0% encontró este documento útil (0 votos)

143 vistas97 páginas

Requisitos Energéticos Centrales Nucleares

Este documento establece los requisitos generales para el sistema de energía eléctrica de centrales nucleares de potencia. Ratifica la norma técnica europea EN IEC 63046:2021 como norma española UNE-EN IEC 63046:2021. Se aprobó en julio de 2021 por la Asociación Española de Normalización.

Cargado por

openjavier5208

Derechos de autor

Nos tomamos en serio los derechos de los contenidos. Si sospechas que se trata de tu contenido, reclámalo aquí.

Formatos disponibles

Descarga como PDF, TXT o lee en línea desde Scribd

0% encontró este documento útil (0 votos)

143 vistas97 páginas

Requisitos Energéticos Centrales Nucleares

Cargado por

openjavier5208

Derechos de autor

Nos tomamos en serio los derechos de los contenidos. Si sospechas que se trata de tu contenido, reclámalo aquí.

Formatos disponibles

Descarga como PDF, TXT o lee en línea desde Scribd

Norma Española

UNE-EN IEC 63046:2021

Idioma: Inglés

Centrales nucleares de potencia. Sistema de energía

eléctrica. Requisitos generales (Ratificada por la
Asociación Española de Normalización en julio de
2021.)

Asociación Española
de Normalización
Génova, 6 - 28004 Madrid
915 294 900
info@[Link]
[Link]
Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
interna se requiere de autorización previa de AENOR.
28/11/2023
UNE-EN IEC 63046:2021

Centrales nucleares de potencia. Sistema de energía eléctrica. Requisitos generales

(Ratificada por la Asociación Española de Normalización en julio de 2021.)

Nuclear power plants - Electrical power system - General requirements (Endorsed by Asociación Española
de Normalización in July of 2021.)

Centrales nucléaires de puissance - Système d'alimentation électrique - Exigences générales (Entérinée

par l'Asociación Española de Normalización en juillet 2021.)

En cumplimiento del punto [Link] de las Reglas Internas de CEN/CENELEC Parte 2, se ha

otorgado el rango de documento normativo español UNE al documento normativo europeo
EN IEC 63046:2021 (Fecha de disponibilidad 2021-05-21)

Este documento está disponible en los idiomas oficiales de CEN/CENELEC/ETSI.

Este anuncio causará efecto a partir del primer día del mes siguiente al de su publicación en
la revista UNE.

La correspondiente versión oficial de este documento se encuentra disponible en la Asociación Española de

Normalización (Génova 6 28004 MADRID, [Link]).

Las observaciones a este documento han de dirigirse a:

Asociación Española de Normalización

Génova, 6
28004 MADRID-España
Tel.: 915 294 900
info@[Link]
[Link]

© UNE 2021
Prohibida la reproducción sin el consentimiento de UNE.
Todos los derechos de propiedad intelectual de la presente norma son titularidad de UNE.

Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
interna se requiere de autorización previa de AENOR.
28/11/2023
UNE-EN IEC 63046:2021
EUROPEAN STANDARD EN IEC 63046
NORME EUROPÉENNE
EUROPÄISCHE NORM May 2021

ICS 27.120.20

English Version

Nuclear power plants - Electrical power system - General

requirements
(IEC 63046:2020)

Centrales nucléaires de puissance - Système d'alimentation Kernkraftwerke - Elektrische Stromversorgungssysteme -

électrique - Exigences générales Allgemeine Anforderungen
(IEC 63046:2020) (IEC 63046:2020)

This European Standard was approved by CENELEC on 2021-05-17. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization

Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels

Ref. No. EN IEC 63046:2021 E

European foreword

The text of document 45A/1348/FDIS, future edition 1 of IEC 63046, prepared by SC 45A
"Instrumentation, control and electrical power systems of nuclear facilities" of IEC/TC 45 "Nuclear
instrumentation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN IEC 63046:2021.

The following dates are fixed:

• latest date by which the document has to be implemented at national (dop) 2022-02-17
level by publication of an identical national standard or by endorsement

• latest date by which the national standards conflicting with the (dow) 2024-05-17
document have to be withdrawn

Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

As stated in the nuclear safety directive 2009/71/EURATOM, Chapter 1, Article 2, item 2, Member
States are not prevented from taking more stringent safety measures in the subject-matter covered by
the Directive, in compliance with Community law.

In a similar manner, this European standard does not prevent Member States from taking more
stringent nuclear safety and/or security measures in the subject-matter covered by this standard.

Endorsement notice

The text of the International Standard IEC 63046:2020 was approved by CENELEC as a European
Standard without any modification.

In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 60364-5-52 NOTE Harmonized as HD 60364-5-52
IEC 60880 NOTE Harmonized as EN 60880
IEC 61508-1 NOTE Harmonized as EN 61508-1
IEC 61508-2 NOTE Harmonized as EN 61508-2
IEC 61508-3 NOTE Harmonized as EN 61508-3
IEC 61508-4 NOTE Harmonized as EN 61508-4
IEC 62003 NOTE Harmonized as EN IEC 62003
IEC 62040-3 NOTE Harmonized as EN 62040-3
IEC 62138 NOTE Harmonized as EN IEC 62138
IEC 62271-200 NOTE Harmonized as EN 62271-200
IEC 62305-1 NOTE Harmonized as EN 62305-1
IEC 62305-3 NOTE Harmonized as EN 62305-3
IEC 62305-4 NOTE Harmonized as EN 62305-4
IEC 62340 NOTE Harmonized as EN 62340
IEC 62566 NOTE Harmonized as EN 62566
IEC 62645 NOTE Harmonized as EN IEC 62645
ISO/IEC 27001 NOTE Harmonized as EN ISO/IEC 27001
ISO/IEC 27002 NOTE Harmonized as EN ISO/IEC 27002
ISO 9000 NOTE Harmonized as EN ISO 9000

Annex ZA
(normative)

Normative references to international publications

with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.

NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.

NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
[Link].

Publication Year Title EN/HD Year

IEC 60038 (mod) 2009 IEC standard voltages EN 60038 2011
IEC 60671 - Nuclear power plants - Instrumentation andEN 60671 -
control systems important to safety -
Surveillance testing
IEC 60709 2018 Nuclear power plants - Instrumentation,EN IEC 60709 2019
control and electrical power systems
important to safety - Separation
IEC 60964 2018 Nuclear power plants - Control rooms -EN IEC 60964 2019
Design
+EN IEC
60964:2019/AC:201
9-08
IEC 61225 - Nuclear power plants - Instrumentation,EN IEC 61225 -
control and electrical power systems -
Requirements for static uninterruptible DC
and AC power supply systems
IEC 61226 - Nuclear power plants - Instrumentation andEN 61226 -
control important to safety - Classification
of instrumentation and control functions
IEC 61513 2011 Nuclear power plants - Instrumentation andEN 61513 2013
control important to safety - General
requirements for systems
IEC 62671 - Nuclear power plants - Instrumentation and- -
control important to safety - Selection and
use of industrial digital devices of limited
functionality
IEC 62808 - Nuclear power plants - Instrumentation andEN 62808 -
control systems important to safety -
Design and qualification of isolation
devices
IEC 62855 2016 Nuclear power plants - Electrical powerprEN IEC 62855 2021
systems - Electrical power systems
analysis

Publication Year Title EN/HD Year

IEC 62859 - Nuclear power plants - Instrumentation andEN 62859 -
control systems - Requirements for
coordinating safety and cybersecurity
ISO 9001 Quality management systems -EN ISO 9001 2015
Requirements
IEC/IEEE 60780-- Nuclear facilities - Electrical equipmentEN 60780-323 -
323 important to safety - Qualification
IEC/IEEE 60980-- Nuclear facilities - Equipment important toEN IEC/IEEE-
344 safety - Seismic qualification 60980-344

IEC 63046
®
Edition 1.0 2020-10

INTERNATIONAL
STANDARD
NORME
INTERNATIONALE colour
inside

Nuclear power plants – Electrical power system – General requirements

Centrales nucléaires de puissance – Système d'alimentation électrique –

Exigences générales
IEC 63046:2020-10(en-fr)

THIS PUBLICATION IS COPYRIGHT PROTECTED

Copyright © 2020 IEC, Geneva, Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11

3, rue de Varembé info@[Link]
CH-1211 Geneva 20 [Link]
Switzerland

About the IEC

The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications

The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - [Link]/advsearchform Electropedia - [Link]

The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - [Link]/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - [Link]/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - [Link]/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@[Link].

A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC

Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC - Electropedia - [Link]

[Link]/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - [Link]/justpublished Glossaire IEC - [Link]/glossary

Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées
antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - [Link]/csc CISPR de l'IEC.
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@[Link].

IEC 63046
®
Edition 1.0 2020-10

INTERNATIONAL
STANDARD
NORME
INTERNATIONALE colour
inside

Nuclear power plants – Electrical power system – General requirements

Centrales nucléaires de puissance – Système d'alimentation électrique –

Exigences générales

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION

COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE

ICS 27.120.20 ISBN 978-2-8322-8817-7

Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission

Marque déposée de la Commission Electrotechnique Internationale
Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
interna se requiere de autorización previa de AENOR.
28/11/2023
UNE-EN IEC 63046:2021

–2– IEC 63046:2020 © IEC 2020

CONTENTS
FOREWORD ........................................................................................................................... 5
INTRODUCTION ..................................................................................................................... 7
1 Scope .............................................................................................................................. 9
1.1 General ................................................................................................................... 9
1.2 Application: new and pre-existing plants ............................................................... 11
1.3 Framework ............................................................................................................ 11
1.4 Interaction with level 2 standards .......................................................................... 11
2 Normative references .................................................................................................... 13
3 Terms and definitions .................................................................................................... 14
4 Abbreviated terms ......................................................................................................... 23
5 Overall Electrical Power System life cycle ..................................................................... 24
6 Architecture of Electrical Power System: identification of requirements.......................... 25
6.1 Objectives ............................................................................................................. 25
6.2 Safety requirements applicable to the electrical architecture design ...................... 26
6.2.1 Defence in Depth ........................................................................................... 26
6.2.2 Application of Single Failure Criterion ............................................................ 26
6.2.3 Management of the Common Cause Failure .................................................. 26
6.2.4 Loss Of Off-site Power conditions .................................................................. 26
6.2.5 Station Black Out conditions .......................................................................... 27
6.2.6 Loss of Electrical Power conditions ................................................................ 27
6.2.7 Application of internal and external Hazards .................................................. 27
6.2.8 Nuclear security requirements ....................................................................... 28
6.2.9 Classification requirements ............................................................................ 28
6.2.10 Probabilistic requirements ............................................................................. 28
6.3 Electrical requirements ......................................................................................... 28
6.3.1 Requirements coordinated with the electric grid operator ............................... 28
6.3.2 Electrical disturbances ................................................................................... 29
6.4 Functional performance requirements ................................................................... 29
6.5 Maintenance requirements .................................................................................... 30
7 Design of the electrical architecture ............................................................................... 30
7.1 Objectives ............................................................................................................. 30
7.2 Safety design provision ......................................................................................... 30
7.2.1 Defence in Depth in the Electrical Power System ........................................... 30
7.2.2 Single Failure in the Electrical Power System ................................................ 31
7.2.3 Common Cause Failure in the Electrical Power System ................................. 31
7.2.4 Provisions for coping with Loss Of Off-site Power .......................................... 37
7.2.5 Provisions for coping with Station Black Out .................................................. 38
7.2.6 Provisions to avoid or reduce Loss of Electrical Power .................................. 38
7.2.7 Classification consideration ........................................................................... 38
7.2.8 Provisions to achieve the reliability target for the Electrical Power System .... 39
7.3 Electrical design provision .................................................................................... 40
7.3.1 General ......................................................................................................... 40
7.3.2 Coordination with the grid .............................................................................. 40
7.3.3 Design to achieve electrical requirements ...................................................... 40
7.4 Functional and performance design provisions ...................................................... 46
7.4.1 General ......................................................................................................... 46

IEC 63046:2020 © IEC 2020 –3–

7.4.2 Electrical Power System studies .................................................................... 46

7.4.3 Design of the Interruptible Power Supply System ........................................... 49
7.4.4 Design of the Uninterruptible Power Supply System ...................................... 49
7.5 Maintenance ......................................................................................................... 50
7.5.1 Consideration of the maintenance in the electrical design .............................. 50
7.6 Multi-unit shared electrical power systems ............................................................ 51
7.7 Electrical system layout ........................................................................................ 51
7.8 Supporting and associated systems for the Electrical Power System .................... 51
7.9 Overall quality assurance programs ...................................................................... 52
7.10 Requirements for output documentation ................................................................ 53
7.10.1 General ......................................................................................................... 53
7.10.2 Architecture principles ................................................................................... 54
7.10.3 Single line diagrams ...................................................................................... 55
8 Sub-system requirements .............................................................................................. 55
8.1 Electrical Power System basis requirements ......................................................... 55
8.1.1 General ......................................................................................................... 55
8.1.2 System Design .............................................................................................. 56
8.1.3 Single line diagram ........................................................................................ 56
8.2 Equipment design specification ............................................................................. 56
8.3 Equipment requirements ....................................................................................... 56
8.4 AC Interruptible Electrical Power Supply System .................................................. 56
8.5 AC/DC Uninterruptible Power Supply System ........................................................ 57
8.6 Coordination and interaction with power grid ......................................................... 57
8.7 Earthing ................................................................................................................ 57
9 Verification of the architecture of the Electrical Power System ....................................... 57
9.1 General ................................................................................................................. 57
9.2 Computerised tools and models verification .......................................................... 57
9.2.1 Electrical Power System verification .............................................................. 57
9.2.2 Layout of electrical power systems and equipment verification ...................... 57
9.3 Test requirements ................................................................................................. 58
10 Overall integration and commissioning .......................................................................... 59
10.1 General ................................................................................................................. 59
10.2 Requirements ....................................................................................................... 59
10.3 Output documentation ........................................................................................... 60
11 Overall operation and maintenance ............................................................................... 60
11.1 General ................................................................................................................. 60
11.2 Requirements ....................................................................................................... 60
11.3 Output documentation ........................................................................................... 60
12 System quality assurance plan ...................................................................................... 61
12.1 General ................................................................................................................. 61
12.2 System verification plan ........................................................................................ 61
12.3 System configuration management plan ................................................................ 62
12.4 Fault resolution procedures ................................................................................... 62
Annex A (informative) Basic safety issues in NPPs .............................................................. 63
A.1 General ................................................................................................................. 63
A.2 Plant safety objectives .......................................................................................... 63
A.3 Plant safety analysis ............................................................................................. 63
A.3.1 General ......................................................................................................... 63

–4– IEC 63046:2020 © IEC 2020

A.3.2 Analysis of event sequences ......................................................................... 64

A.3.3 Assessment of design basis: deterministic/probabilistic methods ................... 64
A.4 Defence in Depth .................................................................................................. 64
Annex B (informative) AC Interruptible Electrical Power System .......................................... 67
B.1 General ................................................................................................................. 67
B.2 Electrical design provisions ................................................................................... 67
B.2.1 Steady state conditions for Electrical Power System ...................................... 67
B.2.2 Electrical disturbances ................................................................................... 68
B.3 Design of the Interruptible power system .............................................................. 71
B.3.1 Design of the preferred power supply ............................................................ 71
B.3.2 Design of the off-site power supply ................................................................ 71
B.3.3 Design of on-site preferred power supply ....................................................... 72
B.3.4 Design of the AC interruptible power systems important to safety .................. 72
B.3.5 Design of internal standby sources ................................................................ 72
B.4 Preferred power supply system (from IAEA SSG 34:2016, chapter 6, clauses
6.1 to 6.44) ........................................................................................................... 73
B.4.1 General ......................................................................................................... 73
B.4.2 Operation ...................................................................................................... 73
B.4.3 Grid interface and agreement with grid operator ............................................ 73
B.4.4 Reliability of the preferred power supply ........................................................ 73
B.4.5 Off-site power supplies .................................................................................. 74
B.4.6 Availability ..................................................................................................... 75
B.4.7 Independence of off-site circuits .................................................................... 75
B.4.8 Switchyard ..................................................................................................... 76
B.5 Safety power supply system supporting DBC ........................................................ 76
B.5.1 General ......................................................................................................... 76
B.5.2 Design (from IAEA SSG 34:2016, chapter 7, clauses 7.36 to 7.63) ................ 77
B.5.3 Testing (from IAEA SSG 34:2016, chapter 7, clauses 7.64 to 7.67)................ 79
B.5.4 Performance criteria (transient and dynamic) (from IAEA SSG 34:2016,
chapter 7, clauses 7.68 to 7.70) ..................................................................... 79
B.5.5 Relay protection of standby power sources (from IAEA SSG 34:2016,
chapter 7, clauses 7.71 to 7.75) ..................................................................... 79
B.5.6 Support systems for standby AC power sources ............................................ 80
B.5.7 Fuel for standby AC power sources ............................................................... 80
B.6 Power supply system important to safety supporting DEC ..................................... 80
B.6.1 General ......................................................................................................... 80
B.6.2 Design (from IAEA SSG 34:2016, chapter 8, clauses 8.1 to 8.18) .................. 81
B.7 Mobile sources connections network ..................................................................... 82
B.8 Monitoring and switching of buses ........................................................................ 82
Annex C (informative) Earthing ............................................................................................ 84
Annex D (informative) Logic diagram followed for the design of the EPS .............................. 85
Bibliography .......................................................................................................................... 86

Figure 1 – Scope of work of this document............................................................................ 10

Figure 2 – Architecture of Electrical Power System ............................................................... 12
Figure 3 – Connections between the overall Electrical Power System life cycle and the
life cycles of the electrical power sub- systems ..................................................................... 25
Figure 4 – Typical voltage design bases (IEC 62855) ............................................................ 43

Table A.1 – Support of the electrical power supply for the defence in depth of the plant ....... 66

IEC 63046:2020 © IEC 2020 –5–

INTERNATIONAL ELECTROTECHNICAL COMMISSION

____________

NUCLEAR POWER PLANTS –

ELECTRICAL POWER SYSTEM –
GENERAL REQUIREMENTS

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.

International Standard IEC 63046 has been prepared by subcommittee 45A: Instrumentation,
control and electrical power systems of nuclear facilities, of IEC technical committee 45:
Nuclear instrumentation.

The text of this International Standard is based on the following documents:

FDIS Report on voting

45A/1348/FDIS 45A/1355/RVD

Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.

This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

–6– IEC 63046:2020 © IEC 2020

The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "[Link] in the data related to
the specific document. At this date, the document will be

• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.

IEC 63046:2020 © IEC 2020 –7–

INTRODUCTION

a) Technical background, main issues, and organisation of the Standard

The purpose of this standard is to provide the high level specification and requirement to
implement a suitable Electrical Power System in a Nuclear Power Plant (NPP).

The electric power system in NPPs supports reactor systems important to safety. It also
allows electric energy production providing the transmission grid with active and reactive
power and electro-mechanical inertia.

The designers, operators of NPPs (utilities), equipment suppliers, systems evaluators and
licensors, may use this document.

b) Situation of the current Standard in the structure of the IEC SC 45A standard series

The entry point of the IEC SC 45A standard series should be summary report introducing the
two first level standards for I&C (IEC 61513) and the Electrical Power System (IEC 63046).

This document is the first level IEC SC 45A document tackling the issue of general
requirements for Electrical Power System and sub-systems.

For more details on the structure of the IEC SC 45A standard series, see item d) of this
introduction.

c) Recommendations and limitations regarding the application of this Standard

It is important to note that this Standard establishes no additional functional requirements for
safety systems.

To ensure that the Standard will continue to be relevant in future years, the emphasis has
been placed on issues of principle, rather than specific technologies.

d) Description of the structure of the IEC SC 45A standard series and relationships
with other IEC documents and other bodies documents (IAEA, ISO)

The top-level documents of the IEC SC 45A standard series are IEC 61513 and IEC 63046.
IEC 61513 provides general requirements for I&C systems and equipment that are used to
perform functions important to safety in NPPs. IEC 63046 provides general requirements for
electrical power systems of NPPs; it covers power supply systems including the supply
systems of the I&C systems. IEC 61513 and IEC 63046 are to be considered in conjunction
and at the same level. IEC 61513 and IEC 63046 structure the IEC SC 45A standard series
and shape a complete framework establishing general requirements for instrumentation,
control and electrical systems for nuclear power plants.

IEC 61513 and IEC 63046 refer directly to other IEC SC 45A standards for general topics
related to categorization of functions and classification of systems, qualification, separation,
defence against common cause failure, control room design, electromagnetic compatibility,
cybersecurity, software and hardware aspects for programmable digital systems, coordination
of safety and security requirements and management of ageing. The standards referenced
directly at this second level should be considered together with IEC 61513 and IEC 63046 as
a consistent document set.

At a third level, IEC SC 45A standards not directly referenced by IEC 61513 or by IEC 63046
are standards related to specific equipment, technical methods, or specific activities. Usually
these documents, which make reference to second-level documents for general topics, can be
used on their own.

–8– IEC 63046:2020 © IEC 2020

A fourth level extending the IEC SC 45 standard series, corresponds to the Technical Reports
which are not normative.

The IEC SC 45A standards series consistently implements and details the safety and security
principles and basic aspects provided in the relevant IAEA safety standards and in the
relevant documents of the IAEA nuclear security series (NSS). In particular this includes the
IAEA requirements SSR-2/1, establishing safety requirements related to the design of nuclear
power plants (NPPs), the IAEA safety guide SSG-30 dealing with the safety classification of
structures, systems and components in NPPs, the IAEA safety guide SSG-39 dealing with the
design of instrumentation and control systems for NPPs, the IAEA safety guide SSG-34
dealing with the design of electrical power systems for NPPs and the implementing guide
NSS17 for computer security at nuclear facilities. The safety and security terminology and
definitions used by SC 45A standards are consistent with those used by the IAEA.

