2.04.00 CONTROL SYSTEM REQUIREMENTS
2.04.00.1 The control system shall be broadly divided into SG
C&I, TG C&I and BOP C&I as already elaborated in clause
2.04.00.2 The SG C&I system shall perform the following :-
i) Burner Management System(BMS)including control &
protection of coal mills, fuel oil system etc.
ii) Analog control functions pertaining to secondary
air damper control, Aux.PRDS pressure &
iii) Soot Blower Control.
2.04.00.3 The TG C&I system shall perform the following
i) Turbine Protection System function(TPS)
ii) Turbine Governing System for main Turbine
iii) Turbine Stress Control System (TSCS)
iv) Automatic Turbine Testing (ATT)
v) Automatic Turbine Run up System (ATRS)
vi) HP/LP Bypass Control System
vii) Turbine Generator Control System
2.04.00.4 The balance of plant C&I system shall perform the
i) Analog control functions performing to the other plant
areas like coordinated master control, furnace draft
control, FW flow control etc.
ii) Binary control functions pertaining to other plant
auxiliaries like FD/ID/PA/APH/BFP etc. and electrical
2.04.00.5 The No.of Functional groups(FGs)shown in elsewhere in
the specification, these are the minimum
required. However, splitting of any functional group in
more than one FGs due to any limitation in bidder’s
system shall be acceptable, subject to employer’s
approval. For each of the FGs, separate sets of
controllers, I/O modules, communication controllers,
power packs/modules etc. shall be provided. Mixing of
hardware of two or more FGs shall not be acceptable.
2.04.00.6 The minimum functions to be realized in each
of the above-mentioned controls systems shall be as per
requirements specified under subsequent clauses of this
specifications. The bidder shall provide all
hardware/software, whether or not specifically indicated
in this specification to fully meet operational/
maintenance/ safety requirement as well as statutory/
international standard and proven practices.
2.04.00.7 The control system shall function reliably under the
environmental conditions as specified under Part-C
“General Technical Requirement” of this specification.
It shall be immune from the interferences resulting from
disturbances in power supply feeders signal lines,
inputs, outputs etc. as experienced in a coal fired
2.04.00.8 The control system shall have on line simulation &
testing facility. Further, it shall be possible to on
line configure & tune controllers through configuration
& tuning station for control system.
2.04.00.9 The system shall have the flexibility to easily
reconfigure any controller at any time without requiring
additional hardware or system wiring changes & without
disabling other devices from their normal operation
mode. Modifications shall not require switching off
power to any part of the system.
2.04.00.10 The remote manual operation from hardwired back-up
A/M stations & push button(PB)stations(wherever
provided)shall be independent of availability of
controllers & power supply to controllers.
2.04.00.11 The executive programs for the controller modules
shall be firmware based, which shall be non-volatile &
shall not be alterable except by replacement of parts.
The application programs for the functional controllers
shall be software based which shall be maintained
through power supply failure. The application program
shall be alterable through the configuration and tuning
station for all configuration and strategy changes,
etc. and through the operator’s console for set
point/ bias changes, device selection, etc. Parts
replacement or parts removal shall not be required in
order to accomplish changes in application programs
including system tuning.
2.04.00.12 All the 100% hot/redundant back-up controllers shall
be identical in hardware and software implementation to
their corresponding main controllers & shall be able to
perform all its tasks. The back-up controller shall
track its corresponding main controller. There shall be
an automatic and bump less switchover from the main
controller to its corresponding back-up controller in
case of main controller failure and vice versa without
resulting in any change in control status. In case of
switchover from main controller to the 100% hot back up
controller, the back-up controller shall work as the
Facility shall also be provided for manual switchover
from main to 100% hot back-up controller and vice versa
from the programmer’s console.
2.04.00.13 The control system hardware design shall be such that
it is able to withstand power line disturbances.
2.04.00.14 The control system for SH/RH Attemp. Temp.control
shall be state controller with observer.
2.04.00.15 The hardware design shall be such that it is able to
withstand power line disturbance.The system shall conform
to ANSI/IEEE C 62.4 (Immunity to power supply line disturbance).
