Environmental Engineering Reference
In-Depth Information
significance with regard to safety, and they are so
designed, manufactured and installed that their
quality is commensurate with that classification.”
This concept is embodied in international
standards. According to IAEA NS-G-1.3 “All
I&C systems and equipment should be designed,
constructed and maintained in such a way that
their specification, verification and validation,
quality assurance, quality control and reliability
are commensurate with their classification.” In
the document requirements for all safety impor-
tant systems and additional requirements related
only to safety systems are provided. In particular,
mandatory requirements for safety systems are:
compliance with the single failure criterion; peri-
odic checks and calibration of redundant channels
for confirmation of specified operating charac-
teristics; safety maintenance and no influence on
other independent systems in testing. Analysis of
probable common cause failures is required, and
suitability of justified application of the diversity
principle is indicated. Time minimization for
redundant channel of safety system deactivation
for checking is recommended, and safety require-
ments for testing equipment and facilities for its
connection are set. For safety related systems
these requirements are not regulated (or indicated
as recommended).
IEC 61226 differentiates requirements for
systems and equipment, depending on a category
of the function they are performing. For each
category general and specific requirements are
determined. It is determined, for example, that
reliability requirements can be identical for func-
tions of different categories, though a level of
confidence that the function will have the required
reliability should be the highest for category А and
can decrease for categories В and С. For category
А functions redundancy, providing performance
of, at least, the single failure criterion, should be
applied. During reliability assessment common
cause failure effects, which can be caused by
defects of design, production, fitting or errors
made by personnel during operation, servicing and
restoration should be considered. If the specified
factors cannot be taken into account, application
of diversity means for function performance can
be required.
For category B application of redundancy is
desirable (but not mandatory if the required reli-
ability level can be reached without redundancy).
At the same time redundancy should be provided
if single failure effects are not acceptable concern-
ing a degree of their influence on safety. High
reliability of component application should be
justified. Application of means for fast detection
and elimination of failures should be provided.
For category С in general case redundancy
is not required, though it can be necessary for
obtaining reliability level, in this case reliability
and redundancy estimation should be assessed
according to the same rules as for category B
functions.
The requirements for functionality, environ-
mental stability, tests, quality assurance which
are differentiated for each safety category are
determined in the same way.
It is obvious that an unreasonable setting a
safety class of system and its components too high
will cause a considerable increase of costs at all
lifecycle stages: at development, validation, and
verification of new hardware and software; pro-
duction, equipment tests and acceptance; design,
integration, checking, installation and commis-
sioning; servicing and maintenance during opera-
tion. On the other hand, if systems (components)
are related to a lower safety class, than is actually
required, insufficiently strict requirements would
be specified for them; in this case the quality of
such systems (components) may not be complied
with their actual significance with regard to safety
and (or) a sufficient confidence in such compliance
would not be obtained. Unreasonable understating
of class should be considered as a hidden lack of
safety, i.e. violation of one of the fundamental
safety concepts.
Search WWH ::
Custom Search