CM

AMa

b

c

a

AA

KPSSQVR

1

pEIcbdm(

taadtca

0d

Fusion Engineering and Design 84 (2009) 1367–1371

Contents lists available at ScienceDirect

Fusion Engineering and Design

journa l homepage: www.e lsev ier .com/ locate / fusengdes

ombined application of Product Lifecycle and Software Configurationanagement systems for ITER remote handling

li Muhammada,∗, Salvador Esquea, Liisa Ahaa, Jouni Mattilaa, Mikko Siukoa,atti Vileniusa, Jorma Järvenpääb, Mike Irvingc, Carlo Damianic, Luigi Semeraroc

Tampere University of Technology, Korkeakoulunkatu 6, 33720 Tampere, FinlandVTT Systems Engineering, Tekniikankatu 1, 33720 Tampere, FinlandFusion for Energy, Josep Pla 2, Torres Diagonal Litoral B3, 08019 Barcelona, Spain

r t i c l e i n f o

rticle history:vailable online 7 January 2009

eywords:roduct Lifecycle Management (PLM)oftware Configuration Management (SCM)afety Engineeringuality Assurance

a b s t r a c t

The advantages of Product Lifecycle Management (PLM) systems are widely understood among the indus-try and hence a PLM system is already in use by International Thermonuclear Experimental Reactor (ITER)Organization (IO). However, with the increasing involvement of software in the development, the role ofSoftware Configuration Management (SCM) systems have become equally important. The SCM systemscan be useful to meet the higher demands on Safety Engineering (SE), Quality Assurance (QA), Valida-tion and Verification (V&V) and Requirements Management (RM) of the developed software tools. In anexperimental environment, such as ITER, the new remote handling requirements emerge frequently. This

alidation and Verificationemote handling systems

means the development of new tools or the modification of existing tools and the development of newremote handling procedures or the modification of existing remote handling procedures. PLM and SCMsystems together can be of great advantage in the development and maintenance of such remote handlingsystem. In this paper, we discuss how PLM and SCM systems can be integrated together and play their roleduring the development and maintenance of ITER remote handling system. We discuss the possibility toinvestigate such setup at DTP2 (Divertor Test Platform 2), which is the full scale mock-up facility to verify

hand

the ITER divertor remote

. Introduction

Department of Intelligent Hydraulics and Automation of Tam-ere University of Technology (IHA/TUT) has participated in theuropean FUSION program since 1994 for the development ofnternational Thermonuclear Experimental Reactor (ITER). IHA inollaboration with Technical Research Centre of Finland (VTT) haseen involved in the development of remote handling system forivertor maintenance activities. The remote handling system andaintenance concepts will be verified at Divertor Test Platform

DTP2), which is the full scale mock-up facility located at VTT [1].The presence of beta and gamma activated components within

he vessel together with hazardous dust omit the possibility ofny human access and require the use of special remotely oper-ted equipment for the maintenance of the ITER divertor [2]. The

ivertor remote handling operations are very demanding due tohe sheer size and the weight of the components and due to theonstricted space around the components. In addition, reliability,vailability, maintainability and safety (RAMS) are eminent require-

∗ Corresponding author. Tel.: +358 3 3115 4412; fax: +358 3 3115 2240.E-mail address: muhammad.ali@tut.fi (A. Muhammad).

920-3796/$ – see front matter © 2008 Elsevier B.V. All rights reserved.oi:10.1016/j.fusengdes.2008.11.056

ling and maintenance concepts.© 2008 Elsevier B.V. All rights reserved.

ments of the teleoperation system. A detailed description of remotehandling requirements for ITER can be found in Refs. [2,3].

Compared to the previous fusion experimental reactors, theweight of the remotely handled reactor components and toolingin ITER is much larger, resulting in lower operational velocitiesand higher forces. The compactness of space, high load capacityand reliability make the employment of hydraulic manipulatorsan obvious choice. However, possible oil leakage from traditionalhydraulic systems will result in the risk of reactor contaminationwith leaking oil. Additional characteristics of water (fire and envi-ronmentally safe, chemically neutral, not activated, not affected byradiation) make the use of water hydraulics an obvious choice. Aremote handling system for ITER divertor maintenance, consistingof several water hydraulic manipulators, control systems, humanmachine interfaces and a vision system, is under development atIHA [4,5].

