Hendriks, F.M.; Pelders, H.A.A.W.
Active safety systems are increasingly becoming available in trucks and passenger vehicles. Developments in the field of active safety are shifting from increasing driver comfort towards increasing occupant safety. Furthermore, this shift is seen within active safety systems: safety functions are ad
Taylor, J. R.; Bologna, S.; Ehrenberger, W.;
Questions of technical safety become more and more important. Due to the higher complexity of their functions computer based safety systems have special problems. Researchers, producers, licensing personnel and customers have met on a European basis to exchange knowledge and formulate positions....... The Commission of the european Community supports the work. Major topics comprise hardware configuration and self supervision, software design, verification and testing, documentation, system specification and concurrent processing. Preliminary results have been used for the draft of an IEC standard...
This publication establishes requirements for management systems that integrate safety, health, security, quality assurance and environmental objectives. A successful management system ensures that nuclear safety matters are not dealt with in isolation but are considered within the context of all these objectives. The aim of this publication is to assist Member States in establishing and implementing effective management systems that integrate all aspects of managing nuclear facilities and activities in a coherent manner. It details the planned and systematic actions necessary to provide adequate confidence that all these requirements are satisfied. Contents: 1. Introduction; 2. Management system; 3. Management responsibility; 4. Resource management; 5. Process implementation; 6. Measurement, assessment and improvement.
This publication establishes requirements for management systems that integrate safety, health, security, quality assurance and environmental objectives. A successful management system ensures that nuclear safety matters are not dealt with in isolation but are considered within the context of all these objectives. The aim of this publication is to assist Member States to establish and implement effective management systems that integrate all aspects of managing nuclear facilities and activities in a coherent manner. It details the planned and systematic actions necessary to provide adequate confidence that all these requirements are satisfied
Song, Tae Young [Nuclear Engineering and Technology Institute, Daejeon (Korea, Republic of)
At present, the 10-year Periodic Safety Review(PSR) has been performing to confirm all the aspects of safety issues for all the operating plants in compliance with domestic nuclear law of article 23, subarticle 3. For each plant, in addition, Probabilistic Safety Assessment(PSA) and Severe Accident Management Guideline(SAMG) are being implemented and revised periodically to reflect the latest safety level according to principle fulfillment of severe accident policy statement. The assessment reports, as one of outcomes from these activities, are submitted into and reviewed by domestic regulatory body. During reviewing (in-office duty) and licensing (regulatory duty) process, a large number of outcomes of which most are the formal technical reports and licensing materials, are inevitably produced. Moreover, repeated review process over the plants can make them accumulated and produce a variety of documents additionally. This circumstance motivates to develop effective tool or system for the management of these reports and related technical documents for the future use in licensing process and for subsequent plant assessments. This paper presents the development status of Safety Assessment Information System(SAIS) which manages safety-related documents of PSR, PSA and SAMG for practical use for experienced engineers in charge of these areas.
Full Text Available The present paper investigates an approach to integrate active and passive safety systems of passenger cars. Worldwide, the introduction of Integrated Safety Systems and Advanced Driver Assistance Systems (ADAS is considered to continue the today
On April 26th 1994, the European Union (EU) adopted via a Council Decision a EURATOM Multiannual Programme for community activities in the field of Nuclear Fission Safety (NFS) Research for the period 1994 to 1998. An area of work having, as an objective, to 'explore innovative approaches' to improve the safety of future and existing reactors, was introduced in this programme. Most of the projects selected in this area, which have been grouped under a common cluster known as 'INNO', are currently being carried out on a 'cost-shared' basis, i.e. contribution of the European Commission is up to 50% of the total cost. At present, the 'INNO' cluster is composed of 10 projects in which 25 different organisations, representing research centres, universities, regulators, utilities and vendors from 7 EU member states and Switzerland, are involved. These projects are proving to be an efficient means to gain the necessary phenomenological knowledge and to solve the challenging problems, many times of generic nature, posed among others by the characteristically small driving forces of the systems studied and by the lack of really prototypical test facilities. (author)
Hakuli, Stephan; Lotz, Felix; Singer, Christina
This fundamental work explains in detail systems for active safety and driver assistance, considering both their structure and their function. These include the well-known standard systems such as Anti-lock braking system (ABS), Electronic Stability Control (ESC) or Adaptive Cruise Control (ACC). But it includes also new systems for protecting collisions protection, for changing the lane, or for convenient parking. The book aims at giving a complete picture focusing on the entire system. First, it describes the components which are necessary for assistance systems, such as sensors, actuators, mechatronic subsystems, and control elements. Then, it explains key features for the user-friendly design of human-machine interfaces between driver and assistance system. Finally, important characteristic features of driver assistance systems for particular vehicles are presented: Systems for commercial vehicles and motorcycles.
The Enforcement Decree of the Act on Physical Protection and Radiological Emergency (ED-APPRE) was revised December 2013 to include security requirements on computer systems at nuclear facilities to protect those systems against malicious cyber-attacks. It means Cyber-Security-related measures, controls and activities of safety I and C systems against cyber-attacks shall meet the requirements of ED-APPRE. Still regulation upon inadvertent access or non-malicious modifications to the safety I and C systems is covered under the Nuclear Safety Act. The objective of this paper is to propose KINS' regulatory perspective on secure development and features against non-malicious access or modification of safety I and C systems. Secure development activities and features aim to prevent inadvertent and non-malicious access, and to prevent unwanted action from personnel or connected systems for ensuring reliable operation of safety I and C systems. Secure development activities of safety I and C systems are life cycle activities to ensure unwanted, unneeded and undocumented code is not incorporated into the systems. Secure features shall be developed, verified and qualified throughout the development life cycle
Kang, Youngdoo; Yu, Yeong Jin; Kim, Hyungtae; Kwon, Yong il; Park, Yeunsoo; Choo, Jaeyul; Son, Jun Young; Jeong, Choong Heui [Korea Institute of Nuclear Safety, Daejeon (Korea, Republic of)
The Enforcement Decree of the Act on Physical Protection and Radiological Emergency (ED-APPRE) was revised December 2013 to include security requirements on computer systems at nuclear facilities to protect those systems against malicious cyber-attacks. It means Cyber-Security-related measures, controls and activities of safety I and C systems against cyber-attacks shall meet the requirements of ED-APPRE. Still regulation upon inadvertent access or non-malicious modifications to the safety I and C systems is covered under the Nuclear Safety Act. The objective of this paper is to propose KINS' regulatory perspective on secure development and features against non-malicious access or modification of safety I and C systems. Secure development activities and features aim to prevent inadvertent and non-malicious access, and to prevent unwanted action from personnel or connected systems for ensuring reliable operation of safety I and C systems. Secure development activities of safety I and C systems are life cycle activities to ensure unwanted, unneeded and undocumented code is not incorporated into the systems. Secure features shall be developed, verified and qualified throughout the development life cycle.
Its has been done a mechanical plan and nuclear radiation safety boaster tool activator system. The mechanical system consists of: frame, source holder, collimator and shielding holder. The activator system axis threads and crank stick handle that can be rotated either clockwise or counter clockwise. The axis thread is to be designed can be coupled with either convention.al activator system or activator that controlled a control system that by can be set forward and backward,or close and for to the source and detector. This system has freedom variable of 1000 mm between source and detector equipped with distance scale in mm. The shielding holder can be set its thickness as according to the shielding to be used. This design it is expected that the system can be used for any experiment related to protection system and safety as a function of distance factor time, and shielding. (author)
The reliability of the active emergency core cooling systems of Angra I nuclear power plant is evaluated. The fault tree analysis is employed. The unavailability of the above cited systems, is calculated. A parametric sensitivity analysis has been performed, due to the existing scattering in the failure and repair rate data of these system's components. The minimal cut sets were determined and, as a final step, a reliability importance analysis has been performed. This final step has required the development of a computer program. The methodology and data from the 'Reactor Safety Study' (Wash-1400) (in which the reliability of safety systems of a tipical PWR plant is calculated), is employed. The unavailability values for the safety systems analysed are too low, thus showing that in most cases the systems analysed are available to mitigate the effects of a loss-of-coolant accident. (Author)
This publication provides guidance for following the requirements for management systems that integrate safety, health, security, quality assurance and environmental objectives. A successful management system ensures that nuclear safety matters are not dealt with in isolation but are considered within the context of all these objectives. The aim of this publication is to assist Member States to establish and implement effective management systems that coherently integrate all aspects of managing nuclear facilities and activities. Contents: 1. Introduction; 2. Management system; 3. Management responsibility; 4. Resource management; 5. Process implementation; 6. Measurement, assessment and improvement; Appendix I: Transition to an integrated management system; Appendix II: Activities in the document control process; Appendix III: Activities in the procurement process; Appendix IV: Performance of independent assessments; Annex I: Electronic document management system; Annex II: Media for record storage; Annex III: Record retention and storage; Glossary.
Kievit, M. de; Malone, K.M.; Zwijnenberg, H.; Arem, B. van
This paper presents the results of a Benchmarking study performed in the European Union on Awareness and Promotion & Deployment activities related to Intelligent Vehicle Safety (IVS) systems (1). The study, commissioned by the European Commission under the Intelligent Car Initiative (a i2010 flagshi
System design and performance of the Skylab Airlock Module and Payload Shroud are presented for the communication and caution and warning systems. Crew station and storage, crew trainers, experiments, ground support equipment, and system support activities are also reviewed. Other areas documented include the reliability and safety programs, test philosophy, engineering project management, and mission operations support.
In 2005 Safety and Health at the University of Western Australia (UWA) implemented a system of Radiation Safety Audits. The system was implemented to ensure complete audits were carried out annually for each section of the University with radiation safety issues. The audits cover those aspects of radiation safety regulated in the Radiation Safety Act of Western Australia and include high powered lasers, UV emitting devices, radioactive materials, x-ray machines. In relation to these there are regulated considerations for equipment registration, location of use and storage registration, licensing of individual to use radiation, training, documentation, working rules, personal monitoring, calibrations and supervision. Within the University there are University systems to control materials and equipment coming onto campus, risk assessment protocols required for each new project or type of work, local permits and waste disposal. UWA Safety and Health have an active role in delivering control of radiation safety and ensuring that safety systems are appropriate relevant and used in an immediate and useful manner. Safety and Health has importantly built a network of key people on campus, made sure they are assisted, valued and that the systems are seen as a way to improve efficiency in delivering real, relevant and useful radiation safety outcomes. The systems include uniform documentation across campus, clear expectations and an ongoing interest from Safety and Health to ensure the systems remain alive. This has allowed the audits to become efficient and effective both for the sections involved but also for Safety and health in its recording systems and improvement follow up process.
Diba, Fereydoon; Barari, Ahmad; Esmailzadeh, Ebrahim
A methodology is presented in this work that employs the active inverted wings to enhance the road holding by increasing the downward force on the tyres. In the proposed active system, the angles of attack of the vehicle's wings are adjusted by using a real-time controller to increase the road holding and hence improve the vehicle handling. The handling of the race car and safety of the driver are two important concerns in the design of race cars. The handling of a vehicle depends on the dynamic capabilities of the vehicle and also the pneumatic tyres' limitations. The vehicle side-slip angle, as a measure of the vehicle dynamic safety, should be narrowed into an acceptable range. This paper demonstrates that active inverted wings can provide noteworthy dynamic capabilities and enhance the safety features of race cars. Detailed analytical study and formulations of the race car nonlinear model with the airfoils are presented. Computer simulations are carried out to evaluate the performance of the proposed active aerodynamic system.
The measures necessary for achieving higher levels of system safety are analyzed with an eye toward maintaining the combat capability of the Air Force. Several education courses were provided for personnel involved in safety management. Data include: (1) Flight Safety Officer Course, (2) Advanced Safety Program Management, (3) Fundamentals of System Safety, and (4) Quantitative Methods of Safety Analysis.
The protection of nuclear safety software is essential in that a failure can result in significant economic loss and physical damage to the public. However, software security has often been ignored in nuclear safety software development. To enforce security considerations, nuclear regulator commission recently issued and revised the security regulations for nuclear computer-based systems. It is a great challenge for nuclear developers to comply with the security requirements. However, there is still no clear software development process regarding security activities. This paper proposes an integrated development process suitable for the secure development requirements and system security requirements described by various regulatory bodies. It provides a three-stage framework with eight security activities as the software development process. Detailed descriptions are useful for software developers and licensees to understand the regulatory requirements and to establish a detailed activity plan for software design and engineering
Brissaud, Florent; Turcinovic, Didier
International audience The functional safety is the part of the overall safety relating to equipment/ system/ installation and their control systems that depends on the correct functioning of the safety-related systems. Due to the critical role of safety-related systems for managing risks, international standards have been developed to provide guidelines and requirements for all their safety lifecycle activities. The IEC 61508 and IEC 61511 are now recognized all around the world and have ...
The philosophy of reactor safety is that design should follow established and conservative engineering practices, there should be safety margins in all modes of plant operation, special systems should be provided for accidents, and safety systems should have redundant components. This philosophy provides ''defense in depth.'' Additionally, the safety of nuclear power plants relies on ''safety systems'' to assure acceptable response to design basis events. Operating experience has shown the need to study plant response to more frequent upset conditions and to account for the influence of operators and non-safety systems on overall performance. Defense in depth is being supplemented by risk and reliability assessment
Safety standards develop by the IAEA in the Safety Standard Series and other publication are reviewed. The Waste Safety Action plan includes: Action 1: Develop a common framework for the management and disposal of different types of radioactive waste, paying particular attention to large volumes of waste containing long-lived naturally occurring radionuclides. Action 2: Assess the safety implications of the extended storage of radioactive waste and of any future reconditioning which may be necessary and develop safety standards for the long-term storage of radioactive waste. Action 3: Promptly develop safety standards for geological disposal, addressing inter alia, issues of human intrusion, institutional control, retrievability, the content of the safety case and any implications of nuclear safeguards requirements for the design of the repositories. Action 4: Develop an internationally accepted and harmonized approach for controlling the removal of materials and sites from regulatory control. Action 5: Develop a structured and systematic programme to ensure adequate application of the Agency waste safety standards and facilitate their application in implementation of the Joint Convention. Action 6: Explore ways to ensure that information, knowledge and skills concerning radioactive waste management are made available to future generations. Action 7: Address the broader societal dimensions of radioactive waste management. Action 8: Review the new developments related to policies for the control of radioactive discharges to the environment, taking into account the availability and cost-effectiveness of discharge reduction technologies and the broader implications for radioactive waste management of reducing discharges. Action 9: Explore international mechanisms for facilitating the management of spent sealed radioactive sources. Some other activities as training courses and technical cooperation are also presented
Full Text Available Active chassis systems like braking, steering, suspension and propulsion systems are increasingly entering the market. In addition to their basic functions, these systems may be used for functions of integrated vehicle dynamics control. An experimental platform which aims to study the integration control of steering and braking is designed due to the research requirement of vehicle active safety control strategy in this paper. A test vehicle which is equipped with the systems of steer-by-wire and brake-bywire is provided and the Autobox, combined with Matlab/simulink and MSCCarsim, is used to fulfill the RCP (Rapid Control Prototyping and HIL (Hardware-in-loop. The seven-freedom vehicle model is constructed first and the approach of vehicle parameters estimation based on the Extended Kalman Filter (EKF is proposed. Testing the vehicle state through the sensor has its own disadvantage that the cost is high and easily affected by environment outside. To find a actual method of receiving the vehicle state using the ready-made sensors in vehicle, the researchers put forward various estimation method, of which have advantages and disadvantages. Based on the above, this paper applies the EKF to estimate the vehicle state, making the actual estimation come true. The primary control methods and controller designment is carried out to prove the validation of the platform.
This paper describes research to develop risk-based indicators of plant safety performance. One measure of the safety-performance of operating nuclear power plants is the unavailability of important safety systems. Brookhaven National Laboratory and Science Applications International Corporation are evaluating ways to aggregate train-level or component-level data to provide such an indicator. This type of indicator would respond to changes in plant safety margins faster than the currently used indicator of safety system unavailability (i.e., safety system failures reported in licensee event reports). Trends in the proposed indicator would be one indication of trends in plant safety performance and maintenance effectiveness. This paper summarizes the basis for such an indicator, identifies technical issues to be resolved, and illustrates the potential usefullness of such indicators by means of computer simulations and case studies
Coon, Herbert L.
Described are instructional and reference materials that may be useful to managers, supervisors, foremen and others who are interested in the safety education of workers in wastewater systems. Emphasis is upon items relevant to the development and presentation of wastewater treatment training programs. Part I contains descriptions and excerpts…
... Production Safety Systems; Submitted for Office of Management and Budget (OMB) Review; Comment Request ACTION... Information and Regulatory Affairs, OMB, Attention: Desk Officer for the Department of the Interior (1014-0003...: Cheryl Blundon 381 Elden Street, Herndon, Virginia 20170- 4817. Please reference 1014-0003 in...
... From the Federal Register Online via the Government Publishing Office DEPARTMENT OF THE INTERIOR Bureau of Safety and Environmental Enforcement [Docket ID BSEE-2013-0005; OMB Control Number 1014-0017... Management Systems (SEMS); Proposed Collection; Comment Request Correction In notice document...
... Bureau of Safety and Environmental Enforcement [Docket ID BSEE-2013-0005; OMB Control Number 1014-0017... Management Systems (SEMS); Proposed Collection; Comment Request ACTION: 60-day Notice. SUMMARY: To comply...) is inviting comments on a collection of information that we will resubmit to the Office of...
The Pacific Northwest Laboratory has studied the safety aspects of monitoring the preoperational status of safety systems in nuclear power plants. The goals of the study were to assess for the NRC the effectiveness of current monitoring systems and procedures, to develop near-term guidelines for reducing human errors associated with monitoring safety system status, and to recommend a regulatory position on this issue. A review of safety system status monitoring practices indicated that current systems and procedures do not adequately aid control room operators in monitoring safety system status. This is true even of some systems and procedures installed to meet existing regulatory guidelines (Regulatory Guide 1.47). In consequence, this report suggests acceptance criteria for meeting the functional requirements of an adequate system for monitoring safety system status. Also suggested are near-term guidelines that could reduce the likelihood of human errors in specific, high-priority status monitoring tasks. It is recommended that (1) Regulatory Guide 1.47 be revised to address these acceptance criteria, and (2) the revised Regulatory Guide 1.47 be applied to all plants, including those built since the issuance of the original Regulatory Guide
This document presents the fulfilling of the Brazilian obligations under the Convention on Nuclear Safety. The Chapter 6 of the document contains some details about the planed activities to safety improvements
The spectrum of possible accidents may become characterized by the 'maximum credible accident', which will/will not happen. Similary, the performance of safety systems in a multitude of situations is sometimes simplified to 'the emergency system will/will not work' or even 'reactors are/ are not safe'. In assessing safety, one must avoid this fallacy of reducing a complicated situation to the simple black-and-white picture of yes/no. Similarly, there is a natural tendency continually to improve the safety of a system to assure that it is 'safe enough'. Any system can be made safer and there is usually some additional cost. It is important to balance the increased safety against the increased costs. (orig.)
The IAEA has developed a new set of Safety Standard for applying an integrated Management System for facilities and activities. The objective of the new Safety Standards is to define requirements and provide guidance for establishing, implementing, assessing and continually improving a Management System that integrates safety, health, environmental, security, quality and economic related elements to ensure that safety is properly taken into account in all the activities of an organization. With an integrated approach to management system it is also necessary to include the aspect of culture, where the organizational culture and safety culture is seen as crucial elements of the successful implementation of this management system and the attainment of all the goals and particularly the safety goals of the organization. The IAEA has developed a set of service aimed at assisting it's Member States in establishing. Implementing, assessing and continually improving an integrated management system. (author)
This article reviews the accomplishments in ITER safety analysis during the course of the Engineering Design Activities (EDA). The key aspects of ITER safety analysis are: effluents and emissions from normal operation, including planned maintenance activities; occupational safety for workers at the facility; radioactive materials and wastes generated during operation and from decommissioning ; potential incidents and accidents and the resulting transients. As a result of the work during the EDA it is concluded that ITER is safe
The development activities in the area of nuclear plant design in recent years have caused widespread interest in the plants incorporating passive safety features and simplified system designs. In recent years, design studies were undertaken to use passive phenomena such as natural circulation and gravity to provide safety functions, rather than to rely on the active systems requiring power supply and control systems. The resulting simplification leads to reduced capital costs and shortened construction period. Westinghouse developed the AP600 plant, which is a 600 MWe PWR and features passive safety systems, simplified plant design and the decreased reliance on operator interface. In 1988, the program was initiated to investigate the application of AP600 technology to the use in Japan with more appropriate design features. This plant with 960 MWe rating is designated 'Simplified pressurized water reactor' (SPWR). The key objectives of the SPWR design are shown. The reactor cooling system, the plant instrumentation and control, the passive engineered safety features, the testing program, the plant arrangement and seismic consideration, the safety analysis and the plant simplification and economics of the SPWR are reported. (K.I.)
One of the tasks of the ITER Systems Analysis Group has been safety and environmental analyses. The safety analyses show that radiological doses from operational effluents and accidents are consistent with anticipated regulatory dose limits. To improve safety further and to meet the ambitious goal of ''passive safety,'' further efforts to reduce inventories of tritium and activation products are proposed. Most major safety issues are now associated with Plasma Facing Components (PFC). 2 tabs
Reece, R. K.; Smith, G. A.
The AGS facility can change operating parameters (particle, intensity, extraction mode, etc.) in a pulse-to-pulse mode. This will soon become essential in order to fill the RHIC accelerator rings interleaved with providing beam to the fixed target experiments at the AGS. However, since the AGS intensity for fixed targets is much greater than that required for RHIC, a means of ensuring that only the proper beam and intensity is extracted to RHIC has been developed. A beam current transformer in the AGS accelerator chain will detect the beam intensity and provide the necessary permits for extraction to RHIC only if the beam intensity is below a specified threshold. System details of this dual, redundant current transformer, as well as the system constraints imposed by the various safety requirements, will be presented. The interdependence of these two issues and evolution of the overall design will also be described.
