1、 IEC/TR 61838 Edition 2.0 2009-12 TECHNICAL REPORT RAPPORT TECHNIQUE Nuclear power plants Instrumentation and control important to safety Use of probabilistic safety assessment for the classification of functions Centrales nuclaires de puissance Instrumentation et contrle-commande importants pour la
2、 sret Utilisation des valuations probabilistes de sret pour le classement des fonctions IEC/TR 61838:2009 colour inside THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2009 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or ut
3、ilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IECs member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additi
4、onal rights to this publication, please contact the address below or your local IEC member National Committee for further information. Droits de reproduction rservs. Sauf indication contraire, aucune partie de cette publication ne peut tre reproduite ni utilise sous quelque forme que ce soit et par
5、aucun procd, lectronique ou mcanique, y compris la photocopie et les microfilms, sans laccord crit de la CEI ou du Comit national de la CEI du pays du demandeur. Si vous avez des questions sur le copyright de la CEI ou si vous dsirez obtenir des droits supplmentaires sur cette publication, utilisez
6、les coordonnes ci-aprs ou contactez le Comit national de la CEI de votre pays de rsidence. IEC Central Office 3, rue de Varemb CH-1211 Geneva 20 Switzerland Email: inmailiec.ch Web: www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that p
7、repares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have
8、 been published. Catalogue of IEC publications: www.iec.ch/searchpub The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,). It also gives information on projects, withdrawn and replaced publications. IEC Just Published: www.iec.ch/onl
9、ine_news/justpub Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available on-line and also by email. Electropedia: www.electropedia.org The worlds leading online dictionary of electronic and electrical terms containing more than 20 00
10、0 terms and definitions in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical Vocabulary online. Customer Service Centre: www.iec.ch/webstore/custserv If you wish to give us your feedback on this publication or need further assistance,
11、 please visit the Customer Service Centre FAQ or contact us: Email: csciec.ch Tel.: +41 22 919 02 11 Fax: +41 22 919 03 00 A propos de la CEI La Commission Electrotechnique Internationale (CEI) est la premire organisation mondiale qui labore et publie des normes internationales pour tout ce qui a tr
12、ait llectricit, llectronique et aux technologies apparentes. A propos des publications CEI Le contenu technique des publications de la CEI est constamment revu. Veuillez vous assurer que vous possdez ldition la plus rcente, un corrigendum ou amendement peut avoir t publi. Catalogue des publications
13、de la CEI: www.iec.ch/searchpub/cur_fut-f.htm Le Catalogue en-ligne de la CEI vous permet deffectuer des recherches en utilisant diffrents critres (numro de rfrence, texte, comit dtudes,). Il donne aussi des informations sur les projets et les publications retires ou remplaces. Just Published CEI: w
14、ww.iec.ch/online_news/justpub Restez inform sur les nouvelles publications de la CEI. Just Published dtaille deux fois par mois les nouvelles publications parues. Disponible en-ligne et aussi par email. Electropedia: www.electropedia.org Le premier dictionnaire en ligne au monde de termes lectroniqu
15、es et lectriques. Il contient plus de 20 000 termes et dfinitions en anglais et en franais, ainsi que les termes quivalents dans les langues additionnelles. Egalement appel Vocabulaire Electrotechnique International en ligne. Service Clients: www.iec.ch/webstore/custserv/custserv_entry-f.htm Si vous
16、 dsirez nous donner des commentaires sur cette publication ou si vous avez des questions, visitez le FAQ du Service clients ou contactez-nous: Email: csciec.ch Tl.: +41 22 919 02 11 Fax: +41 22 919 03 00 IEC/TR 61838 Edition 2.0 2009-12 TECHNICAL REPORT RAPPORT TECHNIQUE Nuclear power plants Instrum
17、entation and control important to safety Use of probabilistic safety assessment for the classification of functions Centrales nuclaires de puissance Instrumentation et contrle-commande importants pour la sret Utilisation des valuations probabilistes de sret pour le classement des fonctions INTERNATI
18、ONAL ELECTROTECHNICAL COMMISSION COMMISSION ELECTROTECHNIQUE INTERNATIONALE XB ICS 27.120.20 PRICE CODE CODE PRIX ISBN 2-8318-1071-7 Registered trademark of the International Electrotechnical Commission Marque dpose de la Commission Electrotechnique Internationale colour inside 2 TR 61838 IEC:2009 C
19、ONTENTS FOREWORD.4 INTRODUCTION.6 1 Scope.10 2 Normative references .10 3 Terms and definitions .11 4 Abbreviations .14 5 Limitations regarding the use of individual approaches alone .14 5.1 General .14 5.2 Limitations regarding the use of a PSA-related approach alone.14 5.3 Limitations regarding th
20、e use of the deterministic role-based approach alone15 6 Open issues regarding categorisation.16 6.1 General .16 6.2 Why categorize: To determine requirements, or do requirements determine the category? 16 6.3 To what degree are risk-based and probabilistic methods already used implicitly? 18 6.4 Ho
21、w precise do PSA results need to be?.18 7 Current practices in some member states.19 7.1 General .19 7.2 Brief summaries 19 7.3 More detailed explanations20 8 A survey of risk-related techniques of categorisation 23 8.1 General .23 8.2 Approach 1: Time and reactor states based approach .25 8.2.1 Cat
22、egorisation of FSE during the design phase .25 8.2.2 Impact of safety reviews on categorisation 29 8.3 Approach 2: Quantitative importance based approach .29 8.3.1 General .29 8.3.2 Quantitative assignment criteria.30 8.3.3 Quantitative criteria .30 8.3.4 Category assignment.32 8.3.5 Classification
23、procedure 32 8.3.6 Determination of requirements.33 8.4 Approach 3: Consequence mitigation based approach33 8.4.1 History: A dual licensing requirement leading to the probabilistic approach .33 8.4.2 Current probabilistic targets.33 8.4.3 Classification of safety-related systems.34 8.4.4 Application
24、 of design requirements34 8.4.5 Purpose of categorisation35 8.4.6 Categorisation principles .35 8.4.7 Categorisation methodology 36 8.5 Approach 4: Combined deterministic-probabilistic approach Bbased on NS- R-137 8.5.1 General .37 8.5.2 Basis for the historical approach38 TR 61838 IEC:2009 3 8.5.3
25、Plant state basis38 8.5.4 Defence in depth considerations40 8.5.5 Basis for classification Based on IEC 61226 .40 8.5.6 Application of IEC 61226 .41 8.5.7 Safety classification methodology42 8.5.8 Deterministic criteria for safety function categories43 8.5.9 Other classification considerations 44 8.
