Environmental Engineering Reference
In-Depth Information
The design of I&C system of post-accident
monitoring regulates lists of considered initiating
events and monitored parameters and determines
their qualitative properties and ranges of variation,
possible in conditions of emergencies, design basis
and beyond design basis accidents, also including
those values of monitored parameters at which
integrity and efficiency of physical barriers can
be disturbed.
Means for display and record of information
that included in the post-accident monitoring
system are placed in the main - and emergency
control room and in rooms of internal (on-site)
and external (in supervised area) crisis centers.
Information is saved in an archive of the post-
accident monitoring I&C system and should be
kept undamaged in case of accidents, including
severe ones. Measures for protection of archival
data from unintended or intentional change during
the specified period of time are provided.
reactor protection) and normal operation func-
tion (preventative reactor protection), but safety
functions have a
priority
over normal operation
functions, and such a combination will not lead
to reliability reduction and / or degradation of
other system properties, defining performance
of safety functions.
The functions, combined in one system, can
be distributed among several software-hardware
complexes contained in it (SHC), though for mod-
ern I&C systems combination of functions in one
SHC that performs not only all the main, but also
additional (auxiliary and service) functions is more
typical (main system function are determined by
its purpose, auxiliary functions provide continuous
automatic monitoring of system technical state,
display, archiving and warning of personnel about
operability failures and attempts of unauthorized
access, service functions- automate actions of
personnel during reconfiguration, periodic tests,
etc.). In this case required measures are taken
in order that auxiliary functions (which can be
performed simultaneously with main ones) and /
or failures of associated equipment of SHC will
not lead to degradation of properties of the I&C
system, defining performance of main functions.
Resistance of these properties to component
failures of SHC, intended for implementation of
service functions, performance of which is usu-
ally not intersected during performance of main
functions, is also provided.
Combination of functions of protection system
and safety actuation system in one safety I&C sys-
tem can be justified if this does not have negative
influence on safety. However, such a combination
is inadmissible, when protective actions initiated
by the protection I&C system, should be performed
by divers safety actuation systems, which reserve
each other (for example, disconnection of hold
current of each of control rod drives is duplicated
by damping of force electrical power simultane-
ously from all drives).
Combinations of Functions
in I&C Systems
One I&C system can combine different functions
to achievement and maintain of safety which can
be related to different categories according to IEC,
2009. Failure to perform a function in such a sys-
tem does not influence the possibility to perform
other functions of the same and higher category.
In normal operation I&C systems, closely
functions are usually combined (in various com-
binations), for example: monitoring, display and
registration; limitation, locking and warning;
discrete (automatic) and remote (manual) control.
In the last case in order not to create obstacles for
automatic control in case of failures in manual
control circuits (and vice versa), the number of
elements, taking part in performance of one or
another function, is minimized. The difference
between categories of performed functions is
often occurred due to combination of safety
functions in one system (for example, emergency
Search WWH ::
Custom Search