When possible,
special add-ons should be
associated with each resilience-critical component, to enable the
operators to become aware of the
component faults . When possible,
special add-ons should be
associated with each resilience-critical component, to enable the
operators to become aware of the
component faults .
The
risks of over-trusting the add-on are high (example: problem in trusting the PORV fault detector in the TMI accident)
Special procedures should be developed, to ensure regular checking of the add-ons).
In the design of
resilient systems it is required that faults in the
resilience add-ons are detected and
fixed routinely.
The failure rate of the special add-ons may be calculated by common measures, such as MTBF (
Wiki ).
The MTBF of the special add-ons should be chosen such that the calculated
MTBDF is acceptable by the
stakeholders .
hazard indicators should be tested regularly, to verify that they can generate
alarms when needed .
Updated on 25 Mar 2017.