IEC 61513 and IEC 63046 have adopted a presentation format similar to the basic safety
publication IEC 61508 with an overall life-cycle framework and a system life-cycle framework.
Regarding nuclear safety, IEC 61513 and IEC 63046 provide the interpretation of the general
requirements of IEC 61508-1, IEC 61508-2 and IEC 61508-4, for the nuclear application
sector. In this framework IEC 60880, IEC 62138 and IEC 62566 correspond to IEC 61508-3
for the nuclear application sector.

IEC 61513 and IEC 63046 refer to ISO as well as to IAEA GS-R part 2 and IAEA GS-G-3.1
and IAEA GS-G-3.5 for topics related to quality assurance (QA).

At level 2, regarding nuclear security, IEC 62645 is the entry document for the IEC/SC 45A
security standards. It builds upon the valid high level principles and main concepts of the
generic security standards, in particular ISO/IEC 27001 and ISO/IEC 27002; it adapts them
and completes them to fit the nuclear context and coordinates with the IEC 62443 series. At
level 2, IEC 60964 is the entry document for the IEC/SC 45A control rooms standards and
IEC 62342 is the entry document for the ageing management standards.

NOTE 1 It is assumed that for the design of I&C systems in NPPs that implement conventional safety functions
(e.g. to address worker safety, asset protection, chemical hazards, process energy hazards) international or
national standards would be applied.

NOTE 2 IEC/SC 45A domain was extended in 2013 to cover electrical systems. In 2014 and 2015 discussions
were held in IEC/SC 45A to decide how and where general requirements for the design of electrical systems were
to be considered. IEC/SC 45A experts recommended that an independent standard be developed at the same level
as IEC 61513 to establish general requirements for electrical systems. Project IEC 63046 was launched to cover
this objective. As IEC 63046 is published, from now on this Note 2 of the introduction of IEC/SC 45A standards will
not be included in the newly published standards.

IEC 63046:2020 © IEC 2020 –9–

NUCLEAR POWER PLANTS –

ELECTRICAL POWER SYSTEM –
GENERAL REQUIREMENTS

1 Scope

1.1 General

This document:

• provides requirements and recommendations for the overall Electrical Power System. In
particular, it covers interruptible and uninterruptible Electrical Power Systems including
the systems supplying the I&C systems;
• is consistent and coherent with IEC 61513. Like IEC 61513, this document also highlights
the need for complete and precise requirements, derived from the plant safety goals.
Those requirements are prerequisites for generating the comprehensive requirements for
the overall Electrical Power System architecture, and for the electrical power supply sub-
systems;
• has to be considered in conjunction with and at the same level as IEC 61513. These two
standards provide a complete framework establishing general requirements for
instrumentation, control, and Electrical Power System for Nuclear Power Plants.

This document establishes:

• the high level specification and requirement to implement a suitable Electrical Power
System in a NPP that supports reactor systems important to safety. It also enables
electrical energy production providing the transmission grid with active and reactive power
and electro-mechanical inertia;
• the relationships between:
– the plant safety requirements and the architecture of the overall Electrical Power
System and its sub-systems (see Figure 1) including:
a) the contribution to the plant Defence in Depth;
b) the independency and redundancy provisions;
– the electrical requirements and the architecture of the Electrical Power System and its
sub-systems;
– the functional requirements and the architecture of the Electrical Power System and its
sub-systems;
– the requirements associated with the maintenance strategy and the architecture of the
Electrical Power System and its sub-systems;
• the design of Electrical power sub-systems (e.g. interruptible and uninterruptible);
• the requirements for supporting systems of Electrical Power System (HVAC, I&C, etc.);
• the Electrical Power System life-cycle framework.

This document does not cover the specification of:

• I&C systems;
• the transmission lines connecting to substations outside the NPP;
• electrical equipment requirements already defined in the industrial IEC standards;
• electrical power for security systems (e.g., fences, surveillance systems, entrance
control);

– 10 – IEC 63046:2020 © IEC 2020

• lighting and socket facility.

This document does not consider power production requirements.

Figure 1 – Scope of work of this document

NOTE Figure 1 is based on IAEA SSG34:2016, Figure 3, with adaptation regarding the scope.

IEC 63046:2020 © IEC 2020 – 11 –

This figure provides only an example. Various possible arrangements of buses, loads, generators and
interconnections would meet the requirements of SSR-2/1. Furthermore, many elements of the plant system, such
as buses that are not important to safety and direct current power systems, are not shown. This figure is intended
only to represent the relationship between the elements of the plant power systems that are within the safety
classification and the preferred power supply. The elements of the preferred power supply that are not within the
bounds of the important to safety power supply are outside the scope of the plant safety classification. The system
elements included in the important to safety power supplies will differ according to plant design and the
classification methods applied in different States. The classification methods are held by IEC 61226. Some plant
designs may not require safety standby power sources. All nuclear power plants are expected to have safety direct
current power supplies.

1.2 Application: new and pre-existing plants

This document is applicable to the Electrical Power System of new nuclear power plants and
upgrading or back fitting of existing plants.

For existing plants, only a subset of requirements may be applicable and this subset should
be identified at the beginning of any project.

1.3 Framework

This document consists of six normative clauses (an overview is provided in Figure 2):

– Clause 6 addresses the identification of requirements;

– Clause 7 addresses the design of the electrical architecture;
– Clause 8 addresses the sub-system requirements;
– Clause 9 addresses the verification;
– Clause 10 addresses the overall integration and commissioning;
– Clause 11 addresses the overall operation and maintenance.

1.4 Interaction with level 2 standards

This document shall permit an electrical designer to establish the list of requirements
applicable for the design.

It also provides the different provisions applicable for the different requirements.

These provisions will be applied to the different type of power networks (sub-system):

• interruptible AC power network;

• uninterruptible power network.

Moreover, other transverse level 2 standards will define requirements applicable to electrical
architecture definition.

The nuclear standards linked with the safety provisions (such as safety classification,
separation, qualification or surveillance testing, etc.) are considered as input data for this
document.

– 12 – IEC 63046:2020 © IEC 2020

6 Architecture of Electrical Power System: Identification of requirements

6.2 Safety requirements 6.3 Electrical requirements

6.2.1 Defence in Depth 6.3.1 Requirements coordinated with
the electric grid operator
6.2.2 Application of Single Failure 6.3.2 Electrical disturbances
Criterion
6.2.3 Management of the Common Cause
Failure
6.2.4 Loss Of Off-site Power conditions 6.4 Functional, performance
requirements
6.2.5 Station Black Out conditions
6.2.6 Loss of Electrical power conditions 6.5 Maintenance requirements
6.2.7 Application of internal and external
Hazards
6.2.8 Nuclear security requirements
6.2.9 Classification requirements
6.2.10 Probabilistic requirements

7 Overall Architecture of Electrical Power System and structured approach: Design of the electrical architecture

7.2 Safety design provision 7.3 Electrical design provision 7.6 Multi-unit shared
electrical power systems
7.2.1 Defence in Depth in the Electrical 7.3.2 Coordination with the grid
Power System
7.2.2 SF in the Electrical Power System 7.3.3 Design to achieve electrical 7.7 Electrical system
requirements layout
7.2.3 CCF in the Electrical Power System
7.2.4 Provisions for coping with LOOP 7.4 Functional and performance 7.8 Supporting and
design provisions associated systems for the
EPS
7.2.5 Provisions for coping with SBO 7.4.2 Electrical Power System studies
7.2.6 Provisions to avoid or reduce Loss 7.4.3 Design of the Interruptible Power 7.9 Overall quality
of Electrical Power Supply System assurance programs
7.2.7 Classification consideration 7.4.4 Design of the Uninterruptible
Power Supply System
[Link] Qualification 7.10 Requirements for
output documentation
[Link] Surveillance Testing 7.5 Maintenance
7.2.8 Provisions to achieve the reliability 7.5.1 Consideration of the maintenance
target for the Electrical Power System in the electrical design

8 Sub-System requirements

8.1 Electrical Power System basis 8.4 AC Interruptible Electrical Power 8.6 Coordination and
requirements Supply System interaction with the grid

8.2 Equipment design specification 8.5 AC/DC Uninterruptible Power 8.7 Earthing
Supply System

8.3 Equipment requirements

9 Verification of the architecture of the Electrical Power System

9.2 Computerised tools and models 9.3 Test requirements

verification

10 Overall integration and commissioning

10.2 Requirements 10.3 Output documentation

11 Overall operation and maintenance

11.2 Requirements 11.3 Output documentation

12 System quality assurance plan

12.2 System verification plan 12.3 System configuration 12.4 Fault resolution
management plan procedures

Figure 2 – Architecture of Electrical Power System

IEC 63046:2020 © IEC 2020 – 13 –

2 Normative references

The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.

IEC 60038:2009, IEC standard voltages

IEC 60671, Nuclear power plants – Instrumentation and control systems important to safety –
Surveillance testing

IEC 60709:2018, Nuclear power plants – Instrumentation, control and electrical power
systems important to safety – Separation

IEC/IEEE 60780-323, Nuclear facilities – Electrical equipment important safety – Qualification

IEC 60964:2018, Nuclear power plants – Control rooms – Design

IEC/IEEE 60980-344, Nuclear facilities – Equipment important to safety – Seismic

qualification

IEC 61225, Nuclear power plants – Instrumentation, control and electrical power systems –
Requirements for static uninterruptible DC and AC power supply systems

IEC 61226:2020, Nuclear power plants – Instrumentation, control and electrical power
systems important to safety – Categorization of functions and classification of systems

IEC 61513:2011, Nuclear power plants – Instrumentation and control important to safety –
General requirements for systems

IEC 62671, Nuclear power plants – Instrumentation and control important to safety –
Selection and use of industrial digital devices of limited functionality

IEC 62808, Nuclear power plants – Instrumentation and control systems important to safety –
Design and qualification of isolation devices

IEC 62855:2016, Nuclear power plants – Electrical power systems – Electrical power systems
analysis

IEC 62859, Nuclear power plants – Instrumentation and control systems – Requirements for
coordinating safety and cybersecurity

IEC 63272, Nuclear facilities – Electrical power systems – AC interruptible power supply
systems

ISO 9001:2015, Quality management systems – Requirements

IAEA Safety Guide GS-G-3.1:2006, Application of the management System for facilities and
activities

IAEA GS-R, Part 2:2016, Leadership and Management for Safety

IAEA Safety Guide SSG-34:2016, Design of electrical power systems in Nuclear Power Plants

– 14 – IEC 63046:2020 © IEC 2020

3 Terms and definitions

For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following
addresses:

• IEC Electropedia: available at [Link]

• ISO Online browsing platform: available at [Link]
NOTE The current terms have been defined based on IAEA and IEC definitions. Some have been slightly modified
or adapted to the electrical scope.

3.1
alternate power supply
power source reserved for the use for the power supply to the plant during total loss of all
non-battery power in the safety power systems (station blackout) and other design extension
conditions

[SOURCE: IAEA SSG-34:2016]

3.2 anticipated operational occurrences

deviation of an operational process from normal operation that is expected to occur at least
once during the operating lifetime of a facility but which, in view of appropriate design
provisions, does not cause any significant damage to items important to safety or lead to
accident conditions

Note 1 to entry: Examples of anticipated operational occurrences are loss of normal electrical power and faults
such as a turbine trip, malfunction of individual items of a normally running plant, failure to function of individual
items of control equipment, and loss of power to the main coolant pump.

Note 2 to entry: Some States and organizations use the term abnormal operation (for contrast with normal
operation) for this concept.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.3
cable route
physical pathway through the plant along which multiple cables can be laid, such as through a
room or duct in the plant building, or a metal duct, tray, or tube, or a duct below or gantry over
roads

[SOURCE: IEC 60709:2018, 3.3]

3.4
common cause failure
CCF
failure of two or more structures, systems or components due to a single specific event or
cause

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.5
component
one of the parts that make up a system

Note 1 to entry: A component may be a hardware component (e.g. transistors, integrated circuits, motors, relays,
solenoids, pipes, fittings, pumps, tanks and valves) or a software component (e.g. modules, routines, programmes,
software functions).

Note 2 to entry: A component may be made up of other components.

IEC 63046:2020 © IEC 2020 – 15 –

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.6
defence-in-depth
hierarchical deployment of different levels of diverse equipment and procedures to prevent the
escalation of anticipated operational occurrences and to maintain the effectiveness of
physical barriers placed between a radiation source or radioactive material and workers,
members of the public or the environment, in operational states and, for some barriers, in
accident conditions

Note 1 to entry: Five levels of defence in depth are discussed in IAEA SSR-2/[Link]
a) The purpose of the first level of defence is to prevent deviations from normal operation and the failure of
items important to safety.
b) The purpose of the second level of defence is to detect and control deviations from normal operation in order
to prevent anticipated operational occurrences from escalating to accident conditions.
c) The purpose of the third level of defence is to prevent damage to the reactor core and releases of radioactive
material requiring off-site protective actions and to return the plant to a safe state by means of inherent
and/or engineered safety features, safety systems and procedures.
d) The purpose of the fourth level of defence is to prevent the progress of, and to mitigate the consequences of,
accidents that result from failure of the third level of defence by preventing accident sequences that lead to
large radioactive releases or early radioactive releases from occurring.
e) The purpose of the fifth and final level of defence is to mitigate radiological consequences of a large release
or an early release of radioactive material that could potentially result from an accident.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.7
design basis accident
postulated accident leading to accident conditions for which a facility is designed in
accordance with established design criteria and conservative methodology, and for which
releases of radioactive material are kept within acceptable limits

Note 1 to entry: Design basis condition refer to design basis accident

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.8
design extension conditions
postulated accident conditions that are not considered for design basis accidents, but that are
considered in the design process of the facility in accordance with best estimate methodology,
and for which releases of radioactive material are kept within acceptable limits. Design
extension conditions include conditions in events without significant fuel degradation and
conditions with core melting

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.9
diversity
presence of two or more independent (redundant) systems or components to perform an
identified function, where the different systems or components have different attributes so as
to reduce the possibility of common cause failure, including common mode failure

Note 1 to entry: Examples of such attributes are: different operating conditions, different working principles or
different design teams (which provide functional diversity), and different sizes of equipment, different
manufacturers, and types of equipment (which provide diversity of equipment) that use different physical methods
(which provide physical diversity).

Note 2 to entry: Functional diversity. Application of diversity at the level of functions in applications in methods
(which provide physical diversity). process engineering (e.g. for the actuation of a trip on both a pressure limit and
a temperature limit).

[SOURCE: IAEA Safety Glossary, 2018 edition]

– 16 – IEC 63046:2020 © IEC 2020

3.10
division
collection of items, including their interconnections, that form one redundancy of a redundant
system or safety group. Divisions may include multiple channels

Note 1 to entry: In the context of this document, “division” includes a given system or set of components that
enables the establishment and maintenance of physical, electrical, and functional independence from other
redundant sets of components.

[SOURCE: IAEA SSG-39, 2016]

3.11
electrical isolation
electrical isolation is used to prevent electrical failures in one system from affecting
connected systems. Electrical isolation controls or prevents adverse interactions between
equipment and components caused by factors such as electromagnetic interference,
electrostatic pickup, short circuits, open circuits, earthing, or application of the maximum
credible voltage (AC or DC)

[SOURCE: IAEA SSG-34:2016 and SSG-39: 2016]

3.12
Electrical Power System
EPS
system performing electrical power generation, transmission and distribution; performing
supply functions to operate plant equipment (pumps, valves, heaters, etc.) and to I&C
systems

Note 1 to entry: The Electrical Power System is composed by several electrical power sub-systems.

Note 2 to entry: An electrical system can integrate E/E/PE items to perform its internal electrical control and
protection.

3.13
electrical power sub-system
two main sub-systems are defined (each of them covering the different level of Defence in
Depth):

• interruptible power supply system;

• uninterruptible power supply system.
each sub-system covers the following levels:

• power supply system not important to safety;

• power supply system important to safety:
– safety power supply system supporting DBC;
– power supply system supporting DEC.

3.14
Electrical Power System life cycle
necessary activities involved in the implementation of an Electrical Power System occurring
during a period of time that starts at a concept phase with the system requirements
specification and finishes when the Electrical Power System is no longer available for use

3.15
electrical source transfer
transfer from an initial electrical power source to an alternative supply source (automatically
or manually) when the initial electrical power source does not provide the performance
required by the Electrical Power System

IEC 63046:2020 © IEC 2020 – 17 –

Note 1 to entry: A bus transfer or the transfer to standby AC power source are electrical source transfers.

3.16
equipment
assembly of components designed and manufactured to perform specific functions

Note 1 to entry: Sensors, cables, electrically operated valves, I&C cabinet or racks are examples of equipment.

[SOURCE: IEEE Standards Dictionary Online]

3.17
frontline system
system composed of mechanical equipment (pumps, valves, heaters, etc.) that directly acts
on the plant process to perform a function

3.18
house load operation
operation of a nuclear power plant to supply power only to its own electrical loads

[SOURCE: IEC 62855:2016, 3.2]

3.19
human factors engineering
engineering in which factors that could influence human performance and that could affect
safety are understood and are taken into account, especially in the design and operation of
facilities

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.20
I&C system
system, based on electrical and/or electronic and/or programmable electronic technology,
performing I&C functions as well as service and monitoring functions related to the operation
of the system itself

Note 1 to entry: The term is used as a general term that encompasses all elements of the system such as internal
power supplies, sensors, and other input devices, data highways and other communication paths, interfaces to
actuators and other output devices (see Note 2). The different functions within a system may use dedicated or
shared resources.

Note 2 to entry: The elements included in a specific I&C system are defined in the specification of the boundaries
of the system.

Note 3 to entry: According to their typical functionality, IAEA distinguishes between automation / control systems,
HMI systems, interlock systems and protection systems (see Clause B.4).

[SOURCE: IEC 61513:2011, 3.29]

3.21
independence
condition that exists when successful completion of a system’s required functions is not
dependent upon any behaviour including failures and normal operation of another system, or
upon any signals, data, or information derived from the other system

Note 1 to entry: The following definition is to be found in the IAEA Safety Glossary edition 2016 for “independent
equipment”: “Equipment that possesses both the following characteristics: a) The ability to perform its required
function is unaffected by the operation or failure of other equipment; b) The ability to perform its required function
is unaffected by the occurrence of the effects resulting from the initiating event for which it is required to
function..”. This IAEA definition is limited to equipment but is consistent with the definition given in this document.

Note 2 to entry: For the Electrical Power System, independence can be required between divisions or between
different level of Defence in Depth (LoDiD).

– 18 – IEC 63046:2020 © IEC 2020

[SOURCE: IEC 60709:2018, 3.13]

3.22
interruptible power supply system
power supply of loads for which a defined power supply interruption time does not impair the
mission of the safety objective

3.23
item important to safety
item that is part of a safety group and/or whose malfunction or failure could lead to radiation
exposure of the site personnel or members of the public

Note 1 to entry: Items important to safety include:

a) those structures, systems and components whose malfunction or failure could lead to undue radiation exposure
of the site personnel or members of the public.
b) those structures, systems and components that prevent anticipated operational occurrences from leading to
accident conditions.
c) Safety features (for design extension conditions).
d) those features which are provided to mitigate the consequences of malfunction or failure of structures, systems
or components.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.24
loss of electrical power
plant condition corresponding to a Station Black-Out Condition and also the loss of alternate
AC power supplies

Note 1 to entry: DC power supplies and uninterruptible AC power supplies may be available as long as batteries
can supply the loads.

3.25
loss of off-site power
simultaneous loss of electrical power to all unit safety buses, requiring the standby AC power
sources to start and supply power to the safety buses

Note 1 to entry: DC systems and uninterruptible AC systems safety buses are not included.

[SOURCE: IEC 62855:2016, 3.4]

3.26
mission time
operational period required for electrical loads or sources after the initiation of accidental
conditions during which equipment shall be capable of operating within the limits of its
acceptability criteria for the specified operating conditions

3.27
nuclear security
the prevention and detection of, and response to, criminal or intentional unauthorized acts
involving nuclear material, other radioactive material, associated facilities or associated
activities or the prevention and detection of, and response to, theft, sabotage, unauthorized
access, illegal transfer or other malicious acts involving nuclear material, other radioactive
material or their associated facilities

[SOURCE: IAEA Safety Glossary, 2018 edition]

IEC 63046:2020 © IEC 2020 – 19 –

3.28
performance
effectiveness with which an intended function is carried out (e;g; time response, accuracy,
sensitivity to parameter changes)

[SOURCE: IEC 61226:2020, 3.16]

3.29
plant equipment

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.30
plant states

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.31
power balance
steady state active and reactive power required by the Electrical Power System

3.32
preferred power supply.
power supply from the transmission system to the safety classified electrical power system

– 20 – IEC 63046:2020 © IEC 2020

Note 1 to entry: Some portions of the preferred power supply are not part of the safety classification.

Note 2 to entry: In the standard context, the transmission system is out of scope. The limits of PPS are the
switchyard that connects the NPP to the grid.

