National Report of the Slovak Republic - Radiation and Nuclear Safety
, September 1998
4.3.2 Methods to Prevent Human Failure
Several methods and systems are in place to prevent human failure. The most important of them include:
- staff training, (see Section 4.2.3. for details),
- documentation of good quality,
- application of a system of rules for performing work on an equipment,
- testing of systems and equipment according to "Surveillance Programs",
- easy overview of labeling within the installation
- survey control activities.
Operating and maintenance staff perform activities according to approved documentation which is kept, updated and supplemented on a regular basis in accordance with the requirements defined by the corresponding quality assurance standards (for details, see Section 5.3.3.).
Manipulations, activities and procedures not described in the applicable operating documentation may only be performed based on a special program developed and approved in advance.
A significant reduction of the probability of errors committed by the staff upon emergency or malfunction events and thus improved in-depth protection can be achieved by introducing symptom-oriented operating procedures. They have been developed in cooperation with the company Westinghouse (USA) for both NPP Bohunice V-2 and the Czech NPP Dukovany. The regulations are subject to validation and operation staff training how to use them, and they are expected to come into force soon. Also, similar procedures are at the same time under preparation for Mochovce and Bohunice V-1.
A system defining rules of work performance at NPP equipment is in place and described in QA standards to prevent errors committed by the staff during repair, maintenance works, reconstruction and design change implementation at technological equipment. The system includes the following types of permits:
- S-order, a written order to secure equipment prior to the repair to enable safe performance of repair works; it specifies the type of work, place, time and conditions of their performance. It moreover specifies the responsibility for safe securing of the equipment to be repaired, the necessary safety measures to be taken and conditions of the takeover of the equipment in question for further operation. The order is issued by the installation administrator, and is approved by the Shift Supervisor. S-order does not replace R and B orders if such orders are needed for the performance of the works in accordance with the respective regulations.
- M-order, for works at NPP technology to be performed under full operation which bear the risk of reduced output or complete outage of TG, reactor or breaking of OLC. The order is principally issued by the reactor unit supervisor of the respective unit on which works are to be performed, upon consultation with the person responsible to supervise the work. The supervisor of works must perform any manipulation exactly as defined in the M-order, he must not perform any other manipulation or change the order of manipulations. After the completion of the works, the supervisor of works is liable to close the M order, i.e. to hand over the equipment on which manipulation had been performed, to the unit supervisor, the latter taking it over for further operation.
- R-order is issued in addition to S-order to perform works in conditions of increased radiation risk; it specifies place, time and conditions under which the works are to be performed, the necessary measures and means to provide for radiation safety, the composition of the work team and the persons responsible for the keeping of the "Radiation Safety Rules".
- B-order is issued in addition to S-order for work on electrical equipment of medium and high voltage. It is issued and closed by Shift Operation Foreman of the electric part.
Any work within the technological premises of a nuclear installation may only be performed provided one of the above orders has been issued. Any work performed by the daily staff must not be started, interrupted or terminated without informing the Shift Foreman and the equipment service crew and without obtaining their approval.
A significant reduction of the probability of errors committed by the staff during the testing of equipment is achieved by the application of an extensive "Surveillance Program" system (for details, see Section 5.3.3.).
Surveying Control Activities
The system of surveying control activities has been described in detail in the Quality System documents. It is subdivided into:
- "Survey Controls by the Shift Crew" - The documents define the obligations of the staff how to perform the controls and how to report any deficiencies identified. Survey Control Sheets have been developed for each shift position, and define the control route and frequency. The objective of this activity is to identify deficiencies on equipment so as to prevent with a high probability, by its periodic performance according to the instructions, faiture to detect important facts due to the failure of the human factor.
- "Survey Control Activities of Managers" - have been described in the foregoing Section 4.3.1.
Other Measures Taken by Operator to Prevent Human Failure
- documentation for specific units at the site is of a specific color to prevent mistakes due to mixing up units,
- system of labeling of technological equipment under repair and/or with failure; labels or tables are used to provide for visual control and overview of equipment in operation, under maintenance or repair,
- system of control sheets for handing over or taking over shifts by control room staff; the control sheets are used to check and record the status of the equipment, deficiencies, failures etc. to prevent potential errors made by the staff due to non-conveying important information between shifts,
- system of control sheets to take over safety systems which underwent repair; it serves to prevent staff errors during bringing of the respective equipment into the corresponding state,
- independent checking of the correctness of manipulations and of the correct position of elements of safety significant systems and equipment; the objective is to prevent a failure or false operation of systems of safety relevance due to human failure. This is performed by a person different from that who performed or supervised the activity.
Copyright © UJD SR, 1998
Copyright © SE, a. s., 1998