1 What is Safety Software? (cont) What is Safety Software? (cont) - - PDF document

1
SMART_READER_LITE
LIVE PREVIEW

1 What is Safety Software? (cont) What is Safety Software? (cont) - - PDF document

Oct 24, 2022 169 likes •213 views

Outline Outline Outline Background information on the drivers behind the New DOE Software Quality New DOE Software Quality New DOE Software Quality push for software quality assurance (SQA) Assurance Requirements and Assurance Requirements

slide-1
SLIDE 1

1

New DOE Software Quality Assurance Requirements and Implications for Meteorology and Consequence Assessment Software New DOE Software Quality New DOE Software Quality Assurance Requirements and Assurance Requirements and Implications for Meteorology and Implications for Meteorology and Consequence Assessment Consequence Assessment Software Software

Cliff Glantz Pacific Northwest National Laboratory cliff.glantz@pnl.gov 509.375.2166

2

Outline Outline Outline

Background information on the drivers behind the push for software quality assurance (SQA) What DOE is doing to address these drivers Definition of safety software The new DOE SQA Order and Guide SQA Work Activities and Levels defined in the Order and Guide The graded approach to SQA Implications for meteorological software New need for balance…

3

Background Info Background Info Background Info

Defense Nuclear Facility Safety Board (DNFSB) issued “Quality Assurance for Safety Related Software at Department

  • f Energy Defense

Nuclear Facilities” in January 2000 However, little progress was made in addressing issues raised by the DNFSB

4

Background Info (cont) Background Info (cont) Background Info (cont)

DNFSB issued Quality Assurance for Safety-Related Software released in September 2002 Calls for prompt actions in:

Defining SQA

responsibility and authority

Recommending computer

codes for safety analysis and design

Conducting research and

development

5

Implementation Plan for DNFSB Recommendation Implementation Plan for DNFSB Implementation Plan for DNFSB Recommendation Recommendation

DOE accepted the DNFSB Recommendation in November 2002 Issued Implementation Plan in March 2003 with 26 Commitments Completed QA Order and Safety Software Guide Scheduled for Release in July 2005

6

What is Safety Software? What is Safety Software? What is Safety Software?

  • 1. Software that performs a safety function as part of

a structure, system, or component at a a nuclear facility and is cited in either (a) a DOE approved documented safety analysis or (b) an approved hazard analysis

  • 2. Software that is used to classify, design, or

analyze nuclear facilities. This software is not part of a safety structure, system, or component (SSC) but helps to ensure the proper accident or hazards analysis of nuclear facilities or an SSC that performs a safety function.

slide-2
SLIDE 2

2

7

What is Safety Software? (cont) What is Safety Software? (cont) What is Safety Software? (cont)

  • 3. Software that meets one or more of the

following: performs a hazard control function in support

  • f nuclear facility or radiological safety

management program performs a control function necessary to provide adequate protection from nuclear facility or radiological hazards. supports eliminating, limiting, or mitigating nuclear hazards to workers, the public, or the environment as addressed in 10 CFR 830, 10 CFR 835, and the DEAR ISMS clause.

8

DOE O 414.C: The new DOE SQA Order DOE O 414.C: The new DOE SQA Order DOE O 414.C: The new DOE SQA Order

Calls for more rigor in software design, development, documentation, testing, configuration management, and maintenance. Requires the use of ASME NQA-1-2000 or other national or international consensus standards that provide an equivalent level of quality assurance requirements. Establishes grading levels for safety software. Requires the documentation of the grading levels in a Quality Assurance Plan. Calls for a graded approach for implementing ten software quality assurance work activities.

9

The Order’s Ten SQA Work Activities The Order’s Ten SQA Work Activities The Order’s Ten SQA Work Activities

1. Software project management 2. Software risk management 3. Software configuration management 4. Procurement and vendor management 5. Software requirements identification and management 6. Software design and implementation 7. Software safety design 8. Verification and validation 9. Problem reporting & corrective action

  • 10. Training of personnel in design, development,

use, and evaluation of safety software

10

DOE G 414.1-4: The SQA Guidance Document DOE G 414.1 DOE G 414.1-

  • 4: The SQA Guidance Document

4: The SQA Guidance Document Provides detail guidance on how to implement the 10 SQA work activities. Each work activity is described including sub- activities. Identifies grading based upon software source types and level of impact (Level A, B or C). Each work activity must be addressed. For impact Level B or C or a graded approach is allowed for some work activities. In many instances, optional implementation of sub-activities provides the grading.

11

Software is Level A if it Meets One of the Following: Software is Software is Level A Level A if it Meets One of the Following: if it Meets One of the Following:

Software failure that could compromise a limiting condition for operation. Software failure that could cause a reduction in the safety margin for a safety system. Software failure that could cause a reduction in the safety margin for other systems. Software failure that could result in non-conservative safety analysis, design, or misclassification of facilities.

12

Software is Level B if it Meets One of the Following: Software is Software is Level B Level B if it Meets One of the Following: if it Meets One of the Following:

Safety management databases used to aid in decision making whose failure could impact safety SSC

  • peration.

