BS 60964:2010 pdf download – Nuclear Power Plants — Control rooms — Design
5 Design principles for the main control room 5.1 Main objectives of the main control room The nuclear power plant objective is that it can be operated safely and efficiently from the main control room in all plant operational states and accident conditions. The main control room provides the control room staff with the human-machine interface and related information and equipment, e.g. the communication interface, which are necessary for the achievement of the plant operational goals.
In addition, it provides an environment under which the control room staff are able to perform their tasks without discomfort, excessive stress, or physical hazard.
5.2 Functional design objectives of the main control room The principal objectives of the control room design are to provide the operator with accurate, complete, operationally relevant and timely information regarding the functional status of plant equipment and systems. The design shall allow for all operational states, including refuelling and accident conditions, optimise the tasks and reduce to an appropriate level the workload required to monitor and control the plant safely, and provide necessary information to other facilities outside the control room. The control room design shall provide an optimal assignment of functions which achieves maximum utilization of operator and system capabilities. An additional objective of the control room design is to permit station commissioning to take place effectively and to permit modifications and maintenance.
5.3 Safety principles A control room shall be designed to enable the nuclear power plant to be operated safely in all operational states and to bring it back to a safe state after the onset of accident conditions. Such events shall be considered in the design of the control room. Equipment controlled from the control room shall be designed, as far as practicable, so that an unsafe manual command cannot be carried out, e.g. by using a logical interlock depending on the plant status. Account shall also be taken of the need for functional isolation and physical separation where redundant safety systems or safety and non-safety systems are brought into close proximity. IEC 60709 gives requirements for this. Account shall be taken of the need to ensure safety if the control room and its systems are affected by fire, and to reduce the possibility of fire to a practicable minimum, as outlined in IEC 60709. Appropriate measures shall be taken to safeguard the occupants of the control room against potential hazards such as unauthorized access, undue radiation resulting from an accident condition, toxic gases, and all consequences of fire, which could jeopardize necessary operator actions. There shall be adequate routes through which the control room staff can leave or reach the control room, or gain access to other control points, under emergency conditions.
5.4 Availability principles With a view to maximizing the plant capacity factor, consideration shall be given in the control room design to:
– facilitating planned operations for load changing, start-up and shut-down;
– minimizing the occurrence of any undesired power reduction or plant trip caused by operators’ erroneous decision-making and actions, or by local disturbances associated with malfunction or failure of I&C systems;
– achieving the design output and performance of the plant. The availability-related design specifications shall not violate the adopted safety principles.
5.5 Human factors engineering principles In order to provide an optimal assignment of functions which ensures maximum utilization of the capabilities of human and machine and aims to achieve the maximum plant safety and availability, the design shall pay particular attention to human factors principles and human characteristics of personnel with regard to their anthropometrics, perceptual, cognitive, physiological and motor response capabilities and limitations.