Periodic surveillance testing (PST) is performed to verify that nuclear power plant protection systems continue to perform their intended safety functions as designed. In many nuclear power plants, PST remains largely procedure-driven and manually executed. The multi-channel architecture of the Reactor Protection System (RPS) requires repeated channel-level verification of protection logic functions while maintaining the required level of protection, thereby increasing the procedural and operational burden. Moreover, manual channel-by-channel testing can prolong the time during which individual channels are placed in a test or bypass condition, potentially reducing overall protection system availability. Several automatic testing approaches have been proposed; however, existing implementations are generally limited to externally triggered execution or operator-assisted execution, and the expected benefits of automation—including shorter test duration, reduced operator involvement, and improved protection system availability—have not been fully achieved. These limitations motivate further automation of PST procedures, which can be achieved by integrating the test sequence directly within the field-programmable gate array (FPGA)-based logic processor.
This study proposes a built-in automatic PST framework for three protection logic functions that are currently tested manually: rate-limited variable-setpoint bistable logic, manual-reset variable-setpoint bistable logic, and coincidence/actuation logic. A common test architecture is adopted in which the built-in test logic generates a test stimulus, injects it into the target protection logic, captures the test output, compares it with the expected result, and reports the test status. To ensure functional isolation, the test stimuli and resulting test outputs are tagged with a test identifier so that the tagged output is confined within the processor test logic and is not propagated to the downstream safety logic. For each test item, a dedicated state-transition model is defined and implemented in MATLAB/Stateflow. State and transition coverage analyses confirmed that all defined states and transitions were exercised during simulation.
The results demonstrate that the proposed automatic PST can be applied to selected manually performed PST items for bistable logic and coincidence/actuation logic in the RPS. This study is also expected to provide a structured basis for implementing scalable built-in automatic PST in FPGA-based digital protection systems and to support subsequent hardware-level implementation and verification.