Digital Instrumentation and Control Systems in Nuclear Power Plants Safety and Reliability Issues (1997) / Chapter Skim
Currently Skimming:
Pages 22-44
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 22... ...
Accordingly, the committee selected eight issues for study and worked on those issues. These eight issues address the two major intertwined themes associated with the use of digital instrumentation and control in nuclear power plants.
|
From page 23... ...
For the key strategic issues (the case-by-case licensing 23 procedure and adequacy of the technical infrastructure) the committee: Emphasizes guidance to implement a generically applicable framework for regulation that follows current USNRC practice and which in particular draws a distinction between major and minor safety modifications.
|
From page 24... ...
NPF-41, NPF-51, and NPF-74, Implementation Inspection for Anticipated Transients Without Scram (ATWS) Systems: Palo Verde Nuclear Generating Station Units 1, 2, and 3.
|
From page 25... ...
The eight issues separate into six technical issues and two strategic issues. The six technical issues are systems aspects 25 of digital I&C technology, software quality assurance, common-mode software failure potential, safety and reliability assessment methods, human factors and human-machine interfaces, and dedication of commercial off-the-shelf hardware and software.
|
From page 26... ...
This is a relatively new area for nuclear plants, particularly in safety system applications, but there is considerable industry activity and regulatory involvement. Finally, the committee turns to the two strategic issues, case-by-case licensing and adequacy of the technical infrastructure (discussed in Chapters 9 and 10~.
|
From page 27... ...
A transition was soon made to the so-called "supervisory control" architecture, in which minicomputers were used to transmit "supervisory" commands to analog controllers that performed continuous process regulation. Eventually, this transition led to today's modern multilayered architectures in which (a)
|
From page 28... ...
and Pradhan (1996~. These authors discuss DIGITAL INSTRUMENTATION AND CONTROL SYSTEMS IN NUCLEAR POWER PLANTS the design process in terms of the high-level function of problem definition, system requirements, and system partitioning.
|
From page 29... ...
advanced boiling-water reactor plant design being reviewed in the United States and, in fact, was used as a basis for developing many of the requirements contained in the Utility Requirements Document. DEVELOPM ENTS IN TH E FOREIG N NUCLEAR INDUSTRY There have been several other nuclear plants completed in the last few years that use completely digital-based I&C systems and represent significant digital I&C integration efforts.
|
From page 30... ...
The third level is the human-machine interface in the control room, which includes hardwired controls connected directly to the lowest possible level of the I&C system (Nucleonics Week, 1995~. The Canadian nuclear program led the world in the use of digital technology.
|
From page 31... ...
Technical problems seem to have been created by the lack of adequate capacity to process the mass of acquired reactor data with the original architecture (Nucleonics Week, 1991~. At Darlington, despite the high availability and safety record of the Canadian plants, the Canadian Atomic Energy Control Board undertook a more stringent review of the software engineering process and the operation of Darlington's first two units was delayed, with a resulting economic penalty on the utility.
|
From page 32... ...
Recommendations Recommendation 1. The USNRC should make a trial application of the proposed regulatory guidance documents on systems aspects to foreign nuclear plant digital systems, both existing and in progress.
|
From page 33... ...
. iAlthough this chapter covers software quality assurance, its conclusions apply to any technology requiring equivalent design effort, e.g., field programmable gate arrays (FPGAs)
|
From page 34... ...
Verification using formal methods involves the comparison of a more detailed description of a software system with the more abstract description of its properties. Verifying specific properties of programs using formal methods has proved to be very difficult (Gerhart and Yelowitz, 1976; Rushby and von Henke, 1991, 1993~.
|
From page 35... ...
and IEEE 74.3.2-1993, Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations (IEEE, 1993~. IEC 880 outlines the software development techniques to be used in the development of software for the shutdown systems of nuclear power plants.
|
From page 36... ...
As part of the SRP update process, the USNRC is developing regulatory guides to endorse (with possible exceptions) 10 industry software standards: IEEE 7-4.3.2-1993, Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations (an update of the 1982 version)
|
From page 37... ...
Representatives from several of the utilities mentioned that strong requirements analysis and configuration control were keys to producing high-quality software. The representatives noted that strong analysis requirements and configuration control should be applied to safety-critical software and nonsafety software, even though nuclear plant designs routinely separate the hardware and software so that nonsafety software does not run on the same computer as the safety-critical applications.
|
From page 38... ...
Both functional and random testing should be employed. Functional tests should be chosen to expose errors in normal and boundary cases, and measures of test coverage should be reported for them.
|
From page 39... ...
In response to USNRC review, FPL committed to follow the verification and validation program in IEEE 1012-1986, Standard for Software Verification and Validation Plans, and the guidelines in Regulatory Guide 1.152, which endorses ANSI/IEEE/ANS 7-4.3.2-1982, Application Criteria for Programmable Digital Computer Systems in Safety Systems of Nuclear Power Generating Stations. Additionally, the contractor responsible for developing and installing the load sequencer performed independent V&V of the PLCs and the load sequencer logic.
|
From page 40... ...
Finally, Ragheb notes that introducing modern digital I&C systems may not alleviate software quality assurance concerns. He points out: "Programmable logic controllers (PLCs)
|
From page 41... ...
· Functional tests can be chosen to expose errors in normal and boundary cases, and measures of test coverage can be reported for them. Testing based on large numbers of inputs randomly selected from the operational profiles of a program can be used to assess the likelihood that software will fail under specific operating conditions.
|
From page 42... ...
1993. IEEE Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations, IEEE Std 7-4.3.2-1993.
|
From page 43... ...
An example of functional diversity is the use of high reactor power to flow ratio to cause a reactor trip using control rods, and high coolant temperature to cause a reactor trip using
|
From page 44... ...
Design diversity is the use of two or more components with a different internal design but performing the same function. · Functional diversity is the use of two or more components to achieve different functions at the component level, although the functions may be related in terms of higher-level system requirements.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.