[SOURCE: IAEA SSG 34, 2016]

3.33
probabilistic safety assessment
PSA
comprehensive, structured approach to identifying failure scenarios, constituting a conceptual
and mathematical tool for deriving numerical estimates of risk

Note 1 to entry: Three levels of probabilistic safety assessment are generally recognized.
Level 1 comprises the assessment of failures leading to determination of the frequency of core damage.
Level 2 includes the assessment of containment response, leading, together with Level 1 results, to the
determination of frequencies of failure of the containment and release to the environment of a given
percentage of the reactor core’s inventory of radionuclides.
Level 3 includes the assessment of off-site consequences, leading, together with the results of Level 2 analysis,
to estimates of public risks.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.34
quality
degree to which a set of inherent characteristics of an object fulfils requirements

[SOURCE: ISO 9000:2015, 3.6.2]

3.35
quality assurance
part of quality management focused on providing confidence that quality requirements will be
fulfilled

[SOURCE: ISO 9000:2015, 3.3.6]

3.36
quality management
management with regard to quality

[SOURCE: ISO 9000:2015, 3.3.4]

3.37
redundancy
provision of alternative (identical or diverse) structures, systems and components, so that any
single structure, system or component can perform the required function regardless of the
state of operation or failure of any other

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.38
restoration time
maximum time required by an electrical equipment belonging to a system to be re-supplied by
an electrical power source

3.39
robustness of the Electrical Power System
ability of the Electrical Power System to perform its safety missions withstanding failures and
/or electrical disturbances

IEC 63046:2020 © IEC 2020 – 21 –

3.40
safety assessment
assessment of all aspects of facilities and activities that are relevant to protection and safety;
for an authorized facility, this includes siting, design and operation of the facility

analysis to predict the performance of an overall system and its impact, where the
performance measure is the radiological impact or some other global measure of the impact
on safety

the systematic process that is carried out throughout the design process (and throughout the
lifetime of the facility or the activity) to ensure that all the relevant safety requirements are
met by the proposed (or actual) design

Note 1 to entry: In the context of the design of the Electrical Power System, it is an analysis which provide for all
type of conditions, the loads required.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.41
safety case
collection of arguments and evidence in support of the safety of a facility or activity

Note 1 to entry: This will normally include the findings of a safety assessment and a statement of confidence in
these findings.

Note 2 to entry: For a disposal facility, the safety case may relate to a given stage of development. In such cases,
the safety case should acknowledge the existence of any unresolved issues and should provide guidance for work
to resolve these issues in future development stages.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.42
safety classification
for nuclear power plants, the assignment to a limited number of safety classes of systems and
components and other items of equipment on the basis of their functions and their safety
significance

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.43
safety group
assembly of equipment designated to perform all actions required for a particular initiating
event to ensure that the limits specified in the design basis for anticipated operational
occurrences and design basis accidents are not exceeded

Note 1 to entry: The IEEE 308-2001 note clarifies: A safety group may include one or more divisions. In a design
where each division can accomplish a safety function, each division is a safety group. However, a design
consisting of three 50 % capacity systems separated into three divisions would have three safety groups; any two
out of three divisions are required to be operating to accomplish the safety function.

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.44
safety related system
system important to safety that is not part of a safety system

[SOURCE: IAEA Safety Glossary, 2018 edition]

– 22 – IEC 63046:2020 © IEC 2020

3.45
safety system
system important to safety, provided to ensure the safe shutdown of the reactor or residual
heat removal from the reactor core, or to limit the consequences of anticipated operational
occurrences and design basis accidents

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.46
single failure
failure which results in the loss of capability of a single system or component to perform its
intended safety function(s), and any consequential failure(s) which result from it

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.47
single failure criterion
criterion (or requirement) applied to a system such that it must be capable of performing its
task in the presence of any single failure

[SOURCE: IAEA Safety Glossary, 2018 edition]

3.48
standby AC power source
power source, capable of supplying the necessary power in anticipated operational
occurrences and accident conditions, in the event of the loss of off-site power and main
generator

3.49
station blackout
plant condition with complete loss of all AC power from off-site sources, from the main
generator and from safety classified standby AC power sources to the essential and
nonessential switchgear buses

[SOURCE: IAEA SSG-34:2016]

3.50
system disturbance
electrical disturbance
unplanned sudden change in electric power system operating condition that causes
widespread power quality problems or interruptions

Note 1 to entry: In this document the term “electrical disturbance” is used.

Note 2 to entry: A system disturbance can be initiated by a fault in the transmission system, a trip of a generation
unit, loss of load, or any combination thereof. System disturbance can lead to abnormal ranges of frequency or
voltage, loss of power system stability or cascading outages of power transmission circuits and as well widespread
interruption of customer load.

Note 3 to entry: The electrical disturbances can also generate electromagnetic disturbances that may affect the
Electrical power systems.

[SOURCE: IEC 60050-692:2017,692-1-10]

3.51
transmission system operator
party responsible for providing and operating networks for long distance transmission of
electricity as well as regional distribution and responsible to ensure the system security with a
high level of reliability and quality

IEC 63046:2020 © IEC 2020 – 23 –

3.52
uninterruptible power supply system
power supply for loads required to ensure functional availability during the unavailability of the
interruptible power supply

Note 1 to entry: Specific loads requiring high voltage stability can also be supplied power by the uninterruptible
power supply system.

Note 2 to entry: Typical loads of the uninterruptible power supply systems are: isolation valves, dampers, I&C and
monitoring systems.

4 Abbreviated terms

NOTE Elaborated based on IAEA and IEC and electrical power systems symbols and abbreviations and adapted
to the electrical scope.
AC alternating current
BIL basic insulation level
CCF common cause failure
CDF core damage frequency
CM configuration management
DBA design basis accident
DBC design basis conditions
DBE design basis event
DC direct current
DEC design extension conditions
DiD defense in depth
DSO distribution system operator
E/E/PES electrical/electronic/programmable electronic system
EMI electromagnetic interference
EMIT examination maintenance in-service inspection and surveillance testing
EPS Electrical Power System
EQ environmental qualification
ETS equipment technical specification
HMI human machine interface
HV high voltage
HVAC heating ventilation and air conditioning system
I&C instrumentation and control
IAEA International Atomic Energy Agency
INSAG International Nuclear Safety Group
I/O input/output
LEP loss of electrical power
LoDiD level of defence in depth
LOOP loss of offsite power
LV low voltage
NPP nuclear power plant
PIE postulated initiating events
PPS preferred power supply
PSA probabilistic safety assessment

– 24 – IEC 63046:2020 © IEC 2020

QA quality assurance
SBO station black out
SF single failure
SFC single failure criterion
SSC structure, system and component
SLD single line diagram
SSG specific safety guide
SSR specific safety requirement
TSO transmission system operator
UPS uninterruptible power supply

5 Overall Electrical Power System life cycle

The phases of a typical overall Electrical Power System life cycle include:

a) review of the requirement applicable to the Electrical Power System (see Clause 6):
• safety requirements applicable (see 6.2);
• electrical requirements (see 6.3);
• functional, performance requirements (see 6.4);
• maintenance requirements (see 6.5);
b) design of the electrical architecture (see Clause 7):
• safety design provisions (see 7.2);
• electrical design provisions (see 7.3);
• functional and performance design provisions (see 7.4);
• maintenance provisions (see 7.5);
c) electrical sub-systems requirements (see Clause 8);
d) verification of the architecture of the Electrical Power System (see Clause 9);
e) overall integration and commissioning of the systems (see Clause 10);
f) overall operation and maintenance (see Clause 11).

The connections between this life cycle and the life cycles of the electrical sub-systems are
shown in simplified form in Figure 3.

IEC 63046:2020 © IEC 2020 – 25 –

Figure 3 – Connections between the overall Electrical Power System life cycle
and the life cycles of the electrical power sub- systems

6 Architecture of Electrical Power System: identification of requirements

6.1 Objectives

The objective of this clause is to define the requirements applicable to the design of the
Electrical Power System.

The Electrical Power System architecture shall:

• comply with the safety requirements applicable to the NPP such as:
– provision of a Defence in Depth approach consistent with that of supported systems
and their importance to safety in accordance with the plant design basis;
– application of Single Failure Criterion;
– management of Common Cause Failure;
– Loss Of Off-site Power conditions;
– Station Black Out conditions;
– Loss of Electrical Power conditions;
– robustness against Internal and External Hazards;
– categorisation and classification requirements;
– reliability requirements for probabilistic safety assessment.

– 26 – IEC 63046:2020 © IEC 2020

• comply with the electrical requirements applicable to the NPP such as:
– requirements coordinated with the electric grid operator;
– robustness of the Electrical Power System against electrical disturbances.
• comply with the functional requirements applicable to the Electrical Power System (as a
support system);
• comply with the requirements associated with maintenance strategy;
• support the full lifecycle of the nuclear power plant (commissioning, operation, and
decommissioning).

The safety requirements and their application to the supporting Electrical Power System shall
be broken down and derived within the electrical power architecture, electrical power sub-
systems and equipment requirements.

NOTE It is assumed that for the design of the Electrical Power System in NPPs that implement conventional
safety functions (e.g. to address worker safety, asset protection, chemical hazards, process energy hazards)
international or national standard for conventional electrical equipment would be applied.

The combination of applicable requirements for safety and maintenance strategy should be
established as an input data.

6.2 Safety requirements applicable to the electrical architecture design

6.2.1 Defence in Depth

The electrical design process should develop the Defence in Depth concept in accordance
with the plant safety design basis.

The strategy regarding implementation of the different LoDiD in the project should be
specified as an input data to clarify the following:

• levels of Defence in Depth for each operating condition;

• boundaries between the levels of Defence in Depth;
• requirements for independence between these levels.

6.2.2 Application of Single Failure Criterion

The single failure criterion shall be applied to a system such that it shall be capable of
performing its defined task in the presence of any single failure.

Applicability of the single failure criterion shall be specified for each LoDiD as an input data
from the safety assessment for the electrical design.

NOTE Usually SF criteria is applicable at DBC level.

6.2.3 Management of the Common Cause Failure

In the design of the Electrical Power System the robustness against common cause failures
shall be assessed to meet the safety requirements of the supported functions.

The robustness requirements for the system should be established and substantiated based
on relevant reliability data derived either from plant, or a set of plant, national and
international databases.

6.2.4 Loss Of Off-site Power conditions

The Electrical Power System shall be designed so as to reduce the risk of loss of off-site
power during design basis conditions in all specified plant operating states and conditions.

IEC 63046:2020 © IEC 2020 – 27 –

Adequate provisions shall be included in the design to prevent any fuel damage during a Loss
Of Off-site Power condition in order to maintain the electrical power supply system’s ability to
support plant safety functions.

6.2.5 Station Black Out conditions

The Electrical Power System shall be designed so as to reduce the risk of station black out
conditions during design extension conditions in all specified plant operating states and
conditions.

Adequate provisions shall be included in the design to prevent any fuel damage during station
blackout conditions in order to maintain the plant’s ability to support safety functions and
remove decay heat during design extension conditions.

6.2.6 Loss of Electrical Power conditions

The Electrical Power System shall be designed to reduce the risk of loss of electrical power
during design basis conditions and design extension conditions in all specified plant operating
states.

A LEP condition is a plant condition corresponding to a Station Black-Out Condition and the
loss of alternate AC power supplies.

Robustness against a LEP condition shall be specified as an input data for the electrical
design.

6.2.7 Application of internal and external Hazards

[Link] General

The Electrical Power System important to safety shall be robust against hazards applicable to
the NPP.

The following minimum list of hazards should be considered:

The assessment for each hazard shall consider:

• design basis conditions,

• design extension conditions,
• site specific requirements.
NOTE Example of climatic conditions: low and high temperature (air temperature and heat sink), snow, high wind,
ice storm.

– 28 – IEC 63046:2020 © IEC 2020

Hazards and combination rules between hazards to be considered shall be identified as input
data for the electrical design.

6.2.8 Nuclear security requirements

The design of Electrical Power System shall consider the applicable nuclear security (physical
plant protection) requirements.

These requirements shall be identified as input data for the electrical design.

6.2.9 Classification requirements

IEC 61226 defines a method of assignment of the plant specified functions into categories
according to their importance to safety.

Subsequent classification of the I&C and electrical power systems performing or supporting
these functions, based on the assigned category, then determines relevant design criteria.

The safety class of the electrical power sub-system part following the LoDiD shall not be
lower than the safety class of the systems supplied by the Electrical Power System.

6.2.10 Probabilistic requirements

PSA targets shall be identified as input data for electrical design.

6.3 Electrical requirements

6.3.1 Requirements coordinated with the electric grid operator

The electric grid operator can be the TSO (Transmission System Operator) or the DSO
(Distribution System Operator) dependent upon the voltage of the connection to the grid.

The following input data should be considered for the grid connections as defined by the
electric grid operator:

• grid voltage and frequency span;

• the minimum and maximum short circuit capacity of the Grid at the connection point;
• the reliability of the grid;
• fault ride through requirements;
• frequency response requirements;
• requirements for trip to house load (if applicable).

IEC 63046:2020 © IEC 2020 – 29 –

• the design of the EPS should also consider the specific requirement of the electric grid
operator (associated with the energy production).

6.3.2 Electrical disturbances

Electrical disturbances can generate variations from the rated operating values defined for the
three main electrical quantities:

• voltage (U);
• current (I);
• frequency (f).

The electrical disturbances can originate from:

• the electrical installation itself;

• human actions;
• natural events.

Symmetrical and asymmetrical disturbances can affect the plant. These events can be
initiated:

• in the transmission system or as a consequence of the plant separating from the grid
owing to anticipated faults or voltage and frequency variations beyond the defined
acceptable levels;
• by the tripping of the main generator, leaving the on-site power systems only connected to
either the off-site power systems or the on-site standby power systems;
• in the on-site power systems, as a result of an electrical event such as a motor starting, a
short circuit fault or switching surges.
NOTE Examples of electrical disturbances can be found in IEC 62855.

An electrical disturbance can initiate a common cause failure of the entire Electrical Power
System due to the electrical common point: the grid connection on one side and the main
generator on the other side.

The robustness of the Electrical Power System against CCF inducing SBO and LEP
conditions should be supported by effective protection against electrical disturbances.

The effects of electrical disturbances and potential protection measures should be analysed in
accordance with IEC 62855 and appropriate protection measures implemented.

6.4 Functional performance requirements

As a support system, the Electrical Power System supplies front line systems or other support
systems of the plant (such as HVAC or I&C) depending on the requirements of the supported
systems.

The electrical design process requires the following inputs from the supported systems
designers:

• the load list and associated electrical data required to perform the functions not important
to safety and important to safety, during operation, DBC and DEC;
• the type of power supplies required per load (interruptible or non-interruptible);
• functional and performance requirements of functions important to the safety required to
meet the general plant safety requirements;
• the mission time and maximum restoration time for loads in case of supply from on-site
power supply (AC or DC);

– 30 – IEC 63046:2020 © IEC 2020

• the design basis environmental conditions.

6.5 Maintenance requirements

Plant maintenance has two main objectives:

• maintaining equipment important to safety to support plant safety and functional

requirements;
• meeting power production targets (out of the scope of this document).

The impact of plant maintenance should be considered in the design of the electrical
architecture.

The maintenance strategy shall be used to specify the maintenance requirements. These
should be derived from the Plant Design Bases, operational and safety requirements.

7 Design of the electrical architecture

7.1 Objectives

The designer should consider the following plant requirements in the design of the Electrical
Power System architecture:

• provisions to achieve nuclear safety requirements;

• provisions to achieve the electrical performance requirements;
• provisions to achieve the functional requirements;
• provisions to achieve the maintenance requirements.

7.2 Safety design provision

7.2.1 Defence in Depth in the Electrical Power System

The Electrical Power System shall follow a Defence in Depth approach consistent with that of
the supported systems.

To provide robustness against identified electrical events (such as LOOP or SBO conditions),
the Electrical Power System shall include:

• a comprehensive electrical design of the Electrical Power System and its sub-systems
following the LoDiD approach, taking account of:
– inherent characteristics;
– use of measure(s) with one or several levels of defence in case of electrical faults
(electrical protection system).
• power sources associated to the different LoDiD for supplying the frontline equipment and
support systems.
• Following SSG34, generally 3 electrical supplies are identified:
– preferred power supply (covering LoDiD 1&2);
– safety power supply (covering LoDiD 3);
– alternate power supply (covering LoDiD 4);
• The requirement to integrate each power source in the EPS design shall be justified
through the performance design provisions (refer to 7.2.5).

The safety power system supporting DBC functions shall be supplied by the preferred power
supplies backed up by the standby power sources.

IEC 63046:2020 © IEC 2020 – 31 –

The power system supporting DEC functions should be supplied by the safety power system
supporting the DBC or by an alternate power supply in design extension conditions.

The preferred power supplies shall be the normal power supplies for all plant systems
important to safety. They shall always be the first choice of power supply to the electrical
safety power systems.

In order to meet plant safety claims regarding resilience to extended unavailability of power
sources, the provision of mobile power sources or additional power supplies should be
considered.

An example of design bases considerations for electrical power systems is provided in

informative Annex A.

NOTE Specific backed-up systems only designed for protection of equipment not important to safety are not part
of this description.

7.2.2 Single Failure in the Electrical Power System

The provision of redundancy in the Electrical Power System design is the principal factor in
meeting the single failure criterion.

The provision of redundancy in the Electrical Power System design should support robustness
in relation to the single failure criterion and improve the system reliability.

The design concept of the safety systems and the supporting Electrical Power System shall
be consistent so that the redundancy provisions of the electrical power generation and
distribution systems correspond to those of the supplied systems.

All exceptions to the SFC shall be justified in the safety analysis.

7.2.3 Common Cause Failure in the Electrical Power System

[Link] Types of CCF

[Link].1 General

The possibility of common cause failures, which could render the safety power systems
unavailable to perform their safety functions on demand, shall be considered in the design,
maintenance, testing and operation of the safety power systems and their support systems.

Several sources of CCF potentially affect the Electrical Power System:

• CCF arising from internal or external hazards;

• CCF arising from internal or external electrical disturbances;
• CCF of electrical equipment and components;
• CCF caused by software errors in programmable digital items;
• CCF caused by human factors (including operation and maintenance activities).

[Link].2 CCF resulting from internal or external hazards

The following provisions shall be considered to protect against internal and external hazards:

• inherent design characteristics of the equipment (e.g. Basic Insulation Level for equipment
relating to design basis lightning hazard);
• Electrical isolations (e.g. surge arresters);
• Physical separation (e.g. fire hazard).

– 32 – IEC 63046:2020 © IEC 2020

[Link].3 CCF induced from electrical disturbances

Electrical disturbances can initiate a common cause failure on the entire Electrical Power
System due to their electrical common point, the grid on one side and the main generator on
the other side.

The provisions to protect against this type of CCF should include:

• inherent design characteristics of the equipment (e.g. the short circuit capacity for
electrical equipment);
• a well-designed protection system
• physical separation and electrical isolations.

[Link].4 CCF on electrical equipment and components

The provisions to protect against this type of CCF should include:

• diversity (at functional or equipment level).

The electrical CCF analysis should evaluate the potential common cause failures of the
equipment composing the EPS.

Particular attention should be paid on the following equipment:

• on-site AC sources (e.g. diesel generator sets, combustion gas turbine sets);
• uninterruptible power systems including:
• batteries;
• rectifiers, inverters, converters.

The protection provisions against CCF should be justified through reliability data and CCF
analyses.

[Link].5 CCF caused by software errors in programmable digital items or cyber-

attacks in programmable digital items in the Electrical Power System

With the use of programmable digital items embedded in components of the Electrical Power
System, the vulnerability to common cause failures and cyber attacks associated shall be
evaluated to protect against a CCF condition on the Electrical Power System.

The provisions applicable are the use of dedicated standards such as IEC 62671 for
programmable digital items to minimise the risk of this kind of CCF.

The sensitivity to cyber-attacks of systems containing programmable digital items should be

considered (following IEC 62859).

[Link].6 CCF caused by human factors

The provisions to protect against this type of CCF should include:

• choices in the design of HMI interfaces;

• physical separation.
NOTE Different personnel could also bring robustness against this kind of CCF (administration procedure).

Concurrent activities (such as tests or maintenance) on redundant equipment which can

generate a CCF condition shall not be performed in the same time frame.

Assessment of the operability of equipment can lessen the risk of CCF due to human factors.

IEC 63046:2020 © IEC 2020 – 33 –

A human factors analysis of the Electrical Power System should be performed in order to
identify activities or operations which can initiate a CCF.

[Link] Provisions against Common Cause Failure

[Link].1 General

Independence provides defence against a single event, internal hazards, external hazards or
electrical disturbances from affecting redundant safety systems.

It also provides defence against a single event or hazard or disturbance from affecting
systems that provide different levels of Defence in Depth.

Consideration of failure processes should include:

• failures resulting from design basis events;

• common internal or external hazards or electrical disturbances;
• failure of support systems;
• common errors in design, manufacture, operations or maintenance;
• CCF induced by:
– electrical connections between systems in different divisions or LoDiD;
– data exchange between systems in different divisions or LoDiD;

Redundant portions of safety groups shall be independent of one another to ensure that the
safety group can perform its safety functions during and following any event.

Independence requirements between redundant or diverse part of circuits contributing to the

same safety function shall be derived from the frontline supported safety feature.

The provision of physical separation, diversity and/or electrical isolation should support
meeting independence requirements.

The benefit of using several diversified support systems (steam, compressed air, etc.) instead
of a common electrical support system should be considered.

[Link].2 Physical separation

The requirements for physical separation of circuits and equipment shall be met by the use of
distance, barriers, or any combination.

The level 2 standard IEC 60709 defines methods and provisions to achieve separation.

In the framework of the application of single failure criterion, segregation shall be applied to
reduce the risk of common cause failure of redundant parts of a system and its essential
support systems against hazards like fire, flooding, explosion, such that a single failure and
its consequences do not lead to the failure of more than one redundant provision.

[Link].3 Diversity within electrical power systems and equipment

The application of diversity to the design reduces the possibilities of common cause failures
of redundant systems due to common cause failure at system or equipment level.

If required following a CCF analysis, the electrical power systems shall be diversified in
accordance with the requirements of the supported safety feature.

– 34 – IEC 63046:2020 © IEC 2020

Diversity should be implemented during the design, manufacturing, operation configuration,

and maintenance phase or combinations of them.

Human diversity (different personnel) should also be taken into account in the design and
operation of the Electrical Power System.

The following approaches to diversity should be considered:

a) Functional diversity:
• diversity based on the physical principles of the implementation of the design,
technology or functions.
b) Material (or physical) diversity:
• diversity between the systems that fulfil the same function (use of a diversified,
dedicated and independent system or of an existing system), e.g.: the preferred power
supply should be diverse from the stand-by on site power supply.
• diversity between the redundant equipment or components within the same system
(diversity integrated into the system), for example: use of different battery
technologies.
• diversity between equipment manufacturers or batches.

