1、BSI Standards Publication Nuclear power plants Instrumentation and control systems important to safety Use of Failure Mode and Effects Analysis (FMEA) and related methods to support the justification of systems PD IEC/TR 62987:2015National foreword This Published Document is the UK implementation of
2、 IEC/TR 62987:2015. The UK participation in its preparation was entrusted to Technical Committee NCE/8, Reactor instrumentation. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provision
3、s of a contract. Users are responsible for its correct application. The British Standards Institution 2015. Published by BSI Standards Limited 2015 ISBN 978 0 580 89868 6 ICS 27.120.20 Compliance with a British Standard cannot confer immunity from legal obligations. This Published Document was publi
4、shed under the authority of the Standards Policy and Strategy Committee on 30 September 2015. Amendments/corrigenda issued since publication Date Text affected PUBLISHED DOCUMENT PD IEC/TR 62987:2015 IEC TR 62987 Edition 1.0 2015-09 TECHNICAL REPORT Nuclear power plants Instrumentation and control s
5、ystems important to safety Use of Failure Mode and Effects Analysis (FMEA) and related methods to support the justification of systems INTERNATIONAL ELECTROTECHNICAL COMMISSION ICS 27.120.20 ISBN 978-2-8322-2886-9 Registered trademark of the International Electrotechnical Commission Warning! Make su
6、re that you obtained this publication from an authorized distributor. colour inside PD IEC/TR 62987:2015 2 IEC TR 62987:2015 IEC 2015 CONTENTS FOREWORD . 3 INTRODUCTION . 5 1 Scope 7 2 Normative references 7 3 Terms and definitions 8 4 References to FMEA in published standards 8 4.1 General . 8 4.2
7、IEC standards . 8 4.2.1 IEC 60812 . 8 4.2.2 IEC 61513 . 9 4.2.3 IEC 61226 . 9 4.3 Other standards 9 4.3.1 General . 9 4.3.2 IEEE Std 7-4.3.2-2003 . 9 4.3.3 ANSI/IEEE Std 352-1987 . 9 4.3.4 IEEE Std 577-2004 10 5 Scope of application of FMEA 10 5.1 Relationships to other methods . 10 5.2 Analysis sub
8、jects 10 5.3 Common cause failure 10 6 Examples of applications . 11 6.1 General . 11 6.2 Replacement items . 11 6.3 Survey results . 12 7 Industry practice and regulatory relevance 12 7.1 General . 12 7.2 France 12 7.2.1 Experience of practice for FMEA records authority (licensing) . 12 7.2.2 Board
9、-level FMEA 13 7.2.3 System-level FMEA . 14 7.2.4 Subset-level FMEA 15 7.2.5 Tools to support FMEA 16 7.2.6 Current research 17 7.2.7 Dissemination of FMEA practice 17 7.3 United Kingdom 18 7.4 United States 18 8 Conclusions . 19 Annex A (informative) Standardized form used in survey 20 Bibliography
10、 21 Figure 1 Safety case studies including FMEAs . 13 PD IEC/TR 62987:2015IEC TR 62987:2015 IEC 2015 3 INTERNATIONAL ELECTROTECHNICAL COMMISSION _ NUCLEAR POWER PLANTS INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY USE OF FAILURE MODE AND EFFECTS ANALYSIS (FMEA) AND RELATED METHODS TO SUPPO
11、RT THE JUSTIFICATION OF SYSTEMS FOREWORD 1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international co-operation on all questions c
12、oncerning standardization in the electrical and electronic fields. To this end and in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”).
13、Their preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non- governmental organizations liaising with the IEC also participate in this preparation. IEC collaborat
14、es closely with the International Organization for Standardization (ISO) in accordance with conditions determined by agreement between the two organizations. 2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international consensus of opinion on the
15、 relevant subjects since each technical committee has representation from all interested IEC National Committees. 3) IEC Publications have the form of recommendations for international use and are accepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that
16、 the technical content of IEC Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any misinterpretation by any end user. 4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications transparently to the ma
17、ximum extent possible in their national and regional publications. Any divergence between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter. 5) IEC itself does not provide any attestation of conformity. Independent certification bodie
18、s provide conformity assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any services carried out by independent certification bodies. 6) All users should ensure that they have the latest edition of this publication. 7) No liability shall attach to I
19、EC or its directors, employees, servants or agents including individual experts and members of its technical committees and IEC National Committees for any personal injury, property damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and e
20、xpenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications. 8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is indispensable for the correct application of this publication. 9) A
21、ttention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent rights. IEC shall not be held responsible for identifying any or all such patent rights. The main task of IEC technical committees is to prepare International Standards. However, a tec
22、hnical committee may propose the publication of a technical report when it has collected data of a different kind from that which is normally published as an International Standard, for example “state of the art“. IEC TR 62987, which is a technical report, has been prepared by subcommittee 45A: Inst
23、rumentation, control and electrical systems of nuclear facilities, of IEC technical committee 45: Nuclear instrumentation. The text of this technical report is based on the following documents: Enquiry draft Report on voting 45A/1006/DTR 45A/1028/RVC Full information on the voting for the approval o
24、f this technical report can be found in the report on voting indicated in the above table. PD IEC/TR 62987:2015 4 IEC TR 62987:2015 IEC 2015 This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. The committee has decided that the contents of this publication will remai
25、n unchanged until the stability date indicated on the IEC website under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, the publication will be reconfirmed, withdrawn, replaced by a revised edition, or amended. A bilingual version of this publication may be iss
26、ued at a later date. IMPORTANT The colour inside logo on the cover page of this publication indicates that it contains colours which are considered to be useful for the correct understanding of its contents. Users should therefore print this document using a colour printer. PD IEC/TR 62987:2015IEC T
