Methodology of the review of software for safety important systems
|
|
- Lambert Blankenship
- 5 years ago
- Views:
Transcription
1 G. I. Schueller, P. Kafka (eds). Safety and Reliability. Proceedings of ESREL 99 The Tenth European Conference on Safety and Reliability, Munich Garching, Germany, September 1999, pp Methodology of the review of software for safety important systems S.A.Vilkomir & V. S. Kharchenko State Scientific and Technical Center on Nuclear and Radiation Safety, Kharkov, Ukraine ABSTRACT: This paper presents a methodology of the review of software during licensing of important for safety computer systems at nuclear power plants (NPPs). The basis of this methodology is an assessment of fulfilment of the requirements to software at various phases of the software life cycle. The contents of such requirements are formulated. It is proposed to unite these requirements in five criteria: completeness, documentation, intelligibility, independence, and conformity. The standard list of stages of the software review is developed. The problems, which have arisen at practical activities on software review of computer systems at Ukrainian NPPs, are analysed. 1 INRODUCTION The term "review" is understood in a broad sense in the present paper, as an assessment of software features. In principle, such assessment can be conducted by the user or buyer of the computer system or by the developer of software, for example, during verification of But often the influence of possible software errors on reliability and safety can be extremely significant, that requires an independent review of software, including the assessment of process of its creation and verification. In all countries with the advanced atomic energetics there are special state regulatory bodies, whose basic task - independent control of observance of nuclear and radiation safety. In particular, at deployment of a new computer control system at NPP the regulatory bodies carry out the review and licensing of such system and issue the sanction on its use. In Ukraine such works are carried out by Nuclear Regulatory Administration (NRA) and State Scientific and Technical Center on Nuclear and Radiation Safety (SSTC NRS) (Vilkomir & Zhidok 1995). The present paper is devoted to the methodology of the software review during licensing of important for safety systems at NPPs. 2 THE PLACE OF THE SOFTWARE REVIEW IN THE GENERAL LICENSING PROCESS The assessment of all phases of the development cycle of computer systems is carried out during licensing: phases of the technical requirements, designing, testing (verification). Thus hardware, software and system as whole are estimated. The approach to the software review has the peculiarities in various countries depending on particular conditions and capabilities. The situation at NPPs of Ukraine is characterized by the active process of modernizing and commissioning of computer information and control systems. Thus the value of the software review in the general process of licensing increases, that is provoked by two following tendencies: 1. Using of a series of identical computer systems at various NPPs. 2. Using of computer systems of various assignments, constructed on the basis of a unified set of hardware and software units. The example of the first tendency is commissioning of the Rod Group and Individual Control System at South-Ukrainian-1 NPP and Khmelnitsky-1 NPP in There are minor distinctions in these systems at various NPPs because of different features of each NPP. Such distinctions in the main reveal itself in modifications of software units. Therefore at the review of the repeatedly introduced system, the main attention is
2 given to the assessment of modified or new software units. The example of the second tendency is commissioning of the Unit Information System and the Safety Parameters Display Systems at South- Ukrainian-1, Zaporozhye-5, Khmelnitsky-1, and Chernobyl-3 NPPs in All these systems are constructed on the basis of a set of WDPF modules, elaborated by Westinghouse (USA). The distinctions between these systems reveal themselves in quantity of one-type means and in different functional Therefore, since the review of second from the sequence of systems, the volume of the software review in the total volume of review activities increases. 3 ELEMENTS OF THE METHODOLOGY OF THE SOFTWARE REVIEW 3.1 Basic purposes and principles The purpose of the software review is the check of its conformity to criteria, norms and rules of safety. This check is carried out by the analysis of the documentation, submitted to the review. Both the working documentation (for example, materials of the project) and documents released by the developer specially for the purposes of licensing (for example, the safety analysis report) can be considered. There can also be necessity in representation of additional information by the developer during the review for the explanation of problems not enough completely stated in the basic documentation. The second important purpose of the activity of the experts is the influence on increasing of the safety level of For achievement of this purpose, all remarks and recommendations of the experts should be transmitted to the developers for the operating elimination of detected defects. The used methods can include also the assessment by realization of additional independent testing. The inspections, audits, walkthroughs are also applied. The basis of the methodology of the software review is the assessment of the fulfilment of the requirements to software at various phases of the life cycle. It is necessary to evaluate the fulfilment of functional and general requirements to software (see section 3.1) and also requirements to verification (see section 3.2). The functional requirements we understand as the requirement on the fulfilment by software of system functions. The general requirements are laid to software of all important for safety systems, irrespective of their functionality. Such requirements are determined, for example, in the IEC-880 standard (IEC 1986), former USSR standards GOST (GOST 1991) and GOST (GOST 1985) and other normative documents. It is proposed to unite requirements in five criteria: completeness, documentation, intelligibility, independence, and conformity. It is possible to set conformity of criteria and the estimated requirements as a matrix. The results of the review are also convenient for representing in the table, which contains individual evaluations of the fulfilment of the separate requirements and total evaluations on criteria. The main for software is the criterion of completeness: software should be sufficient for the fulfilment of all functions of the system and correspond to all requirements of the specifications, standards and other normative documents. 3.2 General requirements to software The general requirements to software detail the criterion of completeness and are its constituent. The general requirements are following: 1. Software should have the well-defined modular structure. 2. For the safety system software, the use of operating system and interrupts should be restricted. 3. Software should carry out self-supervision. 4. Software should carry out diagnostics of hardware. 5. Software should allow carrying out periodic testing of system functions. 6. Software should check up on the input data and carry out the protection from distortions of the input data. 7. Software should provide the protection against failures of hardware. 8. Software should provide the protection against errors of the personnel. 9. Software should provide the protection against the non-authorized access. 10. Software should carry out the protection against common mode failures, including failures because of software errors. The last requirement is one of the most important general requirements. For the protection against common mode failures the application of the following approaches (Kharchenko 1997) is possible: 1. The use of two various digital systems (basic and diversion) for the fulfilment of the same functions, but constructed on various hardware and 2. The use of the various software versions in various channels of the system for the fulfilment of the same function. 3. The use of more than one criteria for each situation, when the action of the system is needed (functional redundancy). The use of the latter approach means, that each emergency situation (the initial event) should be found out in several ways on various physically
