Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Shutdown system failure

The Canadian licensing philosophy requires that each accident, together with failure of each safety system in turn, be assessed (and specified dose limits met) as part of the design and licensing process. In response, designers have provided CANDUs with two independent dedicated shutdown systems, and the likelihood of anticipated transients without scram is negligible. [Pg.405]

The number and severity of failures experienced by the equipment under study must be related to the operations of the facility. It would be inappropriate to assign the same operating histories to a continuously operating system and a system that operates intermittently. The number of hours in different operating modes (for example, 100% production versus shutdown) affect failure rate calculation and service description for taxonomy definition. [Pg.215]

For the alarm system alone a failure is expected once every 5.5 yr. Similarly, for a reactor with a high-pressure shutdown system alone, a failure is expected once every 1.80 yr. However, with both systems in parallel the MTBF is significantly improved and a combined failure is expected every 13.7 yr. The overall failure probability is given by... [Pg.479]

Example 11-2 assumes that all failures in either the alarm or the shutdown system are immediately obvious to the operator and are fixed in a negligible amount of time. Emergency alarms and shutdown systems are used only when a dangerous situation occurs. It is possible for the equipment to fail without the operator being aware of the situation. This is called an unrevealed failure. Without regular and reliable equipment testing, alarm and emergency systems can fail without notice. Failures that are immediately obvious are called revealed failures. [Pg.480]

The top event is written at the top of the fault tree and is indicated as the top event (see Figure 11-14). Two events must occur for overpressuring failure of the alarm indicator and failure of the emergency shutdown system. These events must occur together so they must be connected by an AND function. The alarm indicator can fail by a failure of either pressure switch 1 or the alarm indicator light. These must be connected by OR functions. The emergency shutdown system can fail by a failure of either pressure switch 2 or the solenoid valve. These must also be connected by an OR function. The complete fault tree is shown in Figure 11-14. [Pg.494]

Compute the availability of the level indicator system and flow shutdown system for Problem 11-2. Assume a 1-month maintenance schedule. Compute the MTBC for a high-level episode and a failure in the shutdown system, assuming that a high-level episode occurs once every 6 months. [Pg.509]

Where a loading system s emergency shutdown system closes a valve on gravity or pipeline fed transfer systems, care should be taken to ensure the line is protected against pressure surges or hydraulic hammers which may cause gasket blowout or line failure (NFPA 30). [Pg.316]

Critical instruments assigned a Class 1 include those necessary to avoid a failure which may cause the perils listed above or instruments which fail to inform of upset conditions which may result in perils. Testing of these instrument systems may be mandated by regulatory agencies, in-house technical safety review committees, HAZOP studies, or designated as critical by operations supervisors. All of these shutdown systems and alarms must be prooftested in accordance with a proper schedule. [8]... [Pg.205]

Serious Consequences—Class 2. Equipment or the critical instruments serving equipment whose failure could possibly cause, or fail to warn of upset conditions, uncontrolled releases of dangerous materials, situations that could result in accidental fires and explosions. Furthermore these failures could result in serious conditions involving environmental releases, property or production losses, or other non-life-threatening situations. These particular pieces of equipment, the safety shutdown systems and the alarms that serve this equipment are given a slightly lower priority. However, they are also inspected, tested, or prooftested on a regular schedule, but may be allowed to have some leniency in compliance. [Pg.205]

These are instrument system loops that are necessary to avoid a failure which could result in nonreportable environmental releases, equipment or production losses, or reduced economic life, plus all other systems and alarms that assist operations that require prooftesting. These alarms and shutdown systems include refrigeration units that have less impact or safety or environmental issues than the Class 2 units, important pump shutdown alarms, low pressure utility alarms (well water, cooling tower water, natural gas, instrument air, nitrogen), and numerous low-pressure lubrication alarms. [Pg.244]