26、5.10 Worked example45 8.5.11 Conclusion 46 8.6 Approach 5: Application of risk methodologies in U.S.A. nuclear regulation.46 9 Comparison of risk-related categorisation results .48 9.1 CANDU plant stepback function.48 9.1.1 Problem statement 48 9.1.2 Solution using approach 3 .49 9.1.3 Comparisons w
27、ith other methods.50 9.2 Conclusions arising from the use of various approaches .50 Annex A (informative) The use of PSA: methods and results52 Annex B (informative) Approach 6: Role-Reliability-Timeframe based approach.55 Bibliography59 Figure 1 Historical plant states and allowed releases .38 Figu
28、re 2 Plant states and allowed releases 39 Figure 3 Reliability requirements for state transition barriers40 Figure 4 Categories required to maintain plant states 41 Figure 5 RISC Categories 47 Figure 6 Event sequence and layer protection identification.49 Table 1 Classification of I any IEC National
29、 Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non- governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for Standardization (ISO)
30、 in accordance with conditions determined by agreement between the two organizations. 2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee has representation fro
31、m all interested IEC National Committees. 3) IEC Publications have the form of recommendations for international use and are accepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC Publications is accurate, IEC cannot be he
32、ld responsible for the way in which they are used or for any misinterpretation by any end user. 4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications transparently to the maximum extent possible in their national and regional publications. Any d
33、ivergence between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter. 5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity assessment services and, in some areas, access to I
34、EC marks of conformity. IEC is not responsible for any services carried out by independent certification bodies. 6) All users should ensure that they have the latest edition of this publication. 7) No liability shall attach to IEC or its directors, employees, servants or agents including individual
35、experts and members of its technical committees and IEC National Committees for any personal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication, use of, or reliance upon, this I
36、EC Publication or any other IEC Publications. 8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is indispensable for the correct application of this publication. 9) Attention is drawn to the possibility that some of the elements of this I
37、EC Publication may be the subject of patent rights. IEC shall not be held responsible for identifying any or all such patent rights. The main task of IEC technical committees is to prepare International Standards. However, a technical committee may propose the publication of a technical report when
38、it has collected data of a different kind from that which is normally published as an International Standard, for example “state of the art“. IEC 61838, which is a technical report, has been prepared by subcommittee 45A: Instrumentation and control of nuclear facilities, of IEC technical committee 4
39、5: Nuclear instrumentation. This second edition cancels and replaces the first edition published in 2001. The main technical changes with regard to the previous edition are as follows: to update references taking into account standards published since issue 1; to update the terminology; TR 61838 IEC
40、:2009 5 to take into account the progress done concerning the use of PSA for classification since issue 1. The text of this technical report is based on the following documents: Enquiry draft Report on voting 45A/766/DTR 45A/779A/RVC Full information on the voting for the approval of this technical
41、report can be found in the report on voting indicated in the above table. This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. The committee has decided that the contents of this publication will remain unchanged until the maintenance result date indicated on the IEC
42、web site under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, the publication will be reconfirmed, withdrawn, replaced by a revised edition, or amended. IMPORTANT The colour inside logo on the cover page of this publication indicates that it contains colours w
43、hich are considered to be useful for the correct understanding of its contents. Users should therefore print this document using a colour printer. 6 TR 61838 IEC:2009 INTRODUCTION a) Technical background, main issues and organisation of the Technical Report IEC 61226 “Nuclear power plants Instrument
44、ation and control systems important for safety Classification“ was published in 1993, and revised in 2005 and 2009. The need to classify instrumentation and control functions on nuclear power plants now originates from an International Atomic Energy Agency (IAEA) requirement stated in Standard NS-R-
45、1, clause 5.2. IEC 61226 emphasizes that it is the functions, which must be classified early in the design phase so that the degree of importance to safety of each function is determined. At the design stage, I this is not the case in other countries. The release in 2000 of IAEA NS-R-1 and in 2002 o
46、f NS-G-1.3 has highlighted the requirement to factor engineering judgement and probabilistic criteria into the process of categorisation. For several years, how a risk based classification scheme could be incorporated into IEC 61226 to meet this requirement has been the topic of discussion. As indic
47、ated above, there are significant differences in the use of risk assessments throughout the world, which leads to several questions when drafting an International Standard, namely: 1) Should a risk-based classification scheme be acceptable in place of the deterministic approach? If so, what are the
48、requirements (especially regarding the standard of modelling and the validity of data) that must be applied? 2) If a risk-based classification leads to different classifications of FSE compared to the deterministic approach, which should take precedence? 3) Should the two approaches be used together
49、 in order to gain the maximum benefit? The deterministic approach is based on sound, well-proven nuclear safety principles, which people are comfortable with. Risk assessment results could lead to the classification of specific I&C functions being upgraded or downgraded (because of plant-specific design features). Should this upgrading or downgrading be limited in some way? 4) Should the use of risk ass