3 interconnected technological parameters. The data processing on these parameters should be fulfilled by various software modules in various hardware units. If such approach is used, it is necessary to be convinced at the review that during software testing the developer checked up in detail and proved the achievement of functional independence. 3.3 Requirement to the software verification The main requirements (criteria) to the software verification are the following: 1. The software conformity to all requirements of the specifications, standards and other normative documents (criterion of completeness) should be tested during verification. 2. The criterion of independence should be observed during verification. Software of safety systems needs complete independence, when testing is carried out by the division, which administratively and financially does not depend on the division - developer of For software of important for safety systems (but not safety systems), the partial independence is admissible, when the development and testing of software can be carried out by the various experts of the same division. 3. The verification plan and report should be released (criterion of documentation). The independent parts of the verification plan and report (testing programs, testing procedures etc.) can be released as the separate documents. 4. The documentation on the software verification should be stated in the form, clear for experts not participating in the software development and verification (criterion of intelligibility). The following requirements detail the criterion of completeness: 1. Verification should be conducted after each phase of the software life cycle: the phase of the requirements development, the design phase, the phase of coding. 2. If automatic tools for the code generation are used during the software development, these tools should be verified with the same requirements, as system 3. The protection against common mode failures, including failures because of software errors, should be especially checked. The potential sources of common mode failures should be reflected and their possible influence should be considered. 4. If predeveloped software (earlier developed for other systems and already has been verified) is used, it is sufficient to verify only modified parts of 5. If predeveloped software, the documentation on which is inaccessible in the full volume, is used, it is necessary to evaluate the experience of operation of such The application of such software for safety systems is accepted only in specially stipulated cases. 6. If the configuration of software units is used, verification should consist of two parts: verification of standard units and verification of configuration data. 4 STAGES OF THE SOFTWARE REVIEW Before the beginning of control system licensing the plan of the review is established. This plan covers as well the software assessment. The schedule of the review is established, including deadlines of representation by the developer of the concrete software documents. The plan of the assessment of software includes: 1. The brief description of the subject of the assessment. 2. Criteria, on which the assessment is conducted. 3. The list of methods and actions which are carried out during the assessment. The plan of the software review should contain a detailed list of review stages, which is taking into account specificity of the considered system and its The standard content of such list for software review stages at all phases of software life cycle is offered below. At the phase of the software requirements, the review contains the following three stages: 1. The evaluation of conformity of the software requirements to the system requirements. 2. The evaluation of the reflection of general software requirements in the software requirements specifications. 3. The transfer of the remarks to the developer and obtaining the corrected and supplemented software requirements. At the phase of the software project, the review contains the following four stages: 1. The evaluation of the reflection of the requirements to software in the project documentation. 2. The analysis of the software structure for the protection against common mode failures, including failures because of software errors. 3. Working out of the detailed software requirements and functions list on the base on the design documentation for using at further review stages. 4. The transfer of the remarks to the developer. At the phase of the verification plan, the review contains the following five stages: 1. The evaluation of availability of the programs and procedures of software testing. 2. The evaluation of intelligibility of the verification plan.
4 3. The evaluation of the reflection of the detailed requirements to software, composed at the previous stage of review, in the verification plan. 4. The evaluation of completeness and sufficiency of the volume of tests, including in the verification plan. Working out, if necessary, propositions on additional testing for most important for safety functions. 5. The transfer of the remarks and additions to the developer and obtaining the corrected and supplemented verification plan. At the phase of the verification report, the review contains the following six stages: 1. The evaluation of availability of the verification reports for each programs and procedures of software testing. 2. The evaluation of completeness of the executed tests. 3. The evaluation of independence of verification. 4. The assessment of tools, applied at software development and verification. 5. The evaluation of conformity of all tests. 6. The issue of the final experts' report and recommendations to the regulatory bodies about possibility of software use. The phases of the software verification plan and report are the most important. Just at these phases the regulatory bodies have an opportunity to be convinced of achievement of a required degree of software quality, reliability and safety. Thus the direct influence of regulatory bodies and experts on increase of the safety level is possible. For this purpose the plans and programs of software testing are estimated prior to the testing beginning. Both the additions and remarks are transferred to the software developer for the consideration and elimination. At realization of software testing, the developer takes into account the requirements of regulatory bodies and experts on safety. 5 PRACTICAL EXPERIENCE OF THE SOFTWARE REVIEW OF SYSTEMS, INTRODUCED INTO UKRAINIAN NPPS The approach to the software assessment, described in the previous sections, is applied at SSTC NRS at the review of the following systems (Vilkomir & Zhidok 1998): 1. Rod Group and Individual Control System of Skoda-Controls (Czech Republic) at South- Ukrainian-1 NPP and Khmelnitsky-1 NPP. 2. Turbine Control System of Shevchenko Plant (Ukraine) for Zaporozhye-1 NPP. 3. Safety Parameters Display System of Westinghouse (USA) at Zaporozhye-5 NPP, Khmelnitsky-1 NPP and Chernobyl-3 NPP. 4. Unit Information System of WESTRON (Ukraine-USA) at South-Ukrainian-1 NPP and others. The experience of software assessments allows selecting problems, which happen in the practical works. In some cases, initial requirements to software (software requirements specifications) are stated not enough in detail in documentation or even are absent. Thereby, it is difficult to separate the requirements to software from requirements to system as a whole. So, it obstructs the assessment of testing completeness. The second defect is the formal approach to working out of software testing reports. In such cases, finding software errors and defects are corrected and checked back, but this is not documented duly. So only final positive results are present at testing reports. In some cases experts have made remarks, which required the revision of software testing plans. To typical examples pertain: 1. The absence of testing on some software functions. Basically, there are auxiliary functions such as the self-supervision function and so on. 2. During testing of the complex logical software functions the limited number of test data sets is used, not covering the variety of possible situations. The experience of practical works has also shown need of the use of special software tools during the review. Such tools could: 1. Relieve the work with big volume of the documentation and the check to its coherence and completeness. 2. Allow the experts to conduct their own dynamic testing and static analysis of the part of 6 CONCLUSIONS The offered methodology of the software review allows carrying out the assessment of software during licensing of important for safety systems at NPPs. This methodology can be adapted to software assessment for other critical application systems. The commissioning of digital control systems at the Ukrainian NPPs is extended. It is planned to deploy digital protection systems - the most important for safety systems at NPPs. It does the problem of development of the methodology of the software review important and actual. REFERENCES GOST Unified system of standards of computer control systems. Computer control systems. General requirements. Moscow. (In Russian). GOST Nuclear instrumentation systems for nuclear power stations. General requirements. Moscow. (In Russian).
