Search Options | ||||
Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us |
|
Diversity and Defense in Depth in Digital Instrumentation and ControlsEach safety system in an NRC-licensed nuclear plant or other facility must operate regardless of failures from within or outside the safety system. The NRC regulations establishing this requirement are found in Title 10, Part 50, “Domestic Licensing of Production and Utilization Facilities,” of the Code of Federal Regulations (10 CFR Part 50). General Design Criteria for Diversity and Defense in DepthIn particular, General Design Criterion (GDC) 21, “Protection System Reliability and Testability,” in 10 CFR Part 50 requires in part that “…(1) no single failure results in the loss of the protection system….” In addition, GDC 22, “Protection System Independence,” requires that
These GDCs mandate diverse design features to minimize the possibility of a common-cause failure (CCF) that could result in the loss of a protection function. Nuclear power plant safety system designs rely on three design principles to compensate for failures that could degrade safety system reliability, specifically
Ensuring Against Common-Cause FailureIndustry experience with digital I&C systems has shown that reliance upon quality assurance processes alone has not been adequately effective at preventing CCFs even in high-integrity digital systems. Unanticipated CCFs are more likely in digital systems than in analog systems. Therefore, it is also more important to ensure that digital technology is applied in a manner that addresses functional defense-in-depth, functional diversity, and system diversity features. Additionally, it is necessary to confirm that CCF vulnerabilities are not introduced when a system is modified. |
Privacy Policy |
Site Disclaimer |