Environmental Engineering Reference
In-Depth Information
• Generates and issues command sequence
required for a complete performance of
design speciic protective actions (even in
case when the cause, provoked actuation
of the protection I&C system, disappeared)
into safety actuation I&C systems and / or
for actuating elements.
• Displays information required for opera-
tional personnel to monitor system opera-
tion, check operation accuracy, initiate, if
necessary, allowed actions intended for
safety assurance, and check their results.
• Archives: data on cause of system actua-
tion; values of controlled parameters; in-
formation, describing technical state of its
components and adjacent equipment; data
of commands and directions obtained from
the operational personnel and adjacent
systems.
protection I&C system, and also expected transient
processes during performance of protective actions
are considered, so that in any postulated initiat-
ing events controlled technological parameters
did not exceed the design specific limits of unit
safety operation (see Figure 4). Limits of safety
operation specified on the basis of safety crite-
ria and determine limiting values of controlled
technological parameters; if they are exceeded,
effects unacceptable for power unit safety can
be expected (IAEA, 2002,a) (according to NP,
2008,a exceeding the limit of safety operation
may lead to an emergency). To exclude unreason-
able actuation of the protection system provides
required margins between the specified set-points
and operational limits of relevant technological
parameters, which were specified in the design
for a normal operation of the unit.
Operability failure of components of the pro-
tection I&C system are detected automatically.
Operational personnel are immediately warned
about failures, which may lead to a situation, when
a system will be unavailable to perform required
safety functions with the specified reliability and
quality. Possibility of unit operation in case of
components' failure of the safety protection sys-
tem, acceptable operational limits and restrictions
and also time, during which operation is allowed
in such conditions, are agreed with Ukrainian
Regulatory Authority and specified in Technical
Specifications of Safe Operation and in documents,
substantiating safety.
Safety actuation I&C systems
perform func-
tions of display, warning (preventive alarm),
archiving, discrete control and / or regulation (see
Chapter 1). During power unit operation in operat-
ing modes the safety actuation system: controls
technical state and diagnoses operability failure
of its components and adjacent equipment; warns
operational personnel about failures, which may
lead to a situation, when a system will be unavail-
able to perform specified functions; archives and
displays diagnostic results.
After actuation of protective actions, a possibil-
ity to execute power unit shutdown of the whole
protection I&C system or its individual commands
within a project specific time period (for example,
for reactor protection system - not less than 10 min
according to NP, 2008,a) is automatically blocked.
This does not prevent performance of other func-
tions, which can be required for safety assurance
(except those, which are not compatible with
performed protective actions), in particular, the
operational personnel in the main (or emergency)
control room may duplicate specific commands,
initiate actuation of protective actions by other
protection systems, etc.
Issued commands are retained at the output
of the protection I&C system until a complete
performance of initiated protective actions, even
after the reason caused them was eliminated.
Returning the protection I&C system in the initial
state and withdrawal of all its issued commands are
performed by the actions of operational personnel
specified in the design.
During determination of set-points probable
(permissible) errors and lags of actuation of the
Search WWH ::
Custom Search