The adequacy of the diversity provisions should be established and substantiated based on
relevant reliability data derived from either the plant database, or a series of plant, national or
international databases.

The implementation of diversity can add to the complexity of the Electrical Power System and
can increase the risk for errors in operation and maintenance. Diversity provision should be
based on the requirements identified by comprehensive analysis.

Where the design basis requires diversity for programmable digital items of an Electrical
Power System, the implementation should be based on the requirements of [Link].3.

In order to use diversity between equipment manufacturers, the diverse equipment should not
have common components which can initiate a CCF.

[Link].4 Electrical isolation

Electrical isolation facilities shall be provided to reduce the risk of electrical failures in one
system from affecting connected systems. Electrical isolation controls should reduce adverse
interactions between equipment and components caused by factors such as electromagnetic
interference, electrostatic pickup, short circuits, open circuits, earthing or overvoltage
conditions.

Electrical isolation shall be achieved by the use of isolation devices, shielding and wiring
techniques, or combinations of these.

Electrical isolation implemented between systems important to safety shall follow the
requirements of IEC 60709.

When interfaces exist between electrical components of higher and lower class, the
component at the interface shall be designed to prevent a failure or the consequences of
degraded conditions from propagating from a lower safety classified component to higher
safety classified components. This component shall be classified in accordance with the
highest safety class of the interconnected equipment.

Isolation devices for very low voltage systems shall be designed according to IEC 62808.
Typical isolation devices are: amplifiers, control switches, current transformers, fibre or photo
optic couplers, relays, transducers, circuit breakers, fuses.

IEC 63046:2020 © IEC 2020 – 35 –

Isolation devices for electrical power loads shall be designed according to IEC industry
standards. Typical isolation devices are circuit breakers and fuses associated with or without
contactors or switches.

[Link] Management of the Common Cause Failure requirements for the Electrical
Power System

[Link].1 General

The design process for the Electrical Power System shall include a CCF analysis.

[Link].2 Independence implementation for the Electrical Power System

[Link].2.1 General

The adequacy of design features to provide independence should be substantiated.

[Link].2.2 Independence between LoDiD

The interruptible power supply system important to safety shall have provisions to be supplied
from different electrical power sources following the LoDiD approach.

If non-electrical systems provide diverse mean for accomplishing a given function important to
safety, their associated power supplies and instrumentation and control systems shall be
independent of the power supplies and instrumentation and control systems from which they
are designed to be diverse.

The alternate standby source of the power system important to safety supporting DEC shall
be independent from the standby source of the safety power system supporting DBC.

The Electrical Power Supply important to safety supporting DEC should be independent from
the safety Power Supply supporting DBC.

Additionally, if the alternate power supply comprises several sources each with a dedicated
function (e.g. avoid core melt and manage severe accident), each power supply supporting
the dedicated DEC function shall be functionally independent from the safety power system
supporting DBC and from other power supplies supporting DEC.

The potential for misalignment, human errors or configuration error (local or remote) between
the different LoDiD especially between sources should be avoided except for some specific
maintenance or surveillance testing configurations. All exceptions from this requirement shall
be substantiated.

Electrical power sources of different LoDiD shall not be operated in parallel at the same
switchboard level except for periodic test supported by safety analysis.

[Link].2.3 Independence between divisions

Failure of one redundant electrical power division shall not render other redundant electrical
power divisions inoperable.

The safety on-site power supply of a given division shall supply that division only. All special
case exceptions shall be substantiated.

Electrical systems belonging to one division should be supplied with power from that division.
All exceptions from this requirement shall be substantiated by analysis.

– 36 – IEC 63046:2020 © IEC 2020

Sub-systems of the process equipment (as pump, motorised valve and controller for the same
process system) should be fed from the same electrical power division.

A single failure in the monitoring of the power supply shall not result in the monitoring of an
entire division being inoperable.

Safety-classified equipment in different divisions shall be electrically isolated.

Independent protection devices shall be provided between divisions.

Redundant divisions of the safety Electrical Power System shall not be interconnected except
for temporary maintenance operation.

It shall not be possible for an electrical fault to be transmitted between divisions.

[Link].2.4 Independence between classification levels

The interface between the systems important to safety and systems of lower safety
classification shall be designed to ensure that there is no adverse impact on equipment
important to safety from equipment with a lower safety classification resulting from
disturbances in the plant electrical power systems.

Systems important to safety shall be independent from systems of lower safety classification
to ensure that the systems important to safety can perform their safety functions during and
following any event requiring performance of these functions.

As far as practicable, loads not important to safety should not be supplied from electrical
power systems important to safety.

If it is necessary to power loads not important to safety from electrical power systems
important to safety, the loads not important to safety shall be provided with safety classified
isolation devices with same safety class than the supporting electrical power system.

When it is impractical to provide adequate separation and isolation from electrical faults
between a safety classified circuit and a circuit of a lower safety classified function, the lower
safety classified circuit (associated circuit) shall be:

• analysed or tested to demonstrate that the associated safety class circuit will not be
unacceptably degraded;
• identified as part of the associated safety division;
• electrically isolated from other components in the same manner as the circuits of the
associated safety division.

Loads not important to safety which could affect the ability of the Electrical Power System
important to safety to operate should be automatically disconnected during an electrical
source transfer.

[Link].3 Independence implementation for the programmable digital items

Programmable digital items are used in many electrical power equipment and their use is
increasing in many proprietary items with no alternatives available for some items of
equipment.

A study should be carried out to identify and record:

• the location of programmable digital items embedded in equipment and function of these
devices;

IEC 63046:2020 © IEC 2020 – 37 –

• failure modes and the potential for common cause failure of programmable digital items.

The consequences of CCF caused by programmable digital items should be assessed.

Consideration shall be given to diversity in the electrical system design to reduce the system
vulnerability to CCF from programmable digital items.

Particular attention should be taken where there are proposals to network electrical protection
systems through programmable protection relays with two way communication from central
control systems.

These systems present a significant risk of common cause failure and should be avoided
wherever possible for NPPs.

Where a networked system with two way communication is implemented then comprehensive
validation and verification of the programmable devices should be undertaken to demonstrate
the mitigations against potential CCF that the risk of CCF due to software error or cyber
attack is acceptable in accordance with overall facility safety case.

Where programmable digital items are installed in the electrical system design their
implementation shall be validated based on their safety classification.

This validation shall follow the procedures defined in IEC 62671.

System cyber security vulnerabilities and consequence associated with the Electrical Power
System should be assessed where programmable digital items are implemented.

Justification of a programmable digital items should be based on the assessment of safety

function(s)/failure modes.

Programmable digital items in electrical systems should be considered in the context of the
overall electrical design and safety case.

Implementation of programmable digital items in electrical power systems requires a multi-

disciplinary involvement.

7.2.4 Provisions for coping with Loss Of Off-site Power

The design should include provisions to detect this condition in order to initiate appropriate
automatic or manual actions.

The following design measures to cope with a Loss Of Off-site Power should be considered
(following the functional requirements applicable to the EPS and based on the electrical need
of the supported loads):

• provision of adequate battery capacity to supply power to safety classified instrumentation

and control equipment, and other vital equipment required in design basis conditions;
• installing standby AC power sources which fulfil the independence requirements between
divisions (refer to [Link].2);
• design the NPP with passive safety features.

The power balance, restoration time and the mission time of the systems supplied during a
LOOP condition should be provided as input data to select the adequate solutions.

– 38 – IEC 63046:2020 © IEC 2020

7.2.5 Provisions for coping with Station Black Out

The design should include provisions to detect this condition in order to initiate appropriate
automatic or manual actions.

The following design measures should be considered:

• provision of adequate battery capacity to supply power to safety instrumentation and

control equipment, and other vital equipment required in design extension conditions;
• installing an alternate AC power source that is diverse in design and is protected from
hazards that could degrade the preferred power supply and standby on-site power
sources;
• use of NPP to NPP connections where there are no CCF risks between the two units
power source (where connections are made between NPPs it shall not be possible for a
fault on one NPP to impact on the other);
• design the NPP with passive safety features.

The power balance, restoration time and the mission time of the systems supplied during a
SBO condition should be provided as input data to select the adequate solutions.

7.2.6 Provisions to avoid or reduce Loss of Electrical Power

The design should include provisions to detect this condition in order to initiate appropriate
automatic or manual actions.

The provisions to avoid or reduce this condition are:

• robustness of the Electrical Power System against CCF;

• adequate reliability of the equipment of EPS.

The following design measures should be considered to cope with a LEP condition:

• adequate autonomy for the uninterruptible power system source to monitor the severe
accident parameters;
• the provision of an additional power source to supply severe accident functions (including
the adequate connection points to permit this type of power supply);
• design the NPP with passive safety features.

The power balance, restoration time and the mission time of the systems supplied during a
LEP condition should be provided as input data.

7.2.7 Classification consideration

[Link] General

Each electrical system shall be classified following the classification of the loads supported.
All non-compliances shall be substantiated.

The classification of the DBC and DEC levels will be performed following the requirements of
IEC 61226.

Once the Electrical Power System has been classified following IEC 61226, two main methods
should be applied to verify the adequacy of the performance and reliability requirements on
electrical power systems and equipment important to safety:

• qualification;
• surveillance and testing.

IEC 63046:2020 © IEC 2020 – 39 –

[Link] Qualification

Electrical equipment items shall be qualified in accordance with their functional requirements
and service and environmental conditions.

Electrical power systems and components important to safety shall be qualified for their
intended function over their service life in their anticipated environmental operating
conditions.

The primary objective of qualification is to demonstrate with reasonable assurance that

equipment important to safety can perform its safety function(s) without experiencing failures
in all postulated conditions.

IEC/IEEE 60780-323 describes the basic requirements for qualifying electrical equipment
important to safety and interfaces (electrical and mechanical) that are to be used in NPP.

IEC/IEEE 60980-344 provides recommended practises for seismic qualification of electrical

equipment on a NPP.

[Link] Surveillance testing

For the electrical power systems important to safety, the following parameters should be
periodically tested:

• operation of the electrical power sub-system and its components including performance of
the associated power sources;
• transfer between electrical power sources;
• activation of protection (and associated fault-clearing devices);
• performance of the energy conversion equipment items, in particular those equipped with
power electronics.

The electrical design should permit surveillance and testing activities of the parameters listed
above.

IEC 60671 provides technical requirements and recommendations for the implementation of
surveillance testing for I&C systems important to safety.

The general requirements for surveillance testing (Clause 6) should be followed for electrical
power systems important to safety.

7.2.8 Provisions to achieve the reliability target for the Electrical Power System

The three main measures to increase the reliability of the Electrical Power System are:

• correctly specify components and procure reliable components;

• provide redundancy inside the division and between divisions;
• provide diversity between LoDiD and between divisions.

Electrical power systems important to safety shall be redundant to the degree necessary to
meet design basis reliability requirements.

The reliability of the Electrical Power System shall be assessed with regard to the overall
safety objective based on the PSA analysis.

On site provisions should be made to back up off site power sources where required to meet
the plant safety requirements. These provisions should use measures such as additional on
site power sources and the provision of automatic actuation of standby supplies.

– 40 – IEC 63046:2020 © IEC 2020

In order to achieve PSA targets consideration should be given to modification of the

architecture by the provision of redundancy to address component reliability issues and
diversity to address CCF issues.

7.3 Electrical design provision

7.3.1 General

The electrical design should consider the following main input data in order to determine the
performances of the electrical power subsystem:

• requirements and performances of the grid supply;

• performance requirement for loads supplied (refer to 7.4);
• electrical disturbances.

7.3.2 Coordination with the grid

The voltage and frequency range shall be derived from the applicable Grid Code.

The grid requirement shall be discussed and agreed with the electric grid operator so as not
to impact the performance of equipment supporting functions important to safety.

NPP support for grid stability shall not adversely affect the capability of the EPS to support
plant safety functions.

7.3.3 Design to achieve electrical requirements

[Link] General

Variations in voltage, current and frequency of the Electrical Power System of the nuclear
power plant in any mode of plant operation shall not degrade the performance of any system
equipment important to safety.

The variations and transients in voltage, current and frequency on the safety classified buses
that could result from events on the preferred power supply or the on-site electrical power
source shall be identified.

The design of the different sub-systems should be based on a balance between robustness by
the design with withstand capacity or system or component protected by the electrical
protection system.

All modes of operation and both symmetrical and asymmetrical events should be considered
in the analyses. An event could challenge different components in the electrical power
systems, depending on rise time, fault time, amplitude or asymmetry.

IEC 62855 provides the electro-technical engineering guidelines to perform this specific
analysis for AC and DC electrical power systems in the NPP.

The frequency and voltage characteristics of the equipment power supply shall be specified.

The specification of system frequency and voltage characteristics should be based on the
worst case configuration.

Each characteristic shall be defined by a nominal value and normal, exceptional and very
exceptional variation ranges (also known as operating conditions).

These variations should be derived from the grid or from on-site power sources.

IEC 63046:2020 © IEC 2020 – 41 –

The normal operating condition is not limited in time, but the degraded operating conditions
should be specified for a maximum duration and a maximum frequency rate or cumulative
minimum and maximum duration.

[Link] Steady-state conditions for Electrical Power System

The following parameters of each sub-system and each LoDiD should be specified:

• voltage range;
• frequency range;
• current range.

These values should be determined:

• at the equipment terminal of the supported equipment in steady state, not including
transient phenomena;
• based on the characteristics of the off-site and on-site power sources.

The tolerances and operating parameters of the equipment and systems should be considered
in demonstrating the robustness to electrical disturbances of the electrical systems important
to safety.

[Link] Electrical disturbances

[Link].1 General

The capability of the Electrical Power System to withstand electrical disturbances should be
verified by:

• comprehensive analyses that identify all possible events (initiators) that could occur on the
Electrical Power System based on international guides and standards, regulation reports,
operating experience, international publications, studies or reports;
• definition of the potential preventive measures to reduce or eliminate the initiating event;
• characterization of the electrical phenomena (frequency range, voltage and/or current
amplitude);
• definition of the protective measures associated with the electrical phenomena (by
provisions of adequate inherent characteristics of equipment or by electrical protection
system).

[Link].2 Electrical power systems voltage

[Link].2.1 Undervoltage condition

The undervoltage and time delay set points for degraded voltage protection should be
determined by analysis of the voltage requirements of the loads (important or not to safety) at
all on-site Electrical Power System levels (electrical normal operation limit).

The minimum voltage of the consumer shall be specified and by analysis, it shall be shown
that the voltage remains above the limit.

Assessment of the voltage drop should confirm that the voltage at the terminals remains
above the minimum voltage which could result in the loss of functions.

a) Acceptable voltage drop

This corresponds to a transient voltage drop with the following characteristics:

– 42 – IEC 63046:2020 © IEC 2020

• the voltage is above the minimum voltage required to operate the load for an ongoing
time.

• the voltage is lower than the minimum voltage required to operate the load; and the
duration of this under voltage is lower than the limit associated to initiate an electrical
source transfer.

An acceptable voltage drop shall not initiate an electrical source transfer.

b) Unacceptable voltage drop

This corresponds to a transient voltage drop with the following characteristics:

• the voltage is lower than the minimum voltage required to operate the load;

and

• the duration of this under voltage is greater than the limit associated to initiate an
electrical source transfer.

The effect of short term transients on the electrical source transfer should be assessed.

The electrical source transfer strategy between the different electrical power sources should
enable use of the different sources of the DiD if available.

An electrical source transfer shall be initiated in the event of an unacceptable voltage drop
after a suitable time delay to allow clearance of upstream or downstream disturbances.

[Link].2.2 Overvoltage conditions

Overvoltages should be analysed to confirm that equipment withstand capabilities are not
exceeded.

Overvoltages caused by lightning and EMC, switching overvoltages and overvoltages

resulting from earthfaults in isolated networks should be considered in the analysis.

An overvoltage protection scheme should be provided to protect against overvoltages causing

the withstand capabilities of the equipment to be exceeded (taking into account the priority
level of the function performed by the system).

A study should be performed to substantiate the coordination between the overvoltage

maximum value and time durations and the coordination with the design of Electrical Power
System equipment.

Figure 4 is only provided as an example, the voltage levels and time durations are plant
specific.

IEC 63046:2020 © IEC 2020 – 43 –

Figure 4 – Typical voltage design bases (IEC 62855)

[Link].2.3 Unbalanced voltage

Consideration should be given in the electrical disturbances analysis to unbalanced voltages

and their potential consequences on electrical operation.

[Link].3 Current

The studies associated with current disturbances shall take into account:

• electrical faults;
• overloads;
• inrush currents;
• Geomagnetically Induced Currents (if applicable).

[Link].4 Frequency

The impact of frequency variations shall be assessed.

An analysis should be undertaken by the responsible technical groups of the functional impact
of under and over frequency on the process loads such as fluid systems.

The operation of the Electrical Power System shall not be impacted by harmonics (e.g. risk of
operation of overload protection).

The total harmonics distortion (current and voltage) should be evaluated.

– 44 – IEC 63046:2020 © IEC 2020

The effects of harmonics generated by the grid or plant equipment should be evaluated and
appropriate measures should then be taken to provide robustness against the harmonics.

Limits for levels of harmonic generation by equipment should be defined and the robustness
of equipment against the generated harmonics should be assured.

[Link] Inherent characteristics of equipment

Electrical power systems shall be designed and constructed in such a manner that they can
withstand maximum design voltages and currents in any plant state or operating mode.

[Link] Electrical protection system

[Link].1 General

An electrical protection system shall be provided to:

• protect electrical equipment from voltages, frequency and currents outside the defined
operating conditions (in addition with the inherent characteristics of equipment);
• support continuity of supply by isolating faults so that they do not impact on the availability
of the overall system.

The electrical protection system can be split in two parts:

• electrical source transfer when the source does not have the capability to support the
loads;
• protection scheme to protect site personnel and equipment from electrical disturbances on
the Electrical Power System.

The electrical protection scheme for the plant and the design of the plant’s components shall
be such that disturbances in the power supply do not jeopardize the required operation of
safety power systems and connected loads.

If under voltage or under/over frequency and limits are exceeded, the load shall be
transferred to the back up supply sources after appropriate time delays.

The Electrical Power System shall be robust and capable of fulfilling its task during fast and
slow electrical transients and fault conditions.

An evaluation of the impact of electrical disturbances on all the on-site electrical power
systems (AC and DC) should be undertaken in accordance with the methodology described in
the section [Link].1.

The design bases should cover all modes of operation and all possible events that could
impact the Electrical Power System of the nuclear power plant.

The design of the different sub-systems should be based on a balance between robustness by
designing equipment with appropriate withstand capacity and protection of systems or
components by the electrical protection system.

Specific analysis should confirm that the electrical protection system meets requirements for
equipment protection and maintaining supplies to electrical power systems important to
safety.

[Link].2 Design of the monitoring and electrical source transfer

The quality, range and performance of the power supply shall be monitored continuously on
each busbar which requires an automatic electrical source transfer.

IEC 63046:2020 © IEC 2020 – 45 –

Buses affected by degradation of the power supply from a given power source shall be
disconnected from this power source if the degradation exceeds the specified design levels.

Studies should be performed to analyse the performance of Electrical Power System during
electrical source transfers following the standard IEC 62855.

[Link].3 Design of the electrical protection scheme

[Link].3.1 General

The electrical protection system shall protect against the rated withstand capability of the
equipment being exceeded.

[Link].3.2 Factors to consider

Protection coordination studies shall be performed taking into account all operating and
transient conditions.

The studies should include all possible types of series and shunt faults, including events such
as loss of one or two phase(s) and earth faults in systems operating with an isolated neutral.

The design of the electrical protection scheme should include consideration of both
symmetrical and asymmetrical faults.

The protection scheme should include consideration of reacceleration currents following

voltage sags and bus transfers.

[Link].3.3 Implementation

The following requirements should be taken into account in order to ensure the electrical
coordination of the system:

• the protection system operating time should be compatible with the equipment withstand
capability and the system performance requirements,
• a failure or maintenance of part of the protection system.

The protection scheme shall be capable of the following:

• fast action to protect personnel and property:

– operating the required devices upon detection of unacceptable conditions to reduce
the severity and extent of disturbances to the Electrical Power System, equipment
damage, and potential hazards to personnel and property,
– protective devices should be designed to initiate the circuit breaker to clear fault
currents rapidly to avoid hazards and to prevent disturbances causing other protection
devices to operate.
• selectivity:
– ensuring that only faulted equipment is disconnected from the power supplies,
– in case of short circuits and overloads, protective devices should be designed to
operate selectively in all planned connection configurations of the Electrical Power
System.

The protection scheme should be implemented in a graded approach to avoid the spurious
tripping of upstream devices.

Individual protective devices installed to protect components during testing should be

designed so that their operation does not endanger a system’s capability to operate.

– 46 – IEC 63046:2020 © IEC 2020

Protection devices that protect the power supply from a standby power source against
immediate catastrophic failure should be in service in all modes of operation.

NOTE Examples of such devices include those that protect the standby power source from catastrophic failures,
such as overspeed protection and generator differential protection.

Trip devices that protect the standby power source from non-catastrophic failures could be
bypassed, following appropriate safety assessment, when the standby power source is
supplying safety loads during emergency operation, but should be in service during normal
operation and testing of the standby source.

The coordination studies should include assessment of the internal equipment protection.

[Link].3.4 Protection device requirements

Fault detection and fault clearing devices should be used for the prompt removal from service
of any element of a power system when abnormal conditions occur which could cause
degradation or failure of operating equipment.

Programmable digital protective devices shall be designed, verified and qualified for use in
accordance with the safety function that they are intended to support and should be in
accordance with the requirements of [Link].3 and IEC 62671.

The design of the protective devices for the Electrical Power System and for components of
nuclear power plants shall comply with IEC and National standards that apply to the safety of
electrical equipment and electrical installations, as well as with other relevant regulations on
electrical equipment and electrical installations.

