How to design nuclear certifiable COTS-based ATE

Abstract

A nuclear certifiable tester was developed to replace the Re-Entry System Test Set (RSTS) for the MK12/12A Re-Entry Vehicle used on the Minuteman III ICBM. Design of the COTS-based nuclear certifiable tester presented challenges unique to ATE. This paper will discuss several issues associated with building a nuclear certifiable tester and meeting nuclear surety requirements based on COTS instrumentation. A major nuclear certification design driver is the constraint prohibiting erroneous application of stimuli to the Reentry System. Second, no single tester failure will cause the safety features of the RSTS to fail. To accomplish this level of protection, several aspects of a stimulus as well as internal ATE operation are constantly monitored. This monitoring requirement is the basis for several unique VXI module designs. This paper addresses these and other major hardware and software nuclear certification requirements and constraints and their respective implementations. Nuclear certification requires that the detection of any monitored condition exceeding the pre-set limits must result in a set of operations leading to what is termed "Known Safe State". The conditions of this state will be detailed in this paper along with the description of the sequence leading to this "Known Safe State". Nuclear certification requires significant analyses and CDRLs to be delivered to support all the requirements identified. This paper also outlines the interrelationships of nuclear certification requirements to delivered documents.