This page contains a Flash digital edition of a book.
Special Focus: Quality Assurance 


of configured items (CI), requirements application to structures, systems and components (SSC)/CI and compliance V&V substantially easier. Te objective with RM is to completely, correctly and consistently establish, document, maintain and communicate the design requirements associated with traceability to the facility SSC implementing the requirements as well as to the V&V records demonstrating compliance – all within a well established CM. Using requirements traceability matrixes (RTMs) as


Fig. 2. Safety case principle with the claim-evidence-argument hierarchy. Claims correspond to goals and the sub claim/inference structure is built from vulnerability assessments with support also from standards and guidelines. Areas carrying claim hierarchies are combined to a total safety case and evaluated/ reported sequentially in a safety/quality assurance and demonstration plan for a complete project life cycle.


process related factors and software based safety critical applications), strengthens the product management aspect of traditional project management methods. Tis is because many of the issues encountered originate from interface problems and from unknown/ undocumented entities and new dependencies introduced.


Te practical and efficient structure of the customised safety case approach (Fig. 1) consists of project specific safety/quality areas defined with different focus for complete scope coverage:


l Plant/product focus (eg, scope and definitions, requirements, design specification status, verification and validation results/base product qualification).


l Process/project focus (eg, quality assurance, design control processes, organisation and competence).


For each safety/quality area relevant claims hierarchies (Fig. 2) with regards to completeness, correctness and consistency are defined in cooperation with plant and supplier expertise, forming the total safety case definition.


Te depth and detail of the claim hierarchy and


Fig. 3. ‘The Balance Model of CM’ (IAEA- TECDOC-1335 and CMBG) illustrates the relationship among design requirements, documentation and physical configuration that must conform, ie be kept ‘in balance’. RTMs maintain control of the requirements and its traceability to compliance in the configuration documentation. CM and corresponding CI structure provides control of valid configuration documentation as tied to the corresponding CI/SSC defined in the NPP.


corresponding requirements for explicit in-depth demonstration is governed by the relevance for safety. Each claim is evaluated based on evidences, typically verification and validation (V&V) activities such as reviews/inspections, audits, analyses and tests, with documented argumentation for claim fulfillment. Without well functioning configuration management, there is no confidence that the plant has been designed, constructed, and is being operated in accordance with design requirements, and changes to the plant configuration are consistent with those requirements. Plant owners will as a consequence experience severe issues in both time and cost. Regulators and the public will furthermore not allow continued operation of an industrial facility that carries the inherent perceived risk of a NPP. Te definition of a system/object should be viewed as an important ‘basic’ requirement and maintained under CM just as any other requirement for the system/object. Defining clear functional-, physical- and geographical boundaries will, eg, make definitions


well as developing and maintaining function structures together with the product structure of the NPP (Fig. 3) using, eg, the guidelines of IEC 61346, nowadays replaced by IEC 81346, assist in solving most of the structural challenges of RM and CM.


Concluding recommendations Major applications of the customised safety case approach for the life cycle safety assurance and demonstration have proven successful within so called ‘mega projects’ including significant I&C system and control room upgrades, but the principles and structures are generally applicable. Te recommended methods for RM and CM are


important bases enabling claim fulfilment assurance in the total safety case defined. We are convinced that if any supplier can show


that proper CM, including adequate RM, is covered in the design and deliveries, also for the future owner/ operator life cycle, that will be a unique selling point for decades to come, and provide significant risk reductions for both new build and upgrades/uprates projects worldwide. Using the customised safety case approach presented to get the life cycle safety assurance and demonstration properly in place, and applying adequate CM and RM, is at least equally as important and valuable as selecting the right technology. l


Enter 48 or ✔ at www.engineerlive.com/ipe


Pontus Ryd, Specialist, Nuclear Power Safety & Quality Assurance, and Andreas Knutsson, Project & Systems Engineer, are with Solvina AB, Västra Frölunda, Sweden. www.solvina.se


48 www.engineerlive.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52