The basic purpose of Safety System Functional Inspections (SSFI) is to carry out an impartial and independent assessment of previously selected safety systems, in order to determine whether they have been installed, tested, operated and managed in accordance with the original Design Bases and with the applicable regulatory requirements, codes and standards, that is, their Licensing Bases. These functional inspections are performed within the framework established by the Quality Assurance Programmes of electric utility owners, and in accordance with specifically prepared procedures previously approved for each power plant. These SSFIs verify, for safety systems and their support systems (eg HVAC systems, etc), the operational availability of inspected systems of components by researching and determining whether there have been generic or programmed deficiencies in the course of Operation, that will prevent the systems from adequately performing the functions for which they were originally designed. PSA and IPE results are used as the basis for selecting the systems that should undergo functional inspections. As a consequence of these SSFIs, final reports will be prepared, summarizing actions taken at the plants and contemplating discrepancies or deviations detected during inspection. The necessary corrective actions for these discrepancies will be indicated in either the design documentation or the Operation and Maintenance Procedures. (Author)
Westinghouse Savannah River Company (WSRC) has developed a comprehensive Safety Analysis and Review System that satisfies Department of Energy safety analysis report requirements. This system consists of interrelated criteria for hazard classification, risk assessment, selection of Safety Class Items (SCIs), and selection of Operational Safety Requirements (OSRs). The system provides input for design decisions at appropriate project milestones as required by the life cycle of a project. The criteria used for selection in hazard classification, risk assessment, Safety Class Items (SCI) identification, and Operational Safety Requirement (OSR) identification are the subject of this paper
The world of safety analysis is filled with ambiguous words: codes and standards, consequences and risks, hazard and accident, and health and safety. These words have been subject to disparate interpretations by safety analysis report (SAR) writers, readers, and users. open-quotes Principal health and safety criteriaclose quotes has been one of the most frequently misused phrases; rarely is it used consistently or effectively. This paper offers an easily understood definition for open-quotes principal health and safety criteriaclose quotes and uses systems engineering to convert an otherwise mysterious topic into the primary means of producing an integrated SAR. This paper is based on SARs being written for environmental restoration and waste management activities for the U.S. Department of Energy (DOE). Requirements for these SARs are prescribed in DOE Order 5480-23, open-quotes Nuclear Safety Analysis Reports.close quotes
Full Text Available Nuclear energy is today the largest single source of carbon free and base-load electricity in Europe. While highlighting its important role in the overall energy mix, it is necessary to address sustainability, safety, and security concerns, in particular nuclear safety and nuclear waste management issues, which influence the public acceptance of nuclear energy. The present paper describes the Joint Research Centre activities in support to the EU nuclear safety policy. It describes the Joint Research Centre role in the EU institutional context, identifies the various customers to which the Joint Research Centre delivers its services, and provides some results of the Joint Research Centre scientific work inherent to nuclear safety.
Canada is committed to not only maintaining, but also improving upon our record of having one of the safest aviation systems in the world. The development, implementation and maintenance of safety management systems is a significant step towards improving safety performance. Canada is considered a world leader in this area and we are fully engaged in implementation. By integrating risk management systems and business practices, the aviation industry stands to gain better safety performance with less regulatory intervention. These are important steps towards improving safety and enhancing the public's confidence in the safety of Canada's aviation system. (author)
The US Department of Energy has undertaken an initiative to improve the quality of software used to design and operate their nuclear facilities across the United States. One aspect of this initiative is to revise or create new directives and guides associated with quality practices for the safety software in its nuclear facilities. Safety software includes the safety structures, systems, and components software and firmware, support software and design and analysis software used to ensure the safety of the facility. DOE nuclear facilities are unique when compared to commercial nuclear or other industrial activities in terms of the types and quantities of hazards that must be controlled to protect workers, public and the environment. Because of these differences, DOE must develop an approach to software quality assurance that ensures appropriate risk mitigation by developing a framework of requirements that accomplishes the following goals: (smbullet) Ensures the software processes developed to address nuclear safety in design, operation, construction and maintenance of its facilities are safe (smbullet) Considers the larger system that uses the software and its impacts (smbullet) Ensures that the software failures do not create unsafe conditions Software designers for nuclear systems and processes must reduce risks in software applications by incorporating processes that recognize, detect, and mitigate software failure in safety related systems. It must also ensure that fail safe modes and component testing are incorporated into software design. For nuclear facilities, the consideration of risk is not necessarily sufficient to ensure safety. Systematic evaluation, independent verification and system safety analysis must be considered for software design, implementation, and operation. The software industry primarily uses risk analysis to determine the appropriate level of rigor applied to software practices. This risk-based approach distinguishes safety
Hill, Janice L.
How can traceability of software safety requirements be created for legacy safety critical systems? Requirements in safety standards are imposed most times during contract negotiations. On the other hand, there are instances where safety standards are levied on legacy safety critical systems, some of which may be considered for reuse for new applications. Safety standards often specify that software development documentation include process-oriented and technical safety requirements, and also require that system and software safety analyses are performed supporting technical safety requirements implementation. So what can be done if the requisite documents for establishing and maintaining safety requirements traceability are not available?
State authorities have set safety criteria in the field of information technology as standard. A specific research and development direction has been initiated in order to fulfil these standards. At Siemens it is called ''network and system safety''. This edition of the Siemens magazine Special Research and Development gives an overview of the research and development works carried out in order to guarantee safety and reliability of Siemens products and systems. Computer networks, chips, fax coding, safety of railway signalling technique, control technology, telecommunication and safety control technique in nuclear power plants. (DG)
Full text : PFBR is provided with two independent, fast acting and diverse shutdown systems to detect any abnormalities and to initiate safety action. Each system consists of sensors, signal processing systems, logics, drive mechanisms and absorber rods. The absorber rods of the first system are Control and Safety Rods (CSR) and that of the second are called as Diverse Safety Rods (DSR). There are nine CSR and three DSR. While CSR are used for startup, control of reactor power, controlled shutdown and SCRAM, the DSR are used only for SCRAM. The respective drive mechanisms are called as CSRDM and DSRDM. Each of these two systems is capable of executing the shutdown satisfactorily with single failure criteria. Two independent safety logic systems based on diverse principles have been designed for the two shut down systems. The analog outputs of the sensors of Core Monitoring Systems comprising of reactor flux monitoring, core temperature monitoring, failed fuel detection and core flow monitoring systems are processed and converted into binary signals depending on their instantaneous values. Safety logic systems receive the binary signals from these core-monitoring systems and process them logically to protect the reactor against postulated initiating events. Neutronic and power to flow (P/Q) signals form the inputs to safety logic system-I and temperature signals are inputs to the safety logic system II. Failed fuel detection signals are processed by both the shut down systems. The two logic systems to actuate the safety rods are also based on two diverse designs and implemented with solid-state devices to meet all the requirements of safety systems. Safety logic system I that caters to neutronic and P/Q signals is designed around combinational logic and has an on-line test facility to detect struck at faults. The second logic system is based on dynamic logic and hence is inherently safe. This paper gives an overview of the two logic systems that have been
U.S. Department of Health & Human Services — 1995-2016. Centers for Disease Control and Prevention (CDC). State Tobacco Activities Tracking and Evaluation (STATE) System. Legislation â Fire-Safety. The STATE...
Dynamic Safety Systems (DSSs) are reactor safety function systems that are functionally controlled using dynamic rather than static processes. All components including software, whose failure could result in a critical safety system failure, are operationally verified by hard-wired components. Dynamic Safety Systems have been enveloped in the United Kingdom by AEA Technology for use in gas cooled reactors. One such system, known as ISAT trademark, is described in this paper. Through use of scenario testing of a DDS emulator on a Boiling Water Reactor plant training simulator described in this paper. Through use of scenario testing of a DSS emulator on a Boiling Water Reactor plant training simulator, it is shown that a DSS can provide a cost effective safety system in BWR power plants
Dezfuli, Homayoon; Everett, Chris; Groen, Frank
The NASA system safety framework is in the process of change, motivated by the desire to promote an objectives-driven approach to system safety that explicitly focuses system safety efforts on system-level safety performance, and serves to unify, in a purposeful manner, safety-related activities that otherwise might be done in a way that results in gaps, redundancies, or unnecessary work. An objectives-driven approach to system safety affords more flexibility to determine, on a system-specific basis, the means by which adequate safety is achieved and verified. Such flexibility and efficiency is becoming increasingly important in the face of evolving engineering modalities and acquisition models, where, for example, NASA will increasingly rely on commercial providers for transportation services to low-earth orbit. A key element of this objectives-driven approach is the use of the risk-informed safety case (RISC): a structured argument, supported by a body of evidence, that provides a compelling, comprehensible and valid case that a system is or will be adequately safe for a given application in a given environment. The RISC addresses each of the objectives defined for the system, providing a rational basis for making informed risk acceptance decisions at relevant decision points in the system life cycle.
Full Text Available Objective: To study the analgesic activity of ash of silver used in Indian system of medicine and to explore its safety. Materials and Methods: Albino mice of either sex (20-30 gm were used to investigate the role of ash of silver against noxious stimuli: thermal (Eddy′s hot plate and analgesiometer, mechanical (tail clip, and chemical (0.6% acetic acid induced writhing. An effort was made to find nature and site of action of ash of silver following naloxone pre-treatment. Maximum tolerated dose (MTD and lethal dosage 50 (LD50 were also studied along with toxicological aspects of ash of silver. Results: Test drug (ash of silver at a dose of 50 mg/kg p.o exhibited analgesic activity against thermal, mechanical, and chemical stimuli. Analgesic effects were compared with the standard drug, morphine, in thermal and mechanical noxious stimuli and to aspirin in chemical stimulus. Analgesic activity of the test drug was reduced following naloxone pre-treatment. MTD was found out to be greater than 1.5 g/kg p.o. LD50 was 2 g/kg p.o. Fraction of mice showed symptoms of argyria as explained by autopsy reports. Conclusion: Test drug exhibited moderate analgesic activity at 50 mg/kg p.o against all type of noxious stimuli, also suggesting a role of opioidergic system. The ash of silver was been found to be safe upto a dose of 1.5 g/kg p.o. in mice without any untoward toxicity. Further studies are required to explore the effect of ash of silver on pain mediators and excitatory neurotransmitters like glutamate, aspartate, or N-methyl-D-aspartic acid (NMDA.
The purpose of this paper is to present the findings of the study conducted by a group of experts from EDF corporate departments on the conditions of the development of safety culture in the French nuclear power plants. The recommendations included in INSAG 4 sound rather like requirements concerning both the desirable attitudes of players and the operation of the organizations. The working group, referring to corporate and French culture, has deemed that the major leverage for cultural development was learning and understanding organization throughout its evolution. The quality system is one of the tools. Such a proposal should be placed against the background of some milestones of French nuclear power plant history. During the development phase, industrial challenge and safety requirements have led to putting a premium on the principles of industrial quality, on structured methods, working procedures, provisional risk and operating sequence analyses which resulted in effective mastery of technology and process. Within this strategy of production organization, human behaviour has been directed by strict guidelines and during this period, man has been perceived as a potential failure inducer. Quality remains the outstanding feature of nuclear industry. Design and plant operations activities as well as human behaviour are governed by quality requirements whose implementation methods are described in the QA manual. During this period, the structuring logics have been implementation, deviation, error. Currently, public opinion, safety authorities, government authorities, the nuclear industry itself are stepping up pressure on safety requirements and we are exploring paths of progress in the enhancement of human and organizational possibilities and resources. The ongoing in-depth transformation of the organization concerns operating methods, structures and management mode. A systemic approach should be a contributing factor to the reliability of this programme. This
Safety analysis, and particularly analysis of exploitation of NPPs is constantly affected by EDF and by the safety authorities and their methodologies. Periodic safety reports ensure that important issues are not missed on daily basis, that incidents are identified and that relevant actions are undertaken. French safety analysis method consists of three principal steps. First type of safety balance is analyzed at the normal start-up phase for each unit including the final safety report. This enables analysis of behaviour of units ten years after their licensing. Second type is periodic operational safety analysis performed during a few years. Finally, the third step consists of safety analysis of the oldest units with the aim to improve the safety standards. The three steps of safety analysis are described in this presentation in detail with the aim to present the objectives and principles. Examples of most recent exercises are included in order to illustrate the importance of such analyses
Containment Cooling and Depressurization of the Reactor Coolant, two major topics of mitigation of consequences of beyond design basis core damage accidents are dealt with by passive systems co-developed by Ansaldo and ENEL for the next generation of NPP's in the frame of international co-operation. A Passive Containment Cooling System (PCCS) concept consisting of modular loops, each with inner heat exchanger, outer condenser and interconnecting piping, has been developed for application to PWR units with dual concrete (EUR requirement) containment type. Two versions of the inner heat exchanger have been designed; the first one, under development by ENEL, features a compact tube-bundle with top-bottom natural draught of the air-steam mixture; the second one, under development by Ansaldo, consists of water-jacket modules embedded in the concrete containment. The key-components, the Isolation Condenser and the Passive Containment Cooler, of two passive systems for application to the SBWR, the advanced BWR of GE, for the control of respectively reactor and containment pressure have been developed, designed and tested on full-scale prototypical units. Depressurization of the Reactor Coolant by injection of cold borated water into the steam plenum is the result of the Passive Injection and Depressurization System (PIDS), a completely passive concept, applicable to both PWR and BWR designs
Arat, Mustafa Ali
The dynamic behavior of a vehicle is predominantly controlled by the forces and moments generated at the contact patch between the tire and the road surface. As a result, tire characteristics can dramatically change vehicle response, especially during maneuvers that yields the tires to reach to the limits of its adhesion capacity. To assist the driver in such cases and to prevent other possible instability scenarios, various vehicle control systems e.g. anti-lock brakes (ABS), ...
The objective of the meeting was to discuss and exchange information on passive and active safety concepts and to find some reasonable coupling of these concept, aiming at firmer establishment of plant safety and at the same time of plant cost reduction. The following main topical areas were discussed by delegates: (1) Overview - review of national status on the safety design approaches of LMFRs (2) Safety characteristics of decay heat removal system (DHRS) (3) Safety characteristics of reactor protection system (RPS) and reactor shutdown system (RSS) (4) Core safety characteristics
... mission and primary activity is to conduct activities to improve patient safety and the quality of health... Relinquishment From UAB Health System Patient Safety Organization AGENCY: Agency for Healthcare Research and... relinquishment from the UAB Health System Patient Safety Organization of its status as a Patient......
The design and development of a digital computer-based safety system for a nuclear power plant is a complex process. The process of design and product development must result in a final product free of critical errors; operational safety of nuclear power plants must not be compromised. This paper focuses on the development of a safety system model to assist designers, developers, and regulators in establishing and evaluating requirements for a digital computer-based safety system. The model addresses hardware, software, and human elements for use in the requirements definition process. The purpose of the safety system model is to assist and serve as a guide to humans in the cognitive reasoning process of establishing requirements. The goals in the use of the model are to: (1) enhance the completeness of the requirements and (2) reduce the number of errors associated with the requirements definition phase of a project
The statutory safety functions of the International Atomic Energy Agency (IAEA) include the establishment of and provision for the application of safety standards for protection of health, life and property against ionizing radiation. The safety standards are based on the presumption that a national infrastructure is in place enabling the Government to discharge its responsibilities for protection and safety. Education and training is an essential element of the infrastructure. The IAEA education and training activities follows the resolutions of its General Conferences and reflects the latest IAEA standards and guidance. In response to GC(44)/RES/13, the IAEA prepared a 'Strategic Approach to Education and Training in Radiation and Waste Safety' aiming at establishing, by 2010, sustainable education a training programmes in Member States. This Strategy was endorsed by General Conference resolution GC(45)/RES/10C that, inter alia, urged the Secretariat to implement the Strategy on Education and Training and to continue to strengthen, subject to available resources, its current effort in this area, and in particular to assist Member States' national, regional and collaborating centres in conducting such education and training activities in the relevant official languages of the IAEA. In the last General Conference 2002, the IAEA was urged to continue to implement the Strategy, including the convening of the Steering Committee. The first Technical Committee meeting took place during the week 25-29 November 2002. (author)
Hill, Janice L.; Baggs, Rhoda
Safety Standards contain technical and process-oriented safety requirements. Technical requirements are those such as "must work" and "must not work" functions in the system. Process-Oriented requirements are software engineering and safety management process requirements. Address the system perspective and some cover just software in the system > NASA-STD-8719.13B Software Safety Standard is the current standard of interest. NASA programs/projects will have their own set of safety requirements derived from the standard. Safety Cases: a) Documented demonstration that a system complies with the specified safety requirements. b) Evidence is gathered on the integrity of the system and put forward as an argued case. [Gardener (ed.)] c) Problems occur when trying to meet safety standards, and thus make retrospective safety cases, in legacy safety-critical computer systems.
Grose, V. L.
System safety is defined and characteristics of the system are outlined. Some of the principle characteristics include role of humans in hazard analysis, clear language for input and output, system interdependence, self containment, and parallel analysis of elements.
The statutory safety functions of the International Atomic Energy(IAEA) include the establishment of and provision for the application of safety standards for protection of health, life and property against ionizing radiation. The safety standards are based on the presumption that a national infrastructure is in place, enabling the Government to discharge its responsibilities for protection and safety. Education and training is an essential element of the infrastructure. the IAEA education and training activities follow the resolutions of its General Conference and reflect the latest IAEA standards and guidance. Several General Conference resolutions have emphasized the importance of education and training (e. g. GC(XXXV)/RES/552 in 1991; GC(XXXVI)/RES/584 in 1992; GC(43)/RES/13 in 1999 and more recently GC(44)/RES/13 in 2000). In response to GC(44)/RES/13, the IAEA prepared a Strategic Approach to Education and Training in Radiation and Waste Safety (Strategy on Education and Training) aiming at establishing, by 2010, sustainable education and training programmes in its Member States. This Strategy was endorsed by the General Conference resolution GC(45)/RES/10C that, inter alia, urged the Secretariat to implement the Strategy on Education and Training, and to continue to strengthen, subject to available resources, its current effort in this area, and in particular to assist Member States national, regional and collaborating centres in conducting such education and training activities in the relevant official languages of the IAEA. A technical meeting was held in Vienna in March 2002 and concluded with an action plan for implementing the strategy up to 2010, the immediate action being the formation of a Steering Committee by the middle of 2002. This Steering Committee has the general remit to advise on the development and implementation of the strategy, as well as monitoring its progress. The first technical meeting of the Steering Committee took place on 25
The basic idea leading the program of safety improvements at Ukrainian NPPs is further development of nuclear power required to ensure at least 40% of country's energy supply. Activities concerning safety improvements of Ukrainian NPPs involved four reactor types: WWER-1000 (V-5) large series, WWER-1000 (V-302, V-338) small series, WWER-400 (V-213) and RBMK (second generation). Most significant safety improvements covered reactor core integrity, reactor components and cooling systems integrity, instrumentation and control system, power supply, internal hazards. Additional measures related to WWER-440 were concerned with feedwater supply, instrumentation and control systems, and containment. Improvements related to Chernobylsk NPP unit 3 involved supervision, control and protection systems; safety assessment and supporting systems; fire safety. The role of quality assurance and training is emphasised when operational safety is concerned. Planned safety upgrading measures are mentioned
The paper discusses inherent failure modes of passive safety systems and their influence on passive system reliability. With 'inherent failures' means a failure of the system to perform its intended function due to physical reasons and/or phenomena. Such phenomena may occur inside the system, or be due to an external cause. Focus will be on passive cooling or heat removal systems that rely on natural circulation or stored pressure energy. The paper discusses the physical mechanisms due to which system malfunctions can arise, gives examples of phenomenological analyses for several model systems that are typical to proposed advanced passive reactors, discusses various external influences that may cause system malfunctions (drawing insights from operational experience of current plants), and concludes with a discussion of the relevance of such phenomena regarding the reliability of passive safety systems. This work shows that the reliability of passive systems can be strongly influenced by external factors, although comprehensive quantification of external disturbance frequencies is not yet available. Passive safety systems use natural circulation and stored pressure energy as power sources. These power sources have small capacities, which cause their sensitiveness to internal and external physical and thermodynamic conditions. The major advantage of passive safety system is their independence of external power sources and human factors. In this paper inherent failures of passive safety systems were discussed. There are two main types of these failures. Those failures are a failure due to unexpected internal change of physical state and a failure due to environment of the system, e.g. foreign material. When dealing with passive safety systems the environment of these systems plays bigger role compared to active systems. Thorough development, verification and review testing of passive systems should be considered including the environment and surrounding systems. This
Hakulinen, T; Valentini, F; Gonzalez, J; Salatko-Petryszcze, C
CERN SSM (Safety System Monitoring)  is a system for monitoring state-of-health of the various access and safety systems of the CERN site and accelerator infrastructure. The emphasis of SSM is on the needs of maintenance and system operation with the aim of providing an independent and reliable verification path of the basic operational parameters of each system. Included are all network-connected devices, such as PLCs, servers, panel displays, operator posts, etc. The basic monitoring engine of SSM is a freely available system-monitoring framework Zabbix , on top of which a simplified traffic-light-type web-interface has been built. The web-interface of SSM is designed to be ultra-light to facilitate access from handheld devices over slow connections. The underlying Zabbix system offers history and notification mechanisms typical of advanced monitoring systems.
CERN SSM (Safety System Monitoring) is a system for monitoring state-of-health of the various access and safety systems of the CERN site and accelerator infrastructure. The emphasis of SSM is on the needs of maintenance and system operation with the aim of providing an independent and reliable verification path of the basic operational parameters of each system. Included are all network-connected devices, such as PLCs (local purpose control unit), servers, panel displays, operator posts, etc. The basic monitoring engine of SSM is a freely available system-monitoring framework Zabbix, on top of which a simplified traffic-light-type web-interface has been built. The web-interface of SSM is designed to be ultra-light to facilitate access from hand-held devices over slow connections. The underlying Zabbix system offers history and notification mechanisms typical of advanced monitoring systems. (authors)
... Services Contact Us Glossary Lightning Safety and Outdoor Sports Activities I t’s a common situation — a thunderstorm ... associated with outdoor recreational activities. Officials responsible for sports outdoor activities need to understand thunderstorms and lightning ...
The paper deals with the classic procedures of safety engineering in the sectors mechanical engineering, electrical and energy engineering, construction and transport, medicine technology and process technology. Particular stress is laid on the safety of automation systems, control technology, protection of mechanical devices, reactor safety, mechanical constructions, transport systems, railway signalling devices, road traffic and protection at work in chemical plans. (DG)
The statutory safety functions of the International Atomic Energy Agency (IAEA) include the establishment of and provision for the application of safety standards for protection of health, life and property against ionizing radiation. The safety standards are based on the presumption that a national infrastructure is in place enabling the Government to discharge its responsibilities for protection and safety. Education and training is an essential element of the infrastructure. The IAEA education and training activities follows the resolutions of its General Conferences and reflects the latest IAEA standards and guidance. Several General Conference resolutions have emphasized the importance of education and training [e.g. GC(XXXV)/RES/552 in 1991; GC(XXXVI)/RES/584 in 1992; GC(43)/RES/13 in 1999 and more recently GC(44)/RES/13 in 2000]. In response to GC(44)/RES/13, the IAEA prepared a 'Strategic Approach to Education and Training in Radiation and Waste Safety' (Strategy on Education and Training) aiming at establishing, by 2010, sustainable education and training programmes in Member States. This Strategy was endorsed by the General Conference resolution GC(45)/RES/10C that, inter alia, urged the Secretariat to implement the Strategy on Education and Training, and to continue to strengthen, subject to available resources, its current effort in this area, and in particular to assist Member States' national, regional and collaborating centres in conducting such education and training activities in the relevant official languages of the IAEA. A technical meeting was organized in Vienna in March 2002 to advise on the implementation of the strategy. The meeting concluded with an action plan for implementing the strategy up to 2010, the immediate action being the formation of a Steering Committee by the middle of 2002. This Steering Committee would have the general remit to advise on the development and implementation of the strategy, as well as monitoring its progress
The safety phylosophy in designs and operation of nuclear power plants and, the steps for evaluating the safety and quality assurance, in the licensing procedure are described. The CNEN organization structure and the licensing procedure for nuclear power plants in Brazil are presented. (M.C.K.)
