Workshop Information IAEA Workshop

Similar documents
10. SYSTEM ANALYSIS. The assessment consist of two elements: Safety Analysis Report and an independent Review of Safety Report.

Solenoid Valves used in Safety Instrumented Systems

Safety Analysis: Event Classification

MDEP Common Position No AP

Workshop Information IAEA Workshop

Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant Design

Review and Assessment of Engineering Factors

IAEA Headquarters in Vienna, Austria 6 to 9 June 2017 Ref No.: CN-251. Ivica Bašić, Ivan Vrbanić APoSS d.o.o.

This manual provides necessary requirements for meeting the IEC or IEC functional safety standards.

Safety Classification of Structures, Systems and Components in Nuclear Power Plants

IAEA SAFETY STANDARDS for protecting people and the environment

Section 1: Multiple Choice

IAEA SAFETY STANDARDS for protecting people and the environment

DeZURIK. KGC Cast Knife Gate Valve. Safety Manual

SAFETY APPROACHES. The practical elimination approach of accident situations for water-cooled nuclear power reactors

Safety manual for Fisher GX Control Valve and Actuator

SIL explained. Understanding the use of valve actuators in SIL rated safety instrumented systems ACTUATION

(C) Anton Setzer 2003 (except for pictures) A2. Hazard Analysis

The Nitrogen Threat. The simple answer to a serious problem. 1. Why nitrogen is a risky threat to our reactors? 2. Current strategies to deal with it.

RESILIENT SEATED BUTTERFLY VALVES FUNCTIONAL SAFETY MANUAL

Every things under control High-Integrity Pressure Protection System (HIPPS)

DeZURIK. KSV Knife Gate Valve. Safety Manual

Reliability of Safety-Critical Systems Chapter 4. Testing and Maintenance

UKEPR Issue 04

FP15 Interface Valve. SIL Safety Manual. SIL SM.018 Rev 1. Compiled By : G. Elliott, Date: 30/10/2017. Innovative and Reliable Valve & Pump Solutions

DESIGN OF REACTOR CONTAINMENT STRUCTURE AND SYSTEMS FOR NUCLEAR POWER PLANTS

Regulatory requirements with respect to Spent Fuel Pool Cooling

Eutectic Plug Valve. SIL Safety Manual. SIL SM.015 Rev 0. Compiled By : G. Elliott, Date: 19/10/2016. Innovative and Reliable Valve & Pump Solutions

TRI LOK SAFETY MANUAL TRI LOK TRIPLE OFFSET BUTTERFLY VALVE. The High Performance Company

Assessing Combinations of Hazards in a Probabilistic Safety Analysis

This publication is no longer valid Please see Application of the Single Failure Criterion

Pneumatic QEV. SIL Safety Manual SIL SM Compiled By : G. Elliott, Date: 8/19/2015. Innovative and Reliable Valve & Pump Solutions

DeZURIK Double Block & Bleed (DBB) Knife Gate Valve Safety Manual

IEM on Severe Accident Management in the light of the accident at the Fukushima Daïchi NPP

Assessment of Internal Hazards

Bespoke Hydraulic Manifold Assembly

Hydraulic (Subsea) Shuttle Valves

IAEA Regional Workshop Legal and Regulatory Aspects of Decommissioning of Research Reactors June Manila, Philippines

LECTURE 3 MAINTENANCE DECISION MAKING STRATEGIES (RELIABILITY CENTERED MAINTENANCE)

Solenoid Valves For Gas Service FP02G & FP05G

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER I: AUXILIARY SYSTEMS. A high-capacity EBA system [CSVS] [main purge]

General maintenance engineering applications

EMERGENCY CORE COOLING SYSTEM SIMPLIFICATION

Reliability of Safety-Critical Systems Chapter 3. Failures and Failure Analysis

Preliminary Failure Mode and Effect Analysis for CH HCSB TBM

Advanced LOPA Topics

SPR - Pneumatic Spool Valve

Section 1: Multiple Choice Explained EXAMPLE

Ranking of safety issues for

DESIGN OF REACTOR CONTAINMENT STRUCTURE AND SYSTEMS FOR NUCLEAR POWER PLANTS

DISTRIBUTION LIST. Preliminary Safety Report Chapter 19 Internal Hazards UK HPR1000 GDA. GNS Executive. GNS all staff. GNS and BRB all staff CGN EDF

