IEC TR 61838 pdf download.Nuclear power plants – Instrumentation and control functions important for safety– Use of probabilistic safety assessment for the classification
This Technical Report provides a survey of some of the methods by which probabilistic risk assessment results can be used to establish “risk based” classification criteria, so as to allow FSEs to be placed within the four categories established within IEC 61 226. The application of risk based techniques, in conjunction with the consequence based classification approach given in IEC 61 226, is currently decided by the utility and/or regulator within member Nations. In the absence of an internationally agreed approach, this should continue, but this Technical Report is intended to stimulate debate on this subject and encourage the convergence of views so that an IEC International Standard can be agreed. The safety principles and the usefulness of a risk-based approach to classification are discussed and a description of four different approaches is presented. In other respects, references are given in this report to IEC and IAEA documents which relate directly to the topic. This report also discusses the limitations associated with the use of probabilistic safety assessment (PSA) techniques. Guidance is given in annex A on modelling instrumentation and control functions for probabilistic risk assessment.
3 Definitions and abbreviations
For the purposes of this technical report, the following definitions apply. The definitions are consistent with, or identical to (if marked with an asterisk) those used in other IEC or IAEA codes and standards. 3.1 Definitions 3.1 .1 diversity the existence of two or more different ways or means of achieving a specified objective. Diversity is specifically provided as a defence against common mode failure. It may be achieved by providing systems that are different from each other, or by functional diversity, where similar systems achieve the specified objective by performing different functions, or by provision in the development process, for example by having separate design teams and verification and validation teams NOTE This definition is wider than that used by the IAEA 50-C-D, which is as follows: “The existence of redundant components or systems to perform an identified function, where such components or systems collectively incorporate one or more different attributes. Examples of such attributes are: different operating conditions, different sizes of equipment, different manufacturers, different working principles and types of equipment that use different physical methods”. 3.1 .2 equipment* one or more parts of a system. An item of equipment is a single definable (and usually removable) element or part of a system [IEC 61 226] 3.1 .3 function* a specific purpose or objective to be accomplished, that can be specified or described without reference to the physical means of achieving it [IEC 61 226] 3.1 .4 functionality a qualitative indication of the range or scope of the functions that a system or item of equipment can carry out. A system that can carry out many complex functions has a “high functionality”; a system that can only carry out a few simple functions has a “low functionality” [IEC 61 226] 3.1 .5 I&C FSE important for safety* the I&C FSE that comprise: a) those I&C FSE whose malfunction or failure could lead to undue radiation exposure of the site personnel or members of the public; b) those I&C FSE that prevent anticipated operational occurrences from leading to a significant sequence; c) those I&C FSE that mitigate the consequences of malfunction or failure of structures, systems, or components [IEC 61 226]