Critical Consequence—Class 1. Safety Critical instruments whose failure would either cause, or fail to inform of, situations resulting in accidental fire, explosion, uncontrolled release of dangerous materials, reportable environmental releases, or major property or production losses. The safety critical instruments assigned a Class 1 include those that have been mandated as such by regulating agencies an in-house technical safety review committee reliability studies and specific shutdown systems and specific alarms deemed critical by operations supervisors. [Pg.270]

The system failure rate is less than 10% the operation shutdown rate is less than... [Pg.467]

The safety concept considers two nuclear shutdown systems, a set of six reflector rods for reactor scram and power control and a KLAK system of small absorber balls for cold and long-term shutdown. Decay heat removal is made via the heat exchanger, an auxiliary cooling system, and the panel cooling system inside the concrete cavern, or, in case of a failure of these systems, passively by heat transfer via the surface of the reactor vessel. [Pg.44]

Communication interfaces Start-up and shutdown Security and access Backup and restoration Data storage Recovery from system failures Alarm and event handling Reporting and historical data ... [Pg.171]

Totally 104 failures have occurred over a total operation period. The abnormal operation events due to equipment and system failures resulted in 28 plant shutdowns of which 18 shutdowns involved reactor scrams (5 events involved manual reactor emergency shutdowns). In the remainder the plant power reductions took place. [Pg.114]

The shutdown of SMART can be achieved by a function of one of two independent systems. The primary shutdown system is 32 shutdown banks of CEA of which absorbing material is B4C. The control banks are dropped into the reactor core by the gravity force and immediately stops die neutron chain reactions. These control banks have sufficient shutdown margin to bring the reactor fi-om hot full power to hot shutdown, even with a most reactive bank stuck out of the core. For the case of failure of the primary shutdown system, the emergency boron injection system is provided as a backup system and consists of two tanks, 6m ... [Pg.80]

The reactor trip and main loop shutdown instrumentation hardware and sensors are designed to withstand the forces imposed by the QBE and SSE so as to remain functional during and after either earthquake. System failures which could result in loss of function are identified as follows ... [Pg.168]

When the system fails safely, the failure is self-revealing and is repaired immediately without the need for self-diagnostics and annunciation. This is very realistic since production shutdowns carry a large economic penalty and are repaired quickly. The repair time for such a system failure is not the same as the on-line repair. [Pg.318]

Gravity driven injection system of borated water at high pressure makes up the Second Shutdown System. It actuates automatically when the Reactor Protection System detects the failure of the First Shutdown System or in case of LOCA. The system consists of tanks connected to the reactor vessel by two piping lines which valves are opened automatically when the system is triggered. Then one of the pipes -from the steam dome to the upper part of the tank- equalizes pressures, and the other -from a position below the reactor water level to the lower part of the tank- discharges the borated water into the primary system by gravity. [Pg.118]

An example of such off line function is an emergency shutdown system. Many protective functions are offline functions. The termination of the ability to perform an offline function is called a hidden failure. Maintenance for hidden failure is an integral part of technical health eheck. [Pg.2102]

Shutdown Cooling System Failure Modes and Effects Analysis... [Pg.21]

SHUTDOWN COOLING SYSTEM FAILURE MODES AND EFFECTS ANALYSIS... [Pg.176]

SHUTDOWN COOLIMG SYSTEM FAILURE HOPES AND EFFECTS AMALYSIS... [Pg.178]

See other pages where Shutdown system failure is mentioned: [Pg.502]    [Pg.178]    [Pg.288]    [Pg.454]    [Pg.478]    [Pg.479]    [Pg.502]    [Pg.365]    [Pg.428]    [Pg.202]    [Pg.281]    [Pg.167]    [Pg.107]    [Pg.2991]    [Pg.178]    [Pg.56]    [Pg.3]    [Pg.175]    [Pg.14]    [Pg.115]   
See also in sourсe #XX -- [ Pg.345 ]



SEARCH



Failures systemic

Shutdown system

Shutdowns

System failures

© 2024 chempedia.info