NUCLEAR POWER PLANTS - INSTRUMENTATION AND CONTROL SYSTEMS IMPORTANT TO SAFETY - REQUIREMENTS FOR COPING WITH COMMON CAUSE FAILURE (CCF)
International Electrotechnical Committee
INTRODUCTION<br>1 Scope<br>2 Normative references<br>3 Terms and definitions<br>4 Abbreviations<br>5 Conditions and strategy to cope with CCF<br> 5.1 General<br> 5.2 Characteristics of CCF<br> 5.3 Principal mechanisms for CCF of digital I&C systems<br> 5.4 Conditions to defend against CCF of individual <br> I&C systems<br> 5.5 Design strategy to overcome CCF<br>6 Requirements to overcome faults in the requirements <br> specification<br> 6.1 Deriving the requirements specification for the <br> I&C from the plant safety design base<br> 6.2 Application of the defence-in-depth principle <br> and functional diversity<br> 6.3 CCF related issues at existing plants<br>7 Design measures to prevent coincidental failure of <br> I&C systems<br> 7.1 The principle of independence<br> 7.2 Design of independent I&C systems<br> 7.3 Application of functional diversity<br> 7.4 Avoidance of failure propagation via <br> communications paths<br> 7.5 Design measures against system failure due to <br> maintenance activities<br> 7.6 Integrity of I&C system hardware<br> 7.7 Precaution against dependencies from external dates or <br> messages<br> 7.8 Assurance of physical separation and environmental <br> robustness<br>8 Tolerance against postulated latent software faults<br>9 Requirements to avoid system failure due to maintenance <br> during operation<br>Annex A (informative) - Relation between IEC 60880 <br> and this standard
Gives requirements and recommendations for the overall architecture of I&C systems, which may contain either or both technologies.
| Document Type | Standard |
| Status | Current |
| Publisher | International Electrotechnical Committee |
| Committee | TC 45 |