5 IEC-880 Std Software for computers in the safety systems of nuclear power stations. International Electrotechnical Commission (IEC). Kharchenko, V.S Choice of design technologies and basic architectures for the defect-tolerant digital control and computing real-time systems. Space Science and Technology. 3(5/6): (In Russian). Vilkomir, S.A. & Zhidok, G.I Software for nuclear power-generating unit protection systems: safety and reliability problem. Control Systems and Machines. 4/5: (In Russian). Vilkomir, S.A. & Zhidok, G.I Experience of licensing of software for digital safety related systems in Ukraine. Project Control for 2000 and Beyond. Proceedings of ESCOM-ENCRESS 98, May 1998, Rome, Italy:
1. BACKGROUND MODERNIZATION OF THE UKRAINIAN NPP INSTRUMENTATION AND CONTROL SYSTEMS
MODERNIZATION OF THE UKRAINIAN NPP INSTRUMENTATION AND CONTROL SYSTEMS M. YASTREBENETSKY I&C Department, State Scientific Technical Center for Nuclear and Radiation Safety, Kharkov, Abstract Modernization
More informationFukushima Lessons for Safety of Critical Control Systems
Fukushima Lessons for Safety of Critical Control Systems Prof. Mikhail Yastrebenetsky, Dr. Alexander Klevtsov, Yuri Rozen, Serhii Trubchaninov State Scientific and Technical Center for Nuclear and Radiation
More informationFPGA - Based Technology and Systems for I&C of Existing and Advanced Reactors
IAEA-CN-164-7S04 FPGA - Based Technology and Systems for I&C of Existing and Advanced Reactors E. Bachmach, O.Siora, V. Tokarev, S. Reshetytsky, V. Kharchenko, V. Bezsalyi Research-and-Production Corporation
More informationResearch on software systems dependability at the OECD Halden Reactor Project
Research on software systems dependability at the OECD Halden Reactor Project SIVERTSEN Terje 1, and ØWRE Fridtjov 2 1. Institute for Energy Technology, OECD Halden Reactor Project, Post Box 173, NO-1751
More informationCountry Presentation. Ukraine
Country Presentation. Ukraine 25th Meeting of the IAEA Technical Working Group on Nuclear Power Plant Instrumеntation and Control (TWG -NPPIC) May 27-29, 2015,, Austria Vladimir Sklyar, RPC Radiy TOP5
More informationCountry Presentation. Ukraine
Country Presentation. Ukraine 24th Meeting of the IAEA Technical Working Group on Nuclear Power Plant Instrumеntation and Control (TWG -NPPIC) May 22-24, 2013,, Austria Vladimir Sklyar, RPC Radiy TOP5
More informationSafety-critical Certification of FPGA-based Platform against Requirements of U.S. Nuclear Regulatory Commission (NRC): Industrial Case Study
Safety-critical Certification of FPGA-based Platform against Requirements of U.S. Nuclear Regulatory Commission (NRC): Industrial Case Study Vladimir Sklyar National Aerospace University KhAI, Kharkiv,
More informationUse of PSA to Support the Safety Management of Nuclear Power Plants
S ON IMPLEMENTATION OF THE LEGAL REQUIREMENTS Use of PSA to Support the Safety Management of Nuclear Power Plants РР - 6/2010 ÀÃÅÍÖÈß ÇÀ ßÄÐÅÍÎ ÐÅÃÓËÈÐÀÍÅ BULGARIAN NUCLEAR REGULATORY AGENCY TABLE OF CONTENTS
More informationIMPLEMENTATION OF SAFETY PARAMETER DISPLAY SYSTEM ON RUSSIAN NPPs WITH WER REACTORS
IMPLEMENTATION OF SAFETY PARAMETER DISPLAY SYSTEM ON RUSSIAN NPPs WITH WER REACTORS V.G. DOUNAEV, V.T. NEBOYAN Consyst Co. Ltd, Moscow, Russian Federation Abstract This report gives a short overview of
More informationADVANCED I&C SYSTEMS FOR NUCLEAR POWER PLANTS FEEDBACK OF EXPERIENCE
International Conference Nuclear Energy in Central Europe 2001 Hoteli Bernardin, Portorož, Slovenia, September 10-13, 2001 www: http://www.drustvo-js.si/port2001/ e-mail: PORT2001@ijs.si tel.:+ 386 1 588
More informationSNRIU Nuclear installation modifications
State Nuclear Regulatory Inspectorate of Ukraine SNRIU Nuclear installation modifications Andrii Goroshanskyi Law of Ukraine «On Use of Nuclear Energy and Radiation Safety» of 08-Feb-1995 Article 22. The
More informationOur Ref. April 28, 2005 Page 1/9. 1. Introduction References Certification... 4
April 28, 2005 Page 1/9 Table of Contents 1. Introduction... 2 2. References... 3 3. Certification... 4 4. Procedures... 5 4.1 Management responsibility... 5 4.1.1 Quality Policy... 5 4.1.2 Responsibility...
