IEC TR 61838:2001 pdf download

IEC TR 61838:2001 pdf download.Nuclear power plants – Instrumentation and control functions important for safety- – Use of probabilistic safety assessment for the classification.
In fact, probabilistic safety assessments may be used in two areas:
• to support the design process of new NPP5 in order to determine the correct classification of the I&C functions, especially to avoid down or upgradings of classification;
• to verity the design and identify improvements to the l&C systems which will be most effective, This use of probabilistic techniques is particularly appropriate to the safety reviews of existing NPPs.
In this way, probabilistic safety assessments can be used to improve the design of NPPs and focus resources on the provision of l&C functions which have the greatest safety significance.
However, we have to note that the use of PSA continues to evolve within member nations and its level of acceptance is not consistent, even it PSA are used in some countries as part of the licensing process.
5.2 Use of PSA in the design of future NPPs
5.2.1 Overall scope
PSA may be used in the design phase with the following purposes:
• to identify the reliability of equipcnent and systems required to cope with safety targets:
• to complement the qualitative approach in assessing the frequency of initiating events:
• to identify the complex failure sequences to be considered in the design;
• to support the definition of technical specifications and emergency procedures:
• to achieve a balanced design.
Typically, PSA covers the assessment of the core damage frequency, the evaluation of the containment response and the estimation of release frequencies and magnitudes
Simplified PSA methods for I&C assessment are normally used during the early stages of the design process, in particular to examine the adequacy of redundancy provisions and the need for safeguards against common cause failure of simple redundant systems and to guard against the impact of human errors, Moreover, it is usually important to know the uncertainties and take them into account in the safety assessment and in the subsequent classification. Therefore, particular attention must be given to the following points:
• sensitivity studies and the evaluation of the uncertainties in the modelling;
• the quality of the reliability data bases which are used to provide reference data.
5.2.2 Methods
5.2.2.1 ProbabilistIc safety targets
Probabilistic safety targets for the l&C functions should be consistent with those set for the overall NPP. An example of such targets is provided in IAEA INSAG 3 document as follows:
• core damage cumulative frequency shall be lower than 1O per reactor year:
• cumulative frequency of exceeding the limiting release shall be lower than 1O per reactor year:
• sequences involving very large releases with gross failure of containment shall have a cumulative frequency well below the previous target of 1O per reactor year.
5.2.2.2 Initiating events
The initiating events that will be considered In the probabilistic studies are principally the events used to justify the design of a specific plant system or of a specific l&C function.
Accordingly, the designer speaks about a family of events. A family of events is in fact a group of elementary events which lead to the same main event. This arrangement of elementary events in families of events may differ from plant to plant but the arrangement selected should be clearly dehned at the beginning of the design.
5.2.2.3 RelIability data
During the design phase, it is usual for a generic rellab4lity data base to be used because little or no plant specific data is available. Such data should be used with caution since it may not be validated for the application on the environment of the NPP.
Point values may be used, in which case sensitivity studies should be carried Out to evaluate the influence on the design of the critical assumptions and base data.
5.2.2.4 Common cause faIlure (CCF)
I8C equipment is subject to common cause failures through the use of identical components and techniques. These common cause failures can be caused by error in design. manufacturing, operation and maintenance processes as well as common environmental stresses.
For the case of equipment that consists of components whose freedom from failures caused by design/manufacturing errors and environmental stresses can be reasonably determined through test, experience or analysis: the probability of common cause failure should be quantified according to the t factor model or another appropriate technique.
For the case of equipment that consists of components whose freedom from failures caused by design’manufacturing errors and environmental stresses cannot be reasonably determined through test, experience or analysis. the p factor model is not applicable. Examples include program rnable electronic equipment and computer-based equipment.
The present state of practice for the quantification of the reliabilIty of redundant systems which employ software for the achievement of functions important to safety is to assume a failure per demand for the redundant system, based upon qualitative engineering judgement.