Abstract
This paper is a summary of a study performed in support of the US Nuclear Regulatory Commission (NRC) to evaluate current policy on software common-cause failure (CCF). The study reported in this paper is one of several that contributed to the technical basis to inform NRC staff. The study first reviewed policies and assessment guidance as discussed in the Staff Requirements Memorandum to the Secretary of the Commission, Office of the NRC (SECY) 93-087, Policy, Technical, and Licensing Issues Pertaining to Evolutionary and Advanced Light Water Reactor (ALWR) Designs, and Branch Technical Position (BTP) 7-19, Guidance on Evaluation of Defense-in-Depth and Diversity in Digital Computer-Based Instrumentation and Control Systems, as well as Chapter 7, "Instrumentation and Controls," in NUREG-0800, Standard Review Plan for Review of Safety Analysis Reports for Nuclear Power Plants. The study then examined instrumentation and controls (I&C) technology implementations in nuclear power plants in the light of current CCF guidance. The intent was to assess whether the current position on CCF remains appropriate given the evolutions in digital safety system implementations and, if gaps in the guidance were found, to provide recommendations as to how these gaps could be closed. The methodology adopted was to review the vendors' technology and software implementation processes for digital safety systems as technology evolved. The following three representative safety systems were selected to provide illustrative examples: • Eagle 21 was selected to represent vintage microprocessor-based technology used from the 1980s to mid-1990s, • TELEPERM XS (TXS) was selected to represent second generation microprocessor-based technology used from the mid-1990s to the 2000s, and • The advanced logic system (ALS) was selected to represent the latest trend of using technology based on field programmable gate arrays (FPGAs). Technology implementations were reviewed in light of the basic premise of the NRC in BTP 7-19 (Revision 6), that software-based or software-logic-based digital system development errors are a credible source of CCF and therefore are susceptible to CCF because identical copies of the software-based logic and architecture are present in redundant divisions of safety-related systems. BTP 7-19 categorizes firmware and logic developed from software-based development systems all under software. This manuscript has been authored by UT-Battelle, LLC under Contract No. DE-AC05-00OR22725 with the U.S. Department of Energy. The United States Government retains and the publisher, by accepting the article for publication, acknowledges that the United States Government retains a non-exclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this manuscript, or allow others to do so, for United States Government purposes. The Department of Energy will provide public access to these results of federally sponsored research in accordance with the DOE Public Access Plan (http://energy.gov/downloads/doe-public-access-plan). Please ensure that funding programs and facilities are properly acknowledged. This helps DOE to track the impact of federally-supported research.
Original language | English |
---|---|
Title of host publication | 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2017 |
Publisher | American Nuclear Society |
Pages | 360-366 |
Number of pages | 7 |
ISBN (Electronic) | 9781510851160 |
State | Published - 2017 |
Event | 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2017 - San Francisco, United States Duration: Jun 11 2017 → Jun 15 2017 |
Publication series
Name | 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2017 |
---|---|
Volume | 1 |
Conference
Conference | 10th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2017 |
---|---|
Country/Territory | United States |
City | San Francisco |
Period | 06/11/17 → 06/15/17 |
Funding
This paper is a summary of work performed under contract with the U.S. Nuclear Regulatory Commission (NRC) Office of Nuclear Regulatory Research (NRR/DE/EICB). The authors acknowledge NRC project manager Rossnyev Alvarado and ORNL project manager Gary Mays for their guidance. This manuscript has been authored by UT-Battelle, LLC under Contract No. DE-AC05-00OR22725 with the U.S. Department of Energy. The United States Government retains and the publisher, by accepting the article for publication, acknowledges that the United States Government retains a non-exclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this manuscript, or allow others to do so, for United States Government purposes. The Department of Energy will provide public access to these results of federally sponsored research in accordance with the DOE Public Access Plan (http://energy.gov/downloads/doe-public-access-plan). Please ensure that funding programs and facilities are properly acknowledged. This helps DOE to track the impact of federally-supported research. See https://portal17.ornl.gov/pts/SitePages/Home.aspx for additional details.1