More informationNUCLEAR SAFETY REQUIREMENTS BSR
NUCLEAR SAFETY REQUIREMENTS BSR-1.8.2-2015 APPROVED BY Order No. 22.3-99 of The Head of State Nuclear Power Safety Inspectorate, of 7 October 2011 (as amended by Order No. 22.3-57 of the Head of State
More informationIAEA Safety Standards for Research Reactors
Safety Standards for Research Reactors W. Kennedy Research Reactor Safety Section Division of Nuclear Installation Safety Yogyakarta, Indonesia 26/09/2013 International Atomic Energy Agency Contents Safety
More informationIAEA Safety Standards for Research Reactors
Safety Standards for Research Reactors David Sears Research Reactor Safety Section Division of Nuclear Installation Safety ANSN Workshop on Periodic Safety Review of RRs 2-6 December 2013, BAPETEN Training
More informationNuclear I&C Systems Safety. The Principles of Nuclear Safety for Instrumentation and Control Systems
Nuclear I&C Systems Safety The Principles of Nuclear Safety for Instrumentation and Control Systems Legal and Regulatory Framework Legal framework, regulatory bodies and main standards of Nuclear Power
More informationThe State System of Accounting and Control of Nuclear Material in Argentina and the Y2K Issue. Fernández Moreno, S. and Maceiras, E.
The State System of Accounting and Control of Nuclear Material in Argentina and the Y2K Issue Fernández Moreno, S. and Maceiras, E. Presentado en: International Seminar on Year 2000 (Y2K): Progress and
More information9. Verification, Validation, Testing
9. Verification, Validation, Testing (a) Basic Notions (b) Dynamic testing. (c) Static analysis. (d) Modelling. (e) Environmental Simulation. (f) Test Strategies. (g) Tool support. (h) Independent Verification
More informationSoftware qualification for digital safety system in KNICS project
Software qualification for digital safety system in KNICS project Kee-Choon Kwon, Dong-Young Lee, Jong-Gyun Choi Instrumentation & Control/Human Factors Division, Korea Atomic Energy Research Institute
More informationATOMEX Prague. I&C SYSTEMS ZAT a.s.
ATOMEX 25-26.10.2011 Prague I&C SYSTEMS ZAT a.s. CZECH REPUBLIC & NUCLEAR The Czech Republic is one of the European countries able to design, construct and safely operate nuclear power plants with the
More informationMinimum Throttling Feedwater Control in Vver-1000 and PWR NPPs
International Conference Nuclear Energy for New Europe 2004 Portorož Slovenia September 6-9 port2004@ijs.si www.drustvo-js.si/port2004 +386 1 588 5247, fax +386 1 561 2276 PORT2004, Nuclear Society of
More informationState Nuclear Regulatory Inspectorate of Ukraine Division of Nuclear Physics and Power Engineering at the National Academy of Sciences
State Nuclear Regulatory Inspectorate of Ukraine Division of Nuclear Physics and Power Engineering at the National Academy of Sciences of Ukraine State Enterprise State Scientific and Technical Center
More informationHUMAN FACTOR ENGINEERING APPLIED TO NUCLEAR POWER PLANT DESIGN
FR0200584 HUMAN FACTOR ENGINEERING APPLIED TO NUCLEAR POWER PLANT DESIGN A. Manrique BWR General Electric Business Manager J.C. Valdivia Operation Engineering Project Manager A. Jimenez Operation Engineering
More informationInnovative approach to implementation of FPGA-based NPP instrumentation and control systems
Innovative approach to implementation of FPGA-based NPP instrumentation and control systems ANDRASHOV Anton 1, KHARCHENKO Vyacheslav 2, SKLYAR Volodymir 3, and SIORA Alexander 4 1. Research and Production
More informationELECTROTECHNIQUE IEC INTERNATIONALE INTERNATIONAL ELECTROTECHNICAL
61508-1 IEC: 1997 1 Version 4.0 05/12/97 COMMISSION CEI ELECTROTECHNIQUE IEC INTERNATIONALE 61508-1 INTERNATIONAL ELECTROTECHNICAL COMMISSION Functional safety of electrical/electronic/ programmable electronic
More informationAssistance to Newcomer Countries Regulators. Russian Approach.