Understanding safety life cycles

Lifespan Improvements Available in the Industry

GUIDELINES FOR VESSELS WITH DYNAMIC POSITIONING SYSTEMS ***

Enhancing NPP Safety through an Effective Dependability Management

Neles trunnion mounted ball valve Series D Rev. 2. Safety Manual

Nuclear Safety Regulation: Before and after Fukushima*

The Best Use of Lockout/Tagout and Control Reliable Circuits

General maintenance engineering applications

Hazard Identification

Why do I need dual channel safety? Pete Archer - Product Specialist June 2018

REDUNDANT PROPULSION SHIPS RULES FOR CLASSIFICATION OF NEWBUILDINGS DET NORSKE VERITAS SPECIAL EQUIPMENT AND SYSTEMS ADDITIONAL CLASS PART 6 CHAPTER 2

PROCEDURE. April 20, TOP dated 11/1/88

NUBIKI Nuclear Safety Research Institute, Budapest, Hungary

APPLICATION OF THE FAILURE MODES AND EFFECTS ANALYSIS TECHNIQUE TO THE EMERGENCY COOLING SYSTEM OF AN EXPERIMENTAL NUCLEAR POWER PLANT

Calibration Requirements for Direct Reading Confined Space Gas Detectors

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER F: CONTAINMENT AND SAFEGUARD SYSTEMS 7. CONTAINMENT HEAT REMOVAL SYSTEM (EVU [CHRS])

Instrumented Safety Systems

SENSITIVITY ANALYSIS OF THE FIRST CIRCUIT OF COLD CHANNEL PIPELINE RUPTURE SIZE FOR WWER 440/270 REACTOR

SIL Safety Manual. ULTRAMAT 6 Gas Analyzer for the Determination of IR-Absorbing Gases. Supplement to instruction manual ULTRAMAT 6 and OXYMAT 6

TEPCO s Safety Assurance Philosophy on Nuclear Power Generation Plants

Return to Session Menu DYNAMIC POSITIONING CONFERENCE QUALITY ASSURANCE SESSION. The Meaning of LIFE. Richard Purser GL Noble Denton

Complementarity between Safety and Physical Protection in the Protection against Acts of Sabotage of Nuclear Facilities

Lecture 04 ( ) Hazard Analysis. Systeme hoher Qualität und Sicherheit Universität Bremen WS 2015/2016

Delayed Coker Automation & Interlocks

Safe management of industrial steam and hot water boilers A guide for owners, managers and supervisors of boilers, boiler houses and boiler plant

SEMEMI SQA Unit Code H2AX 04 Carrying out scheduled maintenance tasks on fluid power equipment

Suitable for anyone who is required to maintain industrial pneumatic systems. No prior knowledge of pneumatic or electrical principles is necessary.

PI MODERN RELIABILITY TECHNIQUES OBJECTIVES. 5.1 Describe each of the following reliability assessment techniques by:

PREDICTING HEALTH OF FINAL CONTROL ELEMENT OF SAFETY INSTRUMENTED SYSTEM BY DIGITAL VALVE CONTROLLER

Safety Engineering - Hazard Identification Techniques - M. Jahoda

VALVES OPERATION, MAINTENANCE & TROUBLESHOOTING

How to reinforce the defence-indepth in NPP by taking into account natural hazards?

