e-learning view The Manual here
DEFENCE IN DEPTH
Defence in depth: facilities

HIGH INTEGRITY SAFETY LAYERS

 

The second important issue is how to treat the 'time available'.
There are two key points, shown here.

  • The reliability of the procedure (how many layers) depends on the time available
  • If time is available for corrective actions, additional safety layers can be made available
But procedures should exist for carrying out the required actions (except for very long times)

We met the first point in an earlier example.

Because it would take a long time for reactor temperatures to rise, we counted both trains of cooling, even though they both required the same procedure. 

In another example, where time was short, we counted the procedure as the single layer available. 

The second point is an obvious one. For example, fire hoses can be linked up to provide cooling, or alternative electrical supplies can be brought in. The point to remember though is that unless there are very long times available, these possible actions should have been identified in advance and appropriate plans made. An example would be a portable generator stored in a known location with appropriate connections.