FEDERAL ENVIRONMENTAL, INDUSTRIAL AND NUCLEAR SUPERVISION SERVICE OF RUSSIA (ROSTECHNADZOR) Assistance to Newcomer Countries Regulators. Russian Approach. Alexey Utenkov Deputy Head of International Relations
More informationNORMATIVE BASE FOR CERTIFICATION OF MEASUREMENT PROVISION SOFTWARE
Measurement Techniques, Vol. 50, No. 4, 2007 We continue publication of articles from the most interesting papers of the 4th international seminar Mathematical, Statistical, and Computer Support for Measurement
More informationThis document is a preview generated by EVS
INTERNATIONAL STANDARD ISO/IEC/ IEEE 12207 First edition 2017-11 Systems and software engineering Software life cycle processes Ingénierie des systèmes et du logiciel Processus du cycle de vie du logiciel
More informationSystems and software engineering Software life cycle processes
INTERNATIONAL STANDARD ISO/IEC/ IEEE 12207 First edition 2017-11 Systems and software engineering Software life cycle processes Ingénierie des systèmes et du logiciel Processus du cycle de vie du logiciel
More informationCONVENTION ON NUCLEAR SAFETY REPORT BY URUGUAY
CONVENTION ON NUCLEAR SAFETY REPORT BY URUGUAY AUGUST 2016 Introduction This report gives an outline of the national policy, regulatory framework and emergency response in Uruguay. National Nuclear Policy
More informationBrief Summary of Last Lecture. Model checking of timed automata: general approach
Brief Summary of Last Lecture Formal verification Types: deductive (theorem proving) and algorithmic (model checking) ields proof that a (formal) specification is fulfilled Formalization of specs e.g.
More informationChapter 1. Software Engineering Supporting Processes
Chapter 1 Software Engineering Supporting Processes 1. Introduction to IEEE/EIA Standard 12207.0-1996 IEEE/EIA Standard 12207.0-1996 establishes a common framework for software life cycle processes. The
More informationOverview of the US Department of Energy Light Water Reactor Sustainability Program
Overview of the US Department of Energy Light Water Reactor Sustainability Program K. A. McCarthy a, D. L. Williams b, R. Reister c a b c Idaho National Laboratory, Idaho Falls, Idaho, USA Oak Ridge National
More informationFINDING THE BEST APPROACH FOR I&C MODELING IN THE PSA
FINDING THE BEST APPROACH FOR I&C MODELING IN THE PSA H. BRUNELIERE, C. LEROY, L. MICHAUD AREVA NP SAS La Défense, France N. SABRI AREVA NP Inc Malborough, United States of America P. OTTO AREVA NP GmbH
More informationPatent pending: PCT/FI2016/ ADLAS is a registered trademark of Fortum Oyj
This document contains proprietary information of Fortum Oyj. Such proprietary information may not be used, reproduced, or disclosed to any other parties for any other purpose without the expressed written
More informationThe innovation engine for the digitized world The New Style of IT
The innovation engine for the digitized world The New Style of IT New Style of IT supported by HP Software bernd.ludwig@hpe.com Copyright 2015 Hewlett-Packard Development Company, L.P. The information
More informationINTEGRATED MANAGEMENT SYSTEM
INTEGRATED MANAGEMENT SYSTEM Quality Environment Health&Safety CONTENT Company 4 Integrated management system. 5 Company organizational structure 6 Process control 7 Documentation 9 Control of documents
More informationPresentation: e-procurement operations in the Russian Federation
Presentation: e-procurement operations in the Russian Federation Maxim V.KIRYUSHIN Berlin, December 14, 2016 Procurement regulation in the Russian Federation Regulator Ministry of Economic Development
More informationFUNDAMENTALS OF SAFETY MANAGEMENT SYSTEMS IN NUCLEAR POWER PLANTS
FUNDAMENTALS OF SAFETY MANAGEMENT SYSTEMS IN NUCLEAR POWER PLANTS June 2004 CONTENTS 1 Preface 1 2 General 2 2.1 Aim of the 'Fundamentals' 2 2.2 Procedure for preparing the 'Fundamentals' 2 2.2.1 State
More informationJuha Halminen Teollisuuden Voima Oy Olkiluoto, Finland. Lic. Tech. Risto Nevalainen Finnish Software Measurement Association ry FiSMA Espoo, Finland
of safety critical systems for nuclear power plants using an integrated method TVO SWEP (Software evaluation procedure), based on SPICE and FMECA Juha Halminen Teollisuuden Voima Oy Olkiluoto, Finland
More informationIEC Functional Safety Assessment
IEC 61508 Functional Safety Assessment Project: Rosemount 5300 Series 4-20mA HART Guided Wave Radar Level and Interface Transmitter Device Label SW 2.A1 2.J0 Customer: Rosemount Tank Radar (an Emerson
More informationSafety Standards. of the Nuclear Safety Standards Commission (KTA) General Requirements for the Quality Assurance
Safety Standards of the Nuclear Safety Standards Commission (KTA) KTA 1401 (2017-11) General Requirements for the Quality Assurance (Allgemeine Anforderungen an die Qualitätssicherung) The previous versions
More informationAvailable online at ScienceDirect. Procedia Engineering 86 (2014 )
Available online at www.sciencedirect.com ScienceDirect Procedia Engineering 86 (2014 ) 308 314 1st International Conference on Structural Integrity, ICONS-2014 Guidelines for Integrity and Lifetime Assessment
More informationService Description for IP Implementation. Issue 1.0. Date
for IP Implementation Issue 1.0 Date 2012-11-01 for IP Implementation Contents 1 Overview... 3 1.1 Architecture... 3 2... 4 2.1 Engineering... 4 2.2 Supervision... 4 2.3 One-Off Support... 4 2.4 Details...