Lee, Duk Su; Chang, Woo Hyun; Lee, Nam Young [Korea Atomic Energy Research Institute, Daeduk (Korea, Republic of); Wright, A.C.D. [Atomic Energy of Canada Ltd., Toronto (Canada)
In general, two types of safety related systems and structures exist in the nuclear plant; The one is a systems and structures which perform safety functions during the normal operation of the plant, and the other is a systems and structures which perform safety functions to mitigate events caused by failure of the normally operating systems or by naturally occurring phenomena. In this safety design guide, these systems are identified in detail, and the major events for which the safety functions are required and the major safety requirements are identified in the list. As the probabilistic safety assessments are completed during the course of the project, additions or deletions to the list may be justified. 3 tabs. (Author) .new.
Large particle physics installations such as the CERN Large Hadron Collider require specific Personnel Safety Systems (PSS) to protect the personnel against the radiological and industrial hazards. In order to fulfill the French regulation in matter of nuclear installations, the principles of IEC 61508 and IEC 61513 standard are used as a methodology framework to evaluate the criticality of the installation, to design and to implement the PSS.The LHC PSS deals with the implementation of all physical barriers, access controls and interlock devices around the 27 km of underground tunnel, service zones and experimental caverns of the LHC. The system shall guarantee the absence of personnel in the LHC controlled areas during the machine operations and, on the other hand, ensure the automatic accelerator shutdown in case of any safety condition violation, such as an intrusion during beam circulation. The LHC PSS has been conceived as two separate and independent systems: the LHC Access Control System (LACS) and the LHC Access Safety System (LASS). The LACS, using off the shelf technologies, realizes all physical barriers and regulates all accesses to the underground areas by identifying users and checking their authorizations.The LASS has been designed according to the principles of the IEC 61508 and 61513 standards, starting from a risk analysis conducted on the LHC facility equipped with a standard access control system. It consists in a set of safety functions realized by a dedicated fail-safe and redundant hardware guaranteed to be of SIL3 class. The integration of various technologies combining electronics, sensors, video and operational procedures adopted to establish an efficient personnel safety system for the CERN LHC accelerator is presented in this paper. (authors)
Johnston, W. L.; Morris, R. S.
An educational program, designed to train students with the specific skills needed to become safety specialists, is described. The discussion concentrates on application, selection, and utilization of various system safety analytical approaches. Emphasis is also placed on the management of a system safety program, its relationship with other disciplines, and new developments and applications of system safety techniques.
During the course of the ATMX System Safety Assessment (SSA) activity, it was determined that the ATMX structural integrity would be severely impaired technically unacceptable, a major redirection of the SSA effort involving structural modifications was outlined. The redirected effort culminated into four modifications three of which are structural in nature and the fourth is thermal modification. The first structural modification involves strengthening the ATMX hatch covers with 60 tension bolts and stiffening the same with tubular cross bracings. The second modification involves attaching a 3/16 inch plate to bulkhead at the end to prevent intrusion of triangular end frame into cargo compartment. The third modification involves welding the inner side plate to the cast steel underframe. The fourth and the final modification involves thermal insulation of ATMX. The thermal analysis of ATMX indicates that without any insulation, the shell, fiberboard, dunnage bags, and waste boxes and drums will reach temperatures well above the decomposition temperatures of fiberboard and waste products. We have reviewed the QA/QC and fracture testing plans submitted by RFP Rocky Flats Plant and generally agree with their plans. We have noted few exceptions in the QA/QC plans; we have also suggested an alternate fracture testing plan. 10 figs., 3 tabs
Mathe, Laszlo; Sera, Dezso; Spataru, Sergiu;
An important and highly discussed safety issue for photovoltaic (PV) systems is that as long as the PV panels are illuminated, a high voltage is present at the PV string terminals and cables between the string and inverters that is independent of the state of the inverter's dc disconnection switc....... The presence of these energized conductors on the dc side of the PV system can pose a danger to anyone performing maintenance or firefighting....
The IAEA education and training activities follow the resolutions of its General Conferences and reflect the latest IAEA standards and guidance. Several General Conference Resolutions have emphasized the importance of education and training. In response to General Conference Resolution GC(44)/RES/13, the IAEA prepared a Strategic Approach to Education and Training in Radiation and Waste Safety (Strategy on Education and Training) aiming at establishing, by 2010, sustainable education and training programmes in Member States. This strategy was endorsed by General Conference Resolution GC(45)/RES/10C that, inter alia, urged the Secretariat to implement the Strategy on Education and Training, and to continue to strengthen, subject to available resources, its current effort in this area, and in particular to assist Member States' national, regional and collaborating centres in conducting such education and training activities in the relevant official languages of the IAEA. A technical meeting was organized in Vienna in March 2002 to advise on the implementation of the strategy. The meeting concluded with an action plan for implementing the strategy up to 2010, the immediate action being the formation of a steering committee by the middle of 2002. The steering committee would have the general remit to advise on the development and implementation of the strategy, as well as monitoring its progress. In the 2002 General Conference, the IAEA was urged to continue to implement the strategy, including the convening of the steering committee. The first Steering Committee Meeting took place 25-29 November 2002. The paper presents the IAEA's past experience and the newly established Strategic Approach to Education and Training in Radiation and Waste Safety. (author)
Bull, James B.; Lanzi, Raymond J.
The Autonomous Flight Safety System (AFSS) being developed by NASA s Goddard Space Flight Center s Wallops Flight Facility and Kennedy Space Center has completed two successful developmental flights and is preparing for a third. AFSS has been demonstrated to be a viable architecture for implementation of a completely vehicle based system capable of protecting life and property in event of an errant vehicle by terminating the flight or initiating other actions. It is capable of replacing current human-in-the-loop systems or acting in parallel with them. AFSS is configured prior to flight in accordance with a specific rule set agreed upon by the range safety authority and the user to protect the public and assure mission success. This paper discusses the motivation for the project, describes the method of development, and presents an overview of the evolving architecture and the current status.
Mankind utilizes energy in many forms and from a variety of sources. Canada is one of a growing number of countries which have chosen to embrace nuclear-electric generation as a component of their energy systems. As of August 1992 there were 433 power reactors operating in 35 countries and accounting for more than 15% of the world's production of electricity. In 1992, thirteen countries derived at least 25% of their electricity from nuclear units, with France leading at nearly 70%. In the same year, Canada produced about 16% of its electricity from nuclear units. Some 68 power reactors are under construction in 16 countries, enough to expand present generating capacity by close to 20%. No human endeavour carries the guarantee of perfect safety and the question of whether or not nuclear-electric generation represents an 'acceptable' risk to society has long been vigorously debated. Until the events of late April 1986, nuclear safety had indeed been an issue for discussion, for some concern, but not for alarm. The accident at the Chernobyl reactor in the USSR has irrevocably changed all that. This disaster brought the matter of nuclear safety back into the public mind in a dramatic fashion. This paper discusses the issue of safety in complex energy systems and provides brief accounts of some of the most serious reactor accidents which have occurred to date. (author). 7 refs
Recently, rapid progress on the globalization of the nuclear safety issues is being made in IAEA (International Atomic Energy Agency) and its member states. With the globalization, the need for international cooperation among international bodies and member states continues to grow for resolving these universal nuclear safety issues. Furthermore, the importance of strengthening the global nuclear safety regime is emphasized through various means, such as efforts in application of IAEA safety standards to all nuclear installations in the world and in strengthening the code of conduct and the convention on nuclear safety. In this regards, it is important for us to keep up with the activities related with the global nuclear safety regime as an IAEA member state and a leading country in nuclear safety regulation
This report describes design principles that were used to establish the radiation safety systems at the National Synchrotron Light Source. The author described existing safety systems and the history of partial system failures. 1 fig
This publication describes the generally applicable requirements to be fulfilled in safety assessments for facilities and activities, with special attention paid to defence in depth, quantitative analyses and the application of a graded approach to the ranges of facilities and of activities that are addressed. The requirements provide a consistent and coherent basis for safety assessments, facilitating the transfer of good practices between organizations. A review of Safety Requirements publications was commenced in 2011 following the accident in the Fukushima Daiichi nuclear power plant in Japan. The review revealed no significant areas of weakness and resulted in just a small set of amendments to strengthen the requirements and facilitate their implementation, which are contained in the present publication
Helfried Burckhart; Kathy Pommes; Heidi Sandaker
The ATLAS Detector Safety System (DSS) has the mandate to put the detector in a safe state in case an abnormal situation arises which could be potentially dangerous for the detector. It covers the CERN alarm severity levels 1 and 2, which address serious risks for the equipment. The highest level 3, which also includes danger for persons, is the responsibility of the CERN-wide system CSAM, which always triggers an intervention by the CERN fire brigade. DSS works independently from and hence complements the Detector Control System, which is the tool to operate the experiment. The DSS is organized in a Front- End (FE), which fulfills autonomously the safety functions and a Back-End (BE) for interaction and configuration. The overall layout is shown in the picture below. ATLAS DSS configuration The FE implementation is based on a redundant Programmable Logical Crate (PLC) system which is used also in industry for such safety applications. Each of the two PLCs alone, one located underground and one at the s...
Grauer, Yoav; Sonn, Ezri
The paper presents the Active Gated Imaging System (AGIS), in relation to the automotive field. AGIS is based on a fast gated-camera equipped with a unique Gated-CMOS sensor, and a pulsed Illuminator, synchronized in the time domain to record images of a certain range of interest which are then processed by computer vision real-time algorithms. In recent years we have learned the system parameters which are most beneficial to night-time driving in terms of; field of view, illumination profile, resolution and processing power. AGIS provides also day-time imaging with additional capabilities, which enhances computer vision safety applications. AGIS provides an excellent candidate for camera-based Advanced Driver Assistance Systems (ADAS) and the path for autonomous driving, in the future, based on its outstanding low/high light-level, harsh weather conditions capabilities and 3D potential growth capabilities.
Small digital computers are playing an expanding role in the safety systems of CANDU nuclear generating stations, both as active components in the trip logic, and as monitoring and testing systems. The paper describes three recent applications: (i) A programmable controller was retro-fitted to Bruce ''A'' Nuclear Generating Station to handle trip setpoint modification as a function of booster rod insertion. (ii) A centralized monitoring computer to monitor both shutdown systems and the Emergency Coolant Injection system, is currently being retro-fitted to Bruce ''A''. (iii) The implementation of process trips on the CANDU 600 design using microcomputers. While not truly a retrofit, this feature was added very late in the design cycle to increase the margin against spurious trips, and has now seen about 4 unit-years of service at three separate sites. Committed future applications of computers in special safety systems are also described. (author)
Timothy J. Leahy
The Generation IV International Forum (GIF) Risk and Safety Working Group (RSWG) was created to develop an effective approach for the safety of Generation IV advanced nuclear energy systems. Early work of the RSWG focused on defining a safety philosophy founded on lessons learned from current and prior generations of nuclear technologies, and on identifying technology characteristics that may help achieve Generation IV safety goals. More recent RSWG work has focused on the definition of an integrated safety assessment methodology for evaluating the safety of Generation IV systems. The methodology, tentatively called ISAM, is an integrated “toolkit” consisting of analytical techniques that are available and matched to appropriate stages of Generation IV system concept development. The integrated methodology is intended to yield safety-related insights that help actively drive the evolving design throughout the technology development cycle, potentially resulting in enhanced safety, reduced costs, and shortened development time.
The safety system of the present invention can shut down a BWR type reactor safely without operator's aid even upon occurrence of an abnormal state. Namely, a pressure/temperature measuring and controlling device is disposed to a dry well in the safety system of a reactor container incorporating a pressure vessel, a space between a dry wall and a wet well and a pressure suppression chamber. Operation signals sent from pipelines of an emergency reactor core cooling system delivered from the pressure vessel are inputted to the pressure/temperature measuring and controlling device. Output signals of the pressure/temperature measuring and controlling device are inputted to a spray device. With such procedures, when actuation of dry well spray is required upon loss of coolants accident, necessity for the actuation of the spray can be judged based on the pressure, temperature in the dry well, reactor water level and a state of operation and duration of abnormal state of other ECCS system using the pressure/temperature measuring and controlling device disposed in the dry well. If actuation of spray is required, the dry wall spray is automatically actuated to reduce pressure and temperature in the container. (I.S.)
The ILO has been active in the area of safety in the use of chemicals at work since the year of its creation in 1919, including the development of international treaties and other technical instruments, the provision of technical assistance to its member States, and the development of chemical safety information systems. The two key ILO standards in this area are the Conventions on safety in the use of chemicals at work (No. 170, 1990), and the Prevention of Major Industrial Accidents (No. 174, 1993). The ILO Programme on occupational safety, health and environment (Safe Work) is currently responsible for ILO chemical safety activities. In the past two decades, most of ILO work in this area has been carried out within the context of inter-agency collaboration frameworks linking the ILO, WHO, UNEP, FAO, UNIDO, UNITAR, and the OECD, including the International Programme on Chemical Safety (IPCS), the Inter-Organisation Programme for the Sound Management of Chemicals (IOMC), and the Intergovernmental Forum on Chemical Safety (IFCS). Apart from the regular development, updating and dissemination of chemical safety information data bases such as the IPCS International Chemical Cards, the elaboration of a Globally harmonized system for the classification and labelling of Chemicals (GHS) has been the most outstanding achievement of this international collaboration on chemical safety. PMID:12909402
Highlights: • The basic information of a Chinese SCWR concept CSR1000 is introduced. • An innovative passive safety system is proposed for CSR1000. • 6 Transients and 3 accidents are analysed with system code SCTRAN. • The passive safety systems greatly mitigate the consequences of these incidents. • The inherent safety of CSR1000 is enhanced. - Abstract: This paper describes the preliminary safety analysis of the Chinese Supercritical water cooled Reactor (CSR1000), which is proposed by Nuclear Power Institute of China (NPIC). The two-pass core design applied to CSR1000 decreases the fuel cladding temperature and flattens the power distribution of the core at normal operation condition. Each fuel assembly is made up of four sub-assemblies with downward-flow water rods, which is favorable to the core cooling during abnormal conditions due to the large water inventory of the water rods. Additionally, a passive safety system is proposed for CSR1000 to increase the safety reliability at abnormal conditions. In this paper, accidents of “pump seizure”, “loss of coolant flow accidents (LOFA)”, “core depressurization”, as well as some typical transients are analysed with code SCTRAN, which is a one-dimensional safety analysis code for SCWRs. The results indicate that the maximum cladding surface temperatures (MCST), which is the most important safety criterion, of the both passes in the mentioned incidents are all below the safety criterion by a large margin. The sensitivity analyses of the delay time of RCPs trip in “loss of offsite power” and the delay time of RMT actuation in “loss of coolant flowrate” were also included in this paper. The analyses have shown that the core design of CSR1000 is feasible and the proposed passive safety system is capable of mitigating the consequences of the selected abnormalities
Scientific Opinion on the safety assessment of the active substances, sodium erythorbate, sodium carbonate, sodium bicarbonate, iron sulphate, activated carbon, cellulose, calcium hydroxide, calcium chloride and water, for use as active system in food contact materials
EFSA Panel on Food Contact Materials, Enzymes, Flavourings and Processing Aids (CEF
Full Text Available This scientific opinion of EFSA Panel on Food Contact Materials, Enzymes, Flavourings and Processing Aids deals with the safety assessment of the active substances sodium erythorbate, sodium carbonate, sodium bicarbonate, iron sulfate, activated carbon, cellulose, calcium hydroxide, calcium chloride and water, used in mixture which is packed into sachets for absorbing oxygen/carbon dioxide emitting from/into the headspace surrounding packed food. All substances of this formulation have been evaluated and approved for use as additives in plastic food contact materials or as food additives. No migration of calcium, iron and sodium ions was detected. No volatile organic compounds other than carbon dioxide were detected at the limit of detection of 0.5 μg/l. The CEF Panel concluded that the use of the substances sodium erythorbate, sodium carbonate, sodium bicarbonate, iron sulfate, activated carbon, cellulose, calcium hydroxide, calcium chloride and water does not raise a safety concern when used in oxygen absorber/carbon dioxide emitter systems, in sachets that prevent the physical release of their contents into the food. The sachets are to be placed in the headspace of the packaging and as such may come into occasional contact with the food, e.g. during handling. The sachet should not come into direct contact with liquid foods or foods that have and external aqueous liquid phase on the surface (liquid or exudates.
IAEA activities in the field of research reactor safety are included in the programme of the Division of Nuclear Installations Safety. Following the objectives of the Division, the results of the IAEA missions and the recommendations from International Advisory Groups, the IAEA has conducted in recent years a certain number of activities aiming to enhance the safety of research reactors. The following activities will be presented: (a) the new Requirements for the Safety of Research Reactors, main features and differences with previous standards (SS-35-S1 and SS-35-S2) and the grading approach for implementation; (b) new documents being developed (safety guides, safety reports and TECDOC's); (c) activities related to the Incident Reporting System for Research Reactor (IRSRR); (d) the new features implemented for the INSARR missions; (e) the Code of Conduct on the Safety of Research Reactors adopted by the Board of Governors on 8 March 2004, following the General Conference Resolution GC(45)/RES/10; and (f) the survey on the safety of research reactors published on the IAEA website on February 2003 and the results obtained. (author)
The Maintenance Indicator was applied to evaluate the safety of nuclear power plants. A method was proposed to evaluate the reliability for 'a function' required for the system safety from the viewpoint of maintenance. (author)
The activities of Radiation Safety Systems Division include (i) development of specialised monitoring systems and radiation safety information network, (ii) radiation hazards control at the nuclear fuel cycle facilities, the radioisotope programmes at Bhabha Atomic Research Centre (BARC) and for the accelerators programme at BARC and Centre for Advanced Technology (CAT), Indore. The systems on which development and upgradation work was carried out during the year included aerial gamma spectrometer, automated environment monitor using railway network, radioisotope package monitor and air monitors for tritium and alpha active aerosols. Other R and D efforts at the division included assessment of risk for radiation exposures and evaluation of ICRP 60 recommendations in the Indian context, shielding evaluation and dosimetry for the new upcoming accelerator facilities and solid state nuclear track detector techniques for neutron measurements. The expertise of the divisional members was provided for 36 safety committees of BARC and Atomic Energy Regulatory Board (AERB). Twenty three publications were brought out during the year 1996. (author)
Liu Wei-jun; Wei Yi-min; Han Jun; Luo Dan; Pan Jia-rong
Most countries have expended much effort to develop food safety control systems to ensure safe food supplies within their borders. China, as one of the world's largest food producers and consumers,pays a lot of attention to food safety issues. In recent years, China has taken actions and implemented a series of plans in respect to food safety. Food safety control systems including regulatory, supervisory,and science and technology systems, have begun to be established in China. Using, as a base, an analysis of the current Chinese food safety control system as measured against international standards, this paper discusses the need for China to standardize its food safety control system. We then suggest some policies and measures to improve the Chinese food safety control system.
Mekki-Mokhtar, Amina; Blanquart, Jean-Paul; Guiochet, Jérémie; Powell, David; Roy, Matthieu
International audience A systematic process for eliciting safety trigger conditions is presented. Starting from a risk analysis of the monitored system, critical transitions to catastrophic system states are identified and handled in order to specify safety margins on them. The conditions for existence of such safety margins are given and an alternative solution is proposed if no safety margin can be defined. The proposed process is illustrated on a robotic rollator.
