Abstract
In order to improve the capability of dealing with software common cause failure (CCF) of digital reactor protection and monitoring system (RPMS), the diverse actuation system (DAS) is introduced for ACPR1000 nuclear power plants. From economic and feasibility point of view, the solution of DAS sharing with RPMS sensors and actuators is suggested; after capturing the function requirement of DAS, the automatic functions and manual functions assigned to it are determined based on transient analysis of design basic accidents concurrent with software CCF of RPMS. The independent verification proves that the reactor can be fallen back to and maintained at safety shutdown state, thanks to these DAS functions. Insight into probabilistic safety assessment proves significant reductions of risks are contributed. The critical technical issues while implementing DAS, such as measures to ensure its diversity from RPMS, precautions for preventing from its spurious actuation, isolation and independency from RPMS, and its testability and maintainability, are deliberately settled to improve its engineering reliability and alleviate the impact on RPMS as far as possible. Field programmable gate array technology that is diversified from RPMS is chosen to build DAS of ACPR1000 nuclear power plant, and the commissioning test verifies that it is capable of performing its designed functions. At last, a set of DAS-specific, paper-based, and event-oriented emergency operating procedure is developed, verified, and validated. Until now, the DAS system has always been successfully operating in all ACPR1000 nuclear power plants for several years.
Highlights
Anticipated transient without scram (ATWS) is one of the accidents that must be considered in design of nuclear power plants
Compared with the limited several special ATWS scenarios taken into account for CPR1000 nuclear power plants (EDF [18] and Zhang et al [19]), the ATWS scenarios for ACPR1000 nuclear power plant tend to comprehensively cover the scenarios that all design-basis accidents (DBA) concurrent with failure of reactor trip (RT) as long as it may trigger RT or actuate engineered safety features (ESF). is paper gives an overview of the work related to diverse actuation system (DAS) of ACPR1000 nuclear power plant; the scale of DAS is determined after capturing its functional requirements; the detailed design, the implementation, and procedure development on it are discussed
As a DBA concurrent with software common cause failure (CCF) of reactor protection and monitoring system (RPMS) is taken as a beyond-design-basis accidents (BDBA), the systems and equipment involved in mitigating the consequence of it need not meet the single-failure criterion (IEEE [24]), which means that the redundancy of them is avoided; for the purpose of minimizing DAS scale, the automatic functions and manual functions assigned to it should actuate only one train of the process systems and equipment, which are necessary to mitigate the consequences of ATWS; if transient analysis proves that both two trains of the process system and equipment are necessary to meet acceptance criteria of accident analysis, DAS should be assigned to actuate both the train A and train B process systems and equipment
Summary
Anticipated transient without scram (ATWS) is one of the accidents that must be considered in design of nuclear power plants. Compared with the limited several special ATWS scenarios taken into account for CPR1000 nuclear power plants (EDF [18] and Zhang et al [19]), the ATWS scenarios for ACPR1000 nuclear power plant tend to comprehensively cover the scenarios that all design-basis accidents (DBA) concurrent with failure of reactor trip (RT) as long as it may trigger RT or actuate engineered safety features (ESF). Is paper gives an overview of the work related to DAS of ACPR1000 nuclear power plant; the scale of DAS is determined after capturing its functional requirements; the detailed design, the implementation, and procedure development on it are discussed. For ACPR1000 nuclear power plant, DAS provides comprehensive and diversified protection for RPMS; it is of great significance to reduce the risk induced by software CCF of RPMS and enhance the safety level
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