2.04.01 BURNER MANAGEMENT SYSTEM (BMS)
2.04.01.1 Fully proven microprocessor based system, based on
hardware and software specifically designed and proven
for Burner Management application for the same being
offered for shall be provided to achieve the Boiler
protection action e.g.master fuel trip(MFT), control of
mills & fuel oil systems etc. BMS shall meet all
applicable relevant safety requirement including those
stipulated in NFPA- 8502.
2.04.01.2 The BMS shall be provided with automatic self
monitoring facility. All modules to be used in this
system shall be of fail-safe design. Any single fault
in either primary sensor, I/O modules, multifunction
controllers etc. should not result in loss of safety
function. All faults should be annunciated to the
operator right at the of its occurrence and also for
alarm annunciation facia.
2.04.01.3 The MFT functions shall be implemented in a fault
tolerant 2 out of 3 triple redundant configuration. Each
of the three independent channels shall have its own
dedicated processors, multifunction controllers,
communication controllers, I/O modules, interface etc.
All safety related process inputs shall be fed to each
of the 3 channels. All the primary sensors for
unit/boiler protection shall be triple redundant.
2.04.01.4 The acquisition and conditioning of binary and analog
protection criteria signals for MFT shall be carried out
in each of the three triple redundant channels. Each
channel shall compute the 2 out of 3 voting logic and
issue a trip command. The trip signals of the three
channels shall be fed to a fail 2 out of 3 relay
tripping unit for each drive. The protection criteria
for tripping shall be executed by a program which shall
be identical in each of the triple redundant channel.
The check back contact signals of each relay of the 2
out of 3 relays tripping unit shall be fed back to each
of the triple redundant channels & shall be
continuously monitored for equivalence in each of them.
2.04.01.5 The functionality of operation of mills. oil etc.shall
be similar to that of OLCS described in clause 2.04.03
2.04.02 TURBINE PROTECTION SYSTEM (TPS) FUNCTIONS
2.04.02.1 Fully proven microprocessor based system, based on
hardware and software specifically designed for Turbine
protection application for the same turbine being
offered for this project, shall be provided to achieve
the turbine protection action.
2.04.02.2 The Turbine protection system shall meet all
applicable safety standards/requirements including those
The system design shall be such that safety function of
the total system must not be jeopardized on occurrence
of fault. Any single fault in either primary sensor,
input/ output modules, controller module etc. shall in
no way jeopardized the safety of the turbine. All
modules to be used in this system shall be of fail safe
2.04.02.3 Bidder shall provide two independent trip channels,
each having its dedicated processing module with
hot back up. Two out of three voting logic will
be implemented in each of the channels and the
output of each channel to be fed to each of the two
turbine trip relays.
2.04.02.4 All the input signals (trip signals etc. from the
field devices) shall be fed in parallel to all the
three/ both the redundant channels of protection system
as mentioned above via signal conditioning cards
designed for such application. Further, the computation
of field input voting logics i.e. 2 out of 3 etc. shall
also be performed in the controllers of all the three/
two channels of protection system , which will then
perform the computation of field input voting logics
i.e. 2 out of 3 etc.shall also be performed in the
controllers of all the three/two channels of protection
system, which will then perform the computation of 2 out
of 3 voting logic independently.
2.04.02.5 Bidder shall provide all the required primary sensors
etc. required for protection system as per his standard
and proven practices. All trip signal input required
for the safety of the turbine shall be be based on 2 out
of 3 logics.
2.04.02.6 The system shall include turbine lock-out relays,
redundant turbine trip solenoids and necessary hardware
required for testing.
The tripping devices shall be designed to operate on DC
supply. The trip coils shall be monitored continuously
for healthiness and failure shall be alarmed.
2.04.02.7 Turbine Protection System shall meet all applicable
relevant safety requirement including those stipulated
in ASME- TDP-1, VDE 0116, Sec8.7; VDE 0160 etc.