Advancement on safety management system is investigated to improve safety and non-anxiety of society for nuclear power, from the standpoint of human machine system research. First, the recent progress of R and D works of human machine interface technologies since 1980 s are reviewed and then the necessity of introducing a new approach to promote technical risk communication activity to foster safety culture in nuclear industries. Finally, a new concept of Offsite Operation and Maintenance Support Center (OMSC) is proposed as the core facility to assemble human resources and their expertise in all organizations of nuclear power, for enhancing safety and non-anxiety of society for nuclear power. (author)
The objective of this paper is to present the Bechtel Jacobs Company, LLC (BJC) Lessons Learned for system design as it relates to safety basis documentation. BJC has had to reconcile incomplete or outdated system description information with current facility safety basis for a number of situations in recent months. This paper has relevance in multiple topical areas including documented safety analysis, decontamination and decommissioning (D and D), safety basis (SB) implementation, safety and design integration, potential inadequacy of the safety analysis (PISA), technical safety requirements (TSR), and unreviewed safety questions. BJC learned that nuclear safety compliance relies on adequate and well documented system design information. A number of PIS As and TSR violations occurred due to inadequate or erroneous system design information. As a corrective action, BJC assessed the occurrences caused by systems design-safety basis interface problems. Safety systems reviewed included the Molten Salt Reactor Experiment (MSRE) Fluorination System, K-1065 fire alarm system, and the K-25 Radiation Criticality Accident Alarm System. The conclusion was that an inadequate knowledge of system design could result in continuous non-compliance issues relating to nuclear safety. This was especially true with older facilities that lacked current as-built drawings coupled with the loss of 'historical knowledge' as personnel retired or moved on in their careers. Walkdown of systems and the updating of drawings are imperative for nuclear safety compliance. System design integration with safety basis has relevance in the Department of Energy (DOE) complex. This paper presents the BJC Lessons Learned in this area. It will be of benefit to DOE contractors that manage and operate an aging population of nuclear facilities
Even though the conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it. In the Korea, UCN 5 and 6 units are being constructed and Korean Next Generation Reactor is being designed using the digital instrumentation and control equipment for the safety related functions. Korean regulatory body requires probabilistic safety assessment. This paper analyzes the difficulties on the assessment of digital systems and suggests an intermediate framework for evaluating their safety using fault tree models. The framework deals with several important characteristics of digital systems including software modules and fault-tolerant features. We expect that the analysis result will provide valuable design feedback. (authors)
Taeyong, Sung; Hyun Gook, Kang [Korea Atomic Energy Research Inst., Integrated Safety Assessment Team, Taejon (Korea, Republic of)
Even though the conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it. In the Korea, UCN 5 and 6 units are being constructed and Korean Next Generation Reactor is being designed using the digital instrumentation and control equipment for the safety related functions. Korean regulatory body requires probabilistic safety assessment. This paper analyzes the difficulties on the assessment of digital systems and suggests an intermediate framework for evaluating their safety using fault tree models. The framework deals with several important characteristics of digital systems including software modules and fault-tolerant features. We expect that the analysis result will provide valuable design feedback. (authors)
The transmutation of nuclear waste to reduce the burden on a geological repository is a relevant topic within the Program of Nuclear Safety Research of the Research Centre Karlsruhe. Several studies have confirmed that a high efficiency of transmutation of actinides is reached in fast neutron spectrum reactor system. Therefore, an important effort is dedicated to the study of transmutation strategies with different fast reactors and their associated technologies. Moreover, in international contexts as Generation IV International Forum (GIF) and Sustainable Nuclear Energy Technology Platform (SNETP), fast reactors are considered in the frame of sustainable development of nuclear energy and reduction of waste. The systems that are currently under investigation, in the frame of the different fuel cycle scenarios, are liquid metal cooled and gas cooled fast reactors as well as Accelerator Driven Sub-critical Transmutation devices (ADS). These innovative reactor systems, call for structural and clad materials, which are able to perform in a safe manner under the envisaged operational and postulated transient conditions. In this context the European Commission supports the FP7 project GETMAT, with the objective to contribute to the development and selection of reference structure materials for core components and primary systems of fast neutron reactors. Several institutes of the Research Centre Karlsruhe are involved in this project with activities in the area of 9Cr ODS steel development and mechanical characterisation; optimisation and ranking of weld and joining techniques as Electron Beam, TIG and Diffusion Bonding; assessment of materials behaviour in corrosive environment and in neutron and neutron/proton irradiation field; and development of corrosion protection barriers for cladding and primary system components and their characterisation. The objective of this contribution is to describe the context in which the GETMAT activities are embedded in the Program
Nuclear fuel cycle facilities, like much of the nuclear industry, are increasingly relying on digital instrumentation and control (DI and C) systems such as programmable logic controllers (PLCs) to maintain system variables for both production and safety purposes. Fuel cycle manufacturing processes are increasingly automated and relying on active engineered controls. Compliance with the double contingency principle requires that DI and C trains credited for criticality safety are independent. The additional requirements imposed as part of performing an Integrated Safety Analysis (ISA) in accordance with Title 10 of the Code of Federal Regulations (10 CFR) Part 70, Subpart H, mean that such DI and C systems must meet more stringent requirements than would otherwise be required to meet industry standards. This paper discusses the current status of the U.S. Nuclear Regulatory Commission's (NRC's) Digital I and C Working Group, and the requirements that would be imposed on such systems are a result of having to comply with the double contingency principle and the performance requirements of 10 CFR 70.61. Existing applicable NRC Interim Staff Guidance is summarized, and several case studies from ISA technical reviews are presented. (authors)
Safety design requirements for JSFR were summarized taking the development targets of FaCT project and design feature of JSFR into account. The related safety principle and requirements for Monju, CRBRP, PRISM, SPX, LWRs, IAEA standards, goals of GIF and basic principle of INPRO etc. were also taken into account so that the safety design requirements can be a next-generation global-standard. The development targets for safety and reliability are set based on that of FaCT. Namely, ensuring safety and reliability equal to future LWR and related fuel cycle facilities. In order to achieve these targets, the defence-in-depth philosophy is used as the basic safety design principle. General features of the safety design requirements are 1) Achievement of higher reliability, 2) Achievement of higher inspectability and maintainability, 3) Introduction of passive safety features, 4) Reduction of operator action needs, 5) Design consideration against Beyond Design Basis Events, 6) In Vessel Retention of degraded core materials, 7) Prevention and mitigation against sodium chemical reactions, 8) Design against external events. Current specific requirements for the each system and component are summarized taking the basic design concept of JSFR into account, which is an advanced loop type large output power plant with mixed oxide fuelled core. (author)
... 30 Mineral Resources 2 2010-07-01 2010-07-01 false When must I follow my Safety Management System..., COPs and GAPs Safety Management Systems § 285.811 When must I follow my Safety Management System? Your Safety Management System must be fully functional when you begin activities described in your...
Schoenherr, Edward; Theisen, Bernard L.; Animashaun, Asisat; Davis, James, Jr.; Day, Christopher
The operational ability to project and sustain forces in distant, anti-access and area denial environments poses new challenges for combatant commanders. One of the new challenges is the ability to conduct sustainment operations at operationally feasible times and places on the battlefield. Combatant commanders require a sustainment system that is agile, versatile, and survivable throughout the range of military operations and across the spectrum of conflict. A key component of conducting responsive, operationally feasible sustainment operations is the ability to conduct sustainment convoys. Sustainment convoys are critical to providing combatant commanders the right support, at the right time and place, and in the right quantities, across the full range of military operations. The ability to conduct sustainment convoys in a variety of hostile environments require force protection measures that address the enemy threat and protect the Soldier. One cost effective, technically feasible method of increasing the force protection for sustainment convoys is the use of robotic follower technology and autonomous navigation. The Convoy Active Safety Technologies (CAST) system is a driver assist, convoy autopilot technology aimed to address these issues. Warfigher Experiment I, held at A.P. Hill, VA in the fall of 2007, tested the utility of this vehicle following technology not only in measures of system integrity and performance vs. manual driving, but also the physiological effects on the operators themselves. This paper will detail the Warfigher Experiment's methodology, analysis, results and conclusions.
A Technical Committee Meeting was held in Vienna, Austria, from 26-30 January 1987. The objectives of the meeting were: to review the national developments of PSC at the level of safety functions/systems including future trends; to analyse basic principles, assumptions, and objectives; to compare numerical values and the rationale for choosing them; to compile the experience with use of such PSC; to analyse the role of uncertainties in particular regarding procedures for showing compliance. The general objective of establishing PSC at the level of safety functions/systems is to provide a pragmatic tool to evaluate plant safety which is placing emphasis on the prevention principle. Such criteria could thus lead to a better understanding of the importance to safety of the various functions which have to be performed to ensure the safety of the plant, and the engineering means of performing these functions. They would reflect the state-of-the-art in modern PSAs and could contribute to a balance in system design. This report, prepared by the participants of the meeting, reviews the current status and future trends in the field and should assist Member States in developing their national approaches. The draft of this document was also submitted to INSAG to be considered in its work to prepare a document on safety principles for nuclear power plants. Five papers presented at the meeting are also included in this publication. A separate abstract was prepared for each of these papers. Refs, figs and tabs
The unique requirements and contraints of space nuclear systems require careful consideration in the development of a safety policy. The Nuclear Safety Policy Working Group (NSPWG) for the Space Exploration Initiative has proposed a hierarchical approach with safety policy at the top of the hierarchy. This policy allows safety requirements to be tailored to specific applications while still providing reassurance to regulators and the general public that the necessary measures have been taken to assure safe application of space nuclear systems. The safety policy used by the NSPWG is recommended for all space nuclear programs and missions
ION CRIVEANU; NATALIŢA MARIA SPERDEA; RADU CATALIN CRIVEANU
In order to increase the confidence of the trading partners and consumers in the products which are sold on the market, enterprises producing food are required to implement the food safety system HACCP,a particularly useful system because the manufacturer is not able to fully control finished products . SR EN ISO 22000:2005 establishes requirements for a food safety management system where an organization in the food chain needs to proove its ability to control food safety hazards in order to...
Zhang, Lijun; She, Zhikun; Ratschan, Stefan;
The interplay of random phenomena and continuous real-time control deserves increased attention for instance in wireless sensing and control applications. Safety verification for such systems thus needs to consider probabilistic variations of systems with hybrid dynamics. In safety verification of...... hybrid systems and develop a general abstraction technique for verifying probabilistic safety problems. This gives rise to the first mechanisable technique that can, in practice, formally verify safety properties of non-trivial continuous-time stochastic hybrid systems-without resorting to point...... number of case studies, tackled using a prototypical implementation....
Malin, Jane T.; Fleming, Land; Throop, David; Thronesbery, Carroll; Flores, Joshua; Bennett, Ted; Wennberg, Paul
This presentation describes work to integrate a set of tools to support early model-based analysis of failures and hazards due to system-software interactions. The tools perform and assist analysts in the following tasks: 1) extract model parts from text for architecture and safety/hazard models; 2) combine the parts with library information to develop the models for visualization and analysis; 3) perform graph analysis and simulation to identify and evaluate possible paths from hazard sources to vulnerable entities and functions, in nominal and anomalous system-software configurations and scenarios; and 4) identify resulting candidate scenarios for software integration testing. There has been significant technical progress in model extraction from Orion program text sources, architecture model derivation (components and connections) and documentation of extraction sources. Models have been derived from Internal Interface Requirements Documents (IIRDs) and FMEA documents. Linguistic text processing is used to extract model parts and relationships, and the Aerospace Ontology also aids automated model development from the extracted information. Visualizations of these models assist analysts in requirements overview and in checking consistency and completeness.
Report of safety of the system of radioactive waste of the ININ: Installation, participant personnel, selection of the place, description of the installation, equipment. Proposed activities: operations with radioactive material, calibration in energy, calibration in efficiency, types of waste. Maintenance: handling of radioactive waste, physical safety. Organization: radiological protection, armor-plating, personal dosemeter, risks and emergency plan, environmental impact, medical exams. (Author)
Michael Berlemann; Andreas Matthes
Although traffic safety belongs to the quite intensively regulated sectors, there has been little discussion about the adequacy of the arguments underlying these regulations. We argue that passive and active car safety systems might cause positive externalities for other traffic participants and present empirical evidence in favour of this hypothesis.
This paper describes the software qualification activities for the safety-critical software of the digital reactor safety system in nuclear power plants. The main activities of the software qualification processes are the preparation of software planning documentations, verification and validation (V and V) of the software requirements specifications (SRS), software design specifications (SDS) and codes, and the testing of the integrated software and integrated system. Moreover, the software safety analysis and software configuration management are involved in the software qualification processes. The V and V procedure for SRS and SDS contains a technical evaluation, licensing suitability evaluation, inspection and traceability analysis, formal verification, software safety analysis, and an evaluation of the software configuration management. The V and V processes for the code are a traceability analysis, source code inspection, test case and test procedure generation. Testing is the major V and V activity of the software integration and system integration phases. The software safety analysis employs a hazard operability method and software fault tree analysis. The software configuration management in each software life cycle is performed by the use of a nuclear software configuration management tool. Through these activities, we can achieve the functionality, performance, reliability, and safety that are the major V and V objectives of the safety-critical software in nuclear power plants. (author)
Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Smith, Curtis; Stamatelatos, Michael; Youngblood, Robert
unrtainties represents a method of probabilistic thinking wherein the analyst and decision makers recognize possible outcomes other than the outcome perceived to be "most likely." Without this type of analysis, it is not possible to determine the worth of an analysis product as a basis for making decisions related to safety and mission success. In line with these considerations the handbook does not take a hazard-analysis-centric approach to system safety. Hazard analysis remains a useful tool to facilitate brainstorming but does not substitute for a more holistic approach geared to a comprehensive identification and understanding of individual risk issues and their contributions to aggregate safety risks. The handbook strives to emphasize the importance of identifying the most critical scenarios that contribute to the risk of not meeting the agreed-upon safety objectives and requirements using all appropriate tools (including but not limited to hazard analysis). Thereafter, emphasis shifts to identifying the risk drivers that cause these scenarios to be critical and ensuring that there are controls directed toward preventing or mitigating the risk drivers. To address these and other areas, the handbook advocates a proactive, analytic-deliberative, risk-informed approach to system safety, enabling the integration of system safety activities with systems engineering and risk management processes. It emphasizes how one can systematically provide the necessary evidence to substantiate the claim that a system is safe to within an acceptable risk tolerance, and that safety has been achieved in a cost-effective manner. The methodology discussed in this handbook is part of a systems engineering process and is intended to be integral to the system safety practices being conducted by the NASA safety and mission assurance and systems engineering organizations. The handbook posits that to conclude that a system is adequately safe, it is necessary to consider a set of safety claims that
The systemic origins of many accidents have led to heightened interest in the way in which organisations identify and manage risks within the airline industry. The activities which are thought to represent the term "organisational accident", "safety culture" and "proactive approach" are documented and seek to explain the fact that airlines differ in their willingness and ability to conduct safety management. However, an important but yet relatively undefined task in the airline...
Accident statistics indicate that every year a significant number of casualties and extensive property losses occur due to traffic accidents. Consequently, efforts are directed towards developing passive and active safety systems that help reduce the severity of crashes, or prevent vehicles from colliding with one another. To develop these systems, technologies such as sensor systems, computer vision and vehicular communication have been proposed. Safety vehicular communication is defined as ...
In a complex industrial environment, ergonomics must be combined with management science and systems analysis to produce a program which can create effective change and improve safety performance. We give an overview of such an approach, namely System Safety, so that its ergonomic content may be seen
..., and 145 RIN 2120-AJ15 Safety Management System; Withdrawal AGENCY: Federal Aviation Administration... (``product/ service providers'') to develop a Safety Management System (SMS). The FAA is withdrawing the... proposed rulemaking (ANPRM) published on July 23, 2009 (74 FR 36414) is withdrawn as of March 17, 2011....
A working group was set up to define the LHC safety alarm system, also known as Alarm-of-Level-3-System (AL3S). The mandate asked for recommendations to be elaborated on four items: the overall concept of the AL3S for machine and experiments, the transmission and display of safety alarms, the AL3S during civil engineering construction, and the transition from the present LEP to the final LHC safety alarm system. The members of the working group represented a wide range of interest and experience including the CERN Fire Brigade, safety officers from experiments and machines, and specialists for safety and control systems. The recommendations highlight the need for a clear definition of responsibilities and procedures, well-engineered homogeneous systems across CERN, and they point to several important issues outside the mandate of the working group. These recommendations were presented, discussed and accepted by several CERN and LHC committees.
Computer systems have become an important element of the world economy, with billions of dollars spent each year on development, manufacture, operation, and maintenance. Combining coverage of computer system reliability, safety, usability, and other related topics into a single volume, Computer System Reliability: Safety and Usability eliminates the need to consult many different and diverse sources in the hunt for the information required to design better computer systems.After presenting introductory aspects of computer system reliability such as safety, usability-related facts and figures,
As several decades have passed since the construction of nuclear power plants began, residents have become gradually less interested in nuclear safety. The Tokai criticality accident in 1909, however, had roused residents in Tokai-Mura to realize that they live with nuclear technology risks. To prepare a field of risk communication, the Tokai-Mura C3 project began as a pilot research project supported by NISA. Alter the project ended, we are continuing risk. communication activities as a non-profit organisation. The most important activity of C3 project is the citizen's inspection programme for nuclear related facilities. This programme was decided by participants who voluntarily applied to the project. The concept of the citizen's inspection programme is 'not the usual facility tours'. Participants are involved from the planning stage and continue to communicate with workers of the inspected nuclear facility. Since 2003, we have conducted six programmes for five nuclear related organisations. Participants evaluated that radiation protection measures were near good but there were some problems concerning the worker's safety and safety culture, and proposed a mixture of advice based on personal experience. Some advice was accepted and it did improve the facility's safety measures. Other suggestions were not agreed upon by nuclear organisations. The reason lies in the difference of concept between the nuclear expert's 'safety' and the citizen's 'safety'. Residents do not worry about radiation only, but also about the facility's safety as a whole including the worker's safety. They say, 'If the workers are not safe, you also are unable to protect us'. Although the disagreement remained, the participants and the nuclear industry learned much about each other. Participating citizens received a substantial amount of knowledge about the nuclear industry and its safety measures, and feel the credibility and openness of the nuclear industry. On the other hand, the nuclear
As a part of the conceptual design for Japan sodium-cooled fast reactor (JSFR), safety design requirements of JSFR is now being established in collaboration with JAEA, JAPC and MFBR. The basic safety approach is based on the development targets of a fast reactor cycle technology development (FaCT) project, i.e., the deterministic design approach based on the defense-in-depth philosophy, in which prevention and mitigation against BDBEs are considered as well as against DBEs, is supported by the probabilistic evaluations. In order to embody a safety design, a higher level safety principle was broken down into a set of design requirements for each safety related system, structure and component (SSC). This paper will present an output of the safety requirements for safety related SSCs of JSFR. In the course of this study, related safety principle and requirements for Monju, CRBRP, PRISM, SPX, LWRs, IAEA standards, development targets of FaCT project, goals of GIF and basic principle of INPRO etc. were taken into account to develop a next-generation global-standard safety requirements. It is stressed that preventive and mitigative measures against BDBEs shall be considered from early design stage. The attached figure shows outline of the safety requirements. The systems and components to be studied are divided: (1)core and fuel, (2) reactor vessel and its internal structures, (3) primary coolant system, (4) intermediate coolant system, (5) decay heat removal system, (6) reactor shutdown and reactivity control systems, (7)safety protection system, instrumentation and control systems, (8) electric power system, (9) fuel handling system, (10) steam and power conversion systems, (11) containment system and reactor building, (12) auxiliary systems. These requirements can also be categorized into some levels. Although the lower level expresses design requirements specific for JSFR, the higher level can be commonly applied to sodium cooled fast reactors. This paper will
J. A. Buzacott; Shanthikumar, J. G.
The two management set parameters which determine the performance of a material requirements planning (MRP) system are the lead time and the safety stock. The appropriate values of these parameters are influenced by the accuracy of forecasts over the lead time, the variability of processing time and the degree of congestion, together with the costs of inventory and shortages. These influences are explored using stochastic models of a single stage manufacturing system for which work release is...
Full Text Available In order to increase the confidence of the trading partners and consumers in the products which are sold on the market, enterprises producing food are required to implement the food safety system HACCP,a particularly useful system because the manufacturer is not able to fully control finished products . SR EN ISO 22000:2005 establishes requirements for a food safety management system where an organization in the food chain needs to proove its ability to control food safety hazards in order to ensure that food is safe at the time of human consumption. This paper presents the main steps which ensure food safety using the HACCP system, and SR EN ISO 20000:2005 requirements for food safety.
General Methodology of Safety Analysis and Evaluation for Fusion Energy System (GEMSAFE) was applied to the International Thermonuclear Experimental Reactor (ITER) interim design in the Engineering Design Activities (EDA) stage to identify the candidates of the Design Basis Events (DBEs) stage. These DBEs were compared with those of the ITER design in the Conceptual Design Activities (EDA). As a result, 18 candidates of DBEs were selected for EDA interim design in comparison with 25 DBE candidates for the CDA design. The DBE candidates related to the fuel area were categorized in higher event categories than those of the CDA design due to the increase of the mobile tritium-contained in some components. It is important to reduce the inventory of the tritium absorbed in the dust in the vacuum area as well as in the CDA design. Measures were recommended to reduce the mobile tritium dissolved in the coolant in the single loop due to the increase of this estimated inventory. (author)
Pope, W. C.
The systems theory is discussed in relation to safety management. It is suggested that systems safety management, as a new discipline, holds great promise for reducing operating errors, conserving labor resources, avoiding operating costs due to mistakes, and for improving managerial techniques. It is pointed out that managerial failures or system breakdowns are the basic reasons for human errors and condition defects. In this respect, a recommendation is made that safety engineers stop visualizing the problem only with the individual (supervisor or employee) and see the problem from the systems point of view.
The application of micro-processor-based digital controllers has been widely propagated among various industries in recent years. While in the nuclear power plant industry, the application of them has also been expanding gradually starting from non-safety related systems, taking advantage of their reliability and maintainability over the conventional analog devices. Based on the careful study of the feasibility of digital controllers to the safety protection system, the Tokyo Electric Power Company proposed on May 1989 the adoption of digital controllers to the safety protection system in the Application for Permission of Establishment of Kashiwazaki-Kariwa units 6 and 7 (ABWR-1350Mwe each). MITI, Ministry of International Trade and Industry, the Japanese regulatory body for electric power generating facilities, had approved this application after careful review. This paper describes a series of supporting activities leading to the MITI's approval of the digital safety protection system and the MITI's licensing activities. (author)
Planning the development, use and regulation of computer systems in nuclear reactor protection systems in such a way as to enhance reliability and safety is a complex issue. This report is one of a series of reports from the Computer Safety and Reliability Group, Lawrence Livermore that investigates different aspects of computer software in reactor National Laboratory, that investigates different aspects of computer software in reactor protection systems. There are two central themes in the report, First, software considerations cannot be fully understood in isolation from computer hardware and application considerations. Second, the process of engineering reliability and safety into a computer system requires activities to be carried out throughout the software life cycle. The report discusses the many activities that can be carried out during the software life cycle to improve the safety and reliability of the resulting product. The viewpoint is primarily that of the assessor, or auditor
Lawrence, J.D. [Lawrence Livermore National Lab., CA (United States)
Planning the development, use and regulation of computer systems in nuclear reactor protection systems in such a way as to enhance reliability and safety is a complex issue. This report is one of a series of reports from the Computer Safety and Reliability Group, Lawrence Livermore that investigates different aspects of computer software in reactor National Laboratory, that investigates different aspects of computer software in reactor protection systems. There are two central themes in the report, First, software considerations cannot be fully understood in isolation from computer hardware and application considerations. Second, the process of engineering reliability and safety into a computer system requires activities to be carried out throughout the software life cycle. The report discusses the many activities that can be carried out during the software life cycle to improve the safety and reliability of the resulting product. The viewpoint is primarily that of the assessor, or auditor.
Bell, C.R. [Los Alamos National Lab., NM (United States). Technology and Safety Assessment Div.
Accelerator-driven transmutation technology has been under study at Los Alamos for several years for application to nuclear waste treatment, tritium production, energy generation, and recently, to the disposition of excess weapons plutonium. Studies and evaluations performed to date at Los Alamos have led to a current focus on a fluid-fuel, fission system operating in a neutron source-supported subcritical mode, using molten salt reactor technology and accelerator-driven proton-neutron spallation. In this paper, the safety features and characteristics of such systems are explored from the perspective of the fundamental nuclear safety objectives that any reactor-type system should address. This exploration is qualitative in nature and uses current vintage solid-fueled reactors as a baseline for comparison. Based on the safety perspectives presented, such systems should be capable of meeting the fundamental nuclear safety objectives. In addition, they should be able to provide the safety robustness desired for advanced reactors. However, the manner in which safety objectives and robustness are achieved in very different from that associated with conventional reactors. Also, there are a number of safety design and operational challenges that will have to be addressed for the safety potential of such systems to be credible.
