection system of nuclear facilities [7].
In addition, the occurrence of the “prism door” incident has sounded the alarm bell for the protection of information security in China, especially in the integrated management system of physical protection. Once there are loopholes or “backdoors”, it will be like giving the enemy a key to invade, and the consequences will be unimaginable. Therefore, the development of integrated management software of physical protection system with independent intellectual property rights not only helps to improve the comprehensive management ability and management efficiency of physical protection system, but also helps to improve the information security of physical protection system.
2 Integrated Management System
2.1 Development Status of Integrated Management System
Physical protection technology research started earlier in foreign countries. The integrated management system is mainly based on the management platform established by the access control alarm subsystem, with other subsystems connecting part of the signal into the access control subsystem to realize alarm linkage and other functions, such as “On Guard platform” of Lenel company, “EBI platform” of Honeywell, “Hirsh management system”, etc. The “On Guard platform” mainly relies on the management function of the access control system, and integrates some video signal processing functions through the interface protocol, and initially realizes the integration of security system management platform. The design basis of Honeywell’s EBI platform is also the intelligent building control in the field of security. Although some video signal processing functions are also integrated in the EBI platform, the management functions of all subsystems are not integrated into the management platform for the special needs of physical protection system. After decades of engineering application, Hirsh’s access control system has been continuously improved and improved, and it is one of the systems with high reliability in engineering application. Because the development of this system is still based on the access control system, although it also integrates some video signal management functions and can realize the linkage of video and alarm signal, it still fails to fully realize the seamless function modules of the physical protection system integrate. These management systems basically meet the functions of information sharing, comprehensive display and coordination management, and are widely used in domestic building security and nuclear facilities physical protection. However, this kind of system equipment compatibility is not high, especially for domestic equipment, it cannot be customized according to the demand, and the technical service and improvement in the later stage are not guaranteed.
With the continuous development of the domestic security industry, a number of domestic self-developed security management system [8, 9], such as “Jieshun”, “Dashi intelligent”, “Huatuo aerospace”, “Pike Shenzhen”, etc., are mainly used in the field of intelligent buildings and residential security, with low system integration, lack of effective communication, linkage and other management functions. The “nuclear shield” physical protection and security integrated management platform (NVSG) was successfully developed in 2012, according to the actual needs of the nuclear industry, especially the nuclear power physical protection system. The “NVSG” platform as the first comprehensive management system for the physical protection of nuclear power plants in China, has rich functions, convenient operation, and meets the requirements of the application of nuclear power physical protection, but its technology maturity needs to be verified in engineering practice.
2.2 Development Trend of Integrated Management System
In a word, with the continuous advancement of informatization, networking and intellectualization of physical protection system, the role and importance of integrated management system become more and more prominent. The requirement for development of integrated management system are mainly shown in the following aspects: Firstly, the localization of software and hardware should be strengthened. As the brain and nerve of the physical protection system, the integrated management system is related to the reliable operation and information security of the whole system, especially the occurrence of “prism gate” event, which has enhanced the sense of urgency of localization demand; Secondly, it need has comprehensive integration and function linkage capabilities. The integrated management system adopts the loose coupling structure, as shown in Fig. 3, so that the physical protection system can fully integrate the mainstream products in domestic market, and expand the system scale as well as function; Thirdly, it should has rich alarm response support capability. Through the positioning display of electronic map, functional linkage of physical protection equipment, auxiliary decision-making of emergency plan, statistical analysis of alarm information, etc., it can quickly implement physical protection response measures; Fourthly, it should has sufficient operation and maintenance support ability. According to the characteristics of physical protection system which is usually large, it can provide equipment management, personnel management, map management and other means to facilitate the operation and maintenance of physical protection system, and can realize flexible deployment and identity authentication functions to facilitate the use of different scenarios.
Coupling structure of integrated management subsystem
3 Construction Scheme of Integrated Management System
Since the construction scheme of the integrated management system should be based on the specific composition of the actual physical protection system, this chapter will discuss the construction scheme of the integrated management system from the three general levels of the functional requirements, system composition and software architecture of the integrated management system, so as to provide guidance for the construction of the specific integrated management system.