[Link] Electrical parameters measurement and events recording

In addition to the electrical protection system (electrical source transfer and protection
scheme), the design should provide the requirements for measurement of electrical
parameters and event recording.

The designer should identify and implement all measurements required to analyse any type of
electrical events.

The electrical plant equipment specification should specify all required output signals.

The events recording system should record the same time stamp for all measurements.

Consideration of cyber security should be given to electrical parameters measurement and

event recording.

7.4 Functional and performance design provisions

7.4.1 General

The power system design shall support the functional requirements of the plant systems
important to safety.

7.4.2 Electrical Power System studies

[Link] General

The electrical power systems of the nuclear power plant should meet all functional
requirements under steady-state conditions, and degraded conditions as defined in the design
basis.

IEC 63046:2020 © IEC 2020 – 47 –

[Link] Assignment of the loads to the sub-systems

The design should assign and allocate the loads (and especially loads important to safety) to
the various electrical sub-systems based on criteria such as sensitivity to the loss of voltage,
active and reactive powers, restoration time and mission time.

Two main sub-systems are defined:

• Interruptible power supply;

• Uninterruptible power supply.

[Link] Margin

A margin strategy should be established and should identify the different margins applicable
and the level of margin associated:

• margin to cover modification during the NPP project design phases;

• margin to cover modification during the operation lifetime of the plant;
• margin to cover tolerances (for protection settings for examples);
• safety margin;
• margin to cover transient operation.

The adequacy of the equipment rating margins should be confirmed regularly in conjunction
with the replacement of major components, plant modifications and periodic safety reviews.

Electrical equipment should be specified with an adequate design margin to ensure that future
plant upgrades and modifications can be implemented without exceeding equipment ratings.

[Link] Power balance

The power balance study should support the initial design of the main electrical components.

The power balances should be:

• established for steady and transient states and for active and reactive powers;
• reviewed in the event of changes to plant loading.

The power balance should be individually determined for each division.

Power balances of electrical power systems should be established with a deterministic

approach taking into account the following:

• functional and operational configuration:

– all operating modes;
– the operation from on-site or off-site power sources;
– different loading steps (time for re-loading);
– the operating configurations of the Electrical Power System (e.g. maintenance, test,
operation) and interlocking facilities;
• safety analysis:
– the different states and accidents listed in the safety analysis;
– operating modes following single failures of electrical equipment;
• the power requirement for the maximum and minimum ambient conditions;
• electrical inputs:
– maximum and minimum power requirements;

– 48 – IEC 63046:2020 © IEC 2020

– voltage range;
– frequency range;
– efficiency and losses.

Simultaneous load factor should be determined from functional assessment and applied to
intermittent loads.

Where cross-connections are provided the power requirements of the cross-connected loads
shall be taken into account.

During an electrical source transfer, a non-safety classified load shall be taken into account
as a permanent load in the power balance if it is not disconnected by safety equipment.

The power balance should collate:

• load active and reactive power;

• inductive motor loads;
• postulated initiating events;
• operating states and backup equipment;
• start-up time, mission time;
• type of network (interruptible or uninterruptible).

[Link] Voltage level

The nominal voltage levels to supply all systems, except the main generator system, should
be in accordance with IEC 60038:2009, Table 1, Table 3, and Table 6 ‘preferred’ columns.

The voltage level should be appropriate to the power required and the electrical coordination
requirements.

The voltage levels should be optimized based on functional requirements.

[Link] Switching devices studies

A study should substantiate the position within the distribution system and the mission of each
switching device.

The type of the switching device shall be based on this study.

[Link] Distribution strategy

The distribution strategy should optimize electrical equipment layouts.

The distribution strategy shall not decrease the compliance of the AC interruptible power
supply system important to safety with the applicable requirements (6.2, 6.3, 6.4 and 6.5).

The distribution strategy shall not impair required operation in case of electrical disturbances.

[Link] Earthing system

The earthing system shall provide a low impedance path to connect electrical equipment to
earth to prevent hazardous voltages from appearing on equipment and to contribute to the
management of electromagnetic interference including lightning phenomenon.

IEC 63046:2020 © IEC 2020 – 49 –

For each network of the interruptible and uninterruptible power system, the earthing system
connection should be defined according to:

• reliability of the network (in case of short circuit for example);

• ability to detect the first fault.

The electrical protection scheme design should take the earthing system into account.

[Link] Interlock study

For buses with facilities for the connection of different supply sources, an interlock system
shall be provided.

Interlocks between breakers should be provided to prevent connecting circuits in parallel that
could result in adverse voltage or current conditions on common buses.

[Link] Loss of control voltage study

A study should be performed to determine the effects of a loss of control voltage on system
operations.

7.4.3 Design of the Interruptible Power Supply System

The AC interruptible power system can be divided into three parts:

• the AC interruptible power supply system supporting plant loads for normal operation and
anticipated operational occurrences;
• the AC interruptible power supply systems important to safety comprising:
– the interruptible safety power supply system supporting DBC;
– the interruptible power supply system important to safety supporting DEC.

The design of the interruptible power system shall cover:

• the preferred power supply;

– design of the off-site power supply;
– design of on-site preferred power supply;
• the AC interruptible power systems important to safety;
• the on-site standby sources.
NOTE A level 2 standard (IEC 63272) covers the design of the Interruptible Power System.

7.4.4 Design of the Uninterruptible Power Supply System

The uninterruptible power system can be divided into three parts:

• the uninterruptible power supply system supporting plant loads for normal operation and
anticipated operational occurrences;
• the uninterruptible power supply systems important to safety composed by:
– the uninterruptible safety power supply system supporting DBC;
– the uninterruptible power supply system important to safety supporting DEC.

The design of the uninterruptible power system shall cover:

• the uninterruptible power systems important to safety;

• the power sources.
NOTE A level 2 standard (IEC 61225) covers the design of the uninterruptible Power Supply System.

– 50 – IEC 63046:2020 © IEC 2020

7.5 Maintenance

7.5.1 Consideration of the maintenance in the electrical design

The following provisions should be considered to support continuity of power supplies during
maintenance activities:

• redundancy of the function or equipment considered;

• temporary cross-connection between divisions.

During outages to facilitate maintenance operations the number of power sources and
operable buses may be decreased in accordance with the plant’s operational limits and
conditions. The design of the power system shall take into account the requirement to
maintain electrical equipment whilst complying with the defined operating limits.

In the case of maintenance during operational demands on a safety system the use of cross-
connections should be considered during a defined maintenance time frame.

If adopted, temporary connections between redundant divisions may be made during

shutdown if a safety assessment confirms the following:

• that the cross-connections have interlocks that cannot be defeated by simple switch
operation;
• that the effects of these connections on the reliability of plant safety functions and on their
vulnerability to common cause failure is acceptable.

Cross-connections on safety systems shall meet the following criteria:

• justification on the acceptability of the cross-connection from a safety perspective;

• provision of two electrical isolation devices in series, one at each end;
• evidence that the use of the cross-connection will not result in an electrical failure on the
supplied division causing the loss of the supplying division;
• cross-connections shall not increase potential fault level beyond equipment withstand
levels;
• cross-connections shall be de-energized during normal operations except where required
for maintenance activities.

The design of electrical power systems should include maintenance plans for all systems and
components.

Electrical power systems important to safety should be designed to facilitate surveillance and
maintenance activities, to permit timely access and, in the case of failure or error, to allow
easy diagnosis and repair in order to reduce risks to maintenance personnel.

The maintenance strategy shall establish requirements for electrical equipment to be provided
with equipment health monitoring to facilitate surveillance and maintenance.

Design provisions to facilitate maintenance, troubleshooting, and repair should include:

• avoidance of locating equipment in areas with conditions of extreme temperature or

humidity;
• avoidance of locating equipment in areas with high radiation levels;
• taking into account human factors (capabilities and limitations) in performing the required
maintenance activities;
• provision of sufficient space around the equipment to ensure that maintenance staff can
perform their tasks safely in normal working conditions.

IEC 63046:2020 © IEC 2020 – 51 –

Provisions for the maintenance of electrical power systems important to safety should be
assessed to confirm that any effects on the safety of the plant are acceptable.

NOTE Periodical testing is covered in [Link].

7.6 Multi-unit shared electrical power systems

A hazard or an electrical disturbance in one unit should not affect the other unit.

7.7 Electrical system layout

The layout of the electrical equipment should:

• provide independence between:

– redundant or diversified portions of a function important to safety;
– electrical systems important to safety and other systems:
a) interconnected equipment;
i) classification;
ii) isolation;
b) adjacent equipment;
i) separation;
ii) electrical isolation;
iii) physical barriers.
• comply with:
– national regulations in relation to escape route and fire suppression management;
– the plant’s requirements on:
c) electrical equipment and cable installation rules e.g.;
i) segregation requirement;
ii) optimization of the cable routing, lengths and cross sections;
iii) cable route design with various components (enclosures, racks, terminals);
cable supports, cable types (copper, fibre), electrical and I&C openings and
equipment rooms;
iv) cable route and cable layout;
v) equipment room design;
d) hazard mitigation;
e) the choice of cables for building infrastructures, I&C and power systems;
f) easy access for maintenance and cable installation.

7.8 Supporting and associated systems for the Electrical Power System

The safety classification and the design of supporting and associated systems shall be such
as to ensure that the performance of these systems is consistent with the safety significance
of the system or component that they serve at the nuclear power plant:

a) Compressed air systems

The specification for any compressed air system that serves an item important to safety at
the nuclear power plant shall define the requirements for quality, flow rate and cleanliness
of the air.

– 52 – IEC 63046:2020 © IEC 2020

b) Air conditioning systems and ventilation systems.

Systems for air conditioning, heating, cooling and ventilation should be provided as
appropriate in auxiliary rooms or other areas at the nuclear power plant to maintain in all
plant states the required environmental conditions for systems and components important
to safety.
Particular attention shall be given to the ventilation system for electrical rooms with an
explosive atmosphere risk (e.g. battery rooms).
c) I&C
The I&C system which monitors and controls the electrical power system important to
safety shall be developed in accordance with IEC 61513.
The interface between electrical signals and the Main Control Room and local indications
and alarms (HMI) should be managed during the design.
IEC 60964 establishes requirements for the human-machine interface in the main control
rooms of nuclear power plants.
The reliability of the power supply of monitoring and control systems should be assessed.
d) Lighting
The lighting strategy should consider the requirements for electrical rooms in all conditions
in order to assign the required loads to supplies with standby sources.
e) Communication system
A communication system strategy should be defined in all conditions.
f) Control voltage system
The reliability of the power supply of control voltage systems should be assessed.

Particular attention should be given to these support systems in order to limit the risk of
disturbances on operation of the Electrical Power System or risk of CCF affecting the entire
Electrical Power System due to failure(s) on supporting systems. The electrical design should
define requirements for supporting systems.

7.9 Overall quality assurance programs

This document assumes that a quality assurance program or preferably an integrated

management system exists as an integral part of the NPP project and that it provides control
of the constituent activities.

The safety classified part of the Electrical Power System should be consistent with the
requirements of IAEA GS-R Part 2 and IAEA GS-G- 3.1.

a) Quality assurance programmes shall be established and implemented for each activity
related to the overall electrical power system life cycle.
b) The quality assurance programs shall include all activities that are necessary to achieve
quality and the activities which verify that the required quality has been achieved.
c) The verification activities shall be defined in verification plans. The verification plans
should include the resources, process and outputs of the phases of the overall EPS life
cycle and should define:
• procedures and tools for verification activities;
• the records to be kept and verified;
• the safety relevant aspects to be verified;
• procedures for the resolution of failures and incompatibilities;
• the criteria for declaring each phase complete;
• the final reports to be produced showing the compliance of the outputs of the phase
with the inputs requirements and the resolution of anomalies.

IEC 63046:2020 © IEC 2020 – 53 –

d) The quality assurance programs shall be planned and included within the general quality
assurance program of the NPP project, and its activities shall be included within the
general schedule of the activities of the NPP project.

7.10 Requirements for output documentation

7.10.1 General

Information, analyses, and computations supporting design of the electrical power systems
important to safety should be documented and controlled in accordance with the quality
records system established for the plant.

Documentation records should be prepared to support the design of individual system

features or functions. Each design documentation record should be verified in accordance
with the requirements of ISO 9001 completed by the IAEA requirements issued from GS-R
Part 2, and should include sufficient information to allow further independent checking or
review.

The information and studies should comply with the items listed in the documentation
supporting design of the electrical power systems important to safety.

The documentation of the electrical power systems should include the substantiation of:

• design bases.
• a description of the overall Electrical Power System including:
– details of how the nuclear power plant is connected to the grid;
– an explanation of the degree of redundancy of the electrical power systems important
to safety;
– identification of interfaces with the auxiliary systems.
• a description of the separation criteria for installing equipment, cables and raceways,
including wiring and components inside panels.
• single-line diagrams, functional control diagrams, schematic diagrams, connection
diagrams, panel wiring diagrams and system descriptions.
• layout plans for the on-site Electrical Power System together with the arrangements of
equipment and associated support systems.
• layout plans of cable routes, including trays, ducts and conduits, throughout the plant and
identification of redundant divisions and cables and their routing.
• raceway schedules showing cables contained in each raceway segment and the fill
percentage of each segment.
• circuit schedules identifying for each field cable its connection points, cable type and
routing through the raceway system.
• an electrical load analysis showing the inventory of electrical loads. For electrical power
systems important to safety this should show a time dependent loading from which the
capabilities of the necessary components of the power system are calculated.
• operating procedures and maintenance manuals for electrical power systems and
equipment.
• periodic testing and maintenance requirements for electrical power systems and
equipment.
• documentation of acceptance tests and commissioning tests for electrical power systems
and equipment.
• quality management records.
• analysis of current, voltage and frequency disturbances.

– 54 – IEC 63046:2020 © IEC 2020

• studies of steady state load and voltage profile studies that show the voltages throughout
the power system for various modes of plant operation (and generator load to power
factor), including design basis events, normal operation and conditions of degradation in
voltage.
• transient load and voltage studies that show the profile of the loads that are sequentially
applied to the preferred power supplies and standby power sources in various modes of
plant operation.
• an electrical source transfer study that analyses the effects of voltage, phase angle and
frequency, and the effects of motor reacceleration on buses and motors before, during and
immediately after automatic transfers.
• short circuit studies to determine the maximum and minimum fault currents throughout the
power system for various modes of plant operation, including design basis events, for use
in analysing the fault clearing and withstand capability of the electrical equipment.
• coordination studies of protective devices and studies of equipment protection that show
proper set point selection in all of the protection schemes.
• analysis of fuel storage capacities for standby power sources.
• analysis of the consequences of partial or total loss of power supplies.
• equipment qualification plans, analyses and test reports.
• specifications for electrical power components.

7.10.2 Architecture principles

An Electrical Power System architecture principle document and diagram should be produced
to identify the main characteristics of the Electrical Power System including:

• Safety provisions (see 7.2)

– the relevant safety deterministic rules analysis;
– the relevant plant events;
– the plant Defence in Depth approach and its application for the Electrical Power
System;
– the number of electrical divisions based on the combination of safety and maintenance
requirements applicable;
– a CCF risk analysis;
– the diversification requirements applicable to the Electrical Power System and its
equipment;
– the allocation of main (respectively groups of) safety functions or loads;
– number and type of on-site power sources (AC, DC);
– the systems classification;
– the applicable independence provisions at the sub-system level.
• Electrical design provisions (see 7.3)
– compliance with the electric grid operator requirements;
– report of identification of electrical disturbances (with possible measures) and
associated impact on electrical quantities (voltage, current and frequency);
– electrical disturbances studies (covering transient and fault studies);
– performance requirement of the electrical loads;
– performance of the Electrical Power System taking into account the different power
sources associated with different LoDiD (based on the four previous bullet);
– load flow studies;
– electrical source transfer studies;
– required withstand capacities for electrical equipment of the Electrical Power System;

IEC 63046:2020 © IEC 2020 – 55 –

– protection scheme and electrical protection coordination studies.

• Functional provisions (see 7.4)
– the distribution arrangement with corresponding switches, power sources and
conversion equipment;
– the grid connection arrangement;
– the voltage of the electrical power systems;
– the rating of on-site-sources;
– the rating of power conversion components;
– the earthing system connections;
– load list and assignment of loads in the SLD;
– the power balances on the different switchboards;
– a voltage level selection report;
– the sizing of the main electrical equipment;
– the sizing of protection devices;
– a switching device study;
– an earthing system selection report for each network;
– an interlocking study;
– the monitoring provisions;
– a loss of control voltage study.
• Maintenance provisions (see 7.5)
– The plant operator should document plant maintenance requirements and the
associated provisions.
– The cross-connections should be identified on the Single Line Diagram (SLD).

7.10.3 Single line diagrams

An overall single line diagram should identify the main characteristics of the Electrical Power
System:

• the distribution arrangement with corresponding switches, power sources and conversion
equipment;
• the grid connection arrangements;
• the voltage of the electrical power systems;
• the power of standby sources;
• the power of power conversion components;
• the earthing system connections;
• the cross-connection provisions.

8 Sub-system requirements

8.1 Electrical Power System basis requirements

8.1.1 General

The purpose of this clause is to introduce a generic list of topics to be covered when writing a
level two standard.

– 56 – IEC 63046:2020 © IEC 2020

Particularly, the following requirements are applicable to two main sub-system:

• interruptible power supply;

• uninterruptible power supply.

8.1.2 System Design

The two main electrical sub-system level 2 standards follow the same structure as this
document, IEC 63046.

The standards define:

• design of the systems with regard to safety requirements;

• design of the systems with regard to electrical requirements;
• design of the systems with regard to functional and performance requirements;
• design of the systems with regards to maintenance requirements;
• system interfaces: to identify and specify requirements related to the interfaces that could
compromise, by their functional failure, the auxiliary supporting features of the electrical
power systems.

8.1.3 Single line diagram

The AC interruptible power supplies system and/or uninterruptible power supplies single line
diagram should define:

• the boundaries of the system and the interfaces with the upstream and downstream
systems;
• the safety classified (including associated safety class) and non-safety classified portion
of circuits.

8.2 Equipment design specification

The design rules for the different items of electrical equipment should be included in the level
2 standard which will derive the following parameters from this level 1 standard:

• rated voltage and frequency;

• steady-state (voltage range and frequency ranges);
• withstand capacities based on the maximum calculated transients of voltage and current;
• power requirements derived from the load list or power balance;
• autonomy (for power supplies);
• environmental ambient conditions.

8.3 Equipment requirements

A level 3 standard should define equipment requirements commensurate with safety class
significance on:

• design;
• fabrication;
• installation and mounting;
• examination, maintenance, inspection and testing.

8.4 AC Interruptible Electrical Power Supply System

A level 2 standard (IEC 63272) will cover this sub-system.

IEC 63046:2020 © IEC 2020 – 57 –

A level 3 standard should cover standby power sources.

In the absence of IEC/SC 45A dedicated standard the clauses of Annex B shall be applied.

8.5 AC/DC Uninterruptible Power Supply System

IEC 61225 shall apply.

8.6 Coordination and interaction with power grid

A level 2 standard should cover this sub-system.

8.7 Earthing

A level 2 standard should cover this sub-system.

In the absence of IEC/SC 45A dedicated standard the clauses of the Annex C shall be
applied.

9 Verification of the architecture of the Electrical Power System

9.1 General

Verification shall be carried out and documented at each step of the design:

• verification by studies for the Electrical Power System;

• verification by testing: factory tests at the equipment level;
• verification by testing: on-site at the equipment level;
• verification by testing: on-site sub-system functional tests;
• verification by testing: on-site Electrical Power System functional tests;
• periodic tests during operation or outages.

9.2 Computerised tools and models verification

9.2.1 Electrical Power System verification

Based on IEC 62855, the electrical design of the Electrical Power System shall be verified.

Bounding cases shall be defined for each operating configurations.

9.2.2 Layout of electrical power systems and equipment verification

The layout should be analysed using commercially available software and developed based
on technical specifications. The software should have a validated domain and its accuracy
and compliance with industry standards should be validated.

This analysis should demonstrate the compliance of the Electrical Power System with the
applicable safety requirements.

The layout of electrical equipment should consider the minimum maintenance envelope,
space requirements and requirements of the lifting devices for maintenance and replacement
of the equipment during the life-cycle management activities.

– 58 – IEC 63046:2020 © IEC 2020

9.3 Test requirements

The following tests are required dependent on the stage of the NPP design:

• Routine tests;
• Factory tests;
• Site acceptance tests;
• Plant commissioning tests.

The test results shall demonstrate compliance with specifications associated with the different
levels (Electrical Power System level, sub-system level and equipment level).

All systems important to safety shall include provisions for testing, including where
appropriate, built-in test capabilities.

The equipment testing programme should be coordinated with the operational test programme
so that availability requirements of systems and components can be fulfilled. This includes
taking into consideration failure rates of components in establishing test frequencies. It is
envisaged that certain tests can only be performed during refuelling outages.

Testing arrangements should include test procedures, test equipment interfaces, test
equipment requirements and built-in test facilities.

Testing and calibration of system equipment important to safety should be possible in all
modes of normal operation, including power operation, while retaining the capability of
systems important to safety to fulfil their safety functions.

The capability for testing and calibration during power operation should not adversely affect
the safety or the operation of the plant.

If provisions are not made for testing equipment important to safety during power operation,
the following should be provided:

• justification that the reliability of the functions is acceptable;

• the capability for testing during shutdown.

A test programme should normally include:

• a description of programme objectives;

• identification of systems and components to be tested;
• test schedule;
• bases and justification for the tests to be conducted and test intervals;
• acceptance criteria;
• a description of the documentation and reports required;
• periodic review of the effectiveness of the programme;
• the individual test procedures to be used to define the tests.

The scope and frequency of testing should be justified as consistent with functional and
availability requirements.