2.04.02.8 TURBINE STRESS CONTROL SYSTEM (TSCS)
Bidder shall provide a proven Turbine Stress Control
system which will work in conjunction with turbine
governing system and ATRS and achieve the following
a) Continuous on-line monitoring of thermal stress levels
in all critical parts of the turbine such as main stop
valves, control valves, HP casing, HP shaft and IP shaft
b) Continuous on line computation of stress margins
available for the above mentioned critical components of
the turbine during various regimes of operation i.e.
run-up, synchronization, loading, load maneuvering,
normal operation, run backs, unloading, shutdown etc.
c) Computation of the limits of speed and load changes
allowable at any particular instant before
synchronization and after synchronization respectively.
d) Carry out a fatigue analysis for all affected
components of the turbine and also to compute the
percentage service life consumption of the turbine.
e) Display the stress margins etc. on a separate dedicated
colour VDU/ Printer as well as on OWS for operator
guidance and storage of necessary data such as
percentage service life consumption etc.
f) Store long term data & carry out Residual Life
The system shall be complete including measuring
transducers for generator load and wall temp. measured
value processing modules, microprocessor based
controllers for stress calculations and turbine life
calculations etc. dedicated colour CRT monitor etc.
2.04.03 BINARY CONTROLS/OPEN LOOP CONTROL SYSTEM(OLCS)FUNCTION
2.04.03.1 The OLCS shall include sequence control, interlock &
protection for various plant auxiliaries/ valves/
dampers/ drives etc. The sequence control shall provide
safe and automatic startup and shutdown of plant and
of plant items associated with a plant group. The
interlock and protection system shall ensure safe
operation of plant/ plant items at all times & shall
automatically shut down plant/ plant items when unsafe
2.04.03.2 The OLCS shall be arranged in the hierarchical
control structure consisting of unit level group level,
subgroup level & drive level(as applicable).
It shall be possible to perform automatic unit startup &
shutdown by issuing minimum No.of command from the OWS.
Thus, the unit level shall control all the control
system blocks and issue appropriate startup & shutdown
commands to various blocks of control system.
The group level shall control a set of functional sub-
groups of drives. Appropriate start-up and shut down
commands shall be issued to the sub-group control &
various check backs shall be received from sub-groups or
drives. Each sub-group shall execute the sequential
start-up and shut down programme of a set of
inter-related drives along with system interlocks and
protections associated with that sub-group as well as
basic interlocks & protections related to individual
drive falling under that sub-group. The drive level
shall accept commands from the sub-groups, push buttons
etc. & transmit them to the respective drive, after
taking into account various interlocks & protections and
the safety of that particular drive.
2.04.03.3 Sequence Control
2.04.03.3.1 A sequence shall be used to move a set of groups,
sub-groups from an initial steady state (for instance
`OFF’) to a final steady state (for instance `ON’). The
sequence initiating command for the unit & group level
shall be issued from CRT/KBD.
2.04.03.3.2 A sequence shall be made of steps. The steps shall
be executed in predetermined order according to logic
criteria and monitoring time consisting of the interlock
& protection requirements and check back of previous step
which shall act as preconditions before the sequence
control can execute the command for that step.
2.04.03.3.3 Each step shall have a “waiting time” implying that
the subsequent step would not be executed unless the
specified time elapses. A monitoring time shall also be
defined as the maximum time required in executing the
commands of any step and the time required for
appearance of checks backs signals. In case, this is not
completed within the specified time, a message shall be
displayed and program will not proceed further.
2.04.03.3.4 Manual intervention shall be possible at any stage
of operation and the sequence control shall be able to
continue at the correct point in the program on return
to automatic control. Protection commands shall have
priority over manual commands, and manual commands shall
prevail over auto commands.