3.1 Functional Requirements of Integrated Management System
The integrated management system should have the following basic functions:
(1) Information integration and linkage function of each functional subsystem of physical protection system. It can realize the comprehensive integrated management ability of various subsystems (intrusion alarm, video management, access control, patrol management, special communication, power supply, lighting, etc.) of the physical protection system, with the capacity expansion ability. It can configure different permissions of users and standardize the management of system operators; It can realize the accurate positioning of alarm information, video linkage, alarm plan management, alarm information query, log management and report forms based on GIS map; It can also realize the management and configuration of the equipment in the physical protection system, and query and record the equipment status.
(2) Physical protection system operation and maintenance management function. It has the ability of physical protection equipment status monitoring, fault alarm and spare parts management; it has the ability of nuclear security emergency plan management, action decision support, and dynamic tracking of emergency process; it has the ability of continuous evaluation of the effectiveness and reliability of physical protection system, and can find out the information in time according to the dynamic evaluation system of design basis threat and physical protection system change Weak links and loopholes.
(3) Convenient operation and flexible deployment function. It has the customization of client dynamic menu, which can flexibly customize the client function menu according to the location and requirements of the client; it has the ability of multi screen display of client output and supports the display of maximum screen; it has the ability of rich information query and query conditions setting freely; it has the ability to customize and combine the functional modules of the integrated management system, which can be based on the actual situation of the physical protection system The system can be deployed quickly.
(4) Localization requirements of integrated management system. The database of the integrated management system adopts the mainstream database software developed in China; it can run in the domestic mainstream operating systems; the server and workstation installed with the integrated management system should improve the localization rate as much as possible, and adopt the mainstream domestic CPU.
3.2 Composition of Integrated Management System
The overall architecture will adopt symmetrical multi-level node structure, which means each node is deployed independently and connected through core services. The node structure will have more flexibility and expansibility, including system dynamic authority, dynamic routing, intelligent network management and other functions. The software of the integrated management system for physical protection system is installed on the main and standby server which is standby for each other and can be installed in different places. Under the server, there are multiple system workstations and auxiliary equipment, that can be set separately according to the requirements of function division. In order to achieve the goal of loose coupling and high cohesion, the SOA design and plug-in structure are adopted. In terms of architecture, the core services should consider the communication with heterogeneous clients, as well as compatibility with various existing hardware devices and access to new devices in the future, and upgrade and deployment capabilities should also be considered.
The video monitoring subsystem is taken as an example to illustrate the system connection. The front-end equipment of the video monitoring subsystem includes spherical camera, gun camera, infrared camera, etc. and the information monitored by the camera is transmitted to the video server through the convergence switch, which is used to process and store the data of the front-end equipment. At the same time, the convergence switch is transmitted to the convergence switch of the integrated management system and the convergence switch of the core network equipment through TCP/IP. Among them, the convergence switch of integrated management system sends video information to application server, database server and integrated management system workstation respectively, and physical protection worker will monitor and operate based on the workstation; as well as core switch of core network equipment will send video signal to storage device for storage operation of video signal.
3.3 Software Architecture of Integrated Management System
The integrated management system architecture with two layers is shown in Fig. 4. The first layer is the integrated display and linkage platform, and the second layer is the functional subsystems. The main functions of the first layer are integrated display, linkage platform and maintenance platform. Among them, the integrated display platform is mainly used by operators, which can intuitively display the main alarm information of the scene to the operators through the electronic map, and linkage call out the corresponding video images, record the alarm and corresponding linkage video images, at the same time, the operator can manually eliminate the alarm signal on the electronic map. The maintenance platform is mainly used by the maintenance personnel to fully understand the equipment operation status and maintenance status of each functional subsystem. The main function of the second layer is that each functional subsystem can complete its own system function independently, and each subsystem is open and configured with relevant interfaces (software and hardware) to ensure that the alarm linkage can be realized between the subsystems. The first layer and the second layer adopt independent and unified configuration relationship. At the same time, the first layer platform can call the data of all subsystems in the second layer, display the corresponding data information according to the needs of users, and do not occupy the resources of the second layer system. It can achieve unified management on the basis of ensuring the independence of each functional subsystem in the second layer.