Reliable development and fail safe operation of a system ofsuch complexity put stringent demands on Safety Engineering

(SE), Quality Assurance (QA), Validation and Verification (V&V),Requirements Management (RM) and requirements traceabilityof the system. To meet these demands the importance of ProductLifecycle Management (PLM) systems is well understood and hencea PLM system is already in use by ITER Organization (IO). However,

1 eering

tcwcpteeohtiC

ipabtPt4cc

2

amopruDt

368 A. Muhammad et al. / Fusion Engin

he remote handling system for ITER divertor maintenance is aombination of hardware and software. The requirement of largerorkspace and higher forces of the remote handling devices as

ompared to previous experimental fusion reactors also omit theossibility of one-to-one scaling of position and forces duringhe bilateral master-slave teleoperation. This means more controlffort, and the operations rely on software more than before. Tonsure the reliable performance of the system, similar constraintsf SE, QA, and V&V needs to be applied both on the developedardware and the software. The management and traceability ofhe requirements during the software development process are asmportant as of the hardware. Hence, the importance of Softwareonfiguration Management (SCM) system cannot be overlooked.

In this paper, we elaborate the importance of the software qual-ty control along with the hardware quality control. We explore theossible advantages of combined use of PLM and SCM systems tochieve the quality control not only during the development phaseut also during the operational phase of the remote handling sys-em. In the following section, we discuss briefly the background ofLM and SCM systems and their functionality. In Section 3, we men-ion the possible integration of PLM and SCM systems. In Section, we discuss the role of PLM and SCM in the system safety lifecy-le and possibility to adopt such a setup at DTP2. The last sectiononcludes the summary of the discussion.

. PLM and SCM domains

With the demand of increasingly complex products and thedvancements in Computer Aided Engineering (CAE) technology,ore and more data is being generated, related to the development

f products. The majority of this data comprise of CAD (Com-

uter Aided Design) drawings, 3D models and the documentationelated to the requirements management, development and man-facturing. To cope with this data, organizations initially employedocument Management Systems (DMS), which serves as an elec-

ronic vault for the storage, search and retrieval of data. With the

Fig. 1. Functional domains of

Fig. 2. General PLC with software

and Design 84 (2009) 1367–1371

need of streamlining the design, development and manufacturingprocess, the Product Data Management (PDM) systems emerged.Since their emergence in late 1980s, PDM systems have been suc-cessfully used for defining and controlling the business processesaround the globe. In modern times, the developers and manufac-turers are frequently required to provide continuous support to thecustomer for the product and to be responsible for its final disposal.The systems which provide the support for the entire Produce Life-cycle (PLC) are referred to as Product Life Cycle Management (PLM)systems [6]. ITER is a well-suited example where highly complexproducts are combined to make even more complex machine. Thedesign, development and manufacturing activities are distributedglobally and the whole lifecycle of the project needs to be managed.

However, due to historical development, the PLM systems havebeen closely related to hardware products (CAD systems). Becauseof integrated Document Management System (DMS), PLM systemsprovide some support for the software lifecycle, and the con-figuration management of software items. But there are specificrequirements related to software development process which arenot covered by PLM systems [7]. The software lifecycle including thedevelopment process is usually supported by the Software Config-uration Management systems.

Modern SCM systems emerged in early 1990s, when soft-ware became more complex and software development becamea distributed process. SCM systems provide functionalities suchas build management, workspace management and concurrentdevelopment, requirements management and traceability of therequirements for the software products. In addition they providemuch functionality common with PLM systems, as shown in Fig. 1.However, SCM systems lack a number of functionalities requiredfor the hardware development process. The detailed discussion ofthe inapplicability of PLM systems in software development and of

SCM systems in hardware development is beyond the scope of thispaper. Further discussion on the topic can be found in Ref. [7].

Fig. 2 shows the generic PLC of a product consisting of bothhardware and software components with the development phasezoomed out for hardware and software. The description of these

PLM and SCM systems.

and hardware development.

A. Muhammad et al. / Fusion Engineering and Design 84 (2009) 1367–1371 1369

n of P

mlPpsaat

3

Pstftsdaddebd

adothacomdt

fitmTcft

Fig. 3. Loose integratio

odels can be found in Refs. [8,9]. It can be seen that the generalifecycle of such a product cannot be completely covered by eitherLM or SCM systems because of the differences in developmenthase. A possibility is the integration of SCM functionality in PLMystem so it can be used without the distinction between hardwarend software. Unfortunately, no such PLM system is currently avail-ble and software developing organizations continuously supportheir software development process using SCM systems.

. Integration of PLM and SCM

On the basis of the discussion above, it can be concluded thatLM systems cannot provide the functionalities required for theoftware development process and cannot thus replace SCM sys-ems. However, a complex product, such as remote handling systemor ITER, consists of both hardware and software components. Fromhe management point of view, it is important to control andynchronise the lifecycle phases in both domains, and from theeveloper’s point of view, it is important to have a transparentccess to the functionalities for the development in her/his ownomain. For this purpose, the involvement of SCM system in theevelopment process of ITER remote handling system cannot bexcluded. In the following paragraphs, we will consider the possi-ilities how PLM and SCM systems can be combined together in theevelopment process.