More informationSafety reassessment of WWR-K RR related to HEU/LEU conversion and feedback from accident at the Fukushima-Daiichi NPP
2017 IGORR Conference, 4 to 7 December 2017, Sydney, Australia, Safety reassessment of WWR-K RR related to HEU/LEU conversion and feedback from accident at the Fukushima-Daiichi NPP Murat Tulegenov Institute
More informationFUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER G: INSTRUMENTATION AND CONTROL
PAGE : 1 / 14 SUB CHAPTER G.6 I&C PROCEDURES AND TOOLS 1. STANDARD I&C SYSTEM This section describes the tools used for PAS/SAS (level 1 automation data) and MCP[PICS] (HMI) I&C programming. It includes
More informationIndustry 4.0 and basic principles of a new architecture for control of power plants processes
Industry 4.0 and basic principles of a new architecture for control of power plants processes Nikolay Amosov 1, Alexander Andryushin 2, Edik Arakelyan 2, and Anatoliy Kosoy 2 1 Peter the Great St. Petersburg
More informationAuthor: Potarin_A_E_1 doc, The Direction of Industrial Automation Direction, Phd, CJSC NVision group, Moscu, Russia
Author: Potarin_A_E_1 doc, The Direction of Industrial Automation Direction, Phd, CJSC NVision group, Moscu, Russia COMPREHENSIVE INDUSTRIAL ECOLOGICAL ENVIRONMENT MONITORING INFORMATION SYSTEM The problems
More informationCenterwide System Level Procedure
5.ARC.0004.1 1 of 17 REVISION HISTORY REV Description of Change Author Effective Date 0 Initial Release D. Tweten 7/17/98 1 Clarifications based on 7/98 DNV Audit and 6/98 Internal Audit (see DCR 98-028).
More informationThe specific tasks of RF TSO - FSUE VO Safety, related with Implementation of Obligations under the Convention on Nuclear Safety
The specific tasks of RF TSO - FSUE VO Safety, related with Implementation of Obligations under the Convention on Nuclear Safety V.Potapov, M.Kuznetsov, E.Kapralov FSUE VO Safety, Moscow, Russia Under
More informationNEW APPROACHES FOR FLOW-ACCELERATED CORROSION
NEW APPROACHES FOR FLOW-ACCELERATED CORROSION M. Bakirov a, H. Cheng b, V. Levchuk a, L. Selesnev a, A. Eremyn a IAEA-CN-155-052 a Centre of Materials Researches and Lifetime Management (CMSLM), Moscow,
More information(5) May carry out maintenance of the database (6) May carry out monitoring and organizing daily uploading of data and automatic issue of reports
Government of the Republic Regulation No. 92 of 8 November 2012 "Procedure for establishment of composition of posts of national authorities, classification of posts and procedure for classifying posts
More informationIEC Functional Safety Assessment
IEC 61508 Functional Safety Assessment Project: 3051S HART Advanced Diagnostics Pressure Transmitter, option code DA2 Customer: Rosemount Inc. (an Emerson Process Management company) Chanhassen, MN USA
More information康礼鸿. China Nuclear Control System Engineering Co., Ltd
Establishment and Application of ATE for FPGA-based RPS Kang Lihong 康礼鸿 China Nuclear Control System Engineering Co., Ltd 1 OUTLINE 1 2 Background RPS Testing methodology of FPGA 3 Automatic Test Equipment
More informationFormalization and assessment of regulatory requirements for safety-critical software
Innovations Syst Softw Eng (2006) 2:165 178 DOI 10.1007/s11334-006-0006-8 ORIGINAL PAPER Formalization and assessment of regulatory requirements for safety-critical software Sergiy A. Vilkomir Jonathan
More informationRegulatory Aspects of Spent Fuel Storage at Paks MVDS Facility
Regulatory Aspects of Spent Fuel Storage at Paks MVDS Facility Istvan Vegvari Hungarian Atomic Energy Authority (HAEA), Budapest, Hungary vegvari@haea.gov.hu Content 1. Introduction History Facility layout,
More informationReport. Certificate Z F-CM AS-i Safety for SIMATIC ET 200SP
Report to the Certificate Z10 16 07 38717 052 Safety Components F-CM AS-i Safety for SIMATIC ET 200SP Manufacturer: Siemens AG I IA CE Werner-von-Siemens-Straße 48 D-92220 Amberg Germany Revision 1.7 dated
More informationLecture 1. In practice, most large systems are developed using a. A software process model is an abstract representation
Chapter 2 Software Processes Lecture 1 Software process descriptions When we describe and discuss processes, we usually talk about the activities in these processes such as specifying a data model, designing
More informationMay 14, 2013 ORGANIZATION OF OPERATION AND POSSIBILITIES FOR STAFFING THE BELENE NPP
May 14, 2013 ORGANIZATION OF OPERATION AND POSSIBILITIES FOR STAFFING THE BELENE NPP CONDITIONS CONSIDERED DURING ORGANIZATIONAL STRUCTURE DEVELOPMENT Conditions taken into account during the development
More informationDesign of Instrumentation and Control Systems for Nuclear Power Plants
Date: 2014 March 21 IAEA SAFETY STANDARDS for protecting people and the environment Draft M Step 10 Addressing Member States for comments. Design of Instrumentation and Control Systems for Nuclear Power
More informationSAFETY CASE-ORIENTED ASSESSMENT OF HUMAN-MACHINE INTERFACE FOR NPP I&C SYSTEMS
SAFETY CASE-ORIENTED ASSESSMENT OF HUMAN-MACHINE INTERFACE FOR NPP I&C SYSTEMS A. Orekhova, V. Kharchenko National Aerospace University KhAI, Kharkiv, Ukraine e-mail: nastya.orehova@rambler.ru, V.Kharchenko@khai.edu
More informationAS9003A QUALITY MANUAL
Your Logo AS9003A QUALITY MANUAL Origination Date: (month/year) Document Identifier: Date: Document Status: Document Link: AS9003A Quality Manual Latest Revision Date Draft, Redline, Released, Obsolete
More informationCHAPTER 8 INTEGRATION OF QMS AND LMS
