1、 IEC 60987Edition 2.0 2007-08INTERNATIONAL STANDARD NORME INTERNATIONALENuclear power plants Instrumentation and control important to safety Hardware design requirements for computer-based systems Centrales nuclaires de puissance Instrumentation et contrle-commande importants pour la sret Exigences
2、applicables la conception du matriel des systmes informatiss IEC60987:2007THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2007 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
3、 or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IECs member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contac
4、t the address below or your local IEC member National Committee for further information. Droits de reproduction rservs. Sauf indication contraire, aucune partie de cette publication ne peut tre reproduite ni utilise sous quelque forme que ce soit et par aucun procd, lectronique ou mcanique, y compri
5、s la photocopie et les microfilms, sans laccord crit de la CEI ou du Comit national de la CEI du pays du demandeur. Si vous avez des questions sur le copyright de la CEI ou si vous dsirez obtenir des droits supplmentaires sur cette publication, utilisez les coordonnes ci-aprs ou contactez le Comit n
6、ational de la CEI de votre pays de rsidence. IEC Central Office 3, rue de Varemb CH-1211 Geneva 20 Switzerland Email: inmailiec.ch Web: www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards
7、for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. Catalogue of IEC publications
8、: www.iec.ch/searchpub The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,). It also gives information on projects, withdrawn and replaced publications. IEC Just Published: www.iec.ch/online_news/justpub Stay up to date on all new IE
9、C publications. Just Published details twice a month all new publications released. Available on-line and also by email. Electropedia: www.electropedia.org The worlds leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions in English and French,
10、 with equivalent terms in additional languages. Also known as the International Electrotechnical Vocabulary online. Customer Service Centre: www.iec.ch/webstore/custserv If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service Centre FAQ
11、or contact us: Email: csciec.ch Tel.: +41 22 919 02 11 Fax: +41 22 919 03 00 A propos de la CEI La Commission Electrotechnique Internationale (CEI) est la premire organisation mondiale qui labore et publie des normes internationales pour tout ce qui a trait llectricit, llectronique et aux technologi
12、es apparentes. A propos des publications CEI Le contenu technique des publications de la CEI est constamment revu. Veuillez vous assurer que vous possdez ldition la plus rcente, un corrigendum ou amendement peut avoir t publi. Catalogue des publications de la CEI: www.iec.ch/searchpub/cur_fut-f.htm
13、Le Catalogue en-ligne de la CEI vous permet deffectuer des recherches en utilisant diffrents critres (numro de rfrence, texte, comit dtudes,). Il donne aussi des informations sur les projets et les publications retires ou remplaces. Just Published CEI: www.iec.ch/online_news/justpub Restez inform su
14、r les nouvelles publications de la CEI. Just Published dtaille deux fois par mois les nouvelles publications parues. Disponible en-ligne et aussi par email. Electropedia: www.electropedia.org Le premier dictionnaire en ligne au monde de termes lectroniques et lectriques. Il contient plus de 20 000 t
15、ermes et dfinitions en anglais et en franais, ainsi que les termes quivalents dans les langues additionnelles. Egalement appel Vocabulaire Electrotechnique International en ligne. Service Clients: www.iec.ch/webstore/custserv/custserv_entry-f.htm Si vous dsirez nous donner des commentaires sur cette
16、 publication ou si vous avez des questions, visitez le FAQ du Service clients ou contactez-nous: Email: csciec.ch Tl.: +41 22 919 02 11 Fax: +41 22 919 03 00 IEC 60987Edition 2.0 2007-08INTERNATIONAL STANDARD NORME INTERNATIONALENuclear power plants Instrumentation and control important to safety Ha
17、rdware design requirements for computer-based systems Centrales nuclaires de puissance Instrumentation et contrle-commande importants pour la sret Exigences applicables la conception du matriel des systmes informatiss INTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION ELECTROTECHNIQUE INTERNATIONA
18、LE VICS 27.120.20 PRICE CODECODE PRIXISBN 2-8318-9285-6 2 60987 IEC:2007 CONTENTS FOREWORD.4 INTRODUCTION.6 1 Scope.8 1.1 General .8 1.2 Use of this standard for pre-developed (for example, COTS) hardware assessment .8 1.3 Applicability of this standard to programmable logic devices development.9 2
19、Normative references .9 3 Terms and definitions .10 4 Project structure .12 4.1 General .12 4.2 Project subdivision 12 4.3 Quality assurance .12 5 Hardware requirements 13 5.1 General .13 5.2 Functional and performance requirements.14 5.3 Reliability/Availability requirements .15 5.4 Environmental w
20、ithstand requirements 16 5.5 Documentation requirements.16 6 Design and development 17 6.1 General .17 6.2 Design activities 17 6.3 Reliability 18 6.4 Maintenance18 6.5 Interfaces 19 6.6 Modification.19 6.7 Power failure .19 6.8 Component selection.19 6.9 Design documentation.19 7 Verification and v
21、alidation 20 7.1 General .20 7.2 Verification plan 20 7.3 Independence of verification21 7.4 Methods 21 7.5 Documentation 22 7.6 Discrepancies22 7.7 Changes and modifications .22 7.8 Installation verification.22 7.9 Validation 22 7.10 Verification of pre-existing equipment platforms 22 8 Qualificati
22、on .23 9 Manufacture .23 10 Installation and commissioning .23 11 Maintenance.23 11.1 Maintenance requirements 24 60987 IEC:2007 3 11.2 Failure data.24 11.3 Maintenance documentation25 12 Modification26 13 Operation .26 Annex A (informative) Overview of system life cycle 27 Annex B (informative) Out
23、line of qualification.28 Annex C (informative) Example of maintenance procedure 29 Bibliography30 4 60987 IEC:2007 INTERNATIONAL ELECTROTECHNICAL COMMISSION _ NUCLEAR POWER PLANTS INSTRUMENTATION AND CONTROL IMPORTANT TO SAFETY HARDWARE DESIGN REQUIREMENTS FOR COMPUTER-BASED SYSTEMS FOREWORD 1) The
24、International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international co-operation on all questions concerning standardization in the electrical and
25、electronic fields. To this end and in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their preparation is entrusted to technical comm