A straightforward solution could be employed to both PLMnd SCM systems. Depending on the hardware or software, theeveloper can choose to work with either of them. Hardware devel-pers are regularly well accustomed to PLM systems and so arehe software developers with SCM systems. However, such setupas its downsides from the management point of view. The man-gement needs to deal with two different tools to monitor andontrol the development process of the same product. A great dealf the information flow between the systems needs to be doneanually, and the development process of ITER is geographically

istributed, which can result in inconsistencies among the dis-ributed databases of the systems.

The ideal situation could be to have a PLM system with all theunctionalities of SCM system integrated behind the same usernterface. Irrespective of the product being hardware or software,he management can monitor and control the process of develop-

ent, and the developers are only concerned with their product.his type of system can be of special advantage for the peoplelosely involved with both hardware and software development,or example system engineers or team leaders. This sort of integra-ion can be referred to as full integration of PLM and SCM systems.

LM and SCM systems.

Unfortunately, such systems are not currently available, and due toseveral technical reasons and cultural differences among hardwareand software developer communities, are far from being realised inthe near future.

A reasonable and a more practical approach for ITER could bewhat is termed as loose integration of PLM and SCM systems [7].The approach has been in successful use in several organizationswhich develop products consisting of both hardware and softwareand which have a geographically distributed development pro-cess. In this approach the hardware and software developers workwith PLM and SCM systems for their respective developments. ThePLM database serves as the main database, where the informationabout the software development process is kept updated from SCMdatabase. The management only needs to use the PLM system tomonitor the entire development process of a product consisting ofboth hardware and software components. At the same time, therelevant software documentation can also be kept synchronised onboth databases since both systems provide configuration manage-ment functionalities. The scenario is depicted in Fig. 3 below fora distributed development environment, where UI stands for UserInterface and DB stands for Database. The architecture makes use ofthe Application Programming Interfaces (APIs), which are alreadybuilt in PLM and SCM systems to provide interfaces to the otherapplications. The client–server approach has been used for datasynchronisation not only between PLM and SCM systems, but alsoamong the distributed sites. The data synchronisation can be doneon need to know basis to reduce the data traffic.

4. Application of PLM & SCM

The employment of both PLM and SCM systems can bring severaladvantages not only during the development phase, but also duringthe execution phase of ITER remote handling system. Fig. 4 outlinesa general PLC of a product consisting of both hardware and softwarecomponents, and identifies the key lifecycle phases. The criticalrequirements of Safety Engineering, Quality Assurance and Vali-dation and Verification have been covered and distributed amongthe PLM and SCM systems. The safety lifecycle of the products ingeneral has been discussed in Ref. [8]. The safety, reliability andquality assurance plan for the software for several industrial sec-tors, including nuclear applications, has been outlined in Ref. [10].

The Requirements Management, requirements traceability, docu-mentation flow and version control are fundamental requirementsfor QA procedures. The role of PLM and SCM systems in the QA of thePLC is visible. The functionalities required for the software develop-ment process are identified and separated in SCM system. The other

1370 A. Muhammad et al. / Fusion Engineering and Design 84 (2009) 1367–1371

Fig. 4. Major phases of PLC.

Fig. 5. Role of PDM and SCM in DTP2.

eering

aa

dmiccttTltcmdcs

thacveimbgwoimc

mbrnswftu

5

otdoM

A. Muhammad et al. / Fusion Engin

ctivities of the PLC, including the hardware development process,re controlled by PLM system.

In an experimental environment, such as ITER, new remote han-ling requirements emerge frequently [11]. This means new tools orodification of the tools, new remote handling procedures or mod-

fication of remote handling procedures. The PLM and SCM systemsan be used together for synchronising automatically the modifi-ation of hardware and of remote handling procedures. In this wayhe process of requirement management, change management andraceability of these requirements and changes is greatly simplified.he maintenance procedures include several movers and manipu-ators, associated mechanical and electrical hardware, software andools. A record of maintenance can result in improved prediction ofomponent failures and thus in avoiding them. Software manage-ent and maintenance are equally important as new versions are

eveloped frequently, and these systems can keep the track of thehanges that result in upgraded or degraded performance of theystem.

Fig. 5 shows a possible architecture of the remote handling sys-em and the role of PLM and SCM systems. The users of the systemave different roles but they all use the same database for readingnd writing information. This removes the chances of inconsisten-ies; for example, it can be made sure that only the latest and sameirtual reality model is used both during the task planning and taskxecution. A functionality provided by both PDM and SCM systemss the distinction between released and non-released version of the

odules. Once a hardware or software module is released it cannote further modified. Hence, the process of change management isreatly simplified. Unless the change has been verified, the oldestorking modules remain in use. As a result of change in hardware

r in software, all the effected tasks can be easily be identified, andf required, verification of task planning can be done. The require-

ent of a new task and new tools can be generated, and developersan be notified automatically.

