BS IEC 60880-2 pdf download.Software for computers important to safety for nuclear power plants
2 Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions of this part of IEC 60880. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on this part of IEC 60880 are encouraged to investigate the possibility of applying the most recent editions of the normative documents indicated below. For undated references, the latest edition of the normative document referred to applies. Members of IEC and ISO maintain registers of currently valid International Standards. IEC 60880:1 986, Software for computers in the safety systems of nuclear power stations IEC 61 226:1 993, Nuclear power plants – Instrumentation and control systems important for safety – Classification IEC 61 508-4:1 998, Functional safety of electrical/electronic/programmable electronic safety- related systems – Part 4: Definitions and abbreviations IEC 61 51 3: ?, Nuclear power plants – Instrumentation and control for systems important to safety – General requirements for systems 1) ISO/IEC 91 26:1 991 , Information technology – Software product evaluation – Quality characteristics and guidelines for their use IAEA 50-C-D (rev 1 ):1 988, Code on the safety of Nuclear Power Plants: Design IAEA 50-SG-D1 1 :1 986, General design safety principles for nuclear power plants – A safety guide IEEE 61 0:1 990, Standard glossary of software engineering terminology
3 Definitions and abbreviations
For the purposes of this part of IEC 60880, the terms and definitions given in IEC 60880 and in the IAEA Safety Series No. 50-C-D, as well as the following terms and definitions apply. NOTE 1 “Shall”, “should” and “may” are used in accordance with IEC conventions. NOTE 2 For clarification of the terms error, fault, failure and signal trajectory the following example is given. If a person or process makes an error in producing something, this will result in a fault in the product. When the product is used, it may be satisfactory, or it may fail, if the fault is not corrected. If the use challenges the fault, the product will fail if no other defence prevents the failure. A failure is due to both a fault and a challenge, with no other defence operating. For software, a challenge to a fault is provided by a signal trajectory. 3.1 animation process by which the behaviour defined by a specification is displayed with actual values derived from the stated behaviour expressions and from some input values 3.2 application function function of an I&C system that performs a task related to the process being controlled rather than to the functioning of the system itself [derived from 2.1 of IEC 60880] 3.3 channel separate path along which information flows through a redundant or distributed system. That path may also contain redundancy 3.4 common cause failure (CCF) failure which is the result of one or more events, causing coincident failures of two or more separate channels in a multiple channel system or in multiple systems, leading to system(s) failure [3.6.1 0 of IEC 61 508-4, modified] NOTE 1 Depending on the context, a CCF may be considered at the system level or at the level of the systems which constitute a safety group. NOTE 2 See definition of failure (3.8). 3.5 data representation of information or instructions in a manner suitable for communication, interpretation, or processing by computers [adapted from IEEE 61 0]
3.6 diversity existence of two or more different ways or means of achieving a specified objective. Diversity is specifically provided as a defence against common mode failure. It may be achieved by providing systems that are physically different from each other, or by functional diversity, where similar systems achieve the specified objective in different ways (see clause 3 of IEC 61 226) 3.7 dynamic analysis process of evaluating a system or component based on its behaviour during execution. In contrast to static analysis (see IEEE 61 0) 3.8 failure failure occurs when the delivered service deviates from the intended service NOTE A failure is the result of a hardware fault, software fault, system fault, or operator or maintenance error, and the associated signal trajectory which results in the failure. 3.9 fault defect in a hardware, software, or system component. Faults are subdivided into random faults (for example, resulting from wearing out of hardware), and systematic faults (for example, introduced in the design), and for software these include coding errors and specification errors NOTE A fault (notably a design fault) may remain undetected in a part of the system until specific conditions or signal trajectories affecting that part of the system, are such that the result produced does not conform to the intended function. This results in a failure of that part of the system. 3.1 0 functional diversity application of the diversity at the functional level (for example, to have trip activation on both pressure and temperature limit) 3.1 1 functions, and associated systems and equipment (FSE) functions are carried out for a purpose or to achieve a goal. The associated systems and equipment are the collections of components and the components themselves that are employed to achieve the functions (see clause 3 of IEC 61 226)
www.2022standards.com