152 CHAPTER 8 INTEGRATION OF QMS AND 8.1 QUALITY MANAGEMENT SYSTEM There are various reasons for implementing a quality system that conforms to an ISO standard. The primary reason is that customers are
More informationChecklist for the assessment based on the standards
ISO & MDD & Checklist for the assessment based on the standards ISO :2016 ISO :2016 associate with EC Directive 93/42 EEC Where applicable EC Directive 93/42/EEC Annex II/V/VI Company: Audit date Auditor:
More informationTechnical Support Organization - Organization and Interfaces -
Technical Support Organization - Organization and Interfaces - IAEA Technical Meeting TM-45318 Vienna, 15-17 May, 2013 Scientific Secretary: A. N. Kilic What is TSO? TSO is an organization with the mission
More informationNew Safety Requirements Addressing Feedback From the Fukushima Daiichi Accident
New Safety Requirements Addressing Feedback From the Fukushima Daiichi Accident Alexander Sapozhnikov Federal Environmental, Industrial and Nuclear Supervision Service of Russia, 109147 Moscow, Taganskaya,
More informationNUCLEAR INSTRUMENTATION & CONTROL. Long term support solutions for Nuclear Instrumentation & Control
Long term support solutions for Nuclear Instrumentation & Control A wide range of services to support nuclear utilities Plant protection, control, supervision and monitoring relies on safety-critical I&C
More informationA Study on Information Construction in Tuha Oilfield
DOI: 10.7763/IPEDR. 2012. V49.2 1 A Study on Information Construction in Tuha Oilfield Jian Wang College of Computer Science,Yangtze University, Jingzhou 434023 kingsork@163.com Abstract This paper has
More informationDEEP REPOSITORY DEVELOPMENT IN THE SLOVAK REPUBLIC LEGISLATION BACKGROUND AND PRESENT STATUS
DEEP REPOSITORY DEVELOPMENT IN THE SLOVAK REPUBLIC LEGISLATION BACKGROUND AND PRESENT STATUS Ján TIMULÁK, Peter SALZER Decom Slovakia Ltd., TRNAVA, Slovak Republic ABSTRACT The Slovak Republic national
More informationService Description for Storage Implementation. Issue 1.0. Date
Service Description for Storage Implementation Issue 1.0 Date 2012-11-01 Contents 1 Service Overview... 3 1.1 Service Product Definition... 3 1.2 Service Architecture... 3 2 Service Description... 4 2.1
More informationQuality Assessment Method for Software Development Process Document based on Software Document Characteristics Metric
Quality Assessment Method for Software Development Process Document based on Software Document Characteristics Metric Patra Thitisathienkul, Nakornthip Prompoon Department of Computer Engineering Chulalongkorn
More informationDesign requirements for nuclear power plant electric, instrumentation and control systems and components
Hungarian Atomic Energy Authority Guideline 3.5 Design requirements for nuclear power plant electric, instrumentation and control systems Version: 2 2006 July Issued by: József Rónaky PhD, director-general
More informationPractice of application of models of modern systems of management at the State University of Management
Practice of application of models of modern systems of management at the State University of Management Zvonnikov V.I. - the pro-rector, PhD (pedagogic), the professor State University of Management. Nefedov
More informationSTATE NUCLEAR POWER SAFETY INSPECTORATE Of THE REPUBLIC OF LITHUANIA (VATESI) REGULATIONS
1 Translation from Russian STATE NUCLEAR POWER SAFETY INSPECTORATE Of THE REPUBLIC OF LITHUANIA (VATESI) REGULATIONS GENERAL REQUIREMENTS FOR THE EVENT REPORTING SYSTEM AT A NUCLEAR POWER PLANT VD-E-04-98
More informationInternal Control Policy of IDGC of Centre, JSC
APPROVED by the decision of the Board of Directors of IDGC of Centre on July 31, 2012 (Minutes # 19/12 of 03.08.2012) Internal Control Policy of IDGC of Centre, JSC (new edition) Moscow 2012 Table of contents
More informationDocument Preparation Profile (DPP)
Document Preparation Profile (DPP) 1. IDENTIFICATION Document Category: Safety Guide Working ID: DS 431 Proposed Title: Proposed Action: Design of I&C Systems for NPPs Combine and update NS-G-1.1 and NS-G-1.3
More informationImplementation of Digital Instrumentation and Control Systems (I&C) for Nuclear Power Plants (NPPs) using FPGA-technology: Benefits and Solutions
Implementation of Digital Instrumentation and Control Systems (I&C) for Nuclear Power Plants (NPPs) using FPGA-technology: Benefits and Solutions Anton Andrashov, Head of International Projects Division,
More informationBluePlant SCADA/HMI Software
BluePlant SCADA/HMI Software www.altus.com.br evolution in automation A new vision of your reality Impressive: high-quality graphics and intuitive configuration Superior: security, redundancy and high
More informationIAEA Procurement Engineering and Supply Chain Activities John Moore Division of Nuclear Power
IAEA Procurement Engineering and Supply Chain Activities John Moore Division of Nuclear Power j.h.moore@iaea.org Vienna, September 8-10, 2014 (Technical Meeting TM-47114) Topics IAEA documents related
More informationSpace Project Management
EUROPEAN COOPERATION FOR SPACE STANDARDIZATION Space Project Management Configuration Management Secretariat ESA ESTEC Requirements & Standards Division Noordwijk, The Netherlands Published by: Price:
More informationSkill Category 7. Quality Control Practices
Skill Category 7 Quality Control Practices Testing Concepts Developing Testing Methodologies Verification and Validation Methods Software Change Control Defect Management Process Management Processes CSQA