Implementation of the test programme should provide:

• objective information on the status of systems and components;

• assessment of the degradation of components;

IEC 63046:2020 © IEC 2020 – 59 –

• data on trends to assist in detecting degradation of components;

• indications of incipient failure within the system;
• requirements for evaluations that should be conducted before repetition of the failed test
can be credited as establishing operability.

Evaluation and documentation of the causes of a failed test, and of the remedial actions
taken, should be undertaken before the results of a repeated test can be used to demonstrate
operability of the systems or components involved. Corrective actions may, for example,
include calibration, maintenance or repair of components, or changes to test procedures.

10 Overall integration and commissioning

10.1 General

The objective of this phase is to integrate the Electrical Power System on site and ensure that
all functions important to safety and the associated support systems perform as expected
during the commissioning tests of the plant.

The commissioning plan of the Electrical Power System should be included in the
commissioning programme of the plant systems.

The electrical system is usually used during the construction phase, in the following steps:

• After the electrical system (or part of the system such a division, a voltage level) has been
installed, inspected and verified to comply with electrical and personnel safety demands, it
can be energized and put in operation in order to support the construction or tests. The
energized parts of the electrical systems can be used for operating electrical loads during
the installation of the plant;
• When the plant reaches the commissioning period, the commissioning of the electrical
systems are planned together with other commissioning activities;
• After applicable commissioning tests have proved that the electrical system meets all
nuclear safety objectives, the electrical system is declared operational from a nuclear
safety perspective;
• The impact of the use of a part of the Electrical Power System during the Construction
phase shall be considered.

10.2 Requirements

The following requirements are applicable for steps 2 and 3 of 10.1.

a) The activities should be carried out in a systematic way, with a strategy developed in
accordance with the system installation plans, the overall integration and commissioning
plans.
b) The overall integration activity should be carried out with all the related electrical systems
installed and individually tested and interfaces with the systems supported.
c) Programmable digital items with parameters shall be loaded and stored values shall be
justified and tested.
d) Verification and validation of all functions important to safety shall be completed before
these functions are placed in service (on a nuclear safety perspective).
e) Verification and validation of electrical data used for electrical disturbances studies from
the tests performed (refer to 7.3.3). In case of variations, the impacts on these studies
should be assessed.
f) Verification and validation of the margin following [Link].

– 60 – IEC 63046:2020 © IEC 2020

10.3 Output documentation

The electrical systems integration documentation with records of chronological evolution of

on-site verification and validation activities shall be available before the beginning of
operation activity.

The report on the overall commissioning activity shall confirm that the electrical power
systems satisfy all expectations for intended use and functions important to safety comply
with the overall requirements specifications.

Variations from the design intent that are found are assessed, corrected or referred to the
operating organisation so that any effect on plant operation can be taken into account.

11 Overall operation and maintenance

11.1 General

The conditions to be met before entering the operation phase should be agreed before
handover from overall commissioning to the operating organisation. The following
requirements are independent of this agreement:

• the systems should have completed sufficient testing to confirm that the specified
functionality has been provided. Where testing has identified defects, these shall be
documented and, if possible, corrected prior to handover;
• adequate user documentation and maintenance plans shall be available.

Operation of the Electrical Power System may start after evaluation of commissioning reports
has shown the activity was completed successfully.

NOTE The electrical system can be used during the construction phase (refer to 10.2), the word “operation” in
this clause refers to operation on a nuclear safety perspective.

11.2 Requirements

The electrical power systems shall be operated and maintained in order that the requirements
for the Electrical Power System supporting functions important to safety are maintained.

a) The documentation for operation, maintenance defined in 6.5 and 7.5 shall be
implemented.
b) Procedures to be followed by plant operators or maintenance staff in normal operation,
anticipated operational occurrences and accident conditions shall be available in the
control room or nearby. Their form and content should be in accordance with international
or national regulations.

During the lifetime of the nuclear installation, some modifications on loads supported by the
Electrical Power System will occur (new load to supply or modification of some electrical
characteristics of load in case of replacement), the modification process shall substantiated
that the modification will not impact:

• the robustness against CCF,

• the robustness against hazard,
• the robustness against electrical disturbances,
• the margin strategy.

11.3 Output documentation

Chronological documentation of operation, repair and maintenance shall be maintained.

Operational records should be subject to regular review to assess for negative performance
trends, and any trends which indicate unacceptable deterioration of electrical equipment
should result in appropriate corrective actions.

12 System quality assurance plan

12.1 General
a) A quality assurance plan shall be established and implemented to cover each of the
activities of the system safety life cycle. The requirements for the system quality
assurance plan shall be derived from IAEA GS-R Part 2 and ISO 9001.
b) The system quality assurance plan shall include the activities that are necessary to,
achieve the appropriate quality of the system, for verifying that the required quality is
achieved, and to provide objective evidence to that effect.
c) The system quality assurance plan shall include:
• identification of the governing standards and procedures to be used for the project;
• identification of the phases of the system life cycle, the elementary tasks and the
expected results of each phase;
• description of relationships and interactions between the different tasks;
• description of the organisational structure;
• procurement of components from external suppliers;
• product identification and traceability;
• identification of all inspection and testing procedures;
• identification of QA activities and tasks;
• identification of personnel/organisations responsible for QA activities and tasks,
including requirements for organisational independence between relevant activities in
the project lifecycle;
• procedures for reporting and disposition of non-conformance to requirements,
standards and procedures. The procedures shall include consideration of the impact
upon NPP safety and shall ensure that all effects of the non-conformance are
identified, for example interchangeability, maintenance, spares, operating instructions,
etc.
d) The quality assurance plan shall be established at an early stage of the system life cycle
and shall be planned within the general schedule of the other activities of the Electrical
Power System life cycle.

12.2 System verification plan

a) A system verification plan shall be developed describing:
• the verification process across all the phases of the system safety life cycle,
• the corresponding organisation and responsibilities.
b) The outputs generated by each phase of the system safety life cycle shall be verified
against its identified inputs.
c) Every verification step shall produce a report of the analysis performed and the
conclusions reached. When a phase is completed, a final report shall be produced,
showing the compliance of the outputs of the phase with the inputs requirements and the
resolution of anomalies.
d) Verification shall be carried out by persons competent in the subjects addressed, who
have a good understanding of the inputs against which the verification is made;
involvement of the representatives of those concerned with the use of the results is
recommended.

e) The thoroughness of the verification plan shall be commensurate with the safety class of
the system. The verification plan shall highlight the safety relevant aspects to be verified
and should recognise that the probability of fault or omission in complex items is greater
than in simpler ones.
f) The documents subject to a verification review shall be identified in the system quality
assurance plan.
g) The documents involved in a verification review, i.e. inputs and outputs of activities,
verification reports, and possibly the tools used to elaborate the outputs, shall be placed
under configuration management.

12.3 System configuration management plan

a) Configuration control:
• the configuration control shall provide the facilities guidelines for when to initiate a
design freeze (i.e. halt in design process). Procedures and authority required for any
further modification following a design freeze shall be defined including the allocation
of responsibilities and authorities for CM activities to organizations and individuals
within the project structure;
• the status of each controlled item shall be tracked; this includes information on the
initial approved version, the status of requested changes and the implementation of
approved changes;
• the configuration management plan shall identify the configuration audits and reviews
to be held;
NOTE It is good practice to distinguish between internal items (i.e. those developed within the project) and
external items (those provided by vendors/subcontractors), and to define activities to control the interface to
external items.
b) The configuration management plan shall be defined at the beginning of the system
project and be maintained during the whole system life cycle.

12.4 Fault resolution procedures

Procedures for the reporting and resolution of faults found during system integration
verification, during system validation and in later phases shall be established before the
corresponding phases begin.

a) These procedures shall be referenced by the system integration and system validation
plan.
b) These procedures shall apply to all faults found during the system integration phase and
system validation phase that require modifications to equipment or system design
documents.
c) They shall ensure that any required re-verification of system design and equipment is
performed according to the system configuration management plan.
d) They shall ensure that any required modification of system design and equipment is
carried out according to the modification procedure and to the system configuration
management plan.
e) An evaluation of each fault reported shall be made to determine whether any systematic
deficiency exists and also to determine whether the fault was of such a nature that it
should have been detected at an earlier phase of the verification.
f) If this is found to be the case (i.e. it should have been detected at an earlier phase), then
an investigation of that phase shall be conducted to determine whether any systematic
deficiency of the verification exists.
g) If the evaluation of faults shows that there is a systematic deficiency of the verification,
causing faults in equipment to remain undetected, then the deficiency shall be identified
and corrected or justified.

Annex A
(informative)

Basic safety issues in NPPs

A.1 General

This informative annex identifies the main safety concepts that are considered in this
document for the design of NPP Electrical Power System. The annex provides an overview of
the contents of IAEA documents but does not intend to enhance the requirements stated in
these documents.

A.2 Plant safety objectives

Any industrial activity that presents risks to workers, members of the public and the
environment requires the operator to take all reasonably practicable measures to keep these
risks low. One typical risk of nuclear energy is the potential hazard of ionising radiation (see
Clause 2 of IAEA SSR-2/1:2016).

The general nuclear safety objective is to protect individuals, society and the environment by
establishing and maintaining an effective defence against radiological hazard from NPPs.

A.3 Plant safety analysis

A.3.1 General

A safety analysis of the nuclear plant design should be performed to establish and confirm the
design basis for the items important to safety and to ensure that the overall plant design is
capable of meeting the limits and reference levels for radiological doses and releases set by
the regulatory authority for each plant condition category (see Clause 5 of IAEA
SSR2/1:2016).

The scope of the safety analysis should include:

• the demonstration that operational limits and conditions are satisfied for the normal
operation of the plant;
• characterisation of the PIEs that are appropriate for the plant design and its location;
• an analysis and evaluation of event sequences which result from PIEs;
• comparison of the results of the analysis with radiological acceptance criteria and design
limits;
• establishing and confirming the design basis;
• a demonstration that the management of anticipated operational occurrences and accident
conditions is provided by the response of the automatic safety systems in combination
with prescribed operator actions.

This plant safety analysis process should be carried out in an iterative manner from the time
of initial plant conceptual design to the final plant safety assessment and take into account all
details of the plant configuration that may have an influence on safety. The plant safety
analysis should take full account of potential human errors in all operational states and under
accident conditions.

The objective of this analysis is to demonstrate that the actions which are specified to be
carried out by the automatic systems and the operators will result in plant behaviour which
maintains radiation doses to site personnel and the public below prescribed limits for normal
operating, anticipated operational occurrences and accident conditions.

A.3.2 Analysis of event sequences

The purpose of analysing an event sequence is to identify systematically and in detail all
possible consequences of a PIE on the plant, including those arising from auxiliary and
support systems and from possible operator error. The results of this event sequence analysis
should then be used to determine if the safety requirements set down in the IAEA code of
design have been met (see appendix of IAEA SSR-2/1:2016).

Useful analytical tools for identifying possible plant states after a PIE are event tree analysis
(qualitative) and fault-tree analysis (quantitative).

It is neither possible nor necessary to include in the safety analysis every event sequence
that might occur. However, the safety analysis should identify and consider in detail those
PIEs and event sequences that produce bounding cases for safety design. In making the
choice of these event sequences, experience with existing plants should be taken into
account.

Even with the restriction to bounding case event sequences, as described above, the rigorous
application of event tree methodology will, in many practical situations, lead to the
identification of many more plant configurations for each PIE than can be realistically
analysed in detail. Therefore, it is usually admissible to restrict the detailed analysis to a
number of representative event sequences.

A.3.3 Assessment of design basis: deterministic/probabilistic methods

Methods have been developed to assess whether safety objectives have been met (see IAEA
75-INSAG-3).

In the deterministic approach, design basis events should be chosen to bound a range of
related possible initiating events which could lead to a challenge to the safety of the plant.

Probabilistic analysis should be used to evaluate the likelihood of any particular sequence
and its consequences. This evaluation should take into account the effects of mitigation
measures inside and outside the plant.

Deterministic versus probabilistic approach: The lack of sufficient data on component or

system behaviour or the inability to specify a suitable mode may prevent a rigorous
quantitative probabilistic approach. However, a partial probabilistic approach can often be
supplemented by qualitative engineering judgement. A deterministic approach on the other
hand requires engineering judgement that implicitly contains some qualitative probabilistic
considerations.

In essence, current practice is to use the deterministic approach to design the systems and
the probabilistic approach to optimise appropriate parts of the design and to evaluate the
overall safety.

A.4 Defence in Depth

A major contribution to the safety philosophy is provided by the defence-in-depth concept.

This concept should be applied to all safety activities, whether organisational, behavioural or
design-related, to ensure that there are overlapping safety provisions so that if a failure does
occur, it would be compensated for or corrected (see IAEA SSR 2/1; IAEA 75-INSAG-3).

A first application of the concept of Defence in Depth to the design process is to provide
independent but complementary sets of equipment and procedures in order to prevent
accidents or to ensure appropriate protection in the event of prevention failing. Examples of
the multiple levels of protection:

• multiple provisions for ensuring each of the basic safety functions, i.e. reactivity control,
heat removal and the confinement of radioactivity;
• use of reliable protective devices in addition to the inherent safety features;
• supplementing of the plant control by automatic and operator actions;
• provision of equipment and procedures to mitigate accident consequences.

In general, all the lines of defence should be available at all times as specified for the various
operational modes.

• The aim of the first line of defence is to prevent deviation from normal operation. This
requires that the plant be soundly and conservatively designed, constructed and operated
in accordance with appropriate quality levels and engineering practices.
• The aim of the second line of defence is to detect and intercept deviations from normal
operating conditions in order to prevent anticipated operational occurrences from
escalating into accident conditions.
• For the third line of defence it is assumed that, although very unlikely, the escalation of
certain anticipated operational occurrences may not be arrested by a preceding line of
defence and so additional equipment and procedures are provided to control the
consequences of the resulting accident conditions. A further major objective of this line of
defence is to achieve stable and acceptable conditions following the accident.
• The aim of the fourth line of defence is to provide complementary measures and accident
management following the non-operation of the third line of defence.
• Beyond the fourth line of defence, there are further contributions to the protection of the
public by complementary plant features (not claimed as important to safety) and plans for
emergency preparedness, which are largely independent of reactor design.

Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
interna se requiere de autorización previa de AENOR.
28/11/2023
IAEA SSG-34 provides the following table (see Table A.1):

Table A.1 – Support of the electrical power supply for the defence in depth of the plant

Levels of
Defence in Objective Essential provisions Applied to plant Electrical Power System
Depth
Prevention of abnormal operation and Conservative design and high quality in Comprehensive design bases, robust and reliable grid,
1
failures construction and operation robust and reliable on-site power systems
Control systems, limiting systems and Robust and reliable fault clearing system and coordination
Control of abnormal operation
2 protection systems and other surveillance of protection,power supply transfer capability, house load
and detection of failures
features operation possibilities
Control of accidents within Engineered safety features and accident Robust and reliable safety power systems, robust and
3
the design basis procedures reliable on-site standby AC power supplies
Control of severe plant conditions,
including prevention of accident
Complementary measures and accident Robust and reliable alternate
4 progression and mitigation of the
management AC power supply
consequences of design
extension conditions
– 66 –

Mitigation of radiological

28/11/2023
5 consequences of significant Off-site emergency response Mobile power supply connection point
radioactive releases

interna se requiere de autorización previa de AENOR.

Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
IEC FDIS 63046  IEC 2020
UNE-EN IEC 63046:2021
UNE-EN IEC 63046:2021

Annex B
(informative)

AC Interruptible Electrical Power System

B.1 General

Note that the requirements of this annex will be covered in IEC 63272. As it is not convenient
to repeat the same requirements in different standards (risk of inconsistency when updating
one of these standards), this annex should be ignored and removed from IEC 63046 after the
publication of IEC 63272.

Where the requirements of this annex are different from those provided in the future issue of
IEC 63272, the information of IEC 63272 takes precedence.

B.2 Electrical design provisions

B.2.1 Steady state conditions for Electrical Power System

a) Voltage of Electrical Power System

The static voltage ranges to be taken into account when designing the unit's auxiliaries are
derived from:

• the grid voltage for equipment supplied directly from the preferred power supply;
• electrical studies for other types of power supplies (on-site power supplies).

Voltage range limits should be determined at the terminals of the equipment supplied under
the following sizing operating conditions:

• the maximum value should be established on the highest specified voltage of the Electrical
Power System without voltage drops in the cables and without load.
• the minimum value should be established on the lowest specified voltage of the Electrical
Power System including voltage drops in the cables at full load.

The maximum steady-state voltage drop between the power source and the powered
equipment relative to the sizing voltage of the electrical distribution should be specified.
Consideration of the voltage drop confirms that the voltage at the terminals stays above a
minimal voltage which could result in the loss of some functions.

A load flow study should validate the voltage range for electrical equipment of each sub-
system (AC interruptible power supply system and DC/AC uninterruptible power supply
system).

b) Current

The current values during steady-state operation shall be established at the steady state
voltage range limits.

Depending on the type of load (i.e. inductive or resistive), lower or upper voltage limits shall
be used.

c) Frequency of power supply

On-site frequency variations (around nominal frequency) originating from the grid should be
evaluated and shown to be acceptable for the process (fluid system) and should not impact on
equipment such as uninterruptible power supplies.

B.2.2 Electrical disturbances

B.2.2.1 Electrical Power System voltage

a) Undervoltage

Undervoltage can result from the following transient operations or faults:

• grid disturbances;
• electrical fault and relevant clearance;
• starting of motors or group of motors;
• a combination of the above listed causes.

Voltage drop as a result of electrical fault or due to the start of motors:

• shall not cause any permanent disconnection or inadmissible interruption of other loads
important to safety in operation;
• shall not result in an electrical source transfer operation (automatic switchover to stand-by
off-site power supply or on-site AC power source).

In case of electrical source transfer, a load starting sequence shall be established based on
the load characteristics and the capability of the supply source.

b) Overvoltage

Overvoltage can be due to following transient operations or faults:

• low frequency transients such as:

– load rejection;
– turbine trip;
– house-load operation with or without failures of automatic voltage regulation for main
generator;
– transients having their origin at the generator;
– single-phase to earth fault in an IT earthing scheme;
– ferroresonance.
• High frequency transient such as:
– lightning;
– switching impulse.

1) Lightning

Lightning strikes

• on buildings;
• in the vicinity of the NPP;
• on transmission lines;

can induce disturbances and destruction of electrical and electronic systems.

The analyses should demonstrate that overvoltages caused by lightning do not challenge the
equipment important to safety and are below the equipment withstand levels.

2) EMC

Induced voltages/currents should be demonstrated to be within design limits.

Protection should also be provided by the application of good practice in the execution of:

• segregation;
• cable selection and installation;
• cable shielding management;
• effective building/room/panel shielding;
• earthing design;
• etc.
NOTE The electrical protection scheme can use different kinds of voltage protection:

• Protection relays for low frequency transients;

• Surge arrester for high frequency transients.

c) Unbalanced voltage

Unbalanced voltages can result in voltage and current negative phase sequences.

The resulting negative values should be analysed with regard to the withstand capability of
the equipment important to safety.

B.2.2.2 Electrical Power System Current

a) Electrical fault

The following faults (short-circuit and insulation fault) should be examined:

• single phase to earth fault;

• phase to phase fault;
• two or three phase to earth fault;
• three phase fault.

Short-circuit calculations according to IEC 60909 (all parts) should be performed to determine
maximum and minimum AC currents during fault conditions.

Short-circuit studies are required to determine equipment withstand requirements in the first
stage of the design and then to check in the next stage of the project that equipment ratings
are adequate.

The maximum calculated short circuit current:

• shall not exceed the maximum fault current withstand capability of all electrical equipment;
• shall not exceed the maximum capability of switching devices.

The electrical protection coordination studies shall demonstrate selective isolation of the
faulted circuit.

The selectivity between the different electrical protection levels shall be adequate at minimum
calculated short circuit levels.

b) Overload

Overload protection should be taken into account while designing the electrical protection
scheme.

c) Inrush current

Inrush current due to motor starting or transformer magnetizing should be taken into account
in designing electrical protection schemes.

Inrush currents shall not activate electrical protection.

d) Geomagnetically Induced Currents

A substantiated engineering assessment shall demonstrate that the design measures

adequately mitigate the risk of GIC in the NPP.

B.2.2.3 Frequency

a) Under or over frequency

Under- and over-frequency should be assessed to consider the impact on the required power
and on the power balance.

The functional impact of the under and over frequency on the process (on fluid system) should
be analysed by the responsible technical groups.

b) Harmonics

The operation of the Electrical Power System shall not be disturbed by harmonics (e.g. risk of
spurious operation of overload protection without overload situation).

The effects of harmonics generated by the grid or plant equipment and their propagations
should be evaluated and appropriate measures should then be taken.

B.2.2.4 Electrical source transfer

The set limit of the parameters and time delay in order to ensure the re-supply by the power
source of the next level of defence should be defined.

A time delay prior to disconnection should be considered to allow the system to ride through
minor disturbances.

The design of the electrical source transfer should be determined following two possibilities:

• slow transfer;
• fast transfer.

In case of slow transfer, a time delay prior to reconnection should be considered to allow the
system to perform the restart the loads. The time delay and reconnection type (manual or
automatic connection) should be supported by the results of the accident analyses.

Each division should have an independent scheme for detection and protection to disconnect
the safety buses from the preferred power supply, to shed loads from the safety buses and to
start the standby power sources in the event of degradation in voltage, degradation in
frequency or loss of voltage.

B.3 Design of the Interruptible power system

B.3.1 Design of the preferred power supply

The preferred power supply consists of:

• the off-site part

– the main off-site power supply consisting of the main transmission system (grid) and its
associated switchyard;
– the standby off-site power supply consisting of the standby grid and its associated
switchyard;
• the on-site part:
– the Unit Transformer and the Auxiliary Transformer(s) connected to the main off-site
power supply;
– the Standby Transformer(s) connected to the standby off-site power supply;
– the distribution system up to the interruptible power supply system(s) important to
safety;
– the main generator and its associated circuit breaker, if a houseload operation
capability is provided.