26、ittees; any IEC National Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non-governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely with the International Organization fo
27、r Standardization (ISO) in accordance with conditions determined by agreement between the two organizations. 2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee
28、 has representation from all interested IEC National Committees. 3) IEC Publications have the form of recommendations for international use and are accepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC Publications is acc
29、urate, IEC cannot be held responsible for the way in which they are used or for any misinterpretation by any end user. 4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications transparently to the maximum extent possible in their national and regio
30、nal publications. Any divergence between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter. 5) IEC provides no marking procedure to indicate its approval and cannot be rendered responsible for any equipment declared to be in conformit
31、y with an IEC Publication. 6) All users should ensure that they have the latest edition of this publication. 7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and members of its technical committees and IEC National Committees for any pe
32、rsonal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications. 8) Attention is drawn to the Normative r
33、eferences cited in this publication. Use of the referenced publications is indispensable for the correct application of this publication. 9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent rights. IEC shall not be held responsible
34、for identifying any or all such patent rights. International Standard IEC 60987 has been prepared by subcommittee 45A: Instrumentation and control of nuclear facilities, of IEC technical committee 45: Nuclear instrumentation. This second edition cancels and replaces the first edition published in 19
35、89. This edition includes the following significant technical changes with respect to the previous edition: account has been taken of the fact that computer design engineering techniques have advanced significantly in the intervening years; update of the format to align with the current IEC/ISO dire
36、ctives on the style of standards; alignment of the standard with the new revisions of IAEA documents NS-R-1 and NS-G-1.3, which includes as far as possible an adaptation of the definitions; 60987 IEC:2007 5 replacement, as far as possible, of the requirements associated with standards published sinc
37、e the first edition, especially IEC 61513, IEC 60880, edition 2, and IEC 62138; review of the existing requirements and updating of the terminology and definitions. The text of this standard is based on the following documents: FDIS Report on voting 45A/662/FDIS 45A/666/RVDFull information on the vo
38、ting for the approval of this standard can be found in the report on voting indicated in the above table. This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. The committee has decided that the contents of this publication will remain unchanged until the maintenance r
39、esult date indicated on the IEC web site under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, the publication will be reconfirmed, withdrawn, replaced by a revised edition, or amended. 6 60987 IEC:2007 INTRODUCTION a) Technical background, main issues and orga
40、nization of the standard The basic principles for the design of nuclear instrumentation, as specifically applied to the safety systems of nuclear power plants, were first interpreted in nuclear standards with reference to hardwired systems in IAEA Safety Guide 50-SG-D3 which has been superseded by I
41、AEA Guide NS-G-1.3. IEC 60987 was first issued in 1989 to cover the hardware aspects of digital systems design for systems important to safety, i.e. safety systems and safety-related systems. Although many of the requirements within the original issue continue to be relevant, there were significant
42、factors which justified the development of this revised edition of IEC 60987, in particular: a new standard has been produced which addresses in detail the general requirements for nuclear systems important to safety (IEC 61513); the use of pre-developed system platforms, rather than bespoke develop
43、ments, has increased significantly. b) Situation of the current standard in the structure of the IEC SC 45A standard series The first-level IEC SC 45A standard for computer-based systems important to safety in nuclear power plants (NPPs) is IEC 61513. IEC 60987 is a second-level IEC SC 45A standard
44、which addresses the generic issue of hardware design of computerized systems. IEC 60880 and IEC 62138 are second-level standards which together cover the software aspects of computer-based systems used to perform functions important to safety in NPPs. IEC 60880 and IEC 62138 make direct reference to
45、 IEC 60987 for hardware design. The requirements of IEC 60780 for equipment qualification are referenced within IEC 60987. For modules to be used in the design of a specific system important to safety, relevant and auditable operating experience from nuclear or other applications as described in IEC
46、 60780, in combination with the application of rigorous quality assurance programmes, may be an acceptable method of qualification. For more details on the structure of the SC 45A standard series, see item d) of this introduction. c) Recommendations and limitations regarding the application of the s
47、tandard It is important to note that this standard establishes no additional functional requirements for Class 1 or Class 2 systems (see IEC 61513 for system classification requirements). Aspects for which special recommendations have been produced (so as to assure the production of highly reliable
48、systems), are: a general approach to computing hardware development; a general approach to hardware verification and to the hardware aspects of computer system validation. 60987 IEC:2007 7 It is recognized that computer technology is continuing to develop and that it is not possible for a standard s
49、uch as this to include references to all modern design technologies and techniques. To ensure that the standard will continue to be relevant in future years the emphasis has been placed on issues of principle, rather than specific hardware design technologies. If new design techniques are developed then it should be possible to assess the suitability of such techniques by adapting and applying t