More informationAgent Based Reasoning in Multilevel Flow Modeling
ZHANG Xinxin *, and LIND Morten * *, Department of Electric Engineering, Technical University of Denmark, Kgs. Lyngby, DK-2800, Denmark (Email: xinz@elektro.dtu.dk and mli@elektro.dtu.dk) 1 Introduction
More informationWork Plan and IV&V Methodology
Work Plan and IV&V Methodology Technology initiatives and programs should engage with an IV&V process at the project planning phase in order to receive an unbiased, impartial view into the project planning,
More information11th International Workshop on the Application of FPGAs in Nuclear Power Plants
11th International Workshop on the Application of FPGAs in Nuclear Power Plants Case Study for Tailoring and Adapting IEEE Std 1012 Software Verification and Validation Requirements for FPGA Technology
More informationComments on Chapter IV Part I Controller and processor 25/08/2015 Page 1
Comments on Chapter IV Part I Controller and processor 25/08/2015 Page 1 Bitkom represents more than 2,300 companies in the digital sector, including 1,500 direct members. With more than 700,000 employees,
More informationSoftware Processes. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 4 Slide 1
Software Processes Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 4 Slide 1 Objectives To introduce software process models To describe three generic process models and when they may be
More informationFocus Area Level Report Including Knowledge and Skills, and Performance Indicators
Including Knowledge and Skills, and CSPB01.01 Identify and analyze customer software needs and requirements. CSPB01.01.01.00 Gather data to identify customer requirements. CSPB01.01.01.01 Gather information
More informationSoftware Development Life Cycle:
Software Development Life Cycle: The systems development life cycle (SDLC), also referred to as the application development life-cycle, is a term used in systems engineering, information systems and software
More informationA Model-Based Reference Workflow for the Development of Safety-Critical Software
A Model-Based Reference Workflow for the Development of Safety-Critical Software A. Michael Beine 1 1: dspace GmbH, Rathenaustraße 26, 33102 Paderborn Abstract: Model-based software development is increasingly
More informationEngineering & Projects Organization. Finding the best approach for I&C modeling in the PSA H. Brunelière 2 nd October p.1
Finding the best approach for I&C modeling in the PSA H. Brunelière 2 nd October 2012 - p.1 Finding the best approach for I&C modeling in the PSA H. Brunelière AREVA NP SAS PSA team Vienne, 2 nd October
More informationIntroduction to Process Safety
Introduction to Process Safety Dr. Angela Summers President SIS-TECH 26 October 2011, NICE Process Safety Focuses on preventing fires, explosions and chemical releases from chemical processes or other
More informationLOGISTICAL ASPECTS OF THE SOFTWARE TESTING PROCESS
LOGISTICAL ASPECTS OF THE SOFTWARE TESTING PROCESS Kazimierz Worwa* * Faculty of Cybernetics, Military University of Technology, Warsaw, 00-908, Poland, Email: kazimierz.worwa@wat.edu.pl Abstract The purpose
More informationConcept for a new research reactor in Ukraine
Concept for a new research reactor in Ukraine I.N. Vishnevsky, V.V. Davidovsky, E.U. Grinik, M.V. Lysenko, P.G. Litovchenko, Yu.N. Lobach, V.N. Makarovsky, V.N. Pavlovich, E.V.Svarichevskaya, V.V. Trishin,
More informationSafety in the Matrix. Siemens AG All rights reserved.
Safety in the Matrix Siemens innovative approach to functional safety helps meet the requirements of the oil and gas industry by maximizing safety while also ensuring high availability and reduced costs
More informationInformation Day on F4E-OFC-0905 Provision of Manufacturing Engineering Support for the Diagnostics Systems Technical Scope
Information Day on F4E-OFC-0905 Provision of Manufacturing Engineering Support for the Diagnostics Systems Technical Scope Sandra Julià Technical Project Officer April 18th 2018 Introduction ITER Diagnostics
More informationINSTRUMENTATION AND CONTROL ACTIVITIES AT THE ELECTRIC POWER RESEARCH INSTITUTE TO SUPPORT COMPUTERIZED SUPPORT SYSTEMS
INSTRUMENTATION AND CONTROL ACTIVITIES AT THE ELECTRIC POWER RESEARCH INSTITUTE TO SUPPORT COMPUTERIZED SUPPORT SYSTEMS J.NASER Electric Power Research Institute, Palo Alto, United States of America XA9643050
More informationLEARNING AND COMPETENCE MANAGEMENT SOLUTION
LEARNING AND COMPETENCE MANAGEMENT SOLUTION Janis Judrups, Uldis Zandbergs, Maksims Kazakovs Baltic Computer Academy Ltd. janis@bda.lv Abstract. The goal of the study was to develop a solution that would
More informationTechnical report. Type testing
Technical report of the Type testing of the Configuration Environment SIMATIC SLS with HMI Applicant Siemens AG Gleiwitzer Straße 555 D-90475 Nürnberg Germany Manufacturer Siemens AG Report no. Revision:
More informationISO /TS 29001:2010 SYSTEMKARAN ADVISER & INFORMATION CENTER SYSTEM KARAN ADVISER & INFORMATION CENTER
SYSTEM KARAN ADVISER & INFORMATION CENTER PETROLEUM, PETROCHEMICAL AND NATURAL GAS INDUSTRIES -- SECTOR-SPECIFIC QUALITY MANAGEMENT SYSTEMS -- REQUIREMENTS FOR PRODUCT AND SERVICE SUPPLY ORGANIZATIONS
More informationPART I REQUIREMENTS FOR ORGANIZATIONS THAT REQUIRE CERTIFICATION
FSSC 22000 Certification scheme for food safety systems in compliance with ISO 22000: 2005 and technical specifications for sector PRPs PART I REQUIREMENTS FOR ORGANIZATIONS THAT REQUIRE CERTIFICATION
More information