Proposal for the taxonomy of failure modes of digital system hardware for PSA

Currently a new taxonomy approach is developed by the DIGREL task group, established by the Working Group on Risk Assessment of OECD/NEA, in order to support the modelling of digital I&C systems in the framework of PSA for nuclear power plants (NPP). It should improve the identification of potential failure modes of hardware as well as software. It is based on generic experience with different types of digital I&C systems. Also it should help to define the structure of data to be collected and support the quantification of PSA models. The DIGREL task group has decided to separate the evaluation of the taxonomy approaches of digital I&C systems into two parts: a taxonomy of the failure modes of hardware and a taxonomy of the failure modes of software. This paper presents a proposal for a generic structure of the hardware of a digital I&C system with safety- functions relevant to safety. The hardware failure mode taxonomy approach is based on decomposition of a particular digital I&C system according to a generic hardware structure. It is assumed that this generic decomposition is sufficient to identify generic issues of the specific I&C systems, components and functions. The decomposition of the hardware into modules is based on the current practice of data collection from operating experience of analog and digital I&C to be applied in PSA. The simplified model takes into account the typical design features of digital I&C systems in the NPP e.g. redundant signal processing, network communication and voting of the actuation signal. Furthermore, a concept (methodology) is presented for the identification of generic issues with regard to failure modes of hardware of a digital I&C system and to probable effects by propagation of the failure modes through each level of signal processing (local, next higher assembly and system level)