L.K. Bandyopadhyay; S.K. Chaulya; P.K. Mishra; A. Choure; B.M. Baveja [Central Institute of Mining and Fuel Research (CIMFR), Dhanbad (India)
This study presents a wireless information and safety system for mines developed by CIMFR, Dhanbad. The system consists of hardware devices and application software. Hardware module is ZigBee-compliant active radio frequency identification (RFID) devices transceivers, which can be programmed to act as an end device (tag), router or coordinator that enables them to form an IEEE 802.15.4-based mesh network. It uses a unified wireless mesh-networking infrastructure to locate, trace and manage mobile assets and people as well as monitor different environmental conditions using sensors. Another core module is wireless sensor network (WSN) software, which is developed for tracking of underground miners and moveable equipment by wireless sensor networking in mines. Software is especially designed for tracking of miners and vehicles, route tracking in opencast mines, preventing fatal accidents and vehicle collisions, environmental monitoring, observing miners' unsafe practice, sending alert message, and preparing computerized miners' duty hours record.
Safety analyses are presented for the following LOFT Reactor systems: engineering safety features; support buildings and facilities; instrumentation and controls; electrical systems; and auxiliary systems. (JWR)
Griswold, J. W.
The basic elements of a systems engineering process are given along with a detailed description of what the safety system requires from the systems engineering process. Also discussed is the safety that the system provides to other subfunctions of systems engineering.
The document represents the conference given by the Director General of the IAEA at the Spanish Nuclear Safety Council in Madrid, on 28 May 1998, on Agency's activities in nuclear safety. The following aspects are emphasized: Agency's role in creating a legally binding nuclear safety regime, non-binding safety standards, services provided by the Agency to assist its Member States in the Application of safety standards, Agency's nuclear safety strategy, and future perspective concerning safety aspects related to radioactive wastes, residues of past nuclear activities, and security of radiological sources
Zhang, Lijun; She, Zhikun; Ratschan, Stefan;
The interplay of random phenomena and continuous dynamics deserves increased attention, especially in the context of wireless sensing and control applications. Safety verification for such systems thus needs to consider probabilistic variants of systems with hybrid dynamics. In safety verification...... probabilistic hybrid systems and develop a general abstraction technique for verifying probabilistic safety problems. This gives rise to the first mechanisable technique that can, in practice, formally verify safety properties of non-trivial continuous-time stochastic hybrid systems. Moreover, being based on...... abstractions computed by tools for the analysis of non-probabilistic hybrid systems, improvements in effectivity of such tools directly carry over to improvements in effectivity of the technique we describe. We demonstrate the applicability of our approach on a number of case studies, tackled using a...
Connell, Linda J.
The Aviation Safety Reporting System (ASRS) was established in 1976 under an agreement between the Federal Aviation Administration (FAA) and the National Aeronautics and Space Administration (NASA). This cooperative safety program invites pilots, air traffic controllers, flight attendants, maintenance personnel, and others to voluntarily report to NASA any aviation incident or safety hazard. The FAA provides most of the program funding. NASA administers the program, sets its policies in consultation with the FAA and aviation community, and receives the reports submitted to the program. The FAA offers those who use the ASRS program two important reporting guarantees: confidentiality and limited immunity. Reports sent to ASRS are held in strict confidence. More than 350,000 reports have been submitted since the program's beginning without a single reporter's identity being revealed. ASRS removes all personal names and other potentially identifying information before entering reports into its database. This system is a very successful, proof-of-concept for gathering safety data in order to provide timely information about safety issues. The ASRS information is crucial to aviation safety efforts both nationally and internationally. It can be utilized as the first step in safety by providing the direction and content to informed policies, procedures, and research, especially human factors. The ASRS process and procedures will be presented as one model of safety reporting feedback systems.
It was early in 1980's that the digital controllers were first applied to nuclear power plant in japan. After that, their application area had been expanding gradually, reaching to the overall integrated digital system including the safety system in Kashiwazaki-Kariwa units 6 and 7. The software for computer-based systems has been produced using the graphical language ''POL'' in Japanese nuclear power plants. It is the fundamental principle that the reliability of the software should be assured through the properly managed quality assurance. The POL-based system is fitted to this principle. In applying POL-based systems to safety system, the MITI, Ministry of International Trade and Industry, identified the licensing issues as the regulatory body, while the utilities had developed the digital technology feasible to the safety application. Through the activities, a specific industrial design guide for the software important to safety was established and the adequacy of the technology was certified through the demonstration tests of the integrated system. In the safety examination of the digital reactor protection system of K-6/7, the application of POL were approved. The POL-based systems in nuclear power plants were successful design and production process of the POL-based systems. This paper describes the activities in licensing and maintaining the computer-based systems by the utilities and manufacturers as well as the MITI. (author)
National Aeronautics and Space Administration — Aviation safety systems have undergone dramatic changes over the past fifty years. If you take a look at the early technology in this area, you'll see that there...
The statutory safety functions of the international Atomic Energy Agency (IAEA) include the establishment of and provision for the application of safety standards for protection of health, life and property against ionizing radiation. The safety standards are based on the presumption that a national infrastructure is in place enabling the government to discharge its responsibilities for protection and safety. Education and training is an essential element of the infrastructure. The IAEA education and training activities follows the the resolutions of its general conferences and reflects the latest IAEA standards and guidance. several general conference resolutions have emphasized the importance of education and training (e.g. GC (XXXV)/RES/552 in 1991,GC (XXXVI)/ RES/584 in 1992, GC (43)/RES/13 in 1999 and more recently GC (44)/RES/13 in 2000). In response to GC (44) /RES/13, the IAEA prepared a strategic approach to education and training in radiation and waste safety (strategy on education and training) aiming at establishing, by 2010 sustainable education and training programmes in member states. This strategy was endorsed by the general conference resolution GC(45)/RES/10C that, inter alia, urged the secretariat to implement the strategy on education and training, and to continue to strengthen, subject to available resources, its current effort in this area, and in particular to assist Member States national, regional and collaborating centres in conducting such education and training activities in the relevant official languages of the IAEA. The General Conference resolutions GC(46)RES/9C in 2002 and GC(47)RES/7 in 2003 urged the Agency to continue its efforts to implement the Strategy. The purpose of this paper is to present the newly established Strategic Approach to Education and Training in Radiation, Transport and Waste Safety and its implementation
'Piloni' is a computer program developed at the Safety Division of NRC Soreq. It is designed to update, manage and save all the data related to the safety of the employees, devices, laboratories, facilities and the environment on a single unified system. The system is currently being used and tested at the Safety Division. It had been written in Access 2002 but has been tested and modified to work on workstations in which Access 2003 is installed. The program is built modularly so that additions, updates and extensions can be carried out conveniently
The purpose of this analysis is to document the Quality Assurance (QA) classification of the Monitored Geologic Repository (MGR) health safety system structures, systems and components (SSCs) performed by the MGR Safety Assurance Department. This analysis also provides the basis for revision of YMP/90-55Q, Q-List (YMP 1998). The Q-List identifies those MGR SSCs subject to the requirements of DOE/RW-0333P, ''Quality Assurance Requirements and Description'' (QARD) (DOE 1998)
Several elements of the process safety management regulation (PSM) require tracking and documentation of actions; process hazard analyses, management of change, process safety information, operating procedures, training, contractor safety programs, pre-startup safety reviews, incident investigations, emergency planning, and compliance audits. These elements can result in hundreds of actions annually that require actions. This tracking and documentation commonly is a failing identified in compliance audits, and is difficult to manage through action lists, spreadsheets, or other tools that are comfortably manipulated by plant personnel. This paper discusses the recent implementation of a database management system at a chemical plant and chronicles the improvements accomplished through the introduction of a customized system. The system as implemented modeled the normal plant workflows, and provided simple, recognizable user interfaces for ease of use
Quality assurance has been identified as an important part of radiation protection and safety for a considerable time period. A rational expansion and improvement of quality assurance is to integrate radiation protection and safety in a management system. The aim of this study was to explore factors influencing the implementing strategy when introducing a management system including radiation protection and safety in hospitals and to outline benefits of such a system. The main experience from developing a management system is that it is possible to create a vast number of common policies and routines for the whole hospital, resulting in a cost-efficient system. One of the key benefits is the involvement of management at all levels, including the hospital director. Furthermore, a transparent system will involve staff throughout the organisation as well. A management system supports a common view on what should be done, who should do it and how the activities are reviewed. An integrated management system for radiation protection and safety includes key elements supporting a safety culture. (authors)
Dabney, Richard W. (Inventor); Elrod, Susan V. (Inventor)
A system is provided to control the environment experienced by a child in a child safety seat. Each of a plurality of thermoelectric elements is individually controllable to be one of heated and cooled relative to an ambient temperature. A first portion of the thermoelectric elements are positioned on the child safety seat such that a child sitting therein is positioned thereover. A ventilator coupled to the child safety seat moves air past a second portion of the thermoelectric elements and filters the air moved therepast. One or more jets coupled to the ventilator receive the filtered air. Each jet is coupled to the child safety seat and can be positioned to direct the heated/cooled filtered air to the vicinity of the head of the child sitting in the child safety seat.
Full Text Available The transport systems are sociotechnical systems in which the direct realization of the tasks is dealt with by an executive subsystem consisting of the elementary subsystems of a human – a technical object (an operator – a means of transport type realizing the tasks within the system environment. In respect of a human located within a transport system the most significant criterion in the evaluation of transport being realized is their safety.The safety level of the task realization is influenced by the risks resulting from the interaction of the forcing factors, affecting an elementary executive subsystem.These factors may be divided into :-working;-external;-antropotechnical.Due to the complexity of the systems being analysed in the paper, it has been attempted to evaluate the influence of the forcing factors on the safety of this system operation.
This report describes alarm and interlock system of TRISTAN, concentrating on personnel safety. The basis of TRISTAN machine-control system (TMS) is an N-to-N computer network and KEK NODAL which offers high software productivity. TMC achieves high flexibility of operation both for normal operation and for the fast commissioning. However, to assure the safety of personnel and the TRISTAN machine operation, the safety system has to continue functioning during TMC failure as well. A distributed safety and interlock system (DSIS) is used for diversification of risks in TRISTAN system. DSIS is functionally subdivided along local system lines and has a hierarchical structure of 12 programmable sequence controllers (PSCs). Optical fiber links connect the PSCs at subsystem level and a PSC at the supervisory level of TRISTAN central control room (TCCR). The subsystem PSCs provide the interlock functions between their local devices. The local PSCs interact with the central system through a limited number of summarized signals. The central PSC provides the interlock functions between the subsystems and interacts with an operator's panel. Personnel safety is based on a system of electrical interlock keys, emergency push-buttons around the tunnel, at the entrance gates or in the control room
The first stage of world nuclear power development based on light water fission reactors has demonstrated not only rather high rate but at the same time too optimistic attitude to safety problems. Large accidents at Three Mile Island and Chernobyl essentially affects the concept of NP development. As a result the safety and social acceptance of NP became of absolute priority among other problems. That's why emerging nuclear power systems should be first of all estimated from this point of view. In the paper some quantitative criteria of safety derived from estimations of social risk and economic-ecological damage from hypothetical accidents are formulated. On the base of these criteria we define two stages of possible way to meet safety demands: first--development of high safety fission reactors and second--that of asymptotic high safety ENEs. The limits of tolorated expenses for safety are regarded. The basis physical factors determining hazards of NES accidents are considered. This permits to classify the ways of safety demands fulfillment due to physical principals used
National Aeronautics and Space Administration — Most complex aerospace systems have many text reports on safety, maintenance, and associated issues. The Aviation Safety Reporting System (ASRS) spans several...
This Accident Analysis evaluates unmitigated accident scenarios, and identifies Safety Significant and Safety Class structures, systems, and components for the K West Integrated Water Treatment System
This Accident Analysis evaluates unmitigated accident scenarios, and identifies Safety Significant and Safety Class structures, systems, and components for the K West Integrated Water Treatment System.
The SNS is a proton accelerator facility that generates neutrons for scientific researchers by spallation of neutrons from a mercury target. The SNS became operational on April 28, 2006 with first beam on target at approximately 200 watts. The SNS accelerator, target, and conventional facilities controls are integrated by standardized hardware and software throughout the facility and were designed and fabricated to SNS conventions to ensure compatibility of systems with Experimental Physics Integrated Control System (EPICS). ControlLogix PLCs interface to instruments and actuators, and EPICS performs the high-level integration of the PLCs such that all operator control can be accomplished from the Central Control room using EPICS graphical screens that pass process variables to and from the PLCs. Three active safety systems were designed to industry standards ISA S84.01 and IEEE 603 to meet the desired reliability for these safety systems. The safety systems protect facility workers and the environment from mercury vapor, mercury radiation, and proton beam radiation. The facility operators operated many of the systems prior to beam on target and developed the operating procedures. The safety and non-safety control systems were tested extensively prior to beam on target. This testing was crucial to identify wiring and software errors and failed components, the result of which was few problems during operation with beam on target. The SNS has continued beam on target since April to increase beam power, check out the scientific instruments, and continue testing the operation of facility subsystems
Parsons, Mike; Scutt, Simon
Within Logica UK, over 30 IT service projects are considered safetyrelated. These include operational IT services for airports, railway infrastructure asset management, nationwide radiation monitoring and hospital medical records services. A recent internal audit examined the processes and documents used to manage system safety on these services and made a series of recommendations for improvement. This paper looks at the changes and the challenges to introducing them, especially where the service is provided by multiple units supporting both safety and non-safety related services from multiple locations around the world. The recommendations include improvements to service agreements, improved process definitions, routine safety assessment of changes, enhanced call logging, improved staff competency and training, and increased safety awareness. Progress is reported as of today, together with a road map for implementation of the improvements to the service safety management system. A proposal for service assurance levels (SALs) is discussed as a way forward to cover the wide variety of services and associated safety risks.
Helium Coolant Ceramic Breeder (HCCB) Test Blanket System (TBS) designed by China are planned to be tested in ITER to validate key technologies, including demonstration of nuclear safety, for future fusion reactor breeding blankets. Furthermore, in order to be operated in ITER, a nuclear facility (INB) recognized by French nuclear safety authority, safety design and safety analysis of the TBS are mandatory for the licensing procedures. This paper summarizes the status at current design phase with following main elements: The main radiological source terms in the system are tritium and activation products. Nuclear and tritium analysis are performed to identify their inventories and distributions in system. Multiple confinement barriers are considered to be the most essential safety feature. French regulation for pressure equipment and nuclear equipment (ESP/ESPN regulations) will be followed to ensure the system integrities. ALARA principle is kept in mind during the whole safety design phases. Protective actions including choice of advanced materials, improvement of shielding, optimization of operation and maintenance activities, usage of remote handling operations, zoning and access control have been considered. Passive safety is emphasized in the system design, only minimal active safety functions including call for fusion plasma shutdown and isolation of TBM from ex-vessel ancillary systems. High reliability and redundancies are required for components related to these functions. Several accidents have been identified and analyzed. Consider the limited inventories in the system and the intrinsic safety of fusion device, positive conclusions have been obtained. (author)
The injection pressure of the current SIT is about 4 MPa. Therefore, the SIT is not available during a high pressure SBLOCA or Station Black Out (SBO) accident because the RCS pressure is higher than that of the SIT. In addition, the AC-powered High Pressure Safety Injection (HPSI) System driven by an emergency diesel generator is not available during a SBO accident. However, as the RCS mass inventory is continuously decreased by releasing steam through the pressurizer safety valves after reactor trip, a high pressure safety injection is needed to mitigate the accident
Kwon, Taesoon; Park, Choonkyung [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)
The injection pressure of the current SIT is about 4 MPa. Therefore, the SIT is not available during a high pressure SBLOCA or Station Black Out (SBO) accident because the RCS pressure is higher than that of the SIT. In addition, the AC-powered High Pressure Safety Injection (HPSI) System driven by an emergency diesel generator is not available during a SBO accident. However, as the RCS mass inventory is continuously decreased by releasing steam through the pressurizer safety valves after reactor trip, a high pressure safety injection is needed to mitigate the accident.
Highlights: ► European Union (EU) Test Blanket Systems (TBS) safety objectives. ► EU TBS strategy. ► EU TBS project environment and status, risks and mitigations. ► EU TBS safety approach and its implementation. - Abstract: This paper reveals the safety strategy and approach developed and followed in the design of the two EU TBS describing its objectives, components and implementation. Addressing the safety in the early stage of the conceptual design of nuclear facilities is a well recognized international practice and industrial project-level requirement for the successful completion of the licensing process within expected project cost and schedule. The impact of the early development of the safety approach, its implementation and monitoring in the design of nuclear device like the TBS is not limited to the safety assessment and licensing activities only. Safety approach plays indispensible role in reducing the overall project risk. It infiltrates the entire design process through the unavoidable interfaces between the design features and its safety level. In reality the entire process of the TBS development, design, technological demonstration and implementation is affected by the project team safety culture.
The paper presents the results of Task 14 of the OECD/NEA Committee on the Safety of Nuclear Installations (CSNI) Principal Working Group 5. Following completion of work on 'PSA Application to Technical Specifications', Task 14 was initiated at the Autumn 1992 meeting of the Principal Working Group, and was completed at the end of 1994. The agreed objective of the task was to review the possibilities for using probabilistic safety analysis (PSA) based insights in the real time management of safety system reliability. The practicality of on-line risk based monitoring of safety systems' availability status has been demonstrated by seven years of experience at each of four nuclear power reactors in the United Kingdom. Within this experience many thousands of status changes have been monitored and evaluated. 4 refs, 3 figs
Safety activities in HANARO have been continuously conducted to enhance its safe operation. Great effort has been placed on a normalization and improvement of the safety attitude of the regular staff and other employees working at the reactor and other experimental facilities. This paper introduces the activities on safety improvement that were performed over the last few years. (author)
The Sixth Department of the Nuclear, Industrial and Environmental Regulatory Authority of Russia, Scientific and Engineering Centre for Nuclear and Radiation Safety process, analyse and use the information on nuclear power plants (NPPs) operational experience or NPPs safety improvement. Safety performance indicators (SPIs), derived from processing of information on operational violations and analysis of annual NPP Safety Reports, are used as tools to determination of trends towards changing of characteristics of operational safety, to assess the effectiveness of corrective measures, to monitor and evaluate the current operational safety level of NPPs, to regulate NPP safety. This report includes a list of the basic SPIs, those used by the Russian safety regulatory authority in regulatory activity. Some of them are absent in list of IAEA-TECDOC-1141 ('Operational safety performance indicators for nuclear power plants'). (author)
This paper describes some of the key regulatory activities which have taken place in the United Kingdom in recent years in the areas of safety culture and management of safety. It explains how the UK's nuclear licensing regime, regulated and enforced by the Nuclear Installations Inspectorate, (NII), provides the framework for a viable safety management system and identifies a management of safety model which a NII Task Force has developed. It finally identifies further work which is being undertaken by the NII. (author). 4 refs, 2 figs
This paper outlines the use of a failure modes and effects analysis for the safety assessment of a robotic system being developed at Sandia National Laboratories. The robotic system, the weigh and leak check system, is to replace a manual process for weight and leakage of nuclear materials at the DOE Pantex facility. Failure modes and effects analyses were completed for the robotics process to ensure that safety goals for the systems have been met. Due to the flexible nature of the robot configuration, traditional failure modes and effects analysis (FMEA) were not applicable. In addition, the primary focus of safety assessments of robotics systems has been the protection of personnel in the immediate area. In this application, the safety analysis must account for the sensitivities of the payload as well as traditional issues. A unique variation on the classical FMEA was developed that permits an organized and quite effective tool to be used to assure that safety was adequately considered during the development of the robotic system. The fundamental aspects of the approach are outlined in the paper
Increasing numbers of drivers are using navigation systems in their cars. The advantages to the user are obvious: you can get to your destination via the fastest and shortest route. This reduces stress and exposure to other traffic. However, there are also some (unintended) negative effects. For example, using the system while driving can distract your attention from other traffic. The system sometimes directs traffic through small centres of habitation or along unsuitable roads. Moreover, ti...
The U.S. Department of Energy (DOE) and CH2M HILL, Hanford Group, Inc. (CH2M HILL) [also referred to as the Tank Farm Contractor (TFC)] are evaluating the Demonstration Bulk Vitrification System (DBVS) as a supplemental treatment technology for low-activity waste (LAW) at the Hanford Site. As a new facility at Hanford, the safety analysis for the DBVS is being subjected to new and evolving DOE requirements. Hazard categorization for the facility is being closely examined since this determines whether performance category (PC)-2 or PC-3 requirements are to be applied for natural phenomena hazards, as well as differing requirements under Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 2004-2, Active Confinement Systems. Questions have also arisen regarding application of DOE-STD-3009-94, Preparation Guide for U.S. Department of Energy Nonreactor Nuclear Facility Documented Safety Analyses, or DOE-STD-1189-2008, Integration of Safety into the Design Process, format and content, as well as full implementation of DOE-STD-1186-2004, Specific Administrative Controls and naming conventions and content requirements for the interim safety analysis documents under DOE O 413.3A, Program and Project Management for the Acquisition of Capital Assets (e.g., Preliminary Documented Safety Analysis or Preliminary Safety Design Report). Another challenge is the integration of the programmatic chapters of the safety document with those of the Hanford tank farms, since the tank farms Safety Management Programs (SMP) are relied upon for the DBVS facility. All of these issues and their resolutions, as well as the level of scrutiny to which internal and external regulators have held this project's safety analysis, will be discussed in this paper
Full Text Available The paper presents issues related to risks associated with the operation of small water supply systems on the background of water consumer safety assessment made on the basis of risk analysis. Definition of water consumer safety loss as a risk associated with the water consumption of poor quality or water lack was proposed. For this purpose, a three-parameter matrix is implemented with the parameters of the probability of a representative accident scenario, the losses of the water consumers and their protection. Risk management, together with the implementation of protective barriers of small water supply system against threats is a fundamental condition for the continued operation of the system.
ISO 26262 is an international standard valid for the automotive domain. It regulates all the activities to perform for developing safety critical systems in such domain. To be compliant with ISO 26262, all the required activities have to be performed and all the required work products have to be provided. Furthermore, in addition to develop a system in a safe way, following the safety standard guidelines, the achieved safety has also to be demonstrated. This is done through a safety case, a s...
Department of Energy (DOE) Policy (P) 450.4, Safety Management System Policy, commits to institutionalization of an Integrated Safety Management System (ISMS) throughout the DOE complex. The DOE Acquisition Regulations (DEAR, 48 CFR 970) requires contractors to manage and perform work in accordance with a documented Integrated Safety Management System (ISMS). Guidance and expectations have been provided to PNNL by incorporation into the operating contract (Contract DE-ACM-76FL0 1830) and by letter. The contract requires that the contractor submit a description of their ISMS for approval by DOE. PNNL submitted their proposed Safety Management System Description for approval on November 25,1997. RL tentatively approved acceptance of the description pursuant to a favorable recommendation from this review. The Integrated Safety Management System Verification is a review of the adequacy of the ISMS description in fulfilling the requirements of the DEAR and the DOE Policy. The purpose of this review is to provide the Richland Operations Office Manager with a recommendation for approval of the ISMS description of the Pacific Northwest Laboratory based upon compliance with the requirements of 49 CFR 970.5204(-2 and -78); and to verify the extent and maturity of ISMS implementation within the Laboratory. Further the review will provide a model for other DOE laboratories managed by the Office of Assistant Secretary for Energy Research.
