Quantitative reliability analysis of interlock systems for research infrastructures

This article presents a reliability analysis method and a series of case studies of different architectures for interlock systems of large and complex research infrastructures. Interlock systems play a crucial role in the protection of different types of machines, including present and future particle accelerators and fusion experiments. These infrastructures require multibillion Euros investments and accidents could cause irreparable damage. Protection systems are needed to prevent damage from an unintended release of large amounts of stored energy or power. Interlock systems define the signal exchange between the sensors that detect non-nominal conditions and the actuators that bring the machine into a safe state through a protection shutdown. The design of machine protection systems in general and interlock systems, in particular, is caught between the desired machine safety and machine availability, and the requirements vary between different infrastructures. For some infrastructures, interlock systems must be designed to strictly avoid unintentional shutdowns, as these can have a significant impact on the lifetime of vital equipment or their primary operational purpose. For others, unintentional shutdowns due to a failure in the interlock system are acceptable as long as their number is small compared to protection shutdowns caused by failures of other equipment, in order to maximize their scientific output. The case studies presented in the article compare different interlock architectures based on the probability of specific failure scenarios occurring.