Licensing of safety critical software for nuclear reactors : Common position of international nuclear regulators and authorised technical support organisations
Bel V Bundesamt für kerntechnische Entsorgungssicherheit (BfE) Canadian Nuclear Safety Commission (CNSC) Consejo de Seguridad Nuclear (CSN) TÜV Rheinland ISTec GmbH – Institut für Sicherheitstechnologie (ISTec) Korea Atomic Energy Research Institute (KAERI) Korea Institute of Nuclear Safety (KINS) Nuclear and Radiation Safety Center (NSC) Office for Nuclear Regulation (ONR) Strålsäkerhetsmyndigheten (SSM) Swedish Radiation Safety Authority STUK – Radiation and Nuclear Safety Authority
29.05.2018
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Tiivistelmä
Executive Summary
Objectives
It is widely accepted that the assessment of software cannot be limited to verification and testing of the end product, ie the computer code. Other factors such as the quality of the processes and methods for specifying, designing and coding have an important impact on the implementation. Existing standards provide limited guidance on the regulatory and safety assessment of these factors. An undesirable consequence of this situation is that the licensing approaches taken by nuclear safety authorities and by technical support organisations are determined independently with only limited informal technical co-ordination and information exchange. It is notable that several software implementations of nuclear safety systems have been marred by costly delays caused by difficulties in co-ordinating the development and qualification process.
It was thus felt necessary to compare the respective licensing approaches, to identify where a consensus already exists, and to see how greater consistency and more mutual acceptance could be introduced into current practices. Within this comparison, the term software also includes firmware and microcode.
This document is the result of the work of a group of regulator and safety authorities’ experts. The 2007 version was completed at the invitation of the Western European Nuclear Regulators’ Association (WENRA). The major result of the work is the identification of consensus and common technical positions on a set of important licensing issues raised by the design and operation of computer based systems used in nuclear power plants for the implementation of safety functions. Although the motivating issues come from experience with nuclear power plants, the positions reflect good practice that will be applicable to other nuclear installations. The purpose is to introduce greater consistency and more mutual acceptance into current practices. To achieve these common positions, detailed consideration was paid to the licensing approaches followed in the different countries represented by the experts of the task force.
The report is intended to be useful:
– to coordinate regulators’ and safety experts’ technical viewpoints in licensing practices, or design and revision of guidelines;
– as a reference in safety cases and demonstrations of safety of software based systems;
– as guidance for manufacturers and major I&C suppliers on the international market.
Objectives
It is widely accepted that the assessment of software cannot be limited to verification and testing of the end product, ie the computer code. Other factors such as the quality of the processes and methods for specifying, designing and coding have an important impact on the implementation. Existing standards provide limited guidance on the regulatory and safety assessment of these factors. An undesirable consequence of this situation is that the licensing approaches taken by nuclear safety authorities and by technical support organisations are determined independently with only limited informal technical co-ordination and information exchange. It is notable that several software implementations of nuclear safety systems have been marred by costly delays caused by difficulties in co-ordinating the development and qualification process.
It was thus felt necessary to compare the respective licensing approaches, to identify where a consensus already exists, and to see how greater consistency and more mutual acceptance could be introduced into current practices. Within this comparison, the term software also includes firmware and microcode.
This document is the result of the work of a group of regulator and safety authorities’ experts. The 2007 version was completed at the invitation of the Western European Nuclear Regulators’ Association (WENRA). The major result of the work is the identification of consensus and common technical positions on a set of important licensing issues raised by the design and operation of computer based systems used in nuclear power plants for the implementation of safety functions. Although the motivating issues come from experience with nuclear power plants, the positions reflect good practice that will be applicable to other nuclear installations. The purpose is to introduce greater consistency and more mutual acceptance into current practices. To achieve these common positions, detailed consideration was paid to the licensing approaches followed in the different countries represented by the experts of the task force.
The report is intended to be useful:
– to coordinate regulators’ and safety experts’ technical viewpoints in licensing practices, or design and revision of guidelines;
– as a reference in safety cases and demonstrations of safety of software based systems;
– as guidance for manufacturers and major I&C suppliers on the international market.