Full text of publication follows: Our report discusses the basic principles of producing control safety systems that utilize hardware complexes designed and developed by the Research and Production Corporation (RPC) 'Radiy', Ukraine. The safety systems produced by the company are based on a principle of 'tough' logic. Our presentation describes: - functions that are performed by CSS in nuclear power stations; - principles that are realized in the equipment of hardware complexes for control safety systems; - methods for addressing sub-system components; - integration of all components into one system. We will discuss how this system performs simultaneous functions. In addition we describe the realization of fundamental safety principles. Our presentation contains data that illustrates how our unique hardware design meets the national and international standards of radiation safety in the following cases: - one time system failures; - stand by redundancy; - multiple system failures. We provide examples of how our control safety system hardware functions as a part of power generation units in nuclear power stations as follows: - Technology protection and lockout: this controls the parameters of the nuclear reactor, monitors its status for deviations and initiates the appropriate actions; - Manual remote control: the choice of manual override of the command line options that are displayed on the block control panel; - Automatic control: automatic maintenance of nuclear reactor technological parameters in normal operational and emergency modes. Our hardware system performs these functions without utilizing software. The Program Technological Complexes (PTC) for Control Safety Systems (CSS) include several standard functions such as alarm transmission, activity databases, automatic diagnostics and many others. Special attention in our presentation is given to the issues of PTC CSS reliability in all types of emergencies. (authors)
The accelerator safety interlock system to protect persons from the radiation damages has been operated in SPring-8. The accelerator safety interlock system is monitoring the condition of safety equipment. If the condition is unsafe, the system stops the electron beam. The accelerator safety interlock system currently running is based on the operation mode control. Since the operation mode based system is quite complex, the system has some problems. Therefore, we are planning to construct new accelerator safety interlock system. We'll report the situation of current accelerator safety interlock system and the conceptual design of new accelerator safety interlock system. (author)
The US Nuclear Regulatory Commission (NRC) and the Electric Power Research Institute have initiated a broad-based exploration of means to evaluate the potential applications of expert systems in the nuclear industry. This exploratory effort will assess the use of expert systems to augment the diagnostic and decision-making capabilities of personnel with the goal of enhancing productivity, reliability, and performance. The initial research effort is the development and documentation of guidelines for verifying and validating (V and V) expert systems. An initial application of expert systems in the nuclear industry is to aid operations and maintenance personnel in decision-making tasks. The scope of the decision aiding covers all types of cognitive behavior consisting of skill, rule, and knowledge-based behavior. For example, procedure trackers were designed and tested to support rule-based behavior. Further, these systems automate many of the tedious, error-prone human monitoring tasks, thereby reducing the potential for human error. The paper version of the procedure contains the knowledge base and the rules and thus serves as the basis of the design verification of the procedure tracker. Person-in-the-loop tests serve as the basis for the validation of a procedure tracker. When conducting validation tests, it is important to ascertain that the human retains the locus of control in the use of the expert system
Alemzadeh, Homa; Chen, Daniel; Lewis, Andrew; Kalbarczyk, Zbigniew; Raman, Jaishankar; Leveson, Nancy; Iyer, Ravishankar K.
Robotic telesurgical systems are one of the most complex medical cyber-physical systems on the market, and have been used in over 1.75 million procedures during the last decade. Despite significant improvements in design of robotic surgical systems through the years, there have been ongoing occurrences of safety incidents during procedures that negatively impact patients. This paper presents an approach for systems-theoretic safety assessment of robotic telesurgical systems using software-imp...
In recent years, a new boiling water reactor (BWR) plant called the SWR 1000 has been developed by Siemens on behalf of Germany's electric utilities. This new plant design concept incorporates the wide range of operating experience gained with German BWRs. The main objective behind developing the SWR 1000 was to design a plant with a rated electric output of approximately 1000 MW which would not only have a lower capital cost and lower power generating costs but would also provide a much higher level of nuclear safety compared to plants currently in operation. This safety-related goal has been met through, for example, the use of passive safety equipment. Passive systems make a significant contribution towards increasing the over-all level of plant safety due to the way in which they operate. They function solely accord-ing to basic laws of nature, such as gravity, and perform their designated functions with-out any need for electric power or other sources of external energy, or signals from instrumentation and control (I and C) equipment. The passive safety systems have been designed such that design basis accidents can be controlled using just these systems alone. However, the design concept of the SWR 1000 is nevertheless still based on the provision of active safety systems in addition to passive systems. (author)
Aarts, J.; Nøhr, C.
safety. The editors want to thank Marianne Sørensen, Aalborg University for keeping track of all the contributions and ensuring they found their way to the final proceedings. We also want to thank all the reviewers for their excellent work in providing constructive feedback to the authors. This valuable...... third conference with the theme: The ability to design, implement and evaluate safe, useable and effective systems within complex health care organizations. The theme for this conference was "Designing and Implementing Health IT: from safe systems to patient safety". The contributions have reflected on...... and implementation of safe systems and thus contribute to the agenda of patient safety? The contributions demonstrate how the health informatics community has contributed to the performance of significant research and to translating research findings to develop health care delivery and improve patient...
This book represents a timely overview of advances in systems safety and security, based on selected, revised and extended contributions from the 2nd and 3rd editions of the International Workshop on Systems Safety and Security – IWSSS, held in 2014 and 2015, respectively, in Bucharest, Romania. It includes 14 chapters, co-authored by 34 researchers from 7 countries. The book provides an useful reference from both theoretical and applied perspectives in what concerns recent progress in this area of critical interest. Contributions, broadly grouped by core topic, address challenges related to information theoretic methods for assuring systems safety and security, cloud-based solutions, image processing approaches, distributed sensor networks and legal or risk analysis viewpoints. These are mostly accompanied by associated case studies providing additional practical value and underlying the broad relevance and impact of the field.
Liu, X.J., E-mail: email@example.com [School of Nuclear Science and Engineering, Shanghai Jiao Tong University, 800 Dong Chuan Road, Shanghai 200240 (China); Fu, S.W. [Navy University of Engineering, Wuhan, Hubei (China); Xu, Z.H. [Shanghai Nuclear Engineering Research and Design Institute, Shanghai (China); Yang, Y.H. [School of Nuclear Science and Engineering, Shanghai Jiao Tong University, 800 Dong Chuan Road, Shanghai 200240 (China); Cheng, X. [Institute of Fusion and Nuclear Technology, Karlsruhe Institute of Technology (KIT), Kaiserstr. 12, 76131 Karlsruhe (Germany)
Highlights: • Application of the ATHLET-SC code to the trans-critical analysis for SCWR. • Development of a passive safety system for SCWR-M. • Analysis of hot/cold leg LOCA behaviour with different break size. • Introduction of some mitigation measures for SCWR-M -- Abstract: A new SCWR conceptual design (mixed spectrum supercritical water cooled reactor: SCWR-M) is proposed by Shanghai Jiao Tong University (SJTU). R and D activities covering core design, safety system design and code development of SCWR-M are launched at SJTU. Safety system design and analysis is one of the key tasks during the development of SCWR-M. Considering the current advanced reactor design, a new passive safety system for SCWR-M including isolation cooling system (ICS), accumulator injection system (ACC), gravity driven cooling system (GDCS) and automatic depressurization system (ADS) is proposed. Based on the modified and preliminarily assessed system code ATHLET-SC, loss of coolant accident (LOCA) analysis for hot and cold leg is performed in this paper. Three different break sizes are analyzed to clarify the hot and cold LOCA characteristics of the SCWR-M. The influence of the break location and break size on the safety performance of SCWR-M is also concluded. Several measures to induce the core coolant flow and to mitigate core heating up are also discussed. The results achieved so far demonstrate the feasibility of the proposed passive safety system to keep the SCWR-M core at safety condition during loss of coolant accident.
The criticality accident at the JCO plant prompted the Government to enact a law for nuclear emergency preparedness. The nuclear industry established NSnet to facilitate opportunities for peer review among its members. This paper describes the activities by NSnet and TEPCO's Kashiwazaki-Kariwa nuclear power station (NPS) for a better safety culture. Created as a voluntary organization by the nuclear industry in 1999, NSnet has 35 members and is assisted by CRIEPI and NUPEC for its activities relevant to human factors. Given the fact that nuclear facility operators not belonging to WANO had no institutional system available for exchange of experiences and good practices for better safety among themselves, NSnet's activities focus on peer review by member organizations and onsite seminars. Starting April 2000 with visits to three fuel fabricators, NSnet intends to have 23 peer-review visits in 2 yr (Ref. 1). The six-member review team stays on-site for 4 days, during which time they review-using guidelines available from WANO and IAEA-OSART-six areas: organization/management, emergency preparedness, education/training, operation/ maintenance, protection against occupational radiation exposure, and prevention of accidents. A series of on-site seminars is held at members' nuclear facilities, to which NSnet dispatches experts for lectures. NSnet plans to hold such seminars twice per month. Other activities include information-sharing through a newsletter, a Web site (www. nsnet.gr.jp), and others. Although considerable differences exist in the design and the practices in operation/maintenance between power reactors and JCO, utilities can extract lessons from the accident that will be worth consideration for their own facilities in the areas of safety culture, education and training, and interface between design and operation. This thinking prompted the Nuclear Safety Promotion Center at Kashiwazaki-Kariwa NPS, to which the author belonged at that time, to launch the
Scientific Opinion on the safety assessment of the active substances iron powder, activated carbon, calcined kaolin, sodium chloride, polyacrylic acid, sodium salt, crosslinked and calcium chloride, for use as active system in food contact materials
EFSA Panel on Food Contact Materials, Enzymes, Flavourings and Processing Aids (CEF
Full Text Available This scientific opinion of the EFSA Panel on Food Contact Materials, Enzymes, Flavourings and Processing Aids deals with the safety assessment of the active substances iron powder, activated carbon, calcined kaolin, sodium chloride, polyacrylic acid, sodium salt, crosslinked and calcium chloride, used in mixture which is packed into labels, for absorbing oxygen from the headspace surrounding packed food. All substances of this formulation have been evaluated and approved for use as additives in plastic food contact materials or as food supplements. Migration of substances from the labels and formation and release of volatile constituents are not expected under the intended conditions of use. The CEF Panel concluded that the use of substances iron powder, activated carbon, calcined kaolin, sodium chloride, polyacrylic acid, sodium salt, crosslinked and calcium chloride does not raise a safety concern when used in oxygen absorbers in labels, which prevent the physical release of their content into the food. When placed in the headspace of the packaging or when used in direct contact with foods, the labels should not intentionally or unintentionally come into direct contact with liquid foods or foods that have an external aqueous phase on the surface such as sliced fruits.
Ballard, B.; Degnan, T.; Kipp, M.; Johnson, J; Miller, D.; Minto, M.
Systems Engineering Project Report Approved for public release, distribution unlimited The search, detection, identification and assessment components of the U.S. Navys organic modular in-stride Mine Countermeasure (MCM) Concept of Operations (CONOPS) have been evaluated for their effectiveness as part of a hypothetical exercise in response to the existence of sea mines placed in the sea lanes of the Strait of Hormuz. The current MCM CONOPS has been shown to be capable of supporting the...
Passive safety systems adopted in advanced Pressurized Water Reactor (PWR), such as AP1000 and EPR, should attain higher reliability than the existing active safety systems of the conventional PWR. The objective of this study is to discuss the fundamental issues relating to the reliability evaluation of AP1000 passive safety systems for a comparison with the active safety systems of conventional PWR, based on several aspects. First, comparisons between conventional PWR and AP1000 are made from the both aspects of safety design and cost reduction. The main differences between these PWR plants exist in the configurations of safety systems: AP1000 employs the passive safety system while reducing the number of active systems. Second, the safety of AP1000 is discussed from the aspect of severe accident prevention in the event of large break loss of coolant accidents (LOCA). Third, detailed fundamental issues on reliability evaluation of AP1000 passive safety systems are discussed qualitatively by using single loop models of safety systems of both PWRs plants. Lastly, methodology to conduct quantitative estimation of dynamic reliability for AP1000 passive safety systems in LOCA condition is discussed, in order to evaluate the reliability of AP1000 in future by a success-path-based reliability analysis method (i.e., GO-FLOW). (author)
Objectives of Project - Development of Digital Safety Grade PLC and Licensing - Development of Safety System(RPS) and Licensing - Development of Safety System(ESF-CCS) and Licensing Content and Result of Project - POSAFE-Q PLC : Development of PLC platform for Shin-UCN unit 1 and 2 ·Development Scope : Processor module, Power module, 3 kinds of Communication module, Bus extension module(Master and Slave), 16 kinds of Input and Output module ·PLC application software development tool(pSET) - IDiPS RPS and IDiPS ESF-CCS : Development of PPS for Sin-UCN 1 and 2 ·Development Scope - 4-channels RPS with the KNICS inherent architecture - A part of 1-channels ESF-CCS with the KNICS inherent architecture - Licensing ·optical Report Submitted and Expected to finish the licensing process until Aug. 2008
Franeková, Mária; Fedor KÁLLAY; Kurytnik, Igor Piotr
In the paper the possibilities of solution safety communication within area of safety-related control industry system are summarised with using cryptography techniques. Requirements to safety are based on generic standard for functional safety of Electrical/Electronic/Programmable Electronic (E/E/PE) systems IEC 61508 and standards, which define safety and security profiles in industrial network used in measurement and control systems. In mainly part of paper the model of safe...
This report describes general development status of the national programs on safety improvement of the Ukrainian NPPs, basic approaches adopted for planning and implementation of safety improvement works, and state of implementation of principal technical activities aimed at safety improvement of Ukrainian NPPs. (author)
In order to achieve technical self-reliance in the area of nuclear instrumentation and control, the Korea Nuclear Instrumentation and Control System (KNICS) project had been running for seven years from 2001. The safety-grade Programmable Logic Controller (PLC) and the digital safety system were developed by KNICS project. All the software of the PLC and digital safety system were developed and verified following the software development life cycle Verification and Validation (V and V) procedure. The main activities of the V and V process are preparation of software planning documentations, verification of the Software Requirement Specification (SRS), Software Design Specification (SDS) and codes, and a testing of the software components, the integrated software, and the integrated system. In addition, a software safety analysis and a software configuration management are included in the activities. For the software safety analysis at the SRS and SDS phases, the software Hazard Operability (HAZOP) was performed and then the software fault tree analysis was applied. The software fault tree analysis was applied to a part of software module with some critical defects identified by the software HAZOP in SDS phase. The software configuration management was performed using the in-house tool developed in the KNICS project. (author)
Many of the advanced light water reactor (ALWR) concepts proposed for the next generation of nuclear power plants rely on passive rather than active systems to perform safety functions. Despite the reduced redundancy of the passive systems as compared to active systems in current plants, the assertion is that the overall safety of the plant is enhanced due to the much higher expected reliability of the passive systems. In order to investigate this assertion, a study is being conducted at Sandia National Laboratories to evaluate the reliability of ALWR passive safety features in the context of probabilistic risk assessment (PRA). The purpose of this paper is to provide a brief overview of the approach to this study. The quantification of passive system reliability is not as straightforward as for active systems, due to the lack of operating experience, and to the greater uncertainty in the governing physical phenomena. Thus, the adequacy of current methods for evaluating system reliability must be assessed, and alternatives proposed if necessary. For this study, the Westinghouse Advanced Passive 600 MWe reactor (AP600) was chosen as the advanced reactor for analysis, because of the availability of AP600 design information. This study compares the reliability of AP600 emergency cooling system with that of corresponding systems in a current generation reactor
Poland has national System of Safety and Security of Radioactive Sources that fulfil International Basic Safety Standards for Protection against Ionising Radiation and for the Safety of Radiation Sources. It includes all main principles of protection against exposure to ionising radiation and for the safety and security of radioactive sources, of the Code of Conduct. All activities related to the exposure to ionising radiation are under control of the President of the National Atomic Energy Agency (NAEA) according to the Polish Atomic Law and Executive Regulations. The radioactive sources in Poland are under a sustainable supervision. The President of NAEA, as the national regulatory authority based on a legal system originating from the Atomic Law, is competent in and responsible for nuclear safety and nuclear security as well as for radiological protection of workers and of public in general. That means that the NAEA licences and controls (from the point of view of nuclear safety and radiation protection) all activities involving each source of ionising radiation (other than excepted source), registers all the nuclear materials and controls their physical protection. NAEA keeps registers of sealed radioactive sources and individual radiation doses of workers. NAEA also supervises (within its competence) all activities undertaken in case of radiation emergency. There are implementing procedures for strengthening controls of exports, imports and other transfers of radioactive sources, national safety and security cultures, particularly through the training of workers and the provision of appropriate information. Keeping records of all activities concerning nuclear materials and sealed radioactive sources has been applied in Poland since 1957. At present, NAEA has effective access to information collected in its own electronic databases, which histories go back to 1986. (author)
Choi, Ho Sun [Korea Institute of Nuclear Safety, Taejon (Korea, Republic of); Park, Moon Il; Chung, Chong Kyu; Lim, Bock Soo; Kim, Hyung Uk; Chang, Kwang Il; Nam, Kwan Hyun; Cho, Hye Ryan [AD center incubation LAB, Taejon (Korea, Republic of)
The objectives of radiation safety information system maintenance are to maintain the requirement of users, change of job process and upgrade of the system performance stably and effectively while system maintenance. We conduct the code of conduct recommended by IAEA, management of radioisotope inventory database systematically using analysis for the state of inventory database integrated in this system. This system and database will be support the regulatory guidance, rule making and information to the MOST, KINS, other regulatory related organization and general public optimizationally.
Chorowski, M.; Fydrych, J.; Poliński, J.
Superconductivity and helium cryogenics are key technologies in the construction of large scientific instruments, like accelerators, fusion reactors or free electron lasers. Such cryogenic systems may contain more than hundred tons of helium, mostly in cold and high-density phases. In spite of the high reliability of the systems, accidental loss of the insulation vacuum, pipe rupture or rapid energy dissipation in the cold helium can not be overlooked. To avoid the danger of over-design pressure rise in the cryostats, they need to be equipped with a helium relief system. Such a system is comprised of safety valves, bursting disks and optionally cold or warm quench lines, collectors and storage tanks. Proper design of the helium safety relief system requires a good understanding of worst case scenarios. Such scenarios will be discussed, taking into account different possible failures of the cryogenic system. In any case it is necessary to estimate heat transfer through degraded vacuum superinsulation and mass flow through the valves and safety disks. Even if the design of the helium relief system does not foresee direct helium venting into the environment, an occasional emergency helium spill may happen. Helium propagation in the atmosphere and the origins of oxygen-deficiency hazards will be discussed.
The review of basic systems supporting safety of technological processes, which were developed and implemented at the Mayak site, is given. The purpose of the self-sustaining chain reaction emergency warning system is to register any anomalously high level of instantaneous γ-radiation, provide sound and light alarm signals, estimate the γ-radiation absorbed dose rate. The purpose of the automated radiation monitoring system is to provide radiation safety of process personnel by continuous remote monitoring of the radiological situation and control of the alarm devices and operating mechanisms. The automated radiation monitoring system provides continuous monitoring γ-radiation exposure dose rate; collection and processing of data from measurement units; prompt notification to regional and federal executive authorities about any accidents and provision of informational support of decision-making. The neutron detection system is used to measure the frequency of impulses that characterise the flux of neutrons emitted by the plutonium solution in the process vessels, prepare and transfer information to the central process control system at its automated workplace locations. The goals of the system for automatic monitoring of nuclear shipments are to provide integrated online monitoring for nuclear, radiation, environmental and fire safety, branch power supply, radiation and meteorological monitoring of the sanitary protection zones and observation zones, as well as transmission of operative data to the Rosatom's Crisis Response Centre
The main results of Ignalina NPP Safety Analysis Group (ISAG) investigations for 1996 are presented. ISAG is concentrating its research activities into four areas: the neutrons dynamics modelling, simulation of transient processes during loss of coolant accident, the reactor cooling systems modelling and the probabilistic safety assessment of accident confinement system. Ignalina Safety Analysis Report was prepared on the basis of these results. 37 refs., 9 tabs., 96 figs
Grant, G.M.; Atwood, C.L.; Gentillon, C.D. [Idaho National Engineering Lab., Idaho Falls, ID (United States)] [and others
The Idaho National Engineering Laboratory (INEL) is evaluating the operational reliability of several risk-significant standby safety systems based on the operating experience at US commercial nuclear power plants from 1987 through 1993. The reliability assessed is the probability that the system will perform its Probabilistic Risk Assessment (PRA) defined safety function. The quantitative estimates of system reliability are expected to be useful in risk-based regulation. This paper is an overview of the analysis methods and the results of the high pressure coolant injection (HPCI) system reliability study. Key characteristics include (1) descriptions of the data collection and analysis methods, (2) the statistical methods employed to estimate operational unreliability, (3) a description of how the operational unreliability estimates were compared with typical PRA results, both overall and for each dominant failure mode, and (4) a summary of results of the study.
Zhang, Yan; TANG, TAO; Li, Keping; Mera Sanchez de Pedro, Jose Manuel; Zhu, Li; Zhao, Lin; Xu, Tianhua
In order to satisfy the safety-critical requirements, the train control system (TCS) often employs a layered safety communication protocol to provide reliable services. However, both description and verification of the safety protocols may be formidable due to the system complexity. In this paper, interface automata (IA) are used to describe the safety service interface behaviors of safety communication protocol. A formal verification method is proposed to describe the safety communication pr...
El-Koursi, Em; DUQUENNE, N
The result of this work is done within the European project untitled SAMNET Safety Management and interoperability thematic Network for railways system launched by the Commission to investigate and to propose the approaches to specify and to implement the requirements identified in the Safety Directives. In particular, issues concerning policies on Safety Management System, Common Safety Indicators, Common Safety Targets and Common Safety Methods are addressed by this project. The project sta...