2.04.03.3.5 Open or close priority shall be selectable for each
2.04.03.3.6 The sequence start-up mode shall be of the
i) Automatic Mode
In this mode of operation, the sequence shall progress
without involving any action from the operator. The
sequence start/stop command shall be issued from the
ii) Semi-Automatic Mode
In this mode of operation, once the sequence is
initialized, the step progressing shall be displayed
on the CRT. But the step execution command shall be
prevented and shall be sent by the operator via the
keyboards. It shall be possible to bypass and/ or
simulate one or more criteria to enable the program to
proceed. This facility shall allow the program to be
executed even if some criteria are not fulfilled because
of defective switching device, etc. while the plant
condition is satisfactory. It shall be possible to put
the system on the Auto-mode after operating it on semi-
automatic mode for some steps or vice-versa, without
disturbance to the sequence operation.
iii) Operator Test Mode
It shall be possible top use the sequential control in
operator guide mode/ test mode i.e. the complete system
runs & receives input from the plant and the
individual push button stations (where provided)/
keyboards but its command output is blocked. the whole
program, in this case shall run in manual mode. This
mode shall allow the operator to practice manual
operation using step and criteria indications. The
actual protection should remain valid during this mode
of operation also.
2.04.03.4 The sequence shall be started by putting the sequence
on `Auto’ and on receipt of `Start’ command from the OWS
or from a higher level group/ protection action as
defined. The sequence shall then progress as per the
defined logics. It should be possible to select
alternative operation in the same sequence depending on
certain process/ equipment condition. Some step can be
automatically bypassed also based on certain process/
equipment condition. When the expected results of the
sequence is reached the sequence is considered as ‘End’.
2.04.03.5 If during sequence initialization or sequence
progressing or during normal running of the drive, a
shutdown criteria is present, the sequence shall be
stopped and the shutdown sequence initiated.
2.04.03.6 For the drives, the command shall be provided through
redundant O/P module and inputs (Status, SWGR & process)
shall be acquired through input modules. The inputs &
output modules used in relation to drives shall not be
mixed with inputs & output modules for other
applications. The drive logic shall be implemented in
the redundant controller.
The status of the HT drives and some other important
drives(total approximately 40 Nos. per unit)shall also
be wired in parallel to redundant input modules so that
on failure of the single input modules, the information
regarding the status of the affected drive remains
available in OLCS.
2.04.03.7 The output modules shall have the feature that
ensures that in case of failure, all the outputs are
driven to zero. The 24 V DC command outputs to drives
for ON/ OPEN, OFF/ CLOSE shall be separate and
independent and inverted outputs shall not be
employed. For inching type of drives, position
transmitter power supply and monitoring of position
transmitter signal shall be provided.
2.04.03.8 The termination for OPEN/ CLOSE command for the drive
actuator shall be performed in the actuators specified
elsewhere in the specification. However, OPEN/ CLOSE
and disturbance status as a minimum shall be monitored
2.04.03.9 The sequence interlock & protection requirements shall
be finalised during detailed engineering and the same
shall be subject to employer’s approval.
2.04.03.10 The OLCS shall also include the control of
electrical systems in addition to the auxiliaries of
boiler & turbine performing functions such as OPEN/
CLOSE or ON/ OFF etc. of various electrical systems such
as breakers and isolators, raise/ lower for equipment
like transformers tap changer, synchronization of unit,
etc. All the features and specification requirements as
specified above shall also be applicable for electrical
system. Control and all the operation shall be
performed through CRT/KBDs of OWS. However, 100%
hardwired backup miniaturized switches shall also be
provided on UCP for electrical systems.
2.04.03.11 Operator Interface for SIS & Sequence Control
Following status information shall be available to operator
on OWS or Console.
i) Where the process is in its sequence.
ii) Indication that SIS protective action has occurred.
iii) Indication that protective action is bypassed.
iv) Status of sensors, final drive, diagnostic features etc.
2.04.04 ANALOG CONTROLS/ CLOSED LOOP CONTROL SYSTEM(CLCS)FUNCTIONS
2.04.04.1 The CLCS shall continuously act on valves, dampers or
other mechanical devices such as hydraulic couplings
etc.which alter the plant operation conditions. The
system shall be designed to give stable control action
in steady state condition and for load changes in step/
ramp over the load range of 60% to 100% MCR with
variation or parameters within permissible limits to be
finalised during detailed engineering state. The system
shall have the following minimum features.
