SSM perspective
Background
One of the most important design principles to achieve high safety function dependability is the use of redundancy to be single-fault tolerant. In turn, redundancies become effective by applying additional design principles such as physical and functional separation and diversity.
License holders of nuclear power reactors must demonstrate that requirements are met, including the requirements for single-fault tolerance and that design principles such as separation and diversity are applied to a sufficient extent to meet the overall dependability requirements as reflected by acceptance criteria for deterministic as well as probabilistic safety analyses.
Since 2013, the Finnish authority STUK has set specific requirements on so called failure tolerance analyses (FTA). Sweden currently has no such explicit requirements. However, FTA could be of value in SSM’s work with reactor safety. It is therefore of interest to SSM to study what the current situation looks like in Finland as well as current application of FTA or similar in other countries and organizations. Part of the study is also to look at cur-rent approaches, used by Swedish utilities, to show that safety function dependability com-ply with requirements, including how they are documented, One specific issue is to investigate potential use of PSA models in the FTA process.
Results
The study has reviewed the Finnish FTA requirements (redundancy, functional and spatial separation, diversity and independence between Defence-in-Depth (DiD) levels and com-pared with US, British and Swedish requirements. It is only Finland that have explicit requirements but the interpretation is that the other countries have implicit the same requirements, i.e. it has to be shown that safety function dependability and defence-in-depth independence as far as is reasonably achievable meet the requirements. Also Swedish utilities have documentation on how the requirements are met. However, it is not necessarily easy to find information on how dependability and independence requirements are met.
An outline for an FTA approach is developed and a SWOT analysis regarding FTA is performed.
One conclusion from this work is that FTA can be used to demonstrate compliance with SSMFS 2021:4, Chapter 4 §13 that includes use of redundancy, separation and diversity as means to achieve the degree of dependability that meet the safety criteria as far as is practically achievable. Guides and methods for FTA are not currently described in literature and there is no international consensus of what FTA must contain.
This study is relevant for potential further development of SSM requirements on how dependability requirements are met, including requirements on documentation of such assessments.
Need for further research
The potential introduction of Swedish regulatory requirements similar to the Finnish requirements is likely to benefit from development of a common FTA approach within the industry.