The main goal of the ALFRED project is to play the role of a demonstrator for the European concept of a LFR, able to prove the safety and reliability in all operating conditions through the use of some simple engineering solutions while reducing to the largest possible extent the uncertainties related to all development stages: design, construction and operation. The ALFRED core has been designed taking into account in a comprehensive approach the main goals to be achieved, the safety performances required as well as the main technological constraints that should be fulfilled. In this context and taking into account the topic of the meeting, the presentation is focused on the safety rod system that has been successfully adapted from the CDT-MYRRHA project
Periodic safety review (Review of the activity for safety) which consisted of 'Comprehensive evaluation of operation experience' and Incorporation of the latest technical knowledge' was carried out up to January 2005. 1. Comprehensive evaluation of operation experience. It was confirmed that the effectual activities for safety through the operation of JOYO were carried out in terms of (1) Operation management, (2) Maintenance management, (3) Fuel management, (4) Radiation management, (5) Radioactive waste management, (6) Emergency planning and (7) Feedback of incidents and failures. 2. Reflection of the latest technical knowledge. It was confirmed that the latest technical knowledge including regulation and guide line established by Nuclear Safety Commission of Japan until March 31st. 2003 were properly reflected in impressing the safety of the reactor. As a result, it was evaluated that the activity for safety was carried out effectually, and no additional measure was identified continual safe operation of the reactor. (author)
P. V. Srinivas Acharyulu; P. Seetharamaiah
Software safety must deal with the principles of safety management, safety engineering and software engineering for developing safety-critical computer systems, with the target of making the system safe, risk-free and fail-safe in addition to provide a clarified differentaition for assessing and evaluating the risk, with the principles of software risk management. Problem statement: Prevailing software quality models, standards were not subsisting in adequately addressing the software safety ...
P. V. Srinivas Acharyulu
Full Text Available Software safety must deal with the principles of safety management, safety engineering and software engineering for developing safety-critical computer systems, with the target of making the system safe, risk-free and fail-safe in addition to provide a clarified differentaition for assessing and evaluating the risk, with the principles of software risk management. Problem statement: Prevailing software quality models, standards were not subsisting in adequately addressing the software safety issues for real-time safety-critical embedded systems. At present no standard framework does exist addressing the safety management and safety engineering priniciples for the development of software safety in safety-critical computer systems. Approach: In this study we propose a methodological framework involving safety management practices, safety engineering practices and software development life cycle phases for the development of software safety. In this framework we make use of the safety management practices such as planning, defining priniciples, fixing responsibilities, creteria and targets, risk assessment, design for safety, formulating safety requirements and integrating skills and techniques to address safety issues early with a vision for assurance and so on. In this framework we have also analysed integration of applicability of generic industrial heirarchy and software development heirarchy, with derived cyclical review involving safety professionals generating a nodal point for software safety. Results: This framework is applied to safety-critical software based laboratory prototype Railroad Crossing Control System (RCCS with a limited complexity. The results have shown that all critical operations were safe and risk free. Conclusion: The development of software based on the proposed framework for RCCS have shown a clarified and improved safety-critical operations of the overall system peformance.
Reiman, Teemu; Rollenhagen, Carl
The concept of safety culture has become established in safety management applications in all major safety-critical domains. The idea that safety culture somehow represents a "systemic view" on safety is seldom explicitly spoken out, but nevertheless seem to linger behind many safety culture discourses. However, in this paper we argue that the "new" contribution to safety management from safety culture never really became integrated with classical engineering principles and concepts. This integration would have been necessary for the development of a more genuine systems-oriented view on safety; e.g. a conception of safety in which human, technological, organisational and cultural factors are understood as mutually interacting elements. Without of this integration, researchers and the users of the various tools and methods associated with safety culture have sometimes fostered a belief that "safety culture" in fact represents such a systemic view about safety. This belief is, however, not backed up by theoretical or empirical evidence. It is true that safety culture, at least in some sense, represents a holistic term-a totality of factors that include human, organisational and technological aspects. However, the departure for such safety culture models is still human and organisational factors rather than technology (or safety) itself. The aim of this paper is to critically review the various uses of the concept of safety culture as representing a systemic view on safety. The article will take a look at the concepts of culture and safety culture based on previous studies, and outlines in more detail the theoretical challenges in safety culture as a systems concept. The paper also presents recommendations on how to make safety culture more systemic. PMID:24275532
Farooq, Omar; Sinha, Kumares C.; Nagle, John; James, Dwayne Stanley; Jiang, Yi
This report presents the work plan for the development of a highway safety management system for Indiana. It identifies major activities and responsibilities for the development and implementation of a formal, statewide, interactive safety decision-making process. The safety management system of Indiana is perceived as a continuous process of considering all opportunities to improve highway safety in all phases of highway planning, design, construction, maintenance and operation. The primary ...
CERN Safety rules and Radiation Protection at CMS The CERN Safety rules are defined by the Occupational Health & Safety and Environmental Protection Unit (HSE Unit), CERN’s institutional authority and central Safety organ attached to the Director General. In particular the Radiation Protection group (DGS-RP1) ensures that personnel on the CERN sites and the public are protected from potentially harmful effects of ionising radiation linked to CERN activities. The RP Group fulfils its mandate in collaboration with the CERN departments owning or operating sources of ionising radiation and having the responsibility for Radiation Safety of these sources. The specific responsibilities concerning "Radiation Safety" and "Radiation Protection" are delegated as follows: Radiation Safety is the responsibility of every CERN Department owning radiation sources or using radiation sources put at its disposition. These Departments are in charge of implementing the requi...
This papers describes the activities being conducted at the Idaho National Engineering Laboratory associated with the use of stored-program computers for protection and control systems. This project has recently been initiated and a preliminary report will be available. The use of computers in plant control and protection (and more generally in system important to safety) represents a major departure from the systems which have been used in the past. The design, development, and audit methods used for these systems are significantly different, thus requiring different skills and different perspectives
Analytical equations have been obtained for the unavailabilities of redundant standby safety systems with components tested periodically. Test and repair contributions, hardware failures, human testing and repair errors as well as failures due to true demands have been taken into account. Equations have been derived for m-out-of-n systems (1 less than or equal to m less than or equal to n less than or equal to 4) with uniformly staggered, consecutive and random testing schemes. The equations have been used in a computer code, ICARUS, and applied to practical safety systems. The results are useful for optimizing the redundancy and testing and they illustrate the importance of human/testing errors and falures associated with true demands
The Advanced spent fuel Conditioning Process is under development for effective management of spent fuel by converting UO2 into U-metal. For demonstration of this process, α-γ type new hotcell was built in the IMEF basement. All facilities which treat radioactive materials must manage CCTV system which is under control of Health Physics department. Three main points (including hotcell rear door area) have each camera, but operators who are in charge of facility management need to check the safety of the facility immediately through the network in his office. This needs introduce additional network cameras installation and this new surveillance system is expected to update the whole safety control ability with existing system
After instances of maloperation, the causes of defects, the effectiveness of the measures taken to control the situation, and possibilities to avoid future recurrences need to be investigated above all before the plant is restarted. The most important aspect in all these efforts is to check the sequence in time, and the completeness, of the control measures initiated automatically. For this verification, a computer system is used instead of time-consuming manual analytical techniques, which produces the necessary information almost in real time. The results are available within minutes after completion of the measures initiated automatically. As all short-term safety functions are initiated by automatic systems, their consistent and comprehensive verification results in a clearly higher level of safety. The report covers the development of the computer system, and its implementation, in the Gundremmingen nuclear power station. Similar plans are being pursued in Biblis and Muelheim-Kaerlich. (orig.)
The safety display of nuclear system has been classified as important to safety (SIL:Safety Integrity Level 3). These days the regulatory agencies are imposing more strict safety requirements for digital safety display system. To satisfy these requirements, it is necessary to develop a safety-critical (SIL 4) grade safety display system. This paper proposes industrial personal computer based safety display system with safety grade operating system and safety grade display methods. The description consists of three parts, the background, the safety requirements and the proposed safety display system design. The hardware platform is designed using commercially available off-the-shelf processor board with back plane bus. The operating system is customized for nuclear safety display application. The display unit is designed adopting two improvement features, i.e., one is to provide two separate processors for main computer and display device using serial communication, and the other is to use Digital Visual Interface between main computer and display device. In this case the main computer uses minimized graphic functions for safety display. The display design is at the conceptual phase, and there are several open areas to be concreted for a solid system. The main purpose of this paper is to describe and suggest a methodology to develop a safety-critical display system and the descriptions are focused on the safety requirement point of view
The Spallation Neutron Source (SNS) is a proton accelerator facility that generates neutrons for scientific researchers by spallation of neutrons from a mercury target. The SNS became operational on April 28, 2006, with first beam on target at approximately 200 W. The SNS accelerator, target, and conventional facilities controls are integrated by standardized hardware and software throughout the facility and were designed and fabricated to SNS conventions to ensure compatibility of systems with Experimental Physics Integrated Control System (EPICS). ControlLogix Programmable Logic Controllers (PLCs) interface to instruments and actuators, and EPICS performs the high-level integration of the PLCs such that all operator control can be accomplished from the Central Control room using EPICS graphical screens that pass process variables to and from the PLCs. Three active safety systems were designed to industry standards ISA S84.01 and IEEE 603 to meet the desired reliability for these safety systems. The safety systems protect facility workers and the environment from mercury vapor, mercury radiation, and proton beam radiation. The facility operators operated many of the systems prior to beam on target and developed the operating procedures. The safety and non-safety control systems were tested extensively prior to beam on target. This testing was crucial to identify wiring and software errors and failed components, the result of which was few problems during operation with beam on target. The SNS has continued beam on target since April to increase beam power, check out the scientific instruments, and continue testing the operation of facility subsystems
IAEA activities in the field of research reactor safety are included in the programme of the Division of Nuclear Installations Safety and implemented by the Engineering Safety Section through its Research Reactor Safety Unit. Following the objectives of the Division, the results of the IAEA missions and the recommendations from International Advisory Groups, the IAEA has conducted in recent years a certain number of activities aiming to enhance the safety of research reactors. The following activities are discussed in this paper: (a) the new Requirements for the Safety of Research Reactors, main features and differences with previous standards (SS-35-S1 and SS-35-S2) and the grading approach for implementation; (b) new documents being developed (safety guides, safety reports and TECDOCs); (c) activities related to the Incident Reporting System for Research Reactor (IRSRR); (d) the new features implemented for the (Integrated Safety Assessment of Research Reactors) INSARR missions; (e) the Code of Conduct on the Safety of Research Reactors developed, following the General Conference Resolution GC(45)/RES/10; and (f) the survey on the safety of research reactors conducted in the year 2002 and the results obtained. (author)
Reliability Centered Maintenance (RCM) methodology was originally developed by the commercial airlines industry in the early 1960s for identifying applicable and effective preventive maintenance tasks and as currently used in nuclear power industry. Effective maintenance of the systems at a nuclear power plant (NPP) is essential for its safe and reliable operation. Reliability Centered Maintenance at NPP is the program to assure that plant systems remain within an original design criteria and are not adversely affected during the plant life time. The aim of this report is to provide the guidelines to implement the RCM approach on NPP safety systems. Safety systems are usually standby and therefore, we need to periodically detect and repair failures that may have occurred since the previous activation or inspection the equipment. The RCM guidelines are intended to help identify the failure modes and related root causes and then decide the maintenance policies to achieve the high level of safety and reliability. The RCM is intended to improve or maintain high levels of system reliability and plant availability. Since the reliability of plant systems will be improved, the plant safety correspondingly will be increased. Another goal of RCM is to optimize the maintenance and surveillance tasks such that the overall level of resources required to accomplish essential tasks is kept to minimum. RCM also strives to eliminate unnecessary corrective maintenance and to select yet most cost-effective approach to maintenance, testing and inspection for system components. 9 refs. (Author) .new
Maria Franekova; Jan Rofar
Paper deals with the modelling of the safety-related Fieldbus communication system, which has to guaranty Safety Integrity Level (SIL) according to standard IEC 61508. There are methods of safety analysis for the closed safety Fieldbus transmission system summarized. The mainly part the modeling SW tool SHARPE describes. The realized models are based on Fault Tree Analysis (FTA) and Markov analysis.
Andkjær, Søren; Arvidsen, Jan
water-based outdoor activities: small boat fishing, sea kayaking, and kite surfing. The theoretical framework used was cultural analysis and the methodological approach was mixed methods using case studies with survey and qualitative interviews. The study indicates that safety is a complex matter and......In this paper, we report on the study Safe in Nature (Tryg i naturen) in which the aim was to analyze and discuss risk and safety related to outdoor recreation in the coastal regions of Denmark. A cultural perspective is applied to risk management and the safety cultures related to three selected...... that safety culture can be understood as the sum and interaction among six categories. The safety culture is closely related to the activity and differs widely among activities. We suggest a broad perspective be taken on risk management wherein risk and safety can be managed at different levels. Small...
Indus-2 is a 2.5 GeV, 300 mA synchrotron radiation source and is currently operating at 2 GeV and 100 mA in the round the clock shift. Two sources of ionizing radiation at Indus-2 can pose a hazard if not properly dealt with are, Bremsstrahlung radiation and synchrotron radiation. The former is mostly generated from collision of electrons with gas molecules and consists of very high energy radiation. A hutch is a structure that houses the beamline and other experimental equipment /apparatus, which is designed to prevent personnel access to areas where there is a potential for the synchrotron beam to generate high levels of ionizing radiation. Hutches are designed to reduce the direct and scattered beam dose rates to acceptably low levels outside. Personal Safety Interlock System (PSIS) is introduced to protect people from accidental exposure to high radiation when the beamlines are in use. PSIS ensures that (1) synchrotron radiation can be allowed to enter an experimental hutch only when no one is present in the hutch and all the doors of the hutch are properly closed; (2) in case of a person entering a hutch during operation, the radiation is stopped by closing the safety shutter and (3) when radiation level in the occupied area near the beamline exceeds the permissible level, it is brought down by closing the safety shutter. The PSIS system is linked with main front-end control system of each beamline. PSIS system consist of relay modules, timers, search and scram buttons, status display panels, door limit switches with latching mechanism and audio-visual alarms. This paper describes, in detail, the design and interlock scheme of a fail-safe and reliable Personal Safety Interlock System implemented at Indus-2 beamlines. (author)
Pei Tang; Shanhong Zhu
All kinds of food safety accidents occurred frequently in recent years, the main reason is that food safety system construction failed to synchronize with the internet, this study sets up food safety technical standard system based on the AHP evaluation model, learns lessons from food safety related bulletin, revises for the food industry standard, innovates from technology and regulatory reform, so as to promote international food safety system construction.
The report gives a description of safety activities in the nuclear power industry. The study has been carried out as a part of the four year programme in Nordic Safety Research (NKS) which was completed in 1997. The objective of the NKS/RAK-1.1 project 'A survey and an evaluation of safety activities in nuclear power' was to make a broad description of various activities important for safety and to make an assessment of their efficiency. A special consideration was placed on a comparison of practices in Finland and Sweden, and between their nuclear utilities. The study has been divided into two parts, one theoretical part in which a model of the relationships between various activities important for safety has been constructed and one practical part where a total of 62 persons have been interviewed at the authorities, the nuclear utilities and one reactor vendor. To restrict the amount of work two activities, safety analysis and experience feedback, were selected. A few cases connected to incidents at nuclear power plants were discussed in more detail. The report has been structured around a simple model of nuclear safety consisting of the concepts of goals, means and outcomes. This model illustrates the importance of goal formulation, systematic planning and feedback of operational experience as major components in nuclear safety. In assessing organisation and management at authorities and the power utilities there is a clear trend of decentralisation and delegation of authority. The general impression from the study is that the safety activities in Finland and Sweden are efficient and well targeted. The experience from the methodology is favourable and the comparison of practices gives a good ground for a discussion of contents and targeting of safety activities. (EG) activities. (EG)
Medi SMARTS (Medical Survey Mapping Automatic Radiation Tracing System), a gamma radiation monitoring system, was installed in a nuclear medicine department. In this paper the evaluation of the system's ability to improve radiation safety management is presented. The system is based on a state of the art software that continuously collects on line radiation measurements for display, analysis and logging. Radiation is measured by GM tubes; the signal is transferred to a data processing unit and then via an RS-485 communication line to a computer. The system automatically identifies the detector type and its calibration factor, thus providing compatibility, maintainability and versatility when changing detectors. Radiation levels are displayed on the nuclear medicine department map at six locations. The system has been operating continuously for more than one year, documenting abnormal events caused by routine operation or failure incidents. In cases where abnormal working conditions were encountered, an alarm message was sent automatically to the supervisor via his tele-pager. An interesting issue observed during the system evaluation, was the inability to distinguish between high radiation levels caused by proper routine operation and those caused by safety failure incidents. The solution included examination of two parameters, radiation levels as well as their duration period. A careful analysis of the historical data, applying the appropriated combined parameters determined for each location, verified that such a system can identify abnormal events, provide alarms to warn in case of incidents and improve standard operating procedures
Many advanced light water reactor designs incorporate passive rather than active safety features for front-line accident response. A method for evaluating the reliability of these passive systems in the context of probabilistic risk assessment has been developed at Sandia National Laboratories. This method addresses both the component (e.g. valve) failure aspect of passive system failure, and uncertainties in system success criteria arising from uncertainties in the system's underlying physical processes. These processes provide the system's driving force; examples are natural circulation and gravity-induced injection. This paper describes the method, and provides some preliminary results of application of the approach to the Westinghouse AP600 design
SHI Shi-liang(施式亮); LI Run-qiu(李润求); XIE Jian-xiang(谢建湘)
The safety status of the coal mines is closely correlated with the operating status and its changes of the whole working system in the coal mines, and the safety system is the sub-system of the whole production system. In this paper, based on the analysis of the complicacy of the safety sub-system and its affecting factors, the theory basis of the indexes system of the safety assessment was studied, including the establishing principles of the indexes system , the structure of the indexes system, the determining methods of the assessment indexes. The complete indexes system was established for the safety assessment of the coal mines in the paper.
Safety features of the decay heat removal systems including power sunply and final heat sink are described. A rather high reliability and an utmost degree of independence from energy supply are goals to be attained in the design of the European Fast Reactor (EFR) decay heat removal scheme. Natural circulation is an ambitious design goal for EFR. All the considerations are performed within the frame of risk minimization
Safe work environment has always been one of the major concerns at workplace. For this, Occupational Safety and Health Act 1994 has been promulgated for all workplaces to ensure the Safety, Health and Welfare of its employees and any person at workplaces. Malaysian Nuclear Agency therefore has started the initiative to review and improve the current Occupational Safety and Health Management System (OSHMS) by going for OHSAS 18001:2007 and MS 1722 standards certification. This would also help in our preparation to bid as the TSO (Technical Support Organization) for the NPP (Nuclear Power Plant) when it is established. With a developed and well maintained OSHMS, it helps to create a safe working condition and thus enhancing the productivity, quality and good morale. Ultimately, this will lead to a greater organization profit. However, successful OSHMS requires full commitment and support from all level of the organization to work hand in hand in implementing the safety and health policy. Therefore it is essential for all to acknowledge the progress of the implementation and be part of it. (author)
Currently Yugoslavia has one 632 MWe nuclear power plant (NPP) of PWR design, located at Krsko in the Socialist Republic (SR) of Slovenia. Krsko NPP, which is a two-loop plant, started power operation in 1981. In general, reactor safety activities in the SR of Slovenia are mostly related to upgrading the safety of our Krsko NPP and to developing capabilities for use in future units. This report presents the nuclear safety related legislation and organization of the corresponding regulatory body, and the activities related to nuclear safety of the participating organizations in the SR of Slovenia in 1986. (author)
Hill, Janice; Victor, Daniel
When software safety requirements are imposed on legacy safety-critical systems, retrospective safety cases need to be formulated as part of recertifying the systems for further use and risks must be documented and managed to give confidence for reusing the systems. The SEJ Software Development Risk Taxonomy  focuses on general software development issues. It does not, however, cover all the safety risks. The Software Safety Risk Taxonomy  was developed which provides a construct for eliciting and categorizing software safety risks in a straightforward manner. In this paper, we present extended work on the taxonomy for safety that incorporates the additional issues inherent in the development and maintenance of safety-critical systems with software. An instrument called a Software Safety Risk Taxonomy Based Questionnaire (TBQ) is generated containing questions addressing each safety attribute in the Software Safety Risk Taxonomy. Software safety risks are surfaced using the new TBQ and then analyzed. In this paper we give the definitions for the specialized Product Engineering Class within the Software Safety Risk Taxonomy. At the end of the paper, we present the tool known as the 'Legacy Systems Risk Database Tool' that is used to collect and analyze the data required to show traceability to a particular safety standard
The Generation IV Technology Road-map identifies 3 specific safety goals: 1) Generation IV nuclear energy systems will excel in safety and reliability; 2) Generation IV nuclear energy systems will have a very low likelihood and degree of reactor core damage; and 3) Generation IV nuclear energy systems will eliminate the need for offsite emergency response. This paper describes an integrated safety philosophy for Generation IV nuclear systems. The following postulates should underlie such a safety philosophy: -) Opportunities exist to further improve on nuclear power's already excellent safety record in most countries; -) Safety improvements should simultaneously be based on several elements which will require specific research efforts; -) The principle of 'defense in depth' has served the nuclear power industry well, and must be preserved in the design of Generation IV systems; -) The Generation IV design process should be driven by a 'risk-informed' approach. The methodology is tentatively called the Integrated Safety Assessment Methodology (ISAM). Although the ISAM is essentially a Probabilistic Safety Assessment (PSA) based methodology for Generation IV systems, the strength of the ISAM is that it offers tools that are tailored to answering specific types of questions at various stages of design development, and that the elements of the methodology complement and support one another in a way that contributes to a much more complete understanding of the range of safety issues. (A.C.)
This Safety Guide is applicable throughout the lifetime of a nuclear installation, including any subsequent period of institutional control, until there is no significant residual radiation hazard. For a nuclear installation, the lifetime includes site evaluation, design, construction, commissioning, operation and decommissioning. These stages in the lifetime of a nuclear installation may overlap. This Safety Guide may be applied to nuclear installations in the following ways: (a)To support the development, implementation, assessment and improvement of the management system of those organizations responsible for research, site evaluation, design, construction, commissioning, operation and decommissioning of a nuclear installation; (b)As an aid in the assessment by the regulatory body of the adequacy of the management system of a nuclear installation; (c)To assist an organization in specifying to a supplier, via contractual documentation, any specific element that should be included within the supplier's management system for the supply of products. This Safety Guide follows the structure of the Safety Requirements publication on The Management System for Facilities and Activities, whereby: (a)Section 2 provides recommendations on implementing the management system, including recommendations relating to safety culture, grading and documentation. (b)Section 3 provides recommendations on the responsibilities of senior management for the development and implementation of an effective management system. (c)Section 4 provides recommendations on resource management, including guidance on human resources, infrastructure and the working environment. (d)Section 5 provides recommendations on how the processes of the installation can be specified and developed, including recommendations on some generic processes of the management system. (e)Section 6 provides recommendations on the measurement, assessment and improvement of the management system of a nuclear installation. (f
Zacharatos, Anthea; Barling, Julian; Iverson, Roderick D
Two studies were conducted investigating the relationship between high-performance work systems (HPWS) and occupational safety. In Study 1, data were obtained from company human resource and safety directors across 138 organizations. LISREL VIII results showed that an HPWS was positively related to occupational safety at the organizational level. Study 2 used data from 189 front-line employees in 2 organizations. Trust in management and perceived safety climate were found to mediate the relationship between an HPWS and safety performance measured in terms of personal-safety orientation (i.e., safety knowledge, safety motivation, safety compliance, and safety initiative) and safety incidents (i.e., injuries requiring first aid and near misses). These 2 studies provide confirmation of the important role organizational factors play in ensuring worker safety. PMID:15641891
Netkachova, K.; Müller, K.; Paulitsch, M; Bloomfield, R. E.