2.04.04.2 The loop reaction time (from change of output of the
sensor of the transmitter/ temperature element to the
corresponding control command output) shall be within
500 m/secs. However, for faster loops such as feed
water, furnace draft, P A header pressure control loop
etc. the same shall be based on actual process
requirement but shall not be more than 250 milli secs. The loop response time shall be as per IEEE-1046.
2.04.04.3 The control system shall be bumplessly transferred to
manual on the following conditions as a minimum and as
a minimum and as finalised during detailed engineering.
Control power supply failure, failure of redundant
controllers, field input signal not available, analog
input exceeding preset value etc.
2.04.04.4 Any switch over from auto to manual, manual to auto
and switchover from CRT operation to H/A Station
operation and vice versa shall be bumpless & without
resulting in any change in the plant regulations and
the same shall be reported to the operator.
2.04.04.5 Buffered analog output of 4-20mA DC shall be provide
from CLCS to the respective E/P converters. For
electrical actuators, type output(bound less
control) shall be preferred. CLCS shall also provide
all the necessary outputs for indicators& recorders with
output loop resistance of 500 Ohms for each channel of
the output module.
For the drives, the command shall be provided through
redundant O/P module and inputs(position feed back &
process) shall be acquired through input modules. The
inputs & output modules used in relation to drives shall
not be mixed with inputs & output modules for other
applications. The drive logic shall be implemented in
the redundant controller.
2.04.04.6 The functional requirement of the CLCS loops as well as
the detailed schemes shall be finalised during detailed
engineering stage and shall be subject to employer’s
2.04.04.7 The system being supplied shall be such that when
permissible limits are exceeded, an automatic switchover
from an operation governed by maximum efficiency, to an
operation governed by safety and availability is
2.04.04.8 For safety reasons, switchover logics associated with
the modulating control loops, shall be performed within
the closed loop control equipment.
2.04.04.9 Where the equipments are controlled by a group of
regulators acting in parallel, the relative position
of individual actuator associated with them shall be
capable of being adjusted with respect to one another
and to the common automatic signal.
2.04.04.10 Time supervision facility shall be provided to
monitor the final control element.
2.04.04.11 It shall be possible to block the controller output
on a pre-programmed basis.
2.04.04.12 All controllers shall be freely configurable with
respect to requisite control algorithms.
2.04.04.13 Whenever, alternate measurement is available for a
control input the alternate measurement value will be
automatically substituted in the control loop in case
of loss of control input. All necessary software for
switching and reconfiguration shall be provided. In
addition, such substitution shall be balance less and
bumpless and shall be reported to the operator.
2.04.05 HP/LP BYPASS SYSTEM
2.04.05.1 LP BYPASS CONTROL SYSTEM
The LP Bypass control system shall consists of steam
pressure control loop and steam temp.control loop. The
LP Bypass control shall be implemented through a set of
redundant controller modules, I/O modules etc. The LP
Bypass control shall suitably interface with other TG
control like HP Bypass, EHG etc. Further condenser
exhaust hood spray valve shall be interlocked to open
whenever LP Bypass comes into operation.
2.04.05.2 HP BYPASS CONTROL SYSTEM
a) The system shall consists of steam pressure control
loop & steam temp.control loop. HP Bypass system shall
be implemented through a set of redundant controller
modules, I/O modules etc. The system shall be supplied
with redundant 2 out of 3, primary sensor & suitably
interface with other TG C&I controls like LP Bypass, EHG
b) HP Bypass system shall conform to ANSI/ISA 77.13.01.
2.04.05.3 OTHER SG C&I FUNCTIONS
The SG control functions shall also consist of Secondary
Air Damper Control soot blower control, Auxiliary PRDs
etc. in addition to the burner Management system and
2.04.05.4 OTHER T G C&I FUNCTIONS
The TG control functions shall also, consist of Turbine
Generator control system like seal oil, primary water,
hydrogen system etc. interlock & protection.