Along with the verification of divertor remote handling andaintenance concepts such a setup of PLM and SCM systems can

e tried experimentally at DTP2. The SmarTeam® PLM system isecommended to be used by ITER domestic agencies by ITER Orga-ization and its being implemented currently at DTP2. The SCMystem Subversion (SVN) is also already in use to manage the soft-are development process at DTP2. A suitable integration can be

ormed between the two systems (or using some other SCM), andherefore the advantages of the setup can be experimentally eval-ated at DTP2.

. Conclusions

Remote handling system of ITER is a complex product consisting

f both hardware and software modules. Due to the lack of func-ionalities in the PLM systems, they cannot support the softwareevelopment process. The software lifecycle including the devel-pment process is usually supported by the Software Configurationanagement systems. To control the lifecycle of ITER remote han-

[

[

and Design 84 (2009) 1367–1371 1371

dling system completely, both PLM and SCM systems are neededto be employed. Due to technical reasons, a complete integrationof PLM and SCM is currently unavailable; however, no integrationbetween systems can lead to data inconsistencies and to increase inmanagement burden. A suitable solution is the forming of a looseintegration between the two systems by using the APIs already builtin these systems. The PLM and SCM systems together can be use-ful for achieving higher demands on SE, QA and V&V during theentire lifecycle. Their use in the ITER remote handling system canimprove the efficiency by simplifying the Requirement Manage-ment (RM), change management and traceability of requirementsand changes. The designing and verification of new tasks and newtools can be achieved faster since a single database will reduce therisk of inconsistencies and thus reduce the risk of failures. Develop-ment at DTP2 can serve as a setup to experimentally evaluate thefeasibility of PLM and SCM systems employed together with a singledatabase.

Acknowledgements

This work, supported by the European Communities under thecontract of Association between EURATOM/TEKES, was carried outwithin the framework of the European Fusion Development Agree-ment. The views and opinions expressed herein do not necessarilyreflect those of the European Commission.

References

[1] J. Palmer, M. Siuko, P. Agostini, R. Gottfried, M. Irving, E. Martin, A. Tesini, M. VanUffelen, Recent developments towards ITER 2001 divertor maintenance, FusionEngineering and Design 75–79 (November) (2005) 583–587.

[2] T. Honda, Y. Hattori, C. Holloway, E. Martin, Y. Matsumoto, T. Matsunobu, T.Suzuki, A. Tesini, V. Baulo, R. Haange, J. Palmer, K. Shibanuma, Remote handlingsystems for ITER, Fusion Engineering and Design Volumes 63–64 (December)(2002) 507–518.

[3] T. Burgess, R. Haange, R. Hager, Y. Hattori, J. Herndon, C. Holloway, D. Maisonnier,E. Martin, N. Matsuhira, K. Shibanuma, M. Sironi, E. Tada, A. Tesini, Remotemaintenance of in-vessel components for ITER, Fusion Engineering and Design42 (1–4) (September 1998) 455–461.

[4] J. Palmer, M. Irving, J. Järvenpää, H. Mäkinen, H. Saarinen, M. Siuko, A. Timperi,S. Verho, The design and development of divertor remote handling equipmentfor ITER, Fusion Engineering and Design 82 (15–24) (October 2007) 1977–1982.

[5] A. Muhammad, S. Esqué, J. Mattila, M. Tolonen, P. Nieminen, O. Linna, M. Vile-nius, M. Siuko, J. Palmer, M. Irving, Development of water hydraulic remotehandling system for divertor maintenance of ITER, in: 22nd Symposium onFusion Engineering, Albuquerque, New Mexico, June, 2007.

[6] A. Saaksvuori, A. Immonen, Product Lifecycle Management, first ed., Springer-Verlag, Berlin, Heidelberg, 2004.

[7] I. Crnkovic, U. Asklund, A.P. Dahlqvist, Implementing and Integrating ProductData Management and Software Configuration Management, first ed., ArtechHouse, Boston, London, 2003.

[8] K. Ulrich, S. Eppinger, Product Design and Development, third ed., McGraw-Hill/Irwin, Boston, 2003.

[9] I. Sommerville, Software Engineering, seventh ed., Pearson/Addison-Wesley,

Harlow, New York, 2004.

10] D.S. Herrmann, Software Safety and Reliability: Techniques, Approaches, andStandards of Key Industrial Sectors, first ed., Wiley–IEEE Computer Society,2000.

11] A.C. Rolfe, A perspective on fusion relevant remote handling techniques, FusionEngineering and Design 82 (15–24) (October 2007) 1917–1923.