B.3.2 Design of the off-site power supply

The off-site power system consists of the transmission system (grid) and switchyard
connecting the plant with the grid.

The off-site power system should normally provide AC power to the plant in all modes of
operation and in all plant states (during power operation, the supply is from the main
generator).

It should also provide transmission lines for outgoing power. The boundary between on-site
and off-site power systems should be agreed between the electric grid operator and plant
operators.

Similarly, large nuclear units with a fast turbine governor and generator excitation systems
can enhance robustness to a grid system.

Good functional integration by design and good operational coordination between the grid and
nuclear power plant operators during major operating changes either on the grid or at the
nuclear power plant are important requirements for the safe and reliable operation of both the
grid and the plant.

The physical design of the switchyard should be such as to reduce the possibility that a single
equipment failure will cause the failure of off-site circuits.

Electrical power from the transmission network to the on-site electrical distribution system
should be supplied by two physically independent circuits (not necessarily on separate rights
of way) designed and located so as to reduce the likelihood of their simultaneous failure
under operating and postulated accident and environmental conditions.

The standby off-site power supply should be:

• ready for operation;

• capable of being switched on automatically in case of failure of the power supply through
the auxiliary transformer(s).

The risk of CCF should be reduced in the grid sub-station by the following:

• where off-site power supplies are shared between multiple units at a multi-unit plant, the
ability to disconnect a unit should not affect the availability of the off-site supply to any
other units.
• two supplies should not share the same control power supplies.
• the switchyard control power should be unique to the switchyard and should not be fed
from the power supplies of the nuclear power plant.

Transient stability studies should be conducted to investigate the transient behaviour of the
NPP generator after disturbances on the electrical network in the vicinity of the plant.

The study should determine the capability of the generator to remain connected to the grid
and the effects of the transient on the unit electrical power supply system.

The off-site power system design shall satisfy the nuclear safety criteria established in
national and international standards, the grid code and electrical design criteria (as stipulated
by national electrical codes).

B.3.3 Design of on-site preferred power supply

The physical design of the on-site preferred power supply should be such as to reduce the
possibility of a single equipment failure causing the failure of all circuits (main and standby
power supplies) supplying loads important to safety.

The standby on-site preferred power supply should be:

• ready for operation;

• capable of being switched in automatically in case of failure of the power supply through
the auxiliary transformer(s).

The preferred power supply system and the interruptible power supply system important to
safety should be designed such that, on demand from the I&C system, they are automatically
disconnected from each other.

B.3.4 Design of the AC interruptible power systems important to safety

The AC on-site power system consists of distribution systems and power supplies within the
plant.

Stand-alone power supplies, such as separate power supplies for security systems, are not
covered by this standard.

B.3.5 Design of internal standby sources

The design of internal stand-by sources (number of sources, technology) shall be based on:

• the sources’ actuation time, operating time and capacity requirements (functional
requirements);
• the reliability required for internal stand by sources (safety requirements).

• the operating time and capacity should be based on:

– regulatory requirements;
– mission time of the supplied loads;
– time to re-establish the power supply of the upstream source;
– required plant fuel capacity for the long term management.

The voltage of the internal sources should enable connection to the AC interruptible networks.

B.4 Preferred power supply system (from IAEA SSG 34:2016, chapter 6,
clauses 6.1 to 6.44)

B.4.1 General

The functionality of items important to safety at the nuclear power plant shall not be
compromised by disturbances or degraded conditions in the electrical power grid, including
anticipated variations in the voltage and frequency of the grid supply.

B.4.2 Operation

The preferred power supply to the safety power systems is the supply from the grid. In power
operation, the power supply is normally from the main generator, connected to the grid. The
generator will act as a stabilizer against voltage variations on the grid and can power the on-
site power systems during house load operation.

B.4.3 Grid interface and agreement with grid operator

The transmission system should be able:

• To supply the nuclear power plant with power during start-up, during shutdown and during
emergencies in a stable and continuous way;
• To dispatch the energy from the nuclear power plant in a stable and continuous way.

This applies also after anticipated grid events when the plant remains connected to the grid.

The preferred power supply could also come from a separate connection to the grid. In order
to reduce the risk for common cause failure caused by events on the grid, the switchyard or
the main generator, it could be investigated whether the different divisions of the electrical
power systems of the nuclear power plant could be connected to different preferred power
supplies without a significantly increased risk of undue trips and other disturbances.

An agreement shall be established for the restoration of the off-site power supply with a high
priority after a grid failure or blackout. A re-supply plan should be established describing how
to do this restoration.

B.4.4 Reliability of the preferred power supply

The design of the connection to the grid, the control circuits and the relay protection should
be of high quality and should contribute to a reliable preferred power supply.

Events to be considered in the design of the grid connection and the relay protection include:

• Anticipated electrical events including loss of load and out of step scenarios;
• Anticipated electrical events during shutdown;
• Pollution of outdoor equipment;
• Geomagnetic storms;

• Winding to winding faults in transformers and open phase condition.

In areas with a high risk of pollution, an increased length of insulator may be necessary to
ensure that insulator contamination does not pose a risk of common cause failure of off-site
supplies.

B.4.5 Off-site power supplies

The off-site power supply should have adequate capability to power plant loads in all modes
of the nuclear power plant’s operation.

It should be noted that voltage levels on the grid could be different when the plant is in
shutdown mode.

The transmission system is the source of power to the on-site power system.

The transmission system is also a significant contributor to Defence in Depth for the plant’s
safety design. The provisions for safe shutdown of a nuclear power plant in transients and
accidents, as well as normal shutdown, are more flexible and more reliable if off-site power is
available. The power supply should therefore have adequate capability.

Off-site power should be supplied by two or more physically independent off-site supplies that
are designed and located to reduce, to the extent practicable, the likelihood of their
simultaneous failure.

The total number of transmission line connections to the electrical grid will depend on the
capabilities of the entire grid and on the design of the nuclear power plant.

A single transmission line for each off-site power supply may be acceptable if the safety
analysis report shows that this arrangement achieves the technical safety objectives

For example, a single off-site power supply might be acceptable for reactors of a design that
employs passive engineered safety features.

Nuclear power plants with a single transmission line might have a forced outage rate that is
higher owing to line tripping. This should be taken into consideration, in particular in areas
where the frequency of lightning strikes on the line is high. In such cases, the nuclear power
plant may prematurely reach design thermal stress cycles unless the plant is designed to
withstand the effects of the forced outages or unless measures are taken to reduce the
number of forced outages, such as by provisions of additional transmission lines and a
greater level of protection.

As a minimum, each off-site power supply should have the capability to power all electrical
loads required to mitigate the consequences of all design basis accidents and anticipated
operational occurrences.

Each off-site power supply required for normal plant operation, start-up and shutdown should
have the additional capability to power all the normal electrical loads.

At multi-unit plants, each unit should be connected to two off-site power supplies such that
the technical safety objectives are fulfilled simultaneously for all units. The off-site power
supplies, provided to meet the recommendation may be shared among two or more plants or
units, or they may have separately dedicated circuits.

For multi-unit plants, a single off-site power supply may be acceptable for some reactor
designs if it is shown in the safety analyses report that one off-site power connection is
sufficient.

Where off-site power supplies are shared between multiple units at a multi-unit plant, the
ability to disconnect a unit should not affect the availability of the off-site supply to any other
units.

B.4.6 Availability

For NPPs that credit off-site power source in safety analysis, a minimum of one off-site circuit
should be designed to be automatically available to provide power to its associated safety
divisions within a few seconds in a design basis accident to be able to meet the requirements
for accident analysis.

A second off-site circuit should be designed to be available within a short period of time.

The second circuit should preferably also be available within a few seconds in a design basis
accident.

The transfer system for the auxiliary loads should be evaluated against the safety
requirements for the design.

The transfer to the second circuit, both manually and automatically, should be easy to
accomplish.

The transfer capability should only be used when necessary as switching between two live
circuits could pose risks.

It is preferred to energize from the secondary circuit after a loss of voltage from the primary
circuit. Interlocks between breakers may be used to preclude setting circuits in parallel that
could result in adverse voltage or current conditions on common buses.

Variations in voltage and in-rush currents during the transfer should be considered in the
design of the transfer sequence.

The more reliable power supply should be selected for use in normal operation of the plant.

Selection of the most reliable power supply for normal operation of the plant reduces the
transfer demands on switchgear.

Some nuclear power plants are designed for load rejection on separation from the
transmission lines, and for the subsequent reduction of the reactor output and the generator
power output to levels sufficient to meet the needs of the disconnected plant for electrical
power (the house load) without tripping the steam supply or tripping the turbo generator. This
transfer to house load operation will result in frequency excursions and voltage excursions
before stable operation is achieved.

In plants designed for house load operation, the on-site power system should be designed to
accommodate the variations and transients of voltage and frequency from the generator when
transferring from the normal source of supply to house load operation.

A generator circuit breaker may be used as a provision to power the on-site AC power
systems immediately from the off-site circuits following the tripping of a main generator.
Generator load break switches can be used for this purpose, but the switchover will not be
immediate.

B.4.7 Independence of off-site circuits

Two off-site circuits should be designed and located to reduce, to the extent practicable, the
likelihood of their simultaneous failure under all plant conditions and in design basis
environmental conditions.

Examples of events that could cause simultaneous failure of both off-site circuits include:

• The use of a common take-off structure for both off-site circuits;

• Failure of a single breaker, switchyard bus cable or control power supply that could cause
failure of both off-site circuits.

B.4.8 Switchyard

The physical design of the switchyard should be such as to reduce the possibility that a single
equipment failure will cause the failure of off-site circuits that are credited with supplying
loads important to safety.

At least two supplies should not share the same control power source.

The switchyard control power should be unique to the switchyard and should not be fed from
the power supplies of the nuclear power plant.

Control circuits to outdoor switchyards should be equipped with overvoltage protection where
they enter the plant and should be isolated from the control circuits inside the plant.

Switchyard equipment should be designed to withstand the stresses of worst case faults.

Electrical Protection Systems should reduce the probability of failure of all off-site circuits that
are credited with supplying loads important to safety.

Design features suggested for consideration include:

• Primary and backup relay systems;

• Breaker failure relaying;
• Dual battery systems;
• Dual breaker trip coils.

B.5 Safety power supply system supporting DBC

B.5.1 General

The design of the nuclear power plant shall include a safety power supply capable of
supplying the necessary power in anticipated operational occurrences and design basis
accidents, in the event of a loss of off-site power.

The on-site power supply considered hereunder is delivered by a standalone generator set
with:

• A standalone starting system;

• Mechanical auxiliaries for operation or standby;
• Storage tanks, among them a fuel storage tank and service tank;
• Speed and voltage control;
• Electrical and mechanical protections;
• Control equipment;
• A device allowing full load test is also part of the arrangement.

The mechanical auxiliaries for operation or standby mode for a diesel engine are:

• Cooling system;
• Air intake system;
• Exhaust gas system;
• Lubrication oil system;
• Conditioning system (pre heating, pre-lubrication).

In the absence of IEC/SC 45A dedicated standard the following clauses shall be applied.

B.5.2 Design (from IAEA SSG 34:2016, chapter 7, clauses 7.36 to 7.63)

Standby AC power sources should consist of an electrical power generating unit complete
with all auxiliaries and a dedicated separate and independent stored energy supply for both
starting and running the prime mover.

The preferred approach is to have only one standby power source per division, avoiding the
necessity of parallel operation of generators.

If multiple power sources per division are used, it should be demonstrated that this is a
reliable configuration.

The standby power source should have sufficient capacity and capability to start and to
continuously supply all loads in its division under the full range of conditions, including
allowances for conditions such as:

• Loads that might operate at run-out conditions;

• Loads that might operate in an overload condition;
• Changes in load characteristics due to generator operation at the lower end or upper end
of the allowable voltage and frequency ranges;
• Engine derating due to, for example, the higher temperature of the intake air,
environmental conditions or the fuel temperature;
• Future load growth.

Diesel generators are specified to operate at a fixed voltage and frequency in the emergency
mode of operation. In general, the steady state voltage and frequency are maintained within
an allowable tolerance of ±2 % relative to the specified value. When electric motors are
subjected to voltages below their nominal rating, some of the characteristics will change
slightly and the power consumption will increase.

The continuous rating of the standby source prime mover preferably allows 3 000 h to 4 000 h
of continuous operation without major overhaul.

A 10 % to15 % overload capacity for a minimum of 2 h in a 24 h period is typically provided.

This provides assurance that the power source can handle the short time loading at the onset
of an event when systems of engineered safety features are realigning for injection or cooling
system operation and their pumps are operating in run-out conditions or with a higher flow
than is assumed in thermohydraulic analyses. The thermohydraulic analyses are normally
conservative in such a manner that the expected power consumption of motors could be
underestimated.

The capability of motor driven pumps to deliver required flows should be evaluated for
generator operation at the lower end of the frequency range.

A variation in frequency affects the torque developed by motors.

It should be demonstrated that the standby power source could operate continuously for the
required time period set out in the design bases without any stops for maintenance activities.

The standby AC power source should have an automatic start on loss of preferred power
supply to the essential buses.

The standby AC power source may also have an automatic start on actuation of an
emergency signal (without loss of power to the safety bus).

The times to start the standby AC power source and to connect loads to this source should be
consistent with the assumptions on start-up time made in the safety analysis.

On-site sources of fuel and other consumables (such as lubricating oil) should be sufficient to
operate the standby power sources until the off-site power supply can be restored.

Off-site sources of fuel and other consumables may be depended on if sources of

replenishment are identified and if on-site sources are sufficient for the time required to
replenish supplies. In most States, on-site sources are sized for one to two weeks of
operation without replenishment from external sources.

Standby power sources should be independent of electrical power sources and power sources
for instrumentation and control systems, other than those sources in their own division.

Instrumentation and control systems used for the starting, coupling, running and protection of
a standby power source should be supplied by batteries within their own division.

Loss of the DC power source within the same division as the standby power source could lead
to unavailability of the standby AC power source, but it would also cause loss of other
functions in the division, thus making the standby AC supply in that division inoperable.

When batteries specifically dedicated to the standby power source are used, they should be
subject to adequate surveillance to detect deterioration and failure, to the same extent as for
any safety system battery.

Standby power sources should only be used for the period of time necessary to reconnect to
reliable and stable preferred or alternative power supplies.

The use of standby power sources for peaking generation should not be allowed.

The Electrical Power System important to safety may supply loads of lower safety
classification (including loads not important to safety) provided that the independence
requirements of this Safety Guide are met.

Equipment that is not safety classified should be automatically disconnected on an accident

signal.

If the load is not disconnected, it has to be taken into account in the balance of the safety
system.

The isolation devices between a safety power system and equipment of lower safety
classification should be part of the safety system.

The load sequencer should automatically shed all the non-safety loads and should not
automatically start non-safety loads.

The load sequencer should only permit the start of non-safety loads after safety loads have
been started and it has been determined that there is enough capacity for start and operation
of the non-safety loads.

Transfer of a safety power system bus from its standby AC source to a preferred power
supply should require manual action.

When multiple safety power divisions are transferred from their standby power source to
preferred power supplies, only one division should be transferred at a time.

After a safety division is returned to the preferred power supply, the associated standby AC
power source should be made operable in normal standby conditions before transferring
another division to the preferred power supply.

B.5.3 Testing (from IAEA SSG 34:2016, chapter 7, clauses 7.64 to 7.67)

Provisions should be provided for the periodic testing of standby power sources during plant
operation.

The design of the test provisions should ensure that the standby power source can continue
to perform its safety function during testing.

Arrangements for testing should neither compromise the independence of systems important
to safety nor introduce the potential for common cause failures.

Examples of testing that either compromises the independence of systems important to safety
or introduces the potential for common cause failures are the formation of soot in diesels
being tested under no-load conditions, inadequate provision for restoring to normal standby
conditions after completion of the test or the introduction of human errors when testing
redundant equipment.

B.5.4 Performance criteria (transient and dynamic) (from IAEA SSG 34:2016,
chapter 7, clauses 7.68 to 7.70)

The variations in voltage and frequency in power supplied from the standby AC power source
should be shown to be within the design basis of the connected loads and the prime mover.

It is expected that voltage and frequency variations will remain within the range for continuous
operation. Deviations outside the range during the loading sequence and for short time
periods are permitted, provided that the voltage and frequency are restored well before the
next load is connected and that the voltage on the motor terminals is sufficient for starting of
the loads in each sequential step.

The performance of the standby power source during sequential loading, with continuous
loads that would only occur in accident conditions, is usually determined by a mixture of
testing and analyses.

B.5.5 Relay protection of standby power sources (from IAEA SSG 34:2016, chapter 7,
clauses 7.71 to 7.75)

Trip devices that protect the power supply from a standby power source against immediate
catastrophic failure should be in service in all modes of operation of standby power sources.

Examples of such devices include those that:

• Protect the standby power source from catastrophic failures, such as overspeed protection
and generator differential protection;
• Protect the power system important to safety from catastrophic failures, such as backup
overcurrent protection and low impedance to ground fault protection.

Trip devices that protect the standby power source from non-catastrophic failures should be
bypassed when the standby power source is supplying safety loads during emergency
operation, but should be in service during normal operation and testing.

The design should provide for individual testing of each trip function and bypass function.

All protection trip actuations for the standby power source should be annunciated in the main
control room.

B.5.6 Support systems for standby AC power sources

Support system equipment (e.g. ventilation systems, cooling water pumps and lubrication
systems) for redundant division of the standby power sources should be supplied with power
from the division it serves in order to preserve the redundancy and independence of the
divisions.

The auxiliary systems and support systems of standby AC power sources should be sized for
multiple starts.

Starting systems typically have the capacity to support at least five starts.

In order to support this, it is usually necessary to abort any starting attempt after a specified
time to preserve resources.

B.5.7 Fuel for standby AC power sources

It should be shown that fuel for standby AC power sources can be stored for long periods.

Fuel oil at a nuclear power plant is stored for extended periods. Some types of fuel are
chemically unstable when stored for long periods. Fuel ageing and oxidation can lead to high
acid content, high viscosity, and the formation of gums and sediments, which can clog filters.
Degradation in fuel quality could cause a common cause failure of the standby AC power
sources.

Every fuel delivery should be tested to verify that it meets specifications.

Samples for the testing of fuel will usually be taken on site.

B.6 Power supply system important to safety supporting DEC

B.6.1 General

The design shall include an alternate power source to supply the necessary power in design
extension conditions.

In the absence of IEC/SC 45A dedicated standard the following clauses shall be applied.

B.6.2 Design (from IAEA SSG 34:2016, chapter 8, clauses 8.1 to 8.18)

An alternate AC power supply should be provided at or near the nuclear power plant if the
plant’s design depends on AC power to bring the plant to a controlled state following loss of
off-site power and safety standby power sources.

Alternate AC power supplies, including necessary connecting points, are provided to protect
electrical power systems against the simultaneous failure of off-site and safety stand-by AC
power supplies. This needs AC power sources that are diverse in design and are not
susceptible to the events that caused the loss of on-site and off-site power sources.

The alternate AC power supplies with auxiliaries should be qualified for their intended
application.

Alternate AC power supplies should have sufficient capacity to operate systems necessary for
coping with a station blackout for the time required to bring the plant to a controlled state and
to maintain it in a controlled state.

If an alternate AC power source serves more than one unit at a site where safety standby AC
power sources are shared between units, the alternate AC power source should have
sufficient capacity to operate systems necessary for coping with a station blackout for the time
required to bring all units that share the safety AC power sources to a controlled state and to
maintain them in a controlled state.

The alternate AC power source for one unit should not normally be connected to the on-site
power system of that unit.

Support systems that maintain the alternate AC power source in readiness may be powered
from one or more units, provided that this does not affect the operability of the alternate AC
power source.

There should be a minimum potential for common cause failure of any safety standby AC
power source and the alternate AC power source.

No single point of vulnerability should exist whereby a weather related event, another external
event or a single failure could disable any of a unit’s safety standby AC power supplies and
simultaneously cause the failure of all off-site power supplies and the alternate AC power
supplies.

Provision should be made for connecting the alternate AC power supply to one or more safety
power system divisions.

The safety power systems should be fed from the alternate AC power supply only after it has
been disconnected from other power supplies.

Alternate AC power supplies should be capable of supplying the required loads within the time
specified in the plant safety analysis and the plant station blackout coping analysis.

It is preferable that the alternate AC power supplies will be capable of supplying loads as
soon as is practicable. Restoring AC power as soon as possible after a station blackout
restores a degree of Defence in Depth to the electrical power systems, restores safety
systems that depend on AC power and restores support systems (e.g. lighting systems and
habitability systems) that significantly enhance the ability of the operators to respond to an
event.

The alternate AC power supply may also have the capability to power loads necessary in
design extension conditions.

The plant design should include the necessary features to enable the safe use of non-
permanent power sources to restore the necessary electrical power supply.

Equipment necessary to mitigate the consequences of a core melt accident should be able to
be supplied by any of the power sources.

B.7 Mobile sources connections network

The delay of connection of this mobile power supply source shall be consistent with:

• The maximum autonomy of the severe accident uninterruptible power supply source;
• The maximum delay of operation for severe accident functions supplied by AC interruptible
power system.

The mobile power supply sources shall have the following characteristics as regards to the
scenario:

• Protected against the consequences of the scenario taken into account;

• Standalone equipment for a predefined mission time;
• Suitable time of connection and transportation;
• Accessible, standardized and robust connection;
• Suitable location for the mobile source;
• Interlocking within the Electrical Power System in order to prevent wrong configuration;
• Suitable setting of the protection as regards to the source design to meet the electrical
coordination (voltage, current, frequency).

B.8 Monitoring and switching of buses

Degradation of the preferred power supply of each safety power system bus (i.e. overvoltage,
undervoltage, over frequency and under frequency) should be detected on the buses of the
safety AC power systems.

