CENELEC - EN 60671
Nuclear power plants - Instrumentation and control systems important to safety - Surveillance testing
|Publication Date:||1 August 2011|
|ICS Code (Nuclear power plants. Safety):||27.120.20|
Where functional reliability is required by general safety standards, one aspect of demonstrating this reliability is testing performed on-line during plant operation or during plant shutdown in preparation for return to power operation.
This standard lays down principles for testing I&C systems performing category A, B and C functions, per IEC 61226, during normal power operation and shutdown, so as to check the functional availability especially with regard to the detection of faults that could prevent the proper operation of the functions important to safety. It covers the possibility of testing at short intervals or continuous surveillance, as well as periodic testing at longer intervals. It also establishes basic rules for the design and application of the test equipment and its interface with the systems important to safety. Further, the effect of any test equipment failure on the reliability of the I&C systems is considered.
Types of surveillance tests may include:
- self-tests for I&C equipment;
- test of a group of equipment or components to confirm properties that support the safety function (continuity, power availability, etc.);
- test based on information redundancy or comparison of control signatures (consistency checking for redundant sensors, CRC-checking, Checksum, etc.);
- periodic testing which is related to the correctness of functional behaviour of an I&C system.
The dependability targets of any I&C system is reached using an appropriate combination of tests of the form indicated above.
The extent of the I&C system to be tested is from the interface of the sensors with the process through to the actuation devices (see Figure 1). It is applicable to the installed I&C systems as well as to temporary installations which are part of those I&C systems important to safety (for example, auxiliary equipment for commissioning tests and experiments). This standard also applies to individual electromechanical equipment, such as relays and solenoid actuators.
Additional testing and inspections may be performed on I&C equipment for purposes other than the demonstration of functional capability, such as to optimise preventive maintenance, etc. Such tests are beyond the scope of this standard; however, they may be combined with the surveillance testing discussed herein.
For any on-line tests the potential interaction and fault dependencies between the part of the system under test and the testing part, have to be carefully studied and their influences have to be fully integrated into the reliability assessment of the functions important to safety (in accordance with IEC 61513).
This standard applies to the I&C of new nuclear power plants as well as to I&C upgrading or back-fitting of existing plants. For I&C upgrades, only a subset of the requirements may be applicable; this subset is to be identified at the beginning of any project.