Software failure that could result in incorrect analysis, design, monitoring, alarming, or recording of hazardous exposures to workers or the public. Software failure that could comprise the defense in depth capability for the nuclear facility.

slide-3
SLIDE 3

3

13

Software is Level C if it Meets One of the Following: Software is Software is Level C Level C if it Meets One of the Following: if it Meets One of the Following:

Software failure that could cause a potential violation of regulatory permitting requirements. Software failure that could affect environment, safety, health monitoring or alarming systems. Software failure that could affect the safe operation of an SSC.

14

The SQA Guide’s Specified Software Types The SQA Guide’s Specified Software Types The SQA Guide’s Specified Software Types

  • 1. Custom developed
  • 2. Configurable
  • 3. Acquired
  • 4. Utility calculations
  • 5. Commercial design

& analysis

15

Graded Work Activities Guidance for Level A

n/a Full Full Full Full

Training

Full Grd Full Full Full

Problem Reporting

n/a Grd Full Full Full

Verification & Validation

n/a n/a Full Full Full

Safety

n/a Grd n/a Grd Full

Design & Implementation

Full Full Full Full Full

Requirements ID & Mng.

Full Full Full Full Full

Procurmnt & Supplier Mng.

Grd Grd Grd Grd Full

Configuration Management

n/a Full Full Full Full

Risk Management

n/a Grd Grd Full Full

Project Management

D&A Utility Acquired Config. Custom

Type of Software SQA Work Activity

16

Graded Work Activities Guidance for Level B

n/a Grd Grd Grd Grd

Training

Full Grd Full Full Full

Problem Reporting

n/a Grd Grd Grd Grd

Verification & Validation

n/a n/a Grd Grd Grd

Safety

n/a Grd n/a Grd Full

Design & Implementation

Full Full Full Full Full

Requirements ID & Mng.

Full Full Full Full Full

Procurmnt & Supplier Mng.

Grd Grd Grd Grd Full

Configuration Management

n/a Grd Grd Grd Grd

Risk Management

n/a Grd Grd Full Full

Project Management

D&A Utility Acquired Config. Custom

Type of Software SQA Work Activity

17

Graded Work Activities Guidance for Level C

n/a Grd Grd Grd Grd

Training

Grd Grd Grd Grd Full

Problem Reporting

n/a Grd Grd Grd Grd

Verification & Validation

n/a n/a Grd Grd Grd

Safety

n/a Grd n/a Grd Full

Design & Implementation

Full Full Full Full Full

Requirements ID & Mng.

Full Full Full Full Full

Procurmnt & Supplier Mng.

Grd Grd Grd Grd Grd

Configuration Management

n/a Grd Grd Grd Grd

Risk Management

n/a Grd Grd Grd Grd

Project Management

D&A Utility Acquired Config. Custom

Type of Software SQA Work Activity

18

Current Status of the New SQA Order and Guide Current Status of the New SQA Current Status of the New SQA Order and Guide Order and Guide

All major issues have been resolved among the key regulatory and review agencies -

  • including the Program

Secretarial Officer (PSO) and the DNFSB Issuance expected very soon (July) Kick off general information meeting (a video conference) will likely be held in July or August

slide-4
SLIDE 4

4

19

What Meteorology-Related Software Will be Covered by these New Requirements? What Meteorology What Meteorology-

  • Related Software Will

Related Software Will be Covered by these New Requirements? be Covered by these New Requirements?

The applicability of the new standards is not crystal clear – a lot of discretion will be given (at least initially) to those DOE staff responsible for SQA. Likely to be covered are: Consequence assessment models for safety planning/design and emergency response applications Software used to generate health and safety action levels Software used to generate data or products used directly or indirectly by decision makers to make decisions regarding health and safety.

20

A Caution -- Balance Needed… A Caution A Caution --

  • - Balance Needed…

Balance Needed…

SQA should never be the only criteria used to select a software tool. Technical quality and applicability to the problem must be of equal or greater importance. We cannot allow SQA requirements to stymie innovation and accuracy.

21

Summary Summary Summary

The new SQA Order and Guide include quality assurance practices that are based upon consensus standards The new Order requires use of ASME NQA-1-2000

  • r equivalent type of standard to guide SQA work

The Guide defines a graded approach for SQA The new Guide provides suggestions for implementing each of the 10 work activities Meteorological and consequence assessment modeling software will affected by the new Order and Guide.

22

For More Information… For More Information… For More Information…

Key EH Contacts:

Bud Danielson --

Bud.Danielson@eh.doe.gov

Debra Sparkman --

Debra.Sparkman@eh.doe.gov

Robert Loesch --

Robert.Loesch@eh.doe.gov To get the latest information on the Order and Guide – go to the DOE/EH’s SQA website

23

The DOE Environmental Safety and Health SQA Knowledge Portal is at http://www.eh.doe.gov/sqa The DOE Environmental Safety and Health The DOE Environmental Safety and Health SQA Knowledge Portal SQA Knowledge Portal is at is at h http://www.eh.doe.gov/sqa ttp://www.eh.doe.gov/sqa