Containment Isolation system analysis and its contribution to level 2 PSA results in Doel 3 unit

Understanding the How, Why, and What of a Safety Integrity Level (SIL)

The «practical elimination» approach for pressurized water reactors

Risks Associated with Caissons on Ageing Offshore Facilities

Maintaining mechanical devices and equipment. Outcome one

Reliability of Safety-Critical Systems Chapter 10. Common-Cause Failures - part 1

4. Hazard Analysis. Limitations of Formal Methods. Need for Hazard Analysis. Limitations of Formal Methods

ONR GUIDE. Internal Hazards. Nuclear Safety Technical Assessment Guide. NS-TAST-GD-014 Revision 4

GSA POLICY ON LOCAL EXHAUST AND OTHER VENTILATION (FUME CUPBOARDS)

Health and Safety Executive. Key aspects of HS(G) 253. Andrew Hall HID CI 1G. HM Specialist Inspector (Mechanical)

IST-203 Online DCS Migration Tool. Product presentation

SIL Safety Manual for Fisherr ED, ES, ET, EZ, HP, or HPA Valves with 657 / 667 Actuator

Training Fees 4,000 US$ per participant for Public Training includes Materials/Handouts, tea/coffee breaks, refreshments & Buffet Lunch.

T e l N o : F a x N o : E m a i l : a i s h c m c - m e. c o m w w w. c m c - m e.

Rules for Classification and Construction Ship Technology

Regulatory Review of Safety Assessment for Decommissioning of Facilities Using Radioactive Material

1309 Hazard Assessment Fundamentals

Transcription:

IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Safety Assessment of General Design Aspects of NPPs (Part 2) Lecturer Lesson Lesson III III 1_2 1_2 Workshop Information IAEA Workshop City City,, Country XX XX --XX XX Month, Year Year

Items for Discussion Review of Single Failure Criterion System Redundancy System Independence System Diversity Concept of Fail-Safe Design System Interactions and Dependencies Conduct of Single Failure Assessments IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 2

Review of Single Failure Criteria.. protection system shall be designed for high functional reliability and inservice testability commensurate with safety functions performed. Redundancy and independence designed into protection system shall be sufficient to assure: 1. No single failure results in the loss of protective function.. 2. Removal from service of any component or channel does not result in loss of required minimum redundancy unless acceptable reliability of operation of protection system can be otherwise demonstrated. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 3

Review of Single Failure Criteria..protection system shall be designed to permit periodic testing of its functioning when reactor is in operation, including a capability to test channels independently to determine failures and losses of redundancy that may have occurred. Taken from US Title 10 Code of Federal Regulations, Part 50 Appendix A, General Design Criteria 21 IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 4

Example of Potential Single Failure IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 5

System Redundancy System redundancy in all critical components is first step to meet single failure criteria. System redundancy reduces system failure probability thus improving reliability. To be redundant requires individual trains have sufficient capacity (Design Margins) to meet functional requirements. 2 redundant trains alone does not meet single failure criteria. Provisions also needed for: periodic on-line testing, and ability to remove a channel from service. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 9

System Redundancy IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 10

System Redundancy To permit on-line testing and maintenance typically use minimum of 3 redundant trains or channels. To prevent spurious safety system operation (also potential safety concern) it is most common to take 2/3 Coincidence in actuation logic. Current reactor protection systems use either 2/3 or 2/4 coincidence logic. IEEE Std. 279 (1971), IEEE Std. 379 (1988) provide conservative guidance IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 11

Example of Too Much Redundancy IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 12

System Independence Single Failure Criteria for redundant systems implies redundant trains (or channels) are physically independent of each other. No common dependencies on power or environmental supports. Cross-connections are isolated to prevent fault in one train failing redundant train. IEEE Std. 384 (1984) provides conservative guidance. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 13

Example of Lack of Independence IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 14

Example of Lack of Independence IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 15

System Independence Independence is achieved by: Routing cabling in physically separated metal conduits according to electrical design standards, such as IEEE Std. 384 (1984). Cross-connection using qualified electrical isolation devices Use of Optical Isolators NOT resistors Fluid system cross connections isolated via check valves. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 16

System Diversity Reliability of redundant, independent safety system becomes limited by potential for common cause failure. Example: 2/4 train ECCS system will typically have failure probability in 10-4 to 10-5 range. It is difficult to mathematically justify common cause failure probability being significantly lower than this range. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 17

