Modernizing approches to address common cause failure in digital instrumentation and control systems

Rossnyev Alvarado, Steven A. Arndt

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

As microprocessor-based safety systems were first introduced in nuclear power plants in the US in the 1980s, the U.S. Nuclear Regulatory Commission (NRC) recognized that digital instrumentation and control (DI&C) can provide advantages in reliability and functionality, but that it also creates the potential for a new vulnerability to a common cause failures (CCFs) among systems in which functions are performed by identical software executed in identical hardware. Specifically, the staff recognized that a latent, systemic fault in design or implementation of software could result in the concurrent failure of essential safety or compensating systems. The potential for pervasive and latent systemic faults resulting in a CCF could be more significant for DI&C systems because of increased resource sharing and the potential for unspecified interactions or unanalyzed conditions. In SECY-93-087, “Policy, Technical, and Licensing Issues Pertaining to Evolutionary and Advanced Light-Water Reactor (ALWR) Designs,” dated April 2, 1993 [1], the NRC staff identified policy, technical, and licensing issues pertaining to evolutionary and advanced light water reactor designs, one of which was defense against CCF in DI&C systems. The staff presented position recommendations for addressing the potential for CCFs in DI&C safety systems. In the Staff Requirements Memorandum (SRM) to SECY SECY-93-087 [2], the Commission approved, in part, and disapproved, in part, the staff's recommendation. The NRC staff implemented the Commission direction into staff guidance for the review of digital I&C systems in a Branch Technical Position (BTP) 7-19, “Guidance for Evaluation of Defense-in-Depth and Diversity in Digital Computer-Based Instrumentation and Control Systems,” [3] in the Standard Review Plan used for new digital systems for new reactors and operating reactors. In the SRM to SECY 16-0070 [4], “Integrated Strategy to Modernize the Nuclear Regulatory Commission's Digital Instrumentation and Control Regulatory Infrastructure”, dated October 25, 2016, the Commission approved implementation of the staff's integrated action plan (IAP) to modernize the NRC's digital instrumentation and control regulatory infrastructure. As part the work outlined in the IAP NRC staff has reviewed the current NRC position on defense against CCF in digital I&C systems. This paper outlines the high level principles the staff will be using to update the CCF guidance based on current Commission direction.

Original languageEnglish
Title of host publication11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
PublisherAmerican Nuclear Society
Pages983-992
Number of pages10
ISBN (Electronic)9780894487835
StatePublished - 2019
Externally publishedYes
Event11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019 - Orlando, United States
Duration: Feb 9 2019Feb 14 2019

Publication series

Name11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019

Conference

Conference11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC and HMIT 2019
Country/TerritoryUnited States
CityOrlando
Period02/9/1902/14/19

Keywords

  • Common cause failure
  • Defense-in-depth
  • Digital technology
  • Diversity
  • Instrumentation and control system
  • Software

Fingerprint

Dive into the research topics of 'Modernizing approches to address common cause failure in digital instrumentation and control systems'. Together they form a unique fingerprint.

Cite this