IEC - TR 63084
Nuclear power plants – Instrumentation and control important to safety – Platform qualifaction for systems important to safety
|Publication Date:||1 June 2017|
|ICS Code (Nuclear power plants. Safety):||27.120.20|
This Technical report provides an assessment framework and activities for efficient and transparent qualification of I&C platforms for use in nuclear applications important to safety, according to nuclear standards and state of the art. The assessment aims at a prequalification of I&C platforms outside the framework of a specific plant design. Qualification is assumed to be pre-requisite for allowing the particular I&C platform to be used for implementation of the safety classified I&C system. It is to enable parties implementing particular plant specific I&C systems to concentrate on application functions, while for basic system functions to rely on platform qualification.
The I&C platform qualification is based on evaluation of the hardware and software functions provided by the platform ensuring safe and cost-effective life-cycle support of I&C systems. That would include tools for software engineering and software development (software module libraries), code generation, validation, maintenance, etc.
Basic means of equipment qualification, as prescribed by the IEC/IEEE 60780-323, are through analysis, type testing and documented operational experience. Other documents applicable for qualification for nuclear use include IEC 61513, IEC 60880, IEC 62138, IEC 62566, IEC 62671 and IEC 61226.
The features of the I&C platform to be qualified will be identified in requirements on the I&C platform. The requirements can vary, but in essence are based on suppliers' claims on the product scope and functionality. Those claims are normally given in platform documentation such as system descriptions and supplier's requirements for design, implementation, verification & validation. They are all based on the appropriate IEC SC 45A standards and national regulations.
Framework This document is organized as follows:
Clause 5 addresses the role of the platform qualification, including the conceptual design and the documentation constituting the basis for the process of platform qualification.
Clause 6 is the main clause of this document addressing the process and methods of platform qualification. Crucial aspects of documentation and maintenance of the qualification are included.
Clause 7 addresses platform elements necessary for safe and efficient implementation and life cycle support of plant-specific I&C systems.
Aspects of the I&C platform qualification are further developed and exemplified in annexes. Annex A lists licensing issues of the Finnish licensing approach. Annex B discusses the qualification of Areva's TELEPERM XS platform, actualized with notes on qualification from the Finnish Olkiluoto 3 NPP. Annex C discusses the qualification of Westinghouse's FPGA-based platform of modules type ALS (Advanced Logic System). Annex D discusses the qualification of CTEC's digital platform FirmSys for use in systems important to safety in NPP. Annex E discusses the qualification of SOOSAN ENS's POSAFE-Q platform. Annex F discusses the qualification of Rolls-Royce's digital safety I&C platform Spinline in the framework of the type approval for the ELSA project. The five examples given in Annexes B to F are all of platforms developed for nuclear application.