Common Cause Failures include Common design error or inadequate Design Margins Common manufacturing defects Common testing or system restoration errors Environmental degradation (dirt, grit, moisture) IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 18

System Diversity Potential significance of common cause failure warrants thorough consideration in safety assessments. Additional redundancy is NOT way to address common cause failure. Component diversity is acceptable way to address common cause failure. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 19

Diversity Can Be Achieved By Use of different physical operating principles (e.g. : steam and electric driven pumps) Use of different component manufacturers to eliminate common manufacturing defects. Use of different technicians to test, maintain, or restore operating equipment. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 20

Concept of Fail-Safe Design Fail-safe concept originated with military concerns over accidental launch of missiles or detonation of weapons. Fail-safe concept requires systematic identification of safe outcome of system failure (e.g. no missile launch!). Central issue of Fail-safe concept typically identification of de-energized state of systems and components. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 21

Application of Fail Safe Concept to NPPs Control Rod Clutches, electrical breakers should be designed to TRIP on loss of control power. Relay logic should TRIP on loss of power. Reactor protection system should be designed to TRIP on loss of power supply. ECCS recirculation valves should typically fail as-is. Pneumatic Valves should be assessed which is safest state for loss of air pressure. Solenoid operated valves should be assessed which is safest state for loss of power. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 22

Systems Dependencies & Systems Interactions Most NPP designs have redundant protection systems supported by redundant support systems (e.g. AC/DC Power, cooling water, HVAC, etc.) Failure of one train of these individual support systems can lead to very complicated transient events involving sudden loss of ½ of all systems. World operating experience has shown these events can be very severe. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 23

Systems Dependencies & Systems Interactions Systems Interactions caused by single failures (steam line rupture in a compartment, inadvertent automatic fire suppression operation) can cause significant components to fail simultaneously. Faults initiated by failed support systems and system interaction events should be considered in Single Failure Assessments. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 24

Conduct of Single Failure Assessment Excellent guidance on performing single failure assessments can be found in: IAEA 50-SP-1, IEEE Std. 352 (1987). Single Failure Assessment is deterministic in nature and documented as FMEA. Probability only considered in dispositioning of incredible faults. Purpose: document Single Failure Criteria compliance for safety systems credited in Accident Analysis. Inputs are comparable to those needed for PSA (frequently FMEA conducted in parallel with PSA) IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 25

Conduct of Single Failure Assessment Documentation required: All Electrical Schematics, Piping & Instrument Drawings, Isometrics (fluid systems only). Equivalent Schematics for all Support Systems. All Electrical/Mechanical Specifications. System descriptions. Operating Manuals and Operating Procedures. Test/Maintenance Procedures. Operating History Reports for similar equipment at other NPPs. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 26

Conduct of Single Failure Assessment Systematic identification of PIEs or Postulated Initiating Events. Identification of systems credited (timing, operation mode) in Accident Analysis. Collapse credited systems, support systems into single list of credited functions. Support system FMEA used to identify any systems interaction transients requiring further accident analysis as new PIEs. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 27

Conduct of Single Failure Assessment Single Failure Assessments are LARGE Independent review by Regulatory Body or other external organizations necessitates systematic, auditable documentation. Typical Format is via: Failure Modes and Effects Analysis Table Content of FMEA Table found in 50-SP-1 or IEEE Std. 352 (1987). IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 28

Documentation of Single Failure Assessment FMEA Table systematically documents: Specific component identification - Component function - Failure mode - Effect of the failure on the system - Methods available to detect/correct the failure - Any relevant further comments - IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 29

Example of Actual FMEA IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 30

IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 31

Comments from Personal Experience Single Failure assessments and PSA complement each other as tools to investigate safety. Both tools have identified design weaknesses Single Failure assessment provides a more legal proof of regulatory compliance to Regulatory Body than does a PSA because no faults are hidden from consideration. Support System FMEAs frequently used as critical input to PSA for identifying Special Initiators. IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making 32

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback