Software Quality Assurance for Nuclear Safety Systems
The US Department of Energy has undertaken an initiative to improve the quality of software used to design and operate their nuclear facilities across the United States. One aspect of this initiative is to revise or create new directives and guides associated with quality practices for the safety software in its nuclear facilities. Safety software includes the safety structures, systems, and components software and firmware, support software and design and analysis software used to ensure the safety of the facility. DOE nuclear facilities are unique when compared to commercial nuclear or other industrial activities in terms of the types and quantities of hazards that must be controlled to protect workers, public and the environment. Because of these differences, DOE must develop an approach to software quality assurance that ensures appropriate risk mitigation by developing a framework of requirements that accomplishes the following goals: {sm_bullet} Ensures the software processes developed to address nuclear safety in design, operation, construction and maintenance of its facilities are safe {sm_bullet} Considers the larger system that uses the software and its impacts {sm_bullet} Ensures that the software failures do not create unsafe conditions Software designers for nuclear systems and processes must reduce risks in software applications by incorporating processes that recognize, detect, and mitigate software failure in safety related systems. It must also ensure that fail safe modes and component testing are incorporated into software design. For nuclear facilities, the consideration of risk is not necessarily sufficient to ensure safety. Systematic evaluation, independent verification and system safety analysis must be considered for software design, implementation, and operation. The software industry primarily uses risk analysis to determine the appropriate level of rigor applied to software practices. This risk-based approach distinguishes safety-critical software and applies the highest level of rigor for those systems. DOE has further defined a risk approach to nuclear safety system software consistent with the analyses required for operation of nuclear facilities. This requires the grading of software in terms of safety class and safety significant structures, systems and components (SSCs). Safety-class SSCs are related to public safety where as safety-significant SSCs are identified for specific aspects of defense-in-depth and worker safety. Industry standards do not directly categorize nuclear safety software and DOE sites are not consistent in their approach to nuclear safety software quality assurance. DOE is establishing a more detailed graded approach for software associated with safety class and safety significant systems. This paper presents the process and results that DOE utilized to develop a detailed classification scheme for nuclear safety software.
- Research Organization:
- Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- W-7405-ENG-48
- OSTI ID:
- 15014175
- Report Number(s):
- UCRL-CONF-204216; TRN: US0802132
- Resource Relation:
- Conference: Presented at: International System Safety Conference, Providence, RI, United States, Aug 02 - Aug 06, 2004
- Country of Publication:
- United States
- Language:
- English
Similar Records
Regulatory and Licensing Strategy for Microreactor Technology
Occupational Safety and Health Program at the West Valley Demonstration Project