The use of digital I&C systems in nuclear power plants corresponds to a general trend. Its appeal is due to multiple factors:

  • Digital I&C hardware components are suitable to withstand harsh environmental conditions. The use of modified packaging hardware allows withstanding accelerations such as those due to an earthquake or an aircraft crash. Appropriate shielding measures for the cabinets ensure that the stringent requirements on electromagnetic compatibility are also met.
  • Digital I&C systems have been shown to be generally more reliable than their analogue-based predecessors. In particular, digital I&C is more compact than analogue-based platforms to implement the same functions. Components have low failure rates and are more resistant to drift effects as evidenced by the available experience feedback
  • Digital I&C is suitable to embed failure monitoring features. Digital I&C systems include comprehensive self-testing features, thus minimizing the possibility of failures remaining undetected until the system is called on to act, significantly reducing the need for periodic tests. Such features minimize maintenance interventions and significantly reduce human factors errors resulting in a decrease of the plant availability
  • Digital I&C benefits from the power of software tools to easily modify, test and simulate implemented functions and to detect and replace failed components. Forward support documentation, which ensures the consistency between the description of system requirements and the implemented functions over the whole lifecycle of a system, is also easier to issue and to update
  • Digital I&C provides a much higher degree of freedom in the implementation of functional needs, in particular of a user-friendly Human-Machine Interface (HMI).
  • The capacities offered by computerized HMI enable the development of support functions for the operators, minimizing the possibilities for human error in plant operation. In particular, alarms are categorized and are filtered depending on plant conditions, which significantly reduce the amount of alarms displayed to the operators in case of an event, compared with analogue-based HMI. The implementation of computerized operating procedures also provides support to the operators. All these features minimize the workload of the operators in stressful conditions.
  • The capacity offered by computerized HMI also eases maintenance operations when a failure is detected or when preventive maintenance is required. One good example of the power of digital systems is that, in case of a malfunction, they can prioritize the error messages so as not to confuse the operator with the sheer mass of data generated by that malfunction.
  • Last but not least, the new generation of plant operators is less familiar with analogue systems than digital ones through familiarity with many computer-based applications.

Nevertheless, as with every innovation, digital systems raise questions amongst the safety authorities. Most concerns about digital systems are related to their intrinsic complexity compared to analogue systems, due to more complex electronic boards, embedded components, and the increased probability of common cause failure (CCF) with digital systems, in comparison with more simple analogue modules where CCF can generally be ruled out.

Safety authorities have also recognized the real benefit of using digital systems, but require that I&C architecture design shall be robust and consider CCF as a basis of the design. In countries where the diversity between two digital I&C platforms is not considered sufficient, non-computerized technologies (analogue or based on Programmable Logic Devices or Field Processing Gate Arrays) are used to reach the expected levels in the defence-in-depth and diversity approach to design of modern I&C architecture in new nuclear power plants.

The Hinkley Point C EPR, will use digital I&C systems. Photo courtesy EDF.