Coupling structure of integrated management subsystem
The integrated management software adopts the three-tier system of data persistence layer, business logic layer and business performance layer. The data persistence layer supports the storage server with domestic mainstream database generally; the business logic layer is based on 12 basic business modules, which is attached to the data access layer to do persistent external processing for all business data, and the device operation layer is used for operation and management of all devices in the system; the business presentation layer adopts C/S architecture to support multiple output devices and various size resolutions rate. The client access layer uses web service technology based on HTTP protocol to realize the call across heterogeneous platforms, and finally achieves the display of the whole platform equipment and various data as well as the persistence of various user data.
(1) Data persistence layer. The high availability of the database is ensured by using the domestic database as the data persistence, and the switch between the main database and the standby database is realized, which mainly includes four parts: database server, multimedia storage server, alarm message server and report server.
(2) Business logic layer. The business logic layer is divided into three parts: data access layer, device operation layer and core service. The 12 modules in the core service realize the operation of data access in the server and the setting of system equipment through data access layer and device operation layer respectively. The 12 modules are: equipment management module, video management module, alarm management module, access control management module, plan management module, electronic map module, patrol management module, communication management module, video analysis module, operation management module, report management module, user rights management module.
(3) Business performance layer. Through the C# language development based on Windows client applications, to achieve a variety of security services and user management of the entire system. The business presentation layer is mainly divided into client program and display part. The client program realizes human-computer interaction through display wall, large screen splicing or video display and other terminal display devices.
4 Summary
The integrated management system can integrates all functional subsystems of physical protection system into a unified control display interface by using technology of computer network, information communication and database, so as to realize remote monitoring, data sharing and functional linkage, as well as realize efficient operation and rapid response. This paper analyzes the functional requirements, system composition and software architecture of the integrated management system, which provides a basic reference for the design and construction of the integrated management system. In the actual construction process of the integrated management system for physical protection system, it is also necessary to design and optimize the actual composition, linkage requirements, operation and maintenance process and emergency plan of each physical protection system.
References
Had501 / 02-2008 physical protection of nuclear facilities
IAEA.INFCIRC/255/REV4 Physical protection of nuclear materials and facilities (1999)
Gjb5838-2006 physical protection criteria for military nuclear materials
Yan, D.: Design method of physical protection system for nuclear power plant. Nucl. Eng. Res. Des. 51, 8–15 (2004)
Liang, M., Feng, R., Jian-Yong, W., et al.: Physical protection technology of nuclear facilities. Nucl. Saf. 1, 64–68 (2013)
Zhang, J.: Effectiveness analysis of physical protection system for nuclear power plant. Master's thesis of Shanghai Jiaotong University (2009)
Hong-Guang, F.: Methods of improving the monitoring efficiency of physical protection control center. Ind. Sci. Tribune 12(18), 256–257 (2019)
Min, M., Ma, W.-J., Wu, J.-L.: Research on domestic physical protection integrated platform. Comput. Knowl. Technol. 12(19), 69–70 (2016)
Jing, M.: Integrated control and management system of physical protection based on EBI. China High Technol. Enterprises 17, 17–18 (2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Wen, WW. et al. (2021). Research on Integrated Management Technology for Physical Protection System of Nuclear Facilities. In: Xu, Y., Sun, Y., Liu, Y., Gao, F., Gu, P., Liu, Z. (eds) Nuclear Power Plants: Innovative Technologies for Instrumentation and Control Systems. SICPNPP 2020. Lecture Notes in Electrical Engineering, vol 779. Springer, Singapore. https://doi.org/10.1007/978-981-16-3456-7_11
Download citation
DOI: https://doi.org/10.1007/978-981-16-3456-7_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3455-0
Online ISBN: 978-981-16-3456-7
eBook Packages: EnergyEnergy (R0)