Buses affected by degradation of the preferred power supply should be automatically

disconnected from their power source if the degradation exceeds the levels specified in the
design requirements.

After a bus is disconnected from a preferred power supply that has been degraded, the bus
should automatically be connected directly to sources in the following order:

• The alternative off-site power source (part of preferred power supply);

• The standby power source for that division of the safety power system;
• Alternate AC power source.

A time delay may be associated with the disconnection to allow the system to ride through
minor disturbances.

The time delay should be supported by the assumptions made in the accident analyses.

It is preferred that two breakers be provided to disconnect each preferred power supply feed
to a safety system bus.

If automatic connection to the alternative preferred power supply is not used, it should be
shown that this arrangement is in accordance with the design criteria of the plant.

The parameters of the power systems important to safety— including the availabilities claimed
in the design analysis — that are relevant to the safe operation of the plant in operational
states and under design basis accident conditions should be identified and used in the
establishment of operational limits and conditions for the plant.

The following recommendations do not apply to voltage monitoring that is used only for alarms
and apply to bus voltage and frequency monitoring and protection schemes for protection
against degradation in voltage, degradation in frequency or loss of voltage:

• Bus voltage and frequency should be detected directly from the safety system buses to
which the standby power sources are to be connected.
• Degradation in voltage or frequency should be alarmed in the main control room.
• Degradation in voltage or frequency to below acceptable limits should automatically
disconnect the affected supply from the safety buses.
– Two levels of voltage protection with different time delays are necessary: one level to
detect loss of off-site power at the safety buses; and a second level to detect
degradation in voltage.
• On sensing unacceptably high voltage on a preferred power supply, the affected preferred
power supply should be automatically disconnected from the safety system buses:
– The set point and time delay should be coordinated with the overvoltage capability of
connected equipment.
– The reset value of the monitoring equipment should be lower than the lowest
anticipated operating range of voltage of the standby supply.
• Each scheme should monitor all three phases.
• Measuring circuits should be immune to harmonics.
• The protection system design should be redundant.
• Failures in the measuring circuits should not cause incorrect operation or prevent correct
operation of the monitoring and protection scheme.
• The design should reduce the risk of unwanted disconnection of the preferred power
supply.
– The use of coincident logic and time delays to override transient conditions is a way to
reduce the risk of unwanted disconnection.
• A capability should be provided for testing and calibration during power operation.
– Indications should be provided in the main control room for any bypasses incorporated
into the design.

The undervoltage and time delay set points for degraded voltage protection should be
determined on the basis of an analysis of the voltage requirements of the loads important to
safety at all on-site distribution system levels.

Improper voltage protection logic can cause adverse effects on the systems important to
safety and equipment, such as spurious shedding of loads important to safety from the
standby power sources and spurious separation of systems important to safety from off-site
power as a result of normal motor starting transients.

Annex C
(informative)

Earthing

Earthing system serves to ensure:

• people electrical safety,

• functionality of Electrical power systems and instrumentation and control systems,
• prevention of fire or explosion caused by electrostatic phenomena.

These functions have to be fulfilled in normal configuration, in case of electric default and in
case of lightning strikes.

Detailed design guidelines for earthing are available in national and international standards.

In nuclear power generating plant, the design may be more challenged than in other
installations because of:

• the powerful electric default current,

• the electric source of EMI,
• the hazard studies guidelines , in particular lightning, EMI, fire, explosion.

Thus the conception of the earthing system need particular studies and some of them may be
important for safety.

The earthing system may be made of:

• An earthing network which contributes to general site equipotentiality and also used to
remove interfering currents to earth. It is designed to protect individuals (step and touch
voltages) and equipment when removing an HVB (external high voltage system) short
circuit or lightning strike current. It is also used to earth the fences. It has to be noted that
areas housing the step-down, auxiliary and step-up transformers and the switchyard
requires a denser buried earthing grid mesh.
• A Faraday cage. Buildings and facilities housing safety classified equipment or whose
failure would present an environmental hazard are protected against the effects of
lightning strikes (current transmission) by a Faraday cage. It captures the electrical
charge, channels it and discharges it to earth via the most direct route. The Faraday
cages are connected to the buried earthing grid at the external boundary of the buildings.
The Faraday cage also lessens the lightning impulse magnetic field.
• Equipotential bonding network which covers additional measures, to cope with the fault
current of the internal electrical circuit default and to reduce the electromagnetic coupling
inside the buildings and also the electromagnetic effects of lightning currents within the
volume to be protected. This network is connected to the equipment exposed conductive
parts and the extraneous conductive part.

These measures should be coordinated with requirements in cabling domain (IEC 60709),
EMC domain (IEC 62003) to cover additional requirements of electromagnetic compatibility for
installations, which reduce the electromagnetic effects caused by lightning and other
interference sources.

Annex D
(informative)

Logic diagram followed for the design of the EPS

Bibliography

IEC 60034 (all parts), Rotating electrical machines

IEC 60050-692:2017, International Electrotechnical Vocabulary (IEV) – Part 692: Generation,

transmission and distribution of electrical energy – Dependability and quality of service of
electric power systems

IEC 60364 (all parts), Low-voltage electrical installations

IEC 60364-5-52, Low-voltage electrical installations – Part 5-52: Selection and erection of
electrical equipment – Wiring systems

IEC 60479 (all parts), Effects of current on human beings and livestock

IEC 60880, Nuclear power plants – Instrumentation and control systems important to safety –
Software aspects for computer-based systems performing category A functions

IEC 60909 (all parts), Short-circuit currents in three-phase a.c. systems

IEC 61000 (all parts), Electromagnetic compatibility (EMC)

IEC 61508-1, Functional safety of electrical/electronic/programmable electronic safety-related

systems – Part 1: General requirements

IEC 61508-2, Functional safety of electrical/electronic/programmable electronic safety-related

systems – Part 2: Requirements for electrical/electronic/programmable electronic safety-
related systems

IEC 61508-3, Functional safety of electrical/electronic/programmable electronic safety-related

systems – Part 3: Software requirements

IEC 61508-4, Functional safety of electrical/electronic/programmable electronic safety-related

systems – Part 4: Definitions and abbreviations

IEC 61660 (all parts), Short-circuit currents in DC Auxiliary installations in power plants and
substations

IEC 61936 (all parts), Power installations exceeding 1 kV a.c.

IEC 62003, Nuclear power plants – Instrumentation, control and electrical power systems –
Requirements for electromagnetic compatibility testing

IEC 62040-3, Uninterruptible power systems (UPS) – Part 3: Method of specifying the
performance and test requirements

IEC 62138, Nuclear power plants – Instrumentation and control systems important to safety –
Software aspects for computer-based systems performing category B or C functions

IEC 62271-200, High-voltage switchgear and controlgear – Part 200: AC metal-enclosed

switchgear and controlgear for rated voltages above 1 kV and up to and including 52 kV

IEC 62305 (all parts), Protection against lightning

IEC 62305-1, Protection against lightning – Part 1: General principles

IEC 62305-3, Protection against lightning – Part 3: Physical damage to structures and life
hazard

IEC 62305-4, Protection against lightning – Part 4: Electrical and electronic systems within
structures

IEC 62340, Nuclear power plants – Instrumentation and control systems important to safety –
Requirements for coping with common cause failure (CCF)

IEC 62342, Nuclear power plants – Instrumentation and control systems important to safety –
Management of ageing

IEC 62443 (all parts), Industrial communication networks – Network and system security

IEC 62566, Nuclear power plants – Instrumentation and control important to safety –
Development of HDL-programmed integrated circuits for systems performing category A
functions

IEC 62645, Nuclear power plants – Instrumentation, control and electrical power systems –
Cybersecurity requirements

IEC 62859, Nuclear power plants – Instrumentation and control systems – Requirements for
coordinating safety and cybersecurity

ISO/IEC 27001, Information technology – Security techniques – Information security

management systems – Requirements

ISO/IEC 27002, Information technology – Security techniques – Code of practice for

information security controls

ISO 9000:2015, Quality management systems – Fundamentals and vocabulary

IAEA Safety Guide GS-G-3.5:2009, Management system for nuclear installations

IAEA Safety Standard Series SSR-2/1:2016, Safety of Nuclear Power Plant: Design

IAEA Safety Guide SSG-30, Safety classification of structures, systems and components in
Nuclear Power Plants

IAEA Safety Guide SSG-39:2016, Design of instrumentation and control systems in Nuclear
Power Plants

IAEA Nuclear Security Series 17, Reference Manual, Computer security at nuclear facilities

IAEA Safety Glossary:2018, Terminology used in nuclear safety and radiation protection

IAEA 75-INSAG-3, Basic Safety Principles for Nuclear Power Plants

IAEA Nuclear Energy Series NG-T-3.8, Electric Grid Reliability and Interface with Nuclear
Power Plants

IAEA Safety Report Series 91, Impact of Open Phase Conditions on Nuclear Power Plants
Electrical Power Supply Systems

IAEA – TECDOC – 1770, Design Provisions for Withstanding Station Blackout at Nuclear
Power Plants

IEEE 308-2001: IEEE Standard Criteria for Class 1E Power Systems for Nuclear Power
Generating Stations

___________

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION

3, rue de Varembé
PO Box 131
CH-1211 Geneva 20
Switzerland

Tel: + 41 22 919 02 11
info@[Link]
[Link]

Este documento ha sido adquirido por: UNIVERSIDADE DE VIGO a través de la suscripción AENORmás. Para uso en red
interna se requiere de autorización previa de AENOR.
28/11/2023

También podría gustarte

PDF Iec 62271 1 - Compress
Aún no hay calificaciones
PDF Iec 62271 1 - Compress
157 páginas
Seguridad en Módulos Fotovoltaicos: UNE-EN 61730-1
Aún no hay calificaciones
Seguridad en Módulos Fotovoltaicos: UNE-EN 61730-1
67 páginas
Une en - 62271 200 2005
Aún no hay calificaciones
Une en - 62271 200 2005
92 páginas
N0067871 PDF Es
Aún no hay calificaciones
N0067871 PDF Es
69 páginas
Une 60204
Aún no hay calificaciones
Une 60204
144 páginas
Norma Española: UNE-EN 60079-17
Aún no hay calificaciones
Norma Española: UNE-EN 60079-17
44 páginas
Seguridad en convertidores fotovoltaicos
Aún no hay calificaciones
Seguridad en convertidores fotovoltaicos
164 páginas
Une-En 60470 2001
Aún no hay calificaciones
Une-En 60470 2001
78 páginas
Une en - 61000 3 32009
Aún no hay calificaciones
Une en - 61000 3 32009
32 páginas
Aparamenta alta tensión IEC 62271-200
Aún no hay calificaciones
Aparamenta alta tensión IEC 62271-200
92 páginas
Transformadores de Tensión Electrónicos
Aún no hay calificaciones
Transformadores de Tensión Electrónicos
72 páginas
TCVN - 6306 - 1 - 2015 IEC - 60076 - 1 - 2011 - May - Bien - Ap - Dien - Luc PDF
Aún no hay calificaciones
TCVN - 6306 - 1 - 2015 IEC - 60076 - 1 - 2011 - May - Bien - Ap - Dien - Luc PDF
82 páginas
UNE-EN 62109-1 2011 SeguridadConvertidoresPV
Aún no hay calificaciones
UNE-EN 62109-1 2011 SeguridadConvertidoresPV
164 páginas
Une - 2015 - 60947 2 2007 A1 2011
Aún no hay calificaciones
Une - 2015 - 60947 2 2007 A1 2011
34 páginas
Une en - 13757 1 2003
Aún no hay calificaciones
Une en - 13757 1 2003
80 páginas
Une-En 16082 2012
Aún no hay calificaciones
Une-En 16082 2012
30 páginas
44 Une en - 61000 4 5 2007
Aún no hay calificaciones
44 Une en - 61000 4 5 2007
52 páginas
(Ex) Une-En Iec 60255-1 2024
Aún no hay calificaciones
(Ex) Une-En Iec 60255-1 2024
6 páginas
Carga Conductiva EV: Requisitos CEM
100% (1)
Carga Conductiva EV: Requisitos CEM
59 páginas
Especificación Transformador 10 kV
Aún no hay calificaciones
Especificación Transformador 10 kV
14 páginas
FND 002
Aún no hay calificaciones
FND 002
27 páginas
Aisladores Media Tensión Interior
Aún no hay calificaciones
Aisladores Media Tensión Interior
30 páginas
Une-En - 13129-2 2005 (Cancelada)
Aún no hay calificaciones
Une-En - 13129-2 2005 (Cancelada)
36 páginas
Ieee STD 80-2013-114-226
Aún no hay calificaciones
Ieee STD 80-2013-114-226
91 páginas
Norma UNE-EN 61000-4-4
Aún no hay calificaciones
Norma UNE-EN 61000-4-4
4 páginas
Norma para Estaciones de GNC
Aún no hay calificaciones
Norma para Estaciones de GNC
24 páginas
Une-En 50121-3-2 2007
Aún no hay calificaciones
Une-En 50121-3-2 2007
26 páginas
Sistemas Scada
Aún no hay calificaciones
Sistemas Scada
1 página
Catalogo General Cembre
Aún no hay calificaciones
Catalogo General Cembre
237 páginas
NT 024-3-2002 Especificaciones Tecnicas Transformador de Corriente Baja Tension 600v
Aún no hay calificaciones
NT 024-3-2002 Especificaciones Tecnicas Transformador de Corriente Baja Tension 600v
18 páginas
Normas de Calidad de Energía Eléctrica
100% (1)
Normas de Calidad de Energía Eléctrica
18 páginas
(Ex) Une HD - 60364 5 54 2011
Aún no hay calificaciones
(Ex) Une HD - 60364 5 54 2011
3 páginas
Seguridad en Escaleras y Guardacuerpos
Aún no hay calificaciones
Seguridad en Escaleras y Guardacuerpos
22 páginas
Procedimiento de Inspección de CT
Aún no hay calificaciones
Procedimiento de Inspección de CT
88 páginas
ANEXO IV Requerimietos Tecnicos para Centrales Fotovoltaicas
Aún no hay calificaciones
ANEXO IV Requerimietos Tecnicos para Centrales Fotovoltaicas
4 páginas
Tensión Máxima Permanente Que Soportan Los Cables de BT y MT
Aún no hay calificaciones
Tensión Máxima Permanente Que Soportan Los Cables de BT y MT
2 páginas
Grupos Electrógenos-Puesta A Tierra
Aún no hay calificaciones
Grupos Electrógenos-Puesta A Tierra
3 páginas
Accesorios para Transformadores: UNE-EN 50216-1
Aún no hay calificaciones
Accesorios para Transformadores: UNE-EN 50216-1
3 páginas
EE-ES-2018-0569-RA - Estudio de Protecciones - Configuracion 4
100% (1)
EE-ES-2018-0569-RA - Estudio de Protecciones - Configuracion 4
179 páginas
Une-En 1366-3 2011
Aún no hay calificaciones
Une-En 1366-3 2011
106 páginas
Norma UNE-EN 50014: Material Eléctrico Ex
Aún no hay calificaciones
Norma UNE-EN 50014: Material Eléctrico Ex
62 páginas
Ed 131 Fascículo Capitulo XII IEC 61439 Quadros Paineis e Barramentos
Aún no hay calificaciones
Ed 131 Fascículo Capitulo XII IEC 61439 Quadros Paineis e Barramentos
4 páginas
Apantallamiento Bodegas PDF
Aún no hay calificaciones
Apantallamiento Bodegas PDF
28 páginas
3une 60670-3 2014
100% (1)
3une 60670-3 2014
20 páginas
Aisladores para Acometida IEC 61109
Aún no hay calificaciones
Aisladores para Acometida IEC 61109
4 páginas
(Ex) Une-En 61284 1999
Aún no hay calificaciones
(Ex) Une-En 61284 1999
6 páginas
En 1792 (1998) - Relación Multilingüe de Términos para El Soldeo y Procesos Afines
Aún no hay calificaciones
En 1792 (1998) - Relación Multilingüe de Términos para El Soldeo y Procesos Afines
76 páginas
Sincrofasores - Santiago, Chile
Aún no hay calificaciones
Sincrofasores - Santiago, Chile
3 páginas
UIA Presentación
Aún no hay calificaciones
UIA Presentación
19 páginas
Corrección Norma Cables PVC 2005
100% (1)
Corrección Norma Cables PVC 2005
2 páginas
Diferencias entre IEC 60898-1 y IEC 60947-2
Aún no hay calificaciones
Diferencias entre IEC 60898-1 y IEC 60947-2
2 páginas
Ieee-43-2013 - Recommended Practice For Testing Resistence of Rotating Machinery
Aún no hay calificaciones
Ieee-43-2013 - Recommended Practice For Testing Resistence of Rotating Machinery
38 páginas
Iram 2437 - Niveles de Ruido
Aún no hay calificaciones
Iram 2437 - Niveles de Ruido
12 páginas
Bridas PN Une-En 1092-1-2008
Aún no hay calificaciones
Bridas PN Une-En 1092-1-2008
126 páginas
(Ex) Une en - 50272 2 2002
Aún no hay calificaciones
(Ex) Une en - 50272 2 2002
5 páginas
Grados de Protección IP: IEC vs NEMA
Aún no hay calificaciones
Grados de Protección IP: IEC vs NEMA
39 páginas
Seguridad en Convertidores Fotovoltaicos
Aún no hay calificaciones
Seguridad en Convertidores Fotovoltaicos
42 páginas
Une en - 60076 1 2013
Aún no hay calificaciones
Une en - 60076 1 2013
82 páginas
060664N0055401 - ES (1) - Unlocked
Aún no hay calificaciones
060664N0055401 - ES (1) - Unlocked
100 páginas
Une en - 60076 3 2014
Aún no hay calificaciones
Une en - 60076 3 2014
64 páginas
Contrato Ejempll
Aún no hay calificaciones
Contrato Ejempll
4 páginas
Fracciones y Números Mixtos para Niños
Aún no hay calificaciones
Fracciones y Números Mixtos para Niños
10 páginas
Cuentos Cortos y Fabulas
Aún no hay calificaciones
Cuentos Cortos y Fabulas
9 páginas
Guía de Laboratorio: Partidores Suaves
Aún no hay calificaciones
Guía de Laboratorio: Partidores Suaves
6 páginas
Linea de Tiempo Compañias Bananeras de Honduras
100% (1)
Linea de Tiempo Compañias Bananeras de Honduras
6 páginas
Economia Minera
Aún no hay calificaciones
Economia Minera
15 páginas
Sindicatos y Huelga
100% (1)
Sindicatos y Huelga
26 páginas
Práctica de Edición en Filmora X
Aún no hay calificaciones
Práctica de Edición en Filmora X
2 páginas
Collar en Mostacilla Obsequio
100% (2)
Collar en Mostacilla Obsequio
19 páginas
Meyco Fix Flowcable
Aún no hay calificaciones
Meyco Fix Flowcable
3 páginas
Proceso Laboral de La Provincia de Chaco
Aún no hay calificaciones
Proceso Laboral de La Provincia de Chaco
4 páginas
Embracing Your Demons: An Overview of Acceptance and Commitment Therapy
Aún no hay calificaciones
Embracing Your Demons: An Overview of Acceptance and Commitment Therapy
4 páginas
Cerambicido Del Agave
100% (1)
Cerambicido Del Agave
2 páginas
Maravillas del Ecuador en 3D: Exploración Visual
Aún no hay calificaciones
Maravillas del Ecuador en 3D: Exploración Visual
92 páginas
Ovinos y Caprinos
Aún no hay calificaciones
Ovinos y Caprinos
14 páginas
Guía de Cultivo de Venus Atrapamoscas
Aún no hay calificaciones
Guía de Cultivo de Venus Atrapamoscas
13 páginas
Ejemplos de uso en MariaDB
Aún no hay calificaciones
Ejemplos de uso en MariaDB
12 páginas
Caso de Estudio No11, Banco Caja Social (Omar Fernanado Duran Figueroa) 2022-1
Aún no hay calificaciones
Caso de Estudio No11, Banco Caja Social (Omar Fernanado Duran Figueroa) 2022-1
14 páginas
Crystel .
Aún no hay calificaciones
Crystel .
6 páginas
Ética Rodriguez Dupla PDF
100% (4)
Ética Rodriguez Dupla PDF
39 páginas
Exploración Clínica Del Oído Externo Y Medio. Técnicas de Diagnóstico Por La Imagen en Otología
Aún no hay calificaciones
Exploración Clínica Del Oído Externo Y Medio. Técnicas de Diagnóstico Por La Imagen en Otología
7 páginas
Retos y Soluciones para la Pesca Artesanal
50% (2)
Retos y Soluciones para la Pesca Artesanal
4 páginas
Sesión Matematicas Lunes 09 de Setiembre
Aún no hay calificaciones
Sesión Matematicas Lunes 09 de Setiembre
6 páginas
Los Hombres y El Aborto (Material de GIRE)
Aún no hay calificaciones
Los Hombres y El Aborto (Material de GIRE)
55 páginas
Capitulo 01-Ingenieria y Sociedad-2021
Aún no hay calificaciones
Capitulo 01-Ingenieria y Sociedad-2021
20 páginas
Canción de Prince sobre Justicia y Paz
Aún no hay calificaciones
Canción de Prince sobre Justicia y Paz
15 páginas
Jesus Crucigrama
0% (2)
Jesus Crucigrama
1 página
Tema 5 - Evaluación y Control
Aún no hay calificaciones
Tema 5 - Evaluación y Control
2 páginas
˗ˏˋ⌇visuales impresionantes ! afirmaciones ビジュアルˎˊ˗
100% (5)
˗ˏˋ⌇visuales impresionantes ! afirmaciones ビジュアルˎˊ˗
14 páginas
Lectura Critica Textos Filosoficos.
100% (1)
Lectura Critica Textos Filosoficos.
4 páginas