Safety cases are the development foundation for safety-critical systems and are often quite complex to understand depending on the size of the system and operational conditions. The recent advent of security aspects complicates the issues further. This paper describes an approach to analysing safety and security in a structured way and creating security-informed safety cases that provide justification of safety taking into particular consideration the impact of security. The paper includes an...
Wallace, Peter; Holzer, Joseph; Guarro, Sergio; Hyatt, Larry
The Embedded System Safety Analysis Assistant (ESSAA) is a knowledge-based tool that can assist in identifying disaster scenarios. Imbedded software issues hazardous control commands to the surrounding hardware. ESSAA is intended to work from outputs to inputs, as a complement to simulation and verification methods. Rather than treating the software in isolation, it examines the context in which the software is to be deployed. Given a specified disasterous outcome, ESSAA works from a qualitative, abstract model of the complete system to infer sets of environmental conditions and/or failures that could cause a disasterous outcome. The scenarios can then be examined in depth for plausibility using existing techniques.
After an introduction into safety terms a short description of diverse system design is given. Diversity principle will be analyzed critically especially due to non-planable waiting times, the necessary grade of diversification, real-time behaviour. A conventional PID-controller is presented running in parallel with a modem fuzzy controller. Nevertheless, just the fuzzy controller offers a great challenge because of its inherent diverse design approach. Up to now there is deeper know-how available for V and V procedures for conventional as well as fuzzy controller. An example for such a system design will be presented together with V and V aspects. (author)
Sloth, Christoffer; Wisniewski, Rafael
This paper presents a method for verifying the safety of a stochastic system. In particular, we show how to compute the largest set of initial conditions such that a given stochastic system is safe with probability p. To compute the set of initial conditions we rely on the moment method that via...... Haviland's theorem allows an infinite dimensional optimization problem on measures to be formulated as a polynomial optimization problem. Subsequently, the moment sequence is truncated (relaxed) to obtain a finite dimensional polynomial optimization problem. Finally, we provide an illustrative example that...
A review of research programs carried out in Italy in the field of nuclear reactor safety was done in 1986, in the frame of the activities of the Commission of the European Communities, the International Energy Agency and the Nuclear Energy Agency of the Organization for Economic Cooperation and Development. The report contains information on these programs, as well as information on the organization of safety research in Italy and the evolution of safety research programs
After introductional descriptions of heavy water reactors and natural circulation boiling water reactors the safety philosophy and safety systems like ECCS, residual heat removal, protection systems etc., are described. (RW)
Elliott, Suzan E.
The system safety secretary is a valuable member of the system safety team. As downsizing occurs to meet economic constraints, the Total Quality Management (TQM) approach is frequently adopted as a formula for success and, in some cases, for survival.
In the heavy water circuits of the CANDU reactor, tritium is generated through the following reactions: - neutron activation; - 235 U, 233 U and 239 Pu fission in rods; - 3 He decay. The equilibrium value, of about 30-50 Ci/kg, depends by the heavy water quantity which is used in common in primary circuit and moderator, at an increase rate by 4Ci/kg/year. As the tritium inventory in a CANDU reactor can be larger than 6 x 106 Ci (tritium oxide in heavy water circuits), it results that a detritiation plant is a necessity. Solving these problems means that a heavy water detritiation plant must built and linked to the moderator circuits of the CANDU type reactor. This plant can be assimilated as a nuclear facility, involving special regulation and safety systems, complying with the nuclear laws of Romania and international safety regulations, including IAEA Vienna specifications. Like any nuclear facility, a special safety system is provided, with special hardware and software that supervises the technological process and safety equipment. Conventional systems use a large number of equipment, very expensive, while the reliability and accuracy are basic demands. On the other hand, the systems become more complex solving demands like redundancy, failure of safety or diversity. Like a result, operation and maintenance become more complicated and more expensive. Solution for these problems is to develop a reliable and flexible on-line diagnosis system, comprising two computers and a small number of discrete equipment. Creating a safety display and analysis system that provides an overview of the plant safety status and prevents serious safety degradation, ensures an easy maintenance and operation. The system is flexible, easy to use and the improvements needed by any technological process experiment could be done in short time and at low costs. Such a system can replace a dedicated hardware and software for industrial processes, regarding especially the experimental
Seismic responses of structural systems obtained on the basis of coupled analysis (selected equipment modelled along with the civil structures) results in lower responses and economical designs when compared with uncoupled analysis. For Nuclear Safety Related Structures, from considerations of limiting problem size for analysis and also to reduce modelling efforts, it is necessary to select which equipment needs to be modelled with its supports so as to adequately obtain the response of the structural system with interaction of such equipment. Coupled analysis of a primary structure and secondary system is necessary when the effects of interaction between them are significant. This paper attempts to study the structural response of Reactor Building structures of PHWR as well as PFBR to arrive at specific conclusions with respect to effect of coupling of secondary systems. The paper presents an approach followed to evolve a rational basis for inclusion or non-inclusion of such equipment in the coupled model of the primary system. (author)
Valentini, F; Ninin, P; Scibile, S
In the domain of Safety Real-Time Systems the problem of testing represents always a big effort in terms of time, costs and efficiency to guarantee an adequate coverage degree. Exhaustive tests may, in fact, not be practicable for large and distributed systems. This paper describes the testing process followed during the validation of the CERN's LHC Access System , responsible for monitoring and preventing physical risks for the personnel accessing the underground areas. In the paper we also present a novel strategy for the testing problem, intended to drastically reduce the time for the test patterns generation and execution. In particular, we propose a methodology for blackbox testing that relies on the application of Model Checking techniques. Model Checking is a formal method from computer science, commonly adopted to prove correctness of systemâs models through an automatic systemâs state space exploration against some property formulas.
In parallel with the established reactor support program utilizing design basis system analysis for licensing applications, NUSCO has a broad program underway utilizing best estimate system analysis in support of safe operation of its nuclear units. The latter analysis application requires the use of codes such as RETRAN, which have proven prediction capabilities under a wide range of physical conditions. The program utilizing best estimate system analysis, to varying degrees, in support of plant operation and safety includes the following areas of application: 1) Operator training. Specific application of system analysis in this support area include: best estimate analysis of FSAR transients, best estimate verification of plant specific simulators, and lessons learned through PRA best estimate analysis. 2) Operator guidance. Specific applications in this support area include: development, verification, and safety evaluations of emergency operator guidelines, and analysis of ambiguous scenarios to determine available fail-safe decisions and reversible actions. 3) Operator performance verification. Specific applications in this support area include: verification analysis of operational transients, and verifications of adequacy of system performance/operator actions. 4) Deterministic analyses for PRA support. 5) Verification and support of startup procedures
Kuusisto, A. [VTT Automation, Espoo (Finland). Safety Engineering
Safety auditing is a systematic method to evaluate a company's safety management system. This work concentrates on evaluating the reliability of some safety audit tools. Firstly, the factors affecting reliability in auditing are clarified. Secondly, the inter-observer reliability of one of the audit tools is tested. This was done using an audit method, known as the D and S method, in six industrial companies in the USA, and in three companies in Finland. Finally, a new improved audit method called MISHA was developed, and its reliability was tested in two industrial companies. The results of the work show that safety audit tools do not ensure reliable and valid audit results. The auditor's expertise in the field of health and safety is particularly important when the company's compliance with the legal requirements is evaluated. A reasonably high reliability in the use of the D and S can be achieved when the auditor is familiar with the audit tool, the national legislation, and the company's culture. The MISHA method gives more reliable results than D and S when the auditor is not trained. On the other hand, it seems that the D and S is more reliable when the auditor is a trained expert. Some differences were found between the companies in the USA and in Finland. The organization and administration of safety activities was at a somewhat higher level among the companies in the USA. Industrial hazard control, as well as the control of fire hazards and industrial hygiene were at a high level in all companies in both countries. Most dispersion occurred in supervision, participation, motivation, and training activities. Finally, accident investigation and analysis were significantly better arranged among the companies in the USA. The results are in line with the findings of the literature survey on national differences in safety management procedures. (orig.)
... COMMISSION Embedded Digital Devices in Safety-Related Systems, Systems Important to Safety, and Items Relied... Regulatory Issue Summary (RIS) 2013-XX, ``Embedded Digital Devices in Safety-Related Systems, Systems... basic components with embedded digital devices. DATES: Submit comments by July 19, 2013....
Communication devices in the safety system of nuclear power plants are distinguished from those developed for commercial purposes in terms of a strict requirement of safety. The concept of safety covers the determinability, the reliability, and the separation/isolation to prevent the undesirable interactions among devices. The safety also requires that these properties be never proof less. Most of the current commercialized communication products rarely have the safety properties. Moreover, they can be neither verified nor validated to satisfy the safety property of implementation process. This research proposes the novel architecture and protocol of a data communication network for the safety system in nuclear power plants
Park, S. W.; Baek, J. I.; Lee, S. H.; Park, C. S.; Park, K. H.; Shin, J. M. [Hannam Univ., Daejeon (Korea, Republic of)
Communication devices in the safety system of nuclear power plants are distinguished from those developed for commercial purposes in terms of a strict requirement of safety. The concept of safety covers the determinability, the reliability, and the separation/isolation to prevent the undesirable interactions among devices. The safety also requires that these properties be never proof less. Most of the current commercialized communication products rarely have the safety properties. Moreover, they can be neither verified nor validated to satisfy the safety property of implementation process. This research proposes the novel architecture and protocol of a data communication network for the safety system in nuclear power plants.
This report discusses the necessity for in-depth safety program planning for space nuclear reactor systems. The objectives of the safety program and a proposed task structure is presented for meeting those objectives. A proposed working relationship between the design and independent safety groups is suggested. Examples of safety-related design philosophies are given
This report discusses the necessity for in-depth safety program planning for space nuclear reactor systems. The objectives of the safety program and a proposed task structure is presented for meeting those objectives. A proposed working relationship between the design and independent safety groups is suggested. Examples of safety-related design philosophies are given.
For the future sodium-cooled fast reactor [SFR], safety approach should realize higher safety level than that of current generation reactor systems, by enhancing prevention and mitigation features of severe accidents with built-in measures in the safety designs. In this study, general safety approaches are developed for the next generation SFR based on the fundamental safety characteristics of the SFR system by comparing those of LWR system and with incorporating lessons learned from the TEPCO's Fukushima Daiichi nuclear power plants accidents. The fundamental characteristics of the SFR system are summarized into five key points: 1) reactivity related to reactor core configuration, 2) coolant pressure under operation, 3) coolant sub-cool margin to boiling, 4) ultimate heat sink, and 5) physical and chemical properties of sodium coolant. These points are considered to derive general safety approach related to fundamental function, i.e. reactor shutdown, decay heat removal, and containment, for the future SFR system. The key is to apply passive safety mechanism for prevention/mitigation of severe accident in design extension condition (DEC) with balancing active safety systems - passive mechanism should be built-in design for reactor shutdown and decay heat removal especially for DEC in order to enhance diversity to the engineered safety systems utilized for design basis accident (DBA). From the viewpoint of containment integrity, SFR system has favorable feature due to its low coolant pressure (almost atmospheric) under operation, whereas the potentials of pressure/temperature increases via sodium leak and of significant mechanical energy release by re-criticality in the course of the core disruptive accident (CDA) should be eliminated by the safety designs for both prevention and mitigation of the severe accidents. (author)
The main function of a Reactor Protection System (RPS) is to safely shutdown the reactor and prevents the release of radioactive materials. The purpose of this paper is to present a technique and its application for used in the analysis of safety system of the Nuclear Power Plant (NPP). A more advanced technique has been presented to accurately study such problems as the plant availability assessments and Technical Specifications evaluations that are becoming increasingly important. The paper provides the Markov model for the Reactor Protection System of the NPP and presents results of model evaluations for two testing policies in technical specifications. The quantification of the Markov model provides the probability values that the system will occupy each of the possible states as a function of time.
Shivers, Charles Herbert; Parker, Nelson C. (Technical Monitor)
This article presents a discussion of the configuration management (CM) and the Data Management (DM) functions and provides a perspective of the importance of configuration and data management processes to the success of system safety activities. The article addresses the basic requirements of configuration and data management generally based on NASA configuration and data management policies and practices, although the concepts are likely to represent processes of any public or private organization's well-designed configuration and data management program.
Full Text Available In this study, we have a research of the design and realization of the Safety Production Scheduling System. Urged by the government departments as well as safety supervising institutions, many coal enterprises are embarking on designing and constructing an information system platform for safety production and scheduling. How to establish a systematic, comprehensive, standardized and scientific management platform for the safety production and scheduling has become a hot issue in the coal industry, which is also an important move to integrate various safety management measures in order to prevent major safety accidents and keep up with the international industry status. Taking a successful, large-scale safety production and scheduling system for example, this study elaborates on its overall design and construction. When the system is completed, it will play an important role in strengthening safety production of the coal mines, preventing accidents as well as increasing the overall safety level of the coal industry.
Ben S. Medikonda; Seetha R. Panchumarthy
Software for safety-critical systems has to deal with the hazards identified by safety analysis in order to make the system safe, risk-free and fail-safe. Software safety is a composite of many factors. Problem statement: Existing software quality models like McCalls and Boehms and ISO 9126 were inadequate in addressing the software safety issues of real time safety-critical embedded systems. At present there does not exist any standard framework that comprehensively addresses the Factors, Cr...
In nuclear power industry all over the world, we can never overemphasize the importance of nuclear safety. After the Chernobyl accident occurred in 1986, Korean nuclear energy industry had made every effort to enhance nuclear safety culture further. And, as a result of the efforts, Korean government declared the five principles for the nuclear energy safety regulation, which were included in the Nuclear Energy Safety Policy Statement published in 1994. In 2001, through the announcement of Nuclear Safety Charter for the peaceful use of nuclear energy, the Ministry of Science and Technology proclaimed at home and abroad that the protection of citizens and environment by securing nuclear safety should be the highest priority in nuclear energy industry. Occupying almost 40% share of domestic electricity generation, Korea Hydro and Nuclear Power Co. decided 'Safety Top Priority Management' as president's management policy, and clearly presented the safety goal to the personnel. By this, the management can effectively place stress on securing safety, which is our highest priority and the only way to win public confidence toward nuclear energy industry. This is prepared to shortly introduce the activities for improving safety culture in Yonggwang Nuclear Power unit 3 and 4 (YGN 3 and 4)
England, John Dwight (Inventor); Kelley, Anthony R. (Inventor); Cronise, Raymond J. (Inventor)
A safety drain system includes a plurality of drain sections, each of which defines distinct fluid flow paths. At least a portion of the fluid flow paths commence at a side of the drain section that is in fluid communication with a reservoir's fluid. Each fluid flow path at the side communicating with the reservoir's fluid defines an opening having a smallest dimension not to exceed approximately one centimeter. The drain sections are distributed over at least one surface of the reservoir. A manifold is coupled to the drain sections.
Rios Rivas, Juan Ricardo
for Java aims at providing a reduced set of the Java programming language that can be used for systems that need to be certified at the highest levels of criticality. Safety-critical Java (SCJ) restricts how a developer can structure an application by providing a specific programming model...... and by restricting the set of methods and libraries that can be used. Furthermore, its memory model do not use a garbage-collected heap but scoped memories. In this thesis we examine the use of the SCJ specification through an implementation in a time-predictable, FPGA-based Java processor. The specification is now...
Design and maintenance-strategy optimization of safety systems for potentially hazardous facilities have become a first-order social demand in the last decade. Not only because the nocive effects of contamination and industrial spillages on the environment are less tolerated, but also because the great amount of materials dangerous to human beings that are manipulated in the cities, or at their outskirts, turn some spots of our cities into very dangerous zones for their inhabitants. As a result, in the last decade safety system modeling methods have been developed, especially the so-called Fault Tree Analysis, in order to allow the introduction of new design alternatives as well as different maintenance strategies. The increasing complexity of the resulting optimization problems has led to the application of global optimization evolutive methods, especially genetic algorithms, in a single-objective environment as well as in a multiobjective one. Despite recent progress in this subject, there persist important limitations still not solved that limit the applicability in multiple real problems, and therefore current methodologies are not part yet of the tool set used by most engineering design groups. Among them, the computational cost of fault tree quantitative evaluation, and the loss of efficiency of the genetic algorithms due to the different nature of the variables to optimize. In this paper, a review of relevant contributions in safety system design, from a conceptual point of view as well as from an algorithmic one, is presented. Emphasizing the advantages and drawbacks of the use of genetic algorithms. Non-solved problems will be analyzed and described using current methodologies and the most recent contributions to solving such problems will be presented, including the usage of the new global optimization evolutive method, known as flexible evolution, which shows excellent properties for design optimization. The role that Monte Carlo simulation methods may
@@ Dupont,with its 200 years of safety management experience,tells us:all safety accidents can be prevented. Dupont has a history of more than 200 years,the concept of "safety is priority"has never changed.Dupont is just another word for safety.
Safety of nuclear facilities is guaranteed with the safety of instrument and equipment and of human, organization, management and system. In the guarantee, especially the encouragement and the growth of nuclear safety culture which is the basis of the safety of the latter are very important. In recent years, severe accidents and transients due to organizational issues have increased. Then, international organizations, regulatory organizations of each country and nuclear enterprises promote positively the developments of self-assessment methods of safety culture and safety management systems. The activities in the international organizations of IAEA and OECD/NEA and in the foreign regulatory organizations of US NRC and UK NII are described. (K. Kato)
Lu, Chien-tsung; Wetmore, Michael; Smith, John
System safety was conceptualized by the aerospace industry in the late 1940s in the United States (U.S.). Traditionally, users of system safety applied analysis to identify operational hazards and subsequently provide countermeasures before or after an accident. Unfortunately, very few aviation safety researches from the airlines had utilized it to promote aviation safety. To enrich this knowledge and contribute interest from academia, this paper adopted the inductive techniques of system saf...
When developing a transportation system to transport transuranic (TRU) waste from ten widely-dispersed generator sites, the Department of Energy (DOE) recognized and addressed many challenges. Shipments of waste to the Waste Isolation Pilot Plant (WIPP) were to cover a twenty-five year period and utilize routes covering over twelve thousand miles in twenty-three states. Enhancing public safety by maximizing the payload, thus reducing the number of shipments, was the primary objective. To preclude the requirement for overweight permits, the DOE started with a total shipment weight limit of 80,000 pounds and developed an integrated transportation system consisting of a Type ''B'' package to transport the material, a lightweight tractor and trailer, stringent driver requirements, and a shipment tracking system referred to as ''TRANSCOM''
The nuclear plants for desalination to be built in the future will have to meet the standards of safety required for the best nuclear power plants currently in operation or being designed. The current safety approach, based on the achievement of the fundamental safety functions and defence in depth strategy, has been shown to be a sound foundation for the safety and protection of public health, and gives the plant the capability of dealing with a large variety of sequences, even beyond the design basis. The Department of Nuclear Safety of the IAEA is involved in many activities, the most important of which are to establish safety standards, and to provide various safety services and technical knowledge in many Technical Co-operation assistance projects. The department is also involved in other safety areas, notably in the field of future reactors. The IAEA is carrying out a project on the safety of new generation reactors, including those used for desalination, with the objective of fostering an exchange of information on safety approaches, promoting harmonization among Member States and contributing towards the development and revision of safety standards and guidelines for nuclear power plant design. The safety, regulatory and environmental concerns in nuclear powered desalination are those related directly to nuclear power plants, with due consideration given to the coupling process. The protection of product water against radioactive contamination must be ensured. An effective infrastructure, including appropriate training, a legal framework and regulatory regime, is a prerequisite to considering use of nuclear power for desalination plants, also in those countries with limited industrial infrastructures and little experience in nuclear technology or safety. (author)
The dependability of critical safety systems needs to be quantitatively determined in order to verify their effectiveness, e.g. with regard to regulatory requirements. Since modular redundant safety systems are not required for normal operation, their reliability is strongly dependent on periodic inspection. Several modeling methods for the quantitative assessment of dependability are described in the literature, with a broad variation in complexity and modeling power. Static modeling techniques such as fault tree analysis (FTA) or reliability block diagrams (RBD) are not capable of capturing redundancy and repair or test activities. Dynamic state space based models such as continuous time Markov chains (CTMC) are more powerful but often result in very large, intractable models. Moreover, exponentially distributed state residence times are not a correct representation of actual residence times associated with repair activities or periodic inspection. In this study, a hybrid model combines a system level RBD with a CTMC to describe the dynamics. The effects of periodic testing are modeled by redistributing state probabilities at deterministic test times. Applying the method to the primary safety shutdown system of the BR2(Belgian Reactor 2)—nuclear research reactor, resulted in a quantitative as well as a qualitative assessment of its reliability.
This paper introduces an optimal logic structure of a safety monitoring system to minimize the expected total loss incurred upon fail-dangerous (FD) failures or fail-safe (FS) failures. This paper is divided into three parts. The first part considers the safety monitoring system composed of several channels. Each channel has identical sensors to monitor a plant state variable, e.g., temperature of pressure. When a state variable becomes abnormal, the corresponding channel issues a channel alarm for protective action. The problem is to design an optimal, coherent structure for each channel when the channels are logically connected according to an accident occurence mechanism. For the one-channel system, the optimal channel structure is proven to be k*-out-of-n: G, and k* can be calculated analytically. For the multi-channel system, the optimal channel structure is a k-out-of-n: G, and the problem is formulated as a non-linear integer programming (NLIP) which can be solved by the extended Lawler and Bell's method. The second part generalizes the first part to cover more general optimization of the logic structure without assuming ad-hoc channel connections. The optimal, Boolean structure can be determined by a switching function. The monotone property enables one to employ a systematic search method for a simple expression of the optimal structure. A probabilistic logic structure is discussed and proven to be reduced to a deterministic one. The last part disccusses an optimal shut-down logic for the overall protective system, which is composed of the driving, judging, and sensing sections. Each section may fail in two ways: FD or FS. The optimal shut-down logic, as before, is determined by a switching function. For the system with reliable judging and driving sections, the optimal shut-down logic can be determined based on the reliability information of the sensing section. (author)