BS IEC 62808 pdf download

BS IEC 62808 pdf download.Nuclear power plants – Instrumentation and control systems important to safety – Design and qualification of isolation devices
1 Scope
This International Standard establishes requirements for the design, analysis and qualification of isolation devices used to ensure electrical independence of redundant safety system circuits, or between safety and lower class circuits, as specified in IEC 60709. This standard includes guidance on the determination of the maximum credible fault that is applied to the isolation devices. The maximum credible fault can be used as a basis for the test levels used in testing based on other standards (e.g. IEC TS 61 000-6-5 or IEC 62003). This standard does not address safety or CCF issues due to functional inter-dependencies and possible interferences or CCFs that may result from signal exchange or sharing between systems or sub-systems. It also does not address design or qualification issues related to digital or programmable logic in isolation devices. For isolation devices containing digital or programmable logic, additional design and qualification requirements must be considered; these requirements are outside the scope of this standard.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply. 3.1 barrier device or structure interposed between redundant equipment or circuits important to safety, or between equipment or circuits important to safety and a potential source of damage to limit damage to the I&C system important to safety to an acceptable level Note 1 to entry: The following definition is given in the IAEA Safety Glossary, edition 2007: “A physical obstruction that prevents or inhibits the movement of people, radionuclides or some other phenomenon (e.g. fire), or provides shielding against radiation”. The IAEA definition is more general and consistent with the definition given in this standard.3.2 common mode electrical faults voltage or current faults between both signal terminals and a common reference plane (ground) Note 1 to entry: These faults should not be confused with common cause failures. Note 2 to entry: This causes the potential of both signal terminals to be changed simultaneously and by the same amount relative to the common reference plane (ground). 3.3 differential mode electrical faults voltage or current faults between signals 3.4 isolation device device in a circuit that prevents malfunctions in one section of a circuit from causing unacceptable influences in other sections of the circuit or other circuits Note 1 to entry: As described in IEC 60709, malfunctions can be caused by faults and normal actions. 3.5 maximum credible fault MCF voltage or current transient that may exist in circuits, as determined by test or analysis, taking into consideration the circuit location, routing, and interconnections combined with failures that the circuit and adjacent circuits may credibly experience Note 1 to entry: The evaluation shall consider the impact of seismic and flooding conditions.
5 General principles for isolation devices
5.1 General The requirements for the application of isolation devices are in IEC 60709. Clause 5 is included as a summary and provides additional requirements for the isolation devices. The word “shall” identifies the additional requirements. Isolation devices used in interfaces between I&C systems important to safety or between channels within a system important to safety may have an impact on the integrity of the overall design and in particular, on defence in depth. When used, they may be relied upon to provide electrical isolation between redundant safety functions or safety functions in different layers of defence in the overall architecture. In general, the introduction of such interfaces between systems should be considered carefully based on the principles and approaches outlined in IEC 61 51 3. A systematic analysis of failures at system and overall I&C architecture level is required. Functional inter-dependencies are introduced between systems due to signal interfaces and their associated failure modes shall be considered carefully.