27、R 62987:2015 IEC 2015 5 INTRODUCTION a) Technical background, main issues and organisation of the Technical Report Failure mode and effects analysis (FMEA) is a qualitative method of reliability analysis that may be applied to many different types of systems. It is an inductive method of performing
28、system reliability or safety analysis from a low to a high level (IEC 60812). There is a need to provide guidance on nuclear-specific issues, for example common cause failure and meeting the single failure criteria, when applying failure mode and effects analysis (FMEA) and related methods to instru
29、mentation and control systems important to safety in nuclear power plants. The information gathered in the development of this technical report was used to determine if the topic can be standardised. If a positive conclusion was reached the intent was to produce a scope and a first draft CD of a sta
30、ndard. Such a standard would use IEC 60812 as its basis and provide guidance specific to the nuclear industry for implementing IEC 60812. The conclusion in this technical report is that the topic is not yet amenable to standardisation, however, additional development of the topic by the committee wo
31、uld be beneficial and could result in a standard at a later date. This Technical Report identifies international standards applicable to nuclear power plant instrumentation and control systems that invoke FMEA as a method. It describes the contexts in which the standards invoke FMEA. The Technical R
32、eport describes how FMEA and associated methods have been applied to nuclear power plant instrumentation and control systems important to safety and to systems with similar attributes. The examples are followed by descriptions of the response of regulators to the use of FMEA and related methods in r
33、egulatory processes. The examples and regulatory experiences are based on a survey of and contributions by participating national committees. A bibliography is provided for further reference. b) Situation of the current Technical Report in the structure of the IEC SC 45A standard series IEC TR 62987
34、 as a technical report is a fourth level IEC SC 45A document. For more details on the structure of the IEC SC 45A standard series, see item d) of this introduction. c) Recommendations and limitations regarding the application of the Technical Report It is important to note that a technical report is
35、 entirely informative in nature. It gathers data collected from different origins and it establishes no requirements. d) Description of the structure of the IEC SC 45A standard series and relationships with other IEC documents and other bodies documents (IAEA, ISO) The top-level document of the IEC
36、SC 45A standard series is IEC 61513. It provides general requirements for I&C systems and equipment that are used to perform functions important to safety in NPPs. IEC 61513 structures the IEC SC 45A standard series. IEC 61513 refers directly to other IEC SC 45A standards for general topics related
37、to categorization of functions and classification of systems, qualification, separation of systems, defence against common cause failure, software aspects of computer-based systems, hardware aspects of computer-based systems, and control room design. The standards referenced directly at this second
38、level should be considered together with IEC 61513 as a consistent document set. At a third level, IEC SC 45A standards not directly referenced by IEC 61513 are standards related to specific equipment, technical methods, or specific activities. Usually these documents, which make reference to second
39、-level documents for general topics, can be used on their own. A fourth level extending the IEC SC 45A standard series, corresponds to the Technical Reports which are not normative. IEC 61513 has adopted a presentation format similar to the basic safety publication IEC 61508 with an overall safety l
40、ife-cycle framework and a system life-cycle framework. Regarding nuclear safety, it provides the interpretation of the general requirements of IEC 61508-1, IEC 61508-2 and IEC 61508-4, for the nuclear application sector, regarding PD IEC/TR 62987:2015 6 IEC TR 62987:2015 IEC 2015 nuclear safety. In
41、this framework IEC 60880 and IEC 62138 correspond to IEC 61508-3 for the nuclear application sector. IEC 61513 refers to ISO as well as to IAEA GS-R-3 and IAEA GS-G-3.1 and IAEA GS-G-3.5 for topics related to quality assurance (QA). The IEC SC 45A standards series consistently implements and details
42、 the principles and basic safety aspects provided in the IAEA code on the safety of NPPs and in the IAEA safety series, in particular the Requirements SSR-2/1, establishing safety requirements related to the design of Nuclear Power Plants, and the Safety Guide IAEA NS-G-1.3 dealing with instrumentat
43、ion and control systems important to safety in Nuclear Power Plants. The terminology and definitions used by SC 45A standards are consistent with those used by the IAEA. NOTE It is assumed that for the design of I&C systems in NPPs that implement conventional safety functions (e.g. to address worker
44、 safety, asset protection, chemical hazards, process energy hazards) international or national standards would be applied, that are based on the requirements of a standard such as IEC 61508. PD IEC/TR 62987:2015IEC TR 62987:2015 IEC 2015 7 NUCLEAR POWER PLANTS INSTRUMENTATION AND CONTROL SYSTEMS IMP
45、ORTANT TO SAFETY USE OF FAILURE MODE AND EFFECTS ANALYSIS (FMEA) AND RELATED METHODS TO SUPPORT THE JUSTIFICATION OF SYSTEMS 1 Scope This Technical Report provides guidance on nuclear-specific issues when applying Failure Mode and Effects Analysis (FMEA) and related methods to instrumentation and co
46、ntrol systems important to safety in nuclear power plants. The information in this Technical Report complements, for nuclear power plant applications, the procedure for FMEA in IEC 60812. This Technical Report attempts to provide information, in the context of applications to nuclear power plant ins
47、trumentation and control systems important to safety, on: terminology used in FMEA processes, benefits of using FMEA, shortcomings and limitations of FMEA methods, anticipated outcomes of and claims to be made from application of FMEA, relationships to other analysis methods used in establishing the
48、 safety / reliability of nuclear power plant designs, typical FMEA process inputs, typical FMEA process outputs, typical initiators of FMEA processes, most prevalent uses of FMEA processes, recommended uses of FMEA processes, discouraged uses of FMEA processes, FMEA work product contents and charact
49、eristics, FMEA work product configuration management practices, good practices, supporting tools, specific examples of FMEA use for nuclear power plant licensing, and FMEA references. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including an